Processor design and manufacturing is often done globally, involving multiple companies, some of which can be untrustworthy. This lack of trust leads to the threat of malicious modifications like Hardware Trojans. Hardware Trojans can cause drastic consequences and even endanger human lives. Hence, effective countermeasures against Hardware Trojans are urgently needed. To develop countermeasures, Hardware Trojans and their properties have to be understood well. For this reason, we describe and characterize Hardware Trojans in detail in this paper. We perform a theoretical analysis of Hardware Trojans for processors. Afterwards, we present a new classification of processor constituents, which can be used to derive several triggers and payloads and compare them with previously published Hardware Trojans. This shows in detail possible attack vectors for processors and gaps in existing processor Hardware Trojan landscape. No previous work presents such a detailed investigation of Hardware Trojans for processors. With this work, we intend to improve understanding of Hardware Trojans in processors, supporting the development of new countermeasures and prevention techniques.

Human-Centered Artificial Intelligence (AI) focuses on AI systems prioritizing user empowerment and ethical considerations. We explore the importance of usercentric design principles and ethical guidelines in creating AI technologies that enhance user experiences and align with human values. It emphasizes user empowerment through personalized experiences and explainable AI, fostering trust and user agency. Ethical considerations, including fairness, transparency, accountability, and privacy protection, are addressed to ensure AI systems respect human rights and avoid biases. Effective human AI collaboration is emphasized, promoting shared decision-making and user control. By involving interdisciplinary collaboration, this research contributes to advancing human-centered AI, providing practical recommendations for designing AI systems that enhance user experiences, promote user empowerment, and adhere to ethical standards. It emphasizes the harmonious coexistence between humans and AI, enhancing well-being and autonomy and creating a future where AI technologies benefit humanity. Overall, this research highlights the significance of human-centered AI in creating a positive impact. By centering on users needs and values, AI systems can be designed to empower individuals and enhance their experiences. Ethical considerations are crucial to ensure fairness and transparency. With effective collaboration between humans and AI, we can harness the potential of AI to create a future that aligns with human aspirations and promotes societal well-being.

Boolean network is a popular and well-established modelling framework for gene regulatory networks. The steady-state behaviour of Boolean networks can be described as attractors, which are hypothesised to characterise cellular phenotypes. In this work, we study the target control problem of Boolean networks, which has important applications for cellular reprogramming. More specifically, we want to reduce the total number of attractors of a Boolean network to a single target attractor. Different from existing approaches to solving control problems of Boolean networks with node perturbations, we aim to develop an approach utilising edgetic perturbations. Namely, our objective is to modify the update functions of a Boolean network such that there remains only one attractor. The design of our approach is inspired by Thomas’ first rule, and we primarily focus on the removal of cycles in the interaction graph of a Boolean network. We further use results in the literature to only remove positive cycles which are responsible for the appearance of multiple attractors. We apply our solution to a number of real-life biological networks modelled as Boolean networks, and the experimental results demonstrate its efficacy and efficiency.

Operational technology (OT) systems use hardware and software to monitor and control physical processes, devices, and infrastructure - often critical infrastructures. The convergence of information technology (IT) and OT has significantly heightened the cyber threats in OT systems. Although OT systems share many of the hardware and software components in IT systems, these components often operate under different expectations. In this work, several hardware root-of-trust architectures are surveyed and the attacks each one mitigates are compared. Attacks spanning the design, manufacturing, and deployment life cycle of safety-critical operational technology are considered. The survey examines architectures that provide a hardware root-of-trust as a peripheral component in a larger system, SoC architectures with an integrated hardware root-of-trust, and FPGA-based hardware root-of-trust systems. Each architecture is compared based on the attacks mitigated. The comparison demonstrates that protecting operational technology across its complete life cycle requires multiple solutions working in tandem.

For power grid enterprises in the development of power engineering infrastructure, line equipment operation and inspection and other production and management activities, often due to evidence collection is not timely, lack of effective evidence and other reasons lead to the inability to prove, weak defense of rights, to the legitimate rights and interests of power grid enterprises caused losses. In this context, this paper carries out the technical research on the whole life cycle management scheme of electronic evidence for power grid enterprises safety production, designs the architecture of electronic evidence credible storage and traceability application service system, and realizes the whole life cycle credible management of electronic evidence from collection, curing, transmission, sealing to checking and identification. Enhance the credibility of electronic evidence, access to evidence from the traditional "after the fact evidence" to "before the evidence" mode change, and promote the company s safety production management level.

