Tauber, Markus

2017-12, Bauer, Elisabeth, Schluga, Oliver, Maksuti, Silia, Bicaku, Ani, Hofbauer, David, Ivkić, Igor, Wöhrer, Alexander, Tauber, Markus

The popularity of cloud based Infrastructure-as-a- Service (IaaS) solutions is becoming increasingly popular. However, since IaaS providers and customers interact in a flexible and scalable environment, security remains a serious concern. To handle such security issues, defining a set of security parameters in the service level agreements (SLA) between both, IaaS provider and customer, is of utmost importance. In this paper, the European Network and Information Security Agency (ENISA) guidelines are evaluated to extract a set of security parameters for IaaS. Furthermore, the level of applicability and implementation of this set is used to assess popular industrial and open-source IaaS cloud platforms, respectively VMware and OpenStack. Both platforms provide private clouds, used as backend infrastructures in Industry 4.0 application scenarios. The results serve as initial work to identify a security baseline and research needs for creating secure cloud environments for Industry 4.0.

2018-05, Strobl, Stefanie, Hofbauer, David, Schmittner, Christoph, Maksuti, Silia, Tauber, Markus, Delsing, Jerker

The growing demand for interoperability between system components within a connected car has led to new security challenges in automotive development. The existing components, based on established technology, are often being combined to form such a connected car. For such established technologies, individual, often sector specific threat and vulnerability catalogs exist. The aim of this paper is to identify blocks of established technologies in a connected car and to consolidate the corresponding threat and vulnerability catalogs relevant for the individual constituent components. These findings are used to estimate the impact on specific system components and subsystems to identify the most crucial components and threats.

2013, Tauber, Markus, Bhatti, S. N., Melnikov, N., Schoenwaelder, J.

2019-02, Maksuti, Silia, Schluga, Oliver, Settanni, Giuseppe, Tauber, Markus, Delsing, Jerker

Manufacturing enterprises are constantly exploring new ways to improve their own production processes to address the increasing demand of customized production. However, such enterprises show a low degree of flexibility, which mainly results from the need to configure new production equipment at design and run time. In this paper we propose self-adaptation as an approach to improve data transmission flexibility in Industry 4.0 environments. We implement an autonomic manager using a generic autonomic management framework, which applies the most appropriate data transmission configuration based on security and business process related requirements, such as performance. The experimental evaluation is carried out in a MQTT infrastructure and the results show that using self-adaptation can significantly improve the trade-off between security and performance. We then propose to integrate anomaly detection methods as a solution to support self-adaptation by monitoring and learning the normal behavior of an industrial system and show how this can be used by the generic autonomic management framework.

2011, Tauber, Markus, Kirby, G. N. C., Dearle, A.

2014, Tauber, Markus, Skopik, F., Hutchison, D., Bleier, T.

2010, Tauber, Markus, Kirby, G. N. C., Dearle, A.

2019-01, Ivkić, Igor, Mauthe, Andreas, Tauber, Markus

In times of Industry 4.0 and cyber-physical systems (CPS) providing security is one of the biggest challenges. A cyber attack launched at a CPS poses a huge threat, since a security incident may affect both the cyber and the physical world. Since CPS are very flexible systems, which are capable of adapting to environmental changes, it is important to keep an overview of the resulting costs of providing security. However, research regarding CPS currently focuses more on engineering secure systems and does not satisfactorily provide approaches for evaluating the resulting costs. This paper presents an interaction-based model for evaluating security costs in a CPS. Furthermore, the paper demonstrates in a use case driven study, how this approach could be used to model the resulting costs for guaranteeing security.

2014, Florian, M., Paudel, S., Tauber, Markus

Cloud Computing allows the designing of systems which dynamically acquire compute resources. This makes it very suitable for Critical Infrastructures where unpredictable load due to human usage patterns are very likely. Especially in this domain legal compliance is a growing concern in general. Abstraction over multiple architectural cloud layers allows for individual layers being operated by different providers. This makes it hard to determine whether legal compliance is given. In this paper we motivate the research towards an Event Gathering Mechanism which is envisioned to allow the modelling of legal aspects in a multi layered cloud environment.

2011, Tauber, Markus, Bhatti, S. N., Yu, Y.

We present an experimental evaluation of energy usage and performance in a wireless LAN cell based on a test bed using the 5 GHz ISM band for 802.11a and 802.11n. We have taken an application-level approach, by varying the packet size and transmission rate at the protocol level and evaluating energy usage across a range of application transmission rates using both large and small packet sizes. We have observed that both the application's transmission rate and the packet size have an impact on energy efficiency for transmission in our test bed. We also included in our experiments evaluation of the energy efficiency of emulations of YouTube and Skype flows, and a comparison with Ethernet transmissions.