9,293 research outputs found

    A Survey on Forensics and Compliance Auditing for Critical Infrastructure Protection

    Get PDF
    The broadening dependency and reliance that modern societies have on essential services provided by Critical Infrastructures is increasing the relevance of their trustworthiness. However, Critical Infrastructures are attractive targets for cyberattacks, due to the potential for considerable impact, not just at the economic level but also in terms of physical damage and even loss of human life. Complementing traditional security mechanisms, forensics and compliance audit processes play an important role in ensuring Critical Infrastructure trustworthiness. Compliance auditing contributes to checking if security measures are in place and compliant with standards and internal policies. Forensics assist the investigation of past security incidents. Since these two areas significantly overlap, in terms of data sources, tools and techniques, they can be merged into unified Forensics and Compliance Auditing (FCA) frameworks. In this paper, we survey the latest developments, methodologies, challenges, and solutions addressing forensics and compliance auditing in the scope of Critical Infrastructure Protection. This survey focuses on relevant contributions, capable of tackling the requirements imposed by massively distributed and complex Industrial Automation and Control Systems, in terms of handling large volumes of heterogeneous data (that can be noisy, ambiguous, and redundant) for analytic purposes, with adequate performance and reliability. The achieved results produced a taxonomy in the field of FCA whose key categories denote the relevant topics in the literature. Also, the collected knowledge resulted in the establishment of a reference FCA architecture, proposed as a generic template for a converged platform. These results are intended to guide future research on forensics and compliance auditing for Critical Infrastructure Protection.info:eu-repo/semantics/publishedVersio

    Natural and Technological Hazards in Urban Areas

    Get PDF
    Natural hazard events and technological accidents are separate causes of environmental impacts. Natural hazards are physical phenomena active in geological times, whereas technological hazards result from actions or facilities created by humans. In our time, combined natural and man-made hazards have been induced. Overpopulation and urban development in areas prone to natural hazards increase the impact of natural disasters worldwide. Additionally, urban areas are frequently characterized by intense industrial activity and rapid, poorly planned growth that threatens the environment and degrades the quality of life. Therefore, proper urban planning is crucial to minimize fatalities and reduce the environmental and economic impacts that accompany both natural and technological hazardous events

    Challenges in the Design and Implementation of IoT Testbeds in Smart-Cities : A Systematic Review

    Get PDF
    Advancements in wireless communication and the increased accessibility to low-cost sensing and data processing IoT technologies have increased the research and development of urban monitoring systems. Most smart city research projects rely on deploying proprietary IoT testbeds for indoor and outdoor data collection. Such testbeds typically rely on a three-tier architecture composed of the Endpoint, the Edge, and the Cloud. Managing the system's operation whilst considering the security and privacy challenges that emerge, such as data privacy controls, network security, and security updates on the devices, is challenging. This work presents a systematic study of the challenges of developing, deploying and managing urban monitoring testbeds, as experienced in a series of urban monitoring research projects, followed by an analysis of the relevant literature. By identifying the challenges in the various projects and organising them under the V-model development lifecycle levels, we provide a reference guide for future projects. Understanding the challenges early on will facilitate current and future smart-cities IoT research projects to reduce implementation time and deliver secure and resilient testbeds

    Beam scanning by liquid-crystal biasing in a modified SIW structure

    Get PDF
    A fixed-frequency beam-scanning 1D antenna based on Liquid Crystals (LCs) is designed for application in 2D scanning with lateral alignment. The 2D array environment imposes full decoupling of adjacent 1D antennas, which often conflicts with the LC requirement of DC biasing: the proposed design accommodates both. The LC medium is placed inside a Substrate Integrated Waveguide (SIW) modified to work as a Groove Gap Waveguide, with radiating slots etched on the upper broad wall, that radiates as a Leaky-Wave Antenna (LWA). This allows effective application of the DC bias voltage needed for tuning the LCs. At the same time, the RF field remains laterally confined, enabling the possibility to lay several antennas in parallel and achieve 2D beam scanning. The design is validated by simulation employing the actual properties of a commercial LC medium

