Sofia-Anna Menesidou - Academia.edu (original) (raw)
Papers by Sofia-Anna Menesidou
This repository is part of the research paper "Towards Efficient Control-Flow Attestation wi... more This repository is part of the research paper "Towards Efficient Control-Flow Attestation with software-assisted Multi-level Execution Tracing". This repository includes test cases that are written as simple C programs to provide a minimal codebase for covering Intel-PT each test's requirements. All test cases were compiled with GCC's optimization level set to 0. This ensures fine-grained control over the control flow of the test case via source code. The effectiveness and efficiency of the implemented solution were evaluated based on the tracer's ability to output the correct control-flow profile for the target test case. The performance was measured against two scaling profiles: high-complexity and low-complexity.
Zenodo (CERN European Organization for Nuclear Research), Jan 21, 2021
2022 IEEE International Conference on Cyber Security and Resilience (CSR)
The industrial sector is experiencing an unprecedented number of changes in recent years. New mod... more The industrial sector is experiencing an unprecedented number of changes in recent years. New models of remote delivery, especially in complex ICT infrastructures such as healthcare, increase the potential impact of cybersecurity breaches to a level that has not been experienced before. This paper presents the SECurity And privacy protectioN in internet of Things devices (SECANT) project, an EU-H2020 project aimed to strengthen the understanding of risks, at both human and technical level through the delivery of a holistic framework for cyber security risk assessment for enhancing the digital security, privacy, and personal data protection in complex ICT infrastructures, such in the healthcare ecosystem. The SECANT platform will implement a collaborative threat intelligence collection, analysis and sharing, an innovative risk analysis specifically designed for interconnected nodes of an industrial ecosystem, a cuttingedge trust and accountability mechanisms for data protection and a security awareness training for more informed security choices. This platform will be demonstrated and validated across four operational pilots reflecting different real-life business cases.
2022 IEEE 8th International Conference on Network Softwarization (NetSoft)
The digitisation of the typical electrical grid introduces valuable services, such as pervasive c... more The digitisation of the typical electrical grid introduces valuable services, such as pervasive control, remote monitoring and self-healing. However, despite the benefits, cybersecurity and privacy issues can result in devastating effects or even fatal accidents, given the interdependence between the energy sector and other critical infrastructures. Large-scale cyber attacks, such as Indostroyer and DragonFly have already demonstrated the weaknesses of the current electrical grid with disastrous consequences. Based on the aforementioned remarks, both academia and industry have already designed various cybersecurity standards, such as IEC 62351. However, dynamic risk assessment and certification remain crucial aspects, given the sensitive nature of the electrical grid. On the one hand, dynamic risk assessment intends to re-compute the risk value of the affected assets and their relationships in a dynamic manner based on the relevant security events and alarms. On the other hand, based on the certification process, new approach for the dynamic management of the security need to be defined in order to provide adaptive reaction to new threats. This paper presents a combined approach, showing how both aspects can be applied in a collaborative manner in the smart electrical grid.
International Journal of Production Research
Human-centricity is the core value behind the evolution of manufacturing towards Industry 5.0. Ne... more Human-centricity is the core value behind the evolution of manufacturing towards Industry 5.0. Nevertheless, there is a lack of architecture that considers safety, trustworthiness, and human-centricity at its core. Therefore, we propose an architecture that integrates Artificial Intelligence (Active Learning, Forecasting, Explainable Artificial Intelligence), simulated reality, decision-making, and users' feedback, focusing on synergies between humans and machines. Furthermore, we align the proposed architecture with the Big Data Value Association Reference Architecture Model. Finally, we validate it on two use cases from real-world case studies.
Mobile devices have evolved and experienced an immense popularity over the last few years. This g... more Mobile devices have evolved and experienced an immense popularity over the last few years. This growth however has exposed mobile devices to an increasing number of security threats. Despite the variety of peripheral protection mechanisms described in the literature, authentication and access control cannot provide integral protection against intrusions. Thus, a need for more intelligent and sophisticated security controls such as Intrusion Detection Systems (IDSs) is necessary. Whilst much work has been devoted to mobile device IDSs, research on anomaly-based or behaviour-based IDS for such devices has been limited leaving several problems unsolved. Motivating by this fact, in this paper we focus on anomaly-based IDS for modern mobile devices. A dataset consisting of iPhone users data logs has been created and various classification and validation methods have been evaluated to assess their effectiveness in detecting misuses. Specifically, the experimental procedure includes and cr...
