Search Results (49)

The swift evolution of information technology and growing connectivity in critical applications have elevated cybersecurity, protecting and certifying software and designs against rising cyber threats. For example, software and hardware have become highly susceptible to various threats, like reverse engineering, cloning, tampering, and IP piracy. While various techniques exist to enhance software and hardware security, including encryption, native code, and secure server-side execution, obfuscation emerges as a preeminent and cost-efficient solution to address these challenges. Obfuscation purposely converts software and hardware to improve complexity for probable adversaries, targeting obscure realization operations while preserving safety and functionality. Former research has commonly engaged features of obfuscation, deobfuscation, and obfuscation detection approaches. A novel departure from conventional research methodologies, this revolutionary comprehensive article reviews these approaches in depth. It explicates the correlations and dynamics among them. Furthermore, it conducts a meticulous comparative analysis, evaluating obfuscation techniques across parameters such as the methodology, testing procedures, efficacy, associated drawbacks, market applicability, and prospects for future enhancement. This review aims to assist organizations in wisely electing obfuscation techniques for firm protection against threats and enhances the strategic choice of deobfuscation and obfuscation detection techniques to recognize vulnerabilities in software and hardware products. This empowerment permits organizations to proficiently treat security risks, guaranteeing secure software and hardware solutions, and improving user satisfaction for maximized profitability. Full article

Recent advances in technologies such as blockchain, the Internet of Things (IoT), Cyber–Physical Systems (CPSs), and the Industrial Internet of Things (IIoT) have driven the digitalization and intelligent transformation of modern industries. However, embedded control devices within power system communication infrastructures have become increasingly susceptible to cyber threats due to escalating software complexity and extensive network exposure. We have seen that symmetric conventional patching techniques—both static and dynamic—often fail to satisfy the stringent requirements of real-time responsiveness and computational efficiency in resource-constrained environments of all kinds of power grids. To address this limitation, we have proposed a hardware-assisted runtime patching framework tailored for embedded systems in critical power system networks. Our method has integrated binary-level vulnerability modeling, execution-trace-driven fault localization, and lightweight patch synthesis, enabling dynamic, in-place code redirection without disrupting ongoing operations. By constructing a system-level instruction flow model, the framework has leveraged on-chip debug registers to deploy patches at runtime, ensuring minimal operational impact. Experimental evaluations within a simulated substation communication architecture have revealed that the proposed approach has reduced patch latency by 92% over static techniques, which are symmetrical in a working way, while incurring less than 3% CPU overhead. This work has offered a scalable and real-time model-driven defense strategy that has enhanced the cyber–physical resilience of embedded systems in modern power systems, contributing new insights into the intersection of runtime security and grid infrastructure reliability. Full article

This research introduces Fortified-Edge 2.0, a novel authentication framework that addresses critical security and privacy challenges in Physically Unclonable Function (PUF)-based systems for collaborative edge computing (CEC). Unlike conventional methods that transmit full binary Challenge–Response Pairs (CRPs) and risk exposing sensitive data, Fortified-Edge 2.0 employs a machine-learning-driven feature-abstraction technique to extract and utilize only essential characteristics of CRPs, obfuscating the raw binary sequences. These feature vectors are then processed using lightweight cryptographic primitives, including ECDSA, to enable secure authentication without exposing the original CRP. This eliminates the need to transmit sensitive binary data, reducing the attack surface and bandwidth usage. The proposed method demonstrates strong resilience against modeling attacks, replay attacks, and side-channel threats while maintaining the inherent efficiency and low power requirements of PUFs. By integrating PUF unpredictability with ML adaptability, this research delivers a scalable, secure, and resource-efficient solution for next-generation authentication in edge environments. Full article

