6,366 research outputs found
Secure Vehicular Communication Systems: Implementation, Performance, and Research Challenges
Vehicular Communication (VC) systems are on the verge of practical
deployment. Nonetheless, their security and privacy protection is one of the
problems that have been addressed only recently. In order to show the
feasibility of secure VC, certain implementations are required. In [1] we
discuss the design of a VC security system that has emerged as a result of the
European SeVeCom project. In this second paper, we discuss various issues
related to the implementation and deployment aspects of secure VC systems.
Moreover, we provide an outlook on open security research issues that will
arise as VC systems develop from today's simple prototypes to full-fledged
systems
Security for the Industrial IoT: The Case for Information-Centric Networking
Industrial production plants traditionally include sensors for monitoring or
documenting processes, and actuators for enabling corrective actions in cases
of misconfigurations, failures, or dangerous events. With the advent of the
IoT, embedded controllers link these `things' to local networks that often are
of low power wireless kind, and are interconnected via gateways to some cloud
from the global Internet. Inter-networked sensors and actuators in the
industrial IoT form a critical subsystem while frequently operating under harsh
conditions. It is currently under debate how to approach inter-networking of
critical industrial components in a safe and secure manner.
In this paper, we analyze the potentials of ICN for providing a secure and
robust networking solution for constrained controllers in industrial safety
systems. We showcase hazardous gas sensing in widespread industrial
environments, such as refineries, and compare with IP-based approaches such as
CoAP and MQTT. Our findings indicate that the content-centric security model,
as well as enhanced DoS resistance are important arguments for deploying
Information Centric Networking in a safety-critical industrial IoT. Evaluation
of the crypto efforts on the RIOT operating system for content security reveal
its feasibility for common deployment scenarios.Comment: To be published at IEEE WF-IoT 201
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
In the quest of vision-sensors-on-chip: Pre-processing sensors for data reduction
This paper shows that the implementation of vision systems benefits from the usage of sensing front-end chips with embedded pre-processing capabilities - called CVIS. Such embedded pre-processors reduce the number of data to be delivered for ulterior processing. This strategy, which is also adopted by natural vision systems, relaxes system-level requirements regarding data storage and communications and enables highly compact and fast vision systems. The paper includes several proof-o-concept CVIS chips with embedded pre-processing and illustrate their potential advantages. © 2017, Society for Imaging Science and Technology.Office of Naval Research (USA) N00014-14-1-0355Ministerio de Economía y Competitiviad TEC2015-66878-C3-1-R, TEC2015-66878-C3-3-RJunta de Andalucía 2012 TIC 233
Ensuring Cyber-Security in Smart Railway Surveillance with SHIELD
Modern railways feature increasingly complex embedded computing systems for surveillance, that are moving towards fully wireless smart-sensors. Those systems are aimed at monitoring system status from a physical-security viewpoint, in order to detect intrusions and other environmental anomalies. However, the same systems used for physical-security surveillance are vulnerable to cyber-security threats, since they feature distributed hardware and software architectures often interconnected by ‘open networks’, like wireless channels and the Internet. In this paper, we show how the integrated approach to Security, Privacy and Dependability (SPD) in embedded systems provided by the SHIELD framework (developed within the EU funded pSHIELD and nSHIELD research projects) can be applied to railway surveillance systems in order to measure and improve their SPD level. SHIELD implements a layered architecture (node, network, middleware and overlay) and orchestrates SPD mechanisms based on ontology models, appropriate metrics and composability. The results of prototypical application to a real-world demonstrator show the effectiveness of SHIELD and justify its practical applicability in industrial settings
CMOS Vision Sensors: Embedding Computer Vision at Imaging Front-Ends
