| 1. |
- Franke, Ulrik, et al.
(författare)
-
What can we learn from enterprise architecture models? : An experiment comparing models and documents for capability development
- 2018
-
Ingår i: Software and Systems Modeling. - : Springer. - 1619-1366 .- 1619-1374. ; 17:2, s. 695-711
-
Tidskriftsartikel (refereegranskat)abstract
- Enterprise architecture (EA) has been established as a discipline to cope with the complex interactions of business operations and technology. Models, i.e., formal descriptions in terms of diagrams and views, are at the heart of the approach. Though it is widely thought that such architecture models can contribute to improved understanding and decision making, this proposition has not rigorously been tested. This article describes an experiment conducted with a real EA model and corresponding real traditional documents, investigating whether the model or the documents lead to better and faster understanding. Understanding is interesting to study, as it is a prerequisite to other EA uses. The subjects (N = 98) were officer cadets, and the experiment was carried out using a comprehensive description of military Close Air Support capability either (1) in the form of a MODAF model or (2) in the form of traditional documents. Based on the results, the model seems to lead to better, though not faster, understanding.
|
|
| 2. |
- Jiang, Zhihan, et al.
(författare)
-
Leveraging Machine Learning for Disease Diagnoses based on Wearable Devices : A Survey
- 2023
-
Ingår i: IEEE Internet of Things Journal. - : Institute of Electrical and Electronics Engineers (IEEE). - 2327-4662. ; 10:24, s. 21959-21981
-
Tidskriftsartikel (refereegranskat)abstract
- Many countries around the world are facing a shortage of healthcare resources, especially during the post-epidemic era, leading to a dramatic increase in the need for self-detection and self-management of diseases. The popularity of smart wearable devices, such as smartwatches, and the development of machine learning bring new opportunities for the early detection and management of various prevalent diseases, such as cardiovascular diseases, Parkinson’s disease, and diabetes. In this survey, we comprehensively review the articles related to specific diseases or health issues based on small wearable devices and machine learning. More specifically, we first present an overview of the articles selected and classify them according to their targeted diseases. Then, we summarize their objectives, wearable device and sensor data, machine learning techniques, and wearing locations. Based on the literature review, we discuss the challenges and propose future directions from the perspectives of privacy concerns, security concerns, transmission latency and reliability, energy consumption, multi-modality, multi-sensor, multi-devices, evaluation metrics, explainability, generalization and personalization, social influence, and human factors, aiming to inspire researchers in this field.
|
|
| 3. |
- Huskaj, Gazmend, et al.
(författare)
-
An anticipatory ethical analysis of offensive cyberspace operations
- 2020
-
Ingår i: Proceedings of the 15th International Conference on Cyber Warfare and Security, ICCWS 2020. - Reading : Academic Conferences and Publishing International Limited. - 9781912764525 - 9781912764532 - 1912764539 ; , s. 512-520
-
Konferensbidrag (refereegranskat)abstract
- This article presents the ethical issues using offensive cyberspace operations. Previously enshrouded in secrecy, and now becoming the new norm, countries are using offensive cyberspace operations to achieve their strategic interests. Russia has conducted multiple offensive operations targeting Estonia, Georgia and the Ukraine; Hamas has targeted Israeli targets; and Iran has been targeting U.S. targets. The response to these operations has varied; Estonia and Georgia struggled with the attacks and were unable to respond while Ukraine tried to respond but the response was inefficient. Israel's response on Hamas offensive operations was an air strike on a building with Hamas Cyber-operatives. Iran shot down a U.S. Drone over the Strait of Hormuz, and the U.S. initially intended to respond with kinetic capabilities in the form of missile strikes. However, in the last minute, the U.S. chose to respond with offensive cyberspace operations targeting the Iranian missile systems. This last-minute change of response choosing between kinetic or cyber capabilities shows a need to further investigate how offensive cyberspace operations can be used against which targets from an ethical perspective. This article applies anticipatory ethical analysis on U.S. offensive operations in the “Global Hawk”-case when Iran shot down a U.S. drone over the Strait of Hormuz. Anticipatory ethical analysis looks at emerging technologies and their potential consequences. Offensive cyberspace operations present a range of possibilities, which include lowering the risk of harm to cyber operatives' lives belonging to the responding nation. However, a response can also be kinetic. Therefore, the analysis of the “Global Hawk”-case is compared with the Israeli-air strike of the building of Hamas Cyber-operatives. The authors argue that applying anticipatory ethical analysis on offensive operations and kinetic operations assist decision makers in choosing response actions to re-establish deterrence through the use of offensive cyberspace operations.
|
|
| 4. |
- Huskaj, Gazmend
(författare)
-
What is a Substantial Contribution to a Research Project in Offensive Cyberspace Operations that Merits Co-Authorship?
