This file was created by the TYPO3 extension
bib
--- Timezone: UTC
Creation date: 2025-01-18
Creation time: 07-15-19
--- Number of references
66
inproceedings
2025-fink-mptcp
Emulating and Evaluating Transport Layer Protocols for Resilient Communication in Smart Grids
2025
5
IEEE
Proceedings of the 2025 IEEE/IFIP Network Operations and Management Symposium (NOMS '25), May 12-16, 2025, Honolulu, HI, USA
Honolulu, HI, USA
2025 IEEE/IFIP Network Operations and Management Symposium
May 12-16, 2025
accepted
1
Ina BereniceFink
LennartFerlemann
MarkusDahlmanns
ChristianThimm
KlausWehrle
inproceedings
2025_pennekamp_mapxchange
MapXchange: Designing a Confidentiality-Preserving Platform for Exchanging Technology Parameter Maps
2025
4
Technology parameter maps summarize experiences with specific parameters in production processes, e.g., milling, and significantly help in designing new or improving existing production processes. Businesses could greatly benefit from globally exchanging such existing knowledge across organizations to optimize their processes. Unfortunately, confidentiality concerns and the lack of appropriate designs in existing data space frameworks—both in academia and industry—greatly impair respective actions in practice. To address this research gap, we propose MapXchange, our homomorphic encryption-based approach to combine technology parameters from different organizations into technology parameter maps while accounting for the confidentiality needs of involved businesses. Central to our design is that it allows for local modifications (updates) of these maps directly at the exchange platform. Moreover, data consumers can query them, without involving data providers, to eventually improve their setups. By evaluating a real-world use case in the domain of milling, we further underline MapXchange's performance, security, and utility for businesses.
secure industrial collaboration; homomorphic encryption; data sharing; exchange platform; process planning; Internet of Production
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2025/2025-pennekamp-mapxchange.pdf
ACM
Proceedings of the 40th ACM/SIGAPP Symposium on Applied Computing (SAC '25), March 31-April 4, 2025, Catania, Italy
Catania, Italy
ACM/SIGAPP Symposium on Applied Computing
March 31-April 4, 2025
accepted
979-8-4007-0629-5/25/03
10.1145/3672608.3707734
1
JanPennekamp
JosephLeisten
PaulWeiler
MarkusDahlmanns
MarcelFey
ChrstianBrecher
SandraGeisler
KlausWehrle
article
2024_welten_pasta
PASTA-4-PHT: A Pipeline for Automated Security and Technical Audits for the Personal Health Train
arXiv
2024
12
2
With the introduction of data protection regulations, the need for innovative privacy-preserving approaches to process and analyse sensitive data has become apparent. One approach is the Personal Health Train (PHT) that brings analysis code to the data and conducts the data processing at the data premises. However, despite its demonstrated success in various studies, the execution of external code in sensitive environments, such as hospitals, introduces new research challenges because the interactions of the code with sensitive data are often incomprehensible and lack transparency. These interactions raise concerns about potential effects on the data and increases the risk of data breaches. To address this issue, this work discusses a PHT-aligned security and audit pipeline inspired by DevSecOps principles. The automated pipeline incorporates multiple phases that detect vulnerabilities. To thoroughly study its versatility, we evaluate this pipeline in two ways. First, we deliberately introduce vulnerabilities into a PHT. Second, we apply our pipeline to five real-world PHTs, which have been utilised in real-world studies, to audit them for potential vulnerabilities. Our evaluation demonstrates that our designed pipeline successfully identifies potential vulnerabilities and can be applied to real-world studies. In compliance with the requirements of the GDPR for data management, documentation, and protection, our automated approach supports researchers using in their data-intensive work and reduces manual overhead. It can be used as a decision-making tool to assess and document potential vulnerabilities in code for data processing. Ultimately, our work contributes to an increased security and overall transparency of data processing activities within the PHT framework.
10.48550/arXiv.2412.01275
SaschaWelten
KarlKindermann
AhmetPolat
MartinGörz
MaximilianJugl
LaurenzNeumann
AlexanderNeumann
JohannesLohmöller
JanPennekamp
StefanDecker
inproceedings
2024_dahlmanns_lua-iot
LUA-IoT: Let's Usably Authenticate the IoT
2024
11
20
Following the advent of the Internet of Things (IoT), users and their devices transmit sensitive data over the Internet. For the Web, Let’s Encrypt offers a usable foundation to safeguard such data by straightforwardly issuing certificates. However, its approach is not directly applicable to the IoT as deployments lack a (dedicated) domain or miss essentials to prove domain ownership required for Let’s Encrypt. Thus, a usable approach to secure IoT deployments by properly authenticating IoT devices is missing. To close this research gap, we propose LUA-IoT, our framework to Let’s Usably Authenticate the IoT. LUA-IoT enables autonomous certificate enrollment by orienting at the success story of Let’s Encrypt, seamlessly integrating in the setup process of modern IoT devices, and relying on process steps that users already know from other domains. In the end, LUA-IoT binds the authenticity of IoT deployments to a globally valid user identifier, e.g., an email address, that is included in certificates directly issued to the IoT deployments. We exemplarily implement LUA-IoT to show that it is realizable on commodity IoT hardware and conduct a small user study indicating that LUA-IoT indeed nudges users to safeguard their devices and data (transmissions).
Lecture Notes in Computer Science (LNCS)
internet-of-production
Springer
Proceedings of the 27th Annual International Conference on Information Security and Cryptology (ICISC '24), November 20-22, 2024, Seoul, Korea
Seoul, Korea
International Conference on Information Security and Cryptology
November 20-22, 2024
accepted
0302-9743
1
MarkusDahlmanns
JanPennekamp
RobinDecker
KlausWehrle
inproceedings
2024-fink-cired
Resilient Control Center to Substation Device Communication
2024
11
7
Resilient communication is essential for reliably exchanging parameters and measurements in distribution systems. Thus, deploying redundant hardware for both local and wide area communication, along with protocols that leverage these redundancies for automatic and timely failovers, is fundamental. This paper presents a comprehensive overview of key protocols (PRP/HSR, MPLS-TP, and MPTCP) which offer robust recovery mechanisms. Additionally, it provides a specific concept and topology that effectively combine the presented protocols to ensure resilient communication from the control center to substation devices.
ven2us
Proceedings of the CIRED Chicago Workshop 2024 on Resilience of Electric Distribution Systems, November 7-8, 2024, Chicago, USA
Chicago
CIRED Chicago Workshop 2024 on Resilience of Electric Distribution Systems
November 7-8, 2024
accepted
1
Ina BereniceFink
MarkusDahlmanns
GerritErichsen
KlausWehrle
inproceedings
2024-dahlmanns-cired
Reliable and Secure Control Center to Station Device Communication
2024
6
19
The increasing demands on the power grid require intelligent and flexible solutions that ensure the grid's stability. Many of these measures involve sophisticated communication between the control center and the stations that is not efficiently realizable using traditional protocols, e.g., IEC 60870-5-104. To this end, IEC 61850 introduces data models which allow flexible communication. Still, the specification leaves open how DSOs should interconnect their stations to realize resilient communication between the control center and station devices. However, DSOs require such communication to adapt modern solutions increasing the grid's capacity, e.g., adaptive protection systems.
In this paper, we present our envisioned network and communication concept for future DSO's ICT infrastructures that enables the control center to resiliently and flexibly communicate with station devices. For resilience, we suggest interconnecting each station with two distinct communication paths to the control center, use MPLS-TP and MPTCP for fast failovers when a single link fails, and mTLS to protect the communication possibilities against misuse. Additionally, in accordance with IEC 61850, we envision the control center to communicate with the station devices using MMS by using the station RTU as a proxy.
ven2us
Proceedings of the CIRED workshop on Increasing Distribution Network Hosting Capacity 2024, June 19-20, 2024, Vienna, Austria
Vienna
CIRED workshop on Increasing Distribution Network Hosting Capacity 2024
June 19-20, 2024
10.1049/icp.2024.2096
1
MarkusDahlmanns
Ina BereniceFink
GerritErichsen
GuosongLin
ThomasHammer
BurkhardBorkenhagen
SebastianSchneider
ChristofMaahsen
KlausWehrle
inproceedings
2024_dahlmanns_ipv6-deployments
Unconsidered Installations: Discovering IoT Deployments in the IPv6 Internet
2024
5
10
Internet-wide studies provide extremely valuable insight into how operators manage their Internet of Things (IoT) deployments in reality and often reveal grievances, e.g., significant security issues. However, while IoT devices often use IPv6, past studies resorted to comprehensively scan the IPv4 address space. To fully understand how the IoT and all its services and devices is operated, including IPv6-reachable deployments is inevitable-although scanning the entire IPv6 address space is infeasible. In this paper, we close this gap and examine how to best discover IPv6-reachable IoT deployments. To this end, we propose a methodology that allows combining various IPv6 scan direction approaches to understand the findability and prevalence of IPv6-reachable IoT deployments. Using three sources of active IPv6 addresses and eleven address generators, we discovered 6658 IoT deployments. We derive that the available address sources are a good starting point for finding IoT deployments. Additionally, we show that using two address generators is sufficient to cover most found deployments and save time as well as resources. Assessing the security of the deployments, we surprisingly find similar issues as in the IPv4 Internet, although IPv6 deployments might be newer and generally more up-to-date: Only 39% of deployments have access control in place and only 6.2% make use of TLS inviting attackers, e.g., to eavesdrop sensitive data.
