This file was created by the TYPO3 extension bib --- Timezone: CEST Creation date: 2024-04-24 Creation time: 21-36-57 --- Number of references 137 inproceedings 2024-wagner-madtls 2024 7 1 https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-wagner-madtls.pdf 19th ACM ASIA Conference on Computer and Communications Security (ACM AsiaCCS '24), Singapur Singapur ACM ASIA Conference on Computer and Communications Security (AsiaCCS) July 1-5, 2024 unpublished 1 EricWagner DavidHeye MartinSerror IkeKunze KlausWehrle MartinHenze inproceedings 2024-kunze-spintrap 2024 5 7 IEEE/IFIP Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24) 2024 IEEE/IFIP Network Operations and Management Symposium accepted 1 IkeKunze ConstantinSander LarsTissen BenediktBode KlausWehrle inproceedings 2024-kunze-civic 2024 5 internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-kunze-civic.pdf Proceedings of the 7th IEEE International Conference on Industrial Cyber-Physical Systems (ICPS '24) accepted 1 IkeKunze DominikScheurenberg LiamTirpitz SandraGeisler KlausWehrle article 2024_pennekamp_supply-chain-survey ACM Computing Surveys 2024 2 1 56 2 Supply chains form the backbone of modern economies and therefore require reliable information flows. In practice, however, supply chains face severe technical challenges, especially regarding security and privacy. In this work, we consolidate studies from supply chain management, information systems, and computer science from 2010--2021 in an interdisciplinary meta-survey to make this topic holistically accessible to interdisciplinary research. In particular, we identify a significant potential for computer scientists to remedy technical challenges and improve the robustness of information flows. We subsequently present a concise information flow-focused taxonomy for supply chains before discussing future research directions to provide possible entry points. information flows; data communication; supply chain management; data security; data sharing; systematic literature review internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-supply-chain-survey.pdf ACM 0360-0300 10.1145/3606693 1 JanPennekamp RomanMatzutt ChristopherKlinkmüller LennartBader MartinSerror EricWagner SidraMalik MariaSpiß JessicaRahn TanGürpinar EduardVlad Sander J. J.Leemans Salil S.Kanhere VolkerStich KlausWehrle article 2023_pennekamp_purchase_inquiries ACM Transactions on Internet Technology 2023 11 17 23 4 Dynamic and flexible business relationships are expected to become more important in the future to accommodate specialized change requests or small-batch production. Today, buyers and sellers must disclose sensitive information on products upfront before the actual manufacturing. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness. Related work overlooks this issue so far: Existing approaches only protect the information of a single party only, hindering dynamic and on-demand business relationships. To account for the corresponding research gap of inadequately privacy-protected information and to deal with companies without an established trust relation, we pursue the direction of innovative privacy-preserving purchase inquiries that seamlessly integrate into today's established supplier management and procurement processes. Utilizing well-established building blocks from private computing, such as private set intersection and homomorphic encryption, we propose two designs with slightly different privacy and performance implications to securely realize purchase inquiries over the Internet. In particular, we allow buyers to consider more potential sellers without sharing sensitive information and relieve sellers of the burden of repeatedly preparing elaborate yet discarded offers. We demonstrate our approaches' scalability using two real-world use cases from the domain of production technology. Overall, we present deployable designs that offer two-way privacy for purchase inquiries and, in turn, fill a gap that currently hinders establishing dynamic and flexible business relationships. In the future, we expect significantly increasing research activity in this overlooked area to address the needs of an evolving production landscape. bootstrapping procurement; secure industrial collaboration; private set intersection; homomorphic encryption; Internet of Production internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-purchase-inquiries.pdf ACM 1533-5399 10.1145/3599968 1 JanPennekamp MarkusDahlmanns FrederikFuhrmann TimoHeutmann AlexanderKreppein DennisGrunert ChristophLange Robert H.Schmitt KlausWehrle inproceedings 2023_bader_reputation-systems 2023 11 Consumers frequently interact with reputation systems to rate products, services, and deliveries. While past research extensively studied different conceptual approaches to realize such systems securely and privacy-preservingly, these concepts are not yet in use in business-to-business environments. In this paper, (1) we thus outline which specific challenges privacy-cautious stakeholders in volatile supply chain networks introduce, (2) give an overview of the diverse landscape of privacy-preserving reputation systems and their properties, and (3) based on well-established concepts from supply chain information systems and cryptography, we further propose an initial concept that accounts for the aforementioned challenges by utilizing fully homomorphic encryption. For future work, we identify the need of evaluating whether novel systems address the supply chain-specific privacy and confidentiality needs. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering (LNICST) SCM; confidentiality; anonymity; voter; votee; FHE internet-of-production https://jpennekamp.de/wp-content/papercite-data/pdf/bpt+23.pdf Springer Proceedings of the 20th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous '23), November 14-17, 2023, Melbourne, VIC, Australia Melbourne, VIC, Australia November 14-17, 2023 accepted 1867-8211 1 LennartBader JanPennekamp EmildeonThevaraj MariaSpiß Salil S.Kanhere KlausWehrle inproceedings 2023-kunze-spin-bit-in-the-wild 2023 10 https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-kunze-spin-bit-in-the-wild.pdf ACM Proceedings of the Internet Measurement Conference (IMC '23) Internet Measurement Conference 2023 10.1145/3618257.3624844 1 IkeKunze ConstantinSander KlausWehrle inproceedings 2023-sander-quic-ecn 2023 10 legato https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-sander-quic-ecn.pdf https://arxiv.org/abs/2309.14273 ACM Proceedings of the Internet Measurement Conference (IMC '23) Internet Measurement Conference 2023 979-8-4007-0382-9/23/10 10.1145/3618257.3624821 1 ConstantinSander IkeKunze LeoBlöcher MikeKosek KlausWehrle inproceedings 2023_wolsing_ensemble 2023 9 25 14345 102-122 Industrial Intrusion Detection Systems (IIDSs) play a critical role in safeguarding Industrial Control Systems (ICSs) against targeted cyberattacks. Unsupervised anomaly detectors, capable of learning the expected behavior of physical processes, have proven effective in detecting even novel cyberattacks. While offering decent attack detection, these systems, however, still suffer from too many False-Positive Alarms (FPAs) that operators need to investigate, eventually leading to alarm fatigue. To address this issue, in this paper, we challenge the notion of relying on a single IIDS and explore the benefits of combining multiple IIDSs. To this end, we examine the concept of ensemble learning, where a collection of classifiers (IIDSs in our case) are combined to optimize attack detection and reduce FPAs. While training ensembles for supervised classifiers is relatively straightforward, retaining the unsupervised nature of IIDSs proves challenging. In that regard, novel time-aware ensemble methods that incorporate temporal correlations between alerts and transfer-learning to best utilize the scarce training data constitute viable solutions. By combining diverse IIDSs, the detection performance can be improved beyond the individual approaches with close to no FPAs, resulting in a promising path for strengthening ICS cybersecurity. Lecture Notes in Computer Science (LNCS), Volume 14345 Intrusion Detection; Ensemble Learning; ICS internet-of-production, rfc https://jpennekamp.de/wp-content/papercite-data/pdf/wkw+23.pdf Springer Proceedings of the 28th European Symposium on Research in Computer Security (ESORICS '23), September 25-29, 2023, The Hague, The Netherlands The Hague, The Netherlands 28th European Symposium on Research in Computer Security (ESORICS '23) September 25-29, 2023 978-3-031-51475-3 0302-9743 10.1007/978-3-031-51476-0_6 1 KonradWolsing DominikKus EricWagner JanPennekamp KlausWehrle MartinHenze article Jakobs_2023_3 European Intellectual Property Review 2023 7 45 7 371-375 It has long been recognized in Europe and elsewhere that standards-development organizations (SDOs) may adopt policies that require their participants to license patents essential to the SDO’s standards (standards-essential patents or SEPs) to manufacturers of standardized products (“implementers”) on a royalty-free (RF) basis. This requirement contrasts with SDO policies that permit SEP holders to charge implementers monetary patent royalties, sometimes on terms that are specified as “fair, reasonable and nondiscriminatory” (FRAND). As demonstrated by two decades of intensive litigation around the world, FRAND royalties have given rise to intractable disputes regarding the manner in which such royalties should be calculated and adjudicated. In contrast, standards distributed on an RF basis are comparatively free from litigation and the attendant transaction costs. Accordingly, numerous SDOs around the world have adopted RF licensing policies and many widely adopted standards, including Bluetooth, USB, IPv6, HTTP, HTML and XML, are distributed on an RF basis. This note briefly discusses the commercial considerations surrounding RF standards, the relationship between RF standards and open source software (OSS) and the SDO policy mechanisms – including “universal reciprocity” -- that enable RF licensing to succeed in the marketplace. 0142-0461 10.2139/ssrn.4235647 1 JorgeContreras RudiBekkers BradBiddle EnricoBonadio Michael A.Carrier BernardChao CharlesDuan RichardGilbert JoachimHenkel ErikHovenkamp MartinHusovec KaiJakobs Dong-hyuKim Mark A.Lemley Brian J.Love LukeMcDonagh Fiona M.Scott Morton JasonSchultz TimothySimcoe Jennifer M.Urban Joy YXiang inproceedings 2023-grote-mvca-fairness 2023 6 https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-grote-mvca-fairness.pdf IFIP/IEEE Proceedings of the Network Traffic Measurement and Analysis Conference (TMA '23) 978-3-903176-58-4 10.23919/TMA58422.2023.10199019 1 LaurenzGrote IkeKunze ConstantinSander KlausWehrle article 2023-circres-wu-comp-ecosystem Circulation research 2023 4 14 132 8 1084-1100 Online en 10.1161/CIRCRESAHA.123.321765 1 ZhuojunWu JohannesLohmöller ChristianeKuhl KlausWehrle JoachimJankowski incollection 2023_pennekamp_crd-a.i 2023 2 8 35-60 The Internet of Production (IoP) leverages concepts such as digital shadows, data lakes, and a World Wide Lab (WWL) to advance today’s production. Consequently, it requires a technical infrastructure that can support the agile deployment of these concepts and corresponding high-level applications, which, e.g., demand the processing of massive data in motion and at rest. As such, key research aspects are the support for low-latency control loops, concepts on scalable data stream processing, deployable information security, and semantically rich and efficient long-term storage. In particular, such an infrastructure cannot continue to be limited to machines and sensors, but additionally needs to encompass networked environments: production cells, edge computing, and location-independent cloud infrastructures. Finally, in light of the envisioned WWL, i.e., the interconnection of production sites, the technical infrastructure must be advanced to support secure and privacy-preserving industrial collaboration. To evolve today’s production sites and lay the infrastructural foundation for the IoP, we identify five broad streams of research: (1) adapting data and stream processing to heterogeneous data from distributed sources, (2) ensuring data interoperability between systems and production sites, (3) exchanging and sharing data with different stakeholders, (4) network security approaches addressing the risks of increasing interconnectivity, and (5) security architectures to enable secure and privacy-preserving industrial collaboration. With our research, we evolve the underlying infrastructure from isolated, sparsely networked production sites toward an architecture that supports high-level applications and sophisticated digital shadows while facilitating the transition toward a WWL. Cyber-physical production systems; Data streams; Industrial data processing; Industrial network security; Industrial data security; Secure industrial collaboration internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-iop-a.i.pdf Springer Interdisciplinary Excellence Accelerator Series Internet of Production: Fundamentals, Applications and Proceedings 978-3-031-44496-8 10.1007/978-3-031-44497-5_2 1 JanPennekamp AnastasiiaBelova ThomasBergs MatthiasBodenbenner AndreasBührig-Polaczek MarkusDahlmanns IkeKunze MoritzKröger SandraGeisler MartinHenze DanielLütticke BenjaminMontavon PhilippNiemietz LuciaOrtjohann MaximilianRudack Robert H.Schmitt UweVroomen KlausWehrle MichaelZeng incollection 2023_rueppel_crd-b2.ii 2023 2 8 221-246 The main objectives in production technology are quality assurance, cost reduction, and guaranteed process safety and stability. Digital shadows enable a more comprehensive understanding and monitoring of processes on shop floor level. Thus, process information becomes available between decision levels, and the aforementioned criteria regarding quality, cost, or safety can be included in control decisions for production processes. The contextual data for digital shadows typically arises from heterogeneous sources. At shop floor level, the proximity to the process requires usage of available data as well as domain knowledge. Data sources need to be selected, synchronized, and processed. Especially high-frequency data requires algorithms for intelligent distribution and efficient filtering of the main information using real-time devices and in-network computing. Real-time data is enriched by simulations, metadata from product planning, and information across the whole process chain. Well-established analytical and empirical models serve as the base for new hybrid, gray box approaches. These models are then applied to optimize production process control by maximizing the productivity under given quality and safety constraints. To store and reuse the developed models, ontologies are developed and a data lake infrastructure is utilized and constantly enlarged laying the basis for a World Wide Lab (WWL). Finally, closing the control loop requires efficient quality assessment, immediately after the process and directly on the machine. This chapter addresses works in a connected job shop to acquire data, identify and optimize models, and automate systems and their deployment in the Internet of Production (IoP). Process control; Model-based control; Data aggregation; Model identification; Model optimization internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-rueppel-iop-b2.i.pdf Springer Interdisciplinary Excellence Accelerator Series Internet of Production: Fundamentals, Applications and Proceedings 978-3-031-44496-8 10.1007/978-3-031-44497-5_7 1 Adrian KarlRüppel MuzafferAy BenediktBiernat IkeKunze MarkusLandwehr SamuelMann JanPennekamp PascalRabe Mark P.Sanders DominikScheurenberg SvenSchiller TiandongXi DirkAbel ThomasBergs ChristianBrecher UweReisgen Robert H.Schmitt KlausWehrle incollection 2023_klugewilkes_crd-b2.iv 2023 2 8 303-328 The increasing product variability and lack of skilled workers demand for autonomous, flexible production. Since assembly is considered a main cost driver and accounts for a major part of production time, research focuses on new technologies in assembly. The paradigm of Line-less Mobile Assembly Systems (LMAS) provides a solution for the future of assembly by mobilizing all resources. Thus, dynamic