Delay or Disruption Tolerant Networks (DTNs) are becoming popular both in terrestrial and deep sp... more Delay or Disruption Tolerant Networks (DTNs) are becoming popular both in terrestrial and deep space environments as they maintain certain advantages over traditional internetworking protocols such as TCP/IP. The benefits of adopting DTN technologies are clear in environments where connectivity in terms of end-to-end path availability cannot be guaranteed for the lifetime of a communications session. The constraints under which such networks function have severe effects, making the adoption of a large number of security protocols and traditional solutions impossible.In this thesis, we study the issue of security and cryptographic key management in DTNs. Cryptographic key management, including key distribution and revocation issues is the foundation of security in networks. Key management is considered to be a challenging task in DTNs operating in environments with adverse communication conditions such as space. The difficulties and challenges are attributed to the peculiarities and ...
30th European Conference on Networks andCommunications, 2021
I. EDGE TRUST ASSURANCE SERVICES FOR CYBER SECURITY AWARENESS IN 5G-ENABLED ECOSYSTEMS Recent eff... more I. EDGE TRUST ASSURANCE SERVICES FOR CYBER SECURITY AWARENESS IN 5G-ENABLED ECOSYSTEMS Recent efforts have made substantial progress towards realizing next-generation smart-connectivity "Systems-of-Systems" (SoS). These systems have evolved from local, standalone systems into safe and secure solutions distributed over the continuum from cyber-physical end devices, to edge servers and cloud facilities. The core pillar in such ecosystems is the establishment of a 5G infrastructure capable of managing service graph chains with embedded trust [1] comprising both resource-constrained devices, running at the edge, but also microservice technologies (e.g., Docker, LXC) [2]. Under the perspective of cloud application providers and developers, there is an increased interest in emerging mixedcriticality use cases that are apparent in a number of key sectors, from telecommunications to energy, from transport to healthcare and from robotics to military (as stated in the 5G empowering vertical industries report provided by the 5G-PPP association [3]). Such services are characterized by strict performance requirements, fast service deployment times (including also secure remote asset management), scalability and flexibility in the composition of the service graph chains as well as operational assurance but exhibit different levels of security, privacy, and trust requirements and priorities. This generates a clear trend towards decentralized architectures and business models implemented through the Mobile Edge Computing (MEC) concept (Figure 1): The available (trusted) computing resources are positioned at close proximity to the edge devices focusing on protecting the security and integrity of the generated data. Edge and fog computing nodes, mini-data centers (DCs) coexist in a 5G-enabled environment supporting the deployment of mixed-crticality services [4] positioned to execute either closer to the edge or the backend cloud infrastructure, depending on the underlying connectivity requirements and available resources. The goal is to enable high scalability by decomposing a mixed-criticality application into a set of "cloud-native" and "edge-running" microservices, with different trust considerations, and managing secure accelerated offloading capabilities for distributing the resource intensive processes to the backend, thus, limiting the workload that needs to be managed at the edge. This will
2019 IEEE Conference on Network Softwarization (NetSoft), 2019
The Internet of Things (IoT) is rapidly evolving, while introducing several new challenges regard... more The Internet of Things (IoT) is rapidly evolving, while introducing several new challenges regarding security, resilience and operational assurance. In the face of an increasing attack landscape, it is necessary to cater for the provision of efficient mechanisms to collectively verify software-and deviceintegrity in order to detect run-time software modifications that try to manipulate control-flow integrity. Towards this direction, remote attestation techniques have been proposed in the literature as a promising defense mechanism. However, this family of solutions do not capture the real-time requirements of industrial IoT applications and suffer from scalability and efficiency issues. In this paper, we present a lightweight dynamic controlflow property-based attestation architecture (CFPA) that can be applied on both resource-constraint edge and cloud devices and services. Our architecture is a first step towards a new line of attestation-based mechanisms that enables the provision of control-flow attestation of only these specific, critical software components that are comparatively small, simple and limited in function, thus, allowing for a much more efficient verication. Our goal is to enhance run-time software integrity and trustworthiness with a scalable and decentralized solution eliminating the need for federated infrastructure trust. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that security and privacy do not hinder the deployment of intelligent edge computing systems.
