A Structured Approach to Securing the Connected Car

<p>Vehicles of today have become increasingly dependent on software to handle their functionalities. Updating and maintaining the software in vehicles has therefore become a costly process for the automotive industry. By introducing wireless communications to vehicles, vehicular maintenance can greatly be improved and many other new applications can also be brought to the vehicles. However, the vehicle was not designed with security in mind. Since the vehicle is safety-critical, it is vital that such new remote services do not violate the safety and security requirements of the vehicle. Thus, this thesis presents a general approach to securing the connected car and the usefulness of the approach is demonstrated in a vehicular diagnostics scenario.</p> <p>The thesis comes in two main parts. In the first part, we address security mechanisms for the connected car. First, a survey of current mechanisms to secure the in-vehicle networks is made. Then, a description of possible communication methods with vehicles is given and a taxonomy of current entities involved in such communication is presented. The taxonomy is organised in actors, vehicle-to-X communications, network paths, and dependability and security attributes. The usefulness of the taxonomy is demonstrated by two examples.</p> <p>In the second part, we address security with respect to vehicular diagnostics. First, an overall security analysis of the interaction between the connected car and the repair shop is conducted. We find that the most imminent risk in the repair shop is the loss of authentication keys. The loss of such keys allows masquerading attacks against vehicles. To address this problem, we propose a Kerberos-inspired protocol for authentication and authorisation of the diagnostics equipment and a trusted third party is introduced.</p> <p>To conclude, this thesis shows the value of adopting a structured approach to securing the connected car. The approach has been shown to be useful for identifying threats and countermeasures and thus help improving security.</p

Achieve Secure Handover Session Key Management via Mobile Relay in LTE-Advanced Networks

Internet of Things is increasing the network by group action immense quantity of close objects which needs the secure and reliable transmission of the high volume knowledge generation, and also the mobile relay technique is one among the economical ways in which to satisfy the on-board knowledge explosion in LTE-Advanced (LTE-A) networks. However, the observe of the mobile relay can cause potential threats to the knowledge security throughout the relinquishing method. Therefore, to handle this challenge, during this paper, we have a tendency to propose a secure relinquishing session key management theme via mobile relay in LTE-A networks. Specifically, within the planned theme, to realize forward and backward key separations, the session key shared between the on-board user instrumentality (UE) and also the connected donor evolved node B (DeNB) is initial generated by the on-board UE then firmly distributed to the DeNB. moreover, to cut back the communication overhead and also the process complexness, a unique proxy re-encryption technique is used, wherever the session keys at the start encrypted with the general public key of the quality management entity (MME) are going to be re-encrypted by a mobile relay node (MRN), so alternative DeNB will later rewrite the session keys with their own non-public keys whereas while not the direct involvement of the MME. elaborated security analysis shows that the planned theme will with success establish session keys between the on-board UEs and their connected DeNB, achieving backward and forward key separations, and resisting against the collusion between the MRN and also the DeNB because the same time. Additionally, performance evaluations via in depth simulations area unit applied to demonstrate the potency and effectiveness of the planned theme

Experimental Validation of Time-Synchronized Operations for Software-Defined Elastic Optical Networks

Elastic optical networks (EON) have been proposed as a solution to efficiently exploit the spectrum resources in the physical layer of optical networks. Moreover, by centralizing legacy generalized multiprotocol label switching control-plane functionalities and providing a global network view, software-defined networking (SDN) enables advanced network programmability valuable to control and configure the technological breakthroughs of EON. In this paper, we review our recent proposal [Optical Fiber Communication Conf., Los Angeles, California, 2017] of time-synchronized operations (TSO) to minimize disruption time during lightpath reassignment in EON. TSO has been recently standardized in SDN, and here we discuss its implementation using NETCONF and OpenFlow in optical networks. Subsequently, we update our analytical model considering an experimental characterization of the WSS operation time. Then, we extend our previous work with an experimental validation of TSO for lightpath reassignment in a five-node metropolitan optical network test-bed. Results validate the convenience of our TSO-based approach against a traditional asynchronous technique given its reduction of disruption time, while both techniques maintain a similar network performance in terms of optical signal-to-noise ratio and optical power budget

Do we all really know what a fog node is? Current trends towards an open definition