product routes through spatiotemporally configured assembly stations on a shop floor free of fixed obstacles are enabled. In this chapter, we present research focal points on different levels of LMAS, starting with the macroscopic level of formation planning, followed by the mesoscopic level of mobile robot control and multipurpose input devices and the microscopic level of services, such as interpreting autonomous decisions and in-network computing. We provide cross-level data and knowledge transfer through a novel ontology-based knowledge management. Overall, our work contributes to future safe and predictable human-robot collaboration in dynamic LMAS stations based on accurate online formation and motion planning of mobile robots, novel human-machine interfaces and networking technologies, as well as trustworthy AI-based decisions. Lineless mobile assembly systems (LMAS); Formation planning; Online motion planning; In-network computing; Interpretable AI; Human-machine collaboration; Ontology-based knowledge management internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-klugewilkes-iop-b2.iv.pdf Springer Interdisciplinary Excellence Accelerator Series Internet of Production: Fundamentals, Applications and Proceedings 978-3-031-44496-8 10.1007/978-3-031-44497-5_13 1 AlineKluge-Wilkes RalphBaier DanielGossen IkeKunze AleksandraMüller AmirShahidi DominikWolfschläger ChristianBrecher BurkhardCorves MathiasHüsing VerenaNitsch Robert H.Schmitt KlausWehrle inproceedings 2022_kus_ensemble 2022 12 8 RWTH-2022-10809 Industrial intrusion detection promises to protect networked industrial control systems by monitoring them and raising an alarm in case of suspicious behavior. Many monolithic intrusion detection systems are proposed in literature. These detectors are often specialized and, thus, work particularly well on certain types of attacks or monitor different parts of the system, e.g., the network or the physical process. Combining multiple such systems promises to leverage their joint strengths, allowing the detection of a wider range of attacks due to their diverse specializations and reducing false positives. We study this concept's feasibility with initial results of various methods to combine detectors. rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-ensemble-poster.pdf RWTH Aachen University 38th Annual Computer Security Applications Conference (ACSAC '22), December 5-9, 2022, Austin, TX, USA RWTH Aachen University Austin, TX, USA 38th Annual Computer Security Applications Conference (ACSAC '22) December 5-9, 2022 10.18154/RWTH-2022-10809 1 DominikKus KonradWolsing JanPennekamp EricWagner MartinHenze KlausWehrle inproceedings 2022-kunze-coin-transport 2022 11 https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kunze-coin-transport.pdf Proceedings of the 1st Workshop on New IP and Beyond, co-located with the 30th IEEE International Conference on Network Protocols Lexington, Kentucky, USA 1st Workshop on New IP and Beyond, co-located with the 30th IEEE International Conference on Network Protocols 30 October, 2022 10.1109/ICNP55882.2022.9940379 1 IkeKunze DirkTrossen KlausWehrle inproceedings 2022-sander-h3-prio-hol 2022 6 27 legato https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-sander-h3-prio-hol.pdf https://tma.ifip.org/2022/wp-content/uploads/sites/11/2022/06/tma2022-paper28.pdf IFIP Proceedings of the Network Traffic Measurement and Analysis Conference (TMA '22) Enschede Network Traffic Measurement and Analysis Conference 27.06.22-30.06.22 978-3-903176-47-8 1 ConstantinSander IkeKunze KlausWehrle inproceedings 2022_kus_iids_generalizability 2022 5 30 73-84 Anomaly-based intrusion detection promises to detect novel or unknown attacks on industrial control systems by modeling expected system behavior and raising corresponding alarms for any deviations. As manually creating these behavioral models is tedious and error-prone, research focuses on machine learning to train them automatically, achieving detection rates upwards of 99 %. However, these approaches are typically trained not only on benign traffic but also on attacks and then evaluated against the same type of attack used for training. Hence, their actual, real-world performance on unknown (not trained on) attacks remains unclear. In turn, the reported near-perfect detection rates of machine learning-based intrusion detection might create a false sense of security. To assess this situation and clarify the real potential of machine learning-based industrial intrusion detection, we develop an evaluation methodology and examine multiple approaches from literature for their performance on unknown attacks (excluded from training). Our results highlight an ineffectiveness in detecting unknown attacks, with detection rates dropping to between 3.2 % and 14.7 % for some types of attacks. Moving forward, we derive recommendations for further research on machine learning-based approaches to ensure clarity on their ability to detect unknown attacks. anomaly detection; machine learning; industrial control system internet-of-production, rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-iids-generalizability.pdf ACM Proceedings of the 8th ACM Cyber-Physical System Security Workshop (CPSS '22), co-located with the 17th ACM ASIA Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan 978-1-4503-9176-4/22/05 10.1145/3494107.3522773 1 DominikKus EricWagner JanPennekamp KonradWolsing Ina BereniceFink MarkusDahlmanns KlausWehrle MartinHenze inproceedings 2022_matzutt_redactchain 2022 5 3 Blockchains gained tremendous attention for their capability to provide immutable and decentralized event ledgers that can facilitate interactions between mutually distrusting parties. However, precisely this immutability and the openness of permissionless blockchains raised concerns about the consequences of illicit content being irreversibly stored on them. Related work coined the notion of redactable blockchains, which allow for removing illicit content from their history without affecting the blockchain's integrity. While honest users can safely prune identified content, current approaches either create trust issues by empowering fixed third parties to rewrite history, cannot react quickly to reported content due to using lengthy public votings, or create large per-redaction overheads. In this paper, we instead propose to outsource redactions to small and periodically exchanged juries, whose members can only jointly redact transactions using chameleon hash functions and threshold cryptography. Multiple juries are active at the same time to swiftly redact reported content. They oversee their activities via a global redaction log, which provides transparency and allows for appealing and reversing a rogue jury's decisions. Hence, our approach establishes a framework for the swift and transparent moderation of blockchain content. Our evaluation shows that our moderation scheme can be realized with feasible per-block and per-redaction overheads, i.e., the redaction capabilities do not impede the blockchain's normal operation. redactable blockchain; illicit content; chameleon hash functions; threshold cryptography mynedata; impact-digital; digital-campus https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-matzutt-redactchain.pdf IEEE Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China Shanghai, China May 2-5, 2022 978-1-6654-9538-7/22 10.1109/ICBC54727.2022.9805508 1 RomanMatzutt VincentAhlrichs JanPennekamp RomanKarwacik KlausWehrle article 2022_brauner_iop ACM Transactions on Internet of Things 2022 5 1 3 2 The Industrial Internet-of-Things (IIoT) promises significant improvements for the manufacturing industry by facilitating the integration of manufacturing systems by Digital Twins. However, ecological and economic demands also require a cross-domain linkage of multiple scientific perspectives from material sciences, engineering, operations, business, and ergonomics, as optimization opportunities can be derived from any of these perspectives. To extend the IIoT to a true Internet of Production, two concepts are required: first, a complex, interrelated network of Digital Shadows which combine domain-specific models with data-driven AI methods; and second, the integration of a large number of research labs, engineering, and production sites as a World Wide Lab which offers controlled exchange of selected, innovation-relevant data even across company boundaries. In this article, we define the underlying Computer Science challenges implied by these novel concepts in four layers: Smart human interfaces provide access to information that has been generated by model-integrated AI. Given the large variety of manufacturing data, new data modeling techniques should enable efficient management of Digital Shadows, which is supported by an interconnected infrastructure. Based on a detailed analysis of these challenges, we derive a systematized research roadmap to make the vision of the Internet of Production a reality. Internet of Production; World Wide Lab; Digital Shadows; Industrial Internet of Things internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-brauner-digital-transformation.pdf ACM 2691-1914 10.1145/3502265 1 PhilippBrauner ManuelaDalibor MatthiasJarke IkeKunze IstvánKoren GerhardLakemeyer MartinLiebenberg JudithMichael JanPennekamp ChristophQuix BernhardRumpe Wilvan der Aalst KlausWehrle AndreasWortmann MartinaZiefle techreport draft-irtf-coinrg-use-cases-02 2022 3 draft-irtf-coinrg-use-cases-02 expires: 8 September 2022 (work in progress) https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/draft-irtf-coinrg-use-cases-02.pdf https://datatracker.ietf.org/doc/draft-irtf-coinrg-use-cases/ Online IETF Trust Internet Drafts Internet Engineering Task Force Internet Engineering Task Force IkeKunze KlausWehrle DirkTrossen Marie-JoséMontpetit Xavierde Foy DavidGriffin MiguelRio inproceedings 2021_pennekamp_laser 2021 12 21 Following the recent Internet of Things-induced trends on digitization in general, industrial applications will further evolve as well. With a focus on the domains of manufacturing and production, the Internet of Production pursues the vision of a digitized, globally interconnected, yet secure environment by establishing a distributed knowledge base. Background. As part of our collaborative research of advancing the scope of industrial applications through cybersecurity and privacy, we identified a set of common challenges and pitfalls that surface in such applied interdisciplinary collaborations. Aim. Our goal with this paper is to support researchers in the emerging field of cybersecurity in industrial settings by formalizing our experiences as reference for other research efforts, in industry and academia alike. Method. Based on our experience, we derived a process cycle of performing such interdisciplinary research, from the initial idea to the eventual dissemination and paper writing. This presented methodology strives to successfully bootstrap further research and to encourage further work in this emerging area. Results. Apart from our newly proposed process cycle, we report on our experiences and conduct a case study applying this methodology, raising awareness for challenges in cybersecurity research for industrial applications. We further detail the interplay between our process cycle and the data lifecycle in applied research data management. Finally, we augment our discussion with an industrial as well as an academic view on this research area and highlight that both areas still have to overcome significant challenges to sustainably and securely advance industrial applications. Conclusions. With our proposed process cycle for interdisciplinary research in the intersection of cybersecurity and industrial application, we provide a foundation for further research. We look forward to promising research initiatives, projects, and directions that emerge based on our methodological work. internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-laser-collaboration.pdf ACSA Proceedings of the Workshop on Learning from Authoritative Security Experiment Results (LASER '20), co-located with the 36th Annual Computer Security Applications Conference (ACSAC '20), December 7-11, 2020, Austin, TX, USA Austin, TX, USA Learning from Authoritative Security Experiment Results (LASER '20) December 8, 2020 978-1-891562-81-5 10.14722/laser-acsac.2020.23088 1 JanPennekamp ErikBuchholz MarkusDahlmanns IkeKunze StefanBraun EricWagner MatthiasBrockmann KlausWehrle MartinHenze inproceedings 2021_kiesel_5g 2021 12 15 739-744 Latency-critical applications in production promise to be essential enablers for performance improvement in production. However, they require the right and often wireless communication system. 5G technology appears to be an effective way to achieve communication system for these applications. Its estimated economic benefit on production gross domestic product is immense ($740 billion Euro until 2030). However, 55% of production companies state that 5G technology deployment is currently not a subject matter for them and mainly state the lack of knowledge on benefits as a reason. Currently, it is missing an approach or model for a use case specific, data-based evaluation of 5G technology influence on the performance of production applications. Therefore, this paper presents a model to evaluate the potential of 5G technology for latency-critical applications in production. First, we derive requirements for the model to fulfill the decision-makers' needs. Second, we analyze existing evaluation approaches regarding their fulfillment of the derived requirements. Third, based on outlined research gaps, we develop a model fulfilling the requirements. Fourth, we give an outlook for further research needs. 5G technology; latency-critical applications; production; evaluation model https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-kiesel-5g-model.pdf IEEE Proceedings of the 28th IEEE International Conference on Industrial Engineering and Engineering Management (IEEM '21), December 13-16, 2021, Singapore, Singapore Singapore, Singapore December 13-16, 2021 978-1-6654-3771-4 10.1109/IEEM50564.2021.9673074 1 RaphaelKiesel FalkBoehm JanPennekamp Robert H.Schmitt inproceedings 2021-krude-nfp-pred 2021 12 7 maki https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-krude-nfp-pred.pdf ACM The 17th International Conference on emerging Networking EXperiments and Technologies (CoNEXT '21) 978-1-4503-9098-9/21/12 10.1145/3485983.3494842 1 JohannesKrude JanRüth DanielSchemmel FelixRath Iohannes-HeorhFolbort KlausWehrle inproceedings 2021-kunze-spin-tracker 2021 12 7 15–21 https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-kunze-spin-tracker.pdf ACM Proceedings of the 2021 Workshop on Evolution, Performance and Interoperability of QUIC (EPIQ '21) 9781450391351 10.1145/3488660.3493804 1 IkeKunze ConstantinSander KlausWehrle JanRüth inproceedings 2021_pennekamp_bootstrapping 2021 11 15 RWTH-2021-09499 In addition to quality improvements and cost reductions, dynamic and flexible business relationships are expected to become more important in the future to account for specific customer change requests or small-batch production. Today, despite reservation, sensitive information must be shared upfront between buyers and sellers. