Scientific publications

Even though Controller Area Networks (CAN) were originally conceptualized as deeply embedded networks, nowadays they are no longer self-contained. The use of bridges and gateways with access to the Internet opens additional attack surfaces. Therefore, comprehensive countermeasures are required, including the mutual authentication of the communication endpoints using public-key certificates. However, this calls for the continuous availability of credentials in the form of device-granular certificates, private keys, and trust anchors. This paper presents a concept and implementation for credential management in CANopen FD networks throughout the complete life cycle of CANopen FD devices, from their manufacturing over commissioning and operations until their disposal, satisfying the prerequisite for establishing mutually authenticated connections based on certificates. This includes the initial provisioning, continuous renewal, removal, and revocation of credentials. The novel aspect of our paper comprises a complete credential management realization. It is meeting all typical state of the art requirements and is based on similar approaches for Industrial Ethernet networks. Moreover, with our demonstrator implementation we not only show the feasibility of the concept, but also highlight that applicability of public-key infrastructure mechanisms in CANopen FD networks with comparably resource-constrained nodes with limited packet sizes.

https://ieeexplore.ieee.org/document/10774305

Traditional authentication involves sharing a considerable amount of personal and identifying information. Usually, a single central authority controls the data of all their users. This creates a single point of failure and users typically have to relinquish control over their data. Therefore it is important to explore alternate authentication mechanisms to uphold data sovereignty. Data sovereignty describes forms of independence, control, and autonomy over digital data. Enforcing data sovereignty also requires independence from central authorities. This paper explores alternate decentralized authentication methods. It leverages Verifiable Credentials (VCs) which allow verification without needing to contact the issuer and self-sovereign identities in the form of Decentralized IDentifiers (DIDs). This paper aims to leverage the decentralized authentication supported by VCs and DIDs and provide two use cases that might explain how they could be used.

https://ieeexplore.ieee.org/document/10777147

With the advent of the cryptographic security ex-tensions for PROFINET Security Class 2/3, as specified by PROFIBUS & PROFINET International, there arises a signif-icant difference between the establishment of a conventional (insecure) and a secure application relation (AR). However, to the best of our knowledge, there is no study yet that numeralizes how much delay is induced by the computational and communication overhead of the secure AR establishment. Therefore, we study its performance by runtime measurements using an experimental hardware setup. We answer two research questions: (1) how much additional runtime delay is induced by the currently specified security extensions when performing a secure AR establishment, and (2) what is the impact of currently unspecified options to reduce this delay? In particular, we study the options to use the Extensible Authentication Protocol (EAP) with Transport Layer Security (TLS) for full handshakes and session resumption, version 1.2 and 1.3, certificate-based and pre-shared-key-based (PSK) ciphersuites, as well as EAP-PSK. We gain the insight that the currently specified extensions lead to a best case delay of 17.5 ms and a worst case delay of 288.6 ms for full handshakes and to 7.3 and 9.8 ms for resumed sessions. With the currently unspecified option to use pre-shared-key-based ciphersuites, yet providing perfect forward security, the best case delay for full handshakes is reduced by 25.7 % and the worst case delay by 91.1 %. With the currently unspecified EAP-PSK option, which does not provide PFS, the largest reduction is achieved by 78.4 and 98.7 % related to best and worst case full handshakes. The authors are members of the PROFINET Working Group CBIPG 10 Security.