Internet of Things, security, Internet measurements, IPv6, address generators
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-ipv6.pdf
IEEE
Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24), May 6-10, 2024, Seoul, Korea
Seoul, Korea
2024 IEEE Network Operations and Management Symposium
May 6-10, 2024
10.1109/NOMS59830.2024.10574963
1
MarkusDahlmanns
FelixHeidenreich
JohannesLohmöller
JanPennekamp
KlausWehrle
MartinHenze
inproceedings
2024-dahlmanns-doctoralsym
Protocol Security in the Industrial Internet of Things
2024
5
10
Advances like Industry 4.0 lead to a rising number of Internet-connected industrial deployments and thus an Industrial Internet of Things with growing attack vectors. To uphold a secure and safe operation of these deployments, industrial protocols nowadays include security features, e.g., end-to-end secure communication. However, so far, it is unclear how well these features are used in practice and which obstacles might prevent operators from securely running their deployments. In this research description paper, we summarize our recent research activities to close this gap. Specifically, we show that even secure-by-design protocols are by far no guarantee for secure deployments. Instead, many deployments still open the doors for eavesdropping attacks or malicious takeovers. Additionally, we give an outlook on how to overcome identified obstacles allowing operators to configure their deployments more securely.
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-disssymposium.pdf
IEEE
Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24), May 6-10, 2024, Seoul, Korea
Seoul, Korea
2024 IEEE Network Operations and Management Symposium
May 6-10, 2024
10.1109/NOMS59830.2024.10575096
1
MarkusDahlmanns
KlausWehrle
poster
2024-dahlmanns-sul
Poster: Trusted Execution Environment-basierte Sicherheit für digitale Umspannwerke
2024
3
5
19
ven2us
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-slt.pdf
VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik, March 05-06, 2024, Leipzig, Germany
Leipzig, Germany
VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik
March 05-06, 2024
1
MarkusDahlmanns
AndreasWark
Carl-HeinzGenzel
KlausWehrle
poster
2024-fink-sul
Poster: Resiliente Kommunikation für die Fernwirktechnik in digitalen Umspannwerken
2024
3
5
19
ven2us
VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik, March 05-06, 2024, Leipzig, Germany
Leipzig, Germany
VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik
March 05-06, 2024
1
Ina BereniceFink
MarkusDahlmanns
KlausWehrle
inproceedings
2024-dahlmanns-fps
Collectively Enhancing IoT Security: A Privacy-Aware Crowd-Sourcing Approach
2024
14551
Security configurations remain challenging for trained administrators. Nowadays, due to the advent of the Internet of Things (IoT), untrained users operate numerous and heterogeneous Internet-facing services in manifold use case-specific scenarios. In this work, we close the growing gap between the complexity of IoT security configuration and the expertise of the affected users. To this end, we propose ColPSA, a platform for collective and privacy-aware security advice that allows users to optimize their configuration by exchanging information about what security can be realized given their IoT deployment and scenario.
Mohamed Mosbah, Florence Sèdes, Nadia Tawbi, Toufik Ahmed, Nora Boulahia-Cuppens, Joaquin Garcia-Alfaro
Springer Cham
Lecture Notes in Computer Science
Proceedings of the 16th International Symposium on Foundations and Practice of Security (FPS '23), December 11-13, 2023, Bordeaux, France
Bordeaux, France
International Symposium on Foundations and Practice of Security 2023 (FPS 23)
December 11-13, 2023
10.1007/978-3-031-57540-2_2
1
MarkusDahlmanns
RomanMatzutt
ChrisDax
KlausWehrle
inproceedings
2023_lohmoeller_transparency
Poster: Bridging Trust Gaps: Data Usage Transparency in Federated Data Ecosystems
2023
11
27
data usage control; data ecosystems; transparency logs
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-lohmoeller-transparency.pdf
ACM
Proceedings of the 2023 ACM SIGSAC Conference on
Computer and Communications Security (CCS ’23), November 26-30, 2023, Copenhagen, Denmark
Copenhagen, Denmark
November 26-30, 2023
979-8-4007-0050-7/23/11
10.1145/3576915.3624371
1
JohannesLohmöller
EduardVlad
MarkusDahlmanns
KlausWehrle
article
2023_pennekamp_purchase_inquiries
Offering Two-Way Privacy for Evolved Purchase Inquiries
ACM Transactions on Internet Technology
2023
11
17
23
4
Dynamic and flexible business relationships are expected to become more important in the future to accommodate specialized change requests or small-batch production. Today, buyers and sellers must disclose sensitive information on products upfront before the actual manufacturing. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness. Related work overlooks this issue so far: Existing approaches only protect the information of a single party only, hindering dynamic and on-demand business relationships. To account for the corresponding research gap of inadequately privacy-protected information and to deal with companies without an established trust relation, we pursue the direction of innovative privacy-preserving purchase inquiries that seamlessly integrate into today's established supplier management and procurement processes. Utilizing well-established building blocks from private computing, such as private set intersection and homomorphic encryption, we propose two designs with slightly different privacy and performance implications to securely realize purchase inquiries over the Internet. In particular, we allow buyers to consider more potential sellers without sharing sensitive information and relieve sellers of the burden of repeatedly preparing elaborate yet discarded offers. We demonstrate our approaches' scalability using two real-world use cases from the domain of production technology. Overall, we present deployable designs that offer two-way privacy for purchase inquiries and, in turn, fill a gap that currently hinders establishing dynamic and flexible business relationships. In the future, we expect significantly increasing research activity in this overlooked area to address the needs of an evolving production landscape.
bootstrapping procurement; secure industrial collaboration; private set intersection; homomorphic encryption; Internet of Production
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-purchase-inquiries.pdf
ACM
1533-5399
10.1145/3599968
1
JanPennekamp
MarkusDahlmanns
FrederikFuhrmann
TimoHeutmann
AlexanderKreppein
DennisGrunert
ChristophLange
Robert H.Schmitt
KlausWehrle
inproceedings
2023-dahlmanns-docker
Secrets Revealed in Container Images: An Internet-wide Study on Occurrence and Impact
2023
7
10
797-811
Containerization allows bundling applications and their dependencies into a single image. The containerization framework Docker eases the use of this concept and enables sharing images publicly, gaining high momentum. However, it can lead to users creating and sharing images that include private keys or API secrets—either by mistake or out of negligence. This leakage impairs the creator's security and that of everyone using the image. Yet, the extent of this practice and how to counteract it remains unclear.
In this paper, we analyze 337,171 images from Docker Hub and 8,076 other private registries unveiling that 8.5% of images indeed include secrets. Specifically, we find 52,107 private keys and 3,158 leaked API secrets, both opening a large attack surface, i.e., putting authentication and confidentiality of privacy-sensitive data at stake and even allow active attacks. We further document that those leaked keys are used in the wild: While we discovered 1,060 certificates relying on compromised keys being issued by public certificate authorities, based on further active Internet measurements, we find 275,269 TLS and SSH hosts using leaked private keys for authentication. To counteract this issue, we discuss how our methodology can be used to prevent secret leakage and reuse.
network security; security configuration; secret leakage; container
ven2us, internet-of-production,
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-dahlmanns-asiaccs.pdf
ACM
Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security (ASIACCS '23), July 10-14, 2023, Melbourne, VIC, Australia
Melbourne, VIC, Australia
ASIA CCS '23
July 10-14, 2023
979-8-4007-0098-9/23/07
10.1145/3579856.3590329
1
MarkusDahlmanns
ConstantinSander
RobinDecker
KlausWehrle
article
Jakobs_2023_3
Preserving the Royalty-Free Standards Ecosystem
European Intellectual Property Review
2023
7
45
7
371-375
It has long been recognized in Europe and elsewhere that standards-development organizations (SDOs) may adopt policies that require their participants to license patents essential to the SDO’s standards (standards-essential patents or SEPs) to manufacturers of standardized products (“implementers”) on a royalty-free (RF) basis. This requirement contrasts with SDO policies that permit SEP holders to charge implementers monetary patent royalties, sometimes on terms that are specified as “fair, reasonable and nondiscriminatory” (FRAND). As demonstrated by two decades of intensive litigation around the world, FRAND royalties have given rise to intractable disputes regarding the manner in which such royalties should be calculated and adjudicated. In contrast, standards distributed on an RF basis are comparatively free from litigation and the attendant transaction costs. Accordingly, numerous SDOs around the world have adopted RF licensing policies and many widely adopted standards, including Bluetooth, USB, IPv6, HTTP, HTML and XML, are distributed on an RF basis. This note briefly discusses the commercial considerations surrounding RF standards, the relationship between RF standards and open source software (OSS) and the SDO policy mechanisms – including “universal reciprocity” -- that enable RF licensing to succeed in the marketplace.
0142-0461
10.2139/ssrn.4235647
1
JorgeContreras
RudiBekkers
BradBiddle
EnricoBonadio
Michael A.Carrier
BernardChao
CharlesDuan
RichardGilbert
JoachimHenkel
ErikHovenkamp
MartinHusovec
KaiJakobs
Dong-hyuKim
Mark A.Lemley
Brian J.Love
LukeMcDonagh
Fiona M.Scott Morton
JasonSchultz
TimothySimcoe
Jennifer M.Urban
Joy YXiang
incollection
2023_pennekamp_crd-a.i
Evolving the Digital Industrial Infrastructure for Production: Steps Taken and the Road Ahead
2023
2
8
35-60
The Internet of Production (IoP) leverages concepts such as digital shadows, data lakes, and a World Wide Lab (WWL) to advance today’s production. Consequently, it requires a technical infrastructure that can support the agile deployment of these concepts and corresponding high-level applications, which, e.g., demand the processing of massive data in motion and at rest. As such, key research aspects are the support for low-latency control loops, concepts on scalable data stream processing, deployable information security, and semantically rich and efficient long-term storage. In particular, such an infrastructure cannot continue to be limited to machines and sensors, but additionally needs to encompass networked environments: production cells, edge computing, and location-independent cloud infrastructures. Finally, in light of the envisioned WWL, i.e., the interconnection of production sites, the technical infrastructure must be advanced to support secure and privacy-preserving industrial collaboration. To evolve today’s production sites and lay the infrastructural foundation for the IoP, we identify five broad streams of research: (1) adapting data and stream processing to heterogeneous data from distributed sources, (2) ensuring data interoperability between systems and production sites, (3) exchanging and sharing data with different stakeholders, (4) network security approaches addressing the risks of increasing interconnectivity, and (5) security architectures to enable secure and privacy-preserving industrial collaboration. With our research, we evolve the underlying infrastructure from isolated, sparsely networked production sites toward an architecture that supports high-level applications and sophisticated digital shadows while facilitating the transition toward a WWL.
