With the upsurge of knowledge graph research, the multimedia field supports the upper multimedia services by constructing the domain knowledge graph to improve the user experience quality of multimedia services. However, the quality of knowledge graph will have a great impact on the performance of the upper multimedia service supported by it. The existing quantitative methods of knowledge graph quality have some problems, such as incomplete information utilization and so on. Therefore, this paper proposes a trustworthiness measurement method of joint entity type embedding and transformer encoder, which is quantified respectively from the local level and the global level, makes full use of the rich semantic information in the knowledge graph, and comprehensively evaluates the quality of the knowledge graph. The experimental results show that the method proposed in this paper can solve the problem that the traditional methods can not detect the matching error of entity and entity type under the condition that the error detection effect of traditional triples is basically unchanged.

As in many other research domains, Artificial Intelligence (AI) techniques have been increasing their footprint in Earth Sciences to extract meaningful information from the large amount of high-detailed data available from multiple sensor modalities. While on the one hand the existing success cases endorse the great potential of AI to help address open challenges in ES, on the other hand on-going discussions and established lessons from studies on the sustainability, ethics and trustworthiness of AI must be taken into consideration if the community is to ensure that its research efforts move into directions that effectively benefit the society and the environment. In this paper, we discuss insights gathered from a brief literature review on the subtopics of AI Ethics, Sustainable AI, AI Trustworthiness and AI for Earth Sciences in an attempt to identify some of the promising directions and key needs to successfully bring these concepts together.

The demo presents recent work on social robots that provide information from knowledge graphs in online graph databases. Sometimes more cooperative responses can be generated by using taxonomies and other semantic metadata that has been added to the knowledge graphs. Sometimes metadata about data provenance suggests higher or lower trustworthiness of the data. This raises the question whether robots should indicate trustworthiness when providing the information, and whether this should be done explicitly by meta-level comments or implicitly for example by modulating the robots’ tone of voice and generating positive and negative affect in the robots’ facial expressions.

Taking the sellers’ trustworthiness as a mediation variable, this paper mainly examines the impact of online reviews on the consumers’ purchase decisions. Conducting an online survey, we collect the corresponding data to conduct the hypothesis test by using the SPSS software. We find that the quality of online reviews has a positive impact on consumers’ perceived values and sellers’ trustworthiness. The timeliness of online reviews has a positive impact on consumers’ perceived values, which can have a positive impact on sellers’ trustworthiness. An interesting observation indicates that the perceived values can indirectly influence consumers’ purchase decisions by taking sellers’ trustworthiness as a mediation variable. The sellers’ trustworthiness has a positive impact on consumers’ purchase decisions. We believe that our findings can help online sellers to better manage online reviews.

Software trustworthiness evaluation (STE) is regarded as a Multi-Criteria Decision Making (MCDM) problem that consists of criteria. However, most of the current STE do not consider the relationships between criteria. This paper presents a software trustworthiness evaluation method based on the relationships between criteria. Firstly, the relationships between criteria is described by cooperative and conflicting degrees between criteria. Then, a measure formula for the substitutivity between criteria is proposed and the cooperative degree between criteria is taken as the approximation of the substitutivity between criteria. With the help of the substitutivity between criteria, the software trustworthiness measurement model obtained by axiomatic approaches is applied to aggregate the degree to which each optional software product meets each objective. Finally, the candidate software products are sorted according to the trustworthiness aggregation results, and the optimal product is obtained from the alternative software products on the basis of the sorting results. The effectiveness of the proposed method is demonstrated through case study.

The loose coupling and distributed nature of service-oriented architecture (SOA) can easily lead to trustworthiness problem of service composition. The current Web service composition trustworthiness evaluation method is biased towards the service provider itself, while ignoring the trustworthiness of the service discoverer and user. This paper mainly studies a multi-angle Web service composition trustworthiness evaluation method, comprehensively considers the three aspects of Web service composition, and uses the service finder to expand the service center. The experiment proves that this kind of trustworthiness evaluation method of Web service composition can improve the accuracy and comprehensiveness of trustworthiness evaluation.

