Swedish Institute of Computer Science Publications Database
Not a member yet
2787 research outputs found
Sort by
A High Assurance Virtualization Platform for ARMv8
This paper presents the first results from the ongoing research project HASPOC, developing a high assurance virtualization platform for the ARMv8 CPU architecture. Formal verification at machine code level guarantees information isolation between different guest systems (e.g.~OSs) running on the platform. To use the platform in networking scenarios, we allow guest systems to securely communicate with each other via platform-provided communication channels and to take exclusive control of peripherals for communication with the outside world.
The isolation is shown to be formally equivalent to that of guests executing on physically separate platforms with dedicated communication channels crossing the air-gap. Common Criteria (CC) assurance methodology is applied by preparing the CC documentation required for an EAL6 evaluation of products using the platform. Besides the hypervisor, a secure boot component is included and verified to ensure system integrity
Automated Bug Assignment: Ensemble-based Machine Learning in Large Scale Industrial Contexts
Bug report assignment is an important part of software maintenance. In particular, incorrect assignments of bug reports to development teams can be very expensive in large software development projects. Several studies propose automating bug assignment techniques using machine learning in open source software contexts, but no study exists for large-scale proprietary projects in industry. The goal of this study is to evaluate automated bug assignment techniques that are based on machine learning classification. In particular, we study the state-of-the-art ensemble learner Stacked Generalization (SG) that combines several classifiers. We collect more than 50,000 bug reports from five development projects from two companies in different domains. We implement automated bug assignment and evaluate the performance in a set of controlled experiments. We show that SG scales to large scale industrial application and that it outperforms the use of individual classifiers for bug assignment, reaching prediction accuracies from 50 % to 89 % when large training sets are used. In addition, we show how old training data can decrease the prediction accuracy of bug assignment. We advice industry to use SG for bug assignment in proprietary contexts, using at least 2,000 bug reports for training. Finally, we highlight the importance of not solely relying on results from cross-validation when evaluating automated bug assignment
Performance Analysis of Multiple Indoor Positioning Systems in a Healthcare Environment
Background: The combination of an aging population and nursing staff shortages implies the need for more advanced systems in the healthcare industry. Many key enablers for the optimization of healthcare systems require provisioning of location awareness for patients (e.g. with dementia), nurses, doctors, assets, etc. Therefore, many Indoor Positioning Systems(IPSs) will be indispensable in healthcare systems. However, although many IPSs have been proposed in literature, most of these have been evaluated in non-representative environments such as office buildings rather than in a hospital.
Methods: To remedy this, the paper evaluates the performance of existing IPSs in an operational modern healthcare environment: the “Sint-Jozefs kliniek Izegem” hospital in Belgium. The evaluation (data-collecting & data-processing) is executed using a standardized methodology and evaluates the point accuracy, room accuracy and latency of multiple IPSs. To evaluate the solutions, the position of a stationary device was requested at 73 evaluation locations. By using the same evaluation locations for all IPSs the performance of all systems could objectively be compared.
Results: Several trends can be identified such as the fact that Wi-Fi based fingerprinting solutions have the best accuracy result (point accuracy of 1.21 m and room accuracy of 98 %) however it requires calibration before use and needs 5.43 s to estimate the location. On the other hand, proximity based solutions (based on sensor nodes) are significantly cheaper to install, do not require calibration and still obtain acceptable room accuracy results.
Conclusion: As a conclusion of this paper, Wi-Fi based solutions have the most potential for an indoor positioning service in case when accuracy is the most important metric. Applying the fingerprinting approach with an anchor installed in every two rooms is the preferred solution for a hospital environment
Testing Quality Requirements of a System-of-Systems in the Public Sector - Challenges and Potential Remedies
Quality requirements is a difficult concept in software projects, and testing software qualities is a well-known challenge. Without proper management of quality requirements, there is an increased risk that the software product un-der development will not meet the expectations of its future users. In this pa-per, we share experiences from testing quality requirements when developing a large system-of-systems in the public sector in Sweden. We complement the experience reporting by analyzing documents from the case under study. As a final step, we match the identified challenges with solution proposals from the literature. We report five main challenges covering inadequate re-quirements engineering and disconnected test managers. Finally, we match the challenges to solutions proposed in the scientific literature, including in-tegrated requirements engineering, the twin peaks model, virtual plumblines, the QUPER model, and architecturally significant requirements. Our experi-ences are valuable to other large development projects struggling with testing of quality requirements. Furthermore, the report could be used by as input to process improvement activities in the case under study
Fusion: Coalesced Confidential Storage and Communication Framework for the IoT
Comprehensive security mechanisms are required for a successful implementation of the Internet of Things (IoT). Existing solutions focus mainly on securing the communication links between Internet hosts and IoT devices. However, as most IoT devices nowadays provide vast amounts of flash storage space it is as well required to consider storage security within a comprehensive security framework. Instead of developing independent security solutions for storage and communication we propose Fusion, a framework which provides coalesced confidential storage and communication. Fusion uses existing secure communication protocols for the IoT such as IPsec and DTLS and re-uses the defined communication security mechanisms within the storage component. Thus, trusted mechanisms developed for communication security are extended into the storage space. Notably, this mechanism allows us to transmit requested data directly from the file system without decrypting read data blocks and then re-encrypting these for transmission. Thus, Fusion provides benefits in terms of processing speed and energy efficiency which are important aspects for resource constrained IoT devices. The paper describes the Fusion architecture and its instantiation for IPsec and DTLS based systems. We describe Fusion’s implementation and evaluate its storage overheads, communication performance and energy consumptio
Improved Linear Cryptanalysis of reduced-round SIMON-32 and SIMON-48
In this paper we analyse two variants of SIMON family of light-weight block ciphers
against linear cryptanalysis and present the best linear cryptanalytic results on these variants of
reduced-round SIMON to date.