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness following information leaks or breaches of their privacy. To address this issue, the concepts of confidential computing and cloud computing come to mind as they promise to offer scalable approaches that preserve the privacy of participating companies. In particular, designs building on confidential computing can help to technically enforce privacy. Moreover, cloud computing constitutes an elegant design choice to scale these novel protocols to industry needs while limiting the setup and management overhead for practitioners. Thus, novel approaches in this area can advance the status quo of bootstrapping new relationships as they provide privacy-preserving alternatives that are suitable for immediate deployment. bootstrapping procurement; business relationships; secure industrial collaboration; privacy; Internet of Production internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-bootstrapping.pdf RWTH Aachen University Blitz Talk at the 2021 Cloud Computing Security Workshop (CCSW '21), co-located with the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS '21), November 15-19, 2021, Seoul, Korea RWTH Aachen University Seoul, Korea November 14, 2021 10.18154/RWTH-2021-09499 JanPennekamp FrederikFuhrmann MarkusDahlmanns TimoHeutmann AlexanderKreppein DennisGrunert ChristophLange Robert H.Schmitt KlausWehrle article 2021_kretschmer_cookies ACM Transactions on the Web 2021 11 1 15 4 The General Data Protection Regulation (GDPR) is in effect since May of 2018. As one of the most comprehensive pieces of legislation concerning privacy, it sparked a lot of discussion on the effect it would have on users and providers of online services in particular, due to the large amount of personal data processed in this context. Almost three years later, we are interested in revisiting this question to summarize the impact this new regulation has had on actors in the World Wide Web. Using Scopus, we obtain a vast corpus of academic work to survey studies related to changes on websites since and around the time, the GDPR went into force. Our findings show that the emphasis on privacy increased w.r.t. online services, but plenty potential for improvements remains. Although online services are on average more transparent regarding data processing practices in their public data policies, a majority of these policies still either lack information required by the GDPR (e.g., contact information for users to file privacy inquiries), or do not provide this information in a user-friendly form. Additionally, we summarize that online services more often provide means for their users to opt out of data processing, but regularly obstruct convenient access to such means through unnecessarily complex and sometimes illegitimate interface design. Our survey further details that this situation contradicts the preferences expressed by users both verbally and through their actions, and researchers have proposed multiple approaches to facilitate GDPR-conform data processing without negatively impacting the user experience. Thus, we compiled reoccurring points of criticism by privacy researchers and data protection authorities into a list of four guidelines for service providers to consider. Cookies; Privacy; GDPR; Web; Privacy Legislation; Fingerprinting https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-kretschmer-tweb-cookies.pdf ACM 1559-1131 10.1145/3466722 1 MichaelKretschmer JanPennekamp KlausWehrle techreport draft-kunze-coinrg-transport-issues-05 2021 10 draft-kunze-coinrg-transport-issues-05 Expires: 28 April 2022 (work in progress) https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/draft-kunze-coinrg-transport-issues-05.pdf https://datatracker.ietf.org/doc/draft-kunze-coinrg-transport-issues/ IETF Trust Internet Drafts Internet Engineering Task Force Internet Engineering Task Force IkeKunze KlausWehrle DirkTrossen article 2021_pennekamp_accountable_manufacturing Automation 2021 9 13 2 3 202-219 The Internet of Things provides manufacturing with rich data for increased automation. Beyond company-internal data exploitation, the sharing of product and manufacturing process data along and across supply chains enables more efficient production flows and product lifecycle management. Even more, data-based automation facilitates short-lived ad hoc collaborations, realizing highly dynamic business relationships for sustainable exploitation of production resources and capacities. However, the sharing and use of business data across manufacturers and with end customers add requirements on data accountability, verifiability, and reliability and needs to consider security and privacy demands. While research has already identified blockchain technology as a key technology to address these challenges, current solutions mainly evolve around logistics or focus on established business relationships instead of automated but highly dynamic collaborations that cannot draw upon long-term trust relationships. We identify three open research areas on the road to such a truly accountable and dependable manufacturing enabled by blockchain technology: blockchain-inherent challenges, scenario-driven challenges, and socio-economic challenges. Especially tackling the scenario-driven challenges, we discuss requirements and options for realizing a blockchain-based trustworthy information store and outline its use for automation to achieve a reliable sharing of product information, efficient and dependable collaboration, and dynamic distributed markets without requiring established long-term trust. blockchain; supply chain management; Industry 4.0; manufacturing; secure industrial collaboration; scalability; Industrial Internet of Things; Internet of Production internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-manufacturing.pdf MDPI 2673-4052 10.3390/automation2030013 1 JanPennekamp RomanMatzutt Salil S.Kanhere JensHiller KlausWehrle article 2021_matzutt_coinprune_v2 IEEE Transactions on Network and Service Management 2021 9 10 18 3 3064-3078 Popular cryptocurrencies continue to face serious scalability issues due to their ever-growing blockchains. Thus, modern blockchain designs began to prune old blocks and rely on recent snapshots for their bootstrapping processes instead. Unfortunately, established systems are often considered incapable of adopting these improvements. In this work, we present CoinPrune, our block-pruning scheme with full Bitcoin compatibility, to revise this popular belief. CoinPrune bootstraps joining nodes via snapshots that are periodically created from Bitcoin's set of unspent transaction outputs (UTXO set). Our scheme establishes trust in these snapshots by relying on CoinPrune-supporting miners to mutually reaffirm a snapshot's correctness on the blockchain. This way, snapshots remain trustworthy even if adversaries attempt to tamper with them. Our scheme maintains its retrospective deployability by relying on positive feedback only, i.e., blocks containing invalid reaffirmations are not rejected, but invalid reaffirmations are outpaced by the benign ones created by an honest majority among CoinPrune-supporting miners. Already today, CoinPrune reduces the storage requirements for Bitcoin nodes by two orders of magnitude, as joining nodes need to fetch and process only 6 GiB instead of 271 GiB of data in our evaluation, reducing the synchronization time of powerful devices from currently 7 h to 51 min, with even larger potential drops for less powerful devices. CoinPrune is further aware of higher-level application data, i.e., it conserves otherwise pruned application data and allows nodes to obfuscate objectionable and potentially illegal blockchain content from their UTXO set and the snapshots they distribute. blockchain; block pruning; synchronization; bootstrapping; scalability; velvet fork; Bitcoin mynedata; impact_digital; digital_campus https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-matzutt-coinprune-v2.pdf English 1932-4537 10.1109/TNSM.2021.3073270 1 RomanMatzutt BenediktKalde JanPennekamp ArthurDrichel MartinHenze KlausWehrle inproceedings 2021-kunze-efm-evaluation 2021 7 22 - 28 /fileadmin/papers/2021/2021-kunze-efm-evaluation.pdf ACM ANRW '21: Proceedings of the Applied Networking Research Workshop Virtual Event Applied Networking Research Workshop (ANRW '21) July 2021 10.1145/3472305.3472319 1 IkeKunze KlausWehrle JanRüth inproceedings 2021-kunze-signal-detection 2021 6 10 internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-kunze-signal-detection.pdf IEEE Proceedings of the 2021 IEEE 30th International Symposium on Industrial Electronics (ISIE) 978-1-7281-9023-5 2163-5145 10.1109/ISIE45552.2021.9576221 1 IkeKunze PhilippNiemietz LiamTirpitz RenéGlebke DanielTrauth ThomasBergs KlausWehrle inproceedings 2021-glebke-service-based-forwarding 2021 6 10 reflexes /fileadmin/papers/2021/2021-glebke-service-based-forwarding.pdf IEEE Proceedings of the 2021 IEEE International Conference on High Performance Switching and Routing: Workshop on Semantic Addressing and Routing for Future Networks (SARNET-21) 978-1-6654-4005-9 2325-5609 10.1109/HPSR52026.2021.9481814 1 RenéGlebke DirkTrossen IkeKunze DavidLou JanRüth MirkoStoffers KlausWehrle inproceedings 2021-kunze-coordinate-transformation 2021 5 11 334-340 in-network computing; latency; approximation internet-of-production,reflexes https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-kunze-coordinate-transformation.pdf IEEE Proceedings of the 4th IEEE International Conference on Industrial Cyber-Physical Systems (ICPS '21) 978-1-7281-6207-2 10.1109/ICPS49255.2021.9468247 1 IkeKunze RenéGlebke JanScheiper MatthiasBodenbenner Robert H.Schmitt KlausWehrle article 2021_buckhorst_lmas Procedia CIRP 2021 5 3 99 448-453 Assembly systems must provide maximum flexibility qualified by organization and technology to offer cost-compliant performance features to differentiate themselves from competitors in buyers' markets. By mobilization of multipurpose resources and dynamic planning, Line-less Mobile Assembly Systems (LMASs) offer organizational reconfigurability. By proposing a holarchy to combine LMASs with the concept of an Internet of Production (IoP), we enable LMASs to source valuable information from cross-level production networks, physical resources, software nodes, and data stores that are interconnected in an IoP. The presented holarchy provides a concept of how to address future challenges, meet the requirements of shorter lead times, and unique lifecycle support. The paper suggests an application of decision making, distributed sensor services, recommender-based data reduction, and in-network computing while considering safety and human usability alike. Proceedings of the 14th CIRP Conference on Intelligent Computation in Manufacturing Engineering (ICME '20), July 14-17, 2020, Gulf of Naples, Italy Internet of Production; Line-less Mobile Assembly System; Industrial Assembly; Smart Factory internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-buckhorst-holarchy.pdf Elsevier Gulf of Naples, Italy July 14-17, 2020 2212-8271 10.1016/j.procir.2021.03.064 1 Armin F.Buckhorst BenjaminMontavon DominikWolfschläger MelanieBuchsbaum AmirShahidi HenningPetruck IkeKunze JanPennekamp ChristianBrecher MathiasHüsing BurkhardCorves VerenaNitsch KlausWehrle Robert H.Schmitt article 2021_bader_privaccichain Information Processing & Management 2021 5 1 58 3 The benefits of information sharing along supply chains are well known for improving productivity and reducing costs. However, with the shift towards more dynamic and flexible supply chains, privacy concerns severely challenge the required information retrieval. A lack of trust between the different involved stakeholders inhibits advanced, multi-hop information flows, as valuable information for tracking and tracing products and parts is either unavailable or only retained locally. Our extensive literature review of previous approaches shows that these needs for cross-company information retrieval are widely acknowledged, but related work currently only addresses them insufficiently. To overcome these concerns, we present PrivAccIChain, a secure, privacy-preserving architecture for improving the multi-hop information retrieval with stakeholder accountability along supply chains. To address use case-specific needs, we particularly introduce an adaptable configuration of transparency and data privacy within our design. Hence, we enable the benefits of information sharing as well as multi-hop tracking and tracing even in supply chains that include mutually distrusting stakeholders. We evaluate the performance of PrivAccIChain and demonstrate its real-world feasibility based on the information of a purchasable automobile, the e.GO Life. We further conduct an in-depth security analysis and propose tunable mitigations against common attacks. As such, we attest PrivAccIChain's practicability for information management even in complex supply chains with flexible and dynamic business relationships. multi-hop collaboration; tracking and tracing; Internet of Production; e.GO; attribute-based encryption internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-bader-ipm-privaccichain.pdf Elsevier 0306-4573 10.1016/j.ipm.2021.102529 1 LennartBader JanPennekamp RomanMatzutt DavidHedderich MarkusKowalski VolkerLücken KlausWehrle inproceedings 2021-kunze-aqm-tofino-p4 2021 5 72-80 internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-kunze-aqm-tofino-p4.pdf IFIP/IEEE Proceedings of the International Symposium on Integrated Network Management (IM '21) Virtual Event International Symposium on Integrated Network Management (IM '21) May 2021 978-1-7281-9041-9 1 IkeKunze MoritzGunz DavidSaam KlausWehrle JanRüth inproceedings 2021-sander-zoom-cc 2021 3 internet-of-production /fileadmin/papers/2021/2021-sander-zoom-fairness-aqm.pdf https://arxiv.org/abs/2107.00904 Springer Proceedings of the Passive and Active Measurement Conference (PAM '21) Passive and Active Measurement Conference (PAM 2021) 10.1007/978-3-030-72582-2_1 1 ConstantinSander IkeKunze KlausWehrle JanRüth inproceedings 2020-kirchhof-wowmom-ccncps 2020 8 31 internet-of-production, reflexes https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-kirchhof-wireless-mac-improvements.pdf IEEE Computer Society online International Symposium on a World of Wireless, Mobile and Multimedia Networks: Workshop on Communication, Computing, and Networking in Cyber Physical Systems (WoWMoM-CCNCPS'2020), August 31 - September 3, 2020, Cork, Ireland Cork, Ireland August 31 - September 3, 2020 10.1109/WoWMoM49955.2020.00068 1 Jörg ChristianKirchhof MartinSerror RenéGlebke KlausWehrle article 2020_niemietz_stamping Procedia Manufacturing 2020 7 11 49 61-68 Sharing data between companies throughout the supply chain is expected to be beneficial for product quality as well as for the economical savings in the manufacturing industry. To utilize the available data in the vision of an Internet of Production (IoP) a precise condition monitoring of manufacturing and production processes that facilitates the quantification of influences throughout the supply chain is inevitable. In this paper, we consider stamping processes in the context of an Internet of Production and the preliminaries for analytical models that utilize the ever-increasing available data. Three research objectives to cope with the amount of data and for a methodology to monitor, analyze and evaluate the influence of available data onto stamping processes have been identified: (i) State detection based on cyclic sensor signals, (ii) mapping of in- and output parameter variations onto process states, and (iii) models for edge and in-network computing approaches. After discussing state-of-the-art approaches to monitor stamping processes and the introduction of the fineblanking process as an exemplary stamping process, a research roadmap for an IoP enabling modeling framework is presented. Proceedings of the 8th International Conference on Through-Life Engineering Service (TESConf '19), October 27-29, 2019, Cleveland, OH, USA Stamping Process; Industry 4.0; Fine-blanking; Internet of production; Condition monitoring; Data analytics internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-niemietz-stamping-modelling.pdf Elsevier Cleveland, OH, USA October 27-29, 2019 2351-9789 10.1016/j.promfg.2020.06.012 1 PhilippNiemietz JanPennekamp IkeKunze DanielTrauth KlausWehrle ThomasBergs proceedings 2020-jacobs-euras 2020 6 29 15 Kai Jakobs, Dong-hyu Kim Mainz Publishers EURAS Contributions to Standardisation Research 9783958863552 KaiJakobs Dong-hyuKim inproceedings 2020_matzutt_coinprune 2020 6 24 298-306 Bitcoin was the first successful decentralized cryptocurrency and remains the most popular of its kind to this day. Despite the benefits of its blockchain, Bitcoin still faces serious scalability issues, most importantly its ever-increasing blockchain size. While alternative designs introduced schemes to periodically create snapshots and thereafter prune older blocks, already-deployed systems such as Bitcoin are often considered incapable of adopting corresponding approaches. In this work, we revise this popular belief and present CoinPrune, a snapshot-based pruning scheme that is fully compatible