Despite the tremendous impact and potential of Artificial Intelligence (AI) for civilian and military applications, it has reached an impasse as learning and reasoning work well for certain applications and it generally suffers from a number of challenges such as hidden biases and causality. Next, “symbolic” AI (not as efficient as “sub-symbolic” AI), offers transparency, explainability, verifiability and trustworthiness. To address these limitations, neuro-symbolic AI has been emerged as a new AI field that combines efficiency of “sub-symbolic” AI with the assurance and transparency of “symbolic” AI. Furthermore, AI (that suffers from aforementioned challenges) will remain inadequate for operating independently in contested, unpredictable and complex multi-domain battlefield (MDB) environment for the foreseeable future and the AI enabled autonomous systems will require human in the loop to complete the mission in such a contested environment. Moreover, in order to successfully integrate AI enabled autonomous systems into military operations, military operators need to have assurance that these systems will perform as expected and in a safe manner. Most importantly, Human-Autonomy Teaming (HAT) for shared learning and understanding and joint reasoning is crucial to assist operations across military domains (space, air, land, maritime, and cyber) at combat speed with high assurance and trust. In this paper, we present a rough guide to key research challenges and perspectives of neuro symbolic AI for assured and trustworthy HAT.
Authored by Danda Rawat
Modern network defense can benefit from the use of autonomous systems, offloading tedious and time-consuming work to agents with standard and learning-enabled components. These agents, operating on critical network infrastructure, need to be robust and trustworthy to ensure defense against adaptive cyber-attackers and, simultaneously, provide explanations for their actions and network activity. However, learning-enabled components typically use models, such as deep neural networks, that are not transparent in their high-level decision-making leading to assurance challenges. Additionally, cyber-defense agents must execute complex long-term defense tasks in a reactive manner that involve coordination of multiple interdependent subtasks. Behavior trees are known to be successful in modelling interpretable, reactive, and modular agent policies with learning-enabled components. In this paper, we develop an approach to design autonomous cyber defense agents using behavior trees with learning-enabled components, which we refer to as Evolving Behavior Trees (EBTs). We learn the structure of an EBT with a novel abstract cyber environment and optimize learning-enabled components for deployment. The learning-enabled components are optimized for adapting to various cyber-attacks and deploying security mechanisms. The learned EBT structure is evaluated in a simulated cyber environment, where it effectively mitigates threats and enhances network visibility. For deployment, we develop a software architecture for evaluating EBT-based agents in computer network defense scenarios. Our results demonstrate that the EBT-based agent is robust to adaptive cyber-attacks and provides high-level explanations for interpreting its decisions and actions.
Authored by Nicholas Potteiger, Ankita Samaddar, Hunter Bergstrom, Xenofon Koutsoukos
This paper proposes an AI-based intrusion detection method for the ITRI AI BOX information security application. The packets captured by AI BOX are analyzed to determine whether there are network attacks or abnormal traffic according to AI algorithms. Adjust or isolate some unnatural or harmful network data transmission behaviors if detected as abnormal. AI models are used to detect anomalies and allow or restrict data transmission to ensure the information security of devices. In future versions, it will also be able to intercept packets in the field of information technology (IT) and operational technology (OT). It can be applied to the free movement between heterogeneous networks to assist in data computation and transformation. This paper uses the experimental test to realize the intrusion detection method, hoping to add value to the AI BOX information security application. When IT and OT fields use AI BOX to detect intrusion accurately, it will protect the smart factory or hospital from abnormal traffic attacks and avoid causing system paralysis, extortion, and other dangers. We have built the machine learning model, packet sniffing functionality, and the operating system setting of the AI BOX environment. A public dataset has been used to test the model, and the accuracy has achieved 99\%, and the Yocto Project environment has been available in the AI Box and tested successfully.
