Endre søk
Link to record
Permanent link

Direct link
Publikasjoner (10 av 17) Visa alla publikasjoner
Mohamad, M., Avula, R. R., Folkesson, P., Kleberger, P., Mirzai, A., Skoglund, M. & Damschen, M. (2024). Cybersecurity Pathways Towards CE-Certified Autonomous Forestry Machines. In: Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2024: . Paper presented at 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2024. Brisbane, Australia. 24 June 2024through 27 June 2024 (pp. 98-105).
Åpne denne publikasjonen i ny fane eller vindu >>Cybersecurity Pathways Towards CE-Certified Autonomous Forestry Machines
Vise andre…
2024 (engelsk)Inngår i: Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2024, 2024, s. 98-105Konferansepaper, Publicerat paper (Annet vitenskapelig)
Abstract [en]

he increased importance of cybersecurity in autonomous machinery is becoming evident in the forestry domain. Forestry worksites are becoming more complex with the involvement of multiple systems and system of systems. Hence, there is a need to investigate how to address cybersecurity challenges for autonomous systems of systems in the forestry domain. Using a literature review and adapting standards from similar domains, as well as collaborative sessions with domain experts, we identify challenges towards CE-certified autonomous forestry machines focusing on cybersecurity and safety. Furthermore, we discuss the relationship between safety and cybersecurity risk assessment and their relation to AI, highlighting the need for a holistic methodology for their assurance.

HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-74609 (URN)10.1109/DSN-W60302.2024.00030 (DOI)
Konferanse
54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2024. Brisbane, Australia. 24 June 2024through 27 June 2024
Merknad

AGRARSENSE is supported by the Chips JU and its members, including the top up funding by Sweden, Czechia, Finland, Ireland, Italy, Latvia, Netherlands, Norway, Poland and Spain (Grant Agreement No.101095835). T

Tilgjengelig fra: 2024-07-21 Laget: 2024-07-21 Sist oppdatert: 2024-10-29bibliografisk kontrollert
Malik, M., Aramrattana, M., Maleki, M., Folkesson, P., Sangchoolie, B. & Karlsson, J. (2023). Simulation-based Evaluation of a Remotely Operated Road Vehicle under Transmission Delays and Denial-of-Service Attacks. In: Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC: . Paper presented at 28th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2023. Singapore. 24 October 2023 through 27 October 2023 (pp. 23-29). IEEE Computer Society
Åpne denne publikasjonen i ny fane eller vindu >>Simulation-based Evaluation of a Remotely Operated Road Vehicle under Transmission Delays and Denial-of-Service Attacks
Vise andre…
2023 (engelsk)Inngår i: Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC, IEEE Computer Society , 2023, s. 23-29Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

A remotely operated road vehicle (RORV) refers to a vehicle operated wirelessly from a remote location. In this paper, we report results from an evaluation of two safety mechanisms: safe braking and disconnection. These safety mechanisms are included in the control software for RORV developed by Roboauto, an intelligent mobility solutions provider. The safety mechanisms monitor the communication system to detect packet transmission delays, lost messages, and outages caused by naturally occurring interference as well as denial-of-service (DoS) attacks. When the delay in the communication channel exceeds certain threshold values, the safety mechanisms are to initiate control actions to reduce the vehicle speed or stop the affected vehicle safely as soon as possible. To evaluate the effectiveness of the safety mechanisms, we exposed the vehicle control software to various communication failures using a software-in-the-loop (SIL) testing environment developed specifically for this study. Our results show that the safety mechanisms behaved correctly for a vast majority of the simulated communication failures. However, in a few cases, we noted that the safety mechanisms were triggered incorrectly, either too early or too late, according to the system specification. 

sted, utgiver, år, opplag, sider
IEEE Computer Society, 2023
Emneord
Control system synthesis; Denial-of-service attack; Failure (mechanical); Remote control; Safety engineering; Software testing; Vehicle to vehicle communications; Vehicle transmissions; Communication failure; Control software; Denialof- service attacks; Remote location; Remotely operated road vehicle; Road vehicles; Safety mechanisms; Software in the loops; Software-in-the-loop testing; Transmission delays; Specifications
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-70583 (URN)10.1109/PRDC59308.2023.00012 (DOI)2-s2.0-85182390657 (Scopus ID)
Konferanse
28th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2023. Singapore. 24 October 2023 through 27 October 2023
Merknad

This work was supported by VALU3S project, which hasreceived funding from the ECSEL Joint Undertaking (JU)under grant agreement No 876852. We also would like toexpress our sincere gratitude to Stepan Kar ´ asek and Beata Davidova from Roboauto, who provided us with invaluable ´support to test their system in the simulation environment.