with Bitcoin. CoinPrune can be deployed through an opt-in velvet fork, i.e., without impeding the established Bitcoin network. By requiring miners to publicly announce and jointly reaffirm recent snapshots on the blockchain, CoinPrune establishes trust into the snapshots' correctness even in the presence of powerful adversaries. Our evaluation shows that CoinPrune reduces the storage requirements of Bitcoin already by two orders of magnitude today, with further relative savings as the blockchain grows. In our experiments, nodes only have to fetch and process 5 GiB instead of 230 GiB of data when joining the network, reducing the synchronization time on powerful devices from currently 5 h to 46 min, with even more savings for less powerful devices. blockchain; block pruning; synchronization; bootstrapping; scalability; velvet fork; Bitcoin mynedata; impact_digital; digital_campus https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-matzutt-coinprune.pdf https://coinprune.comsys.rwth-aachen.de IEEE Proceedings of the 19th IFIP Networking 2020 Conference (NETWORKING '20), June 22-26, 2020, Paris, France Paris, France NETWORKING 2020 June 22-26, 2020 978-3-903176-28-7 1 RomanMatzutt BenediktKalde JanPennekamp ArthurDrichel MartinHenze KlausWehrle inproceedings 2020-mann-ur-weldseamstudy 2020 6 https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-mann-weld-seam-geometry-control.pdf Proceedings of the 2020 Internal Conference on Ubiquitous Robots Internal Conference on Ubiquitous Robots June 22-26, 2020 10.1109/UR49135.2020.9144839 1 SamuelMann RenéGlebke IkeKunze DominikScheurenberg RahulSharma UweReisgen KlausWehrle DirkAbel article 2020_gleim_factDAG IEEE Internet of Things Journal 2020 4 14 7 4 3243-3253 In the production industry, the volume, variety and velocity of data as well as the number of deployed protocols increase exponentially due to the influences of IoT advances. While hundreds of isolated solutions exist to utilize this data, e.g., optimizing processes or monitoring machine conditions, the lack of a unified data handling and exchange mechanism hinders the implementation of approaches to improve the quality of decisions and processes in such an interconnected environment. The vision of an Internet of Production promises the establishment of a Worldwide Lab, where data from every process in the network can be utilized, even interorganizational and across domains. While numerous existing approaches consider interoperability from an interface and communication system perspective, fundamental questions of data and information interoperability remain insufficiently addressed. In this paper, we identify ten key issues, derived from three distinctive real-world use cases, that hinder large-scale data interoperability for industrial processes. Based on these issues we derive a set of five key requirements for future (IoT) data layers, building upon the FAIR data principles. We propose to address them by creating FactDAG, a conceptual data layer model for maintaining a provenance-based, directed acyclic graph of facts, inspired by successful distributed version-control and collaboration systems. Eventually, such a standardization should greatly shape the future of interoperability in an interconnected production industry. Data Management; Data Versioning; Interoperability; Industrial Internet of Things; Worldwide Lab internet-of-production https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-gleim-iotj-iop-interoperability.pdf IEEE 2327-4662 10.1109/JIOT.2020.2966402 1 LarsGleim JanPennekamp MartinLiebenberg MelanieBuchsbaum PhilippNiemietz SimonKnape AlexanderEpple SimonStorms DanielTrauth ThomasBergs ChristianBrecher StefanDecker GerhardLakemeyer KlausWehrle inproceedings 2020-kosek-tcp-conformance 2020 3 30 maki https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-kosek-tcp-conformance-v2.pdf https://arxiv.org/abs/2002.05400 Springer Proceedings of the Passive and Active Measurement Conference (PAM '20) Eugene, Oregon, USA Passive and Active Measurement Conference (PAM 2020) 30.03.2020 - 31.03.2020 en https://doi.org/10.1007/978-3-030-44081-7_8 1 MikeKosek LeoBlöcher JanRüth TorstenZimmermann OliverHohlfeld article 2020-wehrle-digitalshadows Der Profilbereich "Information & Communication Technology" 2020 0179-079X 10.18154/RWTH-2021-02496 MatthiasJarke Wilvan der Aalst ChristianBrecher MatthiasBrockmann IstvánKoren GerhardLakemeyer BernhardRumpe GüntherSchuh KlausWehrle MartinaZiefle article 2019-kunze-ccwild-tnsm IEEE Transactions on Network and Service Management 2019 12 27 17 2 1224 - 1238 https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-kunze-ccwild-tnsm.pdf 1932-4537 10.1109/TNSM.2019.2962607 1 IkeKunze JanRüth OliverHohlfeld inproceedings 2019-krude-online-reprogramming 2019 12 9 maki https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-krude-online-reprogramming.pdf ACM 1st ACM CoNEXT Workshop on Emerging in-Network Computing Paradigms (ENCP '19) 978-1-4503-7000-4/19/12 10.1145/3359993.3366643 1 JohannesKrude JacoHofmann MatthiasEichholz KlausWehrle AndreasKoch MiraMezini inproceedings 2019-glebke-in-network-cv 2019 12 9 reflexes,maki,internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-glebke-in-network-cv.pdf Online ACM 1st ACM CoNEXT Workshop on Emerging in-Network Computing Paradigms (ENCP '19) en 978-1-4503-7000-4/19/12 10.1145/3359993.3366646 1 RenéGlebke JohannesKrude IkeKunze JanRüth FelixSenger KlausWehrle inproceedings 2019-hiller-aeit-regaining 2019 9 Smart Grids require extensive communication to enable safe and stable energy supply in the age of decentralized and dynamic energy production and consumption. To protect the communication in this critical infrastructure, public authorities mandate smart meter gateways (SMGWs) to intercept all inbound and outbound communication of premises such as a factory or smart home, and forward the communication data on secure channels established by the SMGW itself to be in control of the communication security. However, using the SMGW as proxy, local devices can neither review the security of these remote connections established by the SMGW nor enforce higher security guarantees than established by the all in one configuration of the SMGW which does not allow for use case-specific security settings. We present mechanisms that enable local devices to regain this insight and control over the full connection, i.e., up to the final receiver, while retaining the SMGW's ability to ensure a suitable security level. Our evaluation shows modest computation and transmission overheads for this increased security in the critical smart grid infrastructure. ECSEL; European Union (EU); Horizon 2020; CONNECT Innovative smart components, modules and appliances for a truly connected, efficient and secure smart grid; Grant Agreement No 737434 connect https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-hiller-aeit-regaining.pdf IEEE Proceedings of the 2019 AEIT International Annual Conference, September 18-20, 2019, Firenze, Italy Firenze, Italy AEIT International Annual Conference September 18-20, 2019 978-8-8872-3745-0 10.23919/AEIT.2019.8893406 1 JensHiller KarstenKomanns MarkusDahlmanns KlausWehrle inproceedings 2019-krude-chain-opt 2019 8 23 With the move of Software-defined networking from fixed to programmable data planes, network functions are written with P4 or eBPF for targets such as programmable switches, CPU based flow processors and commodity CPUs. These data plane programs are, however, limited in per-packet time budget (e.g., 67.2 ns at 10GbE) and program size, making program optimization imperative. Existing approaches focus on optimizing the distribution of flow rules in fixed data planes or they are limited to a single switch. We see great potential in integrating the network topology into program optimization. maki https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-krude-chain-opt.pdf ACM NetPL '19: ACM SIGCOMM Workshop on Networking and Programming Languages Beijing, China 978-1-4503-6877-3/19/08 10.1145/3341561.3349590 1 JohannesKrude MatthiasEichholz MaximilianWinck KlausWehrle MiraMezini inproceedings 2019-hohlfeld-bpfperf 2019 6 25 maki,reflexes https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-hohlfeld-bpfperf.pdf IEEE IEEE International Conference on Network Softwarization (NetSoft) IEEE International Conference on Network Softwarization 10.1109/NETSOFT.2019.8806651 1 OliverHohlfeld JohannesKrude Jens HelgeReelfs JanRüth KlausWehrle inproceedings 2019-rueth-ccfness 2019 6 19 maki https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-rueth-ccfness.pdf https://arxiv.org/abs/1905.07152 IFIP/IEEE In Proceedings of the Network Traffic Measurement and Analysis Conference (TMA '19) Paris, France Network Traffic Measurement and Analysis Conference 19.06.2019 - 21.06.2019 10.23919/TMA.2019.8784684 1 JanRüth IkeKunze OliverHohlfeld inproceedings 2019_pennekamp_infrastructure 2019 5 8 31-37 New levels of cross-domain collaboration between manufacturing companies throughout the supply chain are anticipated to bring benefits to both suppliers and consumers of products. Enabling a fine-grained sharing and analysis of data among different stakeholders in an automated manner, such a vision of an Internet of Production (IoP) introduces demanding challenges to the communication, storage, and computation infrastructure in production environments. In this work, we present three example cases that would benefit from an IoP (a fine blanking line, a high pressure die casting process, and a connected job shop) and derive requirements that cannot be met by today’s infrastructure. In particular, we identify three orthogonal research objectives: (i) real-time control of tightly integrated production processes to offer seamless low-latency analysis and execution, (ii) storing and processing heterogeneous production data to support scalable data stream processing and storage, and (iii) secure privacy-aware collaboration in production to provide a basis for secure industrial collaboration. Based on a discussion of state-of-the-art approaches for these three objectives, we create a blueprint for an infrastructure acting as an enabler for an IoP. Internet of Production; Cyber-Physical Systems; Data Processing; Low Latency; Secure Industrial Collaboration internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-pennekamp-iop-infrastructure.pdf IEEE Proceedings of the 2nd IEEE International Conference on Industrial Cyber-Physical Systems (ICPS '19), May 6-9, 2019, Taipei, TW Taipei, TW May 6-9, 2019 978-1-5386-8500-6/19 10.1109/ICPHYS.2019.8780276 1 JanPennekamp RenéGlebke MartinHenze TobiasMeisen ChristophQuix RihanHai LarsGleim PhilippNiemietz MaximilianRudack SimonKnape AlexanderEpple DanielTrauth UweVroomen ThomasBergs ChristianBrecher AndreasBührig-Polaczek MatthiasJarke KlausWehrle article rueth:iw:TNSM19 IEEE Transactions on Network and Service Management 2019 1 30 16 2 389--402 maki http://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-rueth-iwtnsm.pdf 1932-4537 10.1109/TNSM.2019.2896335 1 JanRüth IkeKunze OliverHohlfeld article 2019_wehrle_dagstuhl_beginners ACM SIGCOMM Computer Communication Review 2019 1 49 1 24-30 Reproducibility is one of the key characteristics of good science, but hard to achieve for experimental disciplines like Internet measurements and networked systems. This guide provides advice to researchers, particularly those new to the field, on designing experiments so that their work is more likely to be reproducible and to serve as a foundation for follow-on work by others. 0146-4833 10.1145/3314212.3314217 VaibhavBajpai AnnaBrunstrom AnjaFeldmann WolfgangKellerer AikoPras HenningSchulzrinne GeorgiosSmaragdakis MatthiasWählisch KlausWehrle inproceedings 2018-krude-circuit 2018 8 20 1-7 maki https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-krude-xocks.pdf ACM Proceedings of the 2018 Afternoon Workshop on Kernel Bypassing Networks (KBNets'18) Budapest, Hungary Afternoon Workshop on Kernel Bypassing Networks 20.8.2018 10.1145/3229538.3229539 1 JohannesKrude MirkoStoffers KlausWehrle inproceedings 2018-hiller-ic2e-cpplintegration 2018 4 19 241-249 ssiclops,iop https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-hiller-ic2e-policy-aware-cloud.pdf https://ieeexplore.ieee.org/document/8360335 IEEE Proceedings of the 2018 IEEE International Conference on Cloud Engineering (IC2E 2018), Orlando, Florida, USA Orlando, Florida, USA 2018 IEEE International Conference on Cloud Engineering (IC2E 2018) 2018-04-19 978-1-5386-5008-0 10.1109/IC2E.2018.00050 1 JensHiller MaelKimmerlin MaxPlauth SeppoHeikkila StefanKlauck VilleLindfors FelixEberhardt DariuszBursztynowski Jesus LlorenteSantos OliverHohlfeld KlausWehrle conference 2017-fink-brainlab-gmds 2017 8 29 Best Abstract Award https://www.egms.de/static/en/meetings/gmds2017/17gmds137.shtml 06.09.19 German Medical Science GMS Publishing House (2017) 62. Jahrestagung der Deutschen Gesellschaft für Medizinische Informatik, Biometrie und Epidemiologie e.V. (GMDS). Oldenburg GMDS 2017 17-21 September 2017 10.3205/17gmds137 1 Ina BereniceFink BerndHankammer ThomasStopinski YannicTitgemeyer RoannRamos EkaterinaKutafina Jó AgilaBitsch Stephan MichaelJonas proceedings 2017-SymPerfPoster 2017 8 21 spp,erc,symbiosys,reflexes https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-rath-sym-perf-poster.pdf ACM Los Angeles, USA ACM SIGCOMM 2017 Poster 21.8.2017 - 25.8.2017 en 978-1-4503-5057-0/17/08 10.1145/3123878.3131977 1 FelixRath JohannesKrude JanRüth DanielSchemmel OliverHohlfeld Jó AgilaBitsch Link KlausWehrle article 2017-ziegeldorf-bmcmedgenomics-bloom BMC Medical Genomics 2017 7 26 10 Suppl 2 29-42 Whole genome sequencing has become fast, accurate, and cheap, paving the way towards the large-scale collection and processing of human genome data. Unfortunately, this dawning genome era does not only promise tremendous advances in biomedical research but also causes unprecedented privacy risks for the many. Handling storage and processing of large genome datasets through cloud services greatly aggravates these concerns. Current research efforts thus investigate the use of strong cryptographic methods and protocols to implement privacy-preserving genomic computations. We propose FHE-Bloom and PHE-Bloom, two efficient approaches for genetic disease testing using homomorphically encrypted Bloom filters. Both approaches allow the data owner to securely outsource storage and computation to an untrusted cloud. FHE-Bloom is fully secure in the semi-honest model while PHE-Bloom slightly relaxes security guarantees in a trade-off for highly improved performance. We implement and evaluate both approaches on a large dataset of up to 50 patient genomes each with up to 1000000 variations (single nucleotide polymorphisms). For both implementations, overheads scale linearly in the number of patients and variations, while PHE-Bloom is faster by at least three orders of magnitude. For example, testing disease susceptibility of 50 patients with 100000 variations requires only a total of 308.31 s (σ=8.73 s) with our first approach and a mere 0.07 s (σ=0.00 s) with the second. We additionally discuss security guarantees of both approaches and their limitations as well as possible extensions towards more complex query types, e.g., fuzzy or range queries. Both approaches handle practical problem sizes efficiently and are easily parallelized to scale with the elastic resources available in the cloud. The fully homomorphic scheme, FHE-Bloom, realizes a comprehensive outsourcing to the cloud, while the partially homomorphic scheme, PHE-Bloom, trades a slight relaxation of security guarantees against performance improvements by at least three orders of magnitude. Proceedings of the 5th iDASH Privacy and Security Workshop 2016 Secure outsourcing; Homomorphic encryption; Bloom filters sscilops; mynedata; rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-ziegeldorf-bmcmedgenomics-bloom.pdf Online BioMed Central Chicago, IL, USA November 11, 2016 en 1755-8794 10.1186/s12920-017-0277-y 1 Jan HenrikZiegeldorf JanPennekamp DavidHellmanns FelixSchwinger IkeKunze MartinHenze JensHiller RomanMatzutt KlausWehrle article dombrowski-vdi VDE Positionspapier 2017 6 1 VDE - Verband der Elektrotechnik, Elektronik, Informationstechnik e.V.

