Supervisory Control and Data Acquisition (SCADA) systems are migrating from isolated to highly-in... more Supervisory Control and Data Acquisition (SCADA) systems are migrating from isolated to highly-interconnected large scale architectures. In addition, these systems are increasingly composed of standard Internet technologies and use public networks. Hence, while the SCADA functionality has increased, its vulnerability to cyber threats has also risen. These threats often lead to reduced system availability or compromised data integrity, eventually resulting in risks to public safety. Therefore, enhancing the reliability and security of system operation is an urgent need. Peer-to-Peer (P2P) techniques allow the design of selforganizing Internet-scale communication overlay networks. Two inherent resilience mechanisms of P2P networks are path redundancy and data replication. This paper shows how SCADA system's resilience can be improved by using P2P technologies. In particular, the two previously mentioned resilience mechanisms allow circumventing crashed nodes and detecting manipulated control data.
2013 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2013
Data collection is a key ingredient for a plethora of distributed systems. Strict responsiveness,... more Data collection is a key ingredient for a plethora of distributed systems. Strict responsiveness, i.e., the reliable and timely data delivery is a mandatory requirement for critical applications. For a widened application focus towards large scale critical applications in heterogeneous operational environments, data dissemination infrastructures are inevitably required to provide robustness against frequent perturbations. In this work, we present Coral, a highly reliable and low latency data collection peer-to-peer protocol. Its fully decentralized design allows operation under unfavorable conditions and immediate adaptation towards such effects. Coral provides for a latency optimized and path redundant data collection along with innetwork aggregation, i.e., convergecast, for applications with ultra low latency requirements that span across large geographic extents.
The complexity of distributed algorithms, such as state machine replication, motivates the use of... more The complexity of distributed algorithms, such as state machine replication, motivates the use of formal methods to assist correctness verification. The design of the formal model of an algorithm directly affects the efficiency of the analysis. Therefore, it is desirable that this model does not add "unnecessary" complexity to the analysis. In this paper, we consider a general message-passing (MP) model of distributed algorithms and compare different ways of modeling the message traffic. We prove that the different MP models are equivalent with respect to the common properties of distributed algorithms. Therefore, one can select the model which is best suited for the applied verification technique. We consider MP models which differ regarding whether (1) the event of message delivery can be interleaved with other events and (2) a computation event must consume all messages that have been delivered after the last computation event of the same process. For generalized MP distributed protocols and especially focusing on fault-tolerance, we show that our proposed model (without interleaved delivery events and with relaxed semantics of computation events) is significantly more efficient for explicit state model checking. For example, the model size of the Paxos algorithm is 1/13 th that of existing equivalent MP models.
International Journal of Autonomous and Adaptive Communications Systems, 2012
Wireless sensor networks (WSNs) are deployed to monitor physical events such as fire, or the stat... more Wireless sensor networks (WSNs) are deployed to monitor physical events such as fire, or the state of physical objects such as bridges in order to support appropriate reaction to avoid potential damages. However, many situations require immediate attention or long-reaction plan. Therefore, the classical approach of just detecting the physical events may not suffice in many cases. We present a generic WSN level event prediction framework to forecast the physical events, such as network partitioning, well in advance to support proactive self-actions. The framework collects the state of a specified attribute on the sink using an efficient spatio-temporal compression technique. The future state of the targeted attributes is then predicted using time series modelling. We propose a generic event prediction algorithm, which is adaptable to multiple application domains. Using simulations we show our framework's enhanced ability to accurately predict the network partitioning with very high accuracy and efficiency.
Encyclopedia of Wireless and Mobile Communications
... Although we did this summarization manually within our experiment, automatic summarization te... more ... Although we did this summarization manually within our experiment, automatic summarization technologies (Kupiec et al.) [3] 3. Kupiec , J. ; Pedersen , J. ; Chen , F. A trainable document summarizer . ... 3. Kupiec, J.; Pedersen, J.; Chen, F. A trainable document summarizer. ...
The binary deBruijn interconnect graph (BDG) is a realizable alternative to the hypercube. A prim... more The binary deBruijn interconnect graph (BDG) is a realizable alternative to the hypercube. A primary limitation of the deBruijn structure is, though, its inability to embed a mesh or a mesh of trees in it efciently, compared to the hypercube. Product Shufe (PS) graphs have been proposed, to alleviate such limitations, though at the cost of a complex interconnect structure and an increased node-degree, from 4 in a BDG, to 8 in the PS graph. A simple extension of the BDG by the edge set union with a torus is shown; this provides for the missing mesh topology and achieves graph capabilities/versatility comparable to the PS graph and the hypercube within a xed degree graph. The structure improves upon both the PS and hypercube in implementing pipelined and multi-phase algorithms. More importantly, the purpose is designing an algorithmically specialized interconnect, by characterizing algorithmic features of a wide range of algorithms as well as direct architectural support for them, instead of simply providing for a set of graph embeddings in the interconnect. A set of examples demonstrate the Union-Graph's versatility in this aspect of algorithmic support.
No cache based techniques for roll-forward fault recovery exist at present. A split-cache approac... more No cache based techniques for roll-forward fault recovery exist at present. A split-cache approach is proposed that provides e cient support for checkpointing and roll-forward fault recovery in distributed systems. This approach obviates the use of discrete stable storage or explicit synchronization among the processors. Stability of the checkpoint intervals is used as a driver for real time operations.
Physically co-located virtual machines should be securely isolated from one another, as well as f... more Physically co-located virtual machines should be securely isolated from one another, as well as from the underlying layers in a virtualized environment. In particular the virtualized environment is supposed to guarantee the impossibility of an adversary to attack a virtual machine e.g., by exploiting a side-channel stemming from the usage of shared physical or software resources. However, this is often not the case and the lack of sufficient logical isolation is considered a key concern in virtualized environments. In the academic world this view has been reinforced during the last years by the demonstration of sophisticated side-channel attacks (SCAs). In this paper we argue that the feasibility of executing a SCA strongly depends on the actual context of the execution environment. To reflect on these observations, we propose a feasibility assessment framework for SCAs using cache based systems as an example scenario. As a proof of concept we show that the feasibility of cache-based side-channel attacks can be assessed following the proposed approach.
Uploads
Papers by Neeraj Suri