- 2022
-
Ingår i: Proceedings of the 17th International Conference on Cyber Warfare and Security. - Reading, UK : ACI Academic Conferences International. - 9781914587276 - 9781914587269 ; , s. 385-394
-
Konferensbidrag (refereegranskat)abstract
- This article reviews the question what is a substantial contribution to a research project in offensive cyberspace operations that merits co-authorship? Frustrations and conflicts may develop during research projects when researchers with different backgrounds, cultures, research fields and expertise decide to conduct research and produce and publish those results. The focus of this paper is a research project in cyberspace operations while taking into account the power-dynamics inherent in the academic system and how these can affect the co-authorship of research products. First, the purpose with doing research is presented. Next, three models of the research process are reviewed, describing their differences and similarities. Then, linguistic analysis is applied on a set of terms in guidelines for co-authorship described in some different universities in Sweden. The results present a model for a research project in offensive cyberspace operations and based on the output of the linguistic analysis, the model is used to quantify and describe what a substantial contribution is in three scenarios that merits co-authorship.
|
|
| 5. |
- Bengtsson, Johnny, et al.
(författare)
-
The Manifestation of Chinese Strategies Into Offensive Cyberspace Operations Targeting Sweden
- 2021
-
Ingår i: Proceedings of the 20th European Conference on Cyber Warfare and Security. - Reading, UK : Academic Conferences International Limited. - 9781912764990 ; , s. 35-43
-
Konferensbidrag (refereegranskat)abstract
- The aim of this article is to present how Chinese strategies are manifested into offensive cyberspace operations targeting Sweden. It is commonly known that People’s Republic of China (PRC, and in this definition the meaning of thegovernment and its military), uses five-year plans (FYP) for social and economic steering strategy of their country. This has been going on since 1953 until today. In 2015, the national strategic plan Made in China 2025 (中国制造2025) was launched by Le Keqiang, the Premier of the State Council of PRC. The main goal with this plan is to strengthen the economic development. In addition, Chinese military strategists noted the importance of information warfare and intelligence during military operations. This article is based on open sources: the official English translated version of the 13th Five-year plan (FYP) and other reporting on cyberspace operations linked to the PRC. A number of cases are presented to highlight the link between the PRC FYP and their targets. Next, the current situation in Sweden is presented and how the country is targeted by PRC-linked activities, both in and through cyberspace, but also military infiltration on academia. The results show that Sweden has been, and is continuously the target of offensive cyberspace operations. In parallel, the country is also the target of military infiltration on the academia, and direct investment strategies such as Huawei attempting to compete for the 5G frequency actions arranged by the Swedish Post and Telecom Authority. In conclusion, Sweden will continue to experience cyberespionage from PRC on all levels and on all domains; science, technology, IP and privacy information theft. Previously unveiled cyberspace operations cases in this article have proven to be a convenient strategy for the PRC to reduce its research and development gap in several ways; innovatively, financially and to shortening the time-to-market (TTM).
|
|
| 6. |
- Boschetti, Nicolò, et al.
(författare)
-
A Hybrid Space Architecture for Robust and Resilient Satellite Services
- 2023
-
Ingår i: 2023 IEEE International Conference on Space Mission Challenges for Information Technology (SMC-IT). - : Institute of Electrical and Electronics Engineers (IEEE). - 9798350341386 - 9798350341379 ; , s. 114-122
-
Konferensbidrag (refereegranskat)abstract
- A 'hybrid space architecture' has been proposed to facilitate robust and resilient satellite data downlink, integration and analysis; however, the technical details for what may comprise a hybrid space architecture are severely lacking. Thus far, 'hybrid' principally entails the diversity of commercial providers. While diverse suppliers can contribute to hybrid space architectures, we argue that robustness and resilience will only be achieved through heterogeneous network and asset architectures. A connected satellite services ecosystem composed of the union of different networks with different characteristics would limit single points of failure, thereby generating high levels of redundancy, resilience and scalability. This research outlines parameters of a hybrid space architecture, documents satellite service reference architectures and provides a comparative analysis of the features for each architecture. Further, through a case study of existing satellite service providers, we propose how a hybrid space architecture could be piloted in Northern Europe and the High North.
|
|
| 7. |
- Boschetti, Nicolò, et al.
(författare)
-
Commercial Space Risk Framework Assessing the Satellite Ground Station Security Landscape for NATO in the Arctic and High North
- 2022
-
Ingår i: 40th IEEE Military Communications Conference, Rockville, MD, USA, November 28 - December 2, 2022.. - : IEEE. - 9781665485357 - 9781665485340 ; , s. 679-686
-
Konferensbidrag (refereegranskat)abstract
- Satellite ground stations in the Arctic and High North are of strategic importance to NATO, given their ability to collect intelligence from space assets in polar Earth orbit. Commercial space infrastructure such as ground systems are increasingly dual-use, employed for both civilian and defense purposes. Their dual-use could cause them to become military targets. As such, commercial operators must strategically consider ground station placement to optimize for utility, while accounting for their security risk. This research presents a frame-work to assess the commercial satellite ground station security landscape by outlining security and performance tradeoffs given geographic location, including proximity to potential adversaries, and designates eight separate risk regions. Particularly, Sweden's and Finland's space infrastructure is of focus given their recent application to join NATO in the wake of Russian aggression. The paper concludes that, to secure ground stations and the assets and services that they enable, a comprehensive risk evaluation including positioning of ground stations is critical.
|
|
| 8. |
- Boschetti, Nicolò, et al.