https://ieeexplore.ieee.org/document/10774374

Generative Adversarial Networks (GANs) have earned significant attention in various domains due to their generative model’s compelling ability to generate realistic examples probably drawn from sample distribution. Image security indicates the process of protecting digital images from unauthorized access, modification, or distribution. This requires a guarantee of image privacy, integrity, and authenticity to prohibit them from being exploited by malicious attacks. GANs can also be utilized for improving image security by exploiting its generation ability in encryption, steganography, and privacy-preserving tech-niques. This paper reviews GANs-based image security techniques providing a systematic overview of current literature and comparing the role of GANs in image encryption, image steganography, and priva-cy preserving from multiple dimensions. Additionally, it outlines future research directions to further explore the potential of GANs in addressing privacy and image security concerns

https://ijict.edu.iq/index.php/ijict/article/view/296

Time-Sensitive Networking (TSN) promises deterministic, seamless and vendor independent communication in modern networked systems, utilizing the generalized Precision Time Protocol (gPTP) as governed by IEEE 802.1AS for precise time synchronization. As network complexity increases, effective monitoring of synchronization accuracy, incorporating both advanced and traditional methods, becomes crucial. This paper examines the implementation and performance of time synchronization monitoring methods for gPTP, including Monitoring Type Length Value (TLV) for Ingress & Egress messages, Reverse Sync, and Pulse per Second (PPS) techniques across varied hardware environments and operational conditions. We detail the integration process, discuss the adaptability of these methods under stress tests, and evaluate their effectiveness through rigorous assessments. The findings contribute to refining monitoring deployment strategies by identifying the most effective combinations of monitoring techniques to enhance synchronization accuracy and network reliability.

https://ieeexplore.ieee.org/document/10710888

Physical unclonable functions (PUFs) are increasingly generating attention in the field of hardware-based security for the Internet of Things (IoT). A PUF, as its name implies, is a physical element with a special and unique inherent characteristic and can act as the security anchor for authentication and cryptographic applications. Keeping in mind that the PUF outputs are prone to change in the presence of noise and environmental variations, it is critical to derive reliable keys from the PUF and to use the maximum entropy at the same time. In this work, the PUF output positioning (POP) method is proposed, which is a novel method for grouping the PUF outputs in order to maximize the extracted entropy. To achieve this, an offset data is introduced as helper data, which is used to relax the constraints considered for the grouping of PUF outputs, and deriving more entropy, while reducing the secret key error bits. To implement the method, the key enrollment and key generation algorithms are presented. Based on a theoretical analysis of the achieved entropy, it is proven that POP can maximize the achieved entropy, while respecting the constraints induced to guarantee the reliability of the secret key. Moreover, a detailed security analysis is presented, which shows the resilience of the method against cyber-security attacks. The findings of this work are evaluated by applying the method on a hybrid printed PUF, where it can be practically shown that the proposed method outperforms other existing group-based PUF key generation methods.

https://ieeexplore.ieee.org/document/10266388

Time-Sensitive Networking (TSN) is becoming increasingly important. Especially in the field of industrial applications, the demand for uniform, converged real-time networks is continuously increasing. Furthermore, the request to integrate wireless, mobile, and real-time capable network elements is getting more and more relevant to industrial automation use cases. To address these requests, the 3rd Generation Partnership Project (3GPP) has extended their specifications for mobile telecommunication protocols by descriptions to integrate 5G mobile networks into TSN starting from Release 16 onwards. While the specifications provide a good theoretical overview, there is still a lack of real implementations or even proof of concepts. Therefore, we started an implementation of a 5G network that is ready to be integrated into existing TSN. This work gives an overview of the current work in progress, mainly focusing on the implementation of the TSN Application Function (TSN AF) and the time synchronization features within the TSN Translators (DS-TT and NW-TT). It also shows current limitations and difficulties and how we have overcome them with our setup.

