| 1. |
- Broux, Ruben, et al.
(författare)
-
Communication Patterns in Automotive Systems
- 2022
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- In the last decade, electronics and software have replaced many mechanical components in vehicles at an unprecedented rate. New emerging technologies have found their way into the vehicular domain,like for instance, ADAS systems. This change brings some particular challenges with it in terms of functionalities, safety and security. Many vehicle distributed functions require hard real-time and secure communication. Therefore, the electrical and electronic (E/E architectures) architectures are in a continuously adapting trend to meet the new standards.The adaptation from a distributed to a domain-centralized architectureis already present. It is crucial to facilitate reuse of system architectural solutions in order to make system development more efficient. Therefore, we propose the use of communication architectural patterns. We present a method to map communication patterns on a certain layer ofabstraction. The method has been evaluated through several industrialuse cases. Furthermore, this work sets precedence for future research and development, as well as future applications of the method.
|
|
| 2. |
- Causevic, Aida, 1983-, et al.
(författare)
-
On incorporating security parameters in service level agreements
- 2019
-
Ingår i: CLOSER 2019 - Proceedings of the 9th International Conference on Cloud Computing and Services Science. - : SciTePress. - 9789897583650 ; , s. 48-57
-
Konferensbidrag (refereegranskat)abstract
- With development of cloud computing new ways for easy, on-demand, Internet-based access to computing resources have emerged. In such context a Service Level Agreement (SLA) enables contractual agreements between service providers and users. Given an SLA, service users are able to establish trust in that the service outcome corresponds to what they have demanded during the service negotiation process. However, an SLA provides a limited support outside of basic Quality of Service (QoS) parameters, especially when it comes to security. We find security as an important factor to be included in adjusting an SLA according to user defined objectives. Incorporating it in an SLA is challenging due to difficulty to provide complete and quantifiable metrics, thus we propose to focus on a systematic way of addressing security using the security process. In this paper we investigate ways in which security might be incorporated already in the service negotiation process and captured in an SLA. We propose a corresponding process to develop and maintain an SLA that considers both design-, and run-time. To demonstrate the approach we built upon the existing SLAC language and extend its syntax to support security. An example of a service being provided with security guarantees illustrates the concept.
|
|
| 3. |
- El Hachem, J., et al.
(författare)
-
Securing system-of-systems through a game theory approach
- 2021
-
Ingår i: Proceedings of the ACM Symposium on Applied Computing. - New York, NY, USA : Association for Computing Machinery. - 9781450381048 ; , s. 1443-1446
-
Konferensbidrag (refereegranskat)abstract
- Enabling System-of-Systems (SoS) security is an important activity when engineering SoS solutions like autonomous vehicles, provided that they are also highly safety-critical. An early analysis of such solutions caters for proper security architecture decisions, preventing potential high impact attacks and ensuring people's safety. However, SoS characteristics such as emergent behavior, makes security decision-making at the architectural level a challenging task. To tackle this challenge, it is essential to first address known vulnerabilities related to each CS, that an adversary may exploit to realize his attacks within the unknown SoS environment. In this paper we investigate how to use Game Theory (GT) approaches to guide the architect in choosing an appropriate security solution. We formulate a game with three players and their corresponding strategies and payoffs. The proposal is illustrated on an autonomous quarry example showing its usefulness in supporting a security architect to choose the the most suitable security strategy.
|
|
| 4. |
- El Hachem, Jamal, et al.
(författare)
-
Using Bayesian Networks for a Cyberattacks Propagation Analysis in Systems-of-Systems
- 2019
-
Konferensbidrag (refereegranskat)abstract
- System of Systems (SoS) represent a set of independent Constituent Systems (CS) that collaborate in order to provide functionalities that they are unable to achieve independently. We consider SoS as a set of connected services that needs to be adequately protected. The integration of these independent, evolutionary and distributed systems, intensifies SoS complexity and emphasizes the behavior uncertainty, which makes an SoS security analysis a critical challenge. One of the major priorities when designing SoS, is to analyze the unknown dependencies among CS services and vulnerabilities leading to potential cyberattacks. The aim of this work is to investigate how Software Engineering approaches could be leveraged to analyze the cyberattack propagation problem within an SoS. Such analysis is essential for an efficient SoS risk assessment performed early at the SoS design phase and required to protect the SoS from possibly high impact attacks affecting its safety and security. In order to achieve our objective, we present a model-driven analysis approach, based on Bayesian Networks, a sensitivity analysis and Common Vulnerability Scoring System (CVSS) with aim to discover potential cyberattacks propagation and estimate the probability of a security failure and its impact on SoS services. W
|
|
| 5. |
- Filipovikj, Predrag, et al.
