Software Engineering Methods for the Internet of Things: A Comparative Review

Accessing different physical objects at any time from anywhere through wireless network heavily impacts the living style of societies worldwide nowadays. Thus, the Internet of Things has now become a hot emerging paradigm in computing environments. Issues like interoperability, software reusability, and platform independence of those physical objects are considered the main current challenges. This raises the need for appropriate software engineering approaches to develop effective and efficient IoT applications software. This paper studies the state of the art of design and development methodologies for IoT software. The aim is to study how proposed approaches have been solved issues of interoperability, reusability, and independence of the platform. A comparative study is presented for the different software engineering methods used for the Internet of Things. Finally, the key research gaps and open issues are highlighted as future directions

Modeling of Advanced Threat Actors: Characterization, Categorization and Detection

Tesis por compendio[ES] La información y los sistemas que la tratan son un activo a proteger para personas, organizaciones e incluso países enteros. Nuestra dependencia en las tecnologías de la información es cada día mayor, por lo que su seguridad es clave para nuestro bienestar. Los beneficios que estas tecnologías nos proporcionan son incuestionables, pero su uso también introduce riesgos que ligados a nuestra creciente dependencia de las mismas es necesario mitigar. Los actores hostiles avanzados se categorizan principalmente en grupos criminales que buscan un beneficio económico y en países cuyo objetivo es obtener superioridad en ámbitos estratégicos como el comercial o el militar. Estos actores explotan las tecnologías, y en particular el ciberespacio, para lograr sus objetivos. La presente tesis doctoral realiza aportaciones significativas a la caracterización de los actores hostiles avanzados y a la detección de sus actividades. El análisis de sus características es básico no sólo para conocer a estos actores y sus operaciones, sino para facilitar el despliegue de contramedidas que incrementen nuestra seguridad. La detección de dichas operaciones es el primer paso necesario para neutralizarlas, y por tanto para minimizar su impacto. En el ámbito de la caracterización, este trabajo profundiza en el análisis de las tácticas y técnicas de los actores. Dicho análisis siempre es necesario para una correcta detección de las actividades hostiles en el ciberespacio, pero en el caso de los actores avanzados, desde grupos criminales hasta estados, es obligatorio: sus actividades son sigilosas, ya que el éxito de las mismas se basa, en la mayor parte de casos, en no ser detectados por la víctima. En el ámbito de la detección, este trabajo identifica y justifica los requisitos clave para poder establecer una capacidad adecuada frente a los actores hostiles avanzados. Adicionalmente, proporciona las tácticas que deben ser implementadas en los Centros de Operaciones de Seguridad para optimizar sus capacidades de detección y respuesta. Debemos destacar que estas tácticas, estructuradas en forma de kill-chain, permiten no sólo dicha optimización, sino también una aproximación homogénea y estructurada común para todos los centros defensivos. En mi opinión, una de las bases de mi trabajo debe ser la aplicabilidad de los resultados. Por este motivo, el análisis de tácticas y técnicas de los actores de la amenaza está alineado con el principal marco de trabajo público para dicho análisis, MITRE ATT&CK. Los resultados y propuestas de esta investigación pueden ser directamente incluidos en dicho marco, mejorando así la caracterización de los actores hostiles y de sus actividades en el ciberespacio. Adicionalmente, las propuestas para mejorar la detección de dichas actividades son de aplicación directa tanto en los Centros de Operaciones de Seguridad actuales como en las tecnologías de detección más comunes en la industria. De esta forma, este trabajo mejora de forma significativa las capacidades de análisis y detección actuales, y por tanto mejora a su vez la neutralización de operaciones hostiles. Estas capacidades incrementan la seguridad global de todo tipo de organizaciones y, en definitiva, de nuestra sociedad.[CA] La informació i els sistemas que la tracten són un actiu a protegir per a persones, organitzacions i fins i tot països sencers. La nostra dependència en les tecnologies de la informació es cada dia major, i per aixó la nostra seguretat és clau per al nostre benestar. Els beneficis que aquestes tecnologies ens proporcionen són inqüestionables, però el seu ús també introdueix riscos que, lligats a la nostra creixent dependència de les mateixes és necessari mitigar. Els actors hostils avançats es categoritzen principalment en grups criminals que busquen un benefici econòmic i en països el objectiu dels quals és obtindre superioritat en àmbits estratègics, com ara el comercial o el militar. Aquests actors exploten les tecnologies, i en particular el ciberespai, per a aconseguir els seus objectius. La present tesi doctoral realitza aportacions significatives a la caracterització dels actors hostils avançats i a la detecció de les seves activitats. L'anàlisi de les seves característiques