Change search
Refine search result
123 1 - 50 of 108
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Abdelraheem, Mohammed Ahmed
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Lindström, Malin
    Blekinge Institute of Technology, Sweden.
    Nordahl, Christian
    Blekinge Institute of Technology, Sweden.
    Executing Boolean Queries on an Encrypted Bitmap Index2016In: CCSW 2016: Proceedings of the 2016 ACM on Cloud Computing Security Workshop, 2016, p. 11-22Conference paper (Refereed)
    Abstract [en]

    We propose a simple and efficient searchable symmetric encryption scheme based on a Bitmap index that evaluates Boolean queries. Our scheme provides a practical solution in settings where communications and computations are very constrained as it offers a suitable trade-off between privacy and performance.

  • 2.
    Aslam, Mudassar
    et al.
    RISE, Swedish ICT, SICS.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Deploying Virtual Machines on Shared Platforms2011Report (Other academic)
    Abstract [en]

    In this report, we describe mechanisms for secure deployment of virtual machines on shared platforms looking into a telecommunication cloud use case, which is also presented in this report. The architecture we present focuses on the security requirements of the major stakeholders’ part of the scenario we present. This report comprehensively covers all major security aspects including different security mechanisms and protocols, leveraging existing standards and state-of-the art wherever applicable. In particular, our architecture uses TCG technologies for trust establishment in the deployment of operator virtual machines on shared resource platforms. We also propose a novel procedure for securely launching and cryptographically binding a virtual machine to a target platform thereby protecting the operator virtual machine and its related credentials.

    Download full text (pdf)
    FULLTEXT01
  • 3.
    Aslam, Mudassar
    et al.
    RISE, Swedish ICT, SICS.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Security Considerations for Virtual Platform Provisioning2011Conference paper (Refereed)
    Abstract [en]

    The concept of virtualization is not new but leveraging virtualization in different modes and at different layers has revolutionized its usage scenarios. Virtualization can be applied at application layer to create sandbox environment, operating system layer to virtualize shared system resources (e.g. memory, CPU), at platform level or in any other useful possible hybrid scheme. When virtualization is applied at platform level, the resulting virtualized platform can run multiple virtual machines as if they were physically separated real machines. Provisioning virtualized platforms in this way is often also referred to as Infrastructure-as-a-Service or Platform-as-a-Service when full hosting and application support is also offered. Different business models, like datacenters or telecommunication providers and operators, can get business benefits by using platform virtualization due to the possibility of increased resource utilization and reduced upfront infrastructure setup expenditures. This opportunity comes together with new security issues. An organization that runs services in form of virtual machine images on an offered platform needs security guarantees. In short, it wants evidence that the platforms it utilizes are trustworthy and that sensitive information is protected. Even if this sounds natural and straight forward, few attempts have been made to analyze in details what these expectations means from a security technology perspective in a realistic deployment scenario. In this paper we present a telecommunication virtualized platform provisioning scenario with two major stakeholders, the operator who utilizes virtualized telecommunication platform resources and the service provider, who offers such resources to operators. We make threats analysis for this scenario and derive major security requirements from the different stakeholders’ perspectives. Through investigating a particular virtual machine provisioning use case, we take the first steps towards a better understanding of the major security obstacles with respect to platform service offerings. The last couple of years we have seen increased activities around security for clouds regarding different usage and business models. We contribute to this important area through a thorough security analysis of a concrete deployment scenario. Finally, we use the security requirements derived through the analysis to make a comparison with contemporary related research and to identify future research challenges in the area.

  • 4.
    Aslam, Mudassar
    et al.
    RISE, Swedish ICT, SICS.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    TCG based approach for secure management of virtualized platforms: state-of-the-art2010Report (Other academic)
    Abstract [en]

    There is a strong trend shift in the favor of adopting virtualization to get business benefits. The provisioning of virtualized enterprise resources is one kind of many possible scenarios. Where virtualization promises clear advantages it also poses new security challenges which need to be addressed to gain stakeholders confidence in the dynamics of new environment. One important facet of these challenges is establishing 'Trust' which is a basic primitive for any viable business model. The Trusted computing group (TCG) offers technologies and mechanisms required to establish this trust in the target platforms. Moreover, TCG technologies enable protecting of sensitive data in rest and transit. This report explores the applicability of relevant TCG concepts to virtualize enterprise resources securely for provisioning, establish trust in the target platforms and securely manage these virtualized Trusted Platforms.

    Download full text (pdf)
    FULLTEXT01
  • 5.
    Aslam, Mudassar
    et al.
    RISE, Swedish ICT, SICS. Mälardalen University, Sweden; COMSATS Institute of Information Technology, Pakistan.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Björkman, Mats
    Mälardalen University, Sweden.
    ASArP: Automated Security Assessment & Audit of Remote Platforms using TCG-SCAP synergies2015In: Journal of Information Security and Applications, ISSN 2214-2134, E-ISSN 2214-2126, Vol. 22, p. 28-39Article in journal (Refereed)
    Abstract [en]

    Many enterprise solutions today are built upon complex distributed systems which are accessible to the users globally. Due to this global access, the security of the host platforms becomes critical. The platform administrators use security automation techniques such as those provided by Security Content Automation Protocol (SCAP) standards to protect the systems from the vulnerabilities that are reported daily; furthermore, they are responsible for keeping their systems compliant to the relevant security recommendations (governmental or industrial). Additionally, third party audit and certification processes are used to increase user trust in enterprise solutions. However, traditional audit and certification mechanisms are not continuous , that is, not frequent enough to deal with the daily reported vulnerabilities, and for that matter even auditors expect platform administrators to keep the systems updated. As a result, the end user is also forced to trust the platform administrators about the latest state of the platform. In this paper we develop an automated security audit and certification system (ASArP)(ASArP) which can be used by platform users or by third party auditors. We use security automation techniques for continuous monitoring of the platform security posture and make the results trustworthy by using trusted computing (TCG) techniques. The prototype development of ASArPASArP validates the implementation feasibility; it also provides performance benchmarks which show that the ASArPASArP based audit and certification can be done much more frequently (e.g. daily or weekly). The feasibility of ASArPASArP based continuous audits is significantly better than traditional platform audits which are dependent on the physical presence of the auditors, thus making frequent audits much more expensive and operationally infeasible.

  • 6.
    Aslam, Mudassar
    et al.
    RISE, Swedish ICT, SICS.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Björkman, Mats
    Mälardalen University, Sweden.
    Continuous Security Evaluation and Auditing of Remote Platforms by Combining Trusted Computing and Security Automation Techniques2013Conference paper (Refereed)
    Abstract [en]

    In new distributed systems paradigms like cloud computing, the security of the host platforms is very critical. The platform administrators use security automation techniques to ensure that the outsourced platforms are set up correctly and follow the security recommendations. However, the remote platform users still have to trust the platform owner. The third party security audits, used to shift the required user trust from the platform owner to a trusted entity, are scheduled and are not very frequent to deal with the daily reported vulnerabilities. In this paper we propose a continuous remote platform evaluation mechanism to be used by the remote entity to increase the platform user trust. We analyze the existing SCAP and trusted computing (TCG) standards for our solution, identify their shortcomings, and suggest ways to integrate them. Our proposed platform security evaluation framework uses the TCG-SCAP synergy to address the limitations of each technology when used separately.