(författare)
-
Service Realizability Check as a Technique to Support a Service Security Assurance Case
- 2020
-
Ingår i: 2020 ieee international conference on industrial technology (icit). - : IEEE. ; , s. 973-980
-
Konferensbidrag (refereegranskat)abstract
- Advances in cloud computing make cloud services as an appealing solution for enabling services flexibility and availability on demand to accommodate users' needs. The terms and the guarantees of service provision are negotiated and then stated in a Service Level Agreement (SLA). To facilitate a wider acceptance of such services, beside the standard properties, security has to be taken into consideration as well. One way to facilitate this is to provide a corresponding security assurance case. For that purpose, in this work we propose to split the security service assessment between an independent third party and a service user, where the former assess a security assurance case and the latter negotiates particular security solutions implemented for a service. For the systematic part of the security process that is independently assessed, in this paper we focus on the formal realizability check of service constraints expressed within an SLA. To enable this, we formalize the check at both service design-, and run-time, needed due to frequent updates required to maintain an agreed security level. The formalization is tailored for the SLAC language specifically, which is extended to cover a proposed set of security objectives. Moreover, we use an example of an SLA expressed in terms of SLAC language, which includes security guarantees to illustrate the approach.
|
|
| 6. |
- Gore, Rahul Nandkumar, et al.
(författare)
-
Clock Synchronization in Future Industrial Networks : Applications, Challenges, and Directions
- 2020
-
Ingår i: 12th AEIT International Annual Conference, AEIT 2020. - : Institute of Electrical and Electronics Engineers Inc.. - 9788887237474
-
Konferensbidrag (refereegranskat)abstract
- Time synchronization is essential for the correct and consistent operation of automation systems. An inaccurate analysis being a consequence of improper synchronization, can affect automation functions, e.g., by producing false commands and warnings. Industrial systems are evolving from the rigid automation pyramid to a flexible and reconfigurable architecture due to market evolution. The new trends in Cyber-Physical-Systems (CPS), Industry 4.0, and Internet of Things (IoT) are enabling this evolution. Citing a need to understand the future synchronization requirements, this paper envisions the architecture, communication network, and applications of future automation systems. Built on this vision, the paper derives the future needs of synchronization and analyzes them with state-of-art synchronization means. Based on the analysis, we envision the future of synchronization systems for automation systems.
|
|
| 7. |
- Gore, Rahul Nandkumar, et al.
(författare)
-
CoSiNeT : A Lightweight Clock Synchronization Algorithm for Industrial IoT
- 2021
-
Ingår i: IEEE International Conference on Industrial Cyber-Physical Systems ICPS 2021. - 9781728162072
-
Konferensbidrag (refereegranskat)abstract
- Recent advances in industrial internet of things~(IIoT) and cyber-physical systems drive Industry 4.0 and lead to advanced applications. The adequate performance of time-critical automation applications depends on a clock synchronization scheme used by control systems. Network packet delay variations adversely impact the clock synchronization performance. The impact is significant in industrial sites, where software and hardware resources heavily contribute to delay variations, and where harsh environmental conditions interfere with communication network dynamics. While existing time synchronization methods for IIoT devices, e.g., Simple Network Time Protocol~(SNTP), provide adequate synchronization in good operating conditions, their performance degrades significantly with deteriorating network conditions. To overcome this issue, we propose a scalable, software-based, lightweight clock synchronization method, called CoSiNeT, for IIoT devices that maintains precise synchronization performance in a wide range of operating conditions. We have conducted measurements in local network deployments such as home and a university campus in order to evaluate the proposed algorithm performance. The results show that CoSiNeT matches well with SNTP and state-of-the-art method in good network conditions in terms of accuracy and precision; however, it outperforms them in degrading network scenarios. In our measurements, in fair network conditions, CoSiNeT improves synchronization performance by 23% and 25% compared to SNTP and state-of-the-art method. In the case of poor network conditions, it improves performance by 43% and 26%, respectively.
|
|
| 8. |
- Gore, Rahul Nandkumar, et al.
(författare)
-
CoSiWiNeT : A Clock Synchronization Algorithm for Wide Area IIoT Network
- 2021
-
Ingår i: Applied Sciences. - : MDPI AG. - 2076-3417. ; 11:24
-
Tidskriftsartikel (refereegranskat)abstract
- Recent advances in the industrial internet of things (IIoT) and cyber–physical systems drive Industry 4.0 and have led to remote monitoring and control applications that require factories to be connected to remote sites over wide area networks (WAN). The adequate performance of remote applications depends on the use of a clock synchronization scheme. Packet delay variations adversely impact the clock synchronization performance. This impact is significant in WAN as it comprises wired and wireless segments belonging to public and private networks, and such heterogeneity results in inconsistent delays. Highly accurate, hardware–based time synchronization solutions, global positioning system (GPS), and precision time protocol (PTP) are not preferred in WAN due to cost, environmental effects, hardware failure modes, and reliability issues. As a software–based network time protocol (NTP) overcomes these challenges but lacks accuracy, the authors propose a software–based clock synchronization method, called CoSiWiNeT, based on the random sample consensus (RANSAC) algorithm that uses an iterative technique to estimate a correct offset from observed noisy data. To evaluate the algorithm’s performance, measurements captured in a WAN deployed within two cities were used in the simulation. The results show that the performance of the new algorithm matches well with NTP and state–of–the–art methods in good network conditions; however, it outperforms them in degrading network scenarios.
|
|
| 9. |
- Gore, Rahul Nandkumar, et al.
