Software Security Design für Cyber-Physische Systeme

Cyber-physical systems (CPS) security, as a prevalent concern in all digital industries, must be implemented on different levels of abstraction. For example, the development of top-down approaches, e.g., security models and software architectures is equivalent in importance to the development of bottom-up solutions like the design of new protocols and languages. This thesis combines research in the field of CPS security from both approaches and contributes to the security models of the two lighthouse examples automotive software engineering and general password security. Most existing countermeasures against cyberattacks, e.g., the use of message cryptography, concentrate on concrete attacks and do not consider the complexity of the various access options offered by modern cyber-physical systems. This is mainly due to a solution-oriented approach to security problems. The model-based technique SAM (Security Abstraction Model) adds to the early phases of (automotive) software architecture development by explicitly documenting attacks and managing them with the appropriate security countermeasures. It additionally establishes the basis for comprehensive security analysis techniques, e.g., already available attack assessment methods. SAM thus contributes to an early, problem-oriented and solution-ignorant understanding combining key stakeholder knowledge. This thesis provides a detailed overview of SAM and the resulting analyses of our evaluation show that SAM puts the security-by-design principle into practice by enabling collaboration between automotive system engineers, system architects and security experts. The application of SAM aims to reduce costs, improve overall quality and gain competitive advantages. Based on our evaluation results, SAM is highly suitable, comprehensible and complete to be used in the industry. The bottom-up approach focuses on the area of password hardening encryption (PHE) services as introduced by Lai et al.~at USENIX 2018. PHE is a password-based key derivation protocol that involves an oblivious external crypto service for key derivation. The security of PHE protects against offline brute-force attacks, even when the attacker has full access to the data server. The obvious evolution of PHE is the extension of the protocol to use multiple rate-limiters (guardians) to mitigate the single point of failure introduced by the original scheme. In the second part of this thesis, a general overview of the motivation and use cases of PHE is given, along with a new formalization of the protocol to help the mentioned scalability and availability issues. Moreover, an implementation of the resulting threshold-based protocol is briefly explained and evaluated. Our implementation is furthermore tested and evaluated in a novel use case featuring password hardened encrypted email.Die IT-Sicherheit von Cyber-Physical Systems (CPS), als ein vorherrschendes Anliegen in allen digitalen Industrien, muss auf verschiedenen Abstraktionsebenen implementiert werden. Beispielsweise ist die Entwicklung von Top-Down-Ansätzen anhand von Sicherheitsmodellen und Software-Architekturen gleichwertig mit der Entwicklung von Bottom-up-Lösungen, sowie dem Design von neuen Protokollen und Sprachen. Diese Arbeit kombiniert die Forschung auf dem Bereich der CPS-Sicherheit aus beiden Ansätzen und trägt zu den Sicherheitsmodellen der beiden Leuchtturmbeispiele Automotive Software Engineering und allgemeiner Passwortsicherheit bei. Die meisten bestehenden Gegenmaßnahmen gegen Cyber-Angriffe, z.B. der Einsatz von Kryptographie, konzentrieren sich auf konkrete Angriffe und berücksichtigen nicht die Komplexität der verschiedenen Zugriffsmöglichkeiten, die moderne Cyber-Physical Systems bieten. Dies liegt vor allem an einer lösungsorientierten Herangehensweise an Sicherheitsprobleme. Die modellbasierte Technik SAM (Security Abstraction Model) ergänzt die frühen Phasen der (automobilen) Software-Architekturentwicklung, indem Angriffe explizit dokumentiert werden und entspre-\\chende Sicherheits-Gegenmaßnahmen abgeleitet werden können. Es schafft zusätzlich die Basis für umfassende Sicherheitsanalysetechniken, z.B. bereits verfügbare Angriffsbewertungs-Methoden. SAM trägt somit zu einem frühen, problem- und lösungsorientiertem Verständnis bei, das wichtiges Stakeholder-Wissen kombiniert. Diese Arbeit gibt einen detaillierten Überblick über SAM und die daraus resultierenden Analysen unserer Evaluation zeigen, dass SAM das Prinzip Security-by-Design in die Praxis umsetzt, indem es die Zusammenarbeit zwischen Automobilsystemingenieuren, Systemarchitekten und Sicherheitsexperten ermöglicht. Die Anwendung von SAM zielt darauf ab, Kosten zu reduzieren, die Gesamtqualität zu verbessern und Wettbewerbsvorteile zu schaffen. Basierend auf den Evaluationsergebnissen ist SAM dafür geeignet, um in der Industrie eingesetzt zu werden. Der Bottom-up-Ansatz konzentriert sich auf den Bereich der Password Hardening Encryption (PHE) Services, wie sie von Lai et al.~auf der USENIX 2018 vorgestellt wurden. PHE ist ein passwortbasiertes Schlüsselableitungsprotokoll, das einen verdeckten externen Kryptodienst für die Schlüsselableitung verwendet. Die Sicherheit von PHE schützt vor Offline-Brute-Force Angriffen, selbst wenn der Angreifer vollen Zugriff auf den Datenserver hat. Die naheliegendste Weiterentwicklung von PHE ist die Erweiterung des Protokolls zur Verwendung mehrerer Rate-Limiter (Guardians), um den Single Point of Failure des ursprünglichen Schemas zu eliminieren. Im zweiten Teil dieser Arbeit wird ein allgemeiner Überblick über die Motivation und Anwendungsfälle von PHE gegeben, zusammen mit einer neuen Formalisierung des Protokolls, um die erwähnten Probleme der Skalierbarkeit und Verfügbarkeit zu lösen. Außerdem wird eine Implementierung des resultierenden threshold-basierten Protokolls kurz erläutert und evaluiert. Die Implementierung wird darüber hinaus in einem neuartigen Anwendungsfall PHEmail dargestellt

