Aspect-oriented Modeling of Attacks in Automotive Cyber-Physical Systems

This paper introduces aspect-oriented modeling (AOM) as a powerful, model-based design technique to assess the secu- rity of Cyber-Physical Systems (CPS). Particularly in safety- critical CPS such as automotive control systems, the pro- tection against malicious design and interaction faults is paramount to guaranteeing correctness and reliable opera- tion. Essentially, attack models are associated with the CPS in an aspect-oriented manner to evaluate the system under attack. This modeling technique requires minimal changes to the model of the CPS. Using application-specic metrics, the designer can gain insights into the behavior of the CPS under attack. Copyright 2014 ACM

Disease Specific Autoantibodies in Idiopathic Inflammatory Myopathies

Idiopathic inflammatory myopathies represent still a diagnostic and therapeutic challenge in different disciplines including neurology, rheumatology, and dermatology. In recent years, the spectrum of idiopathic inflammatory myopathies has been significantly extended and the different manifestations were described in more detail leading to new classification criteria. A major breakthrough has also occurred with respect to new biomarkers especially with the characterization of new autoantibody-antigen systems, which can be separated in myositis specific antibodies and myositis associated antibodies. These markers are detectable in approximately 80% of patients and facilitate not only the diagnostic procedures, but provide also important information on stratification of patients with respect to organ involvement, risk of cancer and overall prognosis of disease. Therefore, it is not only of importance to know the significance of these markers and to be familiar with the optimal diagnostic tests, but also with potential limitations in detection. This article focuses mainly on antibodies which are specific for myositis providing an overview on the targeted antigens, the available detection procedures and clinical association. As major tasks for the near future, the need of an international standardization is discussed for detection methods of autoantibodies in idiopathic inflammatory myopathies. Furthermore, additional investigations are required to improve stratification of patients with idiopathic inflammatory myopathies according to their antibody profile with respect to response to different treatment options

Spatio-temporal patterns : using spatio-temporal predicates to recognize situations in field sports

6

A review of the evolution of spatio-temporal data types

Only the abstract and references were published in the proceedings. There is no full text.The motivation for this presentation is to show current approaches for modelling processes in time and space. Different approaches have taken place to extend existing RDBMS to spatio-temporal functionality. The re-examination of the relational model and the demand for spatial as well as temporal data types has driven the effort to create new types of databases. The capabilities of the spatial and temporal object database Tripod which is based on a spatio-temporal data type approach is the foundation for this study (Griffiths et al. 2001). A review of the moving-object model is made (Gueting et al. 2003) and its relation to the implemented Tripod data model is outlined, following the evolution on their common roots.PublishedNon Peer ReviewedGriffiths, T., Fernandes, A., Paton, N., Mason, K., Huang, B., Worboys, M. (2001) The Tripod Spatio-Historical Object Model, 20th International Conference on Conceptual Modelling (ER2001), Yokohama, Japan Gueting R. H., Boehlen M. H., Erwig M., Jensen C. S., Lorentzos N., Nardelli E., Schneider M., Viqueira J.R.R. (2003) Spatio-temporal Models: An Approach based on Data Types. Spatio-Temporal Databases – The Chorochronous Approach, T. Sellis et al. (Eds.): Spatio-temporal Databases, LNCS 2520, pp. 117-176, 200