Artificial intelligence (AI) technology is rapidly being introduced and used in all industries as the core technology. Further, concerns about unexpected social issues are also emerging. Therefore, each country, and standard and international organizations, are developing and distributing guidelines to maximize the benefits of AI while minimizing risks and side effects. However, there are several hurdles for developers to use them in actual industrial fields such as ambiguity in terminologies, lack of concreteness according to domain, and non-specific requirements. Therefore, in this paper, approaches to address these problems are presented. If the recommendations or guidelines to be developed in the future refer to the proposed approaches, it would be a guideline for assuring AI trustworthiness that is more developer-friendly.

The digital transformation brought on by 5G is redefining current models of end-to-end (E2E) connectivity and service reliability to include security-by-design principles necessary to enable 5G to achieve its promise. 5G trustworthiness highlights the importance of embedding security capabilities from the very beginning while the 5G architecture is being defined and standardized. Security requirements need to overlay and permeate through the different layers of 5G systems (physical, network, and application) as well as different parts of an E2E 5G architecture within a risk-management framework that takes into account the evolving security-threats landscape. 5G presents a typical use-case of wireless communication and computer networking convergence, where 5G fundamental building blocks include components such as Software Defined Networks (SDN), Network Functions Virtualization (NFV) and the edge cloud. This convergence extends many of the security challenges and opportunities applicable to SDN/NFV and cloud to 5G networks. Thus, 5G security needs to consider additional security requirements (compared to previous generations) such as SDN controller security, hypervisor security, orchestrator security, cloud security, edge security, etc. At the same time, 5G networks offer security improvement opportunities that should be considered. Here, 5G architectural flexibility, programmability and complexity can be harnessed to improve resilience and reliability. The working group scope fundamentally addresses the following: •5G security considerations need to overlay and permeate through h the different layers of the 5G systems (physical, network, and application) as well as different parts of an E2E 5G architecture including a risk management framework that takes into account the evolving security threats landscape. •5G exemplifies a use-case of heterogeneous access and computer networking convergence, which extends a unique set of security challenges and opportunities (e.g., related to SDN/NFV and edge cloud, etc.) to 5G networks. Similarly, 5G networks by design offer potential security benefits and opportunities through harnessing the architecture flexibility, programmability and complexity to improve its resilience and reliability. •The IEEE FNI security WG s roadmap framework follows a taxonomic structure, differentiating the 5G functional pillars and corresponding cybersecurity risks. As part of cross collaboration, the security working group will also look into the security issues associated with other roadmap working groups within the IEEE Future Network Initiative.

Provenance 2022 - Connected vehicles (CVs) have facilitated the development of intelligent transportation system that supports critical safety information sharing with minimum latency. However, CVs are vulnerable to different external and internal attacks. Though cryptographic techniques can mitigate external attacks, preventing internal attacks imposes challenges due to authorized but malicious entities. Thwarting internal attacks require identifying the trustworthiness of the participating vehicles. This paper proposes a trust management framework for CVs using interaction provenance that ensures privacy, considers both in-vehicle and vehicular network security incidents, and supports flexible security policies. For this purpose, we present an interaction provenance recording and trust management protocol. Different events are extracted from interaction provenance, and trustworthiness is calculated using fuzzy policies based on the events.

Predictive Security Metrics - Security metrics for software products give a quantifiable assessment of a software system s trustworthiness. Metrics can also help detect vulnerabilities in systems, prioritize corrective actions, and raise the level of information security within the business. There is a lack of studies that identify measurements, metrics, and internal design properties used to assess software security. Therefore, this paper aims to survey security measurements used to assess and predict security vulnerabilities. We identified the internal design properties that were used to measure software security based on the internal structure of the software. We also identified the security metrics used in the studies we examined. We discussed how software refactoring had been used to improve software security. We observed that a software system with low coupling, low complexity, and high cohesion is more secure and vice versa. Current research directions have been identified and discussed.