Stresemannallee 15, 60596 Frankfurt am Main, Germany

IsmetAktas AlexanderBentkus FlorianBonanati ArminDekorsy ChristianDombrowski MichaelDoubrava AliGolestani FrankHofmann MikeHeidrich StefanHiensch RüdigerKays MichaelMeyer AndreasMüller Stephanten Brink NedaPetreska MilanPopovic LutzRauchhaupt AhmadSaad HansSchotten ChristophWöste IngoWolff inproceedings 2017-serror-pads-cows 2017 5 24 memosim,symbiosys https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-serror-pads-cows.pdf ACM online Proceedings of the 5th ACM SIGSIM/PADS Conference on Principles of Advanced Discrete Simulation (SIGSIM-PADS’17), Singapore, Singapore Singapore, Singapore 5th ACM SIGSIM/PADS Conference on Principles of Advanced Discrete Simulation (SIGSIM-PADS’17) May 24-26, 2017 978-1-4503-4489-0 10.1145/3064911.3064913 1 MartinSerror Jörg ChristianKirchhof MirkoStoffers KlausWehrle JamesGross conference 2017-fink-brainlab 2017 4 24 2 /fileadmin/papers/2017/2017-fink-brainlab.pdf http://informaticsforhealth.org/wp-content/uploads/2017/04/IFH2017-Digital-Programme.pdf 2017-05-09 Online Informatics for Health 2017, Manchester UK Manchester, UK Informatics for Health 2017, Manchester UK 24-26 April 2017 en 1 Ina BereniceFink BerndHankammer ThomasStopinsky RoannRamos EkaterinaKutafina Jó AgilaBitsch Link StephanJonas inproceedings 2017-matzutt-mynedata 2017 1073-1084 Personal user data is collected and processed at large scale by a handful of big providers of Internet services. This is detrimental to users, who often do not understand the privacy implications of this data collection, as well as to small parties interested in gaining insights from this data pool, e.g., research groups or small and middle-sized enterprises. To remedy this situation, we propose a transparent and user-controlled data market in which users can directly and consensually share their personal data with interested parties for monetary compensation. We define a simple model for such an ecosystem and identify pressing challenges arising within this model with respect to the user and data processor demands, legal obligations, and technological limits. We propose myneData as a conceptual architecture for a trusted online platform to overcome these challenges. Our work provides an initial investigation of the resulting myneData ecosystem as a foundation to subsequently realize our envisioned data market via the myneData platform. Presentation slides are in German Personal User Data, Personal Information Management, Data Protection Laws, Privacy Enhancing Technologies, Platform Design, Profiling mynedata_show https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-matzutt-informatik-mynedata.pdf https://www.comsys.rwth-aachen.de/fileadmin/misc/mynedata/talks/2017-matzutt-informatik-mynedata-presentation.pdf Presentation slides Eibl, Maximilian and Gaedke, Martin Gesellschaft für Informatik, Bonn INFORMATIK 2017 Chemnitz INFORMATIK 2017 2017-09-28 English 978-3-88579-669-5 1617-5468 10.18420/in2017_109 1 RomanMatzutt DirkMüllmann Eva-MariaZeissig ChristianeHorst KaiKasugai SeanLidynia SimonWieninger Jan HenrikZiegeldorf GerhardGudergan IndraSpiecker gen. Döhmann KlausWehrle MartinaZiefle inproceedings 2016-henze-cloudcom-trinics 2016 12 12 366-370 trinics https://www.comsys.rwth-aachen.de/fileadmin/papers/2016/2016-henze-cloudcom-trinics.pdf Online IEEE Proceedings of the 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Luxembourg, Luxembourg en 978-1-5090-1445-3 10.1109/CloudCom.2016.0064 1 MartinHenze DanielKerpen JensHiller MichaelEggert DavidHellmanns ErikMühmer OussamaRenuli HenningMaier ChristianStüble RogerHäußling KlausWehrle inproceedings 2016-ahmed-sensys-poster-incremental 2016 11 14 1--2 We propose incremental checkpointing techniques enabling transiently powered devices to retain computational state across multiple activation cycles. As opposed to the existing approaches, which checkpoint complete program state, the proposed techniques keep track of modified RAM locations to incrementally update the retained state in secondary memory, significantly reducing checkpointing overhead both in terms of time and energy. /fileadmin/misc/2016/2016-ahmed-sensys-poster-incremental.pdf http://dl.acm.org/citation.cfm?id=2996701 2016-11-20 http://sensys.acm.org/2016/ Online ACM Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems (SenSys 2016), Stanford, CA, USA Stanford, CA, USA Sensys '16 November 14-16, 2016 en 978-1-4503-4263-6/16/11 http://dx.doi.org/10.1145/2994551.2996701 1 SaadAhmed HassanKhan Junaid HaroonSiddiqui Jó AgilaBitsch Link Muhammad HamadAlizai inproceedings DombrowskiSRDS16 2016 9 27 307--316 fault tolerance;formal verification;protocols;wireless channels;EchoRing protocol;fault-tolerant methods;formal model-based verification;model-checking assisted protocol;probabilistic model checking;reliability constraints;safety-critical industrial applications;salient features;token loss;token-based system;ultrareliable low-latency wireless networks;unprecedented latency;wireless networking community;wireless protocols;wireless token-passing systems;Automata;Model checking;Payloads;Probabilistic logic;Protocols;Reliability;Wireless communication;Model checking;Probabilistic timed automata;Token passing;Wireless Industrial Networks;tool-assisted protocol design;validation cps,hodrian http://ieeexplore.ieee.org/document/7794360/ Proc. of IEEE 35th Symposium on Reliable Distributed Systems IEEE Budapest, Hungary IEEE 35th Symposium on Reliable Distributed Systems (SRDS) 10.1109/SRDS.2016.048 1 ChristianDombrowski SebastianJunges Joost-PieterKatoen JamesGross inproceedings 2016-ackermann-healthcom-eeg-emotion 2016 9 14 159--164 Automatic emotion recognition is an interdisciplinary research field which deals with the algorithmic detection of human affect, e.g. anger or sadness, from a variety of sources, such as speech or facial gestures. Apart from the obvious usage for industry applications in human-robot interaction, acquiring the emotional state of a person automatically also is of great potential for the health domain, especially in psychology and psychiatry. Here, evaluation of human emotion is often done using oral feedback or questionnaires during doctor-patient sessions. However, this can be perceived as intrusive by the patient. Furthermore, the evaluation can only be done in a non-continuous manner, e.g. once a week during therapy sessions. In contrast, using automatic emotion detection, the affect state of a person can be evaluated in a continuous non-intrusive manner, for example to detect early on-sets of depression. An additional benefit of automatic emotion recognition is the objectivity of such an approach, which is not influenced by the perception of the patient and the doctor. To reach the goal of objectivity, it is important, that the source of the emotion is not easily manipulable, e.g. as in the speech modality. To circumvent this caveat, novel approaches in emotion detection research the potential of using physiological measures, such as galvanic skin sensors or pulse meters. In this paper we outline a way of detecting emotion from brain waves, i.e., EEG data. While EEG allows for a continuous, real-time automatic emotion recognition, it furthermore has the charm of measuring the affect close to the point of emergence: the brain. Using EEG data for emotion detection is nevertheless a challenging task: Which features, EEG channel locations and frequency bands are best suited for is an issue of ongoing research. In this paper we evaluate the use of state of the art feature extraction, feature selection and classification algorithms for EEG emotion classification using data from the de facto standard dataset, DEAP. Moreover, we present results that help choose methods to enhance classification performance while simultaneously reducing computational complexity. /fileadmin/papers/2016/2016-ackermann-healthcom-emorec.pdf http://ieeehealthcom2016.com/ Online IEEE 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom) Munich, Germany 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom) September 14-17, 2016 en 978-1-5090-3370-6 1 PascalAckermann ChristianKohlschein Jó AgilaBitsch Link KlausWehrle SabinaJeschke article 2016-fgcs-henze-iotprivacy Future Generation Computer Systems 2016 3 56 701-718 ipacs https://www.comsys.rwth-aachen.de/fileadmin/papers/2016/2016-henze-fgcs-iotprivacy.pdf Online Elsevier en 0167-739X 10.1016/j.future.2015.09.016 1 MartinHenze LarsHermerschmidt DanielKerpen RogerHäußling BernhardRumpe KlausWehrle article 2016-kunz-tomacs-horizon ACM Transactions on Modeling and Computer Simulation (TOMACS) 2016 1 26 2 12:1--12:26 The technical evolution of wireless communication technology and the need for accurately modeling these increasingly complex systems causes a steady growth in the complexity of simulation models. At the same time, multi-core systems have become the de facto standard hardware platform. Unfortunately, wireless systems pose a particular challenge for parallel execution due to a tight coupling of network entities in space and time. Moreover, model developers are often domain experts with no in-depth understanding of parallel and distributed simulation. In combination, both aspects severely limit the performance and the efficiency of existing parallelization techniques. We address these challenges by presenting parallel expanded event simulation, a novel modeling paradigm that extends discrete events with durations which span a period in simulated time. The resulting expanded events form the basis for a conservative synchronization scheme that considers overlapping expanded events eligible for parallel processing. We furthermore put these concepts into practice by implementing Horizon, a parallel expanded event simulation framework specifically tailored to the characteristics of multi-core systems. Our evaluation shows that Horizon achieves considerable speedups in synthetic as well as real-world simulation models and considerably outperforms the current state-of-the-art in distributed simulation. Parallel discrete event simulation, Multi-core Systems, Wireless Systems, Simulation Modeling Paradigm, Conservative Synchronization horizon ACM en 10.1145/2832909 1 GeorgKunz MirkoStoffers OlafLandsiedel KlausWehrle JamesGross inproceedings 2015-ahfe-kowalewski-facebook Procedia Manufacturing 2015 7 3 815--822 Elsevier The 6th International Conference on Applied Humand Factors and Ergonomics (AHFE 2015), Las Vegas, NV, USA en 2351-9789 10.1016/j.promfg.2015.07.336 1 SylviaKowalewski MartinaZiefle Jan HenrikZiegeldorf KlausWehrle incollection 2013-wtc-eggert-sensorcloud 2014 12 14 203-218 sensorcloud fileadmin/papers/2013/2013-wtc-eggert-sensorcloud.pdf Online Krcmar, Helmut and Reussner, Ralf and Rumpe, Bernhard Springer Trusted Cloud Computing en 978-3-319-12717-0 10.1007/978-3-319-12718-7_13 1 MichaelEggert RogerHäußling MartinHenze LarsHermerschmidt RenéHummen DanielKerpen AntonioNavarro Pérez BernhardRumpe DirkThißen KlausWehrle inproceedings 2014-mass-wirtz-mafi 2014 10 fileadmin/papers/2014/2014-wirtz-mass-mafi.pdf Online IEEE Computer Society Proceedings of The 11th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (IEEE MASS 2014), Philadelphia, PA, USA Philadelphia, USA 11th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (IEEE MASS 2014) 27 - 30 October 2014 en 978-1-4799-6035-4 10.1109/MASS.2014.21 1 HannoWirtz GeorgKunz JohannesLaudenberg RobertBackhaus KlausWehrle inproceedings 2014-ficloud-henze-upecsi 2014 8 27 191-196 ipacs /fileadmin/papers/2014/2014-ficloud-henze-upecsi.pdf Online IEEE 2014 International Conference on Future Internet of Things and Cloud (FiCloud 2014), Barcelona, Spain Barcelona, Spain 2014 International Conference on Future Internet of Things and Cloud (FiCloud 2014) en 978-1-4799-4357-9 10.1109/FiCloud.2014.38 1 MartinHenze LarsHermerschmidt DanielKerpen RogerHäußling BernhardRumpe KlausWehrle conference 2014-hohlfeld-harvester 2014 6 http://downloads.ohohlfeld.com/paper/harvesters-asiaccs2014.pdf http://asiaccs2014.nict.go.jp/ ACM 9th ACM Symposium on Information, Computer and Communications Security 10.1145/2590296.2590302 1 GianlucaStringhini OliverHohlfeld ChristopherKruegel GiovanniVigna inproceedings 2014-stoffers-simutools-distributed-horizon 2014 3 17 31-40 horizon http://www.comsys.rwth-aachen.de/fileadmin/papers/2014/2014-stoffers-simutools-distributed-horizon.pdf Online ICST