Security in Time-Triggered Systems

Zeitgesteuerte Systeme definieren einen Architekturstil zum Bau von verlässlichen Echtzeitsystemen. Bisher hat sich die Forschung an zeitgesteuerten Systemen auf Eigenschaften wie Betriebssicherheit, Zuverlässigkeit und Fehlertoleranz konzentriert. Diese Arbeit analysiert die Securityaspekte von zeitgesteuerten Systemen und schlägt Services vor, um ihre Sicherheit im Bezug auf böswillige Manipulation zu verbessern. Ein spezieller Fokus liegt auf der globalen Zeitbasis, die das zentrale Element in einem zeitgesteuerten System ist, um effizient Securityprotokolle zu implementieren.Die Time-Triggered Architecture (TTA) bietet eine konsistente, verteilte Plattform für Echtzeitsysteme und ist besonders gut geeignet für die Implementierung von sicherheitskritischen Systemen (z.B. Anwendungen der Regelungstechnik). Neue Entwicklungen in Bereich der sicherheitskritischen Systeme wie steigende Konnektivität und Erweiterbarkeit der Geräte, zusammen mit deren Einsatz in unvertrauenswürdigen und wenig kontrollierbaren Umgebungen eröffnen böswillige Fehlermodi, denen in der Vergangenheit noch keine Bedeutung zugekommen ist. Sicherheitsprotokolle sind ein aktives Forschungsgebiet und werden erfolgreich in verteilten Computersystemen von unterschiedlicher Grösse und in verschiedenen Einsatzgebieten (z.B.drahtlose Sensor Netzwerke, das Internet) angewandt. Diese Domänen bieten eine ausgereifte Wissensbasis an Securityprotokollen und Algorithmen, allerdings wurde bis jetzt noch nicht untersucht, wie diese in der TTA angewendet werden können. Der erste Schritt, um Security in zeitgesteuerten Systemen zu untersuchen, ist es ein Angriffsmodell für Regelungssysteme, die auf einer zeitgesteuerten Plattform implementiert sind, zu definieren. Danach werdenMechanismen der TTA, die deren Verlässlichkeit garantieren sollen, untersucht, inwiefern diese auch Bedrohungen abdecken. Diese Analyse versetzt uns in die Lage eine Securityarchitektur zu definieren, die mit den speziellen Eigenschaften eines zeitgesteuerten Systems verschränkt ist. Zum Abschluss wird eine Fallstudie aus dem Bereich der Fernmesssysteme erstellt und ausgewählte Konzepte werden experimentell evaluiert.Als Ergebnis der Arbeit zeigen wir dass die Verlässlichkeitsmechanismen der TTA Angriffe zum Teil abwehren und dadurch eine solide Basis für die Implementierung von sicheren Systemen darstellt. Des Weiteren schlagen wir Securityprotokolle vor, um die globale Zeitbasis vor böswillgen Manipulationen zu beschützen, für effiziente Authentifikation der Kommunikation auf Anwendungsebene und um sicher einen Knoten im verteilten System hochzufahren. Die Evaluierung zeigt, dass der gewählte Ansatz durchführbar und effizient ist, sowie dass die Protokolle die gewünschten Securityanforderungen in einem Fernmesssystem erfüllen.Time-triggered systems define an architectural style to build dependable real-time systems. Until now, research has focused on the safety, reliability, and fault-tolerance properties of time-triggered systems. This thesis analyses the security aspects of timetriggered systems and proposes services to enhance their security. A particular research topic is the role of the global time base, which is the central architectural element in time-triggered systems, to efficiently implement security protocols.The Time-Triggered Architecture (TTA) provides a consistent computing base in a distributed real-time system and is particularly suitable for the implementation of safety-critical systems like process control systems. New developments in the area of safety-critical applications like increasing connectivity and extensibility of devices, and deployment in untrusted and less controlled environments open the arena for malicious failure modes which have not been an issue in the past.Security protocols are an active research area and they have been successfully applied in networked computer systems of different scales and purposes (e.g., wireless sensor networks, the Internet). These domains offer a mature body of knowledge of protocols and algorithms, but until now no research has been done, how these protocols can be applied in the TTA. The first step to research security in time-triggered systems is to define a threat model for process control systems implemented on top of a time-triggered computing platform. Next, we assess the functioning of the TTA's dependability mechanisms in face of common threats. After this analysis, we are able to define a security architecture that interlocks with the specialities of time-triggered systems. Finally, we present a case study in the area of Wide-Area Measurement Systems (WAMS) and provide an experimental evaluation of selected concepts.We are able to show that the dependability mechanisms of the TTA counteract attacks to a certain degree and hence provide a solid foundation for the implementation of security. Furthermore, we propose a suite of security protocols to protect the global time base from malicious manipulations, to implement efficient authentication of application-level communication, and to securely bootstrap a node. The evaluation reveals that our approach is feasible and efficient and that the protocols fulfil the security requirements in a WAMS