https://ieeexplore.ieee.org/document/10541017

Generative Adversarial Networks (GANs) have accomplished compelling performance in many fields such as image-to-image transformation, image data generation, translation of image information into text information, and many more. In GANs, two neural networks, a generator and discriminator, compete with each other in an adversarial manner, and due to their robust generating ability, GANs can produce high-quality images for human reference. Thus, GANs are a very promising approach artificial intelligence field. In this work, GANs with optimized hyperparameters selection are proposed to generate skin lesion medical images that are indistinguishable from the real images and analyze the quality of generated images using image quality metrics including Peak Signal-to-Noise Ratio (PSNR), Structural Similarity Index (SSIM), and Fréchet Inception Distance (FID). Additionally, the impact of hyperparameters including learning rate, batch size, latent space size, and number of epochs is analyzed against GANs performance. The experimental results indicate that the learning rate is the most effective hyperparameter for GAN stability and performance. Moreover, latent dimension, batch size, and number of epochs have a relatively small impact when paired with an appropriate learning rate thus good learning rate provides flexibility in optimizing these hyperparameters.

https://ieeexplore.ieee.org/document/10777200

Narrow Band-Wireless Wide Area Networking (NB-WWAN) technologies are becoming more popular across a wide range of application domains due to their ability to provide spatially distributed and reliable wireless connectivity in addition to offering low data rates, low bandwidth, long-range, and long battery life. For functional testing and performance assessments, the wide range of wireless technology alternatives within this category poses several difficulties. At the device level, it is necessary to address issues such as resource limitations, complex protocols, interoperability, and reliability, while at the network level, challenges include complex topologies and wireless channel/signal propagation problems. Testing the functionality and measuring the performance of spatially distributed NB-WWAN systems require a systematic approach to overcome these challenges. Furthermore, to provide a seamless test flow, it is also critical to test and compare the performance of wireless systems systematically and consistently across the different system development phases. To evaluate NB-WWAN technologies comprehensively across multiple abstraction levels—network simulators, emulated lab testbeds, and field test environments—we propose a unified multi-abstraction-level testing methodology. A detailed technical description of the prototype implementation and its evaluation is presented in this paper.

https://www.mdpi.com/1424-8220/24/23/7579

Positioning and accurate time delay measurement techniques have been used with the Internet of Things (IoT) and embedded systems due to their importance in providing location information for the communicating nodes. In the last two decades, positioning techniques were introduced using the Received Signal Strength Indicator (RSSI) of Wi-Fi signals and time-based techniques. Fine Timing Measurement (FTM) is the most important time-based technique, which relies on the captured timestamps during the messaging between nodes. Thus, in addition to its originally intended application for wireless localization, it can be used for the future of Wi-Fi Time Sensitive Networking (WTSN), where low latency, low jitter, and precise time synchronization play an important role in Industrial IoT (IIOT)-oriented applications.The presented work considers FTM’s behavior and performance measurements, especially in a factory environment with different room sizes. An Automated Physical Test Bed (APTB) and emulated multipath propagation model based on ITU-R radio wave propagation standard for the factory environment are considered in the work. The results show that the FTM performance is noticeably affected by multipath signal propagation, thus increasing RTT, delay, and fluctuation in jitter and resulting in a noticeable degradation in RSSI. In contrast, the total number of correctly received frames is not affected, indicating the efficiency and reliability of the Wi-Fi FTM technique.

https://ieeexplore.ieee.org/document/10777215

Background Current health recommender systems lack interactivity that relates to the current situation. Methods We designed and implemented an intervention study for obese patients that incorporates context information obtained from smartphone and smartwatch sensors, gamification, as well as joint goal management of patients and health coaches. We developed a health behaviour recommendation system comprising of a smartphone application, cloud platform for data management, and a data dashboard for coaches. Results We conducted a three months long study and analysed data from eight patients, focusing on system function, patient adherence, satisfaction and overall impact of the proposed system on changing health-related habits. Along with data analysis, we also provide patient feedback collected during interview round after the end of the study. Conclusion Patients could successfully implement the goals using the EghiFit app. Challenges regarding the data collection, recommendation synthesis, and patient engagement persist. Furthermore, reliable sensor data processing on current smartphone platforms is difficult due to system restrictions. Future research should further integrate sensor data, gaming, and health behaviour intervention design using smart devices.