Authored by Jiann-Liang Chen, Zheng-Zhun Chen, Youg-Sheng Chang, Ching-Iang Li, Tien-I Kao, Yu-Ting Lin, Yu-Yi Xiao, Jian-Fu Qiu
The rapid advancement of cloud technology has resulted in the emergence of many cloud service providers. Microsoft Azure is one among them to provide a flexible cloud computing platform that can scale business to exceptional heights. It offers extensive cloud services and is compatible with a wide range of developer tools, databases, and operating systems. In this paper, a detailed analysis of Microsoft Azure in the cloud computing era is performed. For this reason, the three significant Azure services, namely, the Azure AI (Artificial Intelligence) and Machine Learning (ML) Service, Azure Analytics Service and Internet of Things (IoT) are investigated. The paper briefs on the Azure Cognitive Search and Face Service under AI and ML service and explores this service s architecture and security measures. The proposed study also surveys the Data Lake and Data factory Services under Azure Analytics Service. Subsequently, an overview of Azure IoT service, mainly IoT Hub and IoT Central, is discussed. Along with Microsoft Azure, other providers in the market are Google Compute Engine and Amazon Web Service. The paper compares and contrasts each cloud service provider based on their computing capability.
Authored by Sreyes K, Anushka K, Dona Davis, N. Jayapandian
Wireless Sensor Networks (WSNs) play a pivotal role in critical applications, ranging from industrial control systems to healthcare monitoring. As these networks become increasingly integrated into our daily lives, understanding their energy consumption behavior is paramount for achieving sustainability and resilience. This paper delves into the intricate relationship between energy consumption patterns in WSNs and their security implications within critical contexts. We commence by conducting a comprehensive analysis of energy consumption behavior in WSNs, considering factors such as data transmission, node mobility, and sensing activities. Through empirical studies and simulations, we identify key parameters influencing energy utilization and establish a foundation for further investigation. Building upon this understanding, we explore the security impacts associated with the energy profile of WSNs operating in critical environments. We address potential vulnerabilities arising from compromised nodes due to energy depletion, communication constraints, and malicious attacks. By examining these security challenges, we highlight the urgency of developing robust solutions to ensure the reliability and integrity of WSNs in critical applications. In response to these challenges, we propose mitigation strategies that synergistically address both energy consumption and security concerns. Our approach based on security information and event management with deep learning security use case algorithms for impact mitigation. These strategies aim to enhance the overall sustainability and security of WSNs, ensuring their continued functionality in demanding and sensitive environments. In conclusion, this paper provides a comprehensive overview of the intricate interplay between energy consumption behavior and security impacts in WSNs within critical contexts. Our findings underscore the need for holistic approaches that integrate energy-awareness and security measures to fortify the resilience of WSNs, fostering their sustainable deployment in critical applications.
Authored by Ayoub Toubi, Abdelmajid Hajami
Cloud computing (CC) is vulnerable to existing information technology attacks, since it extends and utilizes information technology infrastructure, applications and typical operating systems. In this manuscript, an Enhanced capsule generative adversarial network (ECGAN) with blockchain based Proof of authority consensus procedure fostered Intrusion detection (ID) system is proposed for enhancing cyber security in CC. The data are collected via NSL-KDD benchmark dataset. The input data is fed to proposed Z-Score Normalization process to eliminate the redundancy including missing values. The pre-processing output is fed to feature selection. During feature selection, extracting the optimum features on the basis of univariate ensemble feature selection (UEFS). Optimum features basis, the data are classified as normal and anomalous utilizing Enhanced capsule generative adversarial networks. Subsequently, blockchain based Proof of authority (POA) consensus process is proposed for improving the cyber security of the data in cloud computing environment. The proposed ECGAN-BC-POA-IDS method is executed in Python and the performance metrics are calculated. The proposed approach has attained 33.7\%, 25.7\%, 21.4\% improved accuracy, 24.6\%, 35.6\%, 38.9\% lower attack detection time, and 23.8\%, 18.9\%, 15.78\% lower delay than the existing methods, like Artificial Neural Network (ANN) with blockchain framework, Integrated Architecture with Byzantine Fault Tolerance consensus, and Blockchain Random Neural Network (RNN-BC) respectively.
