Ana Hristova scite author profile

Bernardos

Casar

2008

Ambient assisted living is a paradigm that promotes independency in the old age with the support of advanced technologies. Ambient home care systems (AHCS) are specially design for this purpose; they aim at minimizing the potential risks that living alone may suppose for an elder, thanks to their capability of gathering data of the user, inferring information about his activity and state, and taking decisions on it. In this paper, we present a number of context-aware services (heart rate monitoring, medication prompting, generation of agenda reminders, weather alerts, emergency notifications, etc.) for the elder and his caregivers. They run on the top of an AHCS, which collects data from a network of environmental, health and physical sensors. The AHCS follows a layered fusion architecture, formed by an in-home developed context acquisition framework and a context manager (customized on the Context Toolkit) that holds the inference and reasoning functionalities. On the deployed prototype, we analyze the suitability of the selected technical approach for ambient assisted living applications.

Security assessment methodology for industrial control system products

Schlegel

Obermeier

2014

Industrial control systems (ICS) are at the heart of critical infrastructures and security is therefore important for such systems. In order to determine the security level of existing and planned systems, ICS products should be efficiently and comprehensively assessed. In this paper we present a methodology for assessing the security of a product or a system that can be used by security experts and non-experts alike. The methodology contains specific and concrete security recommendations (what), a rationale for each recommendation (why) as well as concrete implementation guidance (how). The methodology aims to help product teams to quickly and efficiently assess the security level of their products, prioritize resources on future development efforts, and generate security requirements for future products. We validate the approach by applying a concrete instantiation of the methodology to a fictitious ICS product.

Secure design of engineering software tools in Industrial Automation and Control Systems

Obermeier

Schlegel

2013

Industrial Automation and Control Systems (IACS) used in critical infrastructure typically perform their tasks using embedded devices. While the security of the embedded devices during the operation of the system is naturally the focus of security considerations, the security of the engineering framework is often overlooked. In this paper, we model the trust boundaries of a typical engineering tool used in an IACS, identify security risks in this context, suggest mitigation techniques for end users, and finally propose an architecture that allows to implement secure engineering frameworks.

Securing industrial automation and control systems using application whitelisting

Obermeier

Schierholz²,

2014

Application whitelisting is a method for establishing security by restricting systems to only execute applications that are on a given list -the white list. One of the main questions when using such technology within industrial control systems is whether anti-virus software becomes obsolete, and whether security patches of the underlying system are still required. To answer these questions, we have evaluated several application whitelisting solutions and present the evaluation method and the condensed test results. In addition, we highlight the difficulties for end users to evaluate of the level of protection that is provided by such whitelisting software. As a conclusion, we have identified several benefits of application whitelisting software, but also argue why whitelisting alone is not the "silver bullet", which -once deployed -does not need attention anymore.

Developing an Ambient Home Care System: Context Toolkit-Based Design and Implementation

Bernardos

Casar

2008