  • 7.
    Aslam, Mudassar
    et al.
    RISE, Swedish ICT, SICS.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Björkman, Mats
    Security and Trust Preserving VM Migrations in Public Clouds2012Conference paper (Refereed)
    Abstract [en]

    In this paper we consider the security and trust implications of virtual machine (VM) migration from one cloud platform to the other in an Infrastructure-as-a-Service (IaaS) cloud service model. We show how to extend and complement previous Trusted Computing techniques for secure VM launch to also cover the VM migration case. In particular, we propose a Trust_Token based VM migration protocol which guarantees that the user VM can only be migrated to a trustworthy cloud platform. Different from previous schemes, our solution is not dependent on an active (on-line) trusted third party. We show how our proposed mechanisms fulfill major security and trust requirements for secure VM migration in cloud environments.

  • 8.
    Aslam, Mudassar
    et al.
    RISE, Swedish ICT, SICS.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Björkman, Mats
    Securely Launching Virtual Machines on Trustworthy Platforms in a Public Cloud2012Conference paper (Refereed)
    Abstract [en]

    In this paper we consider the Infrastructure-as-a-Service (IaaS) cloud model which allows cloud users to run their own virtual machines (VMs) on available cloud computing resources. IaaS gives enterprises the possibility to outsource their process workloads with minimal effort and expense. However, one major problem with existing approaches of cloud leasing, is that the users can only get contractual guarantees regarding the integrity of the offered platforms. The fact that the IaaS user himself or herself cannot verify the provider promised cloud platform integrity, is a security risk which threatens to prevent the IaaS business in general. In this paper we address this issue and propose a novel secure VM launch protocol using Trusted Computing techniques. This protocol allows the cloud IaaS users to securely bind the VM to a trusted computer configuration such that the clear text VM only will run on a platform that has been booted into a trustworthy state. This capability builds user confidence and can serve as an important enabler for creating trust in public clouds. We evaluate the feasibility of our proposed protocol via a full scale system implementation and perform a system security analysis.

    Download full text (pdf)
    FULLTEXT01
  • 9. Bagci, Ibrahim Ethem
    et al.
    Pourmirza, Mohammad Reza
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Roedig, Utz
    Voigt, Thiemo
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Codo: Confidential Data Storage for Wireless Sensor Networkss2012Conference paper (Refereed)
    Abstract [en]

    Many Wireless Sensor Networks (WSNs) are used to collect and process confidential information. Confidentiality must be ensured at all times and, for example, solutions for confidential communication, processing or storage are required. To date, the research community has addressed mainly the issue of confidential communication. Efficient solutions for cryptographically secured communication and associated key exchange in WSNs exist. Many WSN applications, however, rely heavily on available on-node storage space and therefore it is essential to ensure the confidentiality of stored data as well. In this paper we present Codo, a confidential data storage solution which balances platform, performance and security requirements. We implement Codo for the Contiki WSN operating system and evaluate its performance.

  • 10.
    Bagci, Ibrahim Ethem
    et al.
    Lancaster University, United Kingdom.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Chung, Tony
    Lancaster University, United Kingdom.
    Roedig, Utz
    Lancaster University, United Kingdom.
    Voigt, Thiemo
    RISE, Swedish ICT, SICS, Computer Systems Laboratory. Uppsala University, Sweden.
    Combined Secure Storage and Communication for the Internet of Things2013Conference paper (Refereed)
    Abstract [en]

    The future Internet of Things (IoT) may be based on the existing and established Internet Protocol (IP). Many IoT application scenarios will handle sensitive data. However, as security requirements for storage and communication are addressed separately, work such as key management or cryp-tographic processing is duplicated. In this paper we present a framework that allows us to combine secure storage and secure communication in the IP-based IoT. We show how data can be stored securely such that it can be delivered securely upon request without further cryptographic processing. Our prototype implementation shows that combined secure storage and communication can reduce the security-related processing on nodes by up to 71% and energy consumption by up to 32.1%.

  • 11.
    Bagci, Ibrahim Ethem
    et al.
    Lancaster University, UK.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Roedig, Utz
    Lancaster University, UK.
    Voigt, Thiemo
    RISE, Swedish ICT, SICS, Computer Systems Laboratory. Uppsala University, Sweden.
    Fusion: Coalesced Confidential Storage and Communication Framework for the IoT2015In: Security and Communication Networks, ISSN 1939-0114, E-ISSN 1939-0122, Vol. 9, no 15, p. 2656-2673Article in journal (Refereed)
    Abstract [en]

    Comprehensive security mechanisms are required for a successful implementation of the Internet of Things (IoT). Existing solutions focus mainly on securing the communication links between Internet hosts and IoT devices. However, as most IoT devices nowadays provide vast amounts of flash storage space it is as well required to consider storage security within a comprehensive security framework. Instead of developing independent security solutions for storage and communication we propose Fusion, a framework which provides coalesced confidential storage and communication. Fusion uses existing secure communication protocols for the IoT such as IPsec and DTLS and re-uses the defined communication security mechanisms within the storage component. Thus, trusted mechanisms developed for communication security are extended into the storage space. Notably, this mechanism allows us to transmit requested data directly from the file system without decrypting read data blocks and then re-encrypting these for transmission. Thus, Fusion provides benefits in terms of processing speed and energy efficiency which are important aspects for resource constrained IoT devices. The paper describes the Fusion architecture and its instantiation for IPsec and DTLS based systems. We describe Fusion’s implementation and evaluate its storage overheads, communication performance and energy consumption

  • 12.
    Baumann, Christoph
    et al.
    KTH Royal Institute of Technology, Sweden.
    Näslund, Mats
    Ericsson Research, Sweden.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Schwarz, Oliver
    RISE, Swedish ICT, SICS, Security Lab.
    Thorsen, Hans
    T2 Data AB, Sweden.
    A High Assurance Virtualization Platform for ARMv82016In: 2016 European Conference on Networks and Communications (EuCNC), 2016, 9, p. 210-214, article id 7561034Conference paper (Refereed)
    Abstract [en]

    This paper presents the first results from the ongoing research project HASPOC, developing a high assurance virtualization platform for the ARMv8 CPU architecture. Formal verification at machine code level guarantees information isolation between different guest systems (e.g.~OSs) running on the platform. To use the platform in networking scenarios, we allow guest systems to securely communicate with each other via platform-provided communication channels and to take exclusive control of peripherals for communication with the outside world. The isolation is shown to be formally equivalent to that of guests executing on physically separate platforms with dedicated communication channels crossing the air-gap. Common Criteria (CC) assurance methodology is applied by preparing the CC documentation required for an EAL6 evaluation of products using the platform. Besides the hypervisor, a secure boot component is included and verified to ensure system integrity.