Atmosphere
In the past two decades, the world has experienced an unprecedented number of extreme weather eve... more In the past two decades, the world has experienced an unprecedented number of extreme weather events, some causing major human suffering and economic damage. The March 2012 heat wave is one of the most known and broadly discussed events in the Northeast United States (NE-USA). The present study examines in depth the possible influence of solar activity on the historic March 2012 heat wave based on a comparison of solar/space and meteorological data. Our research suggests that the historic March 2012 heat wave (M2012HW) and the March 1910 heat wave (M1910HW), which occurred a century earlier in NE-USA, were related to Sun-generated special space plasma structures triggering large magnetic storms. Furthermore, the largest (Dst = −222 nT) magnetic storm during solar cycle 24 in March 2015 (only three years later than the March 2012 events) occurred in relation to another heat wave (M2015HW) in NE-USA. Both these heat waves, M2012HW and M2015HW, resemble each other in many ways: they we...
Human-centricity is the core value behind the evolution of manufacturing towards Industry 5.0. Ne... more Human-centricity is the core value behind the evolution of manufacturing towards Industry 5.0. Nevertheless, there is a lack of architecture that considers safety, trustworthiness, and human-centricity at its core. Therefore, we propose an architecture that integrates Artificial Intelligence (Active Learning, Forecasting, Explainable Artificial Intelligence), simulated reality, decision-making, and users' feedback, focusing on synergies between humans and machines. Furthermore, we align the proposed architecture with the Big Data Value Association Reference Architecture Model. Finally, we validate it on two use cases from real-world case studies.
The goal is to enable high scalability by decomposing a mixed-criticality application into a set ... more The goal is to enable high scalability by decomposing a mixed-criticality application into a set of "cloud-native" and "edge-running"<br> microservices, with different trust considerations, and managing secure accelerated offloading capabilities for distributing the resource intensive processes to the backend, thus, limiting the workload that needs to be managed at the edge. This will allow the overall system to reach its full potential, in a secure and trusted manner, without impeding safety.
Sensors, 2021
Addressing cyber and privacy risks has never been more critical for organisations. While a number... more Addressing cyber and privacy risks has never been more critical for organisations. While a number of risk assessment methodologies and software tools are available, it is most often the case that one must, at least, integrate them into a holistic approach that combines several appropriate risk sources as input to risk mitigation tools. In addition, cyber risk assessment primarily investigates cyber risks as the consequence of vulnerabilities and threats that threaten assets of the investigated infrastructure. In fact, cyber risk assessment is decoupled from privacy impact assessment, which aims to detect privacy-specific threats and assess the degree of compliance with data protection legislation. Furthermore, a Privacy Impact Assessment (PIA) is conducted in a proactive manner during the design phase of a system, combining processing activities and their inter-dependencies with assets, vulnerabilities, real-time threats and Personally Identifiable Information (PII) that may occur d...
2021 IEEE International Mediterranean Conference on Communications and Networking (MeditCom), 2021
In the face of an increasing attack landscape, it is necessary to cater for efficient mechanisms ... more In the face of an increasing attack landscape, it is necessary to cater for efficient mechanisms to verify software and device integrity for detecting run-time modifications in nextgeneration systems-of-systems. In this context, remote attestation is a promising defense mechanism that allows a third party, the verifier, to ensure a remote device's configuration integrity and behavioural execution correctness. However, most of the existing families of attestation solutions suffer from the lack of softwarebased mechanisms for the efficient extraction of rigid control-flow information. This limits their applicability to only those cyberphysical systems equipped with additional hardware support. This paper proposes a multi-level execution tracing framework capitalizing on recent software features, namely the extended Berkeley Packet Filter and Intel Processor Trace technologies, that can efficiently capture the entire platform configuration and control-flow stacks, thus, enabling wide attestation coverage capabilities that can be applied on both resource-constrained devices and cloud services. Our goal is to enhance run-time software integrity and trustworthiness with a scalable tracing solution eliminating the need for federated infrastructure trust.