Network Security Resiliency - Distributed cyber-infrastructures and Artificial Intelligence (AI) are transformative technologies that will play a pivotal role in the future of society and the scientific community. Internet of Things (IoT) applications harbor vast quantities of connected devices that collect a massive amount of sensitive information (e.g., medical, financial), which is usually analyzed either at the edge or federated cloud systems via AI/Machine Learning (ML) algorithms to make critical decisions (e.g., diagnosis). It is of paramount importance to ensure the security, privacy, and trustworthiness of data collection, analysis, and decision-making processes. However, system complexity and increased attack surfaces make these applications vulnerable to system breaches, single-point of failures, and various cyber-attacks. Moreover, the advances in quantum computing exacerbate the security and privacy challenges. That is, emerging quantum computers can break conventional cryptographic systems that offer cyber-security services, public key infrastructures, and privacy-enhancing technologies. Therefore, there is a vital need for new cyber-security paradigms that can address the resiliency, long-term security, and efficiency requirements of distributed cyber infrastructures.

Network on Chip Security - Due to the increasing complexity of modern heterogeneous System-on-Chips (SoC) and the growing vulnerabilities, security risk assessment and quantification is required to measure the trustworthiness of a SoC. This paper describes a systematic approach to model the security risk of a system for malicious hardware attacks. The proposed method uses graph analysis to assess the impact of an attack and the Common Vulnerability Scoring System (CVSS) is used to quantify the security level of the system. To demonstrate the applicability of the proposed metric, we consider two open source SoC benchmarks with different architectures. The overall risk is calculated using the proposed metric by computing the exploitability and impact of attack on critical components of a SoC.

Measurement and Metrics Testing - Due to the increasing complexity of modern heterogeneous System-on-Chips (SoC) and the growing vulnerabilities, security risk assessment and quantification is required to measure the trustworthiness of a SoC. This paper describes a systematic approach to model the security risk of a system for malicious hardware attacks. The proposed method uses graph analysis to assess the impact of an attack and the Common Vulnerability Scoring System (CVSS) is used to quantify the security level of the system. To demonstrate the applicability of the proposed metric, we consider two open source SoC benchmarks with different architectures. The overall risk is calculated using the proposed metric by computing the exploitability and impact of attack on critical components of a SoC.

Information Forensics - Access control includes authorization of security administrators and access of users. Aiming at the problems of log information storage difficulty and easy tampering faced by auditing and traceability forensics of authorization and access in cross-domain scenarios, we propose an access control auditing and traceability forensics method based on Blockchain, whose core is Ethereum Blockchain and IPFS interstellar mail system, and its main function is to store access control log information and trace forensics. Due to the technical characteristics of blockchain, such as openness, transparency and collective maintenance, the log information metadata storage based on Blockchain meets the requirements of distribution and trustworthiness, and the exit of any node will not affect the operation of the whole system. At the same time, by storing log information in the blockchain structure and using mapping, it is easy to locate suspicious authorization or judgment that lead to permission leakage, so that security administrators can quickly grasp the causes of permission leakage. Using this distributed storage structure for security audit has stronger anti-attack and anti-risk.

We performed a large-scale online survey (n=1,880) to study the padlock icon, an established security indicator in web browsers that denotes connection security through HTTPS. In this paper, we evaluate users’ understanding of the padlock icon, and how removing or replacing it might influence their expectations and decisions. We found that the majority of respondents (89%) had misconceptions about the padlock’s meaning. While only a minority (23%-44%) referred to the padlock icon at all when asked to evaluate trustworthiness, these padlock-aware users reported that they would be deterred from a hypothetical shopping transaction when the padlock icon was absent. These users were reassured after seeing secondary UI surfaces (i.e., Chrome Page Info) where more verbose information about connection security was present.We conclude that the padlock icon, displayed by browsers in the address bar, is still misunderstood by many users. The padlock icon guarantees connection security, but is often perceived to indicate the general privacy, security, and trustworthiness of a website. We argue that communicating connection security precisely and clearly is likely to be more effective through secondary UI, where there is more surface area for content. We hope that this paper boosts the discussion about the benefits and drawbacks of showing passive security indicators in the browser UI.

