Imanol Mugarza scite author profile

Imanol Mugarza

5Publications

73Citation Statements Received

56Citation Statements Given

How they've been cited

How they cite others

116

Affiliations

Ikerlan, GAIKER Technology Centre, Embedded Systems (United States)

Publications

Order By: Most citations

Analysis of existing dynamic software updating techniques for safe and secure industrial control systems

Mugarza¹,

Parra²,

Jacob³

2018

Int. J. SAFE

View full text Add to dashboard Cite

Higher interconnectivity among devices, machines, the cloud and humans is envisioned in the actual trend of automation, also known as Industrial Internet of Things (IIoT). These industrial control systems, which may require high availability and/or safety related capabilities, are no longer isolated from the corporate environment or Internet. Software updates will be needed during the product life cycle, due to the long service life, the increasing number of security related vulnerabilities discovered on these industrial control systems and the high interconnectivity desired in IIoT. These updates aim at fixing all these security weaknesses, bugs and vulnerabilities that could appear, while the required safety integrity levels are ensured. Security-related concerns have just been addressed by the safety engineering community, because of the increasing number of cyber-attacks against safety-critical systems, such as Stuxnet. Moreover, system shut-downs caused by software updates could not be plausible when high availability is required. Typically, in order to perform the software update, the whole industrial process or the production is halted, so that the software upgrade is safely applied. However, this scenario might not be applied in critical infrastructures, such as nuclear or hydroelectrical power plants, where these production and service interruptions are not acceptable from the business and service point of view. This article presents an analysis of existing dynamic software updating techniques, which may be applied for safe and secure industrial control systems. These techniques aim at updating the running code, without the need of a halt and restart, increasing the availability of the industrial system.

show abstract

Dynamic Software Updates to Enhance Security and Privacy in High Availability Energy Management Applications in Smart Cities

Mugarza¹,

Amurrio²,

Azketa³

et al. 2019

IEEE Access

View full text Add to dashboard Cite

The Internet of Things (IoT) and Industrial Internet of Things (IIoT) trends, where high connectivity is envisioned, are giving rise to new applications, services, and paradigms, such as smart cities. Due to this connectivity and information sharing features, security, and privacy protection mechanisms need to be implemented, which may become obsolete at some future time. Software updates are, then, crucial. However, software updates requiring system shutdown and restarts might not be acceptable from the business and service point of view when high availability is demanded. In this paper, a mixed-criticality software architecture and design for a building energy management system, built upon the Cetratus runtime framework, is presented, where partitioning techniques are employed to ensure temporal and spatial isolation. Through this framework, software updates are dynamically accomplished, without the need for system shutdown and restarts. A live patching example is also presented, where customers privacy is enhanced by means of homomorphic encryption.

show abstract

Cetratus: A framework for zero downtime secure software updates in safety‐critical systems

2020

View full text Add to dashboard Cite

SummarySafety‐critical systems are evolving into complex, networked, and distributed systems. As a result of the high interconnectivity among all networked systems and of potential security threats, security countermeasures need to be incorporated. Nonetheless, albeit cutting‐edge security measures are adopted and incorporated during the system development, such as latest recommended encryption algorithms, these protection mechanisms may turn out obsolete because of the long operational periods. New security flaws and bugs are continuously detected. Software updates are then essential to restore the security level of the system. However, system shutdowns may not be acceptable when high availability is required. As expressed by the European Union Agency for Network and Information Security (ENISA) “the research in the area of patching and updating equipment without disruption of service and tools” is needed. In this article, a novel live updating approach for zero downtime safety‐critical systems named Cetratus is presented. Cetratus, which is based on a quarantine‐mode execution and monitoring, enables the update of non‐safety‐critical software components while running, without compromising the safety integrity level of the system. The focus of this work lies on the incorporation of leading‐edge security mechanisms while safety‐related software components will remain untouched. Other non‐safety‐related software components could also be updated.

show abstract

Cetratus: Towards a live patching supported runtime for mixed-criticality safe and secure systems

Mugarza

Parra

Jacob

2018

View full text Add to dashboard Cite

Software Updates in Safety and Security Co-engineering

Mugarza

Parra

Jacob

2017

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Imanol Mugarza

Analysis of existing dynamic software updating techniques for safe and secure industrial control systems

Dynamic Software Updates to Enhance Security and Privacy in High Availability Energy Management Applications in Smart Cities

Cetratus: A framework for zero downtime secure software updates in safety‐critical systems

Cetratus: Towards a live patching supported runtime for mixed-criticality safe and secure systems

Software Updates in Safety and Security Co-engineering

Contact Info

Product

Resources

About