Studies in Health Technology and Informatics, 2020
Current technologies provide the ability to healthcare practitioners and citizens, to share and a... more Current technologies provide the ability to healthcare practitioners and citizens, to share and analyse healthcare information, thus improving the patient care quality. Nevertheless, European Union (EU) citizens have very limited control over their own health data, despite that several countries are using national or regional Electronic Health Records (EHRs) for realizing virtual or centralized national repositories of citizens’ health records. Health Information Exchange (HIE) can greatly improve the completeness of patients’ records. However, most of the current researches deal with exchanging health information among healthcare organizations, without giving the ability to the citizens on accessing, managing or exchanging healthcare data with healthcare organizations and thus being able to handle their own data, mainly due to lack of standardization and security protocols. Towards this challenge, in this paper a secure Device-to-Device (D2D) protocol is specified that can be used ...
Becoming a Platform in Europe: On the Governance of the Collaborative Economy, 2021
Future Internet, 2021
As the upsurge of information and communication technologies has become the foundation of all mod... more As the upsurge of information and communication technologies has become the foundation of all modern application domains, fueled by the unprecedented amount of data being processed and exchanged, besides security concerns, there are also pressing privacy considerations that come into play. Compounding this issue, there is currently a documented gap between the cybersecurity and privacy risk assessment (RA) avenues, which are treated as distinct management processes and capitalise on rather rigid and make-like approaches. In this paper, we aim to combine the best of both worlds by proposing the APSIA (Automated Privacy and Security Impact Assessment) methodology, which stands for Automated Privacy and Security Impact Assessment. APSIA is powered by the use of interdependency graph models and data processing flows used to create a digital reflection of the cyber-physical environment of an organisation. Along with this model, we present a novel and extensible privacy risk scoring syste...
In the past two decades the world experienced an exceptional number of unprecedented extreme weat... more In the past two decades the world experienced an exceptional number of unprecedented extreme weather events, some causing major human suffering and economic damage, such as the March 2012 heat event, which was called “Meteorological March Madness.” From the beginning of space era a correlation of solar flares with pressure changes in atmosphere within 2–3 days or even less was reported. In this study we wanted to test the possible relation of highly warm weather events in North-East America with Solar Energetic Particle (SEP) events. For this reason we compared ground temperatures TM in Madison, Wisconsin, with energetic particle fluxes P measured by the EPAM instrument onboard the ACE spacecraft. In particular, we elaborated case events and the results of a statistical study of the SEP events related with the largest (Dst ≤ −150nT) Coronal Mass Ejection (CME)-induced geomagnetic storms, between with the years 1997–2015. The most striking result of ou...
IFIP Advances in Information and Communication Technology, 2012
Key exchange is considered to be a challenging problem in Delay Tolerant Networks (DTNs) operatin... more Key exchange is considered to be a challenging problem in Delay Tolerant Networks (DTNs) operating in space environments. In this paper we investigate the options for integrating key exchange protocols with the Bundle Protocol. We demonstrate this by using a one-pass key establishment protocol. In doing so, we also highlight the peculiarities, issues and opportunities a DTN network maintains, which heavily influences the underlying security solution.
IFIP Advances in Information and Communication Technology, 2012
Key exchange is considered to be a challenging problem in Delay Tolerant Networks (DTNs) operatin... more Key exchange is considered to be a challenging problem in Delay Tolerant Networks (DTNs) operating in space environments. In this paper we investigate the options for integrating key exchange protocols with the Bundle Protocol. We demonstrate this by using a one-pass key establishment protocol. In doing so, we also highlight the peculiarities, issues and opportunities a DTN network maintains, which heavily influences the underlying security solution.