This research investigates the integration of quantum hardware-assisted security into critical applications, including the Industrial Internet-of-Things (IIoT), Smart Grid, and Smart Transportation. The Quantum Physical Unclonable Functions (QPUF) architecture has emerged as a robust security paradigm, harnessing the inherent randomness of quantum hardware to generate unique and tamper-resistant cryptographic fingerprints. This work explores the potential of Quantum Computing for Security-by-Design (SbD) in the Industrial Internet-of-Things (IIoT), aiming to establish security as a fundamental and inherent feature. SbD in Quantum Computing focuses on ensuring the security and privacy of Quantum computing applications by leveraging the fundamental principles of quantum mechanics, which underpin the quantum computing infrastructure. This research presents a scalable and sustainable security framework for the trusted attestation of smart industrial entities in Quantum Industrial Internet-of-Things (QIoT) applications within Industry 4.0. Central to this approach is the QPUF, which leverages quantum mechanical principles to generate unique, tamper-resistant fingerprints. The proposed QPUF circuit logic has been deployed on IBM quantum systems and simulators for validation. The experimental results demonstrate the enhanced randomness and an intra-hamming distance of approximately 50% on the IBM quantum hardware, along with improved reliability despite varying error rates, coherence, and decoherence times. Furthermore, the circuit achieved 100% reliability on Google’s Cirq simulator and 95% reliability on IBM’s quantum simulator, highlighting the QPUF’s potential in advancing quantum-centric security solutions. Full article

The automotive industry is fully shifting towards autonomous connected vehicles. By advancing vehicles’ intelligence and connectivity, the industry has enabled innovative functions such as advanced driver assistance systems (ADAS) in the direction of driverless cars. Such functions are often referred to as cyber-physical features, since almost all of them require collecting data from the physical environment to make automotive operation decisions and properly actuate in the physical world. However, increased functionalities result in increased complexity, which causes serious security vulnerabilities that are typically a result of mushrooming functionality and hence complexity. In a world where we keep seeing traditional mechanical systems shifting to x-by-wire solutions, the number of connected sensors, processing systems, and communication buses inside the car exponentially increases, raising several safety and security concerns. Because there is no safety without security, car manufacturers start struggling in making lightweight sensor and processing systems while keeping the security aspects a major priority. This article surveys the current technological challenges in securing autonomous vehicles and contributes a cross-layer analysis bridging hardware security primitives, real-world side-channel threats, and redundancy-based fault tolerance in automotive electronic control units (ECUs). It combines architectural insights with an evaluation of commercial support for TrustZone, trusted platform modules (TPMs), and lockstep platforms, offering both academic and industry audiences a grounded perspective on gaps in current hardware capabilities. Finally, it outlines future directions and presents a forward-looking vision for securing sensors and processing systems in the path toward fully safe and connected autonomous vehicles. Full article

An industrial-scale increase in applications of the Internet of Things (IoT), a significant number of which are based on the concept of federation, presents unique security challenges due to their distributed nature and the need for secure communication between components from different administrative domains. A federation may be created for the duration of a mission, such as military operations or Humanitarian Assistance and Disaster Relief (HADR) operations. These missions often occur in very difficult or even hostile environments, posing additional challenges for ensuring reliability and security. The heterogeneity of devices, protocols, and security requirements in different domains further complicates the requirements for the secure distribution of data streams in federated IoT environments. The effective dissemination of data streams in federated environments also ensures the flexibility to filter and search for patterns in real-time to detect critical events or threats (e.g., fires and hostile objects) with changing information needs of end users. The paper presents a novel and practical framework for secure and reliable data stream dissemination in federated IoT environments, leveraging blockchain, Apache Kafka brokers, and microservices. To authenticate IoT devices and verify data streams, we have integrated a hardware and software IoT gateway with the Hyperledger Fabric (HLF) blockchain platform, which records the distinguishing features of IoT devices (fingerprints). In this paper, we analyzed our platform’s security, focusing on secure data distribution. We formally discussed potential attack vectors and ways to mitigate them through the platform’s design. We thoroughly assess the effectiveness of the proposed framework by conducting extensive performance tests in two setups: the Amazon Web Services (AWS) cloud-based and Raspberry Pi resource-constrained environments. Implementing our framework in the AWS cloud infrastructure has demonstrated that it is suitable for processing audiovisual streams in environments that require immediate interoperability. The results are promising, as the average time it takes for a consumer to read a verified data stream is in the order of seconds. The measured time for complete processing of an audiovisual stream corresponds to approximately 25 frames per second (fps). The results obtained also confirmed the computational stability of our framework. Furthermore, we have confirmed that our environment can be deployed on resource-constrained commercial off-the-shelf (COTS) platforms while maintaining low operational costs. Full article

