Search Results

Software-intensive vehicles require regular over-the-air (OTA) updates. To ensure that OTA updates do not compromise system safety, such updates should be assured. Automotive safety engineers need to efficiently estimate the effort it would take to ...

Industrial Internet of Things (IIoT) platforms connect services and computation resources to industrial devices. They increase flexibility, scalability, and provide a wider application portfolio for automated production. However, in a growing ecosystem ...

This is a summary of recent risks related to healthcare from the ACM Forum on Risks to the Public on Computers and Related Subjects, which I created in August 1985 and have moderated since then. The complete set of RISKS archives is at http://...

When runtime verification is used to monitor safety-critical systems, it is essential that monitoring code behaves correctly. The Copilot runtime verification framework pursues this goal by automatically generating C monitor programs from a high-level ...

System-on-chip (SoC) developers increasingly rely on pre-verified hardware intellectual property (IP) blocks often acquired from untrusted third-party vendors. These IPs might contain hidden malicious functionalities or hardware Trojans that may ...

Remote attestation (RA) is emerging as an important security mechanism for cyber-physical systems with strict security requirements. Trusted computing at large and Trusted Execution Environments (TEEs) in particular have been identified as key ...

Model-Driven Engineering techniques are becoming increasingly common for use in automotive software engineering, particularly to enable architectural modeling as well as safety analysis, especially fault tree analysis (FTA). One common MDE tool is ...

Achieving safe and robust autonomy is the key bottleneck on the path towards broader adoption of autonomous vehicles technology. This motivates going beyond extrinsic metrics such as miles between disengagement, and calls for approaches that embody ...

For any errorless fuzzing campaign, no matter how long, there is always some residual risk that a software error would be discovered if only the campaign was run for just a bit longer. Recently, greybox fuzzing tools have found widespread adoption. Yet, ...

The rapid development of data analysis technology has enabled various uses of data, including some cases in which data usage cannot be accepted socially. Digital platform operators find it difficult to estimate the reputational risk of releasing new ...

Machine learning has evolved into an enabling technology for a wide range of highly successful applications. The potential for this success to continue and accelerate has placed machine learning (ML) at the top of research, economic, and political ...

In recent years, substantial attention has been drawn to vulnerabilities in the architectural design of microelectronics, as well as the security of their global supply chains. In reality, establishing trust in microelectronics requires broader ...

Crowdsourcing enables one to leverage on the intelligence and wisdom of potentially large groups of individuals toward solving problems. Common problems approached with crowdsourcing are labeling images, translating or transcribing text, providing ...

With the increasing use of mobile phones in contemporary society, more and more networked computers are connected to each other. This has brought along security issues. To solve these issues, both research and development communities are trying to build ...

This article provides the rationale for the ontological status of trust in information security on the basis of the ontological, anthropological, methodological, axiological, and worldview aspects of the information-security concept and an ...

Before deploying their infrastructure (resources, data, communications, ...) on a Cloud computing platform, companies want to be sure that it will be properly secured. At deployment time, the company provides a security policy describing its security ...

Achieving security and privacy in the cloud is not a trivial exercise. Indeed, the difficulties associated with achieving this goal are both many and highly complex, and present one of the major barriers to the uptake of cloud computing. Yet, we know ...

Achieving security and privacy in the cloud is not a trivial exercise. Indeed, the difficulties associated with achieving this goal are both many and highly complex, and present one of the major barriers to the uptake of cloud computing. Yet, we know ...

Enforcing security properties in a Cloud is a difficult task, which requires expertise. However, it is not the only security-related challenge met by a company migrating to a Cloud environment. Indeed, the tenant must also have assurance that the ...