We propose a time-memory trade-off method that finds differential/linear trails for any permutation
allowing low Hamming weight differential/linear trails. Our method combines low Hamming
weight trails found by the correlation matrix representing the target permutation with heavy Hamming
weight trails found using a Mixed Integer Programming model representing the target differential/linear
trail. Our method enables us to find a 17-round linear approximation for SIMON-48
which is the best current linear approximation for SIMON-48. Using only the correlation matrix
method, we are able to find a 14-round linear approximation for SIMON-32 which is also the current
best linear approximation for SIMON-32.
The presented linear approximations allow us to mount a 23-round key recovery attack on
SIMON-32 and a 24-round Key recovery attack on SIMON-48/96 which are the current best results
on SIMON-32 and SIMON-48. In addition we have an attack on 24 rounds of SIMON-32 with
marginal complexity
Improved Linear Cryptanalysis of reduced-round SIMON-32 and SIMON-48
In this paper we analyse two variants of SIMON family of light-weight block ciphers
against linear cryptanalysis and present the best linear cryptanalytic results on these variants of
reduced-round SIMON to date.
We propose a time-memory trade-off method that finds differential/linear trails for any permutation
allowing low Hamming weight differential/linear trails. Our method combines low Hamming
weight trails found by the correlation matrix representing the target permutation with heavy Hamming
weight trails found using a Mixed Integer Programming model representing the target differential/linear
trail. Our method enables us to find a 17-round linear approximation for SIMON-48
which is the best current linear approximation for SIMON-48. Using only the correlation matrix
method, we are able to find a 14-round linear approximation for SIMON-32 which is also the current
best linear approximation for SIMON-32.
The presented linear approximations allow us to mount a 23-round key recovery attack on
SIMON-32 and a 24-round Key recovery attack on SIMON-48/96 which are the current best results
on SIMON-32 and SIMON-48. In addition we have an attack on 24 rounds of SIMON-32 with
marginal complexity
Sensemaking in Intelligent Health Data Analytics
A systemic model for making sense of health data is presented, in which networked foresight complements intelligent data analytics. Data here serves the goal of a future systems medicine approach by explaining the past and the current, while foresight can serve by explaining the future. Anecdotal evidence from a case study is presented, in which the complex decisions faced by the traditional stakeholder of results—the policymaker—are replaced by the often mundane problems faced by an individual trying to make sense of sensor input and output when self-tracking wellness. The conclusion is that the employment of our systemic model for successful sensemaking integrates not only data with networked foresight, but also unpacks such problems and the user practices associated with their solutions
Leader Election Using NewSQL Database Systems
Leader election protocols are a fundamental building block
for replicated distributed services. They ease the design of leader-based coordination protocols that tolerate failures. In partially synchronous systems, designing a leader election algorithm, that does not permit multiple
leaders while the system is unstable, is a complex task. As a result many production systems use third-party distributed coordination services, such as ZooKeeper and Chubby, to provide a reliable leader election service. However, adding a third-party service such as ZooKeeper to a
distributed system incurs additional operational costs and complexity. ZooKeeper instances must be kept running on at least three machines to ensure its high availability. In this paper, we present a novel leader election protocol using NewSQL databases for partially synchronous systems,
that ensures at most one leader at any given time. The leader election protocol uses the database as distributed shared memory. Our work enables distributed systems that already use NewSQL databases to save the operational overhead of managing an additional third-party service for leader election. Our main contribution is the design, implementation and validation of a practical leader election algorithm, based on NewSQL databases, that has performance comparable to a leader election implementation using a state-of-the-art distributed coordination service, ZooKeeper