Cyber-physical production systems; Data streams; Industrial data processing; Industrial network security; Industrial data security; Secure industrial collaboration
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-iop-a.i.pdf
Springer
Interdisciplinary Excellence Accelerator Series
Internet of Production: Fundamentals, Applications and Proceedings
978-3-031-44496-8
10.1007/978-3-031-44497-5_2
1
JanPennekamp
AnastasiiaBelova
ThomasBergs
MatthiasBodenbenner
AndreasBührig-Polaczek
MarkusDahlmanns
IkeKunze
MoritzKröger
SandraGeisler
MartinHenze
DanielLütticke
BenjaminMontavon
PhilippNiemietz
LuciaOrtjohann
MaximilianRudack
Robert H.Schmitt
UweVroomen
KlausWehrle
MichaelZeng
inproceedings
2023-lorz-cired
Interconnected grid protection systems - reference grid for testing an adaptive protection scheme
2023
3286-3290
ven2us
27th International Conference on Electricity Distribution (CIRED 2023), Rome, Italy, June 12-15, 2023
Rome, Italy
International Conference & Exhibition on Electricity Distribution (CIRED)
June 12-15, 2023
10.1049/icp.2023.0864
1
TobiasLorz
JohannJaeger
AntigonaSelimaj
ImmanuelHacker
AndreasUlbig
Jan-PeterHeckel
ChristianBecker
MarkusDahlmanns
Ina BereniceFink
KlausWehrle
GerritErichsen
MichaelSchindler
RainerLuxenburger
GuosongLin
inproceedings
2022_dahlmanns_tlsiiot
Missed Opportunities: Measuring the Untapped TLS Support in the Industrial Internet of Things
2022
5
31
252-266
The ongoing trend to move industrial appliances from previously isolated networks to the Internet requires fundamental changes in security to uphold secure and safe operation. Consequently, to ensure end-to-end secure communication and authentication, (i) traditional industrial protocols, e.g., Modbus, are retrofitted with TLS support, and (ii) modern protocols, e.g., MQTT, are directly designed to use TLS. To understand whether these changes indeed lead to secure Industrial Internet of Things deployments, i.e., using TLS-based protocols, which are configured according to security best practices, we perform an Internet-wide security assessment of ten industrial protocols covering the complete IPv4 address space.
Our results show that both, retrofitted existing protocols and newly developed secure alternatives, are barely noticeable in the wild. While we find that new protocols have a higher TLS adoption rate than traditional protocols (7.2 % vs. 0.4 %), the overall adoption of TLS is comparably low (6.5 % of hosts). Thus, most industrial deployments (934,736 hosts) are insecurely connected to the Internet. Furthermore, we identify that 42 % of hosts with TLS support (26,665 hosts) show security deficits, e.g., missing access control. Finally, we show that support in configuring systems securely, e.g., via configuration templates, is promising to strengthen security.
industrial communication; network security; security configuration
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-dahlmanns-asiaccs.pdf
ACM
Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan
Nagasaki, Japan
ASIACCS '22
May 30-June 3, 2022
978-1-4503-9140-5/22/05
10.1145/3488932.3497762
1
MarkusDahlmanns
JohannesLohmöller
JanPennekamp
JörnBodenhausen
KlausWehrle
MartinHenze
inproceedings
2022_kus_iids_generalizability
A False Sense of Security? Revisiting the State of Machine Learning-Based Industrial Intrusion Detection
2022
5
30
73-84
Anomaly-based intrusion detection promises to detect novel or unknown attacks on industrial control systems by modeling expected system behavior and raising corresponding alarms for any deviations. As manually creating these behavioral models is tedious and error-prone, research focuses on machine learning to train them automatically, achieving detection rates upwards of 99 %. However, these approaches are typically trained not only on benign traffic but also on attacks and then evaluated against the same type of attack used for training. Hence, their actual, real-world performance on unknown (not trained on) attacks remains unclear. In turn, the reported near-perfect detection rates of machine learning-based intrusion detection might create a false sense of security. To assess this situation and clarify the real potential of machine learning-based industrial intrusion detection, we develop an evaluation methodology and examine multiple approaches from literature for their performance on unknown attacks (excluded from training). Our results highlight an ineffectiveness in detecting unknown attacks, with detection rates dropping to between 3.2 % and 14.7 % for some types of attacks. Moving forward, we derive recommendations for further research on machine learning-based approaches to ensure clarity on their ability to detect unknown attacks.
anomaly detection; machine learning; industrial control system
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-iids-generalizability.pdf
ACM
Proceedings of the 8th ACM Cyber-Physical System Security Workshop (CPSS '22), co-located with the 17th ACM ASIA Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan
978-1-4503-9176-4/22/05
10.1145/3494107.3522773
1
DominikKus
EricWagner
JanPennekamp
KonradWolsing
Ina BereniceFink
MarkusDahlmanns
KlausWehrle
MartinHenze
article
2022_brauner_iop
A Computer Science Perspective on Digital Transformation in Production
ACM Transactions on Internet of Things
2022
5
1
3
2
The Industrial Internet-of-Things (IIoT) promises significant improvements for the manufacturing industry by facilitating the integration of manufacturing systems by Digital Twins. However, ecological and economic demands also require a cross-domain linkage of multiple scientific perspectives from material sciences, engineering, operations, business, and ergonomics, as optimization opportunities can be derived from any of these perspectives. To extend the IIoT to a true Internet of Production, two concepts are required: first, a complex, interrelated network of Digital Shadows which combine domain-specific models with data-driven AI methods; and second, the integration of a large number of research labs, engineering, and production sites as a World Wide Lab which offers controlled exchange of selected, innovation-relevant data even across company boundaries. In this article, we define the underlying Computer Science challenges implied by these novel concepts in four layers: Smart human interfaces provide access to information that has been generated by model-integrated AI. Given the large variety of manufacturing data, new data modeling techniques should enable efficient management of Digital Shadows, which is supported by an interconnected infrastructure. Based on a detailed analysis of these challenges, we derive a systematized research roadmap to make the vision of the Internet of Production a reality.
Internet of Production; World Wide Lab; Digital Shadows; Industrial Internet of Things
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-brauner-digital-transformation.pdf
ACM
2691-1914
10.1145/3502265
1
PhilippBrauner
ManuelaDalibor
MatthiasJarke
IkeKunze
IstvánKoren
GerhardLakemeyer
MartinLiebenberg
JudithMichael
JanPennekamp
ChristophQuix
BernhardRumpe
Wilvan der Aalst
KlausWehrle
AndreasWortmann
MartinaZiefle
techreport
draft-irtf-coinrg-use-cases-06
Use Cases for In-Network Computing
2022
3
draft-irtf-coinrg-use-cases-06
expires: 8 September 2022 (work in progress)
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/draft-irtf-coinrg-use-cases-02.pdf
https://datatracker.ietf.org/doc/draft-irtf-coinrg-use-cases/
Online
IETF Trust
Internet Drafts
Internet Engineering Task Force
Internet Engineering Task Force
IkeKunze
KlausWehrle
DirkTrossen
Marie-JoséMontpetit
Xavierde Foy
DavidGriffin
MiguelRio
inproceedings
2022-lorenz-ven2us
Interconnected network protection systems - the basis for the reliable and safe operation of distribution grids with a high penetration of renewable energies and electric vehicle
2022
Power grids are increasingly faced with the introduction of decentralized, highly volatile power supplies from renewable energies and high loads occurring from e-mobility. However, today’s static grid protection cannot manage all upcoming conditions while providing a high level of dependability and security. It forms a bottleneck of a future decarbonizing grid development.
In our research project, we develop and verify an adaptive grid protection algorithm. It calculates situation dependent protection parameters for the event of power flow shifts and topology changes caused by volatile power supplies due to the increase of renewable generation and the rapid expansion of e-mobility. As a result the distribution grid can be operated with the optimally adapted protection parameters and functions for changing operating states. To safely adjust the values on protection hardware in the field, i.e., safe from hardware failures and cyberattacks, we research resilient and secure communication concepts for the adaptive and interconnected grid protection system. Finally, we validate our concept and system by demonstrations in the laboratory and field tests.
ven2us
Proceedings of the CIRED workshop on E-mobility and power distribution systems 2022, June 2-3, 2022, Porto, Portugal
Porto
CIRED workshop on E-mobility and power distribution systems 2022
June 2-3, 2022
10.1049/icp.2022.0768
1
MatthiasLorenz
Tobias MarkusPletzer
MalteSchuhmacher
TorstenSowa
MichaelDahms
SimonStock
DavoodBabazadeh
ChristianBecker
JohannJaeger
TobiasLorz
MarkusDahlmanns
Ina BereniceFink
KlausWehrle
AndreasUlbig
PhilippLinnartz
AntigonaSelimaj
ThomasOffergeld
inproceedings
2021_pennekamp_laser
Collaboration is not Evil: A Systematic Look at Security Research for Industrial Use
2021
12
21
Following the recent Internet of Things-induced trends on digitization in general, industrial applications will further evolve as well. With a focus on the domains of manufacturing and production, the Internet of Production pursues the vision of a digitized, globally interconnected, yet secure environment by establishing a distributed knowledge base.
Background. As part of our collaborative research of advancing the scope of industrial applications through cybersecurity and privacy, we identified a set of common challenges and pitfalls that surface in such applied interdisciplinary collaborations.
Aim. Our goal with this paper is to support researchers in the emerging field of cybersecurity in industrial settings by formalizing our experiences as reference for other research efforts, in industry and academia alike.
