ToSHI - Towards Secure Heterogeneous Integration: Security Risks, Threat Assessment, and Assurance

The semiconductor industry is entering a new age in which device scaling and cost reduction will no longer follow the decades-long pattern. Packing more transistors on a monolithic IC at each node becomes more difficult and expensive. Companies in the semiconductor industry are increasingly seeking technological solutions to close the gap and enhance cost-performance while providing more functionality through integration. Putting all of the operations on a single chip (known as a system on a chip, or SoC) presents several issues, including increased prices and greater design complexity. Heterogeneous integration (HI), which uses advanced packaging technology to merge components that might be designed and manufactured independently using the best process technology, is an attractive alternative. However, although the industry is motivated to move towards HI, many design and security challenges must be addressed. This paper presents a three-tier security approach for secure heterogeneous integration by investigating supply chain security risks, threats, and vulnerabilities at the chiplet, interposer, and system-in-package levels. Furthermore, various possible trust validation methods and attack mitigation were proposed for every level of heterogeneous integration. Finally, we shared our vision as a roadmap toward developing security solutions for a secure heterogeneous integration

Demystifying Internet of Things Security

Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. The IoT presents unique challenges in implementing security and Intel has both CPU and Isolated Security Engine capabilities to simplify it. This book explores the challenges to secure these devices to make them immune to different threats originating from within and outside the network. The requirements and robustness rules to protect the assets vary greatly and there is no single blanket solution approach to implement security. Demystifying Internet of Things Security provides clarity to industry professionals and provides and overview of different security solutions What You'll Learn Secure devices, immunizing them against different threats originating from inside and outside the network Gather an overview of the different security building blocks available in Intel Architecture (IA) based IoT platforms Understand the threat pyramid, secure boot, chain of trust, and the software stack leading up to defense-in-depth Who This Book Is For Strategists, developers, architects, and managers in the embedded and Internet of Things (IoT) space trying to understand and implement the security in the IoT devices/platforms

Trust, legality and exceptionalism

Trust is uniquely human and foundation for human cooperation. Today, the Rule of Law is highly relevant to build trust. The current and growing competition between USA and China as two superpowers reduces trust. It is linked to efforts of superiority, especially visible in the sectors of technology, military, trade, research, education and international standard setting and - especially in the U.S. - substantiated with the claim of exceptionalism. This book looks at the concepts, cases and expression of exceptionalism in the current geopolitical context, in the USA and in different countries, which see themselves as exceptional with an exceptional mission. The book offers ethical benchmarks to build trust and to react to notions of exceptionalism

Strategies for low carbon buildings : Assessment of design options and the translation of design intent into performance in practice

To deliver low carbon buildings requires: a) Performance assessment and option appraisal; b) Industry process to translate selected options into low carbon performance in practice. This thesis aims to make some contribution in each of these two areas. Legislation such as the European Performance of Buildings Directive (EPBD) is stimulating the market to put forward many technical options for design or retrofit of low carbon buildings. The need is identified here for a low cost, EPBD compatible, simulation based, real time method for performance assessment and upgrade option appraisal to inform decisions for a range of users with various levels of technical knowledge. The hypothesis is advanced that such a method can be developed. An EPBD compatible, dynamic simulation based, real time, performance assessment and option appraisal method is then proposed and evaluated. A range of test applications and user groups are considered. Test applications include the generation of energy performance ratings based on a simple questionnaire. Other applications cover a range of individual building, policy or strategy contexts. A critical analysis is carried out of the applicability, scope and limitations of the method. The proposed method proved useful in a range of applications. For other applications some limitations were identified. How these can be addressed is discussed. The development and deployment examples are for a specific building stock but provide insights to enable replication for other situations. The research provides a foundation for further research and development. There is much evidence that selection of appropriate options is not sufficient to achieve low carbon performance. Many issues can lead to gaps between intended and actual performance. Problems are identified in the design and implementation of low carbon systems and controls. Problems include poor understanding, errors in implementation, and poor visibility of actual performance. The need for a method to address these problems is identified. The hypothesis is advanced that such a method can be developed. A Modular Control Mapping and Failure Mode Effect Analysis (FMEA) method is then proposed and evaluated for a range of test applications to buildings intended to be low carbon. The insights from the test applications are reviewed and the scope and limitations of the proposed method discussed. Overall the applications were successful and the useful application demonstrated. The method was deployed post-occupancy, then applicability at various stages of the design process was demonstrated by using concept and detailed design information. The modular control mapping and FMEA process proposed leverages in part the approach taken in industrial sectors identified as benchmarks by proponents of the Building Information Modelling (BIM) initiative. The potential application of further processes from BIM benchmark industry is discussed in the context of current buildings industry initiatives. The performance assessment and option appraisal method, the modular control mapping and FMEA method, and the outcomes from their evaluations are intended to contribute to the realisation of low carbon buildings in practice. The future integration of both methods within a BIM framework is proposed

