| 1. |
- Abrahamsson, Henrik, et al.
(author)
-
Connected Vehicles in Cellular Networks : Multi-Access Versus Single-Access Performance
- 2018
-
In: TMA 2018 - Proceedings of the 2nd Network Traffic Measurement and Analysis Conference. - : Institute of Electrical and Electronics Engineers Inc.. - 9783903176096
-
Conference paper (peer-reviewed)abstract
- Connected vehicles can make roads traffic safer and more efficient, but require the mobile networks to handle time-critical applications. Using the MONROE mobile broadband measurement testbed we conduct a multi-access measurement study on buses. The objective is to understand what network performance connected vehicles can expect in today's mobile networks, in terms of transaction times and availability. The goal is also to understand to what extent access to several operators in parallel can improve communication performance. In our measurement experiments we repeatedly transfer warning messages from moving buses to a stationary server. We triplicate the messages and always perform three transactions in parallel over three different cellular operators. This creates a dataset with which we can compare the operators in an objective way and with which we can study the potential for multi-access. In this paper we use the triple-access dataset to evaluate single-access selection strategies, where one operator is chosen for each transaction. We show that if we have access to three operators and for each transaction choose the operator with best access technology and best signal quality then we can significantly improve availability and transaction times compared to the individual operators. The median transaction time improves with 6% compared to the best single operator and with 61% compared to the worst single operator. The 90-percentile transaction time improves with 23% compared to the best single operator and with 65% compared to the worst single operator.
|
|
| 2. |
- Lavassani, Mehrzad, et al.
(author)
-
From brown-field to future industrial networks, a case study
- 2021
-
In: Applied Sciences. - : MDPI AG. - 2076-3417. ; 11:7
-
Journal article (peer-reviewed)abstract
- The network infrastructures in the future industrial networks need to accommodate, manage and guarantee performance to meet the converged Internet technology (IT) and operational technology (OT) traffics requirements. The pace of IT-OT networks development has been slow despite their considered benefits in optimizing the performance and enhancing information flows. The hindering factors vary from general challenges in performance management of the diverse traffic for green-field configuration to lack of outlines for evolving from brown-fields to the converged network. Focusing on the brown-field, this study provides additional insight into a brown-field characteristic to set a baseline that enables the subsequent step development towards the future’s expected converged networks. The case study highlights differences between real-world network behavior and the common assumptions for analyzing the network traffic covered in the literature. Considering the unsatisfactory performance of the existing methods for characterization of brownfield traffic, a performance and dynamics mixture measurement is proposed. The proposed method takes both IT and OT traffic into consideration and reduces the complexity, and consequently improves the flexibility, of performance and configuration management of the brown-field. © 2021 by the authors.
|
|
| 3. |
- Lindgren, Anders, et al.
(author)
-
Poster - Feasibility of ICN in automation networks
- 2017
-
In: CHANTS 2017 - Proceedings of the 12th Workshop on Challenged Networks, co-located with MobiCom 2017. - New York, NY, USA : Association for Computing Machinery, Inc. - 9781450351447 ; , s. 33-34
-
Conference paper (peer-reviewed)abstract
- In an industrial automation environment, there are many sensors generating large volumes of data. Both time-critical data for realtime control as well as less time-critical data for central monitoring and log data need to co-exist in the system with often harsh wireless environments. Thus, available capacity may be low, causing congestion problems and long latencies for by traffic with less stringent timing requirements. In this paper, we consider the feasibility of using Information Centric Networking in industrial automation networks in order to improve efficiency in distribution of data and reduce latency.
|
|
| 4. |
- Ericsson, Niclas, et al.
(author)
-
A flexible communication stack design for time sensitive embedded systems
- 2017
-
In: Proceedings of the IEEE International Conference on Industrial Technology. - : Institute of Electrical and Electronics Engineers (IEEE). - 9781509053209 - 9781509053216 - 9781509053193 ; , s. 1112-1117
-
Conference paper (peer-reviewed)abstract
- Trends like Internet of Things (IoT), 5G and Cloud are pushing for device connectivity to the Internet, which affects industrial embedded systems with e.g., an increase in code base and functionality. Due to different application requirements, there are relative little reuse between embedded systems with different run-time context (from super loop to multi-threaded), and different types of communication (best effort and real time). In order to improve code reuse and changeability, we propose a flexible communication stack design, that can be configured for time sensitive communication with a real-time operating system (RTOS), or configured for best effort communication with either a super loop or an operating system (OS). Experiments demonstrate the flexibility and simplicity of the design with different configurations, e.g., super loop, single threaded, multi-threaded. Measurements show that the variations in performance related to run-time context scales as expected.
|
|
| 5. |
- Lavassani, Mehrzad, et al.