Tilgjengelig fra: 2024-01-22 Laget: 2024-01-22 Sist oppdatert: 2024-01-22bibliografisk kontrollert
Malik, M., Aramrattana, M., Maleki, M., Folkesson, P., Sangchoolie, B. & Karlsson, J. (2023). Simulation-based Evaluation of a Remotely Operated Road Vehicle under Transmission Delays and Denial-of-Service Attacks. In: 28th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2023): . Paper presented at Pacific Rim International Symposium on Dependable Computing. IEEE conference proceedings
Åpne denne publikasjonen i ny fane eller vindu >>Simulation-based Evaluation of a Remotely Operated Road Vehicle under Transmission Delays and Denial-of-Service Attacks
Vise andre…
2023 (engelsk)Inngår i: 28th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2023), IEEE conference proceedings, 2023Konferansepaper, Publicerat paper (Annet vitenskapelig)
Abstract [en]

A remotely operated road vehicle (RORV) refers to a vehicle operated wirelessly from a remote location. In this paper, we report results from an evaluation of two safety mechanisms: safe braking and disconnection. These safety mechanisms are included in the control software for RORV developed by Roboauto, an intelligent mobility solutions provider. The safety mechanisms monitor the communication system to detect packet transmission delays, lost messages, and outages caused by naturally occurring interference as well as denial-of-service (DoS) attacks. When the delay in the communication channel exceeds certain threshold values, the safety mechanisms are to initiate control actions to reduce the vehicle speed or stop the affected vehicle safely as soon as possible. To evaluate the effectiveness of the safety mechanisms, we exposed the vehicle control software to various communication failures using a software-in-the-loop (SIL) testing environment developed specifically for this study. Our results show that the safety mechanisms behaved correctly for a vast majority of the simulated communication failures. However, in a few cases, we noted that the safety mechanisms were triggered incorrectly, either too early or too late, according to the system specification.

sted, utgiver, år, opplag, sider
IEEE conference proceedings, 2023
Emneord
remotely operated road vehicle (RORV), communication failures, denial-of-service (DoS) attacks, safety mechanisms, software-in-the-loop (SIL) testing
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-67577 (URN)
Konferanse
Pacific Rim International Symposium on Dependable Computing
Tilgjengelig fra: 2023-10-31 Laget: 2023-10-31 Sist oppdatert: 2024-02-06bibliografisk kontrollert
Kleberger, P., Folkesson, P. & Sangchoolie, B. (2022). An Integrated Safety and Cybersecurity Resilience Framework for the Automotive Domain. In: : . Paper presented at 7th International Workshop on Critical Automotive Applications: Robustness & Safety. HAL
Åpne denne publikasjonen i ny fane eller vindu >>An Integrated Safety and Cybersecurity Resilience Framework for the Automotive Domain
2022 (engelsk)Konferansepaper, Publicerat paper (Annet vitenskapelig)
Abstract [en]

As vehicles become more and more connected with their surroundings and utilize an increasing number of services, they also become more exposed to threats as the attack surface increases. With increasing attack surfaces and continuing challenges of eliminating vulnerabilities, vehicles need to be designed to work even under malicious activities, i.e., under attacks. In this paper, we present a resilience framework that integrates analysis of safety and cybersecurity mechanisms. We also integrate resilience for safety and cybersecurity into the fault – error – failure chain. The framework is useful for analyzing the propagation of faults and attacks between different system layers. This facilitates identification of adequate resilience mechanisms at different system layers as well as deriving suitable test cases for verification and validation of system resilience using fault and attack injection.