Method. Based on our experience, we derived a process cycle of performing such interdisciplinary research, from the initial idea to the eventual dissemination and paper writing. This presented methodology strives to successfully bootstrap further research and to encourage further work in this emerging area.
Results. Apart from our newly proposed process cycle, we report on our experiences and conduct a case study applying this methodology, raising awareness for challenges in cybersecurity research for industrial applications. We further detail the interplay between our process cycle and the data lifecycle in applied research data management. Finally, we augment our discussion with an industrial as well as an academic view on this research area and highlight that both areas still have to overcome significant challenges to sustainably and securely advance industrial applications.
Conclusions. With our proposed process cycle for interdisciplinary research in the intersection of cybersecurity and industrial application, we provide a foundation for further research. We look forward to promising research initiatives, projects, and directions that emerge based on our methodological work.
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-laser-collaboration.pdf
ACSA
Proceedings of the Workshop on Learning from Authoritative Security Experiment Results (LASER '20), co-located with the 36th Annual Computer Security Applications Conference (ACSAC '20), December 7-11, 2020, Austin, TX, USA
Austin, TX, USA
Learning from Authoritative Security Experiment Results (LASER '20)
December 8, 2020
978-1-891562-81-5
10.14722/laser-acsac.2020.23088
1
JanPennekamp
ErikBuchholz
MarkusDahlmanns
IkeKunze
StefanBraun
EricWagner
MatthiasBrockmann
KlausWehrle
MartinHenze
inproceedings
2021_pennekamp_bootstrapping
Confidential Computing-Induced Privacy Benefits for the Bootstrapping of New Business Relationships
2021
11
15
RWTH-2021-09499
In addition to quality improvements and cost reductions, dynamic and flexible business relationships are expected to become more important in the future to account for specific customer change requests or small-batch production. Today, despite reservation, sensitive information must be shared upfront between buyers and sellers. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness following information leaks or breaches of their privacy. To address this issue, the concepts of confidential computing and cloud computing come to mind as they promise to offer scalable approaches that preserve the privacy of participating companies. In particular, designs building on confidential computing can help to technically enforce privacy. Moreover, cloud computing constitutes an elegant design choice to scale these novel protocols to industry needs while limiting the setup and management overhead for practitioners. Thus, novel approaches in this area can advance the status quo of bootstrapping new relationships as they provide privacy-preserving alternatives that are suitable for immediate deployment.
bootstrapping procurement; business relationships; secure industrial collaboration; privacy; Internet of Production
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-bootstrapping.pdf
RWTH Aachen University
Blitz Talk at the 2021 Cloud Computing Security Workshop (CCSW '21), co-located with the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS '21), November 15-19, 2021, Seoul, Korea
RWTH Aachen University
Seoul, Korea
November 14, 2021
10.18154/RWTH-2021-09499
JanPennekamp
FrederikFuhrmann
MarkusDahlmanns
TimoHeutmann
AlexanderKreppein
DennisGrunert
ChristophLange
Robert H.Schmitt
KlausWehrle
article
2021_matzutt_coinprune_v2
CoinPrune: Shrinking Bitcoin's Blockchain Retrospectively
IEEE Transactions on Network and Service Management
2021
9
10
18
3
3064-3078
Popular cryptocurrencies continue to face serious scalability issues due to their ever-growing blockchains. Thus, modern blockchain designs began to prune old blocks and rely on recent snapshots for their bootstrapping processes instead. Unfortunately, established systems are often considered incapable of adopting these improvements. In this work, we present CoinPrune, our block-pruning scheme with full Bitcoin compatibility, to revise this popular belief. CoinPrune bootstraps joining nodes via snapshots that are periodically created from Bitcoin's set of unspent transaction outputs (UTXO set). Our scheme establishes trust in these snapshots by relying on CoinPrune-supporting miners to mutually reaffirm a snapshot's correctness on the blockchain. This way, snapshots remain trustworthy even if adversaries attempt to tamper with them. Our scheme maintains its retrospective deployability by relying on positive feedback only, i.e., blocks containing invalid reaffirmations are not rejected, but invalid reaffirmations are outpaced by the benign ones created by an honest majority among CoinPrune-supporting miners. Already today, CoinPrune reduces the storage requirements for Bitcoin nodes by two orders of magnitude, as joining nodes need to fetch and process only 6 GiB instead of 271 GiB of data in our evaluation, reducing the synchronization time of powerful devices from currently 7 h to 51 min, with even larger potential drops for less powerful devices. CoinPrune is further aware of higher-level application data, i.e., it conserves otherwise pruned application data and allows nodes to obfuscate objectionable and potentially illegal blockchain content from their UTXO set and the snapshots they distribute.
blockchain; block pruning; synchronization; bootstrapping; scalability; velvet fork; Bitcoin
mynedata; impact_digital; digital_campus
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-matzutt-coinprune-v2.pdf
English
1932-4537
10.1109/TNSM.2021.3073270
1
RomanMatzutt
BenediktKalde
JanPennekamp
ArthurDrichel
MartinHenze
KlausWehrle
inproceedings
2021_mangel_reshare
Data Reliability and Trustworthiness through Digital Transmission Contracts
2021
6
8
12731
265-283
As decision-making is increasingly data-driven, trustworthiness and reliability of the underlying data, e.g., maintained in knowledge graphs or on the Web, are essential requirements for their usability in the industry. However, neither traditional solutions, such as paper-based data curation processes, nor state-of-the-art approaches, such as distributed ledger technologies, adequately scale to the complex requirements and high throughput of continuously evolving industrial data. Motivated by a practical use case with high demands towards data trustworthiness and reliability, we identify the need for digitally-verifiable data immutability as a still insufficiently addressed dimension of data quality. Based on our discussion of shortcomings in related work, we thus propose ReShare, our novel concept of digital transmission contracts with bilateral signatures, to address this open issue for both RDF knowledge graphs and arbitrary data on the Web. Our quantitative evaluation of ReShare’s performance and scalability reveals only moderate computation and communication overhead, indicating significant potential for cost-reductions compared to today’s approaches. By cleverly integrating digital transmission contracts with existing Web-based information systems, ReShare provides a promising foundation for data sharing and reuse in Industry 4.0 and beyond, enabling digital accountability through easily-adoptable digitally-verifiable data immutability and non-repudiation.
Lecture Notes in Computer Science (LNCS), Volume 12731
Digital transmission contracts; Trust; Data immutability; Non-repudiation; Accountability; Data dynamics; Linked Data; Knowledge graphs
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-mangel-eswc-reshare.pdf
Springer
Proceedings of the 18th Extended Semantic Web Conference (ESWC '21), June 6-10, 2021, Heraklion, Greece
Heraklion, Greece
June 6-10, 2021
978-3-030-77384-7
0302-9743
10.1007/978-3-030-77385-4_16
1
SimonMangel
LarsGleim
JanPennekamp
KlausWehrle
StefanDecker
inproceedings
2021_gleim_factstack
FactStack: Interoperable Data Management and Preservation for the Web and Industry 4.0
2021
5
31
P-312
371-395
Data exchange throughout the supply chain is essential for the agile and adaptive manufacturing processes of Industry 4.0. As companies employ numerous, frequently mutually incompatible data management and preservation approaches, interorganizational data sharing and reuse regularly requires human interaction and is thus associated with high overhead costs. An interoperable system, supporting the unified management, preservation and exchange of data across organizational boundaries is missing to date. We propose FactStack, a unified approach to data management and preservation based upon a novel combination of existing Web-standards and tightly integrated with the HTTP protocol itself. Based on the FactDAG model, FactStack guides and supports the full data lifecycle in a FAIR and interoperable manner, independent of individual software solutions and backward-compatible with existing resource oriented architectures. We describe our reference implementation of the approach and evaluate its performance, showcasing scalability even to high-throughput applications. We analyze the system's applicability to industry using a representative real-world use case in aircraft manufacturing based on principal requirements identified in prior work. We conclude that FactStack fulfills all requirements and provides a promising solution for the on-demand integration of persistence and provenance into existing resource-oriented architectures, facilitating data management and preservation for the agile and interorganizational manufacturing processes of Industry 4.0. Through its open source distribution, it is readily available for adoption by the community, paving the way for improved utility and usability of data management and preservation in digital manufacturing and supply chains.
Lecture Notes in Informatics (LNI), Volume P-312
Web Technologies; Data Management; Memento; Persistence; PID; Industry 4.0
internet-of-production
https://comsys.rwth-aachen.de/fileadmin/papers/2021/2021-gleim-btw-iop-interoperability-realization.pdf
Gesellschaft für Informatik
Proceedings of the 19th Symposium for Database Systems for Business, Technology and Web (BTW '21), September 13-17, 2021, Dresden, Germany
Dresden, Germany
September 13-17, 2021
978-3-88579-705-0
1617-5468
10.18420/btw2021-20
1
LarsGleim
JanPennekamp
LiamTirpitz
SaschaWelten
FlorianBrillowski
StefanDecker
inproceedings
2021_dahlmanns_entrust
Transparent End-to-End Security for Publish/Subscribe Communication in Cyber-Physical Systems
2021
4
28
78–87
The ongoing digitization of industrial manufacturing leads to a decisive change in industrial communication paradigms. Moving from traditional one-to-one to many-to-many communication, publish/subscribe systems promise a more dynamic and efficient exchange of data. However, the resulting significantly more complex communication relationships render traditional end-to-end security futile for sufficiently protecting the sensitive and safety-critical data transmitted in industrial systems. Most notably, the central message brokers inherent in publish/subscribe systems introduce a designated weak spot for security as they can access all communication messages. To address this issue, we propose ENTRUST, a novel solution for key server-based end-to-end security in publish/subscribe systems. ENTRUST transparently realizes confidentiality, integrity, and authentication for publish/subscribe systems without any modification of the underlying protocol. We exemplarily implement ENTRUST on top of MQTT, the de-facto standard for machine-to-machine communication, showing that ENTRUST can integrate seamlessly into existing publish/subscribe systems.