(author)
-
Modeling and Profiling of Aggregated Industrial Network Traffic
- 2022
-
In: Applied Sciences. - : MDPI. - 2076-3417. ; 12:2
-
Journal article (peer-reviewed)abstract
- The industrial network infrastructures are transforming to a horizontal architecture to enable data availability for advanced applications and enhance flexibility for integrating new tech-nologies. The uninterrupted operation of the legacy systems needs to be ensured by safeguarding their requirements in network configuration and resource management. Network traffic modeling is essential in understanding the ongoing communication for resource estimation and configuration management. The presented work proposes a two-step approach for modeling aggregated traffic classes of brownfield installation. It first detects the repeated work-cycles and then aims to identify the operational states to profile their characteristics. The performance and influence of the approach are evaluated and validated in two experimental setups with data collected from an industrial plant in operation. The comparative results show that the proposed method successfully captures the temporal and spatial dynamics of the network traffic for characterization of various communication states in the operational work-cycles.
|
|
| 6. |
- Rabet, Iliar, et al.
(author)
-
SDMob : SDN-Based Mobility Management for IoT Networks
- 2022
-
In: Journal of Sensor and Actuator Networks. - : MDPI. - 2224-2708. ; 11:1
-
Journal article (peer-reviewed)abstract
- Internet-of-Things (IoT) applications are envisaged to evolve to support mobility of devices while providing quality of service in the system. To keep the connectivity of the constrained nodes upon topological changes, it is of vital importance to enhance the standard protocol stack, including the Routing Protocol for Lossy Low-power Networks (RPL), with accurate and real-time control decisions. We argue that devising a centralized mobility management solution based on a lightweight Software Defined Networking (SDN) controller provides seamless handoff with reasonable communication overhead. A centralized controller can exploit its global view of the network, computation capacity, and flexibility, to predict and significantly improve the responsiveness of the network. This approach requires the controller to be fed with the required input and to get involved in the distributed operation of the standard RPL. We present SDMob, which is a lightweight SDN-based mobility management architecture that integrates an external controller within a constrained IoT network. SDMob lifts the burden of computation-intensive filtering algorithms away from the resource-constrained nodes to achieve seamless handoffs upon nodes’ mobility. The current work extends our previous work, by supporting multiple mobile nodes, networks with a high density of anchors, and varying hop-distance from the controller, as well as harsh and realistic mobility patterns. Through analytical modeling and simulations, we show that SDMob outperforms the baseline RPL and the state-of-the-art ARMOR in terms of packet delivery ratio and end-to-end delay, with an adjustable and tolerable overhead. With SDMob, the network provides close to 100% packet delivery ratio (PDR) for a limited number of mobile nodes, and maintains sub-meter accuracy in localization under random mobility patterns and varying network topologies. © 2022 by the authors.
|
|
| 7. |
- Selvaraju, Shunmuga Priyan, et al.
(author)
-
Network Management in Heterogeneous IoT Networks
- 2021
-
In: 2021 International Wireless Communications and Mobile Computing (IWCMC). - 9781728186160 ; , s. 1581-1586
-
Conference paper (peer-reviewed)abstract
- Heterogeneous networks (hetnets) is an interconnection of distinctive networking paradigms to enable wider reachability and greater collaborations. In large Internet-of-Things (IoT) applications, many wireless networks are spatially co-located and intertwined forming hetnets; for instance, health monitoring devices utilising ZigBee or IEEE 802.15.4 co-exist in 2.4 GHz spectrum alongside Wi-Fi devices. Interoperability or non-obtrusive operations are required among the disjoint domains to achieve operational efficiency in overall IoT ecosystem. Specifically, network interoperability in hetnets assure desired reachability, resource orchestration and network quality. In this work, we have modelled and implemented a simulation environment for hetnets to support different schemes of network interoperability under distributed and centralised management of network. The implementation has been evaluated for network scalability and reliability to replicate large IoT hetnets. By evaluating against increasing number of nodes in the hetnet, the mean latency under distributed management is improved by 100-fold with the centralised management. Similar observations could also be made for throughput and packet loss rate.
|
|
| 8. |
- Aslam, Mudassar, et al.