    Download full text (pdf)
    fulltext
  • 13.
    Bjarnason, Elizabeth
    et al.
    Lund University, Sweden.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab.
    Aligning Requirements and Testing - Working Together Toward the Same Goal2017In: IEEE Software, ISSN 0740-7459, E-ISSN 1937-4194, Vol. 34, no 1, p. 20-23, article id 7819382Article in journal (Other academic)
    Abstract [en]

    The proper alignment of requirements engineering and testing (RET) can be key to software's success. Three practices can provide effective RET alignment: using test cases as requirements, harvesting trace links, and reducing distances between requirements engineers and testers. The Web extra https://youtu.be/M65ZKxfxqME is an audio podcast of author Elizabeth Bjarnason reading the the Requirements column she cowrote with Markus Borg.

    Download full text (pdf)
    fulltext
  • 14.
    Bjarnason, Elizabeth
    et al.
    Lund University, Sweden.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab. Lund University, Sweden.
    Lindvall, Bertil
    Lund University, Sweden.
    Supervising for Independence – A Case Study of Master Science Projects in Higher Education2015In: LU:s femte högskolepedagogiska utvecklingskonferens, 2015, 12Conference paper (Refereed)
    Abstract [en]

    Students completing a Swedish Master's degree in engineering should have knowledge and skills to independently solve engineering issues. This autonomy should be developed and demonstrated within the M.Sc. project course. But, how can supervisors encourage independence? We have explored this in a case study through semi-structured interviews with students, supervisors and examiners of two M.Sc. projects. We investigated their view of independence, and how supervision correlates to independence. The results identify areas relevant to independence, namely supervision roles and relationships, student characteristics, M.Sc. process, and view on independence. The results confirm previous findings that students' knowledge of and motivation for the topic support independence. The supervisor's role is to guide and support through frequent peer-level discussions and to act as a discussion partner, while the student should have the main responsibility for the project. We conclude that it is important for supervisors to encourage students to take ownership of their M.Sc. projects and to design their own solutions, while providing the overall process and timelines.

    Download full text (pdf)
    FULLTEXT01
  • 15. Bjarnason, Elizabeth
    et al.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab.
    Lindvall, Bertil
    Supervising Towards Independence2016Other (Other academic)
    Abstract [en]

    Supervising a student can be compared to teaching someone to drive a car. The student is in the driver's seat while the supervisor provides structure and guidance, and can intervene in risky and unsafe situations. It is a learning process in which the student gradually gains experience and sufficient skill to obtain a driving license, and to drive without an instructor. Similarly, a student attending the MSc project course at the technical faculty of Lund University is to "develop and demonstrate knowledge and ability required to autonomously work as an engineer" (from MSc course plan). But what factors affect a MSc project, and how can we as supervisors support students in their learning process towards independence? We performed a case study of two completed MSc projects where we interviewed the student, the supervisor and the examiner for each case. In this article we present the main conclusions drawn from the cross-case analysis of this study. Details on the studied cases and the results on which these conclusions are based can be found in our previous publication of this study.

  • 16.
    Bjarnason, Elizabeth
    et al.
    Lund University, Sweden.
    Unterkalmsteiner, Michael
    Blekinge Institute of Technology, Sweden.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab.
    Engström, Emelie
    Lund University, Sweden.
    A Multi-Case Study of Agile Requirements Engineering and the Use of Test Cases as Requirements2016In: Information and Software Technology, ISSN 0950-5849, E-ISSN 1873-6025, Vol. 77, p. 61-79Article in journal (Refereed)
    Abstract [en]

    [Context] It is an enigma that agile projects can succeed "without requirements" when weak requirements engineering is a known cause for project failures. While agile development projects often manage well without extensive requirements test cases are commonly viewed as requirements and detailed requirements are documented as test cases. [Objective] We have investigated this agile practice of using test cases as requirements to understand how test cases can support the main requirements activities, and how this practice varies. [Method] We performed an iterative case study at three companies and collected data through 14 interviews and 2 focus groups. [Results] The use of test cases as requirements poses both benefits and challenges when eliciting, validating, verifying, and managing requirements, and when used as a documented agreement. We have identified five variants of the test-cases-as-requirements practice, namely de facto, behaviour-driven, story-test driven, stand-alone strict and stand-alone manual for which the application of the practice varies concerning the time frame of requirements documentation, the requirements format, the extent to which the test cases are a machine executable specification and the use of tools which provide specific support for the practice of using test cases as requirements. [Conclusions] The findings provide empirical insight into how agile development projects manage and communicate requirements. The identified variants of the practice of using test cases as requirements can be used to perform in-depth investigations into agile requirements engineering. Practitioners can use the provided recommendations as a guide in designing and improving their agile requirements practices based on project characteristics such as number of stakeholders and rate of change.

    Download full text (pdf)
    FULLTEXT01
  • 17.
    Blom, Rolf
    et al.
    RISE, Swedish ICT, SICS.
    Schwarz, Oliver
    RISE, Swedish ICT, SICS, Security Lab.
    High Assurance Security Products on COTS Platforms2015In: ERCIM News, ISSN 0926-4981, E-ISSN 1564-0094, no 102, p. 39-40Article in journal (Refereed)
    Abstract [en]

    With commodity operating systems failing to establish unbreakable isolation of processes, there is a need for stronger separation mechanisms. A recently launched open source project aims at applying virtualization to achieve such isolation on the widespread embedded ARM architectures. Strong assurance is established by formal verification and common criteria certification. Coexisting guest systems are able to run unmodified on the multicore platform, in a resource and cost efficient manner. The solution is rounded anchored in a secure boot process.

    Download full text (pdf)
    fulltext
  • 18.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab. Lund University, Sweden.
    TuneR: A Framework for Tuning Software Engineering Tools with Hands-on Instructions in R2016In: Journal of Software: Evolution and Process, ISSN 2047-7473, E-ISSN 2047-7481, Vol. 28, no 6, p. 427-459Article in journal (Refereed)
    Abstract [en]

    Numerous tools automating various aspects of software engineering have been developed, and many of the tools are highly configurable through parameters. Understanding the parameters of advanced tools often requires deep understanding of complex algorithms. Unfortunately, suboptimal parameter settings limit the performance of tools and hinder industrial adaptation, but still few studies address the challenge of tuning software engineering tools. We present TuneR, an experiment framework that supports finding feasible parameter settings using empirical methods. The framework is accompanied by practical guidelines of how to use R to analyze the experimental outcome. As a proof-of-concept, we apply TuneR to tune ImpRec, a recommendation system for change impact analysis in a software system that has evolved for more than two decades. Compared with the output from the default setting, we report a 20.9% improvement in the response variable reflecting recommendation accuracy. Moreover, TuneR reveals insights into the interaction among parameters, as well as nonlinear effects. TuneR is easy to use, thus the framework has potential to support tuning of software engineering tools in both academia and industry.