The Trusted Execution Environment (TEE) is crucial for safeguarding the ecosystem of embedded systems. It uses isolation to minimize the TCB (Trusted Computing Base) and protect sensitive software. It is vital because devices handle vast, potentially sensitive data. Leveraging ARM TrustZone, widely used in mobile and IoT for TEEs, it ensures hardware protection via security extensions, though needing firmware and software stack support. Despite the reputation of TEEs for high security, TrustZone-aided ones have vulnerabilities. Fuzzing, as a practical bug-finding technique, has seen limited research in the context of TEE. The unique software architecture of TrustZone-assisted TEE complicates the direct application of traditional fuzzing methods. Moreover, simplistic approaches, such as feeding random input values into TEE through the API functions of the rich operating system, fail to uncover deeper, latent bugs within the TEE code. In this paper, we present a fuzzing strategy for TrustZone-assisted TEE that utilizes inferred dependencies between Trusted Kernel system calls to uncover deep-seated TEE bugs. We implemented our approach on OP-TEE, where it successfully identified 17 crashes, including one previously undetected kernel bug. Full article

Edge computing (EC) is a distributed computing approach to processing data at the network edge, either by the device or a local server, instead of centralized data centers or the cloud. EC proximity to the data source can provide faster insights, response time, and bandwidth utilization. However, the distributed architecture of EC makes it vulnerable to data security breaches and diverse attack vectors. The edge paradigm has limited availability of resources like memory and battery power. Also, the heterogeneous nature of the hardware, diverse communication protocols, and difficulty in timely updating security patches exist. A significant number of researchers have presented countermeasures for the detection and mitigation of data security threats in an EC paradigm. However, an approach that differs from traditional data security and privacy-preserving mechanisms already used in cloud computing is required. Artificial Intelligence (AI) greatly improves EC security through advanced threat detection, automated responses, and optimized resource management. When combined with Physical Unclonable Functions (PUFs), AI further strengthens data security by leveraging PUFs’ unique and unclonable attributes alongside AI’s adaptive and efficient management features. This paper investigates various edge security strategies and cutting-edge solutions. It presents a comparison between existing strategies, highlighting their benefits and limitations. Additionally, the paper offers a detailed discussion of EC security threats, including their characteristics and the classification of different attack types. The paper also provides an overview of the security and privacy needs of the EC, detailing the technological methods employed to address threats. Its goal is to assist future researchers in pinpointing potential research opportunities. Full article

This article presents an innovative application designed to assist parents in monitoring and analyzing their children’s sleep patterns, contributing to insights into their health and development. The application integrates a hardware solution that captures sleep data through sensors. These data are then processed, analyzed, and securely stored in a cloud database. Key features of the application include real-time monitoring of the child’s sleep status, historical sleep data visualization through graphical representations, and alert notifications for any detected abnormalities. The system offers a comprehensive tool for parents to ensure the well-being of their children by providing valuable sleep-related information. Full article