Brussels, Belgium

Proceedings of the 7th International ICST Conference on Simulation Tools and Techniques (SIMUTools'14), Lisbon, Portugal Lisbon, Portugal en 978-1-63190-007-5 10.4108/icst.simutools.2014.254622 1 MirkoStoffers SaschaSchmerling GeorgKunz JamesGross KlausWehrle article HohlfeldCCR14 ACM SIGCOMM Computer Communication Review 2014 44 3 http://www.sigcomm.org/sites/default/files/ccr/papers/2014/July/0000000-0000013.pdf http://www.sigcomm.org/ccr/papers/2014/July ThomasKrenc OliverHohlfeld AnjaFeldmann inproceedings 2013-cloudcom-henze-cloud-data-handling 2013 12 2 266-269 ipacs fileadmin/papers/2013/2013-cloudcom-henze-cloud-data-handling.pdf Online IEEE Proceedings of the 2013 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Bristol, UK Bristol, UK 2013 IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2013) en 978-0-7695-5095-4 10.1109/CloudCom.2013.145 1 MartinHenze MarcelGroßfengels MaikKoprowski KlausWehrle techreport 2013-ceriotti-fgsn-appcentric 2013 9 13 SEEMOO-TR-2013-0 12. GI/ITG KuVS Fachgespräch "Drahtlose Sensornetze" TU Cottbus Technical Report MatteoCeriotti AlexandrKrylovskiy KlausWehrle techreport 2013-draft-garcia-core-security-06 2013 9 11 draft-garcia-core-security-06 A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things. Work in progress iotsec; ietf http://tools.ietf.org/html/draft-garcia-core-security-06 Online Internet Engineering Task Force Internet-Draft en OscarGarcia-Morchon Sye LoongKeoh Sandeep S.Kumar RenéHummen RenéStruik inproceedings 2013-sec-routing-switching-maki 2013 6 4 Proceedings of the 4th IEEE International Workshop on Data Security and Privacy in Wireless Networks (D-SPAN 2013) accepted 1 MarcWerner JörgKaiser MatthiasHollick EliasWeingaertner KlausWehrle inproceedings 2013-wisec-garcia-securing 2013 4 119--124 ACM Proceedings of the 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '13) (short paper) 978-1-4503-1998-0 10.1145/2462096.2462117 1 OscarGarcia-Morchon Sye LoongKeoh Sandeep S.Kumar PedroMoreno-Sanchez FranciscoVidal-Meca Jan HenrikZiegeldorf inproceedings 2013-pitsac-vidalmeca-hip 2013 3 25 1331 - 1336 The IP-based Internet of Things refers to the pervasive interactions of smart objects and people enabling new applications by means of IP protocols. An application scenario is a Smart City in which the city infrastructure, cars, and people exchange information to enable new services. IP protocols, such as IPv6, TCP and HTTP will be further complemented by IPv6 over Low powerWireless Personal Area Networks and Constrained Application Protocol currently in development in IETF. Security and privacy are a must for the IP-based IoTs in order to ensure its acceptance. However, mobility, limited bandwidth, and resource-constrained devices pose new challenges and require for a sound and efficient security architecture. In particular, dynamic association of mobile smart objects and the management of keys in large-scale networks remain an open challenge. In this context, we propose a flexible security architecture based on the Host Identity Protocol and Multimedia Internet KEYing protocols allowing for secure network association and key management. HIP - based on asymmetric-key cryptography - ensures unambiguous thing identification, mobility support, as well as a lightweight and secure method for network association. In our solution, HIP is extended with MIKEY capabilities to provide enhanced key management using polynomials, which allow to generate pairwise keys with any node based on its identity. This combination of protocols and crypto-algorithms ensures both strong security and very good performance as shown by our implementation and presents clear advantages compared with other alternatives. Internet of Things; Security; Network Access; Key Management Online IEEE Proceedings of the 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2013 Barcelona, Spain 25.-28.03.2013 en 10.1109/WAINA.2013.158 1 FranciscoVidal Meca Jan HenrikZiegeldorf OscarGarcia-Morchon Sandeep S.Kumar Sye LoongKeoh PedroMoreno-Sanchez techreport 2013-draft-garcia-core-security-05 2013 3 11 draft-garcia-core-security-05 A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things. Work in progress iotsec; ietf http://tools.ietf.org/html/draft-garcia-core-security-05 Online Internet Engineering Task Force Internet-Draft en OscarGarcia-Morchon Sye LoongKeoh Sandeep S.Kumar RenéHummen RenéStruik article 2013-wirtz-alizai-tinywifi-jnca Journal of Network and Computer Applications (JNCA) 2013 Co-primary authorship Alizai, Wirtz fileadmin/papers/2013/2013-wirtz-alizai-tinywifi-jnca.pdf http://www.sciencedirect.com/science/article/pii/S108480451300060X en 1084-8045 10.1016/j.jnca.2013.02.022 1 HannoWirtz Muhammad HamadAlizai BernhardKirchen KlausWehrle phdthesis 2013-kunz-phdthesis 2013 RWTH Aachen University GeorgKunz inproceedings 2012-IPIN-Peter-Versatile-Maps 2012 11 13 1--4 fileadmin/papers/2012/2012-bitsch-IPIN-vegemite.pdf http://www.surveying.unsw.edu.au/ipin2012/proceedings/session.php?code=6C&name=SLAM Online Li, Binghao Li and Gallagher, Thomas School of Surveying and Geospatial Engineering, University of New South Wales, Sydney, Australia Proceedings of the 2012 International Conference on Indoor Positioning and Indoor Navigation (IPIN), Sydney, Australia Sydney, Australia 2012 International Conference on Indoor Positioning and Indoor Navigation November 13--15, 2012 en 978-0-646-57851-4 1 MichaelPeter DieterFritsch BernhardtSchäfer AlfredKleusberg Jó AgilaBitsch Link KlausWehrle inproceedings 2012-wripe-sasnauskas-symnet 2012 10 6 S. kleenet fileadmin/papers/2012/2012-09-wripe-sasnauskas-SymNet.pdf Print Online

Piscataway, NJ, USA

The 2nd International Workshop on Rigorous Protocol Engineering (WRiPE 2012), 30 October - 02 November 2012, Austin, TX, USA IEEE Austin, TX, USA The 2nd International Workshop on Rigorous Protocol Engineering (WRiPE 2012) October 30 - November 02 2012 en 978-1-4673-2445-8 10.1109/ICNP.2012.6459940 1 RaimondasSasnauskas PhilippKaiser Russ LucasJukić KlausWehrle inproceedings 2012-kunz-pads-gpu 2012 7 20 23--32 horizon https://www.comsys.rwth-aachen.de/fileadmin/papers/2012/2012-kunz-pads-gpu.pdf Print IEEE Proceedings of the 26th ACM/IEEE/SCS Workshop on Principles of Advanced and Distributed Simulation (PADS'12), Zhangjiajie, China en 978-0-7695-4714-5 1087-4097 10.1109/PADS.2012.27 1 GeorgKunz DanielSchemmel JamesGross KlausWehrle techreport 2012-draft-garcia-core-security 2012 3 26 draft-garcia-core-security-04 A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things. Work in progress iotsec; ietf http://tools.ietf.org/html/draft-garcia-core-security-04 Online Internet Engineering Task Force Internet-Draft en OscarGarcia-Morchon Sye LoongKeoh Sandeep S.Kumar RenéHummen RenéStruik poster 2012-kunz-omnetpp-sequencechart 2012 3 23 5th International Workshop on OMNeT++ (OMNeT++'12), Desenzano del Garda, Italy horizon https://www.comsys.rwth-aachen.de/fileadmin/papers/2012/2012-kunz-omnetpp-sequencechart.pdf Online ICST 5th International Workshop on OMNeT++ (OMNeT++'12), Desezano del Garda, Italy en 1 GeorgKunz SimonTenbusch JamesGross KlausWehrle inproceedings 2012-kunz-simutools-probabilistic-sync 2012 3 20 119-128 horizon https://www.comsys.rwth-aachen.de/fileadmin/papers/2012/2012-kunz-simutools-prob-synch.pdf Online ICST

Brussels, Belgium

Proceedings of the 5th International ICST Conference on Simulation Tools and Techniques (SIMUTools'12), Desenzano del Garda, Italy Desenzano, Italy en 978-1-4503-1510-4 10.4108/icst.simutools.2012.247716 1 GeorgKunz MirkoStoffers JamesGross KlausWehrle techreport 2011-draft-garcia-core-security-03 2011 10 31 draft-garcia-core-security-03 A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things. Work in progress iotsec; ietf http://tools.ietf.org/html/draft-garcia-core-security-03 Online Internet Engineering Task Force Internet-Draft en OscarGarcia-Morchon Sye LoongKeoh Sandeep S.Kumar RenéHummen RenéStruik article 2011-heer-iot-journal Springer Wireless Personal Communications Journal 2011 10 61 3 527-542 A direct interpretation of the term Internet of Things refers to the use of standard Internet protocols for the human-to-thing or thing-to-thing communication in embedded networks. Although the security needs are well-recognized in this domain, it is still not fully understood how existing IP security protocols and architectures can be deployed. In this paper, we discuss the applicability and limitations of existing Internet protocols and security architectures in the context of the Internet of Things. First, we give an overview of the deployment model and general security needs. We then present challenges and requirements for IP-based security solutions and highlight specific technical limitations of standard IP security protocols. iotsec fileadmin/papers/2011/2011-heer-iot-challenges.pdf Online Springer

Netherlands

en 0929-6212 10.1007/s11277-011-0385-5 1 TobiasHeer OscarGarcia-Morchon RenéHummen Sye LoongKeoh Sandeep S.Kumar KlausWehrle inproceedings 2011-wintech-alizai-tinywifi 2011 9 19-27 tinywifi fileadmin/papers/2011/2010-09-tinywifi-alizai-wintech.pdf Online ACM

New York, NY, USA

Proceedings of the Sixth ACM International Workshop on Wireless Network Testbeds, Experimental evaluation and Characterization (WiNTECH ), Las Vegas, NV, USA Las Vegas, NV, USA The 17th Annual International Conference on Mobile Computing and Networking September 2011 en 978-1-4503-0867-0 10.1145/2030718.2030725 1 Muhammad HamadAlizai HannoWirtz BernhardKirchen TobiasVaegs OmprakashGnawali KlausWehrle inproceedings 2011-kunz-mascots-performance-prediction 2011 7 25 359 - 368 horizon fileadmin/papers/2011/2011-kunz-performance-prediction-mascots.pdf Online IEEE Computer Society

Los Alamitos, CA, USA

Proceedings of the 19th Annual Meeting of the IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS'11), Singapore Singapore 19th Annual Meeting of the IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems July 25-17, 2011 en 978-1-4577-0468-0 1526-7539 10.1109/MASCOTS.2011.15 1 GeorgKunz SimonTenbusch JamesGross KlausWehrle techreport 2011-draft-garcia-core-security-02 2011 7 11 draft-garcia-core-security-02 A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things. Work in progress iotsec; ietf http://tools.ietf.org/html/draft-garcia-core-security-02 Online Internet Engineering Task Force Internet-Draft en OscarGarcia-Morchon Sye LoongKeoh Sandeep S.Kumar RenéHummen RenéStruik inproceedings 2011-icdcs-sasnauskas-sde 2011 6 333-342 Recent advances in symbolic execution have proposed a number of promising solutions to automatically achieve high-coverage and explore non-determinism during testing. This attractive testing technique of unmodified software assists developers with concrete inputs and deterministic schedules to analyze erroneous program paths. Being able to handle complex systems' software, these tools only consider single software instances and not their distributed execution which forms the core of distributed systems. The step to symbolic distributed execution is however steep, posing two core challenges: (1) additional state growth and (2) the state intra-dependencies resulting from communication. In this paper, we present SDE—a novel approach enabling scalable symbolic execution of distributed systems. The key contribution of our work is two-fold. First, we generalize the problem space of SDE and develop an algorithm significantly eliminating redundant states during testing. The key idea is to benefit from the nodes' local communication minimizing the number of states representing the distributed execution. Second, we demonstrate the practical applicability of SDE in testing with three sensornet scenarios running Contiki OS. kleenet fileadmin/papers/2011/2011-06-icdcs-sasnauskas-sde.pdf Druck IEEE Computer Society

Los Alamitos, CA, USA

Proceedings of the 31st IEEE International Conference on Distributed Computing Systems (ICDCS 2011), June 2011, Minneapolis, MN, USA en 978-0-7695-4364-2 1063-6927 10.1109/ICDCS.2011.28 1 RaimondasSasnauskas OscarSoria Dustmann Benjamin LucienKaminski CarstenWeise StefanKowalewski KlausWehrle inproceedings 2011-iscc-alizai-ble 2011 6 fileadmin/papers/2011/2011-alizai-iscc-ble.pdf Online IEEE Computer Society

Los Alamitos, CA, USA

16th IEEE Symposium on Computers and Communications (ISCC), Kerkyra, Greece Kerkyra, Greece en 978-1-4577-0678-3 10.1109/ISCC.2011.5983839 1 Muhammad HamadAlizai HannoWirtz GeorgKunz BenjaminGrap KlausWehrle article 22011-itag-samad-cadplus Lecture Notes in Informatics GI-Edition 2011 3 25 S-10 Informatiktage 2011 279-282 Druck Köllen Verlag GmbH