Blockchain has emerged as a leading technological innovation because of its indisputable safety and services in a distributed setup. Applications of blockchain are rising covering varied fields such as financial transactions, supply chains, maintenance of land records, etc. Supply chain management is a potential area that can immensely benefit from blockchain technology (BCT) along with smart contracts, making supply chain operations more reliable, safer, and trustworthy for all its stakeholders. However, there are numerous challenges such as scalability, coordination, and safety-related issues which are yet to be resolved. Multi-agent systems (MAS) offer a completely new dimension for scalability, cooperation, and coordination in distributed culture. MAS consists of a collection of automated agents who can perform a specific task intelligently in a distributed environment. In this work, an attempt has been made to develop a framework for implementing a multi-agent system for a large-scale product manufacturing supply chain with blockchain technology wherein the agents communicate with each other to monitor and organize supply chain operations. This framework eliminates many of the weaknesses of supply chain management systems. The overall goal is to enhance the performance of SCM in terms of transparency, traceability, trustworthiness, and resilience by using MAS and BCT.

Blockchain has the potential to enhance supply chain management systems by providing stronger assurance in transparency and traceability of traded commodities. However, blockchain does not overcome the inherent issues of data trust in IoT enabled supply chains. Recent proposals attempt to tackle these issues by incorporating generic trust and reputation management methods, which do not entirely address the complex challenges of supply chain operations and suffers from significant drawbacks. In this paper, we propose DeTRM, a decentralised trust and reputation management solution for supply chains, which considers complex supply chain operations, such as splitting or merging of product lots, to provide a coherent trust management solution. We resolve data trust by correlating empirical data from adjacent sensor nodes, using which the authenticity of data can be assessed. We design a consortium blockchain, where smart contracts play a significant role in quantifying trustworthiness as a numerical score from different perspectives. A proof-of-concept implementation in Hyperledger Fabric shows that DeTRM is feasible and only incurs relatively small overheads compared to the baseline.

Due to the increasing complexity of modern hetero-geneous System-on-Chips (SoC) and the growing vulnerabilities, security risk assessment and quantification is required to measure the trustworthiness of a SoC. This paper describes a systematic approach to model the security risk of a system for malicious hardware attacks. The proposed method uses graph analysis to assess the impact of an attack and the Common Vulnerability Scoring System (CVSS) is used to quantify the security level of the system. To demonstrate the applicability of the proposed metric, we consider two open source SoC benchmarks with different architectures. The overall risk is calculated using the proposed metric by computing the exploitability and impact of attack on critical components of a SoC.

In the context of cybersecurity systems, trust is the firm belief that a system will behave as expected. Trustworthiness is the proven property of a system that is worthy of trust. Therefore, trust is ephemeral, i.e. trust can be broken; trustworthiness is perpetual, i.e. trustworthiness is verified and cannot be broken. The gap between these two concepts is one which is, alarmingly, often overlooked. In fact, the pressure to meet with the pace of operations for mission critical cross domain solution (CDS) development has resulted in a status quo of high-risk, ad hoc solutions. Trustworthiness, proven through formal verification, should be an essential property in any hardware and/or software security system. We have shown, in "vCDS: A Virtualized Cross Domain Solution Architecture", that developing a formally verified CDS is possible. virtual CDS (vCDS) additionally comes with security guarantees, i.e. confidentiality, integrity, and availability, through the use of a formally verified trusted computing base (TCB). In order for a system, defined by an architecture description language (ADL), to be considered trustworthy, the implemented security configuration, i.e. access control and data protection models, must be verified correct. In this paper we present the first and only security auditing tool which seeks to verify the security configuration of a CDS architecture defined through ADL description. This tool is useful in mitigating the risk of existing solutions by ensuring proper security enforcement. Furthermore, when coupled with the agile nature of vCDS, this tool significantly increases the pace of system delivery.

It is the key to the Internet's expansion of social and economic functions by ensuring the credibility of online users' identities and behaviors while taking into account privacy protection. Public Key Infrastructure (PKI) and blockchain technology have provided ways to achieve credibility from different perspectives. Based on these two technologies, we attempt to generalize people's offline activities to online ones with our proposed model, Atom and Molecule. We then present the strict definition of trustworthy system and the trustworthy Internet. The definition of Generalized Blockchain and its practical implementation are provided as well.