Authored by Ravi Kanth, Prem Jacob
Recent advances in quantum computing and quantum information theory represent a severe threat to the current state of the art of data protection. In this context, new quantum-safe techniques have emerged in recent decades, which fall into post-quantum and unconditionally secure cryptographic schemes. The firsts rely on computational problems supposed to be hard also for quantum computers. In contrast, the seconds do not depend on the difficulty of a computational problem and are therefore immune to quantum power. In particular, unconditionally secure techniques include Quantum Key Distribution (QKD) protocols for transmitting secret keys thanks to the quantum properties of light. In this work, we discuss QKD networks and post-quantum algorithms, considering their opportunities and limitations and showing that reconciliation between these two directions of cryptography is feasible and necessary for the quantum era.This work is part of the activities of the PON project “Development of quantum systems and technologies for IT security in communication networks” (QUANCOM) which aims to the realization of a metropolitan quantum communication network through the collaboration between universities, research centers and companies operating in the communication market area.
Authored by Eufemia Lella, Alberto Gatto, Andrea Pazienza, Diego Romano, Pietro Noviello, Felice Vitulano, Giovanni Schmid
With the popularization of AIoT applications, every endpoint device is facing information security risks. Thus, how to ensure the security of the device becomes essential. Chip security is divided into software security and hardware security, both of which are indispensable and complement each other. Hardware security underpins the entire cybersecurity ecosystem by proving essential primitives, including key provisioning, hardware cryptographic engines, hardware unique key (HUK), and unique identification (UID). This establishes a Hardware Root of Trust (HRoT) with secure storage, secure operation, and a secure environment to provide a trustworthy foundation for chip security. Today s talk starts with how to use a Physical Unclonable Function (PUF) to generate a unique “fingerprint” (static random number) for the chip. Next, we will address using a static random number and dynamic entropy to design a high-performance true random number generator and achieve real anti-tampering HRoT by leveraging static and dynamic entropy. By integrating NISTstandard cryptographic engines, we have created an authentic PUF-based Hardware Root of Trust. The all-in-one integrated solution can handle all the necessary security functions throughout the product life cycle as well as maintaining a secure boundary to achieve the integrity of sensitive information or assets. Finally, as hardware-level protection extends to operating systems and applications, products and services become secure.
Authored by Meng-Yi Wu
Smartphones have completely altered the mobile communication scene. Wi-Fi, global positioning system navigation, high-resolution cameras, and touchscreens with high-speed internet access are just some of the cutting-edge capabilities that these devices offer, allowing users to stay in constant contact with the present. Since many of these features are embedded deeply in the mobile operating system, they are typically inaccessible to the average user. However, Google released Android, a revolutionary operating system. Because of its open system architecture, this platform encourages third-party development and a debugging environment that users may change to create their own unique apps. In this research project, we examine the development of an Emergency Based Remote Collateral Tracking System app on the Android mobile platform from Google. There are three main forms of emergencies: those involving the heart, those involving personal safety, and those involving the roads. Users who own and operate motor vehicles are the primary focus of this app. Our program can keep tabs on the driver’s pulse by connecting to a heart rate monitor. Our application has a backup function in case of anomalies. First, it sends SMS messages containing the user’s location data after using GPS to do so.
Authored by Dankan Gowda V, Kdv Prasad, R Shekhar, Rachakonda Srinivas, Kale Srinivas, Prasanna Lakineni
These days, safety measures can t be neglected. In a world where digital risks are becoming more prevalent, efficient security has become an essential aspect of any system or business. Protecting valuables now requires a defensive strategy with several layers. Security systems play an important role in today s modern, industrialised society. The security system is primarily intended to address the need for the protection of hard-earned treasures (jewels). Unlike the current method, which uses physical locks that are readily falsified, this system uses Bluetooth and RFID tags in conjunction with digital (electronic) code locks to unlock the door automatically once the series of authentications is validated and emits alarm noises when any discrepancy happens. The ability of subsequent layers of defense to prevent intrusion is unaffected by the failure of an earlier one to provide detection. In this effort, we use IoT to design and build a fully automated security system that will operate with no more human intervention when it is put into place. In addition, the system s overall cost of adoption is far lower than that of any other consumer security solution now on the market.