    Download full text (pdf)
    FULLTEXT01
  • 19.
    Borg, Markus
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Alégroth, Emil
    Blekinge Institute of Technology, Sweden.
    Runeson, Per
    Lund University, Sweden.
    Software Engineers' Information Seeking Behavior in Change Impact Analysis: An Interview Study2017In: ICPC '17 Proceedings of the 25th International Conference on Program Comprehension, IEEE Press, 2017, p. 12-22Conference paper (Refereed)
    Abstract [en]

    Software engineers working in large projects must navigate complex information landscapes. Change Impact Analysis (CIA) is a task that relies on engineers' successful information seeking in databases storing, e.g., source code, requirements, design descriptions, and test case specifications. Several previous approaches to support information seeking are task-specific, thus understanding engineers' seeking behavior in specific tasks is fundamental. We present an industrial case study on how engineers seek information in CIA, with a particular focus on traceability and development artifacts that are not source code. We show that engineers have different information seeking behavior, and that some do not consider traceability particularly useful when conducting CIA. Furthermore, we observe a tendency for engineers to prefer less rigid types of support rather than formal approaches, i.e., engineers value support that allows flexibility in how to practically conduct CIA. Finally, due to diverse information seeking behavior, we argue that future CIA support should embrace individual preferences to identify change impact by empowering several seeking alternatives, including searching, browsing, and tracing.

    Download full text (pdf)
    fulltext
  • 20.
    Borg, Markus
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    de la Vara, José Luis
    Carlos III University of Madrid, Spain.
    Wnuk, Krzysztof
    Blekinge Institute of Technology, Sweden.
    Practitioners' Perspectives on Change Impact Analysis for Safety-Critical Software - A Preliminary Analysis2016In: Computer Safety, Reliability, and Security: SAFECOMP 2016 Workshops / [ed] Amund Skavhaug, Jérémie Guiochet, Erwin Schoitsch, Friedemann Bitsch, 2016, 11, Vol. 9923, p. 346-358Conference paper (Refereed)
    Abstract [en]

    Safety standards prescribe change impact analysis (CIA) during evolution of safety-critical software systems. Although CIA is a fundamental activity, there is a lack of empirical studies about how it is performed in practice. We present a case study on CIA in the context of an evolving automation system, based on 14 interviews in Sweden and India. Our analysis suggests that engineers on average spend 50-100 hours on CIA per year, but the effort varies considerably with the phases of projects. Also, the respondents presented different connotations to CIA and perceived the importance of CIA differently. We report the most pressing CIA challenges, and several ideas on how to support future CIA. However, we show that measuring the effect of such improvement solutions is non-trivial, as CIA is intertwined with other development activities. While this paper only reports preliminary results, our work contributes empirical insights into practical CIA.

    Download full text (pdf)
    FULLTEXT01
  • 21.
    Borg, Markus
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Lennerstad, Iben
    Lund University, Sweden.
    Ros, Rasmus
    Lund University, Sweden.
    Bjarnason, Elizabeth
    Lund University, Sweden.
    On using active learning and self-training when mining performance discussions on stack overflow2017In: EASE'17 Proceedings of the 21st International Conference on Evaluation and Assessment in Software Engineering. ACM International Conference Proceeding Series, 2017, p. 308-313Conference paper (Refereed)
    Abstract [en]

    Abundant data is the key to successful machine learning. However, supervised learning requires annotated data that are often hard to obtain. In a classification task with limited resources, Active Learning (AL) promises to guide annotators to examples that bring the most value for a classifier. AL can be successfully combined with self-training, i.e., extending a training set with the unlabelled examples for which a classifier is the most certain. We report our experiences on using AL in a systematic manner to train an SVM classifier for Stack Overflow posts discussing performance of software components. We show that the training examples deemed as the most valuable to the classifier are also the most difficult for humans to annotate. Despite carefully evolved annotation criteria, we report low inter-rater agreement, but we also propose mitigation strategies. Finally, based on one annotator's work, we show that self-training can improve the classification accuracy. We conclude the paper by discussing implication for future text miners aspiring to use AL and self-training.

  • 22.
    Borg, Markus
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Olsson, Thomas
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Svensson, John
    Boliden, Sweden.
    From LiDAR to Underground Maps via 5G - Business Models Enabling a System-of-Systems Approach to Mapping the Kankberg Mine2017Report (Other academic)
    Abstract [en]

    With ever-increasing productivity targets in mining operations, there is a growing interest in mining automation. The PIMM project addresses the fundamental challenge of network communication by constructing a pilot 5G network in the underground mine Kankberg. In this report, we discuss how such a 5G network could constitute the essential infrastructure to organize existing systems in Kankberg into a system-of-systems (SoS). In this report, we analyze a scenario in which LiDAR equipped vehicles operating in the mine are connected to existing mine mapping and positioning solutions. The approach is motivated by the approaching era of remote controlled, or even autonomous, vehicles in mining operations. The proposed SoS could ensure continuously updated maps of Kankberg, rendered in unprecedented detail, supporting both productivity and safety in the underground mine. We present four different SoS solutions from an organizational point of view, discussing how development and operations of the constituent systems could be distributed among Boliden and external stakeholders, e.g., the vehicle suppliers, the hauling company, and the developers of the mapping software. The four scenarios are compared from both technical and business perspectives, and based on trade-off discussions and SWOT analyses. We conclude our report by recommending continued research along two future paths, namely a closer cooperation with the vehicle suppliers, and further feasibility studies regarding establishing a Kankberg software ecosystem.

    Download full text (pdf)
    fulltext
  • 23.
    Borg, Markus
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Olsson, Thomas
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Svensson, John
    Boliden, Sweden.
    Piggybacking on an Autonomous Hauler: Business Models Enabling a System-of-Systems Approach to Mapping an Underground Mine2017Conference paper (Refereed)
    Abstract [en]

    With ever-increasing productivity targets in mining operations, there is a growing interest in mining automation. In future mines, remote-controlled and autonomous haulers will operate underground guided by LiDAR sensors. We envision reusing LiDAR measurements to maintain accurate mine maps that would contribute to both safety and productivity. Extrapolating from a pilot project on reliable wireless communication in Boliden's Kankberg mine, we propose establishing a system-of-systems (SoS) with LIDAR-equipped haulers and existing mapping solutions as constituent systems. SoS requirements engineering inevitably adds a political layer, as independent actors are stakeholders both on the system and SoS levels. We present four SoS scenarios representing different business models, discussing how development and operations could be distributed among Boliden and external stakeholders, e.g., the vehicle suppliers, the hauling company, and the developers of the mapping software. Based on eight key variation points, we compare the four scenarios from both technical and business perspectives. Finally, we validate our findings in a seminar with participants from the relevant stakeholders. We conclude that to determine which scenario is the most promising for Boliden, trade-offs regarding control, costs, risks, and innovation must be carefully evaluated. 