    The influence of culture and religion on the capital structure of SME – A pan European quantitative research

    Get PDF
    Diferentes teorías financieras han tratado de explicar la estructura de capital de las empresas considerándola como una elección racional con resultados limitados. Por el contrario, la teoría de las élites directivas destaca la influencia de los valores y creencias de los altos directivos en las decisiones de las empresas y la teoría institucional complementa esta visión con el papel de los valores y normas institucionales en las decisiones y opciones financieras. Nuestra investigación analiza la influencia de los valores culturales y la pertenencia a una religión en la explicación de por qué las PYMEs difieren en sus preferencias financieras, con el objetivo de enriquecer las teorías racionales del área financiera con la propuesta de la teoría de las élites directivas y la teoría institucional. Por lo tanto, el presente estudio utiliza el marco cultural de Hofstede (2021) y datos de pertenencia al cristianismo de 24 países europeos -y de las dos principales religiones cristianas- para analizar su impacto en la estructura de capital, específicamente en sus preferencias entre capital y pasivo. Además, analiza el impacto de la cultura y la religión en el comportamiento de asunción de riesgos de las PYMEs. A través de una base de datos de 27.778 pymes manufactureras de 24 países de la UE con información financiera de 2015-2019 y utilizando análisis multinivel, encontramos evidencia de que la cultura y la religión influyen en la elección de la estructura de capital en las pymes y afectan su comportamiento de toma de riesgos. Sin embargo, y en contraste con varios investigadores anteriores, que encuentran una fuerte relación entre la cultura, la religión y el comportamiento financiero de las empresas, nuestros resultados muestran un efecto de la cultura y la religión en la dirección prevista, pero, de pequeño tamaño.Different finance theories have tried to explain the capital structure of companies considering it as a rational choice with limited results. In contrast, upper echelons theory highlights the influence of top managers’ values and beliefs in the decisions of firms and the institutional theory complements this vision with the role of institutional values and norms in financial decisions and options. The research looks into the influence of cultural values and religious belonging in explaining why SMEs differ in their financial preferences aiming to fill the gap between rational finance theories and upper echelons proposal. Therefore, the present study uses the cultural framework from Hofstede (2021) and Christian belonging data from 24 European Countries and the two main Christian faiths to analyze their impact on the capital structure, specifically in their preferences between equity and liabilities. Furthermore, this study looks into the SME’s risk-taking behavior and the cultural and religious impact on this issue. Through a database of 27.778 manufacturing SMEs from 24 countries of EU with financial information from 2015-2019 and using multilevel analysis, this study finds evidence that culture and religion influences the choice of capital within SMEs and impacts their risk-taking behavior. However, and in contrast to various previous researchers, who find a strong relationship between culture and religion and financial behavior within firms, the results show a very low size effect of culture and religion on the predicting directions of financial behavior