Authored by Somya Prakash, Sabita Mali, Farida Ali
In today s world, security is a very important issue. People should always keep their belongings safe. To increase security, this research work proposes a IoT-based smart lockers with sensors and access keys with security, verification, and user-friendly tools. This model alerts the user when someone else tries to access their locker and quickly sends an alarm to the authorized user, and provides the option to either grant or reject access to the valid user. In this paper, smart locker is kept registered early to use a locker in the bank, office, home, etc. to ensure safety. The user demands to send an unlock direction with the help of microcontroller NUDE MCU ESP8266 and after accepting the command from the cloud (BLYNK APP), only the user can unlock the closet and access the valuables. This study has also introduced the encroachment detection in lockers with sensors and finally installed smart lockers with fire alarms for security and reliability.
Authored by Bhawna Khokher, Mamta Savadatti, Anish Kumar, T.V. Nikhil, Pranav Raj, Aditya Thakre
Electronic devices and appliances are increasingly becoming a quintessential part of every household with the recent development and innovations in the field of technology affecting the day-to-day lives of individuals. Automation has caught the fame as people struggle to keep up with the demands of work, making it an easy solution to operate devices and machines to meet the individual needs. The paper describes the creation and execution of an affordable, versatile, and safe home automation system that is controlled through a mobile phone. The system relies on an independent Arduino BT board, which is connected to home appliances via relays attached to its input/output ports. Wireless communication is used to connect the mobile phone and the Arduino BT board. The system is designed to be both economical and expandable, allowing for control of a range of devices with minimal changes to its basic structure. The focus of the paper is to explain how to manage and regulate electronic devices using Android smartphones. The paper also outlines a home automation system that prioritizes security and safeguards user privacy. This system is designed to be affordable and flexible, making it possible to control various devices with minimalchanges to its core structure. Additionally, the appliances in the system are protected by passwords to ensure that only authorized users can access them.
Authored by Priyanka Bhardwaj, Manidipa Roy, Sanjay Singh, Vanshika Jain, Mega Novita, Agus Mukhtar, Yuris Setyoadi
The increasing prevalence of cyber threats necessitates the exploration of cybersecurity challenges in sustainable operating systems. This research paper addresses these challenges by examining the dynamic landscape of cyber threats and the modifications required in operating systems to ensure robust security measures. Through the classification of these threats, the diverse nature of attacks faced by operating systems is revealed, highlighting the need for proactive security measures. Furthermore, the study investigates current cyber security solutions and prevention mechanisms employed to mitigate these threats. It also explores the modifications and challenges that operating systems must undergo in response to cybersecurity crimes, emphasizing the significance of proactive measures to address vulnerabilities exploited by cybercriminals.
Authored by Shadi bi, Samar Hendawi, Islam Altalahin, Muder Almiani, Ala Mughaid
Technology has improved, and smart locking systems have become more sophisticated. In this case, the android-based Smart System is primarily intended for multimode operations. Such a system is necessary in banks and businesses since it provides f u n c t i o n s that let users control locks. The implementation’s efficiency the system is incredibly helpful because of its functionality and user-friendly interface. Some homeowners aim to connect their home’s numerous home automation devices. Those connected to a Windows-based PC are the most popular home controllers. In our study, we introduced a form of smart technology that utilized Bluetooth while using a mobile smartphone. Consequently, using it will be simpler and more effective. Additionally, it supported the free and open-source Android and Arduino platforms. This paper proposes a door lock automation system that uses an Android smartphone with Bluetooth as the first piece of hardware. Following a description of the design and software development process, a Bluetooth-based Smartphone application for locking and unlocking doors is demonstrated. The task module acts as the agent in the hardware design for the door-lock system, the Arduino microcontroller serves as the controller and data processing hub, and the solenoid acts as the door lock output. The results of each test show that it is compatible with the original plan for this study.