Original Equipment Manufacturers (OEMs) need to collaborate within and outside their organizations to improve product quality and time to market. However, legacy systems built over decades using different technology stacks make information sharing and maintaining consistency challenging. Distributed ledger technologies (DLTs) can improve efficiency and provide trust, thus helping to achieve a more streamlined and unified collaboration infrastructure. However, most of the work done is theoretical or conceptual and lacks implementation. This paper elaborates on architecture and implementing a proof of concept (POC) of blockchain-based interoperability and data sharing system that allows OEMs to collaborate seamlessly and share information in real-time.

With the popularization of AIoT applications, every endpoint device is facing information security risks. Thus, how to ensure the security of the device becomes essential. Chip security is divided into software security and hardware security, both of which are indispensable and complement each other. Hardware security underpins the entire cybersecurity ecosystem by proving essential primitives, including key provisioning, hardware cryptographic engines, hardware unique key (HUK), and unique identification (UID). This establishes a Hardware Root of Trust (HRoT) with secure storage, secure operation, and a secure environment to provide a trustworthy foundation for chip security. Today s talk starts with how to use a Physical Unclonable Function (PUF) to generate a unique “fingerprint” (static random number) for the chip. Next, we will address using a static random number and dynamic entropy to design a high-performance true random number generator and achieve real anti-tampering HRoT by leveraging static and dynamic entropy. By integrating NISTstandard cryptographic engines, we have created an authentic PUF-based Hardware Root of Trust. The all-in-one integrated solution can handle all the necessary security functions throughout the product life cycle as well as maintaining a secure boundary to achieve the integrity of sensitive information or assets. Finally, as hardware-level protection extends to operating systems and applications, products and services become secure.

Industrial control systems (ICSs) and supervisory control and data acquisition (SCADA) are frequently used and are essential to the operation of vital infrastructure such as oil and gas pipelines, power plants, distribution grids, and airport control towers. However, these systems confront a number of obstacles and risks that can jeopardize their safety and reliability, including communication failures, cyber-attacks, environmental hazards, and human errors. How can ensure that SCADA systems are both effective and secure? The oil and gas industry literature needs to include an analysis of the underpinning design process. Available research fails to offer appropriate direction for a methodical technique or modeling language that enables trust-based study of ICS and SCADA systems. The most pressing challenges include attaining trust by design in ICS and SCADA, as well as methodically implementing trust design into the development process from the beginning of the system s life cycle. This paper presents the design of a modern ICS and SCADA system for the oil and gas industries utilizing model-based systems engineering (MBSE) approaches. ICS and SCADA concepts and definitions are presented, and ICS and SCADA are examined using comprehensive architectural artifacts. By extending the SysML diagrams to trust ICS, SCADA, and UML diagrams, we showcase the usefulness of the MBSE method.

Summary \& ConclusionsResilience, a system property merging the consideration of stochastic and malicious events focusing on mission success, motivates researchers and practitioners to develop methodologies to support holistic assessments. While established risk assessment methods exist for early and advanced analysis of complex systems, the dynamic nature of security is much more challenging for resilience analysis.The scientific contribution of this paper is a methodology called Trust Loss Effects Analysis (TLEA) for the systematic assessment of the risks to the mission emerging from compromised trust of humans who are part of or are interacting with the system. To make this work more understandable and applicable, the TLEA method follows the steps of Failure Mode, Effects \& Criticality Analysis (FMECA) with a difference in the steps related to the identification of security events. There, the TLEA method uses steps from the Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service (DoS), Elevation of privilege (STRIDE) methodology.The TLEA is introduced using a generic example and is then demonstrated using a more realistic use case of a drone-based system on a reconnaissance mission. After the application of the TLEA method, it is possible to identify different risks related to the loss of trust and evaluate their impact on mission success.