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures comprise of many interconnected cyber and physical assets, and as such are large scale cyber-physical systems. Hence, the conventional approach of securing these infrastructures by addressing cyber security and physical security separately is no longer effective. Rather more integrated approaches that address the security of cyber and physical assets at the same time are required. This book presents integrated (i.e. cyber and physical) security approaches and technologies for the critical infrastructures that underpin our societies. Specifically, it introduces advanced techniques for threat detection, risk assessment and security information sharing, based on leading edge technologies like machine learning, security knowledge modelling, IoT security and distributed ledger infrastructures. Likewise, it presets how established security technologies like Security Information and Event Management (SIEM), pen-testing, vulnerability assessment and security data analytics can be used in the context of integrated Critical Infrastructure Protection. The novel methods and techniques of the book are exemplified in case studies involving critical infrastructures in four industrial sectors, namely finance, healthcare, energy and communications. The peculiarities of critical infrastructure protection in each one of these sectors is discussed and addressed based on sector-specific solutions. The advent of the fourth industrial revolution (Industry 4.0) is expected to increase the cyber-physical nature of critical infrastructures as well as their interconnection in the scope of sectorial and cross-sector value chains. Therefore, the demand for solutions that foster the interplay between cyber and physical security, and enable Cyber-Physical Threat Intelligence is likely to explode. In this book, we have shed light on the structure of such integrated security systems, as well as on the technologies that will underpin their operation. We hope that Security and Critical Infrastructure Protection stakeholders will find the book useful when planning their future security strategies

Responsible AI and Analytics for an Ethical and Inclusive Digitized Society

publishedVersio

Global Shipping Container Monitoring Using Machine Learning with Multi-Sensor Hubs and Catadioptric Imaging

We describe a framework for global shipping container monitoring using machine learning with multi-sensor hubs and infrared catadioptric imaging. A wireless mesh radio satellite tag architecture provides connectivity anywhere in the world which is a significant improvement to legacy methods. We discuss the design and testing of a low-cost long-wave infrared catadioptric imaging device and multi-sensor hub combination as an intelligent edge computing system that, when equipped with physics-based machine learning algorithms, can interpret the scene inside a shipping container to make efficient use of expensive communications bandwidth. The histogram of oriented gradients and T-channel (HOG+) feature as introduced for human detection on low-resolution infrared catadioptric images is shown to be effective for various mirror shapes designed to give wide volume coverage with controlled distortion. Initial results for through-metal communication with ultrasonic guided waves show promise using the Dynamic Wavelet Fingerprint Technique (DWFT) to identify Lamb waves in a complicated ultrasonic signal

Future of the Internet--and how to stop it

vi, 342 p. : ill. ; 25 cmLibro ElectrónicoOn January 9, 2007, Steve Jobs introduced the iPhone to an eager audience crammed into San Francisco’s Moscone Center.1 A beautiful and brilliantly engineered device, the iPhone blended three products into one: an iPod, with the highest-quality screen Apple had ever produced; a phone, with cleverly integrated functionality, such as voicemail that came wrapped as separately accessible messages; and a device to access the Internet, with a smart and elegant browser, and with built-in map, weather, stock, and e-mail capabilities. It was a technical and design triumph for Jobs, bringing the company into a market with an extraordinary potential for growth, and pushing the industry to a new level of competition in ways to connect us to each other and to the Web.Includes bibliographical references (p. 249-328) and index Acceso restringido a miembros del Consorcio de Bibliotecas Universitarias de Andalucía Electronic reproduction. Palo Alto, Calif. : ebrary, 2009 Modo de acceso : World Wide Webpt. 1. The rise and stall of the generative Net -- Battle of the boxes -- Battle of the networks -- Cybersecurity and the generative dilemma -- pt. 2. After the stall -- The generative pattern -- Tethered appliances, software as service, and perfect enforcement -- The lessons of Wikipedia -- pt. 3. Solutions -- Stopping the future of the Internet : stability on a generative Net -- Strategies for a generative future -- Meeting the risks of generativity : Privacy 2.0. Index32

Autonomous Exchanges: Human-Machine Autonomy in the Automated Media Economy

Contemporary discourses and representations of automation stress the impending “autonomy” of automated technologies. From pop culture depictions to corporate white papers, the notion of autonomous technologies tends to enliven dystopic fears about the threat to human autonomy or utopian potentials to help humans experience unrealized forms of autonomy. This project offers a more nuanced perspective, rejecting contemporary notions of automation as inevitably vanquishing or enhancing human autonomy. Through a discursive analysis of industrial “deep texts” that offer considerable insights into the material development of automated media technologies, I argue for contemporary automation to be understood as a field for the exchange of autonomy, a human-machine autonomy in which autonomy is exchanged as cultural and economic value. Human-machine autonomy is a shared condition among humans and intelligent machines shaped by economic, legal, and political paradigms with a stake in the cultural uses of automated media technologies. By understanding human-machine autonomy, this project illuminates complications of autonomy emerging from interactions with automated media technologies across a range of cultural contexts

Using US Artificial Intelligence to Fight Human Trafficking in Europe

editorial reviewedHuman trafficking is keeping pace with new technologies, but so is its repression. Nowadays, artificial intelligence (AI) systems support the daily work of law enforcement authorities in detecting and investigating trafficking schemes. These systems were developed, and are used primarily, in the United States of America (US). As the fight against human trafficking is a worldwide priority, they are often exported from the US or replicated. Yet, so far, little research has been done to examine how (US) policies and values might be embedded in these specific systems. This article argues that the spread of US tools using artificial intelligence to combat human trafficking hinders the autonomy of foreign States. Particularly in the European context, these tools might challenge national criminal sovereignty as well as Europe’s digital sovereignty. The article highlights the US policies surrounding human trafficking that are embedded in these AI systems (legal definition, political priorities and decisions) and the lack of adequate consideration of existing European standards. These are meant to protect human rights while developing and using AI systems, i.e. the protection of personal data and control over technical standards