Towards Stabilization of Distributed Systems under Denial-of-Service

In this paper, we consider networked distributed systems in the presence of Denial-of-Service (DoS) attacks, namely attacks that prevent transmissions over the communication network. First, we consider a simple and typical scenario where communication sequence is purely Round-robin and we explicitly calculate a bound of attack frequency and duration, under which the interconnected large-scale system is asymptotically stable. Second, trading-off system resilience and communication load, we design a hybrid transmission strategy consisting of Zeno-free distributed event-triggered control and Round-robin. We show that with lower communication loads, the hybrid communication strategy enables the systems to have the same resilience as in pure Round-robin

Experimental open air quantum key distribution with a single photon source

We present a full implementation of a quantum key distribution (QKD) system with a single photon source, operating at night in open air. The single photon source at the heart of the functional and reliable setup relies on the pulsed excitation of a single nitrogen-vacancy color center in diamond nanocrystal. We tested the effect of attenuation on the polarized encoded photons for inferring longer distance performance of our system. For strong attenuation, the use of pure single photon states gives measurable advantage over systems relying on weak attenuated laser pulses. The results are in good agreement with theoretical models developed to assess QKD security

Secure Vehicular Communication Systems: Implementation, Performance, and Research Challenges

Vehicular Communication (VC) systems are on the verge of practical deployment. Nonetheless, their security and privacy protection is one of the problems that have been addressed only recently. In order to show the feasibility of secure VC, certain implementations are required. In [1] we discuss the design of a VC security system that has emerged as a result of the European SeVeCom project. In this second paper, we discuss various issues related to the implementation and deployment aspects of secure VC systems. Moreover, we provide an outlook on open security research issues that will arise as VC systems develop from today's simple prototypes to full-fledged systems

A UML-based static verification framework for security

Secure software engineering is a new research area that has been proposed to address security issues during the development of software systems. This new area of research advocates that security characteristics should be considered from the early stages of the software development life cycle and should not be added as another layer in the system on an ad-hoc basis after the system is built. In this paper, we describe a UML-based Static Verification Framework (USVF) to support the design and verification of secure software systems in early stages of the software development life-cycle taking into consideration security and general requirements of the software system. USVF performs static verification on UML models consisting of UML class and state machine diagrams extended by an action language. We present an operational semantics of UML models, define a property specification language designed to reason about temporal and general properties of UML state machines using the semantic domains of the former, and implement the model checking process by translating models and properties into Promela, the input language of the SPIN model checker. We show that the methodology can be applied to the verification of security properties by representing the main aspects of security, namely availability, integrity and confidentiality, in the USVF property specification language

Self-triggered Coordination over a Shared Network under Denial-of-Service

The issue of security has become ever more prevalent in the analysis and design of cyber-physical systems. In this paper, we analyze a consensus network in the presence of Denial-of-Service (DoS) attacks, namely attacks that prevent communication among the network agents. By introducing a notion of Persistency-of-Communication (PoC), we provide a characterization of DoS frequency and duration such that consensus is not destroyed. An example is given to substantiate the analysis

Towards self-protecting ubiquitous systems : monitoring trust-based interactions

The requirement for spontaneous interaction in ubiquitous computing creates security issues over and above those present in other areas of computing, deeming traditional approaches ineffective. As a result, to support secure collaborations entities must implement self-protective measures. Trust management is a solution well suited to this task as reasoning about future interactions is based on the outcome of past ones. This requires monitoring of interactions as they take place. Such monitoring also allows us to take corrective action when interactions are proceeding unsatisfactorily. In this vein, we first present a trust-based model of interaction based on event structures. We then describe our ongoing work in the development of a monitor architecture which enables self-protective actions to be carried out at critical points during principal interaction. Finally, we discuss some potential directions for future work