és bàsic no solament per a conéixer a aquests actors i les seves operacions, sinó per a facilitar el desplegament de contramesures que incrementen la nostra seguretat. La detección de aquestes operacions és el primer pas necessari per a netralitzar-les, i per tant, per a minimitzar el seu impacte. En l'àmbit de la caracterització, aquest treball aprofundeix en l'anàlisi de lestàctiques i tècniques dels actors. Aquesta anàlisi sempre és necessària per a una correcta detecció de les activitats hostils en el ciberespai, però en el cas dels actors avançats, des de grups criminals fins a estats, és obligatòria: les seves activitats són sigiloses, ja que l'éxit de les mateixes es basa, en la major part de casos, en no ser detectats per la víctima. En l'àmbit de la detecció, aquest treball identifica i justifica els requisits clau per a poder establir una capacitat adequada front als actors hostils avançats. Adicionalment, proporciona les tàctiques que han de ser implementades en els Centres d'Operacions de Seguretat per a optimitzar les seves capacitats de detecció i resposta. Hem de destacar que aquestes tàctiques, estructurades en forma de kill-chain, permiteixen no només aquesta optimització, sinò tambié una aproximació homogènia i estructurada comú per a tots els centres defensius. En la meva opinio, una de les bases del meu treball ha de ser l'aplicabilitat dels resultats. Per això, l'anàlisi de táctiques i tècniques dels actors de l'amenaça està alineada amb el principal marc públic de treball per a aquesta anàlisi, MITRE ATT&CK. Els resultats i propostes d'aquesta investigació poden ser directament inclosos en aquest marc, millorant així la caracterització dels actors hostils i les seves activitats en el ciberespai. Addicionalment, les propostes per a millorar la detecció d'aquestes activitats són d'aplicació directa tant als Centres d'Operacions de Seguretat actuals com en les tecnologies de detecció més comuns de la industria. D'aquesta forma, aquest treball millora de forma significativa les capacitats d'anàlisi i detecció actuals, i per tant millora alhora la neutralització d'operacions hostils. Aquestes capacitats incrementen la seguretat global de tot tipus d'organitzacions i, en definitiva, de la nostra societat.[EN] Information and its related technologies are a critical asset to protect for people, organizations and even whole countries. Our dependency on information technologies increases every day, so their security is a key issue for our wellness. The benefits that information technologies provide are questionless, but their usage also presents risks that, linked to our growing dependency on technologies, we must mitigate. Advanced threat actors are mainly categorized in criminal gangs, with an economic goal, and countries, whose goal is to gain superiority in strategic affairs such as commercial or military ones. These actors exploit technologies, particularly cyberspace, to achieve their goals. This PhD Thesis significantly contributes to advanced threat actors' categorization and to the detection of their hostile activities. The analysis of their features is a must not only to know better these actors and their operations, but also to ease the deployment of countermeasures that increase our security. The detection of these operations is a mandatory first step to neutralize them, so to minimize their impact. Regarding characterization, this work delves into the analysis of advanced threat actors' tactics and techniques. This analysis is always required for an accurate detection of hostile activities in cyberspace, but in the particular case of advances threat actors, from criminal gangs to nation-states, it is mandatory: their activities are stealthy, as their success in most cases relies on not being detected by the target. Regarding detection, this work identifies and justifies the key requirements to establish an accurate response capability to face advanced threat actors. In addition, this work defines the tactics to be deployed in Security Operations Centers to optimize their detection and response capabilities. It is important to highlight that these tactics, with a kill-chain arrangement, allow not only this optimization, but particularly a homogeneous and structured approach, common to all defensive centers. In my opinion, one of the main bases of my work must be the applicability of its results. For this reason, the analysis of threat actors' tactics and techniques is aligned with the main public framework for this analysis, MITRE ATT&CK. The results and proposals from this research can be directly included in this framework, improving the threat actors' characterization, as well as their cyberspace activities' one. In addition, the proposals to improve these activities' detection are directly applicable both in current Security Operations Centers and in common industry technologies. In this way, I consider that this work significantly improves current analysis and detection capabilities, and at the same time it improves hostile operations' neutralization. These capabilities increase global security for all kind of organizations and, definitely, for our whole society.Villalón Huerta, A. (2023). Modeling of Advanced Threat Actors: Characterization, Categorization and Detection [Tesis doctoral]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/193855Compendi