Bonn, Germany

Gesellschaft für Informatik (GI) S-10 en 978-3-88579- 444-8 1614-3213 ShankarKaruppayah FahadSamad inproceedings OttHLVK2011 2011 3 21 Content sharing using personal web pages, blogs, or online social networks is a common means for people to maintain contact with their friends, colleagues, and acquaintances. While such means are essential to overcome distances, using infrastructure services for location-based services may not be desirable. In this paper, we analyze a fully distributed variant of an ephemeral content sharing service, solely dependent on the mobile devices in the vicinity using principles of opportunistic networking. The net result is a best effort service for floating content in which: 1) information dissemination is geographically limited; 2) the lifetime and spreading of information depends on interested nodes being available; 3) content can only be created and distributed locally; and 4) content can only be added, but not explicitly deleted. First we present our system design and summarize its analytical modeling. Then we perform extensive evaluation for a map-based mobility model in downtown Helsinki to assess the operational range for floating content, which, at the same time also validate the analytical results obtained for a more abstract model of the system. https://www.comsys.rwth-aachen.de/fileadmin/papers/2011/2011-percom-vaegs-floatingcontent.pdf Online IEEE

Piscataway, NJ, USA

Proceedings of the 9th IEEE International Conference on Pervasive Computing and Communications (PerCom 2011), Seattle, WA, USA Seattle, USA 9th IEEE International Conference on Pervasive Computing and Communications March 21 - 25, 2011 en 978-1-4244-9529-0 1 JörgOtt EsaHyytiä PasiLassila TobiasVaegs JussiKangasharju inproceedings 2011-kunz-omnetpp-horizon 2011 3 21 359-366 Developing an efficient parallel simulation framework for multiprocessor systems is hard. A primary concern is the considerable amount of parallelization overhead imposed on the event handling routines of the simulation framework. Besides more complex event scheduling algorithms, the main sources of overhead are thread synchronization and locking of shared data structures. As a result, the overhead of parallelization may easily outweigh the benefits of parallelization in comparison to classic sequential simulation. We introduce two efficient event handling schemes based on our parallel-simulation extension Horizon for the OMNeT++ simulator.First, we present a \emph{push-based event handling scheme} to minimize the overhead of thread synchronization and locking. Second, we complement this scheme with a novel \emph{event scheduling algorithm} that significantly reduces the overhead of parallel event scheduling. Lastly, we prove the correctness of our scheduling algorithm. Our evaluation reveals a total reduction in the event handling overhead of up to 16x when combining both schemes. horizon fileadmin/papers/2011/2011-kunz-horizon-omnetworkshop.pdf Online ICST

Brussels, Belgium

Proceedings of the 4th International Workshop on OMNeT++ (OMNeT++'11), Barcelona, Spain Barcelona, Spain 4th International Workshop on OMNeT++ (OMNeT++'11) March 21, 2011 en 978-1-936968-00-8 10.4108/icst.simutools.2011.245504 1 GeorgKunz MirkoStoffers JamesGross KlausWehrle techreport 2011-draft-garcia-core-security-01 2011 3 14 draft-garcia-core-security-01 A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things. Work in progress iotsec; ietf http://tools.ietf.org/html/draft-garcia-core-security-01 Online Internet Engineering Task Force Internet-Draft en OscarGarcia-Morchon Sye LoongKeoh Sandeep S.Kumar RenéHummen RenéStruik techreport 2011-draft-garcia-core-security-00 2011 3 7 draft-garcia-core-security-00 A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things. Work in progress iotsec; ietf http://tools.ietf.org/html/draft-garcia-core-security-00 Online Internet Engineering Task Force Internet-Draft en OscarGarcia-Morchon Sye LoongKeoh Sandeep S.Kumar RenéHummen RenéStruik techreport 2011-heer-draft-middle-auth 2011 draft-heer-hip-middle-auth-04 The Host Identity Protocol [RFC5201] is a signaling protocol for secure communication, mobility, and multihoming that introduces a cryptographic namespace. This document specifies an extension for HIP that enables middleboxes to unambiguously verify the identities of hosts that communicate across them. This extension allows middleboxes to verify the liveness and freshness of a HIP association and, thus, to secure access control in middleboxes. Work in progress ietf, mobile_access http://tools.ietf.org/html/draft-heer-hip-middle-auth-04 Online Internet Engineering Task Force Internet-Draft en TobiasHeer MiikaKomu RenéHummen KlausWehrle inproceedings 2010-krebs-Globecom10-clustering-mesh-conference 2010 12 1 1-5 In the past, many clustering algorithms for ad-hoc networks have been proposed. Their main objective is to solve the scalability issue of ad-hoc networks by grouping nodes into clusters. The challenge in MANETs for those clustering algorithms is to cope with the high node mobility which affects the stability of the cluster structures. Wireless mesh networks consist of a static backbone and a number of mobile nodes. In the backbone of a wireless mesh network the topology is relatively static. However, topology changes occur due to frequent link losses and temporary link instability. Due to the static nature of the backbone, mobility-based approaches are not suitable in this case. In this paper, we state the important aspects for stable clustering in wireless mesh networks with unidirectional links based on the investigation of a 45-node wireless mesh testbed. We analyze well-known clustering algorithms and their performance in a large-scale testbed. Finally, we propose a new clustering algorithm called Stable Link Clustering Algorithm (SLCA). fileadmin/papers/2010/2010-lora-clustering-MESH.pdf http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5683417 Print IEEE Proceedings of the IEEE Global Telecommunications Conference GLOBECOM 2010, Miami, USA Miami, FL, USA IEEE Global Telecommunications Conference, GLOBECOM 2010 6 - 10 December 2010 en 978-1-4244-5636-9 10.1109/GLOCOM.2010.5683417 1 MartinKrebs AndréStein Mónica AlejandraLora Girón inproceedings 2010-sensys-alizai-tinywifi 2010 11 429-430 We present TinyWifi, a nesC code base extending TinyOS to support Linux powered network nodes. It enables developers to build arbitrary TinyOS applications and protocols and execute them directly on Linux by compiling for the new TinyWifi platform. Using TinyWifi as a TinyOS platform, we expand the applicability and means of evaluation of wireless protocols originally designed for sensornets towards inherently similar Linux driven ad hoc and mesh networks. Received Best Poster Award fileadmin/papers/2010/2010-11-alizai-tinywifi-sensys.pdf http://portal.acm.org/citation.cfm?id=1870058&preflayout=flat Print ACM

New York, NY, USA

Proceedings of the 8th ACM Conference on Embedded Networked Sensor Systems (SenSys 2010), Zurich, Switzerland en 978-1-4503-0344-6 10.1145/1869983.1870058 1 Muhammad HamadAlizai BernhardKirchen Jó AgilaBitsch Link HannoWirtz KlausWehrle inproceedings 5646775 2010 9 778--784 Print Mautz, R., Kunz, M. and Ingensand, H. IEEE Proceedings of the 2010 International Conference on Indoor Positioning and Indoor Navigation (IPIN 2010), Zurich, Switzerland en 978-1-4244-5864-6 10.1109/IPIN.2010.5646775 OryChowaw-Liebman UtaChristoph Karl-HeinzKrempels ChristophTerwelp inproceedings 2010-kunz-mascots-horizon 2010 8 18 172-181 The simulation models of wireless networks rapidly increase in complexity to accurately model wireless channel characteristics and the properties of advanced transmission technologies. Such detailed models typically lead to a high computational load per simulation event that accumulates to extensive simulation runtimes. Reducing runtimes through parallelization is challenging since it depends on detecting causally independent events that can execute concurrently. Most existing approaches base this detection on lookaheads derived from channel propagation latency or protocol characteristics. In wireless networks, these lookaheads are typically short, causing the potential for parallelization and the achievable speedup to remain small. This paper presents Horizon, which unlocks a substantial portion of a simulation model's workload for parallelization by going beyond the traditional lookahead. We show how to augment discrete events with durations to identify a much larger horizon of independent simulation events and efficiently schedule them on multi-core systems. Our evaluation shows that this approach can significantly cut down the runtime of simulations, in particular for complex and accurate models of wireless networks. horizon fileadmin/papers/2010/2010-kunz-mascots-horizon.pdf Online IEEE Computer Society

Los Alamitos, CA, USA

Proceedings of the 18th Annual Meeting of the IEEE/ACM International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS'10), Miami, FL, USA Miami, FL, USA 18th Annual Meeting of the IEEE/ACM International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS'10) August 17-19, 2010 en 978-0-7695-4197-6 1526-7539 10.1109/MASCOTS.2010.26 1 GeorgKunz OlafLandsiedel JamesGross StefanGötz FarshadNaghibi KlausWehrle inproceedings DBLP:conf/winsys/Chowaw-LiebmanCKT10 2010 7 195-201 Print Rafael F. S. Caldeirinha and Mohammad S. Obaidat SciTePress WINSYS 2010 - Proceedings of the International Conference on Wireless Information Networks and Systems, Athens, Greece, WINSYS is part of ICETE - The International Joint Conference on e-Business and Telecommunications en 978-989-8425-24-9 OryChowaw-Liebman UtaChristoph Karl-HeinzKrempels ChristophTerwelp inproceedings DBLP:conf/winsys/ChristophKST10a 2010 7 189-194 Print Rafael F. S. Caldeirinha and Mohammad S. Obaidat SciTePress WINSYS 2010 - Proceedings of the International Conference on Wireless Information Networks and Systems, Athens, Greece, WINSYS is part of ICETE - The International Joint Conference on e-Business and Telecommunications en 978-989-8425-24-9 UtaChristoph Karl-HeinzKrempels Jannovon Stülpnagel ChristophTerwelp inproceedings icc2010vpsim 2010 5 23 1-6 Nowadays, the development of embedded system hardware and related system software is mostly carried out using virtual platform environments. The high level of modeling detail (hardware elements are partially modeled in a cycle-accurate fashion) is required for many core design tasks. At the same time, the high computational complexity of virtual platforms caused by the detailed level of simulation hinders their application for modeling large networks of embedded systems. In this paper, we propose the integration of virtual platforms with network simulations, combining the accuracy of virtual platforms with the versatility and scalability of network simulation tools. Forming such a hybrid toolchain facilitates the detailed analysis of embedded network systems and related important design aspects, such as resource effectiveness, prior to their actual deployment. https://www.comsys.rwth-aachen.de/fileadmin/papers/2010/2010-schuermans-weingaertner-network_centric.pdf Online IEEE Proceedings of the IEEE International Conference on Communications (ICC), Cape Town, South Africa, May 23-27 en 978-1-4244-6402-9 1550-3607 10.1109/ICC.2010.5502185 1 StefanSchürmanns EliasWeingaertner TorstenKempf GerdAscheid KlausWehrle RainerLeupers inproceedings 2010-ipsn-sasnauskas-kleenet 2010 4 12 186--196 Complex interactions and the distributed nature of wireless sensor networks make automated testing and debugging before deployment a necessity. A main challenge is to detect bugs that occur due to non-deterministic events, such as node reboots or packet duplicates. Often, these events have the potential to drive a sensor network and its applications into corner-case situations, exhibiting bugs that are hard to detect using existing testing and debugging techniques. In this paper, we present KleeNet, a debugging environment that effectively discovers such bugs before deployment. KleeNet executes unmodified sensor network applications on symbolic input and automatically injects non-deterministic failures. As a result, KleeNet generates distributed execution paths at high-coverage, including low-probability corner-case situations. As a case study, we integrated KleeNet into the Contiki OS and show its effectiveness by detecting four insidious bugs in the uIP TCP/IP protocol stack. One of these bugs is critical and lead to refusal of further connections. automated protocol testing, experimentation, failure detection, wireless sensor networks kleenet fileadmin/papers/2010/2010-04-ipsn-sasnauskas-KleeNet.pdf Print ACM

New York, NY, USA

Proceedings of the 9th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN 2010), Stockholm, Sweden en 978-1-60558-988-6 http://doi.acm.org/10.1145/1791212.1791235 1 RaimondasSasnauskas OlafLandsiedel Muhammad HamadAlizai CarstenWeise StefanKowalewski KlausWehrle inbook 2010-aktas-modeling-application-traffic-bookchapter 2010 4 397-426 Springer 18 Modeling and Tools for Network Simulation 978-3-642-12330-6 IsmetAktas CemMengi ThomasKing incollection 2010-kunz-simtools-parallelDES 2010 4 121-131 Print Klaus Wehrle and Mesut Günes and James Gross Springer

Berlin, Germany

8 Modeling and Tools for Network Simulation en 978-3-642-12330-6 1 GeorgKunz incollection 2010-kunz-simtools-deployments 2010 4 83-97 Print Klaus Wehrle and Mesut Günes and James Gross Springer

Berlin, Germany

6 Modeling and Tools for Network Simulation en 978-3-642-12330-6 1 GeorgKunz OlafLandsiedel GeorgWittenburg inproceedings DBLP:conf/webist/ChristophGK10 2010 4 2 48-54 Print Joaquim Filipe and José Cordeiro INSTICC Press WEBIST 2010, Proceedings of the 6th International Conference on Web Information Systems and Technologies, Valencia, Spain en 978-989-674-025-2 UtaChristoph DanielGötten Karl-HeinzKrempels inbook 2010-02-book-alizai-hardware-and-systems 2010 2 1 99-117 http://www.network-simulation.info/ http://www.amazon.com/Modeling-Tools-Network-Simulation-Wehrle/dp/3642123309 Print Springer LNCS Chapter 7 Modeling and Tools for Network Simulation EN 978-3-642-12330-6 Muhammad HamadAlizai LeiGao TorstenKempf OlafLandsiedel inproceedings 2010-ARCS-alizai-promotingpower 2010 387-392 Accurate prediction of energy consumption early in the design process is essential to efficiently optimize algorithms and protocols. However, despite energy efficiency gathering significant attention in networking research, limited effort has been invested in providing requisite evaluation tools and models. Hence, developers demand powerful evaluation tools to assist them in comparing new communication paradigms in terms of energy efficiency, and minimizing the energy requirements of algorithms. In this paper, we argue for promoting energy to a first class metric in network simulations. We explore the challenges involved in modelling energy in network simulations and present a detailed analysis of different modelling techniques. Finally, we discuss their applicability in high-level network simulations. fileadmin/papers/2010/2010-2-ARCS-alizai-promoting-power.pdf Print VDE-VERLAG