(författare)
-
Ground Station as a Service Reference Architectures and Cyber Security Attack Tree Analysis
- 2023
-
Ingår i: 2023 IEEE Aerospace Conference. - : Institute of Electrical and Electronics Engineers (IEEE). - 9781665490320
-
Konferensbidrag (refereegranskat)abstract
- As the Ground Station as a Service (GSaaS) paradigm transforms space infrastructure operations, new attack surface emerges for malicious actors. While the space community generally refers to GSaaS as a singular model, there are several flavors of these systems. After a description of the general GSaaS network's basic structure, this paper presents an analysis of four reference architectures of GSaaS. On the basis of this systems engineering analysis, a cybersecurity analysis of the critical nodes will be carried out through the attack tree method. Later the cybersecurity implication both of technical and strategic characteristic of GSaaS networks will be discussed and put in relation with the current state of space cyberwarfare landscape.
|
|
| 9. |
- Dansarie, Marcus, doktorand, 1985-
(författare)
-
Security Issues in Special-Purpose Digital Radio Communication Systems : A Systematic Review
- 2024
-
Ingår i: IEEE Access. - : IEEE. - 2169-3536. ; 12, s. 91101-91126
-
Forskningsöversikt (refereegranskat)abstract
- For applications where general-purpose communication systems, such as mobile telephony, do not satisfy user requirements, special-purpose digital wireless communication standards have been developed. Since these systems often support critical infrastructures, security issues can have far-reaching consequences. To study the extent of research on security issues in specialized communication standards, a systematic literature review was performed, using snowballing to maximize coverage. The found publications cover security issues in radio communication systems for three major areas: civil transportation, public safety and security, and telephony and satellite communication systems. The main results from the included publications are summarized. This is followed by an analysis that presents five common themes among the security issues: lack of encryption, lack of authentication, broken encryption, protocol vulnerabilities, and implementation vulnerabilities. Research tools and methods used across the different technology fields are systematized, showing that software-defined radio and open-source software appear to be enablers of research on the communication standards covered by the review. The systematization also reveals that the application of research methods to different standards is spotty. Finally, numerous open research directions are pointed out, including the need for more holistic research that goes beyond just finding technical flaws in single standards.
|
|
| 10. |
- Huskaj, Gazmend, et al.
(författare)
-
Anticipatory ethics for vulnerability disclosure
- 2020
-
Ingår i: Proceedings of the 15th International Conference on Cyber Warfare and Security, ICCWS 2020. - Reading : Academic Conferences and Publishing International Limited. - 9781912764525 - 1912764539 - 9781912764532 ; , s. 254-261
-
Konferensbidrag (refereegranskat)abstract
- This article presents the ethical dilemma related to under what circumstances vulnerabilities should be disclosed. Vulnerabilities exist in hardware and software, and can be as a consequence of programming errors or design flaws. Threat actors can exploit these vulnerabilities to gain otherwise unintended access to information systems, resources and/or stored information. In other words, they can be used to impact the confidentiality, integrity and availability of information in information systems. As a result, various types of vulnerabilities are highly sought after since they enable this type of access. The most highly sought are so-called “zero-day”-vulnerabilities. These are vulnerabilities that exist but are unknown, and when exploited, enable one way of entry into a system that is not thought possible. This is also why zero-day vulnerabilities are very popular among criminal organizations, states and state-sponsored advanced persistent threats. The other side of the coin is when a state identifies a zero-day, and ends up in the ethical dilemma of whether to release the news and inform the vendor to patch it, i.e. close the vulnerability, or to use it for offensive or intelligence purposes. This article employs these distinctions to apply anticipatory ethics in the Stuxnet-case. Stuxnet was a computer software that was allegedly developed by the U.S. together with Israel to disrupt Iran's development of uranium for their nuclear program. More exactly, it was developed to disable the uranium centrifuges used to enrich uranium. To achieve this, Stuxnet exploited four zero-day vulnerabilities and, according to some experts, managed to delay Iran's nuclear program by one to two-years, forcing them to the negotiation table. Using vulnerabilities like zero-days presents opportunities but also risks. The results of the application of anticipatory ethics to the Stuxnet case are then compared with the “Osirak”-case and the “al-Kibar”-case. Osirak was the nuclear reactor in Iraq and was bombed in 1981; al-Kibar was the nuclear reactor being built up in Syria, also bombed in 2007.
|
|