Threshold Password-Hardened Encryption Services

Password-hardened encryption (PHE) was introduced by Lai et al. at USENIX 2018 and immediately productized by VirgilSecurity. PHE is a password-based key derivation protocol that involves an oblivious external crypto service for key derivation. The security of PHE protects against offline brute-force attacks, even when the attacker is given the entire database. Furthermore, the crypto service neither learns the derived key nor the password. PHE supports key-rotation meaning that both the server and crypto service can update their keys without involving the user. While PHE significantly strengthens data security, it introduces a single point of failure because key-derivation always requires access to the crypto service. In this work, we address this issue and simultaneously increase security by introducing threshold password-hardened encryption. Our formalization of this primitive revealed shortcomings of the original PHE definition that we also address in this work. Following the spirit of prior works, we give a simple and efficient construction using lightweight tools only. We also implement our construction and evaluate its efficiency. Our experiments confirm the practical efficiency of our scheme and show that it is more efficient than common memory-hard functions, such as scrypt. From a practical perspective this means that threshold PHE can be used as an alternative to scrypt for password protection and key-derivation, offering better security in terms of offline brute force attacks

Functional neuroimaging of visual creativity: a systematic review and meta-analysis

Introduction: The generation of creative visual imagery contributes to technological and scientific innovation, and production of visual art. The underlying cognitive and neural processes are however poorly understood. Methods: This review synthesises functional neuroimaging studies of visual creativity. Seven functional magnetic resonance imaging (fMRI) and 19 electroencephalography (EEG) studies were included, comprising 27 experiments and around 800 participants. Results: Activation likelihood estimation meta-analysis of the fMRI studies comparing visual creativity to non-rest control tasks yielded significant clusters in thalamus, left fusiform gyrus, and right middle and inferior frontal gyri. The EEG studies revealed a tendency for decreased alpha power during visual creativity compared to baseline, but comparisons of visual creativity to non-rest control tasks revealed inconsistent findings. Conclusions: The findings are consistent with suggested contributions to visual creativity of prefrontally-mediated inhibition, evaluation and working memory, as well as visual imagery processes. Findings are discussed in relation to prominent theories of the neural basis of creativity

Social Engineering Exploits in Automotive Software Security: Modeling Human-targeted Attacks with SAM

Security cannot be implemented into a system retrospectively without considerable effort, so security must be takeninto consideration already at the beginning of the system development. The engineering of automotive softwareis by no means an exception to this rule. For addressing automotive security, the AUTOSAR and EAST-ADLstandards for domain-specific system and component modeling provide the central foundation as a start. The EASTADLextension SAM enables fully integrated security modeling for traditional feature-targeted attacks. Due to theCOVID-19 pandemic, the number of cyber-attacks has increased tremendously and of these, about 98 percent arebased on social engineering attacks. These social engineering attacks exploit vulnerabilities in human behaviors,rather than vulnerabilities in a system, to inflict damage. And these social engineering attacks also play a relevantbut nonetheless regularly neglected role for automotive software. The contribution of this paper is a novel modelingconcept for social engineering attacks and their criticality assessment integrated into a general automotive softwaresecurity modeling approach. This makes it possible to relate social engineering exploits with feature-related attacks.To elevate the practical usage, we implemented an integration of this concept into the established, domain-specificmodeling tool MetaEdit+. The tool support enables collaboration between stakeholders, calculates vulnerabilityscores, and enables the specification of security objectives and measures to eliminate vulnerabilities

Transport Properties of Critical Sulfur Hexafluoride From Multiscale Analysis of Density Fluctuations

