The Lazarus Effect: Healing Compromised Devices in the Internet of Small Things

We live in a time when billions of IoT devices are being deployed and increasingly relied upon. This makes ensuring their availability and recoverability in case of a compromise a paramount goal. The large and rapidly growing number of deployed IoT devices make manual recovery impractical, especially if the devices are dispersed over a large area. Thus, there is a need for a reliable and scalable remote recovery mechanism that works even after attackers have taken full control over devices, possibly misusing them or trying to render them useless. To tackle this problem, we present Lazarus, a system that enables the remote recovery of compromised IoT devices. With Lazarus, an IoT administrator can remotely control the code running on IoT devices unconditionally and within a guaranteed time bound. This makes recovery possible even in case of severe corruption of the devices' software stack. We impose only minimal hardware requirements, making Lazarus applicable even for low-end constrained off-the-shelf IoT devices. We isolate Lazarus's minimal recovery trusted computing base from untrusted software both in time and by using a trusted execution environment. The temporal isolation prevents secrets from being leaked through side-channels to untrusted software. Inside the trusted execution environment, we place minimal functionality that constrains untrusted software at runtime. We implement Lazarus on an ARM Cortex-M33-based microcontroller in a full setup with an IoT hub, device provisioning and secure update functionality. Our prototype can recover compromised embedded OSs and bare-metal applications and prevents attackers from bricking devices, for example, through flash wear out. We show this at the example of FreeRTOS, which requires no modifications but only a single additional task. Our evaluation shows negligible runtime performance impact and moderate memory requirements.Comment: In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (ASIA CCS 20

The Essential Elements of a Risk Governance Framework for Current and Future Nanotechnologies

Societies worldwide are investing considerable resources into the safe development and use of nanomaterials. Although each of these protective efforts is crucial for governing the risks of nanomaterials, they are insufficient in isolation. What is missing is a more integrative governance approach that goes beyond legislation. Development of this approach must b

Canagliflozin and renal outcomes in type 2 diabetes and nephropathy

BACKGROUND Type 2 diabetes mellitus is the leading cause of kidney failure worldwide, but few effective long-term treatments are available. In cardiovascular trials of inhibitors of sodium–glucose cotransporter 2 (SGLT2), exploratory results have suggested that such drugs may improve renal outcomes in patients with type 2 diabetes. METHODS In this double-blind, randomized trial, we assigned patients with type 2 diabetes and albuminuric chronic kidney disease to receive canagliflozin, an oral SGLT2 inhibitor, at a dose of 100 mg daily or placebo. All the patients had an estimated glomerular filtration rate (GFR) of 30 to <90 ml per minute per 1.73 m2 of body-surface area and albuminuria (ratio of albumin [mg] to creatinine [g], >300 to 5000) and were treated with renin–angiotensin system blockade. The primary outcome was a composite of end-stage kidney disease (dialysis, transplantation, or a sustained estimated GFR of <15 ml per minute per 1.73 m2), a doubling of the serum creatinine level, or death from renal or cardiovascular causes. Prespecified secondary outcomes were tested hierarchically. RESULTS The trial was stopped early after a planned interim analysis on the recommendation of the data and safety monitoring committee. At that time, 4401 patients had undergone randomization, with a median follow-up of 2.62 years. The relative risk of the primary outcome was 30% lower in the canagliflozin group than in the placebo group, with event rates of 43.2 and 61.2 per 1000 patient-years, respectively (hazard ratio, 0.70; 95% confidence interval [CI], 0.59 to 0.82; P=0.00001). The relative risk of the renal-specific composite of end-stage kidney disease, a doubling of the creatinine level, or death from renal causes was lower by 34% (hazard ratio, 0.66; 95% CI, 0.53 to 0.81; P<0.001), and the relative risk of end-stage kidney disease was lower by 32% (hazard ratio, 0.68; 95% CI, 0.54 to 0.86; P=0.002). The canagliflozin group also had a lower risk of cardiovascular death, myocardial infarction, or stroke (hazard ratio, 0.80; 95% CI, 0.67 to 0.95; P=0.01) and hospitalization for heart failure (hazard ratio, 0.61; 95% CI, 0.47 to 0.80; P<0.001). There were no significant differences in rates of amputation or fracture. CONCLUSIONS In patients with type 2 diabetes and kidney disease, the risk of kidney failure and cardiovascular events was lower in the canagliflozin group than in the placebo group at a median follow-up of 2.62 years

Improving Resilience Using Drones for Effective Monitoring after Disruptive Events

We observe a world of increasing anxiety due to natural and man-made disasters, pandemics, andmilitary conflicts. Such disruptive events lead to decreased infrastructure and personnel availability; still, infrastructure and personnel are essential for keeping society running, and for addressing the effects of disruptions. We argue that drone technology could provide monitoring/logistics services that can help in addressing such needs. This paper focuses on the monitoring function whichcan provide situational awareness to decision makers after such a crisis. Drones are less dependenton nearby area infrastructure and can observe affected regions from above. Those are key advantagescompared to other solutions. Still, drones are dependent on communication services and ground operators. Therefore, we need drone solutions that are less dependent on the availability of local infrastructure and people. Several conceptual solutions to reach this independence, based on recent developments in drone technology, are explicitly discussed in the current paper and confronted with therequirements and boundary conditions posed by disruptive events. Validating such solutions in real emergency situations is left for future work

Economic lessons, perspectives and challenges from the Balkans

both empirical and theoretical papers on contemporary issues of monetary and economic problem

Meeting the Needs for Released Nanomaterials Required for Further Testing : The SUN Approach

International audienceThe analysis of the potential risks of engineered nanomaterials (ENM) has so far been almost exclusively focused on the pristine, as-produced particles. However, when considering a life-cycle perspective, it is clear that ENM released from genuine products during manufacturing, use, and disposal is far more relevant. Research on the release of materials from nanoproducts is growing and the next necessary step is to investigate the behavior and effects of these released materials in the environment and on humans. Therefore, sufficient amounts of released materials need to be available for further testing. In addition, ENM-free reference materials are needed since many processes not only release ENM but also nanosized fragments from the ENM-containing matrix that may interfere with further tests. The SUN consortium (Project on ``Sustainable Nanotechnologies'', EU seventh Framework funding) uses methods to characterize and quantify nanomaterials released from composite samples that are exposed to environmental stressors. Here we describe an approach to provide materials in hundreds of gram quantities mimicking actual released materials from coatings and polymer nanocomposites by producing what is called ``fragmented products'' (FP). These FP can further be exposed to environmental conditions (e.g., humidity, light) to produce ``weathered fragmented products'' (WFP) or can be subjected to a further size fractionation to isolate ``sieved fragmented products'' (SFP) that are representative for inhalation studies. In this perspective we describe the approach, and the used methods to obtain released materials in amounts large enough to be suitable for further fate and (eco)toxicity testing. We present a case study (nanoparticulate organic pigment in polypropylene) to show exemplarily the procedures used to produce the FP. We present some characterization data of the FP and discuss critically the further potential and the usefulness of the approach we developed