This repository is part of the research paper "Towards Efficient Control-Flow Attestation wi... more This repository is part of the research paper "Towards Efficient Control-Flow Attestation with software-assisted Multi-level Execution Tracing". This repository includes test cases that are written as simple C programs to provide a minimal codebase for covering Intel-PT each test's requirements. All test cases were compiled with GCC's optimization level set to 0. This ensures fine-grained control over the control flow of the test case via source code. The effectiveness and efficiency of the implemented solution were evaluated based on the tracer's ability to output the correct control-flow profile for the target test case. The performance was measured against two scaling profiles: high-complexity and low-complexity.
Zenodo (CERN European Organization for Nuclear Research), Jan 21, 2021
2022 IEEE International Conference on Cyber Security and Resilience (CSR)
The industrial sector is experiencing an unprecedented number of changes in recent years. New mod... more The industrial sector is experiencing an unprecedented number of changes in recent years. New models of remote delivery, especially in complex ICT infrastructures such as healthcare, increase the potential impact of cybersecurity breaches to a level that has not been experienced before. This paper presents the SECurity And privacy protectioN in internet of Things devices (SECANT) project, an EU-H2020 project aimed to strengthen the understanding of risks, at both human and technical level through the delivery of a holistic framework for cyber security risk assessment for enhancing the digital security, privacy, and personal data protection in complex ICT infrastructures, such in the healthcare ecosystem. The SECANT platform will implement a collaborative threat intelligence collection, analysis and sharing, an innovative risk analysis specifically designed for interconnected nodes of an industrial ecosystem, a cuttingedge trust and accountability mechanisms for data protection and a security awareness training for more informed security choices. This platform will be demonstrated and validated across four operational pilots reflecting different real-life business cases.
2022 IEEE 8th International Conference on Network Softwarization (NetSoft)
The digitisation of the typical electrical grid introduces valuable services, such as pervasive c... more The digitisation of the typical electrical grid introduces valuable services, such as pervasive control, remote monitoring and self-healing. However, despite the benefits, cybersecurity and privacy issues can result in devastating effects or even fatal accidents, given the interdependence between the energy sector and other critical infrastructures. Large-scale cyber attacks, such as Indostroyer and DragonFly have already demonstrated the weaknesses of the current electrical grid with disastrous consequences. Based on the aforementioned remarks, both academia and industry have already designed various cybersecurity standards, such as IEC 62351. However, dynamic risk assessment and certification remain crucial aspects, given the sensitive nature of the electrical grid. On the one hand, dynamic risk assessment intends to re-compute the risk value of the affected assets and their relationships in a dynamic manner based on the relevant security events and alarms. On the other hand, based on the certification process, new approach for the dynamic management of the security need to be defined in order to provide adaptive reaction to new threats. This paper presents a combined approach, showing how both aspects can be applied in a collaborative manner in the smart electrical grid.
International Journal of Production Research
Human-centricity is the core value behind the evolution of manufacturing towards Industry 5.0. Ne... more Human-centricity is the core value behind the evolution of manufacturing towards Industry 5.0. Nevertheless, there is a lack of architecture that considers safety, trustworthiness, and human-centricity at its core. Therefore, we propose an architecture that integrates Artificial Intelligence (Active Learning, Forecasting, Explainable Artificial Intelligence), simulated reality, decision-making, and users' feedback, focusing on synergies between humans and machines. Furthermore, we align the proposed architecture with the Big Data Value Association Reference Architecture Model. Finally, we validate it on two use cases from real-world case studies.
Mobile devices have evolved and experienced an immense popularity over the last few years. This g... more Mobile devices have evolved and experienced an immense popularity over the last few years. This growth however has exposed mobile devices to an increasing number of security threats. Despite the variety of peripheral protection mechanisms described in the literature, authentication and access control cannot provide integral protection against intrusions. Thus, a need for more intelligent and sophisticated security controls such as Intrusion Detection Systems (IDSs) is necessary. Whilst much work has been devoted to mobile device IDSs, research on anomaly-based or behaviour-based IDS for such devices has been limited leaving several problems unsolved. Motivating by this fact, in this paper we focus on anomaly-based IDS for modern mobile devices. A dataset consisting of iPhone users data logs has been created and various classification and validation methods have been evaluated to assess their effectiveness in detecting misuses. Specifically, the experimental procedure includes and cr...