Authored by B. Swathi, Aditya Kanoi, Harshvardhan Kumar, Jaiswal Sinha, Gana Gajjala
This paper focuses on the adoption of biometric and RFID security gadgets as innovative solutions for enhancing door lock systems. The traditional reliance on physical keys has proven vulnerable to security breaches, prompting the need for more robust measures. Biometric features such as Fingerprint, Voice and Bluetooth offer unparalleled security by leveraging unique biological characteristics for authentication. Additionally, integrating RFID technology enables convenient access control through assigned cards or tags, eliminating the need for physical keys or complex passwords. The combination of these cutting-edge solutions establishes a comprehensive security infrastructure, significantly reducing risks associated with conventional lock systems. This research highlights the benefits and applications of these technologies in various settings, emphasizing their role in creating a safer environment for individuals and organizations.
Authored by Sherly Alphonse, Chitranshu Gupta, Mohammad Warsi, Karmokar Shantu, Aryaman Tamotia
Every person must take precautions in the current pandemic crisis, such as wearing protective gear, keeping a safe distance, cleaning their hands, and avoiding touching anything unless absolutely essential. However, there is a potential of disease transmission while touching objects like tables, doors, cars, and other things. Therefore, this study has proposed a proposal to stop them; the project is based on automation, in which an automatic door closing and opening mechanism has been created once the voice command is given. In this scenario, when a proper voice command is provided, the mechanism is activated to open and close the door automatically. Hence that there is no direct human contact with the door, which will assist stop or slow the spread of pandemic disease. The developed Arduino-based module can automatically close and open the door. These devices produced a regulator for the input, which uses the Android s Bluetooth signal. Arduino-based Android customers may easily open and close the door with their phones by communicating via Bluetooth technology. Within range, Bluetooth Classic (BT) makes it possible to connect an Android device. You may open a door with a personalized audio message and operate it by speaking into modules. Here, everyone is using various modules, such as voice commands, to control various modules. When a voice command is provided, the door will open and close on its own.
Authored by C.Kanmani Pappa, N. Ashokkumar, P. Nagarajan, Kavitha Thandapani
The advancement of technology is challenging for designers of the security systems. When securing a property or different valuable items, it must be kept into account that often criminals are equipped with performant electric or electronic devices, constructed to disable security systems and to remove any trace of their activity. In consequence, reliable and fast responding security systems must be constructed. This paper proposes a design based on two different microcontrollers, both using Real Time Operating Systems, which has an increased capability to resist at attacks from intruders, and to warn the authorities as soon as a unauthorized access was detected in the secured space. This project is characterized by a low-cost implementation and an efficient operation, given that it is fast responding, and it contains two physically separated modules, making its disabling by intruders more difficult.
Authored by Iustin Constantin, Alexandru Dinu
In recent years, the advancement of sensor technologies has revolutionized the field of security systems, enabling more accurate and reliable monitoring solutions. Radar technology, known for its ability to operate effectively in various weather conditions and lighting environments, provides a distinct advantage in maintaining consistent surveillance. By utilizing radio waves, the system can accurately detect movement within its coverage area, making it well-suited for both indoor and outdoor applications. The smart radar security system is an innovative approach that harnesses the power of radar technology to create a robust and efficient security solution. This system employs radar sensors to detect and track movement, presence, and object classification in diverse environments, offering significant advantages over traditional security methods. The core functionality of the proposed system revolves around its ability to detect motion with high precision. The proposed approach represents a significant step forward in security solutions by leveraging radar technology s unique advantages. Hence, this work aims to develop a protype for accurately detection the obstacle motion related to radar applications. Bluetooth technology has been utilized for establishing user interface and receiving alerts in the mobile application. Users can receive real-time alerts and notifications on their smartphones or connected devices whenever unauthorized movement is detected. Additionally, the proposed system can be seamlessly integrated with existing smart home or security systems, allowing for comprehensive and centralized surveillance management. As technology continues to evolve, this system showcases the potential for cutting-edge solutions that prioritize both security and privacy.