cyber-physical system security; publish-subscribe security; end-to-end security
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-dahlmanns-entrust.pdf
ACM
Proceedings of the 1st ACM Workshop on Secure and Trustworthy Cyber-Physical Systems (SaT-CPS '21), co-located with the 11th ACM Conference on Data and Application Security and Privacy (CODASPY '21), April 26-28, 2021, Virtual Event, USA
Virtual Event, USA
ACM Workshop on Secure and Trustworthy Cyber-Physical Systems
April 28, 2021
978-1-4503-8319-6/21/04
10.1145/3445969.3450423
1
MarkusDahlmanns
JanPennekamp
Ina BereniceFink
BerndSchoolmann
KlausWehrle
MartinHenze
article
2021-wehrle-energy
A Novel Receiver Design for Energy Packet‐Based Dispatching
Energy Technology
2021
9
2
10.1002/ente.202000937
1
FriedirchWiegel
EdoardoDe Din
AntonelloMonti
KlausWehrle
MarcHiller
MartinaZitterbart
VeitHagenmeyer
inproceedings
2020_pennekamp_parameter_exchange
Privacy-Preserving Production Process Parameter Exchange
2020
12
10
510-525
Nowadays, collaborations between industrial companies always go hand in hand with trust issues, i.e., exchanging valuable production data entails the risk of improper use of potentially sensitive information. Therefore, companies hesitate to offer their production data, e.g., process parameters that would allow other companies to establish new production lines faster, against a quid pro quo. Nevertheless, the expected benefits of industrial collaboration, data exchanges, and the utilization of external knowledge are significant.
In this paper, we introduce our Bloom filter-based Parameter Exchange (BPE), which enables companies to exchange process parameters privacy-preservingly. We demonstrate the applicability of our platform based on two distinct real-world use cases: injection molding and machine tools. We show that BPE is both scalable and deployable for different needs to foster industrial collaborations. Thereby, we reward data-providing companies with payments while preserving their valuable data and reducing the risks of data leakage.
secure industrial collaboration; Bloom filter; oblivious transfer; Internet of Production
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-parameter-exchange.pdf
ACM
Proceedings of the 36th Annual Computer Security Applications Conference (ACSAC '20), December 7-11, 2020, Austin, TX, USA
Austin, TX, USA
December 7-11, 2020
978-1-4503-8858-0/20/12
10.1145/3427228.3427248
1
JanPennekamp
ErikBuchholz
YannikLockner
MarkusDahlmanns
TiandongXi
MarcelFey
ChristianBrecher
ChristianHopmann
KlausWehrle
inproceedings
2020_delacadena_trafficsliver
TrafficSliver: Fighting Website Fingerprinting Attacks with Traffic Splitting
2020
11
12
1971-1985
Website fingerprinting (WFP) aims to infer information about the content of encrypted and anonymized connections by observing patterns of data flows based on the size and direction of packets. By collecting traffic traces at a malicious Tor entry node — one of the weakest adversaries in the attacker model of Tor — a passive eavesdropper can leverage the captured meta-data to reveal the websites visited by a Tor user. As recently shown, WFP is significantly more effective and realistic than assumed. Concurrently, former WFP defenses are either infeasible for deployment in real-world settings or defend against specific WFP attacks only.
To limit the exposure of Tor users to WFP, we propose novel lightweight WFP defenses, TrafficSliver, which successfully counter today’s WFP classifiers with reasonable bandwidth and latency overheads and, thus, make them attractive candidates for adoption in Tor. Through user-controlled splitting of traffic over multiple Tor entry nodes, TrafficSliver limits the data a single entry node can observe and distorts repeatable traffic patterns exploited by WFP attacks. We first propose a network-layer defense, in which we apply the concept of multipathing entirely within the Tor network. We show that our network-layer defense reduces the accuracy from more than 98% to less than 16% for all state-of-the-art WFP attacks without adding any artificial delays or dummy traffic. We further suggest an elegant client-side application-layer defense, which is independent of the underlying anonymization network. By sending single HTTP requests for different web objects over distinct Tor entry nodes, our application-layer defense reduces the detection rate of WFP classifiers by almost 50 percentage points. Although it offers lower protection than our network-layer defense, it provides a security boost at the cost of a very low implementation overhead and is fully compatible with today’s Tor network.
Traffic Analysis; Website Fingerprinting; Privacy; Anonymous Communication; Onion Routing; Web Privacy
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-delacadena-trafficsliver.pdf
https://github.com/TrafficSliver
ACM
Proceedings of the 27th ACM SIGSAC Conference on Computer and Communications Security (CCS '20), November 9-13, 2020, Orlando, FL, USA
Virtual Event, USA
November 9-13, 2020
978-1-4503-7089-9/20/11
10.1145/3372297.3423351
1
WladimirDe la Cadena
AsyaMitseva
JensHiller
JanPennekamp
SebastianReuter
JulianFilter
KlausWehrle
ThomasEngel
AndriyPanchenko
inproceedings
2020_gleim_factdag_provenance
Expressing FactDAG Provenance with PROV-O
2020
11
1
2821
53-58
To foster data sharing and reuse across organizational boundaries, provenance tracking is of vital importance for the establishment of trust and accountability, especially in industrial applications, but often neglected due to associated overhead. The abstract FactDAG data interoperability model strives to address this challenge by simplifying the creation of provenance-linked knowledge graphs of revisioned (and thus immutable) resources. However, to date, it lacks a practical provenance implementation.
In this work, we present a concrete alignment of all roles and relations in the FactDAG model to the W3C PROV provenance standard, allowing future software implementations to directly produce standard-compliant provenance information. Maintaining compatibility with existing PROV tooling, an implementation of this mapping will pave the way for practical FactDAG implementations and deployments, improving trust and accountability for Open Data through simplified provenance management.
Provenance; Data Lineage; Open Data; Semantic Web Technologies; Ontology Alignment; PROV; RDF; Industry 4.0; Internet of Production; IIoT
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-gleim-factdag-provenance.pdf
CEUR Workshop Proceedings
Proceedings of the 6th Workshop on Managing the Evolution and Preservation of the Data Web (MEPDaW '20), co-located with the 19th International Semantic Web Conference (ISWC '20), November 1-6, 2020, Athens, Greece,
Athens, Greece
November 1-6, 2020
1613-0073
1
LarsGleim
LiamTirpitz
JanPennekamp
StefanDecker
inproceedings
2020-dahlmanns-imc-opcua
Easing the Conscience with OPC UA: An Internet-Wide Study on Insecure Deployments
2020
10
27
101-110
Due to increasing digitalization, formerly isolated industrial networks, e.g., for factory and process automation, move closer and closer to the Internet, mandating secure communication. However, securely setting up OPC UA, the prime candidate for secure industrial communication, is challenging due to a large variety of insecure options. To study whether Internet-facing OPC UA appliances are configured securely, we actively scan the IPv4 address space for publicly reachable OPC UA systems and assess the security of their configurations. We observe problematic security configurations such as missing access control (on 24% of hosts), disabled security functionality (24%), or use of deprecated cryptographic primitives (25%) on in total 92% of the reachable deployments. Furthermore, we discover several hundred devices in multiple autonomous systems sharing the same security certificate, opening the door for impersonation attacks. Overall, in this paper, we highlight commonly found security misconfigurations and underline the importance of appropriate configuration for security-featuring protocols.
industrial communication; network security; security configuration
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-dahlmanns-imc-opcua.pdf
ACM
Proceedings of the Internet Measurement Conference (IMC '20), October 27-29, 2020, Pittsburgh, PA, USA
Pittsburgh, PA, USA
ACM Internet Measurement Conference 2020
October 27-29, 2020
978-1-4503-8138-3/20/10
10.1145/3419394.3423666
1
MarkusDahlmanns
JohannesLohmöller
Ina BereniceFink
JanPennekamp
KlausWehrle
MartinHenze
inproceedings
2020_matzutt_coinprune
How to Securely Prune Bitcoin’s Blockchain
2020
6
24
298-306
Bitcoin was the first successful decentralized cryptocurrency and remains the most popular of its kind to this day. Despite the benefits of its blockchain, Bitcoin still faces serious scalability issues, most importantly its ever-increasing blockchain size. While alternative designs introduced schemes to periodically create snapshots and thereafter prune older blocks, already-deployed systems such as Bitcoin are often considered incapable of adopting corresponding approaches. In this work, we revise this popular belief and present CoinPrune, a snapshot-based pruning scheme that is fully compatible with Bitcoin. CoinPrune can be deployed through an opt-in velvet fork, i.e., without impeding the established Bitcoin network. By requiring miners to publicly announce and jointly reaffirm recent snapshots on the blockchain, CoinPrune establishes trust into the snapshots' correctness even in the presence of powerful adversaries. Our evaluation shows that CoinPrune reduces the storage requirements of Bitcoin already by two orders of magnitude today, with further relative savings as the blockchain grows. In our experiments, nodes only have to fetch and process 5 GiB instead of 230 GiB of data when joining the network, reducing the synchronization time on powerful devices from currently 5 h to 46 min, with even more savings for less powerful devices.
blockchain; block pruning; synchronization; bootstrapping; scalability; velvet fork; Bitcoin
mynedata; impact_digital; digital_campus
https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-matzutt-coinprune.pdf
https://coinprune.comsys.rwth-aachen.de
IEEE
Proceedings of the 19th IFIP Networking 2020 Conference (NETWORKING '20), June 22-26, 2020, Paris, France
Paris, France
NETWORKING 2020
June 22-26, 2020
978-3-903176-28-7
1
RomanMatzutt
BenediktKalde
JanPennekamp
ArthurDrichel
MartinHenze
KlausWehrle
article
2020_gleim_factDAG
FactDAG: Formalizing Data Interoperability in an Internet of Production
IEEE Internet of Things Journal
2020
4
14
7
4
3243-3253
In the production industry, the volume, variety and velocity of data as well as the number of deployed protocols increase exponentially due to the influences of IoT advances. While hundreds of isolated solutions exist to utilize this data, e.g., optimizing processes or monitoring machine conditions, the lack of a unified data handling and exchange mechanism hinders the implementation of approaches to improve the quality of decisions and processes in such an interconnected environment.