Cybersecurity is an ever-evolving discipline that aims to protect every aspect of an information system, including its users, from digital threats, adversaries and attacks. When it comes to the overall security of an account or a system as a whole, the combination of people and passwords have always been considered the weakest link in the chain since poorly chosen weak, leaked, reused and easy-to-remember passwords still continue to pose an insurmountable threat to the security of innumerable accounts and systems. Yet, much to the dismay of cybersecurity specialists and researchers from all over the world, password-based authentication still remains as one of the most dominant ways of verifying a user s identity, thus making our password-protected accounts, systems and devices a highly lucrative target for cybercriminals. This paper aims to highlight the strengths and weaknesses of passwords in comparison with various other techniques such as multi-factor and adaptive risk-based authentication schemes that have been adopted over the years to augment password-based authentication systems as well as discuss the recent advent of the FIDO2 authentication standard that aims to bid adieu to passwords in favor of making biometric and possession-based authentication the new norm by making them more easily accessible to developers and users alike while ensuring an optimum level of security and privacy at all times.

With people s attention to information security, the research on authentication encryption algorithm has become a very important branch of cryptography in recent years. It is widely used in data encryption, message authentication, authentication and key management. In the network of large-scale communication nodes, there are a large quantity of network nodes and a variety of devices. The traditional PKI cryptosystem has the problems of certificate management difficulty and resource waste. Based on the research of block cipher algorithm, this article discusses its application in the design of terminal identity authentication system, and designs a node two-way authentication scheme based on identity encryption. The simulation results show that the block cipher algorithm proposed in this article can get 95.82\%, accuracy, which is higher than the contrast algorithm. Authentication and encryption algorithm based on block cipher plays an important role in authentication and encryption algorithm because of its fast implementation speed of software and hardware and easy standardization. The research shows that the algorithm proposed in this article is superior to other algorithms in the application of terminal identity authentication system. It provides a new solution for related research.

Due to the existing global navigation satellite system (GNSS) is an open, without certification system, satellite receiver is vulnerable to the potential for fraud. Therefore, it is urgent to solve the security certification problem of GNSS civil signals. Aiming at the above problems, this paper proposes a navigation encryption authentication technology based on modulation Method authentication (MMA) based on UBFH-BOC signal system. The results show that the authentication scheme can effectively resist the threat of spoofing, ensure the security of navigation signal transmission, and provide a reference for the subsequent application of high security navigation signal structure.

The changes in technologies has also changed the way we compute. Computing applications provide various types of functionalities. However, a common thing is to secure the same computing system. It requires a high level of developer skills to secure a system. Generally, verifying users before access of services, encryption of data, and techniques of parallel access of information by multiple users is done to ensure only valid users can access the services. One need to verify person, device, process, or service before it access the related service(s). In this paper, we present a review of authentication techniques used in computing computing. It elaborates methods used for traditional authentication using articles, letters, people, passwords, one-time passwords, digital certificates, two-way authentication to latest behavioural, doodles, image sequence, gestures based recognition of users using biometrics, gait-based and their behavioural analytics. It also discusses key features of various methods including gaps and scope of improvement.

The development of IoT has penetrated various sectors. The development of IoT devices continues to increase and is predicted to reach 75 billion by 2025. However, the development of IoT devices is not followed by security developments. Therefore, IoT devices can become gateways for cyber attacks, including brute force and sniffing attacks. Authentication mechanisms can be used to ward off attacks. However, the implementation of authentication mechanisms on IoT devices is challenging. IoT devices are dominated by constraint devices that have limited computing. Thus, conventional authentication mechanisms are not suitable for use. Two-factor authentication using RFID and fingerprint can be a solution in providing an authentication mechanism. Previous studies have proposed a two-factor authentication mechanism using RFID and fingerprint. However, previous research did not pay attention to message exchange security issues and did not provide mutual authentication. This research proposes a secure mutual authentication protocol using two-factor RFID and fingerprint using MQTT protocol. Two processes support the authentication process: the registration process and authentication. The proposed protocol is tested based on biometric security by measuring the false acceptance rate (FAR) and false rejection rate (FRR) on the fingerprint, measuring brute force attacks, and measuring sniffing attacks. The test results obtained the most optimal FAR and FRR at the 80\% threshold. Then the equal error rate (ERR) on FAR and FRR is around 59.5\%. Then, testing brute force and sniffing attacks found that the proposed protocol is resistant to both attacks.

