Research Outputs

2022 2022 2021 2021 2020 2020 2019 2019 2018 2018 2017 2017 2016 2016 2015 2015 2014 2014 2013 2013 0.0 0.0 1.0 1.0 2.0 2.0 3.0 3.0 4.0 4.0 5.0 5.0 6.0 6.0 7.0 7.0
Now showing 1 - 10 of 47
  • Publication
    Analysing Design Approaches for the Power Consumption in Cyber-Physical Systems
    (IEEE, 2021-06-30) ; ; ;
    Mauthe, Andreas 
    ;
    Gouglidis, Antonios 
    The importance of Cyber Physical Systems (CPS) and Internet of Things (IoT) applications is constantly increasing, especially in the context of Industry 4.0. Architectural decisions are crucial not just for performance, security and resilience reasons but also regarding costs and resource usage. In this paper we analyse two of the fundamental approaches to design control loops (i.e. time-driven and event-driven), show how they can be realised and evaluate their power requirements. Through this the design criteria can be extended also considering the optimization of energy related aspects.
      156
  • Publication
    Trustworthy and High Assurance Cyber-Physical Systems - A Research Agenda
    (ERCIM EEIG, 2015) ;
    Wagner, Christian 
    ;
    Mauthe, Andreas 
      127
  • Publication
    A Framework for Measuring the Costs of Security at Runtime
    (SCITEPRESS, 2019) ; ; ;
    Mauthe, Andreas 
    ;
    In Industry 4.0, Cyber-Physical Systems (CPS) are formed by components, which are interconnected with each other over the Internet of Things (IoT). The resulting capabilities of sensing and affecting the physical world offer a vast range of opportunities, yet, at the same time pose new security challenges. To address these challenges there are various IoT Frameworks, which offer solutions for managing and controlling IoT-components and their interactions. In this regard, providing security for an interaction usually requires performing additional security-related tasks (e.g. authorisation, encryption, etc.) to prevent possible security risks. Research currently focuses more on designing and developing these frameworks and does not satisfactorily provide methodologies for evaluating the resulting costs of providing security. In this paper we propose an initial approach for measuring the resulting costs of providing security for interacting IoT-components by using a Security Cost Modell ing Framework. Furthermore, we describe the necessary building blocks of the framework and provide an experimental design showing how it could be used to measure security costs at runtime.
      537Scopus© Citations 2
  • Publication
    Towards Resilience Metrics for Future Cloud Applications
    (2016)
    Novak, Marko 
    ;
    Shirazi, Syed Noorulhassan 
    ;
    Hudic, Aleksandar 
    ;
    Hecht, Thomas 
    ;
    ;
    Hutchison, David 
    ;
    ;
    An analysis of new technologies can yield insight into the way these technologies will be used. Inevitably, new technologies and their uses are likely to result in new security issues regarding threats, vulnerabilities and attack vectors. In this paper, we investigate and analyse technological and security trends and their potential to become future threats by systematically examining industry reports on existing technologies. Using a cloud computing use case we identify potential resilience metrics that can shed light on the security properties of the system.
      146Scopus© Citations 4
  • Publication
    The Case for Heterogeneous WLAN Environments for Converged Networks
    (2013) ;
    Bhatti, S. N. 
    ;
    Melnikov, N. 
    ;
    Schoenwaelder, J. 
      104
  • Publication
    A Multi-Layer and Multi-Tenant Cloud Assurance Evaluation Methodology
    (2015)
    Hudic, A. 
    ;
    ;
    Loruenser, T. 
    ;
    Krotsiani, M. 
    ;
    Spanoudakis, G. 
    ;
    Mauthe, A. 
    ;
    Weippl, E. 
    Data with high security requirements is being processed and stored with increasing frequency in the Cloud. To guarantee that the data is being dealt in a secure manner we investigate the applicability of Assurance methodologies. In a typical Cloud environment the setup of multiple layers and different stakeholders determines security properties of individual components that are used to compose Cloud applications. We present a methodology adapted from Common Criteria for aggregating information reflecting the security properties of individual constituent components of Cloud applications. This aggregated information is used to categorise overall application security in terms of Assurance Levels and to provide a continuous assurance level evaluation. It gives the service owner an overview of the security of his service, without requiring detailed manual analyses of log files.
      153  2Scopus© Citations 8
  • Publication
    Towards a Security-Aware Benchmarking Framework for Function-as-a-Service
    In a world, where complexity increases on a daily basis the Function-as-a-Service (FaaS) cloud model seams to take countermeasures. In comparison to other cloud models, the fast evolving FaaS increasingly abstracts the underlying infrastructure and refocuses on the application logic. This trend brings huge benefits in application and performance, but comes with difficulties for benchmarking cloud applications. In this position paper, we present an initial investigation of benchmarking FaaS in close to reality production systems. Furthermore, we outline the architectural design including the necessary benchmarking metrics. We also discuss the possibility of using the proposed framework for identifying security vulnerabilities.
      229Scopus© Citations 3
  • Publication
    Interacting with the Arrowhead Local Cloud: On-boarding Procedure
    (IEEE, 2018-05) ; ;
    Hegedűs, Csaba 
    ;
    ;
    Delsing, Jerker 
    ;
    Eliasson, Jens 
    Industrial automation systems are advancing rapidly and a wide range of standards, communication protocols and platforms supporting the integration of devices are introduced. It is therefore necessary to design and build appropriate tools and frameworks that allow the integration of devices with multiple systems and services. In this work we present the Arrow-head Framework, used to enable collaborative IoT automation and introduce two support core systems, SystemRegistry and DeviceRegistry, which are needed to create a chain of trust from a hardware device to a software system and its associated services. Furthermore, we propose an on-boarding procedure of a new device interacting with the Arrowhead local cloud. This ensures that only valid and authorized devices can host software systems within an Arrowhead local cloud.
      179Scopus© Citations 28