  • 24.
    Borg, Markus
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Petter, Gulin
    Lund University, Sweden.
    Linus, Olofsson
    Lund University, Sweden.
    Do Take it Personal: It's Not What You Say, It's Who (and Where) You Are!2016In: Tiny Transactions on Computer Science, Vol. 4Article in journal (Refereed)
    Abstract [en]

    Issue management in market-driven software projects is constantly under time pressure. A limited set of developers must share their time between developing features for the next release and resolving reported issues. Project managers need to find the appropriate balance between a high quality product and fast time to market. We study a telecom company in Sweden developing embedded systems for a consumer market. The project managers report that developers resolve approximately 10% of the issues reported during a project. Consequently, it is critical to properly prioritize the issues to receive the best possible return on investment, and above all to remove all bugs that might impact the market's reception of the product. We use machine learning to investigate what features of an issue report are the best predictors of changes to production code during its corresponding resolution. After removing all features jeopardizing the confidentiality of individual engineers, the issue reports are characterized by 19 features (apart from text). We extract 80,000 issue reports, an equal mix of positive and negative examples, and train a Bayesian Network classifier [2], obtaining 73% classification accuracy. Moreover, it reveals that the feature with the highest predictive value is from which physical site the issue was submitted. The general priority feature however, is only ranked 17 out of 19, whereas the submitting team is ranked 12. Our findings confirm a suspicion in the company: the priority set by the issue submitter is indeed a poor predictor of a future code change.

    Download full text (pdf)
    FULLTEXT01
  • 25. Causevic, Adnan
    et al.
    Shukla, Rakesh
    Punnekkat, Sasikumar
    Sundmark, Daniel
    RISE, Swedish ICT, SICS. RISE, Swedish ICT, SICS, Security Lab.
    Effects of Negative Testing on TDD: An Industrial Experiment2013Conference paper (Refereed)
  • 26.
    Cicchetti, Antonio
    et al.
    Mälardalen University, Sweden.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab.
    Sentilles, Severine
    Mälardalen University, Sweden.
    Wnuk, Krzysztof
    Blekinge Institute of Technology, Sweden.
    Carlsson, Jan
    Mälardalen University, Sweden.
    Papatheocharous, Efi
    RISE, Swedish ICT, SICS, Software and Systems Engineering Laboratory.
    Towards Software Assets Origin Selection Supported by a Knowledge Repository2016In: 2016 1st International Workshop on Decision Making in Software ARCHitecture (MARCH), 2016, 10, p. 22-29Conference paper (Refereed)
    Abstract [en]

    Software architecture is no more a mere system specification as resulting from the design phase, but it includes the process by which its specification was carried out. In this respect, design decisions in component-based software engineering play an important role: they are used to enhance the quality of the system, keep the current market level, keep partnership relationships, reduce costs, and so forth. For non trivial systems, a recurring situation is the selection of an asset origin, that is if going for in-house, outsourcing, open-source, or COTS, when in the need of a certain missing functionality. Usually, the decision making process follows a case-by-case approach, in which historical information is largely neglected. This solution avoids the overhead of keeping detailed documentation about past decisions, but hampers consistency among multiple, possibly related, decisions. The ORION project aims at developing a decision support framework in which historical decision information plays a pivotal role: it is used to analyse current decision scenarios, take well-founded decisions, and store the collected data for future exploitation. In this paper, we outline the potentials of such a knowledge repository, including the information it is intended to be stored in it, and when and how to retrieve it within a decision case.

    Download full text (pdf)
    FULLTEXT01
  • 27.
    Dam, Mads
    et al.
    KTH Royal Institute of Technology, Sweden.
    Guanciale, Roberto
    KTH Royal Institute of Technology, Sweden.
    Khakpour, Narges
    KTH Royal Institute of Technology, Sweden.
    Nemati, Hamed
    KTH Royal Institute of Technology, Sweden.
    Schwarz, Oliver
    RISE, Swedish ICT, SICS, Security Lab.
    Formal Verification of Information Flow Security for a Simple ARM-Based Separation Kernel2013Conference paper (Refereed)
    Abstract [en]

    A separation kernel simulates a distributed environment using a single physical machine by executing partitions in isolation and appropriately controlling communication among them. We present a formal verification of information flow security for a simple separation kernel for ARMv7. Previous work on information flow kernel security leaves communication to be handled by model-external means, and cannot be used to draw conclusions when there is explicit interaction between partitions. We propose a different approach where communication between partitions is made explicit and the information flow is analyzed in the presence of such a channel. Limiting the kernel functionality as much as meaning-fully possible, we accomplish a detailed analysis and verification of the system, proving its correctness at the level of the ARMv7 assembly. As a sanity check we show how the security condition is reduced to noninterference in the special case where no communication takes place. The verification is done in HOL4 taking the Cambridge model of ARM as basis, transferring verification tasks on the actual assembly code to an adaptation of the BAP binary analysis tool developed at CMU.

    Download full text (pdf)
    fulltext
  • 28.
    de la Vara, José Luis
    et al.
    Carlos III University of Madrid, Spain.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab.
    Wnuk, Krzysztof
    Blekinge Institute of Technology, Sweden.
    Moonen, Leon
    Certus Centre for Software V&V, Norway.
    An Industrial Survey of Safety Evidence Change Impact Analysis Practice2016In: IEEE Transactions on Software Engineering, ISSN 0098-5589, E-ISSN 1939-3520, Vol. 42, no 12, p. 1095-1117Article in journal (Refereed)
    Abstract [en]

    In many application domains, critical systems must comply with safety standards. This involves gathering safety evidence in the form of artefacts such as safety analyses, system specifications, and testing results. These artefacts can evolve during a system's lifecycle, creating a need for impact analysis to guarantee that system safety and compliance are not jeopardised. Although extensive research has been conducted on change impact analysis and on safety evidence management, the knowledge about how safety evidence change impact analysis is addressed in practice is limited. This paper reports on a survey targeted at filling this gap by analysing the circumstances under which safety evidence change impact analysis is addressed, the tool support used, and the challenges faced. We obtained 97 valid responses representing 16 application domains, 28 countries, and 47 safety standards. The results suggest that most practitioners deal with safety evidence change impact analysis during system development and mainly from system specifications. Furthermore, the level of automation in the process is low and insufficient tool support is the most frequent challenge. Other notable findings include that the different artefact types used as safety evidence seem to co-evolve, the evolution of safety case should probably be better managed, and no commercial impact analysis tool has been reported as used for all artefact types. Finally, we identified over 20 areas where the state of the practice in safety evidence change impact analysis can be improved.