The proliferation of sensitive information being stored online highlights the pressing need for secure and efficient user authentication methods. To address this issue, this paper presents a novel zero-effort two-factor authentication (2FA) approach that combines the unique characteristics of a user s environment and Machine Learning (ML) to confirm their identity. Our proposed approach utilizes Wi-Fi radio wave transmission and ML algorithms to analyze beacon frame characteristics and Received Signal Strength Indicator (RSSI) values from Wi-Fi access points to determine the user s location. The aim is to provide a secure and efficient method of authentication without the need for additional hardware or software. A prototype was developed using Raspberry Pi devices and experiments were conducted to demonstrate the effectiveness and practicality of the proposed approach. Results showed that the proposed system can significantly enhance the security of sensitive information in various industries such as finance, healthcare, and retail. This study sheds light on the potential of Wi-Fi radio waves and RSSI values as a means of user authentication and the power of ML to identify patterns in wireless signals for security purposes. The proposed system holds great promise in revolutionizing the field of 2FA and user authentication, offering a new era of secure and seamless access to sensitive information.

In today s world, the traditional way of password based authentication is having limitations in addressing the security concerns of the digital users. There is a strong movement in favour of passwordless authentication to secure our cyber identities and digital assets. In the recent years, a lot of research outputs have been published in the field of authentication with techniques like multifactor authentication, passwordless authentication, adaptive authentication and continuous authentication. Not only the user, but also the device, the application etc. must be authenticated to access the resources, facilities and services. Even though the passwords face some serious security issues, they enjoy considerable user acceptance and hence some schemes termed as semi-passwordless authentication are also prevalent. This paper goes through existing authentication schemes, their security issues, attacks and the next step ahead.

With the advances in 5G communication and mobile device, internet of drones (IoD) has emerged as a fascinating new concept in the realm of smart cities, and has garnered significant interest from both scientific and industrial communities. However, IoD are fragile to variety of security attacks because an adversary can reuse, delete, insert, intercept or block the transmitted messages over an open channel. Therefore, it is imperative to have robust and efficient authentication and key agreement (AKA) schemes for IoD in order to to fulfill the necessary security requirements. Recently, Nikooghadm et al. designed a secure and lightweight AKA scheme for internet of drones (IoD) in IoT environments. However, we prove that their scheme is not resilient to various security threats and does not provide the necessary security properties. Thus, we propose the essential security requirements and guidelines to enhance the security flaws of Nikooghadm et al.’s scheme.

As digital ecosystems burgeon, the imperative to fortify user authentication methods intensifies. This paper introduces a novel two-factor authentication system designed to transcend the limitations of conventional password-based approaches. Our approach intertwines traditional login credentials with personalized image-based verification, ushering in a dual-layered authentication paradigm. This elevates security by mandating the fulfillment of two independent factors and engenders a user-centric authentication experience. Users establish primary login credentials during the account creation phase and select personalized images imbued with personal significance. Each image is intricately linked to a user-defined keyword, enhancing the authentication process s meaningfulness. The authentication phase comprises submitting primary credentials, random display of associated keywords, and subsequent user identification and image upload. The system intelligently restricts authentication attempts with differentiated limits for known and unknown devices to preempt password attacks. The amalgamation of personalized images, keywords, and a strategic limitation on authentication attempts distinguishes our system as a comprehensive solution. It mitigates the vulnerabilities associated with traditional authentication methods and augments the user experience. Our two-factor authentication system stands as a testament to the evolving landscape of user authentication, offering a secure and engaging pathway in an era of heightened digital vulnerabilities. While our innovative system presents significant progress, it is imperative to recognize certain limitations for a successful implementation. Ongoing attention and refinement are particularly crucial in addressing concerns related to device and image dependency and potential vulnerabilities associated with shoulder surfing attacks.

In present authentication systems on the web, users are compelled to interact with identity providers. Initially, they are required to register on a particular website wherein they fill all their details. After this stage, they get a user id and password or token which they can use for accessing the application and their respective features. However, from security point of view, this type of system can be challenging. In such systems, authentication of data is available with the identity providers. It could be hacked to obtain the user passwords and other details. Various current systems track the activity of users and users provide access to sensitive information for the same. For example, access to storage, files, contacts, etc. To make sure that data is available, third-party servers are required which need to be available during authentication. In current, various methods for authentication such as Single-Factor, Two-Factor Authentication (2FA), Single Sign-On, Multi-Factor Authentication, etc are used. In this paper, we will study the authentication systems, their advantages and flaws along with the protocols used.

