Safety, Trust, and Ethics Considerations for Human-AI Teaming in Aerospace Control

Designing a safe, trusted, and ethical AI may be practically impossible; however, designing AI with safe, trusted, and ethical use in mind is possible and necessary in safety and mission-critical domains like aerospace. Safe, trusted, and ethical use of AI are often used interchangeably; however, a system can be safely used but not trusted or ethical, have a trusted use that is not safe or ethical, and have an ethical use that is not safe or trusted. This manuscript serves as a primer to illuminate the nuanced differences between these concepts, with a specific focus on applications of Human-AI teaming in aerospace system control, where humans may be in, on, or out-of-the-loop of decision-making

Using Remote Attestation of Trust for Computer Forensics

Telecommunications systems are critical systems with high quality of service constraints. In Network Function Virtualization (NFV), commonly known as the Telco Cloud, network functions are distributed as virtual machines that run on generic servers in a datacenter. These network functions control critical elements; therefore, they should be run on trusted hardware. Trusted computing concepts can be used to guarantee the trustworthiness of the underlying hardware platform running critical workload. These concepts include the Trusted Platform Module and Remote Attestation. This work identifies limitations in existing solutions and uses those as motivation for designing and implementing a finer-grained definition of trust. This thesis designs and develops a remote attestation solution, which includes a policy and rule based mechanism for determining platform trust in a trusted cloud. Additionally, it develops a fine-grained concept of trust in a cloud environment based on NFV. Finally, this thesis utilizes the remote attestation solution to develop a forensics system based on root cause analysis, which allows the investigation of attestation failures and their mitigation

Development of virtue ethics based security constructs for information systems trusted workers

Despite an abundance of research on the problem of insider threats only limited success has been achieved in preventing trusted insiders from committing security violations. Virtue ethics may be a new approach that can be utilized to address this issue. Human factors such as moral considerations and decisions impact information system design, use, and security; consequently they affect the security posture and culture of an organization. Virtue ethics based concepts have the potential to influence and align the moral values and behavior of Information Systems workers with those of an organization in order to provide increased protection of IS assets. This study examines factors that affect and shape the ethical perspectives of individuals trusted with privileged access to personal, sensitive, and classified information. An understanding of these factors can be used by organizations to assess and influence the ethical intentions and commitment of information systems trusted workers. The overall objective of this study’s research is to establish and refine validated virtue ethics based constructs which can be incorporated into theory development and testing of the proposed Information Systems security model. The expectation of the researcher is to better understand the personality and motivations of individuals who pose an insider threat by providing a conceptual analysis of character traits which influence the ethical behavior of trusted workers and ultimately Information System security

Trusted Autonomy and Cognitive Cyber Symbiosis: Open Challenges

This paper considers two emerging interdisciplinary, but related topics that are likely to create tipping points in advancing the engineering and science areas. Trusted Autonomy (TA) is a field of research that focuses on understanding and designing the interaction space between two entities each of which exhibits a level of autonomy. These entities can be humans, machines, or a mix of the two. Cognitive Cyber Symbiosis (CoCyS) is a cloud that uses humans and machines for decision-making. In CoCyS, human–machine teams are viewed as a network with each node comprising humans (as computational machines) or computers. CoCyS focuses on the architecture and interface of a Trusted Autonomous System. This paper examines these two concepts and seeks to remove ambiguity by introducing formal definitions for these concepts. It then discusses open challenges for TA and CoCyS, that is, whether a team made of humans and machines can work in fluid, seamless harmony

The sociology of trusted systems: the episteme and judgment of a technology (NIRSA) Working Paper Series. No.46