(författare)
-
Delay and Jitter Analysis in Industrial Control Systems : A Paper Mill Case Study
- 2021
-
Ingår i: 17th IEEE International Conference on Factory Communication Systems (WFCS) WFCS'21. - 9781665424783 ; , s. 99-106
-
Konferensbidrag (refereegranskat)abstract
- Industrial control systems have strict requirements for time-sensitive applications and clock synchronization services. Performance of such applications is adversely impacted by packet delays and jitters. The impact is especially critical in process industries due to harsh environmental conditions. In this paper, we analyze delays and jitters to assess the performance of time-sensitive applications. To this end, we captured and analyzed round trip delay data retrieved from a paper factory. Analysis shows that a sub-millisecond level average delays and the jitters derived from the observed data are sufficient to meet the minimum 10ms update frequency required for most critical control applications. Moreover, the filtered delay variations at the end devices are less than the recommended 150us, which guarantees an adequate time synchronization accuracy in the factory network. Besides, this analysis can provide significant insights into performance bottlenecks for factory applications.
|
|
| 10. |
- Gore, Rahul Nandkumar
(författare)
-
Improving Clock Synchronization Performance in Industrial Networks
- 2023
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- The recent advances in cyber-physical systems and industrial internet-of-things (IIoT) have enabled the convergence of information technology (IT) and operational technology (OT) worlds of industrial automation systems achieving higher productivity, reliability, and revenues. The availability of business-critical and production-critical data on the converged network has enabled new and advanced network-centric applications that require time-constrained embedded devices to be connected to “the internet.'' The massively interconnected IIoT devices communicating in real-time require a accurate, scalable, easy-to-deploy, and cost-effective clock synchronization service for the ordering of information collected throughout a network. Thus, a time or clock synchronization service that aligns the devices' clocks in the network to ensure accurate timestamping and orderly event executions, has gained great importance. The industrial networks are heterogeneous in nature, where various grades of hardware resources along with varied software complexities operate in average to extremely harsh and hostile environments. The heterogeneity and the huge number of devices make it challenging to achieve an adequate level of clock synchronization in industrial networks with existing hardware and software-based solutions. For this reason, the thesis aims to enhance the accuracy of the most-economical, highly scalable, and easy-to-deploy software-based clock synchronization in wired industrial networks with the hypothesis that predictive software strategies can compensate for their lack of accuracy.The first step towards this goal is to identify the industrial network characteristics essential for improving clock synchronization. The analysis of real network data from an industrial site confirmed that packet delay variation (PDV) could assure the clock synchronization performance in an industrial network. Using signal processing-based PDV compensation methods, we propose enhanced clock synchronization algorithms, namely, 'CoSiNeT' and 'CoSiWiNet' for local and wide area industrial networks. Based on the analysis in real networks, both algorithms outperform state-of-the-practice and state-of-the-art methods in degrading network scenarios. Once the significance of PDV in synchronization performance has been confirmed, the next step is identifying the network parameters significantly affecting PDV. The thesis provides a network calculus-based PDV analysis of synchronization messages in a multi-stage wired packet-switched network under the presence of stochastic background traffic. The analysis, based on a closed-form, end-to-end probabilistic analytical model of PDV, identifies the network parameters that significantly affect PDV. It further unveils the significant relationship between PDV incurred by synchronization messages and the rate, burstiness of background network traffic parameters. Bounding the PDV or jitter under a certain level can be beneficial for applications such as synchronization, where PDV is a significant decider of assured performance. A Sigma traffic shaper is proposed to maintain PDV under limits by controlling the rate of incoming background traffic at the ingress port of the network. We further estimate the probability of a synchronization message loss due to the shaper, given the finite buffers available at network stages. The loss probability estimation is a vital trade-off tool that can be utilized to fix the limiting rate for a desired PDV maintenance. Finally, we extend the PDV analysis to predict the probabilistic clock synchronization accuracy bound for given network conditions. The performance analysis conducted with proposed configurations showed that limiting the arrival traffic rate to 50% resulted in PDV levels and in turn synchronization accuracy being reduced from a few milliseconds to a few microseconds.
|
|
