Related papers: COMMAND: Certifiable Open Measurable Mandates
Enforcing security requirements in networked information systems relies on security controls to mitigate the risks from increasingly dangerous threats. Configuring security controls is challenging; even nowadays, administrators must perform…
Our goal is to provide different semiring-based formal tools for the specification of security requirements: we quantitatively enhance the open-system approach, according to which a system is partially specified. Therefore, we suppose the…
In this paper, we ask the question of why the quality of commercial software, in terms of security and safety, does not measure up to that of other (durable) consumer goods we have come to expect. We examine this question through the lens…
Despite numerous countermeasures proposed by practitioners and researchers, remote control-flow alteration of programs with memory-safety vulnerabilities continues to be a realistic threat. Guaranteeing that complex software is completely…
Decision making under uncertainty is at the heart of any autonomous system acting with imperfect information. The cost of solving the decision making problem is exponential in the action and observation spaces, thus rendering it unfeasible…
The problem of efficient resource allocation has drawn significant attention in many scientific disciplines due to its direct societal benefits, such as energy savings. Traditional approaches in addressing online resource allocation…
Safety is a critical feature of controller design for physical systems. When designing control policies, several approaches to guarantee this aspect of autonomy have been proposed, such as robust controllers or control barrier functions.…
Prescriptive process monitoring methods seek to optimize the performance of business processes by triggering interventions at runtime, thereby increasing the probability of positive case outcomes. These interventions are triggered according…
The performance, reliability, cost, size and energy usage of computing systems can be improved by one or more orders of magnitude by the systematic use of modern control and optimization methods. Computing systems rely on the use of…
The industrial market continuously needs reliable solutions to secure autonomous systems. Especially as these systems become more complex and interconnected, reliable security solutions are becoming increasingly important. One promising…
The widespread adoption of cloud computing has resulted in the proliferation of open source cloud computing frameworks that give more control to enterprises over their data and networks. Though the benefits of open source software are…
Enterprise engagement with open source has evolved from tactical adoption to strategic deep integration, exposing them to a complex risk landscape far beyond mere code. However, traditional risk management, narrowly focused on technical…
This study carries forward the line of enquiry that seeks to characterize precisely which security policies are enforceable by runtime monitors. In this regard, Basin et al.\ recently refined the structure that helps distinguish between…
Automated software verification of concurrent programs is challenging because of exponentially large state spaces with respect to the number of threads and number of events per thread. Verification techniques such as model checking need to…
The dramatic increase of autonomous systems subject to variable environments has given rise to the pressing need to consider risk in both the synthesis and verification of policies for these systems. This paper aims to address a few…
Model predictive control (MPC) is widely used in industries but implementing it poses challenges due to hardware or time constraints. A promising solution is to approximate the MPC policy using function approximators like neural networks.…
Secure orchestration is an important concern in the internet of service. Next to providing the required functionality the composite services must also provide a reasonable level of security in order to protect sensitive data. Thus, the…
Despite significant advancement in technology, communication and computational failures are still prevalent in safety-critical engineering applications. Often, networked control systems experience packet dropouts, leading to open-loop…
The security of control systems under sensor attacks is investigated. Redundant observability is introduced, explaining existing security notions including the security index, attack detectability, and observability under attacks.…
Computation offloading via device-to-device (D2D) communication, or D2D offloading, has recently been proposed to enhance mobile computing performance by exploiting spare computing resources of nearby user devices. The success of D2D…