sted, utgiver, år, opplag, sider
HAL, 2022
Emneord
utomotive, cybersecurity, safety, resilience, framework
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-59793 (URN)
Konferanse
7th International Workshop on Critical Automotive Applications: Robustness & Safety
Tilgjengelig fra: 2022-07-11 Laget: 2022-07-11 Sist oppdatert: 2023-06-07bibliografisk kontrollert
Thorsén, A., Sangchoolie, B., Folkesson, P. & Strandberg, T. (2022). Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids. In: : . Paper presented at CSG 2022: 16. International Conference on Smart Grids January 28-29, 2022 in Dubai, United Arab Emirates.
Åpne denne publikasjonen i ny fane eller vindu >>Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids
2022 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

As more parts of the power grid become connected to the internet, the risk of cyberattacks increases. To identify the cybersecurity threats and subsequently reduce vulnerabilities, the common practice is to carry out a cybersecurity risk assessment. For safety classified systems and products, there is also a need for safety risk assessments in addition to the cybersecurity risk assessment in order to identify and reduce safety risks. These two risk assessments are usually done separately, but since cybersecurity and functional safety are often related, a more comprehensive method covering both aspects is needed. Some work addressing this has been done for specific domains like the automotive domain, but more general methods suitable for, e.g., Intelligent Distributed Grids, are still missing. One such method from the automotive domain is the Security-Aware Hazard Analysis and Risk Assessment (SAHARA) method that combines safety and cybersecurity risk assessments. This paper presents an approach where the SAHARA method has been modified in order to be more suitable for larger distributed systems. The adapted SAHARA method has a more general risk assessment approach than the original SAHARA. The proposed method has been successfully applied on two use cases of an intelligent distributed grid.

Emneord
Intelligent Distribution Grids, threat analysis, risk assessment, safety, cybersecurity
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-57520 (URN)
Konferanse
CSG 2022: 16. International Conference on Smart Grids January 28-29, 2022 in Dubai, United Arab Emirates
Tilgjengelig fra: 2022-01-03 Laget: 2022-01-03 Sist oppdatert: 2024-05-21bibliografisk kontrollert
Thorsén, A., Sangchoolie, B., Folkesson, P. & Strandberg, T. (2022). Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids. World Academy of Science, Engineering and Technology International Journal of Energy and Power Engineering, 16(5), 69-76
Åpne denne publikasjonen i ny fane eller vindu >>Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids
2022 (engelsk)Inngår i: World Academy of Science, Engineering and Technology International Journal of Energy and Power Engineering, Vol. 16, nr 5, s. 69-76Artikkel i tidsskrift (Annet vitenskapelig) Published
Abstract [en]

As more parts of the power grid become connected to the internet, the risk of cyberattacks increases. To identify the cybersecurity threats and subsequently reduce vulnerabilities, the common practice is to carry out a cybersecurity risk assessment. For safety classified systems and products, there is also a need for safety risk assessments in addition to the cybersecurity risk assessment to identify and reduce safety risks. These two risk assessments are usually done separately, but since cybersecurity and functional safety are often related, a more comprehensive method covering both aspects is needed. Some work addressing this has been done for specific domains like the automotive domain, but more general methods suitable for, e.g., Intelligent Distributed Grids, are still missing. One such method from the automotive domain is the Security-Aware Hazard Analysis and Risk Assessment (SAHARA) method that combines safety and cybersecurity risk assessments. This paper presents an approach where the SAHARA method has been modified to be more suitable for larger distributed systems. The adapted SAHARA method has a more general risk assessment approach than the original SAHARA. The proposed method has been successfully applied on two use cases of an intelligent distributed grid.

Emneord
Intelligent distribution grids, threat analysis, risk assessment, safety, cybersecurity.
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-59289 (URN)
Tilgjengelig fra: 2022-05-25 Laget: 2022-05-25 Sist oppdatert: 2024-05-21bibliografisk kontrollert
Malik, M., Maleki, M., Folkesson, P., Sangchoolie, B. & Karlsson, J. (2022). ComFASE: A Tool for Evaluating the Effects of V2V Communication Faults and Attacks on Automated Vehicles. In: 52nd annual IEEE/IFIP international conference on dependable systems and networks (DSN2022): . Paper presented at 52nd annual IEEE/IFIP international conference on dependable systems and networks (DSN2022). Jun 27, 2022 - Jun 30, 2022. Baltimore, Maryland, USA.
Åpne denne publikasjonen i ny fane eller vindu >>ComFASE: A Tool for Evaluating the Effects of V2V Communication Faults and Attacks on Automated Vehicles
Vise andre…
2022 (engelsk)Inngår i: 52nd annual IEEE/IFIP international conference on dependable systems and networks (DSN2022), 2022Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