Harnessing Human Potential for Security Analytics

Humans are often considered the weakest link in cybersecurity. As a result, their potential has been continuously neglected. However, in recent years there is a contrasting development recognizing that humans can benefit the area of security analytics, especially in the case of security incidents that leave no technical traces. Therefore, the demand becomes apparent to see humans not only as a problem but also as part of the solution. In line with this shift in the perception of humans, the present dissertation pursues the research vision to evolve from a human-as-a-problem to a human-as-a-solution view in cybersecurity. A step in this direction is taken by exploring the research question of how humans can be integrated into security analytics to contribute to the improvement of the overall security posture. In addition to laying foundations in the field of security analytics, this question is approached from two directions. On the one hand, an approach in the context of the human-as-a-security-sensor paradigm is developed which harnesses the potential of security novices to detect security incidents while maintaining high data quality of human-provided information. On the other hand, contributions are made to better leverage the potential of security experts within a SOC. Besides elaborating the current state in research, a tool for determining the target state of a SOC in the form of a maturity model is developed. Based on this, the integration of security experts was improved by the innovative application of digital twins within SOCs. Accordingly, a framework is created that improves manual security analyses by simulating attacks within a digital twin. Furthermore, a cyber range was created, which offers a realistic training environment for security experts based on this digital twin

EVALUATING THE CYBER SECURITY IN THE INTERNET OF THINGS: SMART HOME VULNERABILITIES

The need for advanced cyber security measures and strategies is attributed to modern sophistication of cyber-attacks and intense media attention when attacks and breaches occur. In May 2014, a congressional report suggested that Americans used approximately 500 million Internet-capable devices at home, including, but not limited to Smartphones, tablets, and other Internet-connected devices, which run various unimpeded applications. Owing to this high level of connectivity, our home environment is not immune to the cyber-attack paradigm; rather, the home has evolved to become one of the most influenced markets where the Internet of Things has had extensive surfaces, vectors for attacks, and unanswered security concerns. Thus, the aim of the present research was to investigate behavioral heuristics of the Internet of Things by adopting an exploratory multiple case study approach. A controlled Internet of Things ecosystem was constructed consisting of real-life data observed during a typical life cycle of initial configuration and average use. The information obtained during the course of this study involved the systematic acquisition and analysis of Smart Home ecosystem link-layer protocol data units (PDUs). The methodology employed during this study involved a recursive multiple case study evaluation of the Smart Home ecosystem data-link layer PDUs and aligned the case studies to the existing Intrusion Kill Chain design model. The proposed solution emerging from the case studies builds the appropriate data collection template while concurrently developing a Security as a Service (SECaaS) capability to evaluate collected results

Assessing the technologies transforming the logistics Industry in Nelson Mandela Bay

Supply chain disruptions such as those emanating from the current Covid 19 pandemic have made the logistics industry to undergo fast and unprecedented change. In such unpredictable times, innovation and technology adoption has emerged as one of the major trends and key solutions to lead the way for the future of logistics. This is also because a successful and efficient logistics strategy requires the use of technology, as well as the strategic value derived from a firm's capacity. This in turn enables firms to recognise possibilities and challenges resulting from technological advancement in order to attain long-term competitiveness. The industry is implementing these technologies with caution in order to provide faster, cheaper, more dependable and long-term supply. This study sought to investigate whether Nelson Mandela Bay (NMB) is keeping up with the current logistics technology trends and systems that are transforming logistics firms in South Africa, the African continent and the rest of the world. To achieve this primary objective, the study also sought to achieve the following sub-objectives, namely: to identify the logistics technologies transforming logistics firms in NMB; to assess the role of logistics technologies affecting logistics firms in NMB. The study also sought to ascertain the challenges of using logistics technologies transforming the logistics firms in NMB; and examine the effect of logistics technology adoption and use on business performance of logistics firms in NMB. The study used an online closed-ended questionnaire distributed via google forms to collect primary data from a sample of 132 respondents across all the logistics firms (which consisted of warehousing, transport and packaging firms) in NMB. The study targeted those respondents involved in the management of the targeted logistics firms. The empirical results show that technology use in logistics firms has advanced a lot to vehicle tracking, packaging, inventory control, and communication systems, as well as robotics among logistics firms in NMB. The results also identified logistics technologies such as the Internet of Things, Robotic Process automation, Digital Supply Chain Twins, Vendor managed system and RFID as some of the major technologies currently transforming the logistics firms in NMB. The study found that many challenges exist with logistics technology adoption, and cited lack of investment towards logistics technology; the fear of iii losing jobs as people get replaced by technology such as machines and robots; high logistics costs as some of the major challenges. More so, the study results reveal that logistics technology adoption and use play a positive and significant role in logistics firms. The study further reports a significant and positive effect of logistics technology adoption and use on business performance of logistics firms. This study concludes that though still at infancy stage, logistics firms in NMB are keeping upbreast with the current logistics technological trends. The study suggests that firms need to speed up the adoption of the needed logistics technologies available to their respective business in order to remain efficient and effective.Thesis (MA) --Faculty of Business and Economic science, 202