    Download full text (pdf)
    FULLTEXT01
  • 29. Douglas, Heradon
    et al.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Secure Virtualization and Multicore Platforms State-of-the-Art report2009Report (Other academic)
    Download full text (pdf)
    FULLTEXT01
  • 30.
    Eriksson, Joakim
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Österlind, Fredrik
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Voigt, Thiemo
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Finne, Niclas
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Tsiftes, Nicolas
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Dunkels, Adam
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Demo abstract: accurate power profiling of sensornets with the COOJA/MSPSim simulator2009Conference paper (Refereed)
    Abstract [en]

    Power consumption is of utmost concern in sensor networks. Researchers have several ways of measuring the power consumption of a complete sensor network, but they are typically either impractical or inaccurate. To meet the need for practical and scalable measurement of power consumption of sensor networks, we have developed a cycle-accurate simulator, called COOJA/MSPsim, that enables live power estimation of systems running on MSP430 processors. This demonstration shows the ease of use and the power measurement accuracy of COOJA/MSPsim. The demo setup consists of a small sensor network and a laptop. Beside gathering software-based power measurements from the motes, the laptop runs COOJA/MSPsim to simulate the same network. We visualize the power consumption of both the simulated and the real sensor network, and show that the simulator produces matching results.

  • 31.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    ARIES WP3 – Needs and Requirements Analyses2011Other (Other academic)
    Abstract [en]

    Information and communication technologies have increasingly influenced and changed our daily life. They allow global connectivity and easy access to distributed applications and digital services over the Internet. This report analysis security requirements on trust establishment and trust evaluation based on two different use case scenarios: "Trusted Communication using COTS" and "Trust Establishment for Cross-organizational Crises Management". A systematic needs analysis is performed on both scenarios which haver resulted in a large and well documented set of requirements. This is the first step in a large effort to define a security architecture for the two use case scenarios. 1

    Download full text (pdf)
    FULLTEXT01
  • 32.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    ONVIF Security Recommendations2010Other (Other academic)
    Abstract [en]

    This white paper gives security implementation and administration guidelines for developers and users of the ONVIF Network Interface Specifications.

    Download full text (pdf)
    FULLTEXT01
  • 33.
    Gehrmann, Christian
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Abdelraheem, Mohamed Ahmed
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    IoT protection through device to cloud synchronization2016In: 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), 2016, p. 527-532, article id 7830733Conference paper (Refereed)
    Abstract [en]

    This paper addresses the problem of protecting distributed IoT units from network based attacks while still having a high level of availability. In particular we suggest a novel method where the IoT device execution state is modeled with a suitable high level application model and where the execution state of the application of the IoT device is 'mirrored' in a cloud executed machine. This machine has very high availability and high attack resistance. The IoT device will only communicate with the mirror machine in the cloud using a dedicated synchronization protocol. All essential IoT state information and state manipulations are communicated through this synchronization protocol while all end application communication directed towards the IoT units is done towards the mirror machine in the cloud. This gives a very robust and secure system with high availability at the price of slower responses. However, for many non-real time IoT application with high security demands this performance penalty can be justified.

  • 34.
    Gehrmann, Christian
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Douglas, Heradon
    RISE, Swedish ICT, SICS.
    Kengo Nilsson, Dennis
    Are there good Reasons for Protecting Mobile Phones with Hypervisors?2011Conference paper (Refereed)
    Abstract [en]

    Security threats on consumer devices such as mobile phones are increasing as the software platforms become more open and complex. Therefore, hypervisors, which bring potential new secure services to embedded systems, are becoming increasingly important. In this paper, we look into how to design a hypervisor-based security architecture for an advanced mobile phone. Key security components of the architecture have been verified through a hypervisor implemented on an emulated ARM platform. We compare the hypervisor security architecture with TrustZone and summarize the major benefits and limitations of the hypervisor approach. In short, hypervisors exhibit several advantages such as support of multiple secure execution domains and monitoring of non-trusted domains; however, this comes at the cost of larger legacy system porting efforts.

    Download full text (pdf)
    fulltext
  • 35.
    Gehrmann, Christian
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Löfvenberg, Jacob
    Trust Evaluation for Embedded Systems Security research challenges identified from an incident network scenario2011Conference paper (Refereed)
    Abstract [en]

    This paper is about trust establishment and trust evaluations techniques. A short background about trust, trusted computing and security in embedded systems is given. An analysis has been done of an incident network scenario with roaming users and a set of basic security needs has been identified. These needs have been used to derive security requirements for devices and systems, supporting the considered scenario. Using the requirements, a list of major security challenges for future research regarding trust establishment in dynamic networks have been collected and elaboration on some different approaches for future research has been done.This work was supported by the Knowledge foundation and RISE within the ARIES project.

    Download full text (pdf)
    fulltext
  • 36.
    Gehrmann, Christian
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Tiloca, Marco
    RISE, Swedish ICT, SICS, Security Lab.
    Höglund, Rikard
    RISE, Swedish ICT, SICS.
    SMACK: Short Message Authentication ChecK Against Battery Exhaustion in the Internet of Things2015In: 2015 12th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON), 2015, 13, p. 274-282, article id 7338326Conference paper (Refereed)
    Abstract [en]

    Internet of Things (IoT) commonly identifies the upcoming network society where all connectable devices will be able to communicate with one another. In addition, IoT devices are supposed to be directly connected to the Internet, and many of them are likely to be battery powered. Hence, they are particularly vulnerable to Denial of Service (DoS) attacks specifically aimed at quickly draining battery and severely reducing device lifetime. In this paper, we propose SMACK, a security service which efficiently identifies invalid messages early after their reception, by checking a short and lightweight Message Authentication Code (MAC). So doing, further useless processing on invalid messages can be avoided, thus reducing the impact of DoS attacks and preserving battery life. In particular, we provide an adaptation of SMACK for the standard Constrained Application Protocol (CoAP). Finally, we experimentally evaluate SMACK performance through our prototype implementation for the resource constrained CC2538 platform. Our results show that SMACK is efficient and affordable in terms of memory requirements, computing time, and energy consumption.

    Download full text (pdf)
    FULLTEXT01
  • 37.
    Gianluca, Dini
    et al.
    University of Pisa, Italy.
    Tiloca, Marco
    RISE, Swedish ICT, SICS, Security Lab.
    A Simulation Tool for Evaluating Attack Impact in Cyber Physical Systems2014Conference paper (Refereed)
    Abstract [en]

    Security is getting an ever increasingly important issue in cyber-physical systems comprising autonomous systems. However, it is not possible to defend from all possible attacks for cost and performance reasons. An attack ranking is thus necessary. We propose a simulative framework that makes it possible to rank attacks according to their impact. We also describe a case study to assert its usefulness and effectiveness.

    Download full text (pdf)
    FULLTEXT01
  • 38.
    Giustolisi, Rosario
    et al.
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Ahlström, Markus
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Holmberg, Simon
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    A secure group-based AKA protocol for machine-type communications2016In: Information Security and Cryptology – ICISC 2016 / [ed] Seokhie Hong, Jong Hwan Park, 2016, p. 3-27, article id 10157Conference paper (Refereed)
    Abstract [en]

    The fifth generation wireless system (5G) is expected to handle with an unpredictable number of heterogeneous connected devices while guaranteeing a high level of security. This paper advances a groupbased Authentication and Key Agreement (AKA) protocol that contributes to reduce latency and bandwidth consumption, and scales up to a very large number of devices. A central feature of the proposed protocol is that it provides a way to dynamically customize the trade-off between security and efficiency. The protocol is lightweight as it resorts on symmetric key encryption only, hence it supports low-end devices and can be already adopted in current standards with little effort. Using ProVerif, we prove that the protocol meets mutual authentication, key confidentiality, and device privacy also in presence of corrupted devices, a threat model not being addressed in the state-of-the-art group-based AKA proposals. We evaluate the protocol performances in terms of latency and bandwidth consumption, and obtain promising results.

