Research Outputs

2022 2022 2021 2021 2020 2020 2019 2019 2018 2018 2017 2017 2016 2016 2015 2015 2014 2014 2013 2013 0 0 2 2 4 4 6 6 8 8 10 10
Now showing 1 - 10 of 58
No Thumbnail Available
Publication

SECCRIT: Secure Cloud Computing for High Assurance Services

2013, Bless, R., Hutchison, D., Schoeller, M., Smith, P., Tauber, Markus

No Thumbnail Available
Publication

Security Vulnerabilities And Risks In Industrial Usage Of Wireless Communication

2014-09-16, Plosz, S., Lesjak, C., Pereira, N., Tauber, Markus, Ruprechter, T.

Due to its availability and low cost, the use of wireless communication technologies increases in domains beyond the originally intended usage areas, e.g. M2M communication in industrial applications. Such industrial applications often have specific security requirements. Hence, it is important to understand the characteristics of such applications and evaluate the vulnerabilities bearing the highest risk in this context. We present a comprehensive overview of security issues and features in existing WLAN, NFC and ZigBee standards, investigating the usage characteristics of these standards in industrial environments. We apply standard risk assessment methods to identify vulnerabilities with the highest risk across multiple technologies. We present a threat catalogue, conclude in which direction new mitigation methods should progress and how security analysis methods should be extended to meet requirements in the M2M domain.

No Thumbnail Available
Publication

The Effect of the 802.11 Power Save Mechanism (PSM) on Energy Efficiency and Performance During System Activity

2012, Tauber, Markus, Bhatti, S. N.

802.11 WLAN is a popular choice for wireless access on a range of ICT devices. A growing concern is the increased energy usage of ICT, for reasons of cost and environmental protection. The Power Save Mode (PSM) in 802.11 deactivates the wireless network interface during periods of inactivity. However, applications increasingly use push models, and so devices may be active much of the time. We have investigated the effectiveness of PSM, and considered its impact on performance when a device is active. Rather than concentrate on the NIC, we have taken a system-wide approach, to gauge the impact of the PSM from an application perspective. We experimentally evaluated performance at the packet level and system-wide power usage under various offered loads, controlled by packet size and data rate, on our 802.11n test bed. We have measured the system-wide power consumption corresponding to the individual traffic profiles and have derived application-specific effective energy-usage. We have found that in our scenarios, no significant benefit can be gained from using PSM.

No Thumbnail Available
Publication

Towards continuous Cloud Service Assurance for Critical Infrastructure IT

2014-08-27, Hudic, A., Mauthe, A., Caceres, S., Hecht, T., Tauber, Markus

The momentum behind Cloud Computing has revolutionized how ICT services are provided, adopted and delivered. Features such as high scalability, fast provisioning, on demand resource availability makes it an attractive proposition for deploying complex and demanding systems. Clouds are also very suitable for deploying systems with unpredictable load patterns including Critical infrastructure services. Though, the major obstacle in hosting Critical infrastructures is often a lack of assurance. The transparency and flexibility offered by the Cloud, abstracts per definition over e.g. data placement, hardware, service migration. This makes it very hard to assure security properties. We present an investigation of assurance approaches, an analysis of their suitability for Critical Infrastructure Services being deployed in the Cloud and presents our approach.

No Thumbnail Available
Publication

Self-Adaptation Applied to MQTT via a Generic Autonomic Management Framework

2019-02, Maksuti, Silia, Schluga, Oliver, Settanni, Giuseppe, Tauber, Markus, Delsing, Jerker

Manufacturing enterprises are constantly exploring new ways to improve their own production processes to address the increasing demand of customized production. However, such enterprises show a low degree of flexibility, which mainly results from the need to configure new production equipment at design and run time. In this paper we propose self-adaptation as an approach to improve data transmission flexibility in Industry 4.0 environments. We implement an autonomic manager using a generic autonomic management framework, which applies the most appropriate data transmission configuration based on security and business process related requirements, such as performance. The experimental evaluation is carried out in a MQTT infrastructure and the results show that using self-adaptation can significantly improve the trade-off between security and performance. We then propose to integrate anomaly detection methods as a solution to support self-adaptation by monitoring and learning the normal behavior of an industrial system and show how this can be used by the generic autonomic management framework.

No Thumbnail Available
Publication

Tectons : Towards a Generalised Approach to Programming Systems of Systems

2015, Coulson, Geoff, Mauthe, Andreas, Tauber, Markus

No Thumbnail Available
Publication

Trustworthy Evidence Gathering Mechanism for Multilayer Cloud Compliance.

2014, Florian, M., Paudel, S., Tauber, Markus

Cloud Computing allows the designing of systems which dynamically acquire compute resources. This makes it very suitable for Critical Infrastructures where unpredictable load due to human usage patterns are very likely. Especially in this domain legal compliance is a growing concern in general. Abstraction over multiple architectural cloud layers allows for individual layers being operated by different providers. This makes it hard to determine whether legal compliance is given. In this paper we motivate the research towards an Event Gathering Mechanism which is envisioned to allow the modelling of legal aspects in a multi layered cloud environment.

No Thumbnail Available
Publication

Towards a Security Cost Model for Cyber-Physical Systems

2019-01, Ivkić, Igor, Mauthe, Andreas, Tauber, Markus

In times of Industry 4.0 and cyber-physical systems (CPS) providing security is one of the biggest challenges. A cyber attack launched at a CPS poses a huge threat, since a security incident may affect both the cyber and the physical world. Since CPS are very flexible systems, which are capable of adapting to environmental changes, it is important to keep an overview of the resulting costs of providing security. However, research regarding CPS currently focuses more on engineering secure systems and does not satisfactorily provide approaches for evaluating the resulting costs. This paper presents an interaction-based model for evaluating security costs in a CPS. Furthermore, the paper demonstrates in a use case driven study, how this approach could be used to model the resulting costs for guaranteeing security.

No Thumbnail Available
Publication

A Self-Organising Approach for Smart Meter Communication Systems

2014, Tauber, Markus, Skopik, F., Hutchison, D., Bleier, T.

No Thumbnail Available
Publication

Towards Energy-Awareness in Managing Wireless LAN Applications

2012, Tauber, Markus, Bhatti, S. N., Yu, Y.

We have investigated the scope for enabling WLAN applications to manage the trade-off between performance and energy usage. We have conducted measurements of energy usage and performance in our 802.11n WLAN testbed, which operates in the 5 GHz ISM band. We have defined an effective energy usage envelope with respect to application-level packet transmission, and we demonstrate how performance as well as the effective energy usage envelope is effected by various configurations of IEEE 802.11n, including transmission power levels and channel width. Our findings show that the packet size and packet rate of the application flow have the greatest impact on application-level energy usage, compared to transmission power and channel width. As well as testing across a range of packet sizes and packet rates, we emulate a Skype flow, a YouTube flow and file transfers (HTTP over Internet and local server) to place our results in context. Based on our measurements we discuss approaches and potential improvements of management in effective energy usage for the tested applications.