HOOD SENSOR MECHANISM ENHANCEMENT

• The Hood Sensor is designed to notify the user of any removal of the computer cover. • There’s a potential security risk on the Z2 G9 Mini hood sensor design. Hackers can cut the hood sensor cable without removing the computer cover to break the hood sensor security protection mechanism. • The disclosure enhances the hood sensor protection mechanism through hardware design or software solutions

Security in Wireless Sensor Networks: Issues and Challenges

Wireless Sensor Network (WSN) is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats. The intent of this paper is to investigate the security related issues and challenges in wireless sensor networks. We identify the security threats, review proposed security mechanisms for wireless sensor networks. We also discuss the holistic view of security for ensuring layered and robust security in wireless sensor networks.Comment: 6 page

Connected systems in smart cities: use-cases of integration of buildings information with smart systems

Realisation of smart cities is highly dependent on innovative connections between the deployed systems in the cities. This implies that successfully deployment of individual smart systems which meet citizens’ needs, is not sufficient to make a city smart. Indeed, the smart cities require to innovate and connect establish infrastructures for the citizens and organisations. To enable connected systems in smart cities, the possibilities to exchange and integration information between different systems is essential. Construction industry is one of the domains which owns huge amount of valuable information asset. Buildings information can be utilised to create initiatives associated with various domains like, urban and infrastructure planning, maintenance/facility management, and energy monitoring. However, there are some barriers to realise these initiatives. This paper introduces and elaborates the details about three use-cases which need to utilise buildings information to present innovative smart services. The three use cases are: 1) Energy Usage Monitoring for positive energy usage district areas in Smart Cities (a use case from River City-anonymous name of the city); 2) Services for Facility Management Industry (a use-case from Estates office in Quay University); 3) Safety & risk management for buildings in 3D Hack event in Dublin. Each use-case considers various stakeholders’ perspectives. Also they include elaborated details related to the barriers and challenges associated with utilisation and integration of buildings information. This paper concludes by the detailed barriers to benefit from valuable buildings information to create innovative smart services. Further, recommendations are provided to overcome the presented challenges

Trick or Heat? Manipulating Critical Temperature-Based Control Systems Using Rectification Attacks

Temperature sensing and control systems are widely used in the closed-loop control of critical processes such as maintaining the thermal stability of patients, or in alarm systems for detecting temperature-related hazards. However, the security of these systems has yet to be completely explored, leaving potential attack surfaces that can be exploited to take control over critical systems. In this paper we investigate the reliability of temperature-based control systems from a security and safety perspective. We show how unexpected consequences and safety risks can be induced by physical-level attacks on analog temperature sensing components. For instance, we demonstrate that an adversary could remotely manipulate the temperature sensor measurements of an infant incubator to cause potential safety issues, without tampering with the victim system or triggering automatic temperature alarms. This attack exploits the unintended rectification effect that can be induced in operational and instrumentation amplifiers to control the sensor output, tricking the internal control loop of the victim system to heat up or cool down. Furthermore, we show how the exploit of this hardware-level vulnerability could affect different classes of analog sensors that share similar signal conditioning processes. Our experimental results indicate that conventional defenses commonly deployed in these systems are not sufficient to mitigate the threat, so we propose a prototype design of a low-cost anomaly detector for critical applications to ensure the integrity of temperature sensor signals.Comment: Accepted at the ACM Conference on Computer and Communications Security (CCS), 201

Common Criteria Related Security Design Patterns for Intelligent Sensors—Knowledge Engineering-Based Implementation

Intelligent sensors experience security problems very similar to those inherent to other kinds of IT products or systems. The assurance for these products or systems creation methodologies, like Common Criteria (ISO/IEC 15408) can be used to improve the robustness of the sensor systems in high risk environments. The paper presents the background and results of the previous research on patterns-based security specifications and introduces a new ontological approach. The elaborated ontology and knowledge base were validated on the IT security development process dealing with the sensor example. The contribution of the paper concerns the application of the knowledge engineering methodology to the previously developed Common Criteria compliant and pattern-based method for intelligent sensor security development. The issue presented in the paper has a broader significance in terms that it can solve information security problems in many application domains

Attack Resilience and Recovery using Physical Challenge Response Authentication for Active Sensors Under Integrity Attacks

Embedded sensing systems are pervasively used in life- and security-critical systems such as those found in airplanes, automobiles, and healthcare. Traditional security mechanisms for these sensors focus on data encryption and other post-processing techniques, but the sensors themselves often remain vulnerable to attacks in the physical/analog domain. If an adversary manipulates a physical/analog signal prior to digitization, no amount of digital security mechanisms after the fact can help. Fortunately, nature imposes fundamental constraints on how these analog signals can behave. This work presents PyCRA, a physical challenge-response authentication scheme designed to protect active sensing systems against physical attacks occurring in the analog domain. PyCRA provides security for active sensors by continually challenging the surrounding environment via random but deliberate physical probes. By analyzing the responses to these probes, and by using the fact that the adversary cannot change the underlying laws of physics, we provide an authentication mechanism that not only detects malicious attacks but provides resilience against them. We demonstrate the effectiveness of PyCRA through several case studies using two sensing systems: (1) magnetic sensors like those found wheel speed sensors in robotics and automotive, and (2) commercial RFID tags used in many security-critical applications. Finally, we outline methods and theoretical proofs for further enhancing the resilience of PyCRA to active attacks by means of a confusion phase---a period of low signal to noise ratio that makes it more difficult for an attacker to correctly identify and respond to PyCRA's physical challenges. In doing so, we evaluate both the robustness and the limitations of PyCRA, concluding by outlining practical considerations as well as further applications for the proposed authentication mechanism.Comment: Shorter version appeared in ACM ACM Conference on Computer and Communications (CCS) 201