  • 39.
    Giustolisi, Rosario
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Gerhmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Threats to 5G Group-Based Authentication2016In: Proceedings of the 13th International Joint Conference on e-Business and Telecommunications, SciTePress, 2016, p. 360-367Conference paper (Refereed)
    Abstract [en]

    The fifth generation wireless system (5G) is expected to handle an unpredictable number of heterogeneous connected devices and to guarantee at least the same level of security provided by the contemporary wireless standards, including the Authentication and Key Agreement (AKA) protocol. The current AKA protocol has not been designed to efficiently support a very large number of devices. Hence, a new group-based AKA protocol is expected to be one of the security enhancement introduced in 5G. In this paper, we advance the group-based AKA threat model, reflecting previously neglected security risks. The threat model presented in the paper paves the way for the design of more secure protocols.

    Download full text (pdf)
    fulltext
  • 40.
    Giustolisi, Rosario
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Lovino, Vincenzo
    University of Luxembourg, Luxembourg.
    Roenne, Peter B.
    Inria, France; University of Luxembourg, Luxembourg.
    On the Possibility of Non-Interactive E-Voting in the Public-key Setting2016In: Financial Cryptography and Data Security: FC 2016 International Workshops / [ed] Jeremy Clark, Sarah Meiklejohn, Peter Y.A. Ryan, Dan Wallach, Michael Brenner, Kurt Rohloff, Springer Berlin/Heidelberg, 2016, 23, Vol. 9604, p. 193-208Conference paper (Refereed)
    Abstract [en]

    In 2010 Hao, Ryan and Zielinski proposed a simple decentralized e-voting protocol that only requires 2 rounds of communication. Thus, for k elections their protocol needs 2k rounds of communication. Observing that the first round of their protocol is aimed to establish the public-keys of the voters, we propose an extension of the protocol as a non-interactive e-voting scheme in the public-key setting (NIVS) in which the voters, after having published their public-keys, can use the corresponding secret-keys to participate in an arbitrary number of one-round elections.

    We first construct a NIVS with a standard tally function where the number of votes for each candidate is counted.

    Further, we present constructions for two alternative types of elections. Specifically in the first type (dead or alive elections) the tally shows if at least one voter cast a vote for the candidate. In the second one (elections by unanimity), the tally shows if all voters cast a vote for the candidate.

    Our constructions are based on bilinear groups of prime order.

    As definitional contribution we provide formal computational definitions for privacy and verifiability of NIVSs. We conclude by showing intriguing relations between our results, secure computation, electronic exams and conference management systems.

    Download full text (pdf)
    FULLTEXT01
  • 41.
    Gunnarsson, Martin
    et al.
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Andersson, Tobias
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Seitz, Ludwig
    RISE, Swedish ICT, SICS, Security Lab.
    Performance and overhead evaluation of OSCOAP and DTLS2017Report (Other academic)
    Abstract [en]

    In this report we compare the OSCOAP protocol to CoAP overDTLS-PSK to evaluate their performance in constrained devices

    Download full text (pdf)
    fulltext
  • 42.
    Hewage, Kasun
    et al.
    Uppsala University, Sweden.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Voigt, Thiemo
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Gomez, F.
    An Experimental Study of Attacks on the Availability of Glossy2014In: Computers & electrical engineering, ISSN 0045-7906, E-ISSN 1879-0755, p. 115-125Article in journal (Refereed)
    Abstract [en]

    Glossy is a reliable and low latency flooding mechanism designed primarily for distributed communication in wireless sensor networks (WSN). Glossy achieves its superior performance over tree-based wireless sensor networks by exploiting identical concurrent transmissions. WSNs are subject to wireless attacks aimed to disrupt the legitimate network operations. Real-world deployments require security and the current Glossy implementation has no built-in security mechanisms. In this paper, we explore the effectiveness of several attacks that attempt to break constructive interference in Glossy. Our results show that Glossy is quite robust to approaches where attackers do not respect the timing constraints necessary to create constructive interference. Changing the packet content, however, has a severe effect on the packet reception rate that is even more detrimental than other physical layer denial-of-service attacks such as jamming. We also discuss potential countermeasures to address these security threats and vulnerabilities.

  • 43.
    Hummen, René
    et al.
    RWTH Aachen University, Germany.
    Shafagh, Hossein
    ETH Zürich, Switzerland.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Voigt, Thiemo
    RISE, Swedish ICT, SICS, Computer Systems Laboratory. Uppsala University, Sweden.
    Wehrle, Klaus
    RWTH Aachen University, Germany.
    Delegation-based Authentication and Authorization for the IP-based Internet of Things2014Conference paper (Refereed)
    Abstract [en]

    IP technology for resource-constrained devices enables transparent end-to-end connections between a vast variety of devices and services in the Internet of Things (IoT). To protect these connections, several variants of traditional IP security protocols have recently been proposed for standardization, most notably the DTLS protocol. In this paper, we identify significant resource requirements for the DTLS handshake when employing public-key cryptography for peer authentication and key agreement purposes. These overheads particularly hamper secure communication for memory-constrained devices. To alleviate these limitations, we propose a delegation architecture that offloads the expensive DTLS connection establishment to a delegation server. By handing over the established security context to the constrained device, our delegation architecture significantly reduces the resource requirements of DTLS-protected communication for constrained devices. Additionally, our delegation architecture naturally provides authorization functionality when leveraging the central role of the delegation server in the initial connection establishment. Hence, in this paper, we present a comprehensive, yet compact solution for authentication, authorization, and secure data transmission in the IP-based IoT. The evaluation results show that compared to a public-key-based DTLS handshake our delegation architecture reduces the memory overhead by 64 %, computations by 97 %, network transmissions by 68 %.

  • 44. Hummen, René
    et al.
    Ziegeldorf, Jan H.
    Shafagh, Hossein
    RISE, Swedish ICT, SICS.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Wehrle, Klaus
    Towards Viable Certificate-based Authentication for the Web of Things2013Conference paper (Refereed)
  • 45.
    Höglund, Rikard
    et al.
    RISE, Swedish ICT, SICS.
    Tiloca, Marco
    RISE, Swedish ICT, SICS, Security Lab.
    Current State of the Art in Smart Metering Security2015Report (Other academic)
    Abstract [en]

    Power supply infrastructures are facing radical changes. The introduction of Information and Communication Technologies (ICT) into power grids will allow to automatically monitor and control the power demand and supply. This concept is generally referred to as Smart Grid, and is expected to exponentially grow during the coming years. However, ICT systems are increasingly subject to security cyber attacks, which can have a disruptive impact on the whole power grid, and put people’s safety and business interests at risk. This report covers background information on the smart grid with focus on smart metering in particular. Important aspects such as security and life-cycle management are covered. In addition, the typical smart grid components and communication protocols are surveyed.

