Combining behavioural types with security analysis

Today's software systems are highly distributed and interconnected, and they increasingly rely on communication to achieve their goals; due to their societal importance, security and trustworthiness are crucial aspects for the correctness of these systems. Behavioural types, which extend data types by describing also the structured behaviour of programs, are a widely studied approach to the enforcement of correctness properties in communicating systems. This paper offers a unified overview of proposals based on behavioural types which are aimed at the analysis of security properties

Techniques for the dynamic randomization of network attributes

Critical infrastructure control systems continue to foster predictable communication paths and static configurations that allow easy access to our networked critical infrastructure around the world. This makes them attractive and easy targets for cyber-attack. We have developed technologies that address these attack vectors by automatically reconfiguring network settings. Applying these protective measures will convert control systems into «moving targets» that proactively defend themselves against attack. This «Moving Target Defense» (MTD) revolves about the movement of network reconfiguration, securely communicating reconfiguration specifications to other network nodes as required, and ensuring that connectivity between nodes is uninterrupted. Software-defined Networking (SDN) is leveraged to meet many of these goals. Our MTD approach eliminates adversaries targeting known static attributes of network devices and systems, and consists of the following three techniques: (1) Network Randomization for TCP/UDP Ports; (2) Network Randomization for IP Addresses; (3) Network Randomization for Network Paths In this paper, we describe the implementation of the aforementioned technologies. We also discuss the individual and collective successes for the techniques, challenges for deployment, constraints and assumptions, and the performance implications for each technique

Cryptographic requirements for chaotic secure communications

In recent years, a great amount of secure communications systems based on chaotic synchronization have been published. Most of the proposed schemes fail to explain a number of features of fundamental importance to all cryptosystems, such as key definition, characterization, and generation. As a consequence, the proposed ciphers are difficult to realize in practice with a reasonable degree of security. Likewise, they are seldom accompanied by a security analysis. Thus, it is hard for the reader to have a hint about their security. In this work we provide a set of guidelines that every new cryptosystems would benefit from adhering to. The proposed guidelines address these two main gaps, i.e., correct key management and security analysis, to help new cryptosystems be presented in a more rigorous cryptographic way. Also some recommendations are offered regarding some practical aspects of communications, such as channel noise, limited bandwith, and attenuation.Comment: 13 pages, 3 figure

Email for communicating results of diagnostic medical investigations to patients

<p>Background: As medical care becomes more complex and the ability to test for conditions grows, pressure on healthcare providers to convey increasing volumes of test results to patients is driving investigation of alternative technological solutions for their delivery. This review addresses the use of email for communicating results of diagnostic medical investigations to patients.</p> <p>Objectives: To assess the effects of using email for communicating results of diagnostic medical investigations to patients, compared to SMS/ text messaging, telephone communication or usual care, on outcomes, including harms, for health professionals, patients and caregivers, and health services.</p> <p>Search methods: We searched: the Cochrane Consumers and Communication Review Group Specialised Register, Cochrane Central Register of Controlled Trials (CENTRAL, The Cochrane Library, Issue 1 2010), MEDLINE (OvidSP) (1950 to January 2010), EMBASE (OvidSP) (1980 to January 2010), PsycINFO (OvidSP) (1967 to January 2010), CINAHL (EbscoHOST) (1982 to February 2010), and ERIC (CSA) (1965 to January 2010). We searched grey literature: theses/dissertation repositories, trials registers and Google Scholar (searched July 2010). We used additional search methods: examining reference lists and contacting authors.</p> <p>Selection criteria: Randomised controlled trials, quasi-randomised trials, controlled before and after studies and interrupted time series studies of interventions using email for communicating results of any diagnostic medical investigations to patients, and taking the form of 1) unsecured email 2) secure email or 3) web messaging. All healthcare professionals, patients and caregivers in all settings were considered.</p> <p>Data collection and analysis: Two review authors independently assessed the titles and abstracts of retrieved citations. No studies were identified for inclusion. Consequently, no data collection or analysis was possible.</p> <p>Main results: No studies met the inclusion criteria, therefore there are no results to report on the use of email for communicating results of diagnostic medical investigations to patients.</p> <p>Authors' conclusions: In the absence of included studies, we can draw no conclusions on the effects of using email for communicating results of diagnostic medical investigations to patients, and thus no recommendations for practice can be stipulated. Further well-designed research should be conducted to inform practice and policy for communicating patient results via email, as this is a developing area.</p&gt

SEABASS: Symmetric-keychain Encryption and Authentication for Building Automation Systems

There is an increasing security risk in Building Automation Systems (BAS) in that its communication is unprotected, resulting in the adversary having the capability to inject spurious commands to the actuators to alter the behaviour of BAS. The communication between the Human-Machine-Interface (HMI) and the controller (PLC) is vulnerable as there is no secret key being used to protect the authenticity, confidentiality and integrity of the sensor data and commands. We propose SEABASS, a lightweight key management scheme to distribute and manage session keys between HMI and PLCs, providing a secure communication channel between any two communicating devices in BAS through a symmetric-key based hash-chain encryption and authentication of message exchange. Our scheme facilitates automatic renewal of session keys periodically based on the use of a reversed hash-chain. A prototype was implemented using the BACnet/IP communication protocol and the preliminary results show that the symmetric keychain approach is lightweight and incurs low latency

On M2M Micropayments : A Case Study of Electric Autonomous Vehicles

The proliferation of electric vehicles has spurred the research interest in technologies associated with it, for instance, batteries, and charging mechanisms. Moreover, the recent advancements in autonomous cars also encourage the enabling technologies to integrate and provide holistic applications. To this end, one key requirement for electric vehicles is to have an efficient, secure, and scalable infrastructure and framework for charging, billing, and auditing. However, the current manual charging systems for EVs may not be applicable to the autonomous cars that demand new, automatic, secure, efficient, and scalable billing and auditing mechanism. Owing to the distributed systems such as blockchain technology, in this paper, we propose a new charging and billing mechanism for electric vehicles that charge their batteries in a charging-on-the-move fashion. To meet the requirements of billing in electric vehicles, we leverage distributed ledger technology (DLT), a distributed peer-to-peer technology for micro-transactions. Our proof-of-concept implementation of the billing framework demonstrates the feasibility of such system in electric vehicles. It is also worth noting that the solution can easily be extended to the electric autonomous cars (EACs)

Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems

We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment aimed at fostering the collaboration between system designers and security experts at all methodological stages of the development of an embedded system. A central issue in the design of an embedded system is the definition of the hardware/software partitioning of the architecture of the system, which should take place as early as possible. SysML-Sec aims to extend the relevance of this analysis through the integration of security requirements and threats. In particular, we propose an agile methodology whose aim is to assess early on the impact of the security requirements and of the security mechanisms designed to satisfy them over the safety of the system. Security concerns are captured in a component-centric manner through existing SysML diagrams with only minimal extensions. After the requirements captured are derived into security and cryptographic mechanisms, security properties can be formally verified over this design. To perform the latter, model transformation techniques are implemented in the SysML-Sec toolchain in order to derive a ProVerif specification from the SysML models. An automotive firmware flashing procedure serves as a guiding example throughout our presentation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163