Options
Tauber, Markus
Research Outputs
Security Standard Compliance Verification in System of Systems
2022, Ani Bicaku, Mario Zsilak, Theiler, Peter, Markus Tauber, Jerker Delsing
Towards a Security-Aware Benchmarking Framework for Function-as-a-Service
2018, Pellegrini, Roland, Ivkić, Igor, Tauber, Markus
In a world, where complexity increases on a daily basis the Function-as-a-Service (FaaS) cloud model seams to take countermeasures. In comparison to other cloud models, the fast evolving FaaS increasingly abstracts the underlying infrastructure and refocuses on the application logic. This trend brings huge benefits in application and performance, but comes with difficulties for benchmarking cloud applications. In this position paper, we present an initial investigation of benchmarking FaaS in close to reality production systems. Furthermore, we outline the architectural design including the necessary benchmarking metrics. We also discuss the possibility of using the proposed framework for identifying security vulnerabilities.
Analysing Design Approaches for the Power Consumption in Cyber-Physical Systems
2021-06-30, Sailer, Patrizia, Ivkić, Igor, Tauber, Markus, Mauthe, Andreas, Gouglidis, Antonios
The importance of Cyber Physical Systems (CPS) and Internet of Things (IoT) applications is constantly increasing, especially in the context of Industry 4.0. Architectural decisions are crucial not just for performance, security and resilience reasons but also regarding costs and resource usage. In this paper we analyse two of the fundamental approaches to design control loops (i.e. time-driven and event-driven), show how they can be realised and evaluate their power requirements. Through this the design criteria can be extended also considering the optimization of energy related aspects.
A Framework for Measuring the Costs of Security at Runtime
2019, Ivkić, Igor, Pichler, Harald, Zsilak, Mario, Mauthe, Andreas, Tauber, Markus
In Industry 4.0, Cyber-Physical Systems (CPS) are formed by components, which are interconnected with each other over the Internet of Things (IoT). The resulting capabilities of sensing and affecting the physical world offer a vast range of opportunities, yet, at the same time pose new security challenges. To address these challenges there are various IoT Frameworks, which offer solutions for managing and controlling IoT-components and their interactions. In this regard, providing security for an interaction usually requires performing additional security-related tasks (e.g. authorisation, encryption, etc.) to prevent possible security risks. Research currently focuses more on designing and developing these frameworks and does not satisfactorily provide methodologies for evaluating the resulting costs of providing security. In this paper we propose an initial approach for measuring the resulting costs of providing security for interacting IoT-components by using a Security Cost Modell ing Framework. Furthermore, we describe the necessary building blocks of the framework and provide an experimental design showing how it could be used to measure security costs at runtime.
On the Cost of Cyber Security in Smart Business
2017-12, Ivkić, Igor, Wolfauer, Stephan, Oberhofer, Thomas, Tauber, Markus
In a world, as complex and constantly changing as ours cloud computing is a driving force for shaping the IT landscape and changing the way we do business. Current trends show a world of people, things and services all digitally interconnected via the Internet of Things (IoT). This applies in particular to an industrial environment where smart devices and intelligent services pave the way for smart factories and smart businesses. This paper investigates in a use case driven study the potential of making use of smart devices to enable direct, automated and voice-controlled smart businesses. Furthermore, the paper presents an initial investigation on methodologies for measuring costs of cyber security controls for cloud services.
Risk Management and Standard Compliance for Cyber-Physical Systems of Systems
2021, Matta, George, Chlup, Sebastian, Shaaban, Abdelkader Magdy, Schmittner, Christoph, Pinzenöhler, Andreas, Szalai, Elke, Tauber, Markus
The Internet of Things (IoT) and cloud technologies are increasingly implemented in the form of Cyber-Physical Systems of Systems (CPSoS) for the railway sector. In order to satisfy the security requirements of Cyber-Physical Systems (CPS), domainspecific risk identification assessment procedures have been developed. Threat modelling is one of the most commonly used methods for threat identification for the security analysis of CPSoS and is capable of targeting various domains. This paper reports our experience of using a risk management framework identify the most critical security vulnerabilities in CPSoS in the domain and shows the broader impact this work can have on the domain of safety and security management. Moreover, we emphasize the application of common analytical methods for cyber-security based on international industry standards to identify the most vulnerable assets. These will be applied to a meta-model for automated railway systems in the concept phase to support the development and deployment of these systems. Furthermore, it is the first step to create a secure and standard complaint system by design.
Self-Adaptation Applied to MQTT via a Generic Autonomic Management Framework
2019-02, Maksuti, Silia, Schluga, Oliver, Settanni, Giuseppe, Tauber, Markus, Delsing, Jerker
Manufacturing enterprises are constantly exploring new ways to improve their own production processes to address the increasing demand of customized production. However, such enterprises show a low degree of flexibility, which mainly results from the need to configure new production equipment at design and run time. In this paper we propose self-adaptation as an approach to improve data transmission flexibility in Industry 4.0 environments. We implement an autonomic manager using a generic autonomic management framework, which applies the most appropriate data transmission configuration based on security and business process related requirements, such as performance. The experimental evaluation is carried out in a MQTT infrastructure and the results show that using self-adaptation can significantly improve the trade-off between security and performance. We then propose to integrate anomaly detection methods as a solution to support self-adaptation by monitoring and learning the normal behavior of an industrial system and show how this can be used by the generic autonomic management framework.
Function-as-a-Service Benchmarking Framework
2019, Pellegrini, Roland, Ivkić, Igor, Tauber, Markus
Cloud Service Providers deliver their products in form of ”as-a-Service”, which are typically categorized by the level of abstraction. This approach hides the implementation details and shows only functionality to the user. However, the problem is that it is hard to measure the performance of Cloud services, because they behave like black boxes. Especially with Function-as-a-Service it is even more difficult because it completely hides server and infrastructure management from users by design. Cloud Service Prodivers usually restrict the maximum size of code, memory and runtime of Cloud Functions. Nevertheless, users need clarification if more ressources are needed to deliver services in high quality. In this regard, we present the architectural design of a new Function-as-a-Service benchmarking tool, which allows users to evaluate the performance of Cloud Functions. Furthermore, the capabilities of the framework are tested on an isolated platform with a specific workload. The results show that users are able to get insights into Function-as-a-Service environments. This, in turn, allows users to identify factors which may slow down or speed up the performance of Cloud Functions.
Information Assurance System in the Arrowhead Project
2014-04, Plosz, S., Tauber, Markus, Varga, P.
A Multi-Layer and Multi-Tenant Cloud Assurance Evaluation Methodology
2015, Hudic, A., Tauber, Markus, Loruenser, T., Krotsiani, M., Spanoudakis, G., Mauthe, A., Weippl, E.
Data with high security requirements is being processed and stored with increasing frequency in the Cloud. To guarantee that the data is being dealt in a secure manner we investigate the applicability of Assurance methodologies. In a typical Cloud environment the setup of multiple layers and different stakeholders determines security properties of individual components that are used to compose Cloud applications. We present a methodology adapted from Common Criteria for aggregating information reflecting the security properties of individual constituent components of Cloud applications. This aggregated information is used to categorise overall application security in terms of Assurance Levels and to provide a continuous assurance level evaluation. It gives the service owner an overview of the security of his service, without requiring detailed manual analyses of log files.