Domestic service robots become increasingly prevalent and autonomous, which will make task priority conflicts more likely. The robot must be able to effectively and appropriately negotiate to gain priority if necessary. In previous human-robot interaction (HRI) studies, imitating human negotiation behavior was effective but long-term effects have not been studied. Filling this research gap, an interactive online study (\$N=103\$) with two sessions and six trials was conducted. In a conflict scenario, participants repeatedly interacted with a domestic service robot that applied three different conflict resolution strategies: appeal, command, diminution of request. The second manipulation was reinforcement (thanking) of compliance behavior (yes/no). This led to a 3×2×6 mixed-subject design. User acceptance, trust, user compliance to the robot, and self-reported compliance to a household member were assessed. The diminution of a request combined with positive reinforcement was the most effective strategy and perceived trustworthiness increased significantly over time. For this strategy only, self-reported compliance rates to the human and the robot were similar. Therefore, applying this strategy potentially seems to make a robot equally effective as a human requester. This paper contributes to the design of acceptable and effective robot conflict resolution strategies for long-term use.

As autonomous service robots will become increasingly ubiquitous in our daily lives, human-robot conflicts will become more likely when humans and robots share the same spaces and resources. This thesis investigates the conflict resolution of robots and humans in everyday conflicts in the domestic and public context. Hereby, the acceptability, trustworthiness, and effectiveness of verbal and non-verbal strategies for the robot to solve the conflict in its favor are evaluated. Based on the assumption of the Media Equation and CASA paradigm that people interact with computers as social actors, robot conflict resolution strategies from social psychology and human-machine interaction were derived. The effectiveness, acceptability, and trustworthiness of those strategies were evaluated in online, virtual reality, and laboratory experiments. Future work includes determining the psychological processes of human-robot conflict resolution in further experimental studies.

State of the art Artificial Intelligence Assurance (AIA) methods validate AI systems based on predefined goals and standards, are applied within a given domain, and are designed for a specific AI algorithm. Existing works do not provide information on assuring subjective AI goals such as fairness and trustworthiness. Other assurance goals are frequently required in an intelligent deployment, including explainability, safety, and security. Accordingly, issues such as value loading, generalization, context, and scalability arise; however, achieving multiple assurance goals without major trade-offs is generally deemed an unattainable task. In this manuscript, we present two AIA pipelines that are model-agnostic, independent of the domain (such as: healthcare, energy, banking), and provide scores for AIA goals including explainability, safety, and security. The two pipelines: Adversarial Logging Scoring Pipeline (ALSP) and Requirements Feedback Scoring Pipeline (RFSP) are scalable and tested with multiple use cases, such as a water distribution network and a telecommunications network, to illustrate their benefits. ALSP optimizes models using a game theory approach and it also logs and scores the actions of an AI model to detect adversarial inputs, and assures the datasets used for training. RFSP identifies the best hyper-parameters using a Bayesian approach and provides assurance scores for subjective goals such as ethical AI using user inputs and statistical assurance measures. Each pipeline has three algorithms that enforce the final assurance scores and other outcomes. Unlike ALSP (which is a parallel process), RFSP is user-driven and its actions are sequential. Data are collected for experimentation; the results of both pipelines are presented and contrasted.

Military networks consist of heterogeneous devices that provide soldiers with real-time terrain and mission intel-ligence. The development of next-generation Software Defined Networks (SDN)-enabled devices is enabling the modernization of traditional military networks. Commonly, traditional military networks take the trustworthiness of devices for granted. How-ever, the recent modernization of military networks introduces cyber attacks such as data and identity spoofing attacks. Hence, it is crucial to ensure the trustworthiness of network traffic to ensure the mission's outcome. This work proposes a Continuous Behavior-based Authentication (CBA) protocol that integrates network traffic analysis techniques to provide robust and efficient network management flow by separating data and control planes in SDN-enabled military networks. The evaluation of the CBA protocol aimed to measure the efficiency of the proposed protocol in realistic military networks. Furthermore, we analyze the overall network overhead of the CBA protocol and its accuracy to detect rogue network traffic data from field devices.

We have proposed a new Smart Meter Application (SMA) Framework. This application registers consumers at utility provider (Electricity), takes the meter reading for electricity and makes billing. The proposed application might offer higher level of flexibility and security, time saving and trustworthiness between consumers and authority offices. It’s expected that the application will be developed by Flutter to support Android and iOS Mobile Operating Systems.