The vision of an Internet of Production promises the establishment of a Worldwide Lab, where data from every process in the network can be utilized, even interorganizational and across domains. While numerous existing approaches consider interoperability from an interface and communication system perspective, fundamental questions of data and information interoperability remain insufficiently addressed.
In this paper, we identify ten key issues, derived from three distinctive real-world use cases, that hinder large-scale data interoperability for industrial processes. Based on these issues we derive a set of five key requirements for future (IoT) data layers, building upon the FAIR data principles. We propose to address them by creating FactDAG, a conceptual data layer model for maintaining a provenance-based, directed acyclic graph of facts, inspired by successful distributed version-control and collaboration systems. Eventually, such a standardization should greatly shape the future of interoperability in an interconnected production industry.
Data Management; Data Versioning; Interoperability; Industrial Internet of Things; Worldwide Lab
internet-of-production
https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-gleim-iotj-iop-interoperability.pdf
IEEE
2327-4662
10.1109/JIOT.2020.2966402
1
LarsGleim
JanPennekamp
MartinLiebenberg
MelanieBuchsbaum
PhilippNiemietz
SimonKnape
AlexanderEpple
SimonStorms
DanielTrauth
ThomasBergs
ChristianBrecher
StefanDecker
GerhardLakemeyer
KlausWehrle
inproceedings
2020_roepert_opcua
Assessing the Security of OPC UA Deployments
2020
4
2
To address the increasing security demands of industrial deployments, OPC UA is one of the first industrial protocols explicitly designed with security in mind. However, deploying it securely requires a thorough configuration of a wide range of options. Thus, assessing the security of OPC UA deployments and their configuration is necessary to ensure secure operation, most importantly confidentiality and integrity of industrial processes. In this work, we present extensions to the popular Metasploit Framework to ease network-based security assessments of OPC UA deployments. To this end, we discuss methods to discover OPC UA servers, test their authentication, obtain their configuration, and check for vulnerabilities. Ultimately, our work enables operators to verify the (security) configuration of their systems and identify potential attack vectors.
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-roepert-opcua-security.pdf
en
University of Tübingen
Proceedings of the 1st ITG Workshop on IT Security (ITSec '20), April 2-3, 2020, Tübingen, Germany
Tübingen, Germany
April 2-3, 2020
10.15496/publikation-41813
1
LinusRoepert
MarkusDahlmanns
Ina BereniceFink
JanPennekamp
MartinHenze
inproceedings
2019_pennekamp_securityConsiderations
Security Considerations for Collaborations in an Industrial IoT-based Lab of Labs
2019
12
4
The productivity and sustainability advances for (smart) manufacturing resulting from (globally) interconnected Industrial IoT devices in a lab of labs are expected to be significant. While such visions introduce opportunities for the involved parties, the associated risks must be considered as well. In particular, security aspects are crucial challenges and remain unsolved. So far, single stakeholders only had to consider their local view on security. However, for a global lab, we identify several fundamental research challenges in (dynamic) scenarios with multiple stakeholders: While information security mandates that models must be adapted wrt. confidentiality to address these new influences on business secrets, from a network perspective, the drastically increasing amount of possible attack vectors challenges today's approaches. Finally, concepts addressing these security challenges should provide backwards compatibility to enable a smooth transition from today's isolated landscape towards globally interconnected IIoT environments.
secure industrial collaboration; interconnected cyber-physical systems; stakeholders; Internet of Production
internet-of-production; iotrust
https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-pennekamp-security-considerations.pdf
IEEE
Proceedings of the 3rd IEEE Global Conference on Internet of Things (GCIoT '19), December 4–7, 2019, Dubai, United Arab Emirates
Dubai, United Arab Emirates
December 4–7, 2019
978-1-7281-4873-1
10.1109/GCIoT47977.2019.9058413
1
JanPennekamp
MarkusDahlmanns
LarsGleim
StefanDecker
KlausWehrle
inproceedings
2019_delacadena_countermeasure
POSTER: Traffic Splitting to Counter Website Fingerprinting
2019
11
12
2533-2535
Website fingerprinting (WFP) is a special type of traffic analysis, which aims to infer the websites visited by a user. Recent studies have shown that WFP targeting Tor users is notably more effective than previously expected. Concurrently, state-of-the-art defenses have been proven to be less effective. In response, we present a novel WFP defense that splits traffic over multiple entry nodes to limit the data a single malicious entry can use. Here, we explore several traffic-splitting strategies to distribute user traffic. We establish that our weighted random strategy dramatically reduces the accuracy from nearly 95% to less than 35% for four state-of-the-art WFP attacks without adding any artificial delays or dummy traffic.
https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-delacadena-splitting-defense.pdf
ACM
Proceedings of the 26th ACM SIGSAC Conference on Computer and Communications Security (CCS '19), November 11-15, 2019, London, United Kingdom
London, United Kingdom
November 11-15, 2019
978-1-4503-6747-9/19/11
10.1145/3319535.3363249
1
WladimirDe la Cadena
AsyaMitseva
JanPennekamp
JensHiller
FabianLanze
ThomasEngel
KlausWehrle
AndriyPanchenko
inproceedings
2019-hiller-icnp-tailoringOR
Tailoring Onion Routing to the Internet of Things: Security and Privacy in Untrusted Environments
2019
10
10
An increasing number of IoT scenarios involve mobile, resource-constrained IoT devices that rely on untrusted networks for Internet connectivity. In such environments, attackers can derive sensitive private information of IoT device owners, e.g., daily routines or secret supply chain procedures, when sniffing on IoT communication and linking IoT devices and owner. Furthermore, untrusted networks do not provide IoT devices with any protection against attacks from the Internet. Anonymous communication using onion routing provides a well-proven mechanism to keep the relationship between communication partners secret and (optionally) protect against network attacks. However, the application of onion routing is challenged by protocol incompatibilities and demanding cryptographic processing on constrained IoT devices, rendering its use infeasible. To close this gap, we tailor onion routing to the IoT by bridging protocol incompatibilities and offloading expensive cryptographic processing to a router or web server of the IoT device owner. Thus, we realize resource-conserving access control and end-to-end security for IoT devices. To prove applicability, we deploy onion routing for the IoT within the well-established Tor network enabling IoT devices to leverage its resources to achieve the same grade of anonymity as readily available to traditional devices.
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-hiller-tailoring.pdf
IEEE
Proceedings of the 27th IEEE International Conference on Network Protocols (ICNP '19), October 7-10, 2019, Chicago, IL, USA
Chicago, IL, USA
27th IEEE International Conference on Network Protocols (ICNP 2019)
7-10. Oct. 2019
978-1-7281-2700-2
2643-3303
10.1109/ICNP.2019.8888033
1
JensHiller
JanPennekamp
MarkusDahlmanns
MartinHenze
AndriyPanchenko
KlausWehrle
inproceedings
2019-dahlmanns-icnp-knowledgeSystem
Privacy-Preserving Remote Knowledge System
2019
10
7
More and more traditional services, such as malware detectors or collaboration services in industrial scenarios, move to the cloud. However, this behavior poses a risk for the privacy of clients since these services are able to generate profiles containing very sensitive information, e.g., vulnerability information or collaboration partners. Hence, a rising need for protocols that enable clients to obtain knowledge without revealing their requests exists. To address this issue, we propose a protocol that enables clients (i) to query large cloud-based knowledge systems in a privacy-preserving manner using Private Set Intersection and (ii) to subsequently obtain individual knowledge items without leaking the client’s requests via few Oblivious Transfers. With our preliminary design, we allow clients to save a significant amount of time in comparison to performing Oblivious Transfers only.
Poster Session
private query protocol; knowledge system; remote knowledge; private set intersection; oblivious transfer
kimusin; internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-dahlmanns-knowledge-system.pdf
IEEE
Proceedings of the 27th IEEE International Conference on Network Protocols (ICNP '19), October 7-10, 2019, Chicago, IL, USA
Chicago, IL, USA
27th IEEE International Conference on Network Protocols (ICNP 2019)
7-10. Oct. 2019
978-1-7281-2700-2
2643-3303
10.1109/ICNP.2019.8888121
1
MarkusDahlmanns
ChrisDax
RomanMatzutt
JanPennekamp
JensHiller
KlausWehrle
inproceedings
2019_pennekamp_multipath
Multipathing Traffic to Reduce Entry Node Exposure in Onion Routing
2019
10
7
Users of an onion routing network, such as Tor, depend on its anonymity properties. However, especially malicious entry nodes, which know the client’s identity, can also observe the whole communication on their link to the client and, thus, conduct several de-anonymization attacks. To limit this exposure and to impede corresponding attacks, we propose to multipath traffic between the client and the middle node to reduce the information an attacker can obtain at a single vantage point. To facilitate the deployment, only clients and selected middle nodes need to implement our approach, which works transparently for the remaining legacy nodes. Furthermore, we let clients control the splitting strategy to prevent any external manipulation.