Density fluctuations near critical points have a wide range of sizes limited only by the boundaries of the enclosing container. How would a fluctuating image near the critical point look if we could break it into disjoint spatial scales, like decomposing white light into narrow-band, monochromatic waves? What are the scaling laws governing each spatial scale? How are the relaxation times of fluctuations at each spatial scale related to the dynamics of fluctuations in the original image? Fluctuations near the critical point of pure fluids lead to different patterns of phase separation, which has a significant influence on the materials’ properties. Due to the diverging compressibility of pure fluids near the critical temperature, the critical phase collapses under its weight on Earth. It limits both the spatial extent of fluctuations and their duration. In microgravity, the buoyancy and convection are suppressed, and the critical state can be observed much closer to the critical point for a more extended period. Local density fluctuations induce light intensity fluctuations (the so-called “critical opalescence”), which we recorded for a sulfur hexafluoride (SF 6 ) sample near the critical point in microgravity using the ALI (Alice Like Instrumentation insert) of the DECLIC (Dispositif pour l’Etude de la Croissance et des Liquides Critiques) facility on the International Space Station (ISS). From the very short (approximately 173 s total recording) data set very near, within 200 μK, the critical temperature, we determined the effective diffusion coefficient for fluctuations of different sizes. For transient and non-stationary data recorded very near the critical point immediately after a thermal quench that steps through critical temperature, we separated fluctuations of various sizes from the original images using the Bidimensional Empirical Mode Decomposition (BEMD) technique. Orthogonal and stationary Intrinsic Mode Function (IMF) images were analyzed using the Fourier-based Dynamic Differential Microscopy (DDM) method to extract the correlation time of fluctuations. We found that a single power-law exponent represented each IMF’s structure factor. Additionally, each Intermediate Scattering Function (ISF) was determined by fluctuations’ unique relaxation time constant. We found that the correlation time of fluctuations increases with IMF’s order, which shows that small size fluctuations have the shortest correlation time. Estimating thermophysical properties from short data sets affected by transient phenomena is possible within the BEMD framewor

Thalamic amnesia after infarct

OBJECTIVE: To improve current understanding of the mechanisms behind thalamic amnesia, as it is unclear whether it is directly related to damage to specific nuclei, in particular to the anterior or mediodorsal nuclei, or indirectly related to lesions of the mammillothalamic tract (MTT). METHODS: We recruited 12 patients with a left thalamic infarction and 25 healthy matched controls. All underwent a comprehensive neuropsychological assessment of verbal and visual memory, executive functions, language, and affect, and a high-resolution structural volumetric MRI scan. Thalamic lesions were manually segmented and automatically localized with a computerized thalamic atlas. As well as comparing patients with controls, we divided patients into subgroups with intact or damaged MTT. RESULTS: Only one patient had a small lesion of the anterior nucleus. Most of the lesions included the mediodorsal (n = 11) and intralaminar nuclei (n = 12). Patients performed worse than controls on the verbal memory tasks, but the 5 patients with intact MTT who showed isolated lesions of the mediodorsal nucleus (MD) only displayed moderate memory impairment. The 7 patients with a damaged MTT performed worse on the verbal memory tasks than those whose MTT was intact. CONCLUSIONS: Lesions in the MTT and in the MD result in memory impairment, severely in the case of MTT and to a lesser extent in the case of MD, thus highlighting the roles played by these 2 structures in memory circuits

Cortical and Subcortical Contributions to Long-Term Memory-Guided Visuospatial Attention

Long-term memory (LTM) helps to efficiently direct and deploy the scarce resources of the attentional system; however, the neural substrates that support LTM-guidance of visual attention are not well understood. Here, we present results from Fmri experiments that demonstrate that cortical and subcortical regions of a network defined by resting-state functional connectivity are selectively recruited for LTM-guided attention, relative to a similarly demanding stimulus-guided attention paradigm that lacks memory retrieval and relative to a memory retrieval paradigm that lacks covert deployment of attention. Memory-guided visuospatial attention recruited posterior callosal sulcus, posterior precuneus, and lateral intraparietal sulcus bilaterally. Additionally, 3 subcortical regions defined by intrinsic functional connectivity were recruited: the caudate head, mediodorsal thalamus, and cerebellar lobule VI/Crus I. Although the broad resting-state network to which these nodes belong has been referred to as a cognitive control network, the posterior cortical regions activated in the present study are not typically identified with supporting standard cognitive control tasks.We propose that these regions form a Memory-Attention Network that is recruited for processes that integrate mnemonic and stimulus-based representations to guide attention. These findings may have important implications for understanding the mechanisms by which memory retrieval influences attentional deployment