Assessing the technologies transforming the logistics Industry in Nelson Mandela Bay

Supply chain disruptions such as those emanating from the current Covid 19 pandemic have made the logistics industry to undergo fast and unprecedented change. In such unpredictable times, innovation and technology adoption has emerged as one of the major trends and key solutions to lead the way for the future of logistics. This is also because a successful and efficient logistics strategy requires the use of technology, as well as the strategic value derived from a firm's capacity. This in turn enables firms to recognise possibilities and challenges resulting from technological advancement in order to attain long-term competitiveness. The industry is implementing these technologies with caution in order to provide faster, cheaper, more dependable and long-term supply. This study sought to investigate whether Nelson Mandela Bay (NMB) is keeping up with the current logistics technology trends and systems that are transforming logistics firms in South Africa, the African continent and the rest of the world. To achieve this primary objective, the study also sought to achieve the following sub-objectives, namely: to identify the logistics technologies transforming logistics firms in NMB; to assess the role of logistics technologies affecting logistics firms in NMB. The study also sought to ascertain the challenges of using logistics technologies transforming the logistics firms in NMB; and examine the effect of logistics technology adoption and use on business performance of logistics firms in NMB. The study used an online closed-ended questionnaire distributed via google forms to collect primary data from a sample of 132 respondents across all the logistics firms (which consisted of warehousing, transport and packaging firms) in NMB. The study targeted those respondents involved in the management of the targeted logistics firms. The empirical results show that technology use in logistics firms has advanced a lot to vehicle tracking, packaging, inventory control, and communication systems, as well as robotics among logistics firms in NMB. The results also identified logistics technologies such as the Internet of Things, Robotic Process automation, Digital Supply Chain Twins, Vendor managed system and RFID as some of the major technologies currently transforming the logistics firms in NMB. The study found that many challenges exist with logistics technology adoption, and cited lack of investment towards logistics technology; the fear of iii losing jobs as people get replaced by technology such as machines and robots; high logistics costs as some of the major challenges. More so, the study results reveal that logistics technology adoption and use play a positive and significant role in logistics firms. The study further reports a significant and positive effect of logistics technology adoption and use on business performance of logistics firms. This study concludes that though still at infancy stage, logistics firms in NMB are keeping upbreast with the current logistics technological trends. The study suggests that firms need to speed up the adoption of the needed logistics technologies available to their respective business in order to remain efficient and effective.Thesis (MA) --Faculty of Business and Economic science, 202

Usabilidade pedagógica: um fator determinante na adoção do e-Learning no ensino superior

O artigo que apresentamos neste simpósio doutoral surge no âmbito do Curso de Doutoramento em Educação, especialidade em Tecnologias de Informação e Comunicação na Educação, do Instituto de Educação da Universidade de Lisboa. O estudo tem como objetivo principal propor e testar um modelo que permita explicar a intenção comportamental dos docentes do Ensino Superior aquando da adoção e uso continuado das plataformas de e-Learning. Para o efeito procura-se compreender o contributo da usabilidade pedagógica como fator determinante no processo de adoção da tecnologia

Modelling of artificial intelligence based demand side management techniques for mitigating energy poverty in smart grids.

Doctoral degree. University of KwaZulu-Natal, Durban.This research work proposes an artificial intelligence (AI) based model for smart grid initiatives (for South Africa and by extension sub-Saharan Africa, (SSA)) and further incorporates energy justice principles. Spanning the social, technical, economic, environmental, policy and overall impact of smart and just electricity grids, this research begins by investigating declining electricity consumption and demand side management (DSM) potential across South Africa. In addition, technical frameworks such as the combined energy management system (CEMS), co-ordinated centralized energy management system (ConCEMS) and biased load manager home energy management system (BLM-HEMS) are modelled. These systems provide for the integration of all aspects of the electricity grid and their optimization in achieving cost reduction for both the utility and consumers as well as improvement in the consumers quality of life (QoL) and reduction of emissions. Policy and economy-wise, this research work further proposes and models an integrated electrification and expansion model (IEEM) for South Africa, and also addresses the issue of rural marginalization due to poor electricity access for off-grid communities. This is done by proposing a hybrid generation scheme (HGS) which is shown to satisfy sufficiently the requirements of the energy justice framework while significantly reducing the energy burden of households and reducing carbon emissions by over 70%