Delay or Disruption Tolerant Networks (DTNs) are becoming popular both in terrestrial and deep sp... more Delay or Disruption Tolerant Networks (DTNs) are becoming popular both in terrestrial and deep space environments as they maintain certain advantages over traditional internetworking protocols such as TCP/IP. The benefits of adopting DTN technologies are clear in environments where connectivity in terms of end-to-end path availability cannot be guaranteed for the lifetime of a communications session. The constraints under which such networks function have severe effects, making the adoption of a large number of security protocols and traditional solutions impossible.In this thesis, we study the issue of security and cryptographic key management in DTNs. Cryptographic key management, including key distribution and revocation issues is the foundation of security in networks. Key management is considered to be a challenging task in DTNs operating in environments with adverse communication conditions such as space. The difficulties and challenges are attributed to the peculiarities and ...
30th European Conference on Networks andCommunications, 2021
I. EDGE TRUST ASSURANCE SERVICES FOR CYBER SECURITY AWARENESS IN 5G-ENABLED ECOSYSTEMS Recent eff... more I. EDGE TRUST ASSURANCE SERVICES FOR CYBER SECURITY AWARENESS IN 5G-ENABLED ECOSYSTEMS Recent efforts have made substantial progress towards realizing next-generation smart-connectivity "Systems-of-Systems" (SoS). These systems have evolved from local, standalone systems into safe and secure solutions distributed over the continuum from cyber-physical end devices, to edge servers and cloud facilities. The core pillar in such ecosystems is the establishment of a 5G infrastructure capable of managing service graph chains with embedded trust [1] comprising both resource-constrained devices, running at the edge, but also microservice technologies (e.g., Docker, LXC) [2]. Under the perspective of cloud application providers and developers, there is an increased interest in emerging mixedcriticality use cases that are apparent in a number of key sectors, from telecommunications to energy, from transport to healthcare and from robotics to military (as stated in the 5G empowering vertical industries report provided by the 5G-PPP association [3]). Such services are characterized by strict performance requirements, fast service deployment times (including also secure remote asset management), scalability and flexibility in the composition of the service graph chains as well as operational assurance but exhibit different levels of security, privacy, and trust requirements and priorities. This generates a clear trend towards decentralized architectures and business models implemented through the Mobile Edge Computing (MEC) concept (Figure 1): The available (trusted) computing resources are positioned at close proximity to the edge devices focusing on protecting the security and integrity of the generated data. Edge and fog computing nodes, mini-data centers (DCs) coexist in a 5G-enabled environment supporting the deployment of mixed-crticality services [4] positioned to execute either closer to the edge or the backend cloud infrastructure, depending on the underlying connectivity requirements and available resources. The goal is to enable high scalability by decomposing a mixed-criticality application into a set of "cloud-native" and "edge-running" microservices, with different trust considerations, and managing secure accelerated offloading capabilities for distributing the resource intensive processes to the backend, thus, limiting the workload that needs to be managed at the edge. This will
2019 IEEE Conference on Network Softwarization (NetSoft), 2019
The Internet of Things (IoT) is rapidly evolving, while introducing several new challenges regard... more The Internet of Things (IoT) is rapidly evolving, while introducing several new challenges regarding security, resilience and operational assurance. In the face of an increasing attack landscape, it is necessary to cater for the provision of efficient mechanisms to collectively verify software-and deviceintegrity in order to detect run-time software modifications that try to manipulate control-flow integrity. Towards this direction, remote attestation techniques have been proposed in the literature as a promising defense mechanism. However, this family of solutions do not capture the real-time requirements of industrial IoT applications and suffer from scalability and efficiency issues. In this paper, we present a lightweight dynamic controlflow property-based attestation architecture (CFPA) that can be applied on both resource-constraint edge and cloud devices and services. Our architecture is a first step towards a new line of attestation-based mechanisms that enables the provision of control-flow attestation of only these specific, critical software components that are comparatively small, simple and limited in function, thus, allowing for a much more efficient verication. Our goal is to enhance run-time software integrity and trustworthiness with a scalable and decentralized solution eliminating the need for federated infrastructure trust. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that security and privacy do not hinder the deployment of intelligent edge computing systems.