Poster Session
https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-pennekamp-multipathing.pdf
IEEE
Proceedings of the 27th IEEE International Conference on Network Protocols (ICNP '19), October 7-10, 2019, Chicago, IL, USA
Chicago, IL, USA
27th IEEE International Conference on Network Protocols (ICNP 2019)
7-10. Oct. 2019
978-1-7281-2700-2
2643-3303
10.1109/ICNP.2019.8888029
1
JanPennekamp
JensHiller
SebastianReuter
WladimirDe la Cadena
AsyaMitseva
MartinHenze
ThomasEngel
KlausWehrle
AndriyPanchenko
inproceedings
2019-hiller-aeit-regaining
Regaining Insight and Control on SMGW-based Secure Communication in Smart Grids
2019
9
Smart Grids require extensive communication to enable safe and stable energy supply in the age of decentralized and dynamic energy production and consumption. To protect the communication in this critical infrastructure, public authorities mandate smart meter gateways (SMGWs) to intercept all inbound and outbound communication of premises such as a factory or smart home, and forward the communication data on secure channels established by the SMGW itself to be in control of the communication security. However, using the SMGW as proxy, local devices can neither review the security of these remote connections established by the SMGW nor enforce higher security guarantees than established by the all in one configuration of the SMGW which does not allow for use case-specific security settings. We present mechanisms that enable local devices to regain this insight and control over the full connection, i.e., up to the final receiver, while retaining the SMGW's ability to ensure a suitable security level. Our evaluation shows modest computation and transmission overheads for this increased security in the critical smart grid infrastructure.
ECSEL; European Union (EU); Horizon 2020; CONNECT Innovative smart components, modules and appliances for a truly connected, efficient and secure smart grid; Grant Agreement No 737434
connect
https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-hiller-aeit-regaining.pdf
IEEE
Proceedings of the 2019 AEIT International Annual Conference, September 18-20, 2019, Firenze, Italy
Firenze, Italy
AEIT International Annual Conference
September 18-20, 2019
978-8-8872-3745-0
10.23919/AEIT.2019.8893406
1
JensHiller
KarstenKomanns
MarkusDahlmanns
KlausWehrle
inproceedings
2018-rueth-quicadoptionstudy
A First Look at QUIC in the Wild
2018
3
26
255-268
maki,reflexes
https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-rueth-quicadoptionstudy.pdf
https://arxiv.org/abs/1801.05168
Springer, Cham
In Proceedings of the Passive and Active Measurement Conference (PAM '18)
Berlin, Germany
Passive and Active Measurement Conference (PAM 2018)
26.3.2018 - 27.3.2018
en
978-3-319-76481-8
10.1007/978-3-319-76481-8_19
1
JanRüth
IngmarPoese
ChristophDietzel
OliverHohlfeld
inproceedings
2018-dedin-energy-packets
A new solution for the Energy Packet-based Dispatching using power/signal dual modulation
2018
Proceedings of the Ninth International Conference on Future Energy Systems (ACM e-Energy '18)
Karlsruhe, Germany
Ninth International Conference on Future Energy Systems
2018-06-15
10.1145/3208903.3208931
1
EdoardoDe Din
AntonelloMonti
VeitHagenmeyer
KlausWehrle
inproceedings
2017-henze-mobiquitous-cloudanalyzer
CloudAnalyzer: Uncovering the Cloud Usage of Mobile Apps
2017
11
7
262-271
Developers of smartphone apps increasingly rely on cloud services for ready-made functionalities, e.g., to track app usage, to store data, or to integrate social networks. At the same time, mobile apps have access to various private information, ranging from users' contact lists to their precise locations. As a result, app deployment models and data flows have become too complex and entangled for users to understand. We present CloudAnalyzer, a transparency technology that reveals the cloud usage of smartphone apps and hence provides users with the means to reclaim informational self-determination. We apply CloudAnalyzer to study the cloud exposure of 29 volunteers over the course of 19 days. In addition, we analyze the cloud usage of the 5000 most accessed mobile websites as well as 500 popular apps from five different countries. Our results reveal an excessive exposure to cloud services: 90 % of apps use cloud services and 36 % of apps used by volunteers solely communicate with cloud services. Given the information provided by CloudAnalyzer, users can critically review the cloud usage of their apps.
Privacy; Smartphones; Cloud Computing; Traffic Analysis
trinics
https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-mobiquitous-cloudanalyzer.pdf
Online
ACM
Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous '17), November 7-10, 2017, Melbourne, VIC, Australia
Melbourne, VIC, Australia
November 7-10, 2017
en
978-1-4503-5368-7
10.1145/3144457.3144471
1
MartinHenze
JanPennekamp
DavidHellmanns
ErikMühmer
Jan HenrikZiegeldorf
ArthurDrichel
KlausWehrle
inproceedings
2017-liew-schemmel-fp
Floating-Point Symbolic Execution: A Case Study in N-Version Programming
2017
10
30
symbiosys
file:1848
Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering
Urbana-Champaign, IL, USA
en
978-1-5386-2684-9/17
1
DanielLiew
DanielSchemmel
CristianCadar
AlastairDonaldson
RafaelZähl
KlausWehrle
phdthesis
phd-dombrowski
Design and Evaluation of an Ultra-Reliable Low-Latency Wireless Network Protocol
2017
6
14
Shaker Verlag GmbH
Shaker Verlag GmbH, Herzogenrath, Germany
Reports on Communications and Distributed Systems
RWTH Aachen University
Dissertation
978-3-8440-5510-8
ChristianDombrowski
article
dombrowski-vdi
Funktechnologien für Industrie 4.0
VDE Positionspapier
2017
6
1
VDE - Verband der Elektrotechnik, Elektronik, Informationstechnik e.V.
Stresemannallee 15, 60596 Frankfurt am Main, Germany
IsmetAktas
AlexanderBentkus
FlorianBonanati
ArminDekorsy
ChristianDombrowski
MichaelDoubrava
AliGolestani
FrankHofmann
MikeHeidrich
StefanHiensch
RüdigerKays
MichaelMeyer
AndreasMüller
Stephanten Brink
NedaPetreska
MilanPopovic
LutzRauchhaupt
AhmadSaad
HansSchotten
ChristophWöste
IngoWolff
inproceedings
DombrowskiSRDS16
Model-Checking Assisted Protocol Design for Ultra-reliable Low-Latency Wireless Networks
2016
9
27
307--316
fault tolerance;formal verification;protocols;wireless channels;EchoRing protocol;fault-tolerant methods;formal model-based verification;model-checking assisted protocol;probabilistic model checking;reliability constraints;safety-critical industrial applications;salient features;token loss;token-based system;ultrareliable low-latency wireless networks;unprecedented latency;wireless networking community;wireless protocols;wireless token-passing systems;Automata;Model checking;Payloads;Probabilistic logic;Protocols;Reliability;Wireless communication;Model checking;Probabilistic timed automata;Token passing;Wireless Industrial Networks;tool-assisted protocol design;validation
cps,hodrian
http://ieeexplore.ieee.org/document/7794360/
Proc. of IEEE 35th Symposium on Reliable Distributed Systems
IEEE
Budapest, Hungary
IEEE 35th Symposium on Reliable Distributed Systems (SRDS)
10.1109/SRDS.2016.048
1
ChristianDombrowski
SebastianJunges
Joost-PieterKatoen
JamesGross
inproceedings
2016-serror-wowmom-arq
Performance Analysis of Cooperative ARQ Systems for Wireless Industrial
Networks
2016
6
21
koi
IEEE
online
17th IEEE International Symposium on a World of Wireless, Mobile and
Multimedia Networks (IEEE WoWMoM 2016), Coimbra, Portugal
Coimbra, Portugal
en
10.1109/WoWMoM.2016.7523534
1
MartinSerror
YulinHu
ChristianDombrowski
KlausWehrle
JamesGross
inproceedings
2015-serror-channel-coding
Channel Coding Versus Cooperative ARQ: Reducing Outage Probability in
Ultra-Low Latency Wireless Communications
2015
12
koi
file:1704
IEEE
online
IEEE GC 2015 Workshop on Ultra-Low Latency and Ultra-High Reliability in
Wireless Communications (GC'15 - ULTRA2), San Diego, USA
San Diego, USA
IEEE GC 2015 Workshop on Ultra-Low Latency and Ultra-High Reliability in Wireless Communications
December 6-10 2015
10.1109/GLOCOMW.2015.7414150
1
MartinSerror
ChristianDombrowski
KlausWehrle
JamesGross
poster
serror-zdn-2015
How to Benefit from Cooperation in Latency-Constrained Wireless Communications
2015
9
25
cps,koi,hodrian
https://www.comsys.rwth-aachen.de/fileadmin/papers/2015/2015-serror-zdn-cooperation.pdf
http://kn.inf.uni-tuebingen.de/itg-zdn-2015-poster-session
VDE
online
ITG-Fachtagung "Zukunft der Netze 2015" – Poster Session, Tübingen, Germany
Tübingen, Germany
MartinSerror
ChristianDombrowski
KlausWehrle
JamesGross
inproceedings
2015-wowmom-schumacher-warpsim
WARPsim: A Code-Transparent Network Simulator for WARP Devices
2015
6
14
cps,koi
file:1688
IEEE
online
16th IEEE International Symposium on a World of Wireless, Mobile and
Multimedia Networks: Demos (IEEE WoWMoM 2015 - Demos), Boston, USA
Boston, USA
IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks
14.-17. June 2015
10.1109/WoWMoM.2015.7158181
1
AndreasSchumacher
MartinSerror
ChristianDombrowski
JamesGross
inproceedings
Dombrowski2015EW
EchoRing: A Low-Latency, Reliable Token-Passing MAC Protocol for Wireless Industrial Networks
2015
5
20
Spurred by recent industrial trends, such as factory automation or phase synchronization in the smart grid, there is a significant interest for wireless industrial networks lately. In contrast to traditional applications, the focus is on carrying out communication at very short latencies together with high reliabilities. Meeting such extreme requirements with wireless networks is challenging. A potential candidate for such a network is a token-passing protocol, as it allows to bound latencies. However, it lacks mechanisms to cope with the dynamics of wireless channels. In this paper, we present EchoRing, a novel wireless token-passing protocol. Cooperative communication and an improved fault tolerance allow this decentralized protocol to support industrial applications over wireless networks. Based on experimental results, we demonstrate the suitability of EchoRing to support demands of industrial applications. EchoRing outperforms other schemes by several orders of magnitude in terms of reliability for latencies of and below 10ms.