One of the main security challenges when federating separate Internet of Things (IoT) administrative domains is effective Identity and Access Management, which is required to establish trust and secure communication between federated IoT devices. The primary goal of the work is to develop a “lightweight” protocol to enable authentication and authorization of IoT devices in federated environments and ensure the secure communication of IoT devices. We propose a novel Lightweight Authentication and Authorization Framework for Federated IoT (LAAFFI) which takes advantage of the unique fingerprint of IoT devices based on their configuration and additional hardware modules, such as Physical Unclonable Function, to provide flexible authentication and authorization based on Distributed Ledger technology. Moreover, LAAFFI supports IoT devices with limited computing resources and devices not equipped with secure storage space. We implemented a prototype of LAAFFI and evaluated its performance in the Hyperledger Fabric-based IoT framework. Three main metrics were evaluated: latency, throughput (number of operations or transactions per second), and network resource utilization rate (transmission overhead introduced by the LAAFFI protocol). The performance tests conducted confirmed the high efficiency and suitability of the protocol for federated IoT environments. Also, all LAAFFI components are scalable as confirmed by tests. We formally evaluated LAAFFI security using Verifpal as a formal verification tool. Based on the models developed for Verifpal, we validated their security properties, such as message secrecy, authenticity, and freshness. Our results show that the proposed solution can improve the security of federated IoT environments while providing zero-day interoperability and high scalability. Compared to existing solutions, LAAFFI is more efficient due to the use of symmetric cryptography and algorithms adapted for operations involving IoT devices. LAAFFI supports multiple authorization mechanisms, and since it also offers authentication and accountability, it meets the requirements of Authentication, Authorization and Accounting (AAA). It uses Distributed Ledger (DL) and smart contracts to ensure that the request complies with the policies agreed between the organizations. LAAFFI offers authentication of devices belonging to a single organization and different organizations, with the assurance that the encryption key will be shared with another device only if the appropriate security policy is met. The proposed protocol is particularly useful for ensuring the security of federated IoT environments created ad hoc for special missions, e.g., operations conducted by NATO countries and disaster relief operations Humanitarian Assistance and Disaster Relief (HADR) involving military forces and civilian services, where immediate interoperability is required. Full article

In this paper, we introduce an efficient lossy coding procedure specifically tailored for handling video sequences of automotive high-dynamic range (HDR) image sensors in advanced driver-assistance systems (ADASs) for autonomous vehicles. Nowadays, mainly for security reasons, lossless compression is used in the automotive industry. However, it offers very low compression rates. To obtain higher compression rates, we suggest using lossy codecs, especially when testing image processing algorithms in software in-the-loop (SiL) or hardware-in-the-loop (HiL) conditions. Our approach leverages the high-quality VP9 codec, operating in two distinct modes: grayscale image compression for automatic image analysis and color (in RGB format) image compression for manual analysis. In both modes, images are acquired from the automotive-specific RCCC (red, clear, clear, clear) image sensor. The codec is designed to achieve a controlled image quality and state-of-the-art compression ratios while maintaining real-time feasibility. In automotive applications, the inherent data loss poses challenges associated with lossy codecs, particularly in rapidly changing scenes with intricate details. To address this, we propose configuring the lossy codecs in variable bitrate (VBR) mode with a constrained quality (CQ) parameter. By adjusting the quantization parameter, users can tailor the codec behavior to their specific application requirements. In this context, a detailed analysis of the quality of lossy compressed images in terms of the structural similarity index metric (SSIM) and the peak signal-to-noise ratio (PSNR) metrics is presented. With this analysis, we extracted some codec parameters, which have an important impact on preservation of video quality and compression ratio. The proposed compression settings are very efficient: the compression ratios vary from 51 to 7765 for grayscale image mode and from 4.51 to 602.6 for RGB image mode, depending on the specified output image quality settings. We reached 129 frames per second (fps) for compression and 315 fps for decompression in grayscale mode and 102 fps for compression and 121 fps for decompression in the RGB mode. These make it possible to achieve a much higher compression ratio compared to lossless compression while maintaining control over image quality. Full article

Environmental monitoring is essential for safeguarding the health of our planet and protecting human health and well-being. Without trust, the effectiveness of environmental monitoring and the ability to address environmental challenges are significantly compromised. In this paper, we present a sensor platform capable of performing authenticated and trustworthy measurements, together with a lightweight security protocol for sending the data from the sensor to a central server anonymously. Besides presenting a new and very efficient symmetric-key-based protocol, we also demonstrate on real hardware how existing embedded security modules can be utilized for this purpose. We provide an in-depth evaluation of the performance and a detailed security analysis. Full article