Fog computing has emerged as a promising technology that can bring cloud applications closer to the physical IoT devices at the network edge. While it is widely known what cloud computing is, how data centers can build the cloud infrastructure and how applications can make use of this infrastructure, there is no common picture on what fog computing and particularly a fog node, as its main building block, really is. One of the first attempts to define a fog node was made by Cisco, qualifying a fog computing system as a “mini-cloud” located at the edge of the network and implemented through a variety of edge devices, interconnected by a variety, mostly wireless, communication technologies. Thus, a fog node would be the infrastructure implementing the said mini-cloud. Other proposals have their own definition of what a fog node is, usually in relation to a specific edge device, a specific use case or an application. In this paper, we first survey the state of the art in technologies for fog computing nodes, paying special attention to the contributions that analyze the role edge devices play in the fog node definition. We summarize and compare the concepts, lessons learned from their implementation, and end up showing how a conceptual framework is emerging towards a unifying fog node definition. We focus on core functionalities of a fog node as well as in the accompanying opportunities and challenges towards their practical realization in the near future.Postprint (author's final draft

Electric vehicle as a service (EVaaS):applications, challenges and enablers

Under the vehicle-to-grid (V2G) concept, electric vehicles (EVs) can be deployed as loads to absorb excess production or as distributed energy resources to supply part of their stored energy back to the grid. This paper overviews the technologies, technical components and system requirements needed for EV deployment. Electric vehicle as a service (EVaaS) exploits V2G technology to develop a system where suitable EVs within the distribution network are chosen individually or in aggregate to exchange energy with the grid, individual customers or both. The EVaaS framework is introduced, and interactions among EVaaS subsystems such as EV batteries, charging stations, loads and advanced metering infrastructure are studied. The communication infrastructure and processing facilities that enable data and information exchange between EVs and the grid are reviewed. Different strategies for EV charging/discharging and their impact on the distribution grid are reviewed. Several market designs that incentivize energy trading in V2G environments are discussed. The benefits of V2G are studied from the perspectives of ancillary services, supporting of renewables and the environment. The challenges to V2G are studied with respect to battery degradation, energy conversion losses and effects on distribution system

Instantly Decodable Network Coding: From Centralized to Device-to-Device Communications

From its introduction to its quindecennial, network coding has built a strong reputation for enhancing packet recovery and achieving maximum information flow in both wired and wireless networks. Traditional studies focused on optimizing the throughput of the system by proposing elaborate schemes able to reach the network capacity. With the shift toward distributed computing on mobile devices, performance and complexity become both critical factors that affect the efficiency of a coding strategy. Instantly decodable network coding presents itself as a new paradigm in network coding that trades off these two aspects. This paper review instantly decodable network coding schemes by identifying, categorizing, and evaluating various algorithms proposed in the literature. The first part of the manuscript investigates the conventional centralized systems, in which all decisions are carried out by a central unit, e.g., a base-station. In particular, two successful approaches known as the strict and generalized instantly decodable network are compared in terms of reliability, performance, complexity, and packet selection methodology. The second part considers the use of instantly decodable codes in a device-to-device communication network, in which devices speed up the recovery of the missing packets by exchanging network coded packets. Although the performance improvements are directly proportional to the computational complexity increases, numerous successful schemes from both the performance and complexity viewpoints are identified

Sequential Geometric Approach for Device-Free Localization with Outlier Link Rejection

Device-free localization (DFL) is an emerging technique for estimating the location of the target that does not attach any electronic equipment. Wireless devices are needed to perform as transmitters or receivers. The location of the target is estimated by detecting the changes of the received signal strength (RSS) measurements of the wireless links formed by wireless transmitters and receivers. Due to the uncertainty of the wireless channel, certain links may be polluted seriously, resulting in error detection. In this paper, we propose a novel sequential geometric approach with outlier link rejection (SGOLR) for DFL. It consists of three sequential strategies, including (1) affected link identification by differential RSS detection; (2) outlier link rejection via clustering algorithm by intersection of link (IoL) calculation from the affected links; and (3) density based IoL selection and target location estimation from the remained IoLs. Experimental results show that SGOLR is robust to the fluctuation of the wireless signals with superior localization accuracy compared with the existing Radio Tomographic Imaging (RTI) approach