Protocols and architectures for wireless networks; Testbeds and experimental wireless systems; Reliability: robust and dependable wireless systems
cps,hodrian
IEEE
Proc. of 21st European Wireless Conference (EW15)
Budapest, Hungary
European Wireless Conference (EW)
20/05/2015
978-3-8007-3976-9
ChristianDombrowski
JamesGross
inproceedings
Dombrowski2015NetSys
EchoRing: Meeting Hard Real-Time Constraints with Decentralized Wireless Networks
2015
3
9
1--3
cps,hodrian
http://www.netsys2015.com/wp-content/uploads/NetSys2015_Demo_Dombrowski.pdf
http://www.netsys2015.com/program/demonstrations/
http://www.netsys2015.com/communication-software-awards/
2nd Place Regular Demonstrations
IEEE
Proc. of 2nd International Conference on Networked Systems, Demonstrations (NetSys15)
Cottbus, Germany
Conference on Networked Systems (NetSys) - Demo Session
09/03/2015
1
ChristianDombrowski
JamesGross
conference
Schumacher2014
A Code-transparent MAC Simulator for WARP
2014
11
19
hodrian,cps
Proc. of European workshop on testbed based wireless research
Stockholm, Sweden
European workshop on testbed based wireless research
19/11/2014
AndreasSchumacher
ChristianDombrowski
JamesGross
inproceedings
2014-aktas-wintech-a-framework-for-remote-automation-configuration-and-monitoring
A Framework for Remote Automation, Configuration, and Monitoring of Real-World Experiments
2014
9
7
1--8
crawler
fileadmin/papers/2014/2014-aktas-wintech-remote-cross-layer.pdf
Online
ACM
Proceedings of the 9th ACM International Workshop on Wireless Network Testbeds, Experimental Evaluation and Characterization (WiNTECH 2014), Hawaii, USA
Hawaii, USA
9th ACM International Workshop on Wireless Network Testbeds, Experimental Evaluation and Characterization (WiNTECH 2014)
7 September 2014
en
978-1-4503-3072-5
10.1145/2643230.2643236
1
IsmetAktas
OscarPuñal
FlorianSchmidt
TobiasDrüner
KlausWehrle
inproceedings
Dombrowski2013WiOpt
Energy-Efficient Multi-Hop Transmission for Machine-to-Machine Communications
2013
5
13
341-348
energy minimization;quality-of-service;outage probability;deadline;optimization;multi-hop;average csi;instantaneous csi
11th International Symposium on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt 2013)
Tsukuba Science City, Japan
English
1
ChristianDombrowski
NedaPetreska
SimonGörtzen
AnkeSchmeink
JamesGross
inproceedings
2012-aktas-wowmom-CRAWLER:AnExperimentationPlatformforSystemMonitoringandCross-Layer-Coordination-conference
CRAWLER: An Experimentation Architecture for System Monitoring and Cross-Layer-Coordination
Proceedings of the 13th International Symposium on a World of Wireless, Mobile and MultimediaNetworks (WoWMoM'12), San Francisco, USA
2012
6
25
1--9
crawler
fileadmin/papers/2012/2012-aktas-wowmom-crawler.pdf
Online
IEEE
Proceedings of the 13th International Symposium on a World of Wireless, Mobile and MultimediaNetworks (WoWMoM'12), San Francisco, USA
San Francisco
13th International Symposium on a World of Wireless, Mobile and MultimediaNetworks (WoWMoM'12)
25-28 June, 2012
en
978-1-4673-1238-7
10.1109/WoWMoM.2012.6263686
1
IsmetAktas
FlorianSchmidt
Muhammad HamadAlizai
TobiasDrüner
KlausWehrle
inproceedings
Dombrowski2011LCN
Hard Real-Time Wireless Medium Access in Action: Stop the Guillotine Within a Millisecond!
2011
10
4
1--3
http://www.ieeelcn.org/prior/LCN36/lcn36demos/lcn-demo2011_dombrowski.pdf
http://www.ieeelcn.org/prior/LCN36/lcn36demos.html
Proc. of Local Computer Networks Conference, Demonstrations, (LCN'11)
Bonn, Germany
36th IEEE Conference on Local Computer Networks (LCN)
04/10/2011
1
ChristianDombrowski
JamesGross
inproceedings
Dombrowski2011RealWIN
Reducing Outage Probability Over Wireless Channels Under Hard Real-time Constraints
2011
4
11
1 -6
Proc. of Workshop on Real-Time Wireless For Industrial Applications (RealWIN'11)
1
ChristianDombrowski
JamesGross
inproceedings
Dombrowski2010GC
Is High Quality Sensing Really Necessary for Opportunistic Spectrum Usage?
2010
12
6
1--6
IEEE
Proc. of IEEE Global Telecommunications Conference (GLOBECOM'10)
Miami, FL, USA
IEEE Global Telecommunications Conference (GLOBECOM'10)
06/12/2010
ChristianDombrowski
DanielWillkomm
AdamWolisz
inproceedings
2010-sensys-sasnauskas-coojakleenet
Demo Abstract: Integrating Symbolic Execution with Sensornet Simulation for Efficient Bug Finding
2010
11
383--384
High-coverage testing of sensornet applications is vital for pre-deployment bug cleansing, but has previously been difficult due to the limited set of available tools. We integrate the KleeNet symbolic execution engine with the COOJA network simulator to allow for straight-forward and intuitive high-coverage testing initiated from a simulation environment. A tight coupling of simulation and testing helps detect, narrow down, and fix complex interaction bugs in an early development phase. We demonstrate the seamless transition between COOJA simulation and KleeNet symbolic execution. Our framework enables future research in how high-coverage testing tools could be used in cooperation with simulation tools.
kleenet
fileadmin/papers/2010/2010-osterlind_sasnauskas-sensys-coojakleenet.pdf
Print
ACM
New York, NY, USA
Proceedings of the 8th ACM Conference on Embedded Networked Sensor Systems (SenSys 2010), Zurich, Switzerland
en
978-1-4503-0344-6
http://doi.acm.org/10.1145/1869983.1870034
1
FredrikÖsterlind
RaimondasSasnauskas
AdamDunkels
OscarSoria Dustmann
KlausWehrle
article
VaegsDHH2010
Learning by gaming: facts and myths
International Journal of Technology Enhanced Learning (IJTEL)
2010
2
1/2
21-40
Gaming has undergone a transition from a niche hobby to a part of everyday culture. This transition, along with the advance in the use of the internet, has created a new kind of social environment, commonly known as virtual life. This paper presents the survey results of over 1000 gamers worldwide, in which they tell us how gaming affected their lives – both virtual and real – with regard to their career, relationships and social life. The analysis of the answers disproves common stereotypes about gamers, shows areas where gaming can very well be beneficial and where there are still problems.
video games, online games, learning by playing, soft skills, transferable skills, motivation, conflicts, social skills, careers, relationships, communities, technical competence, gaming, virtual life, social life, gamers
https://www.comsys.rwth-aachen.de/fileadmin/papers/2010/2010-vaegs-JTEL-Gaming.pdf
Martin Wolpers
Inderscience Publishers
Geneva, SWITZERLAND
en
1753-5255
10.1504/IJTEL.2010.031258
1
TobiasVaegs
DarkoDugosija
StephanHackenbracht
AnnaHannemann
inproceedings
DugosijaEHVHM2008
Online Gaming as Tool for Career Development
2008
9
16
386
Gaming has undergone a transition from a niche hobby to a part of everyday culture, with the most prominent examples of professional gaming in Korea and the success of World of Warcraft. This transition alongside with the advance of use of the Internet has created a new kind of social environment, commonly known as virtual life. This paper presents an excerpt of the results of a survey investigating this environment with particular regard to the interaction between gaming and career, relationships as well as social groups. “Man only plays when in the full meaning of the word he is a man, and he is only completely a man when he plays. ” Schiller 1
https://www.comsys.rwth-aachen.de/fileadmin/papers/2008/2008-steg-vaegs-gaming.pdf
http://www.slideshare.net/vaegs/online-gaming-as-tool-for-career-development-presentation
Ralf Klamma, Nalin Sharda, Baltasar Fernández-Manjón, Harald Kosch and Marc Spaniol
CEUR Workshop Proceedings
Proceedings of the First International Workshop on Story-Telling and Educational Games (STEG'08)
Maastricht School of Management, Maastricht, The Netherlands
First International Workshop on Story-Telling and Educational Games (STEG'08)
September 16, 2008
en
DarkoDugosija
VadiEfe
StephanHackenbracht
TobiasVaegs
AnnaHannemann
inproceedings
200602LandsiedelEWSNModularSN
Modular Communication Protocols for Sensor Networks
2006
2
13
507
22 -- 23
In this paper we present our ongoing work on modular communication protocols for sensor networks. Their modularity allows recomposing a protocol dynamically at runtime and adapting it to the changing needs of a sensor network. Compared to existing work, our componentization is fine grained and protocol independent, enabling a high degree of component reusability.
(Poster and Abstract)
fileadmin/papers/2006/2006-02-Landsiedel-EWSN-ModularSN.pdf
ftp://ftp.inf.ethz.ch/pub/publications/tech-reports/5xx/507.pdf
Technical Report
Online
Kay Römer and Holger Karl and Friedemann Matterns
Department of Computer Science, ETH Zurich
Zurich, Switzerland
Technical Report ETH Zurich / Dept. of Computer Science
European Workshop on Wireless Sensor Networks (EWSN 2006), Zurich Switzerland
EWSN
Zurich, Switzerland
3rd European Workshop on Wireless Sensor Networks (EWSN 2006)
February 13-15, 2006
en
1
OlafLandsiedel
Jó AgilaBitsch Link
KatharinaDenkinger
KlausWehrle