Atmosphere
In the past two decades, the world has experienced an unprecedented number of extreme weather eve... more In the past two decades, the world has experienced an unprecedented number of extreme weather events, some causing major human suffering and economic damage. The March 2012 heat wave is one of the most known and broadly discussed events in the Northeast United States (NE-USA). The present study examines in depth the possible influence of solar activity on the historic March 2012 heat wave based on a comparison of solar/space and meteorological data. Our research suggests that the historic March 2012 heat wave (M2012HW) and the March 1910 heat wave (M1910HW), which occurred a century earlier in NE-USA, were related to Sun-generated special space plasma structures triggering large magnetic storms. Furthermore, the largest (Dst = −222 nT) magnetic storm during solar cycle 24 in March 2015 (only three years later than the March 2012 events) occurred in relation to another heat wave (M2015HW) in NE-USA. Both these heat waves, M2012HW and M2015HW, resemble each other in many ways: they we...
Human-centricity is the core value behind the evolution of manufacturing towards Industry 5.0. Ne... more Human-centricity is the core value behind the evolution of manufacturing towards Industry 5.0. Nevertheless, there is a lack of architecture that considers safety, trustworthiness, and human-centricity at its core. Therefore, we propose an architecture that integrates Artificial Intelligence (Active Learning, Forecasting, Explainable Artificial Intelligence), simulated reality, decision-making, and users' feedback, focusing on synergies between humans and machines. Furthermore, we align the proposed architecture with the Big Data Value Association Reference Architecture Model. Finally, we validate it on two use cases from real-world case studies.
The goal is to enable high scalability by decomposing a mixed-criticality application into a set ... more The goal is to enable high scalability by decomposing a mixed-criticality application into a set of "cloud-native" and "edge-running"<br> microservices, with different trust considerations, and managing secure accelerated offloading capabilities for distributing the resource intensive processes to the backend, thus, limiting the workload that needs to be managed at the edge. This will allow the overall system to reach its full potential, in a secure and trusted manner, without impeding safety.
Sensors, 2021
Addressing cyber and privacy risks has never been more critical for organisations. While a number... more Addressing cyber and privacy risks has never been more critical for organisations. While a number of risk assessment methodologies and software tools are available, it is most often the case that one must, at least, integrate them into a holistic approach that combines several appropriate risk sources as input to risk mitigation tools. In addition, cyber risk assessment primarily investigates cyber risks as the consequence of vulnerabilities and threats that threaten assets of the investigated infrastructure. In fact, cyber risk assessment is decoupled from privacy impact assessment, which aims to detect privacy-specific threats and assess the degree of compliance with data protection legislation. Furthermore, a Privacy Impact Assessment (PIA) is conducted in a proactive manner during the design phase of a system, combining processing activities and their inter-dependencies with assets, vulnerabilities, real-time threats and Personally Identifiable Information (PII) that may occur d...
2021 IEEE International Mediterranean Conference on Communications and Networking (MeditCom), 2021
In the face of an increasing attack landscape, it is necessary to cater for efficient mechanisms ... more In the face of an increasing attack landscape, it is necessary to cater for efficient mechanisms to verify software and device integrity for detecting run-time modifications in nextgeneration systems-of-systems. In this context, remote attestation is a promising defense mechanism that allows a third party, the verifier, to ensure a remote device's configuration integrity and behavioural execution correctness. However, most of the existing families of attestation solutions suffer from the lack of softwarebased mechanisms for the efficient extraction of rigid control-flow information. This limits their applicability to only those cyberphysical systems equipped with additional hardware support. This paper proposes a multi-level execution tracing framework capitalizing on recent software features, namely the extended Berkeley Packet Filter and Intel Processor Trace technologies, that can efficiently capture the entire platform configuration and control-flow stacks, thus, enabling wide attestation coverage capabilities that can be applied on both resource-constrained devices and cloud services. Our goal is to enhance run-time software integrity and trustworthiness with a scalable tracing solution eliminating the need for federated infrastructure trust.