Authored by Prudhvi Budumuru, Santosh Chegondi, Leela M, M Arjun, M Rohith, N Harikrishna
This paper highlights the progress toward securing teleoperating devices over the past ten years of active technology development. The relevance of this issue lies in the widespread development of teleoperating systems with a small number of systems allowed for operations. Anomalous behavior of the operating device, caused by a disruption in the normal functioning of the system modules, can be associated with remote attacks and exploitation of vulnerabilities, which can lead to fatal consequences. There are regulations and mandates from licensing agencies such as the US Food and Drug Administration (FDA) that place restrictions on the architecture and components of teleoperating systems. These requirements are also evolving to meet new cybersecurity threats. In particular, consumers and safety regulatory agencies are attracted by the threat of compromising hardware modules along with software insecurity. Recently, detailed security frameworks and protocols for teleoperating devices have appeared. However, a matter of intelligent autonomous controllers for analyzing anomalous and suspicious actions in the system remain unattended, as well as emergency protocols from the point of cybersecurity view. This work provides a new approach for the intraoperative cybersecurity of intelligent teleoperative surgical systems, taking into account modern requirements for implementing into the Surgical Remote Intelligent Robotic System LevshAI. The proposed principal security model allows a surgeon or autonomous agent to manage the operation process during various attacks.
Authored by Alexandra Bernadotte
The high directionality of millimeter-wave (mmWave) communication systems has proven effective in reducing the attack surface against eavesdropping, thus improving the physical layer security. However, even with highly directional beams, the system is still exposed to eavesdropping against adversaries located within the main lobe. In this paper, we propose BeamSec, a solution to protect the users even from adversaries located in the main lobe. The key feature of BeamSec are: (i) Operating without the knowledge of eavesdropper’s location/channel; (ii) Robustness against colluding eavesdropping attack and (iii) Standard compatibility, which we prove using experiments via our IEEE 802.11ad/ay-compatible 60 GHz phased-array testbed. Methodologically, BeamSec first identifies uncorrelated and diverse beampairs between the transmitter and receiver by analyzing signal characteristics available through standard-compliant procedures. Next, it encodes the information jointly over all selected beampairs to minimize information leakage. We study two methods for allocating transmission time among different beams, namely uniform allocation (no knowledge of the wireless channel) and optimal allocation for maximization of the secrecy rate (with partial knowledge of the wireless channel). Our experiments show that BeamSec outperforms the benchmark schemes against single and colluding eavesdroppers and enhances the secrecy rate by 79.8\% over a random paths selection benchmark.
Authored by Afifa Ishtiaq, Arash Asadi, Ladan Khaloopour, Waqar Ahmed, Vahid Jamali, Matthias Hollick
Android is the most popular smartphone operating system with a market share of 68.6\% in Apr 2023. Hence, Android is a more tempting target for cybercriminals. This research aims at contributing to the ongoing efforts to enhance the security of Android applications and protect users from the ever-increasing sophistication of malware attacks. Zero-day attacks pose a significant challenge to traditional signature-based malware detection systems, as they exploit vulnerabilities that are unknown to all. In this context, static analysis can be an encouraging approach for detecting malware in Android applications, leveraging machine learning (ML) and deep learning (DL)-based models. In this research, we have used single feature and combination of features extracted from the static properties of mobile apps as input(s) to the ML and DL based models, enabling it to learn and differentiate between normal and malicious behavior. We have evaluated the performance of those models based on a diverse dataset (DREBIN) comprising of real-world Android applications features, including both benign and zero-day malware samples. We have achieved F1 Score 96\% from the multi-view model (DL Model) in case of Zero-day malware scenario. So, this research can be helpful for mitigating the risk of unknown malware.
Authored by Jabunnesa Sara, Shohrab Hossain
With the development of streaming media, soft real-time system in today’s life could participate in the use of more extensive areas. The use frequency was also increasing. Consequently, modern processors were equipped with software control mechanisms such as DVFS (Dynamic Voltage Frequency Scaling) to allow operating systems to meet required performance while reducing power consumption. Therefore, we propose a task scheduling algorithm combined DVFS technology and time deterministic cyclic scheduling to achieve energy saving effect. First, the algorithm needed to minimize the preemption between tasks to reduce latency, so we created a buffer to save periodic tasks to avoid preemption. Second, to reduce the computational cost of the scheduling scheme, a scheduling template were designed to perform tasks. In this paper, the scheduling of periodic tasks, task scheduling would be designed when the task scheduling template would be fixed length. Besides, this algorithm supported that task could adopt appropriate voltage and frequency through DVFS technology in idle time under the condition of satisfying task dependence. Experimental analysis showed that the proposed algorithm could effectively reduce the system energy consumption while ensuring the completion of the task.