    ОГЛЯД РІШЕНЬ З АПАРАТНОЇ БЕЗПЕКИ КІНЦЕВИХ ПРИСТРОЇВ ТУМАННИХ ОБЧИСЛЕНЬ У ІНТЕРНЕТІ РЕЧЕЙ

    Get PDF
    Предметом дослідження є можливі засоби підвищення апаратної безпеки кінцевих пристроїв туманних обчислень в мережах Інтернету речей (ІоТ), популярність якого щороку стрімко зростає та потребує високого рівня захищеності від усіх типів атак. Метою роботи є огляд доступних готових комерційних продуктів та/або концептуальних апаратних рішень для захисту бюджетних пристроїв у мережах Інтернету речей на основі туманних технологій. Для досягнення поставленої мети виконано такі завдання: запропоновано концепцію туманних обчислень та визначено переваги, які вона надає мережам IoT; розглянуто кіберзагрози та апаратні атаки на мережі ІоТ; описано наслідки використання мереж Інтернету речей на основі туманних обчислень; розглянуто апаратні засоби безпеки, такі як TRM, PUF, HSM тощо. Для вирішення завдань використано такі методи дослідження, як: теоретичний аналіз літературних джерел; порівняльний аналіз хмарних, туманних і мобільних обчислень; аналіз наявних апаратних засобів безпеки. Здобуто такі результати: туманні обчислення можна розглядати як шлюз між хмарними обчисленнями та Інтернетом речей; вони мають більшість із переваг хмарних обчислень, крім того, додатково дають змогу обробляти дані на кінцевих пристроях, не навантажуючи центральний сервер. Висновки: безпека апаратного забезпечення в системах Інтернету речей не менш важлива, ніж програмна безпека. Особливо вагомо це питання постає для систем на основі туманних обчислень, де дані оброблятимуться на периферії, без передачі в хмару. Для підвищення рівня апаратної безпеки пристроїв туманних обчислень пропонується використовувати стандартні апаратні платформи безпеки, такі як: фізично неклоновані функції, апаратний модуль безпеки, система на кристалі тощо. Апаратні компоненти системи, що застосовують туманні обчислення, менш схильні до кібератак, зломів, вторгнень чи маніпуляцій

    Towards addressing training data scarcity challenge in emerging radio access networks: a survey and framework

    Get PDF
    The future of cellular networks is contingent on artificial intelligence (AI) based automation, particularly for radio access network (RAN) operation, optimization, and troubleshooting. To achieve such zero-touch automation, a myriad of AI-based solutions are being proposed in literature to leverage AI for modeling and optimizing network behavior to achieve the zero-touch automation goal. However, to work reliably, AI based automation, requires a deluge of training data. Consequently, the success of the proposed AI solutions is limited by a fundamental challenge faced by cellular network research community: scarcity of the training data. In this paper, we present an extensive review of classic and emerging techniques to address this challenge. We first identify the common data types in RAN and their known use-cases. We then present a taxonomized survey of techniques used in literature to address training data scarcity for various data types. This is followed by a framework to address the training data scarcity. The proposed framework builds on available information and combination of techniques including interpolation, domain-knowledge based, generative adversarial neural networks, transfer learning, autoencoders, fewshot learning, simulators and testbeds. Potential new techniques to enrich scarce data in cellular networks are also proposed, such as by matrix completion theory, and domain knowledge-based techniques leveraging different types of network geometries and network parameters. In addition, an overview of state-of-the art simulators and testbeds is also presented to make readers aware of current and emerging platforms to access real data in order to overcome the data scarcity challenge. The extensive survey of training data scarcity addressing techniques combined with proposed framework to select a suitable technique for given type of data, can assist researchers and network operators in choosing the appropriate methods to overcome the data scarcity challenge in leveraging AI to radio access network automation

    Toward Open Integrated Access and Backhaul with O-RAN

    Get PDF
    Millimeter wave (mmWave) communications has been recently standardized for use in the fifth generation (5G) of cellular networks, fulfilling the promise of multi-gigabit mobile throughput of current and future mobile radio network generations. In this context, the network densification required to overcome the difficult mmWave propagation will result in increased deployment costs. Integrated Access and Backhaul (IAB) has been proposed as an effective mean of reducing densification costs by deploying a wireless mesh network of base stations, where backhaul and access transmissions share the same radio technology. However, IAB requires sophisticated control mechanisms to operate efficiently and address the increased complexity. The Open Radio Access Network (RAN) paradigm represents the ideal enabler of RAN intelligent control, but its current specifications are not compatible with IAB. In this work, we discuss the challenges of integrating IAB into the Open RAN ecosystem, detailing the required architectural extensions that will enable dynamic control of 5G IAB networks. We implement the proposed integrated architecture into the first publiclyavailable Open-RAN-enabled experimental framework, which allows prototyping and testing Open-RAN-based solutions over end-to-end 5G IAB networks. Finally, we validate the framework with both ideal and realistic deployment scenarios exploiting the large-scale testing capabilities of publicly available experimental platforms
    corecore