The goal of this paper is that of taking a first step toward a socio-technical conceptualization of trusted systems. In our view this might help in overcoming interdisciplinary differences and enhancing a common vocabulary for discussing trust issues for the Future of the Internet. In particular our main research question is to understand “to what extent and in which forms existing trusted systems embody social assumptions?” In order to answer this question we propose a new definition of Trusted Systems as situated Episteme: an apparatus of devices that set the conditions of possibility of certain practices while denying other practices. The conceptualization is augmented using the concept of technological mediation taken from the approach known as Actor-Network Theory (ANT). Our approach takes at its starting point the idea that it is possible to use sociological (from ANT) concepts to analyse and investigate the basic elements of Trusted Systems. This analysis opens up new possibilities for the sociological enquiry of Trust on a more micro, socio-technical level. In particular the paper puts forward the idea of Trust as result of the system design

The sociology of trusted systems: the episteme and judgment of a technology (NIRSA) Working Paper Series. No.46

The goal of this paper is that of taking a first step toward a socio-technical conceptualization of trusted systems. In our view this might help in overcoming interdisciplinary differences and enhancing a common vocabulary for discussing trust issues for the Future of the Internet. In particular our main research question is to understand “to what extent and in which forms existing trusted systems embody social assumptions?” In order to answer this question we propose a new definition of Trusted Systems as situated Episteme: an apparatus of devices that set the conditions of possibility of certain practices while denying other practices. The conceptualization is augmented using the concept of technological mediation taken from the approach known as Actor-Network Theory (ANT). Our approach takes at its starting point the idea that it is possible to use sociological (from ANT) concepts to analyse and investigate the basic elements of Trusted Systems. This analysis opens up new possibilities for the sociological enquiry of Trust on a more micro, socio-technical level. In particular the paper puts forward the idea of Trust as result of the system design

Exploring the Integration of Memory Management and Trusted Computing

This thesis addresses vulnerabilities in current Trusted Computing architecture by exploring a design for a better Trusted Platform Module (TPM); one that integrates more closely with the CPU\u27s Memory Management Unit (MMU). We establish that software-based attacks on trusted memory can be carried out undetectably by an adversary on current TCG/TPM implementations. We demonstrate that an attacker with sufficient privileges can compromise the integrity of a TPM-protected system by modifying critical loaded code and static data after measurement has taken place. More specifically, these attacks illustrate the Time Of Check vs. Time of Use (TOCTOU) class of attacks. We propose to enhance the MMU, enabling it to detect when memory containing trusted code or data is being maliciously modified at run-time. On detection, it should be able to notify the TPM of these modifications. We seek to use the concepts of selective memory immutability as a security tool to harden the MMU, which will result in a more robust TCG/TPM implementation. To substantiate our ideas for this proposed hardware feature, we designed and implemented a software prototype system, which employs the monitoring capabilities of the Xen virtual machine monitor. We performed a security evaluation of our prototype and validated that it can detect all our software-based TOCTOU attacks. We applied our prototype to verify the integrity of data associated with an application, as well as suggested and implemented ways to prevent unauthorized use of data by associating it with its owner process. Our performance evaluation reveals minimal overhead

Privacy-preserving Twitter-based solution for visually impaired people

Visually impaired people is a big community all over the world. They usually seek help to perform their daily activities such as reading the expired date of food cans or medicine, reading out PIN of a certain ATM Visa, identifying the color of clothes or differentiate between the money notes and other objects with the same shape. A number of IT-based solutions have been proposed to help and assist blind and/or visually impaired people. Generally speaking, these solutions, however, do not support Arabic languages nor protect blind users’ privacy. In this paper, Trusted Blind Society (TBS) mobile application is proposed. It is an android application which allows blind users to recognize their unknown surroundings by utilizing two concepts: social networks sites and friendsourcing. These two concepts were employed by allowing family members and the trusted friends, who are registered on Twitter, to answer blind users’ questions on a real time. The solution is also bilingual, supports (Arabic/English) and allows screen reader using Android talk-back service. The performance of the TBS system was evaluated using loader.io to check its stability under the heavy load and it was tested by a number of blind volunteers and the results showed good performance comparing to most related work