This paper presents ComFASE, a communication fault and attack simulation engine. ComFASE is used to identify and evaluate potentially dangerous behaviours of interconnected automated vehicles in the presence of faults and attacks in wireless vehicular networks. ComFASE is built on top of OMNET++ (a network simulator) and integrates SUMO (a traffic simulator) and Veins (a vehicular network simulator). The tool is flexible in modelling different types of faults and attacks and can be effectively used to study the interplay between safety and cybersecurity attributes by injecting cybersecurity attacks and evaluating their safety implications. To demonstrate the tool, we present results from a series of simulation experiments, where we injected delay and denial-of-service attacks on wireless messages exchanged between vehicles in a platooning application. The results show how different variants of attacks influence the platooning system in terms of collision incidents.

Emneord
attack injection, fault injection, simulation-based system, V2V communication, platooning, cybersecurity attack
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-59789 (URN)
Konferanse
52nd annual IEEE/IFIP international conference on dependable systems and networks (DSN2022). Jun 27, 2022 - Jun 30, 2022. Baltimore, Maryland, USA
Prosjekter
VALU3S
Tilgjengelig fra: 2022-07-11 Laget: 2022-07-11 Sist oppdatert: 2023-06-05bibliografisk kontrollert
Ferrari, E., Schlick, R., De la Vara, J. L., Folkesson, P. & Sangchoolie, B. (2022). Criteria for the Analysis of Gaps and Limitations of V&V Methods for Safety- and Security-Critical Systems. In: : . Paper presented at 17th International Workshop on Dependable Embedded Cyber-Physical Systems and Systems-of-Systems. Munich, Germany. 6-9 September 2022. Springer Berlin/Heidelberg
Åpne denne publikasjonen i ny fane eller vindu >>Criteria for the Analysis of Gaps and Limitations of V&V Methods for Safety- and Security-Critical Systems
Vise andre…
2022 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

As society increasingly relies on safety- and security- critical systems, the need for confirming their dependability becomes essential. Adequate V&V (verification and validation) methods must be employed, e.g., for system testing. When selecting and using the methods, it is important to analyze their possible gaps and limitations, such as scalability issues. However, and as we have experienced, common, explicitly defined criteria are seldom used for such analyses. This results in analyses that consider different aspects and to a different extent, hindering their comparison and thus the comparison of the V&V methods. As a solution, we present a set of criteria for the analysis of gaps and limitations of V&V methods for safety- and security-critical systems. The criteria have been identified in the scope of the VALU3S project. Sixty-two people from 33 organizations agreed upon the use of nine criteria: functionality, accuracy, scalability, deployment, learning curve, automation, reference environment, cost, and standards. Their use led to more homogeneous and more detailed analyses when compared to similar previous efforts. We argue that the proposed criteria can be helpful to others when having to deal with similar activities.

sted, utgiver, år, opplag, sider
Springer Berlin/Heidelberg, 2022
Emneord
Verification & Validation, V&V method, Gaps, Limitations, Analysis criteria, Safety-critical systems, Security-critical systems
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-59792 (URN)
Konferanse
17th International Workshop on Dependable Embedded Cyber-Physical Systems and Systems-of-Systems. Munich, Germany. 6-9 September 2022
Prosjekter
VALU3S
Tilgjengelig fra: 2022-07-11 Laget: 2022-07-11 Sist oppdatert: 2023-06-05bibliografisk kontrollert
Maleki, M., Malik, M., Folkesson, P., Sangchoolie, B. & Karlsson, J. (2022). Modeling and Evaluating the Effects of Jamming Attacks on Connected Automated Road Vehicles. In: : . Paper presented at 27th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2022) November 28-December 1, 2022, Beijing, China (pp. 12).
Åpne denne publikasjonen i ny fane eller vindu >>Modeling and Evaluating the Effects of Jamming Attacks on Connected Automated Road Vehicles
Vise andre…
2022 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