https://f1000research.com/articles/13-1347

Background Patients often mention distress, anxiety, or claustrophobia related to MRI, resulting in no-shows, disturbances of the workflow, and lasting psychological effects. Patients' experience varies and is moderated by socio-demographic aspects alongside the clinical condition. While qualitative studies help understand individuals' experiences, to date a systematic review and aggregation of MRI individuals' experience is lacking. Purpose To investigate how adult patients experience MRI, and the characterizing factors. Study Type Systematic review with meta-aggregation and meta-synthesis. Population 220 patients' reported experience of adults undergoing clinical MRI and 144 quotes from eight qualitative studies. Assessment Systematic search in PubMed, Scopus, Web of Science, and PsycInfo databases according to the PRISMA guidelines. For quality appraisal, the Joanna Briggs Institute (JBI) tools were used. Convergent segregated approach was undertaken. Data Analysis Participant recruitment, setting of exploration, type of interview, and analysis extracted through Joana Briggs Qualitative Assessment and Review Instrument (JBI QARI) tool. Meta-synthesis was supported by a concept map. For meta-aggregation, direct patient quotes were extracted, findings grouped, themes and characterizing factors at each stage abstracted, and categories coded in two cycles. Frequency of statements was quantified. Interviews' raw data unavailability impeded computer-aided analysis. Results Eight articles out of 12,755 initial studies, 220 patients, were included. Meta-aggregation of 144 patient quotes answered: (1) experiences before, at the scanning table, during, and after an MRI, (2) differences based on clinical condition, and (3) characterizing factors, including coping strategies, look-and-feel of medical technology, interaction with professionals, and information. Seven publications lack participants' health literacy level, occupation, and eight studies lack developmental conditions, ethnicity, or country of origin. Six studies were conducted in university hospitals. Data Conclusion Aggregation of patients' quotes provide a foundational description of adult patients' MRI experience across the stages of an MRI process. Insufficient raw data of individual quotes and limited socio-demographic diversity may constrain the understanding of individual experience and characterizing factors. Level of Evidence 1 Technical Efficacy Stage 5

 

Link to paper

We validate the OpenSense framework for IMU-based joint angle estimation and furthermore analyze the framework's ability for sensor selection and optimal positioning during activities of daily living (ADL). Personalized musculoskeletal models were created from anthropometric data of 19 participants. Quaternion coordinates were derived from measured IMU data and served as input to the simulation framework. Six ADLs, involving upper and lower limbs were measured and a total of 26 angles analyzed. We compared the joint kinematics of IMU-based simulations with those of optical marker-based simulations for most important angles per ADL. Additionally, we analyze the influence of sensor count on estimation performance and deviations between joint angles, and derive the best sensor combinations. We report differences in functional range of motion (fRoMD) estimation performance. Results for IMU-based simulations showed MAD, RMSE, and fRoMD of 4.8°, 6.6°, 7.2° for lower limbs and for lower limbs and 9.2°, 11.4°, 13.8° for upper limbs depending on the ADL. Overall, sagittal plane movements (flexion/extension) showed lower median MAD, RMSE, and fRoMD compared to transversal and frontal plane movements (rotations, adduction/abduction). Analysis of sensor selection showed that after three sensors for the lower limbs and four sensors for the complex shoulder joint, the estimation error decreased only marginally. Global optimum (lowest RMSE) was obtained for five to eight sensors depending on the joint angle across all ADLs. The sensor combinations with the minimum count were a subset of the most frequent sensor combinations within a narrowed search space of the 5% lowest error range across all ADLs and participants. Smallest errors were on average < 2° over all joint angles. Our results showed that the open-source OpenSense framework not only serves as a valid tool for realistic representation of joint kinematics and fRoM, but also yields valid results for IMU sensor selection for a comprehensive set of ADLs involving upper and lower limbs. The results can help researchers to determine appropriate sensor positions and sensor configurations without the need for detailed biomechanical knowledge.

 

Link to paper