(author)
-
ASArP : Automated Security Assessment & Audit of Remote Platforms using TCG-SCAP synergies
- 2015. - 7
-
In: Journal of Information Security and Applications. - United Kingdom : Elsevier BV. - 2214-2134 .- 2214-2126. ; 22, s. 28-39
-
Journal article (peer-reviewed)abstract
- Many enterprise solutions today are built upon complex distributed systems which are accessible to the users globally. Due to this global access, the security of the host platforms becomes critical. The platform administrators use security automation techniques such as those provided by Security Content Automation Protocol (SCAP) standards to protect the systems from the vulnerabilities that are reported daily; furthermore, they are responsible for keeping their systems compliant to the relevant security recommendations (governmental or industrial). Additionally, third party audit and certification processes are used to increase user trust in enterprise solutions. However, traditional audit and certification mechanisms are not continuous , that is, not frequent enough to deal with the daily reported vulnerabilities, and for that matter even auditors expect platform administrators to keep the systems updated. As a result, the end user is also forced to trust the platform administrators about the latest state of the platform. In this paper we develop an automated security audit and certification system (ASArP)(ASArP) which can be used by platform users or by third party auditors. We use security automation techniques for continuous monitoring of the platform security posture and make the results trustworthy by using trusted computing (TCG) techniques. The prototype development of ASArPASArP validates the implementation feasibility; it also provides performance benchmarks which show that the ASArPASArP based audit and certification can be done much more frequently (e.g. daily or weekly). The feasibility of ASArPASArP based continuous audits is significantly better than traditional platform audits which are dependent on the physical presence of the auditors, thus making frequent audits much more expensive and operationally infeasible.
|
|
| 9. |
- Aslam, Mudassar, 1979-
(author)
-
Secure Service Provisioning in a Public Cloud
- 2012
-
Licentiate thesis (other academic/artistic)abstract
- The evolution of cloud technologies which allows the provisioning of IT resources over the Internet promises many benefits for the individuals and enterprises alike. However, this new resource provisioning model comes with the security challenges which did not exist in the traditional resource procurement mechanisms. We focus on the possible security concerns of a cloud user (e.g. an organization, government department, etc.) to lease cloud services such as resources in the form of Virtual Machines (VM) from a public Infrastructure-as-a-Service (IaaS) provider. There are many security critical areas in the cloud systems, such as data confidentiality, resource integrity, service compliance, security audits etc. In this thesis, we focus on the security aspects which result in the trust deficit among the cloud stakeholders and hence hinder a security sensitive user to benefit from the opportunities offered by the cloud computing. Based upon our findings from the security requirements analysis,we propose solutions that enable user trust in the public IaaS clouds. Our solutions mainly deal with the secure life cycle management of the user VM which include mechanisms for VM launch and migration. The VM launch and migration solutions ensure that the user VM is always protected in the cloud by only allowing it to run on the user trusted platforms. This is done by using trusted computing techniques that allow the users to remotely attest and hence rate the cloud platforms trusted or untrusted. We also provide a prototype implementation to prove the implementation feasibility of the proposed trust enabling principles used in the VM launch and migration solutions.
|
|
| 10. |
- Aslam, Mudassar, 1979-, et al.
(author)
-
Securely launching virtual machines on trustworthy platforms in a public cloud : An enterprise's perspective
- 2012
-
In: CLOSER 2012 - Proceedings of the 2nd International Conference on Cloud Computing and Services Science. - 9789898565051 ; , s. 511-521
-
Conference paper (peer-reviewed)abstract
- In this paper we consider the Infrastructure-as-a-Service (IaaS) cloud model which allows cloud users to run their own virtual machines (VMs) on available cloud computing resources. IaaS gives enterprises the possibility to outsource their process workloads with minimal effort and expense. However, one major problem with existing approaches of cloud leasing, is that the users can only get contractual guarantees regarding the integrity of the offered platforms. The fact that the IaaS user himself or herself cannot verify the providerpromised cloud platform integrity, is a security risk which threatens to prevent the IaaS business in general. In this paper we address this issue and propose a novel secure VM launch protocol using Trusted Computing techniques. This protocol allows the cloud IaaS users to securely bind the VM to a trusted computer configuration such that the clear text VM only will run on a platform that has been booted into a trustworthy state. This capability builds user confidence and can serve as an important enabler for creating trust in public clouds. We evaluate the feasibility of our proposed protocol via a full scale system implementation and perform a system security analysis.
|
|