Studies in Health Technology and Informatics, 2020
Current technologies provide the ability to healthcare practitioners and citizens, to share and a... more Current technologies provide the ability to healthcare practitioners and citizens, to share and analyse healthcare information, thus improving the patient care quality. Nevertheless, European Union (EU) citizens have very limited control over their own health data, despite that several countries are using national or regional Electronic Health Records (EHRs) for realizing virtual or centralized national repositories of citizens’ health records. Health Information Exchange (HIE) can greatly improve the completeness of patients’ records. However, most of the current researches deal with exchanging health information among healthcare organizations, without giving the ability to the citizens on accessing, managing or exchanging healthcare data with healthcare organizations and thus being able to handle their own data, mainly due to lack of standardization and security protocols. Towards this challenge, in this paper a secure Device-to-Device (D2D) protocol is specified that can be used ...
Becoming a Platform in Europe: On the Governance of the Collaborative Economy, 2021
Future Internet, 2021
As the upsurge of information and communication technologies has become the foundation of all mod... more As the upsurge of information and communication technologies has become the foundation of all modern application domains, fueled by the unprecedented amount of data being processed and exchanged, besides security concerns, there are also pressing privacy considerations that come into play. Compounding this issue, there is currently a documented gap between the cybersecurity and privacy risk assessment (RA) avenues, which are treated as distinct management processes and capitalise on rather rigid and make-like approaches. In this paper, we aim to combine the best of both worlds by proposing the APSIA (Automated Privacy and Security Impact Assessment) methodology, which stands for Automated Privacy and Security Impact Assessment. APSIA is powered by the use of interdependency graph models and data processing flows used to create a digital reflection of the cyber-physical environment of an organisation. Along with this model, we present a novel and extensible privacy risk scoring syste...
In the past two decades the world experienced an exceptional number of unprecedented extreme weat... more In the past two decades the world experienced an exceptional number of unprecedented extreme weather events, some causing major human suffering and economic damage, such as the March 2012 heat event, which was called “Meteorological March Madness.” From the beginning of space era a correlation of solar flares with pressure changes in atmosphere within 2–3 days or even less was reported. In this study we wanted to test the possible relation of highly warm weather events in North-East America with Solar Energetic Particle (SEP) events. For this reason we compared ground temperatures TM in Madison, Wisconsin, with energetic particle fluxes P measured by the EPAM instrument onboard the ACE spacecraft. In particular, we elaborated case events and the results of a statistical study of the SEP events related with the largest (Dst ≤ −150nT) Coronal Mass Ejection (CME)-induced geomagnetic storms, between with the years 1997–2015. The most striking result of ou...
IFIP Advances in Information and Communication Technology, 2012
Key exchange is considered to be a challenging problem in Delay Tolerant Networks (DTNs) operatin... more Key exchange is considered to be a challenging problem in Delay Tolerant Networks (DTNs) operating in space environments. In this paper we investigate the options for integrating key exchange protocols with the Bundle Protocol. We demonstrate this by using a one-pass key establishment protocol. In doing so, we also highlight the peculiarities, issues and opportunities a DTN network maintains, which heavily influences the underlying security solution.
IFIP Advances in Information and Communication Technology, 2012
Key exchange is considered to be a challenging problem in Delay Tolerant Networks (DTNs) operatin... more Key exchange is considered to be a challenging problem in Delay Tolerant Networks (DTNs) operating in space environments. In this paper we investigate the options for integrating key exchange protocols with the Bundle Protocol. We demonstrate this by using a one-pass key establishment protocol. In doing so, we also highlight the peculiarities, issues and opportunities a DTN network maintains, which heavily influences the underlying security solution.