The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Campus networks and enterprise networks increasingly depend on middleboxes (e.g., firewalls, NAT, load balancers, IDS/IDP) to provide essential services or enforce network policies. These middleboxes often limit the performance of network applications, especially those involved in big data transfer. To address this problem, we propose a Software Defined Networking (SDN) campus network architecture,...
A standardized Communication / Information Protocol is necessary for implementing the 4 upper digitalization layers of Industrie 4.0-compliant solutions. OPC UA is one of the leading and preferred technology. Currently, there are many different OPC UA implementations available on the market. This paper gives an overview of existing solutions and shows the results of an initial benchmarking based on...
The discussion of threats and vulnerabilities in Industrial Control Systems has gained popularity during the last decade due to the increase in interest and growing concern to secure these systems. In order to provide an overview of the complete landscape of these threats and vulnerabilities this contribution provides a tiered security analysis of the assets that constitute Industrial Control Systems...
Due to SCADA (Supervisory Control And Data Acquisition) system constitutes critical infrastructure, the disablement of its components could have a significant influence on the national security. It should be emphasized that the problem to identify and confront threats to the security of SCADA energy systems. A new method to solve this problem is proposed in this paper, based on the construction of...
In World Wide Web (www) software engineering is playing an inevitable role. Implementation of regular software engineering models seems a little redundant on any Web Based Applications. The objective of the research is to implement component based software development for Web Based Applications to perform different services. Therefore, the theme of the research work would be on component selection...
Until recently, IT security received limited attention within the scope of Process Control Systems (PCS). In the past, PCS consisted of isolated, specialized components running closed process control applications, where hardware was placed in physically secured locations and connections to remote network infrastructures were forbidden. Nowadays, industrial communications are fully exploiting the plethora...
Different perspectives about the concept of Robustness in Automotive Electronic are provides by leading edge semiconductor manufacturer. Xilinx contribution is related to the development and evaluation of Software Test Libraries suitable for in-field testing of the interconnect blocks in large SoCs. Infineon (IFX) section is discussing safety and security concerns of On-Line FLASH Memory Repair. STMicroelectronics...
The innovative application of 5G core technologies, namely Software Defined Networking (SDN) and Network Function Virtualization (NFV), can help reduce capital and operational expenditures in industrial networks. Nevertheless, SDN expands the attack surface of the communication infrastructure, thus necessitating the introduction of additional security mechanisms. A wind park is a good example of an...
Recruitment and selection of new employees rank to the important processes of human potential management and development. Especially the process of employee selection prepares proper conditions for a successful work performance and decides on a future progress-ability of the organizations. In a unique sector of private security, the precise realization of employee selection can solve one of the most...
This paper represents possible approaches to cyber security assurance for implementation the configuration process of Field Programmable Gates Array (FPGA) based platform for safety critical applications. It also contains results of conducted analysis for secure configuration process in existing platforms, similar in terms of functionality, but based on different technologies. Protection concepts...
Several approaches to protect data and code, and ensure execution in a secure environment without getting infected from malwares, such as isolation, sandboxing, trust-based execution, application oriented access control have been proposed. In recent times, hardware-based solutions like ARM TrustZone and Intel SGX Enclave have been introduced to protect code and data from being infected or modified...
Software applications contain valuable assets that, if compromised, can make the security of users at stake and cause huge monetary losses for software developers. Software protections are applied whenever assets' security is at risk as they delay successful attacks. Unfortunately, protections might have recognizable fingerprints that can expose the location of the assets, thus facilitating the attackers'...
In the recent times, software security has gained a great deal of attention in the Software Development Life Cycle due to increased cases of reported cyber threats and incidents. A considerable number of cyber-attacks targeting financial systems has made security be the most critical feature in banking systems. However, establishing security requirements for these applications can be a challenging...
Testing software-intensive systems, for us, has traditionally focused on verifying and validating compliance and conformance to specification, as well as some general non-functional requirements such as performance of different components. In recent years, we have seen a strong move towards more data intensive systems. We have found that these types of systems require a different approach for testing...
This paper proposes a conceptual, performance-based ranking framework that prioritises the output of multiple Static Analysis Tools, to improve the tool effectiveness and usefulness. The framework weights the performance of Static Analysis Tools per defect type and cross-validates the findings between different Static Analysis Tools' reports. An initial validation shows the potential benefits of the...
Implementing cryptography on Internet-of-Things (IoT) devices, that is resilient against side channel analysis, has so far been a task only suitable for specialist software designers in interaction with access to a sophisticated testing facility. Recently a novel tool has been developed, ELMO, which offers the potential to enable non-specialist software developers to evaluate their code w.r.t. power...
Medical Cyber Physical Systems (MCPS) are lifecritical networked systems of medical devices. These systems are increasingly used in hospitals to provide high-quality healthcare for patients. However, MCPS also bring concerns about security and safety and new challenges to protect patients from acts of theft or malice. In this paper, we focus our investigation on a thorough understanding of threat...
Security cases—which document the rationale for believing that a system is adequately secure—have not been sufficiently used for a lack of practical construction method. This paper presents a hierarchical software security case development method to address this issue. We present a security concept relationship model first, then come up with a hierarchical asset-threat-control measure argument strategy,...
In this presentation, I describe how the SEI’s Security Engineering Risk Analysis (SERA) method provides a structure that connects desired system functionality with the underlying software to evaluate the sufficiency of requirements for software security and the potential operational security risks based on mission impact.
As modern unmanned aerial systems (UAS) continue to expand the frontiers of automation, new challenges to security and thus its safety are emerging. It is now difficult to completely secure modern UAS platforms due to their openness and increasing complexity. We present the VirtualDrone Framework, a software architecture that enables an attack-resilient control of modern UAS. It allows the system...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.