Options
Tauber, Markus
Research Outputs
Security Standard Compliance Verification in System of Systems
2022, Ani Bicaku, Mario Zsilak, Theiler, Peter, Markus Tauber, Jerker Delsing
Application System Design - High Security
2017, Aldrian, Andreas, Priller, Peter, Schmittner, Christoph, Plosz, Sandor, Tauber, Markus, Wagner, Christian, Hein, Daniel, Ebner, Thomas, Maritsch, Martin, Ruprechter, Thomas, Lesjak, Christian
Towards a Security Baseline for IaaS-Cloud Back-Ends in Industry 4.0
2017-12, Bauer, Elisabeth, Schluga, Oliver, Maksuti, Silia, Bicaku, Ani, Hofbauer, David, Ivkić, Igor, Wöhrer, Alexander, Tauber, Markus
The popularity of cloud based Infrastructure-as-a- Service (IaaS) solutions is becoming increasingly popular. However, since IaaS providers and customers interact in a flexible and scalable environment, security remains a serious concern. To handle such security issues, defining a set of security parameters in the service level agreements (SLA) between both, IaaS provider and customer, is of utmost importance. In this paper, the European Network and Information Security Agency (ENISA) guidelines are evaluated to extract a set of security parameters for IaaS. Furthermore, the level of applicability and implementation of this set is used to assess popular industrial and open-source IaaS cloud platforms, respectively VMware and OpenStack. Both platforms provide private clouds, used as backend infrastructures in Industry 4.0 application scenarios. The results serve as initial work to identify a security baseline and research needs for creating secure cloud environments for Industry 4.0.
Interacting with the Arrowhead Local Cloud: On-boarding Procedure
2018-05, Bicaku, Ani, Maksuti, Silia, Hegedűs, Csaba, Tauber, Markus, Delsing, Jerker, Eliasson, Jens
Industrial automation systems are advancing rapidly and a wide range of standards, communication protocols and platforms supporting the integration of devices are introduced. It is therefore necessary to design and build appropriate tools and frameworks that allow the integration of devices with multiple systems and services. In this work we present the Arrow-head Framework, used to enable collaborative IoT automation and introduce two support core systems, SystemRegistry and DeviceRegistry, which are needed to create a chain of trust from a hardware device to a software system and its associated services. Furthermore, we propose an on-boarding procedure of a new device interacting with the Arrowhead local cloud. This ensures that only valid and authorized devices can host software systems within an Arrowhead local cloud.
Analysing Design Approaches for the Power Consumption in Cyber-Physical Systems
2021-06-30, Sailer, Patrizia, Ivkić, Igor, Tauber, Markus, Mauthe, Andreas, Gouglidis, Antonios
The importance of Cyber Physical Systems (CPS) and Internet of Things (IoT) applications is constantly increasing, especially in the context of Industry 4.0. Architectural decisions are crucial not just for performance, security and resilience reasons but also regarding costs and resource usage. In this paper we analyse two of the fundamental approaches to design control loops (i.e. time-driven and event-driven), show how they can be realised and evaluate their power requirements. Through this the design criteria can be extended also considering the optimization of energy related aspects.
Autonomic Management of Client Concurrency in a Distributed Storage Service
2011, Tauber, Markus, Kirby, G. N. C., Dearle, A.
Towards continuous Cloud Service Assurance for Critical Infrastructure IT
2014-08-27, Hudic, A., Mauthe, A., Caceres, S., Hecht, T., Tauber, Markus
The momentum behind Cloud Computing has revolutionized how ICT services are provided, adopted and delivered. Features such as high scalability, fast provisioning, on demand resource availability makes it an attractive proposition for deploying complex and demanding systems. Clouds are also very suitable for deploying systems with unpredictable load patterns including Critical infrastructure services. Though, the major obstacle in hosting Critical infrastructures is often a lack of assurance. The transparency and flexibility offered by the Cloud, abstracts per definition over e.g. data placement, hardware, service migration. This makes it very hard to assure security properties. We present an investigation of assurance approaches, an analysis of their suitability for Critical Infrastructure Services being deployed in the Cloud and presents our approach.
Connected cars — Threats, vulnerabilities and their impact
2018-05, Strobl, Stefanie, Hofbauer, David, Schmittner, Christoph, Maksuti, Silia, Tauber, Markus, Delsing, Jerker
The growing demand for interoperability between system components within a connected car has led to new security challenges in automotive development. The existing components, based on established technology, are often being combined to form such a connected car. For such established technologies, individual, often sector specific threat and vulnerability catalogs exist. The aim of this paper is to identify blocks of established technologies in a connected car and to consolidate the corresponding threat and vulnerability catalogs relevant for the individual constituent components. These findings are used to estimate the impact on specific system components and subsystems to identify the most crucial components and threats.
Towards Energy-Awareness in Managing Wireless LAN Applications
2012, Tauber, Markus, Bhatti, S. N., Yu, Y.
We have investigated the scope for enabling WLAN applications to manage the trade-off between performance and energy usage. We have conducted measurements of energy usage and performance in our 802.11n WLAN testbed, which operates in the 5 GHz ISM band. We have defined an effective energy usage envelope with respect to application-level packet transmission, and we demonstrate how performance as well as the effective energy usage envelope is effected by various configurations of IEEE 802.11n, including transmission power levels and channel width. Our findings show that the packet size and packet rate of the application flow have the greatest impact on application-level energy usage, compared to transmission power and channel width. As well as testing across a range of packet sizes and packet rates, we emulate a Skype flow, a YouTube flow and file transfers (HTTP over Internet and local server) to place our results in context. Based on our measurements we discuss approaches and potential improvements of management in effective energy usage for the tested applications.
SECCRIT: Secure Cloud Computing for High Assurance Services
2013, Bless, R., Hutchison, D., Schoeller, M., Smith, P., Tauber, Markus