The development of the automotive industry is associated with the rapid advancement of onboard systems. In addition, intensive development in the electronics and control systems industry has resulted in a change in the approach to the issue of assistance systems in vehicles. Classic hydraulic systems have been almost completely replaced by modern electric power steering (EPS) systems, especially in citizen vehicles. This paper focuses on fault detection algorithms for EPS, along with the available tools to aid development and verification. The article discusses in detail the current state of knowledge in this area. The principle of operation of the EPS system and the influence of the structure of the mechanical system on its operation, in particular the characteristics of the ground–tire contact, are presented. Various error identification methods are presented, including those based mainly on a combination of tests of real objects as well as those combined with modern hardware-in-the-loop (HIL) equipment and virtual vehicle environment software, enabling the development of new diagnostic methods, enhancing the security, reliability, and energy control in the vehicle. A review of the literature indicates that although many algorithms which enable fault detection at an early stage are described, their potential for use in a vehicle is highly limited. The reason lies in simplifications, including models and the operating EPS temperature range. The most frequently used simplification of the model is its linearization, which significantly reduces the calculation time; however, this significantly reduces the accuracy of the model, especially in cases with a large range of system operation. The need for methods to detect incipient faults is important for the safety and reliability of the entire car, not only during regular use but also especially during life-saving evasive maneuvers. Full article

Internet of Things (IoT) devices often operate with limited resources while interacting with users and their environment, generating a wealth of data. Machine learning models interpret such sensor data, enabling accurate predictions and informed decisions. However, the sheer volume of data from billions of devices can overwhelm networks, making traditional cloud data processing inefficient for IoT applications. This paper presents a comprehensive survey of recent advances in models, architectures, hardware, and design requirements for deploying machine learning on low-resource devices at the edge and in cloud networks. Prominent IoT devices tailored to integrate edge intelligence include Raspberry Pi, NVIDIA’s Jetson, Arduino Nano 33 BLE Sense, STM32 Microcontrollers, SparkFun Edge, Google Coral Dev Board, and Beaglebone AI. These devices are boosted with custom AI frameworks, such as TensorFlow Lite, OpenEI, Core ML, Caffe2, and MXNet, to empower ML and DL tasks (e.g., object detection and gesture recognition). Both traditional machine learning (e.g., random forest, logistic regression) and deep learning methods (e.g., ResNet-50, YOLOv4, LSTM) are deployed on devices, distributed edge, and distributed cloud computing. Moreover, we analyzed 1000 recent publications on “ML in IoT” from IEEE Xplore using support vector machine, random forest, and decision tree classifiers to identify emerging topics and application domains. Hot topics included big data, cloud, edge, multimedia, security, privacy, QoS, and activity recognition, while critical domains included industry, healthcare, agriculture, transportation, smart homes and cities, and assisted living. The major challenges hindering the implementation of edge machine learning include encrypting sensitive user data for security and privacy on edge devices, efficiently managing resources of edge nodes through distributed learning architectures, and balancing the energy limitations of edge devices and the energy demands of machine learning. Full article

This paper delineates the design and realization of a Wheelchair-Mounted Robotic Arm (WMRA), envisioned as an autonomous assistance apparatus for individuals encountering motor difficulties and/or upper limb paralysis. The proposed design solution is based on employing a 3D printing process coupled with optimization design techniques to achieve a cost-oriented and user-friendly solution. The proposed design is based on utilizing commercial Arduino control hardware. The proposed device has been named Pick&Eat. The proposed device embodies reliability, functionality, and cost-effectiveness, and features a modular structure housing a 4-degrees-of-freedom robotic arm with a fixing frame that can be attached to commercial wheelchairs. The arm is integrated with an interchangeable end-effector facilitating the use of various tools such as spoons or forks tailored to different food types. Electrical and sensor components were meticulously designed, incorporating sensors to ensure user safety throughout operations. Smooth and secure operations are achieved through a sequential procedure that is depicted in a specific flowchart. Experimental tests have been carried out to demonstrate the engineering feasibility and effectiveness of the proposed design solution as an innovative assistive solution for individuals grappling with upper limb impairment. Its capacity to aid patients during the eating process holds promise for enhancing their quality of life, particularly among the elderly and those with disabilities. Full article