Authored by Xun Liu
Employing Trusted Execution Environment (TEE) technology such as ARM TrustZone to deploy sensitive security modules and credentials for secure, authenticated access is the go-to solution to address integrity and confidentiality challenges in untrusted devices. While it has been attracting attention as an effective building block for secure enterprise IT systems (e.g., BYOD), these secure operating systems are often not open-source, and thus system operators and developers have to largely depend on mobile platform vendors to deploy their applications in the secure world on TEE. Our solution, called GateKeeper, addresses the primary obstacle for system operators to adopt ARM TrustZone TEE to deploy their own, in-house security systems, by enabling the operators more control and flexibility on Trusted App (TA) installation and update procedure without mandating involvement of the mobile platform vendors at each iteration. In this paper, we first formulate an ecosystem for enabling such operator-centric TA management, and then discuss the design of GateKeeper, which is a comprehensive framework to enable operator-centric TA management on top of GlobalPlatform specification. We further present a proof-ofconcept implementation using OP-TEE open-source secure OS to demonstrate the feasibility and practical resource consumption (less than 1000 lines of code and 500 KBytes on memory).
Authored by Balachandar Gowrisankar, Daisuke Mashima, Wenshei Ong, Quanqi Ye, Ertem Esiner, Binbin Chen, Zbigniew Kalbarczyk
The continuously growing importance of today’s technology paradigms such as the Internet of Things (IoT) and the new 5G/6G standard open up unique features and opportunities for smart systems and communication devices. Famous examples are edge computing and network slicing. Generational technology upgrades provide unprecedented data rates and processing power. At the same time, these new platforms must address the growing security and privacy requirements of future smart systems. This poses two main challenges concerning the digital processing hardware. First, we need to provide integrated trustworthiness covering hardware, runtime, and the operating system. Whereas integrated means that the hardware must be the basis to support secure runtime and operating system needs under very strict latency constraints. Second, applications of smart systems cover a wide range of requirements where "one- chip-fits-all" cannot be the cost and energy effective way forward. Therefore, we need to be able to provide a scalable hardware solution to cover differing needs in terms of processing resource requirements.In this paper, we discuss our research on an integrated design of a secure and scalable hardware platform including a runtime and an operating system. The architecture is built out of composable and preferably simple components that are isolated by default. This allows for the integration of third-party hardware/software without compromising the trusted computing base. The platform approach improves system security and provides a viable basis for trustworthy communication devices.
Authored by Friedrich Pauls, Sebastian Haas, Stefan Kopsell, Michael Roitzsch, Nils Asmussen, Gerhard Fettweis
Virtualization is essential in assisting businesses in lowering operational costs while still ensuring increased productivity, better hardware utilization, and flexibility. According to Patrick Lin, Senior Director of Product Management for VMware, "virtualization is both an opportunity and a threat." This survey gives a review of the literature on major virtualization technology security concerns. Our study primarily focuses on several open security flaws that virtualization introduces into the environment. Virtual machines (VMs) are overtaking physical machine infrastructures due to their capacity to simulate hardware environments, share hardware resources, and make use of a range of operating systems (OS). By offering a higher level of hardware abstraction and isolation, efficient external monitoring and recording, and on-demand access, VMs offer more effective security architecture than traditional machines. It concentrates on virtual machine-specific security concerns. The security risks mentioned in this proposal apply to all of the virtualization technologies now on the market; they are not unique to any one particular virtualization technology. In addition to some security advantages that come along with virtualization, the survey first gives a brief review of the various virtualization technologies that are now on the market. It conclude by going into great depth on a number of security gaps in the virtualized environment.
Authored by N.B. Kadu, Pramod Jadhav, Santosh Pawar