Berlin, Germany

Proceedings of the Workshop on Energy Aware Systems and Methods, in conjunction with GI/ITG ARCS 2010 Hannover, Feb. 21-23 en 978-3-8007-3222-7 1 Muhammad HamadAlizai GeorgKunz OlafLandsiedel KlausWehrle inproceedings 201006GarciaIFIPTM 2010 ManyapplicationsrunningontheInternetoperateinfullyor semi-distributed fashion including P2P networks or social networks. Dis- tributed applications exhibit many advantages over classical client-server models regarding scalability, fault tolerance, and cost. Unfortunately, the distributed system operation also brings many security threats along that challenge their performance and reliability. In particular, faulty or mis- behaving nodes cannot collude to subvert the system operation. This paper addresses the above threats by applying cooperative security techniques to relevant distributed systems in the Internet. Our goal is to present methods that allow the peers to bootstrap basic trust relation- ships at the time of joining a distributed network and remove the peers if trust is lost. We consider the specific security caveats of the analyzed sys- tems, investigate the applicability of existing cooperative security-based protocols, and propose general design guidelines for cooperative-security protocol in described distributed systems. Print Springer

Berlin

Proceedings of IFIPTM 2010 - 4th International Conference on Trust Management Morioka, Japan 4th International Conference on Trust Management en 978-3-642-13445-6 1 DmitriyKuptsov OscarGarcia-Morchon KlausWehrle AndreiGurtov inproceedings 2009-kunz-mascots-horizon 2009 9 21 575-577 This paper presents Horizon, an extension to network simulation that enables the efficient and detailed simulation of wireless networks. Our contributions are two-fold as Horizon provides i) an API for accurately modeling processing time of discrete event simulation models by augmenting events with time spans and ii) a lightweight parallelization scheme that utilizes timing information to guide the parallel execution of simulations on multi-core computers. In this paper we primarily focus on the latter. horizon fileadmin/papers/2009/2009-kunz-mascots-horizon.pdf Poster Online IEEE Computer Society

Los Alamitos, CA, USA

Proceedings of the 17th Annual Meeting of the IEEE International Symposium on Modelling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS'09), London, UK London, Great Britain 17th Annual Meeting of the IEEE International Symposium on Modelling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS'09) September 21-32, 2009 en 978-1-4244-4926-2 1526-7539 10.1109/MASCOT.2009.5366710 1 GeorgKunz OlafLandsiedel KlausWehrle inproceedings 2009-landsiedel-visa-vipe 2009 8 17 45--52 Although the diversity of platforms for network experimentation is a boon to the development of protocols and distributed systems, it is challenging to exploit its benefits. Implementing or adapting the systems under test for such heterogeneous environments as network simulators, network emulators, testbeds, and end systems is immensely time and work intensive. In this paper, we present VIPE, a unified virtual platform for network experimentation, that slashes the porting effort. It allows to smoothly evolve a single implementation of a distributed system or protocol from its design up into its deployment by leveraging any form of network experimentation tool available. deployment, network experimentation, resource virtualization, simulation fileadmin/papers/2009/2009-landsiedel-visa-vipe.pdf Print ACM Press

New York, NY, USA

Proceedings of the 1st ACM SIGCOMM Workshop on Virtualized Infastructure Systems and Architectures, Barcelona, Spain Barcelona, Spain 1st ACM SIGCOMM Workshop on Virtualized Infastructure Systems and Architectures August 17, 2009 en 978-1-60558-595-6 10.1145/1592648.1592657 1 OlafLandsiedel GeorgKunz StefanGötz KlausWehrle poster 2009-kunz-nsdi-profab 2009 4 22 fileadmin/papers/2009/2009-kunz-nsdi-protocolFactory.pdf Poster Online USENIX Association

Berkeley, CA, USA

6th USENIX Symposium on Networked Systems Design and Implementation (NSDI'09) en 1 GeorgKunz OlafLandsiedel StefanGötz KlausWehrle inproceedings DBLP:conf/icaart/ChristophKW09 2009 1 447-454 Print Joaquim Filipe and Ana L. N. Fred and Bernadette Sharp INSTICC Press ICAART 2009 - Proceedings of the International Conference on Agents and Artificial Intelligence, Porto, Portugal en 978-989-8111-66-1 UtaChristoph Karl-HeinzKrempels AlexanderWilden inproceedings 2009-icc-heer-middleboxes 2009 1 791-796 Today, middleboxes such as firewalls and network address translators have advanced beyond simple packet forwarding and address mapping. They also inspect and filter traffic, detect network intrusion, control access to network resources, and enforce different levels of quality of service. The cornerstones for these security-related network services are end-host authentication and authorization. Using a cryptographic namespace for end-hosts simplifies these tasks since it gives them an explicit and verifiable identity. The Host Identity Protocol (HIP) is a key-exchange protocol that introduces such a cryptographic namespace for secure end-to-end communication. Although HIP was designed with middleboxes in mind, these cannot securely use its namespace because the on-path identity verification is susceptible to replay attacks. Moreover, the binding between HIP as an authentication protocol and IPsec as payload transport is insufficient because on-path middleboxes cannot securely map payload packets to a HIP association. In this paper, we propose to prevent replays attack by treating packet-forwarding middleboxes as first-class citizens that directly interact with end-hosts. Also we propose a method for strengthening the binding between the HIP authentication process and its payload channel with hash-chain-based authorization tokens for IPsec. Our solution allows on-path middleboxes to efficiently leverage cryptographic end-host identities and integrates cleanly into existing protocol standards. mobile_access http://www.comsys.rwth-aachen.de/fileadmin/papers/2009/2009-heer-icc-end-host-authentication.pdf Print Piscataway, NJ, USA

Dresden, Germany

Proceedings of the IEEE International Conference on Communications 2009 (ICC 2009), Dresden, Gemany IEEE Dresden, Germany IEEE International Conference on Communications 2009 (ICC 2009) en 978-1-4244-3435-0 1938-1883 10.1109/ICC.2009.5198984 1 TobiasHeer RenéHummen MiikaKomu StefanGötz KlausWehrle techreport 2009-heer-draft-midauth 2009 draft-heer-hip-midauth-02 The Host Identity Protocol is a signaling protocol for secure communication, mobility, and multihoming. It achieves these properties by introducing a new cryptographic namespace. This document specifies an extension for HIP that enables middleboxes to unambiguously verify the identities of hosts that communicate across them. This extension enables middleboxes to verify the liveness and freshness of a HIP association and, thus, enables reliable and secure access control in middleboxes. Work in progress Internet Engineering Task Force Internet-Draft TobiasHeer MiikaKomu KlausWehrle inproceedings 2008-becher-hotemnets-linkestimation 2008 6 3 1--5 Commonly, routing in sensor networks is limited to longterm stable links. Unstable links, although often promising to be of large routing progress, are not considered for packet forwarding as link estimators typically cannot handle their dynamics. In this paper we introduce short-term link estimation to capture link dynamics at a high resolution in time and to identify when these render a link temporarily reliable or unreliable. We identify such dynamics based on packet overhearing, predict short-term availability and unavailability, and adapt neighbor tables, thereby enlarging the set of links useable by any routing algorithm. Additionally, we show that short-term link estimation integrates seamlessly into today's sensor network link estimators and routing protocols. wld fileadmin/papers/2008/2008-becher-hotemnets-linkestimation.pdf Online ACM Press

New York, NY, USA

Proceedings of Fifth Workshop on Embedded Networked Sensors (Hot EmNets'08), Charlottesville, VA, USA Chalottesville, USA Fifth Workshop on Embedded Networked Sensors (Hot EmNets'08) June 2-3, 2008 en 978-1-60558-209-2 1 AlexanderBecher OlafLandsiedel GeorgKunz KlausWehrle inbook 2008-thissen-LNCS-multimedia 2008 268-299 Print M. Nagl, W. Marquardt Springer Lecture Notes in Computer Science 4970 Collaborative and Distributed Chemical Engineering, From Understanding to Substantial Design Process Support en 978-3-540-70551-2 AndréSchüppen OttoSpaniol DirkThißen IngoAssenmacher EdmundHaberstroh ThorstenKuhlen techreport 2008-heer-draft-midauth 2008 draft-heer-hip-midauth-01 The Host Identity Protocol is a signaling protocol for secure communication, mobility, and multihoming. It achieves these properties by introducing a new cryptographic namespace. This document specifies an extension for HIP that enables middleboxes to unambiguously verify the identities of hosts that communicate across them. This extension enables middleboxes to verify the liveness and freshness of a HIP association and, thus, enables reliable and secure access control in middleboxes. Work in progress Internet Engineering Task Force Internet-Draft TobiasHeer MiikaKomu KlausWehrle inproceedings 200707WeingaertnerEuroView2007HVSNNGN 2007 7 23 1 1 Both Wireless Sensor Networks (WSNs) and Vehicular Ad-Hoc Networks (VANETs) are technologies that gained extensive attention in the research community during the last years, and many people agree that those are about to contribute to the networks of tomorrow in a signicant way. Within the talk, we present our work on the novel paradigm of Hybrid Sensor-Vehicular Networks (HSVNs) and their contribution to next-generation network architectures. The idea behind Hybrid Sensor-Vehicular Networks is to deploy sensor nodes within the road environment. For example, it is imaginable that future roads will be equipped with sensor nodes that are able to sense environmental events, such as ice, aquaplaning or structural damages. Those events are gathered locally using a wireless sensor network and are delivered directly to vehicles that pass by. Afterwards, information is spread in a wider area using the VANET. https://www.comsys.rwth-aachen.de/fileadmin/papers/2007/2007-eurongi-hybrid-wsn-weingaertner-kargl.pdf http://www3.informatik.uni-wuerzburg.de/euroview/2007/program.shtml online EuroNGI online Proceedings of 7th Würzburg Workshop on IP "Visions of Future Generation Networks" (EuroView2007) Würzburg, Germany 7th Würzburg Workshop on IP "Visions of Future Generation Networks" (EuroView2007) 23.7.2007 / 24.7.2007 en none none 1 EliasWeingaertner FrankKargl article ChrKre07PiK Praxis der Informationsverarbeitung und Kommunikation (PIK) 2007 30 2 112--120 Print De Gruyter Saur de 0930-5157 10.1515/PIKO.2007.112 UtaChristoph Karl-HeinzKrempels techreport 200706WeingaertnerFGSN07HSVNPrototype Proceedings of the 2007 GI Special Interest Meeting ("Fachgespraech") on Wireless Sensor Networks 2007 1-4 Proceedings published as technical report at RWTH Aachen. https://www.comsys.rwth-aachen.de/fileadmin/papers/2007/2007-weingaertner-kargl-fgsn.pdf Klaus Wehrle RWTH Aachen University

Bonn, Germany

RWTH Aachen Aachen, Germany Fachgespraech Sensornetzwerke 16.7.2007 / 17.7.2007 A prototype study on Hybrid Sensor-Vehicular Networks 0935-3232 1 EliasWeingaertner FrankKargl inproceedings 200504mongerinformatiktage 2005

Schloss Birlinghoven

Proceedings of GI-Informatiktage 2005 AndreasMonger StefanieHofmann JanBronni MarcelKronfeld techreport 200605OCALATechReportUCB 2005 UCB/CSD-005/1397 The ever increasing demand of new applications coupled with the increasing rigidity of the Internet has led researchers to propose overlay networks as a means of introducing new functionality in the Internet. However, despite sustained efforts, few overlays are used widely. Providing support for legacy Internet applications to access such overlays would significantly expand the user base of the overlays, as the users can instantly benefit from the overlay functionality. We present the design and implementation of OCALA, an Overlay Convergence Architecture for Legacy Applications. Unlike previous efforts, OCALA allows users to access different overlays simultaneously, as well as hosts in different overlays to communicate with each other. In addition, OCALA reduces the implementation burden on the overlay developers, by factoring out the functions commonly required to support legacy applications, such as tapping legacy traffic, authentication and encryption. Our implementation of OCALA as a proxy requires no changes to the applications or operating systems. We currently support two overlays, i3 and RON, on Linux and Windows XP/2000 platforms. We (and a few other research groups and end-users) have used the proxy over a eleven-month period with many legacy applications ranging from web browsers to remote desktop applications. http://ocala.cs.berkeley.edu

UCB, Berkeley, USA

University of California at Berkeley DilipJoseph JayanthkumarKannan AyumuKubota IonStoica KlausWehrle techreport 200606i3proxytechreport 2004 UCB/CSD-04-1342 Providing support for legacy applications is a crucial component of many overlay networks, as it allows end-users to instantly benefit from the functionality introduced by these overlays. This paper presents the design and implementation of a proxy-based solution to support legacy applications in the context of the i3 overlay [24]. The proxy design relies on an address virtualization technique which allows the proxy to tunnel the legacy traffic over the overlay transparently. Our solution can preserve IP packet headers on an end-to-end basis, even when end-host IP addresses change, or when endhosts live in different address spaces (e.g., behind NATs). In addition, our solution allows the use of human-readable names to refer to hosts or services, and requires no changes to applications or operating systems. To illustrate how the proxy enables legacy applications to take advantage of the overlay (i.e., i3) functionality, we present four examples: enabling access to machines behind NAT boxes, secure Intranet access, routing legacy traffic through Bro, an intrusion detection system, and anonymous web download. We have implemented the proxy on Linux andWindows XP/2000 platforms, and used it over the i3 service on PlanetLab over a three month period with a variety of legacy applications ranging from web browsers to operating system-specific file sharing. http://i3.cs.berkeley.edu

UCB, Berkeley, USA

University of California at Berkeley Technical Report JayanthkumarKannan AyumuKubota KarthikLakshminarayanan IonStoica KlausWehrle