Data encryption is the process of turning data into encrypted data. It is a crucial technology for securing data while it is being stored or transmitted, especially in cloud environments where data is stored remotely and accessed over the internet. In our study, we compared five well-known algorithms to determine which is the most reliable for data encryption in cloud environments. This research study provides insights into the performance of different data encryption algorithms in the cloud environment and their potential applications in various industries. There are several benefits of using data encryption, including cost efficiency, management control and remote worker protection. Encryption is cheap to implement as many of today s devices and systems come with built-in encryption technology. Encryption can free organizations from government-imposed regulatory fines as some governments have mandated regulations and requirements regarding data protection that require private data to be encrypted and prevent all unauthorized access and all illegal activities. Encryption can help secure and protect remote workers by securing their data and communications. As more and more employees opt for remote working, that is, working from home, the need for data security has become more important.

Encryption technique is widely used to ensure security in communication and wireless networks such as the Internet, Networking zone and Intranet. Every type of data has its own characteristics consequently, to safeguard private picture data from unwanted access, a variety of strategies are employed. In this paper an image encryption technology called Data Encryption Standard (DES) is combined with XOR to create a block cypher transformation algorithm for picture security. The suggested method is based on XOR with DES encryption, which emphasizes larger changes in the RGB combination as well as the histogram. The findings of the suggested method indicate more variety. The security of the system will be increased by increasing the variety.

Nowadays, the increasing number of devices deployed in IoT systems implementation and the requirement of preserving the integrity of data transported over the Internet, demand the use of data encryption schemes. This paper aims to show the performance evaluation of CP-ABE (Ciphertext-Policy Attribute Based Encryption) type of encryption over MQTT (Message Queue Transport Telemetry) that focuses on execution time for an IoT system with Raspberry Pi. For the implementation, two Raspberry Pi 4 Computer Model B are used for both the publisher and the subscriber, and a computer with Ubuntu 20.04 LTS operating system is used for the Broker and the Key Authority. The result of the present work provides relevant information on the execution times required in the CP-ABE encryption scheme to provide data integrity and fine-grained access control policy in an IoT system. The work demonstrates that the CP-ABE encryption scheme is suitable for IoT systems.

This paper present s a new image encryption model with focus on symmetric key schemes. It discus 5 schemes: Random Generation Key (8B); Random Key Generation part A(4B) and part B(4B); Input User Key (4B), Encrypted key and Random Key generation (4B); Random Key Generate (4B) and Input User Encrypted Key (4B); Input User Key (8B). Experimental results are based on image encryption by DES algorithm (5 instances) and by AES algorithm (5 instances). A table with image quality values and a table with complex arithmetic mean error are done.

The foundation of cryptography is number theory, which is crucial to data security. The majority of commonly used encryption techniques use prime integers, making it challenging to identify specific prime values (keys). The suggested approach employs matrices and vectors as keys, making it harder to identify the individual keys and using vectors to represent the data. Now a days, one method for providing data security safeguards is encryption. The right encryption technique protects digital data from unauthorized access, data corruption, e-piracy, e-theft, and other threats. Data security is the main benefit of utilizing this method. Here, we have used the symmetric key encryption procedure to generate keys from two uneven matrices. Seven different keys in matrix format have been chosen to perform encryption and decryption. With the help of an example, the techniques for encryption and decryption have been explained.

Nowadays, in communications, the main criteria to ensure that the information and communication in the network. The normal two users communication exchanges confidential data and files via the network. Secure data communication is the most important and crucial problem by message transmission networks. To resolve this problem, cryptography uses mathematical encryption and decryption data on adaptation by converting a data from key into an unreadable format. Cryptography provides a method for performing the transmission of confidential or secure communication. The proposed Padding Key Encryption (PKE) algorithm is used to encrypt the data; it generates the secret key in an unreadable format. The receiver decrypts the data using the private key in a readable format. In the proposed PKE algorithm, the sender sends data into plain text to cipher-text using a secret key to the authorized person; the unauthorized person cannot access the data through the Internet; only an authorized person can view the data the private key. The proposed simulation results provide high security to communicate the receiver for confidential data or files compared with other previous methods.