In this work, we evaluate the safety of a platoon offour vehicles under jamming attacks. The platooning applicationis provided by Plexe-veins, which is a cooperative drivingframework, and the vehicles in the platoon are equipped withcooperative adaptive cruise control controllers to represent thevehicles’ behavior. The jamming attacks investigated are modeledby extending ComFASE (a Communication Fault and AttackSimulation Engine) and represent three real-world attacks,namely, destructive interference, barrage jamming, and deceptivejamming. The attacks are injected in the physical layer of theIEEE 802.11p communication protocol simulated in Veins (avehicular network simulator). To evaluate the safety implicationsof the injected attacks, the experimental results are classifiedby using the deceleration profiles and collision incidents of thevehicles. The results of our experiments show that jammingattacks on the communication can jeopardize vehicle safety,causing emergency braking and collision incidents. Moreover,we describe the impact of different attack injection parameters(such as, attack start time, attack duration and attack value) onthe behavior of the vehicles subjected to the attacks.

Emneord
attack injection, jamming, V2V communication, platooning, simulation-based system
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-61312 (URN)
Konferanse
27th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2022) November 28-December 1, 2022, Beijing, China
Prosjekter
VALU3S
Merknad

This work was supported by VALU3S project, which has received funding from the ECSEL Joint Undertaking (JU) under grant agreement No 876852. The JU receives support from the European Union’s Horizon 2020 research and innovation programme and Austria, Czech Republic, Germany, Ireland, Italy, Portugal, Spain, Sweden, Turkey

Tilgjengelig fra: 2022-12-02 Laget: 2022-12-02 Sist oppdatert: 2023-06-05bibliografisk kontrollert
Folkesson, P., Sangchoolie, B., Kleberger, P. & Nowdehi, N. (2022). On the Evaluation of Three Pre-Injection Analysis Techniques for Model-Implemented Fault- and Attack Injection. In: IEEE 27th Pacific Rim International Symposium on Dependable Computing (PRDC 2022): . Paper presented at PRDC 2022 (pp. 130-140).
Åpne denne publikasjonen i ny fane eller vindu >>On the Evaluation of Three Pre-Injection Analysis Techniques for Model-Implemented Fault- and Attack Injection
2022 (engelsk)Inngår i: IEEE 27th Pacific Rim International Symposium on Dependable Computing (PRDC 2022), 2022, s. 130-140Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Fault- and attack injection are techniques used to measure dependability attributes of computer systems. An important property of such injectors is their efficiency that deals with the time and effort needed to explore the target system’s fault- or attack space. As this space is generally very large, techniques such as pre-injection analyses are used to effectively explore the space. In this paper, we study two such techniques that have been proposed in the past, namely inject-on-read and inject-on-write. Moreover, we propose a new technique called error space pruning of signals and evaluate its efficiency in reducing the space needed to be explored by fault and attack injection experiments. We implemented and integrated these techniques into MODIFI, a model-implemented fault and attack injector, which has been effectively used in the past to evaluate Simulink models in the presence of faults and attacks. To the best of our knowledge, we are the first to integrate these pre-injection analysis techniques into an injector that injects faults and attacks into Simulink models.The results of our evaluation on 11 vehicular Simulink models show that the error space pruning of signals reduce the attack space by about 30–43%, hence allowing the attack space to be exploited by fewer number of attack injection experiments. Using MODIFI, we then performed attack injection experiments on two of these vehicular Simulink models, a comfort control model and a brake-by-wire model, while elaborating on the results obtained

Emneord
fault injection, attack injection, cybersecurity testing, pre-injection analysis
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-61310 (URN)10.1109/PRDC55274.2022.00027 (DOI)978-1-6654-8555-5 (ISBN)
Konferanse
PRDC 2022
Tilgjengelig fra: 2022-12-02 Laget: 2022-12-02 Sist oppdatert: 2023-06-07bibliografisk kontrollert
Organisasjoner
Identifikatorer
ORCID-id: ORCID iD iconorcid.org/0000-0001-5224-9412
v. 2.45.0