CMOS Image Sensors (CIS) are key for imaging technol-ogies. These chips are conceived for capturing opticalscenes focused on their surface, and for delivering elec-trical images, commonly in digital format. CISs may incor-porate intelligence; however, their smartness basicallyconcerns calibration, error correction and other similartasks. The term CVISs (CMOS VIsion Sensors) definesother class of sensor front-ends which are aimed at per-forming vision tasks right at the focal plane. They havebeen running under names such as computational imagesensors, vision sensors and silicon retinas, among others. CVIS and CISs are similar regarding physical imple-mentation. However, while inputs of both CIS and CVISare images captured by photo-sensors placed at thefocal-plane, CVISs primary outputs may not be imagesbut either image features or even decisions based on thespatial-temporal analysis of the scenes. We may hencestate that CVISs are more “intelligent” than CISs as theyfocus on information instead of on raw data. Actually,CVIS architectures capable of extracting and interpretingthe information contained in images, and prompting reac-tion commands thereof, have been explored for years inacademia, and industrial applications are recently ramp-ing up.One of the challenges of CVISs architects is incorporat-ing computer vision concepts into the design flow. Theendeavor is ambitious because imaging and computervision communities are rather disjoint groups talking dif-ferent languages. The Cellular Nonlinear Network Univer-sal Machine (CNNUM) paradigm, proposed by Profs.Chua and Roska, defined an adequate framework forsuch conciliation as it is particularly well suited for hard-ware-software co-design [1]-[4]. This paper overviewsCVISs chips that were conceived and prototyped at IMSEVision Lab over the past twenty years. Some of them fitthe CNNUM paradigm while others are tangential to it. Allthem employ per-pixel mixed-signal processing circuitryto achieve sensor-processing concurrency in the quest offast operation with reduced energy budget.Junta de Andalucía TIC 2012-2338Ministerio de Economía y Competitividad TEC 2015-66878-C3-1-R y TEC 2015-66878-C3-3-
Content Authentication for Neural Imaging Pipelines: End-to-end Optimization of Photo Provenance in Complex Distribution Channels
Forensic analysis of digital photo provenance relies on intrinsic traces left
in the photograph at the time of its acquisition. Such analysis becomes
unreliable after heavy post-processing, such as down-sampling and
re-compression applied upon distribution in the Web. This paper explores
end-to-end optimization of the entire image acquisition and distribution
workflow to facilitate reliable forensic analysis at the end of the
distribution channel. We demonstrate that neural imaging pipelines can be
trained to replace the internals of digital cameras, and jointly optimized for
high-fidelity photo development and reliable provenance analysis. In our
experiments, the proposed approach increased image manipulation detection
accuracy from 45% to over 90%. The findings encourage further research towards
building more reliable imaging pipelines with explicit provenance-guaranteeing
properties.Comment: Camera ready + supplement, CVPR'1
Attack-Surface Metrics, OSSTMM and Common Criteria Based Approach to “Composable Security” in Complex Systems
In recent studies on Complex Systems and Systems-of-Systems theory, a huge effort has been put to cope with behavioral problems, i.e. the possibility of controlling a desired overall or end-to-end behavior by acting on the individual elements that constitute the system itself. This problem is particularly important in the “SMART” environments, where the huge number of devices, their significant computational capabilities as well as their tight interconnection produce a complex architecture for which it is difficult to predict (and control) a desired behavior; furthermore, if the scenario is allowed to dynamically evolve through the modification of both topology and subsystems composition, then the control problem becomes a real challenge. In this perspective, the purpose of this paper is to cope with a specific class of control problems in complex systems, the “composability of security functionalities”, recently introduced by the European Funded research through the pSHIELD and nSHIELD projects (ARTEMIS-JU programme). In a nutshell, the objective of this research is to define a control framework that, given a target security level for a specific application scenario, is able to i) discover the system elements, ii) quantify the security level of each element as well as its contribution to the security of the overall system, and iii) compute the control action to be applied on such elements to reach the security target. The main innovations proposed by the authors are: i) the definition of a comprehensive methodology to quantify the security of a generic system independently from the technology and the environment and ii) the integration of the derived metrics into a closed-loop scheme that allows real-time control of the system. The solution described in this work moves from the proof-of-concepts performed in the early phase of the pSHIELD research and enrich es it through an innovative metric with a sound foundation, able to potentially cope with any kind of pplication scenarios (railways, automotive, manufacturing, ...)
- …