Το work with title SPD-Safe: security, privacy, and dependability management on embedded systems in safety-critical applications by Chatzivasilis Georgios is licensed under Creative Commons Attribution 4.0 International
Bibliographic Citation
Georgios Chatzivasilis, "SPD-Safe: security, privacy, and dependability management on embedded systems in safety-critical applications", Doctoral Dissertation, School of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece, 2017
https://doi.org/10.26233/heallink.tuc.70283
Specifying and measuring the properties that a system provides, plays an important role for risk analysis during the development and management processes. Large organizations, like NASA and the FORD motor company, apply formal methodologies to guarantee that the developed systems fulfil the design requirements and accomplish the desired mission critical goals.The effectiveness of cyber-attacks arises security as a main system property. Privacy also becomes important, as high volumes of personal data are processed by modern systems. Still, simple establishment of security and privacy defence mechanisms do not guarantee protection. The dependability of the solution must be also verified. Safety management is crucial, as any incident can lead to potential damage or even personal injury.Tackling the overall security, privacy, and dependability (SPD) calculation in a practical and systematic manner is difficult. The problem hardens when we deal with a composed system. In the era of pervasive and ubiquitous computing several systems are dynamically composed, with high volumes of heterogeneous embedded and mobile devices exchanging information.This thesis examines SPD and safety-related issues on Internet-of-Things (IoT) in corporation with Artificial Intelligence (AI). Formal methods are applied for system composition and SPD validation on evaluating systems. Then, the AI process can manage the system in real-time to protect the system itself and the users of the ambient environment. For example, a smart campus setting can assist living conditions during normal operation and counter cyber-attacks. In case of emergency, like fire or earthquake, the AI manages the surrounding smart equipment to assist the timely and safe evacuation of all evacuees. In other smart city scenarios, the system can detect physical tampering of critical railway infrastructure or car accidents and inform the involving authorities to take actions. Information regarding the incident and the passengers’ health condition are distributed. The goal is to achieve fast response with adequate rescue means.The main achievements of this work include a formal framework which describes the SPD properties of a composed system and its sub-components, and how these features are affected by changes in the state-architecture. The implementation can be used for composition verification, security validation, comparison of different system settings, and evaluation of the impact of a change in a system. Moreover, the proposed framework can be used as a middleware for real-time monitoring and management of a system. Technically, the framework is modelled as the reasoning process of JADE agents and ported in the OSGi middleware platform. The network layer is further fortified by a novel trust-based secure routing protocol that provides enhanced security and performance, surpassing the current solutions.The deployment is applied and demonstrated in five main scenarios:• A smart home application to evaluate and manage embedded devices with ambient intelligence capabilities for assisting living.• An Iot system for precision agriculture deployments with wireless sensor networks (WSNs) for monitoring olive groves or forests while detecting and countering cyber-attacks.• A smart campus setting for disaster mitigation planning that manages the surrounding smart equipment and assist the timely and safe evacuation of all evacuees in case of emergency, like fire.• A railway cyber-physical system (CPS) for smart transportation with in-carriage and on-route WSNs that continuously monitor the critical infrastructure for safety-related incidents while providing protection against cyber-attacks.• A smart vehicle fleet management where the system monitors the underlying vehicles at runtime, protecting against cyber-attacks. The system can also detect car accidents and inform the involving authorities to take actions.