    Download full text (pdf)
    FULLTEXT01
  • 46.
    Jonsson, Leif
    et al.
    Linköping University, Sweden; Ericsson AB, Sweden.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab. Lund University, Sweden.
    Broman, David
    KTH Royal Institute of Technology, Sweden; UC Berkeley, USA.
    Sandahl, Kristian
    Linköping University, Sweden.
    Eldh, Sigrid
    Ericsson AB, Sweden.
    Runeson, Per
    Lund University, Sweden.
    Automated Bug Assignment: Ensemble-based Machine Learning in Large Scale Industrial Contexts2016In: Empirical Software Engineering, ISSN 1382-3256, E-ISSN 1573-7616, Vol. 21, no 4, p. 1533-1578Article in journal (Refereed)
    Abstract [en]

    Bug report assignment is an important part of software maintenance. In particular, incorrect assignments of bug reports to development teams can be very expensive in large software development projects. Several studies propose automating bug assignment techniques using machine learning in open source software contexts, but no study exists for large-scale proprietary projects in industry. The goal of this study is to evaluate automated bug assignment techniques that are based on machine learning classification. In particular, we study the state-of-the-art ensemble learner Stacked Generalization (SG) that combines several classifiers. We collect more than 50,000 bug reports from five development projects from two companies in different domains. We implement automated bug assignment and evaluate the performance in a set of controlled experiments. We show that SG scales to large scale industrial application and that it outperforms the use of individual classifiers for bug assignment, reaching prediction accuracies from 50 % to 89 % when large training sets are used. In addition, we show how old training data can decrease the prediction accuracy of bug assignment. We advice industry to use SG for bug assignment in proprietary contexts, using at least 2,000 bug reports for training. Finally, we highlight the importance of not solely relying on results from cross-validation when evaluating automated bug assignment.

    Download full text (pdf)
    FULLTEXT01
  • 47.
    Khakpour, Narges
    et al.
    KTH Royal Institute of Technology, Sweden.
    Schwarz, Oliver
    RISE, Swedish ICT, SICS, Security Lab. KTH Royal Institute of Technology, Sweden.
    Dam, Mads
    KTH Royal Institute of Technology, Sweden.
    Machine Assisted Proof of ARMv7 Instruction Level Isolation Properties2013Conference paper (Refereed)
    Abstract [en]

    In this paper, we formally verify security properties of the ARMv7 Instruction Set Architecture (ISA) for user mode executions. To obtain guarantees that arbitrary (and unknown) user processes are able to run isolated from privileged software and other user processes, instruction level noninterference and integrity properties are provided, along with proofs that transitions to privileged modes can only occur in a controlled manner. This work establishes a main requirement for operating system and hypervisor verification, as demonstrated for the PROSPER separation kernel. The proof is performed in the HOL4 theorem prover, taking the Cambridge model of ARM as basis. To this end, a proof tool has been developed, which assists the verification of relational state predicates semi-automatically.

    Download full text (pdf)
    fulltext
  • 48.
    Larsson, Jacob
    et al.
    Capgemini, Sweden.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab.
    Olsson, Thomas
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Testing Quality Requirements of a System-of-Systems in the Public Sector - Challenges and Potential Remedies2016In: CEUR Workshop Proceedings: Joint Proceedings of the REFSQ 2016 Co-Located Events, 2016, 8, Vol. 1564Conference paper (Refereed)
    Abstract [en]

    Quality requirements is a difficult concept in software projects, and testing software qualities is a well-known challenge. Without proper management of quality requirements, there is an increased risk that the software product un-der development will not meet the expectations of its future users. In this pa-per, we share experiences from testing quality requirements when developing a large system-of-systems in the public sector in Sweden. We complement the experience reporting by analyzing documents from the case under study. As a final step, we match the identified challenges with solution proposals from the literature. We report five main challenges covering inadequate re-quirements engineering and disconnected test managers. Finally, we match the challenges to solutions proposed in the scientific literature, including in-tegrated requirements engineering, the twin peaks model, virtual plumblines, the QUPER model, and architecturally significant requirements. Our experi-ences are valuable to other large development projects struggling with testing of quality requirements. Furthermore, the report could be used by as input to process improvement activities in the case under study.

    Download full text (pdf)
    FULLTEXT01
  • 49.
    Michalas, Antonis
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Paladi, Nicolae
    RISE, Swedish ICT, SICS, Security Lab.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Security Aspects of e-Health Systems Migration to the Cloud2014Conference paper (Refereed)
    Abstract [en]

    As adoption of e-health solutions advances, new computing paradigms - such as cloud computing - bring the potential to improve efficiency in managing medical health records and help reduce costs. However, these opportunities introduce new security risks which can not be ignored. Based on our experience with deploying part of the Swedish electronic health records management system in an infrastructure cloud, we make an overview of major requirements that must be considered when migrating e-health systems to the cloud. Furthermore, we describe in-depth a new attack vector inherent to cloud deployments and present a novel data confidentiality and integrity protection mechanism for infrastructure clouds. This contribution aims to encourage exchange of best practices and lessons learned in migrating public e-health systems to the cloud.

    Download full text (pdf)
    fulltext
  • 50.
    Misra, Prasant
    et al.
    RISE, Swedish ICT, SICS.
    Mottola, Luca
    RISE, Swedish ICT, SICS, Computer Systems Laboratory. Politecnico di Milano, Italy.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Duquennoy, Simon
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Tsiftes, Nicolas
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Höglund, Joel
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Voigt, Thiemo
    RISE, Swedish ICT, SICS, Computer Systems Laboratory. Uppsala University, Sweden.
    Supporting Cyber-Physical Systems with Wireless Sensor Networks: An Outlook of Software and Services2013In: Journal of the Indian Institute of Science, ISSN 0970-4140, Vol. 93, no 3, p. 463-486Article in journal (Refereed)
    Abstract [en]

    Sensing, communication, computation and control technologies are the essential building blocks of a cyber-physical system (CPS). Wireless sensor networks (WSNs) are a way to support CPS as they provide fine-grained spatial-temporal sensing, communication and computation at a low premium of cost and power. In this article, we explore the fundamental concepts guiding the design and implementation of WSNs. We report the latest developments in WSN software and services for meeting existing requirements and newer demands; particularly in the areas of: operating system, simulator and emulator, programming abstraction, virtualization, IP-based communication and security, time and location, and network monitoring and management. We also reflect on the ongoing efforts in providing dependable assurances for WSN-driven CPS. Finally, we report on its applicability with a case-study on smart buildings.

123 1 - 50 of 108
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf