Ensuring Cyber-Security in Smart Railway Surveillance with SHIELD

Modern railways feature increasingly complex embedded computing systems for surveillance, that are moving towards fully wireless smart-sensors. Those systems are aimed at monitoring system status from a physical-security viewpoint, in order to detect intrusions and other environmental anomalies. However, the same systems used for physical-security surveillance are vulnerable to cyber-security threats, since they feature distributed hardware and software architectures often interconnected by ‘open networks’, like wireless channels and the Internet. In this paper, we show how the integrated approach to Security, Privacy and Dependability (SPD) in embedded systems provided by the SHIELD framework (developed within the EU funded pSHIELD and nSHIELD research projects) can be applied to railway surveillance systems in order to measure and improve their SPD level. SHIELD implements a layered architecture (node, network, middleware and overlay) and orchestrates SPD mechanisms based on ontology models, appropriate metrics and composability. The results of prototypical application to a real-world demonstrator show the effectiveness of SHIELD and justify its practical applicability in industrial settings

Attack-Surface Metrics, OSSTMM and Common Criteria Based Approach to “Composable Security” in Complex Systems

In recent studies on Complex Systems and Systems-of-Systems theory, a huge effort has been put to cope with behavioral problems, i.e. the possibility of controlling a desired overall or end-to-end behavior by acting on the individual elements that constitute the system itself. This problem is particularly important in the “SMART” environments, where the huge number of devices, their significant computational capabilities as well as their tight interconnection produce a complex architecture for which it is difficult to predict (and control) a desired behavior; furthermore, if the scenario is allowed to dynamically evolve through the modification of both topology and subsystems composition, then the control problem becomes a real challenge. In this perspective, the purpose of this paper is to cope with a specific class of control problems in complex systems, the “composability of security functionalities”, recently introduced by the European Funded research through the pSHIELD and nSHIELD projects (ARTEMIS-JU programme). In a nutshell, the objective of this research is to define a control framework that, given a target security level for a specific application scenario, is able to i) discover the system elements, ii) quantify the security level of each element as well as its contribution to the security of the overall system, and iii) compute the control action to be applied on such elements to reach the security target. The main innovations proposed by the authors are: i) the definition of a comprehensive methodology to quantify the security of a generic system independently from the technology and the environment and ii) the integration of the derived metrics into a closed-loop scheme that allows real-time control of the system. The solution described in this work moves from the proof-of-concepts performed in the early phase of the pSHIELD research and enrich es it through an innovative metric with a sound foundation, able to potentially cope with any kind of pplication scenarios (railways, automotive, manufacturing, ...)

Control architecture to provide E2E security in interconnected systems: the (new) SHIELD approach

Modern Systems are usually obtained as incremental composition of proper (smaller and SMART) subsystems interacting through communication interfaces. Such flexible architecture allows the pervasive provisioning of a wide class of services, ranging from multimedia contents delivery, through monitoring data collection, to command and control functionalities. All these services requires that the adequate level of robustness and security is assured at End-to- End (E2E) level, according to user requirements that may vary depending on the specific context or the involved technologies. A flexible methodology to dynamically control the security level of the service being offered is then needed. In this perspective, the authors propose an innovative control architecture able to assure E2E security potentially in any application, by dynamically adapting to the underlying systems and using its resources to “build the security”. In particular, the main novelties of this solution are: i) the possibility of dynamically discovering and composing the available functionalities offered by the environment to satisfy the security needs and ii) the possibility of modelling and measuring the security through innovative technology-independent metrics. The results presented in this paper moves from the solutions identified in the pSHIELD project and enrich them with the innovative advances achieved through the nSHIELD research, still ongoing. Both projects have been funded by ARTEMIS-JU

Metodo per la fruizione personalizzata di trasmissioni digitali, e relativo sistema.

L’invenzione concerne una piattaforma cognitiva per la fruizione personalizzata di contenuti multimediali provenienti da fonti digitali quali ad esempio DVB-T, DVB-C, DVB-H DVB-S e DAB. La caratteristica base dell’invenzione è quella di consentire una personalizzazione automatica del ricevitore del segnale digitale e delle sue principali funzionalità senza alcun intervento umano. Tutte le caratteristiche che prevedono un intervento manuale sono “aggiuntive” rispetto all’obiettivo primario di consentire ai membri di un nucleo familiare di non modificare le proprie abitudini derivanti dall’uso della TV analogica, al fine di ridurre il più possibile i disagi nel passaggio dall’analogico al digitale

A Rule-based Approach for Medical Decision Support

This paper describes the medical Decision Support System (DSS) designed in the framework of the Bravehealth (BVH) project. The DSS is the heart of the data processing performed in Bravehealth, and it is aimed at enriching the medical experience to support the doctors in the decision-making processes. The paper focuses on the flexible and effective DSS architecture placed at a Remote Server side. Moreover, a Data Mining prototype algorithm, supported by the architecture, is proposed, along with encouraging test results

An electrocardiogram (ECG) signal processing algorithm for heart parameters estimation based on qrs complex detection

This paper presents an algorithm able to estimate heartbeat parameters, based on a QRS complex detection. The proposed algorithm demonstrates to be able to recognize heartbeat parameters even in highly noisy situations, i.e. where the ECG signal is extremely disturbed. Furthermore the algorithm was tested on real ECG signals generated by a so called Wearable Unit, a complex bio-signals sensor being developed by STMicroelectronics within the Bravehealth ICT FP7 EU funded project

The Bravehealth Software Architecture for the Monitoring of Patients Affected by CVD

The Bravehealth project is a large scale Integrated Project (IP) launched in the 7th Framework Programme. Bravehealth proposes a patient-centric vision to Cardio Vascular Disease (CVD) management and treatment, providing people already diagnosed as subjects at risk with a sound solution for continuous and remote monitoring and real time prevention of malignant events. Mainly, this paper describes the BVH Software Architecture. The role and the rationale behind the various system components is widely explained. The set of adopted technological solutions is presented and, finally, it is shown how the architecture succeeds in achieving a flexible, scalable and efficient system able to cope with many different medical scenarios