ABSTRACT
As the popularity of 3D printing or additive manufacturing (AM) continues to increase for use in commercial and defense supply chains, the requirement for reliable, robust protection from adversaries has become more important than ever. Three-dimensional printing security focuses on protecting both the individual Industrial Internet of Things (I-IoT) AM devices and the networks that connect hundreds of these machines together. Additionally, rapid improvements in quantum computing demonstrate a vital need for robust security in a post-quantum future for critical AM manufacturing, especially for applications in, for example, the medical and defense industries. In this paper, we discuss the attack surface of adversarial data manipulation on the physical inter-device communication bus, Controller Area Network (CAN). We propose a novel, hierarchical tree solution for a secure, post-quantum-supported security framework for CAN-based AM devices. Through using subnet hopping between isolated CAN buses, our framework maintains the ability to use legacy or third-party devices in a plug-and-play fashion while securing and minimizing the attack surface of hardware Trojans or other adversaries. The results of the physical implementation of our framework demonstrate 25% and 90% improvement in message costs for authentication compared to existing lightweight and post-quantum CAN security solutions, respectively. Additionally, we performed timing benchmarks on the normal communication (hopping) and authentication schemes of our framework.
ABSTRACT
Information Security Awareness (ISA) is a significant concept that got considerable attention recently and can assist in minimizing the risks associated with information security breaches. Several measurement scales have been developed in this regard, as measuring users' ISA is paramount. Although ISA specific scales are very important, yet what methodological rigor they use in terms of initial conceptualization of ISA, data collection and analysis during the development, and scale validation of such scales are some unknown aspects. Therefore, we provide a comprehensive review of the existing ISA specific scales to address all the above concerns. A popular method, PRISMA, is utilized, and a total of 24 articles that match with criteria of this research are included for the final in-depth analysis. Also, a holistic evaluation framework is developed containing three phases and 19 criteria. Findings revealed that most studies treat ISA as a multi-dimensional construct, and ISA researchers rarely conduct both pilot testing and pre-text evaluation while validating and refining the initial scales. Additionally, several articles did not report some of the essential elements used for checking the rigor of factor analysis, and evidence for validities of the identified scales is inadequate. Consequently, existing ISA specific scales must be improved both in terms of the methodological thoroughness of the scale development procedure and their validities. Moreover, not only justifying why the development of a new scale is necessary, but also improving the quality of the existing scales by doing multiple iterations is significant in the future. Likewise, the inclusion of all the dimensions of ISA, while generating the initial items pool is an important aspect to be considered. A thorough discussion, recommendations for future research, conclusions, and study limitations are provided.
ABSTRACT
Advances in artificial intelligence (AI) have ushered in a new era of consumer electronic (CE) devices: the voice-based CE devices (VCED's). A striking feature that separates these from other CE devices are their anthropomorphic capabilities. While current CE research has given a strong focus on improving various technical and security aspects of the VCED's, not much efforts have been given to explore their diffusion and acceptance in the society. However, if the CE community is to progress then there is an urgent need to view these systems from a sociotechnical perspective and take the user perceptions into account for further product development. In this work we propose a novel research framework by incorporating Human Computer Interaction (HCI) theories and Para Social Relationship Theory for exploring the effect of trust on the behavioral intention of users towards VCED's, keeping in mind their human-like attributes. Data is analyzed using a Structural Equation Modelling approach from 675 users of VCED devices from two Asian countries. Results show that the functional aspects of performance and effort expectancy, and social aspects of presence and cognition affect the trust factor. Privacy concerns do not affect trust. Overall, the results suggest that users treat VCED's as social objects employing social rules while interaction that indicates a dual nature of anthropomorphic systems. Suitable suggestions are provided for CE researchers for future research.
ABSTRACT
Internet of Things (IoT) devices have strict energy constraints as they often operate on a battery supply. The cryptographic operations within IoT devices consume substantial energy and are vulnerable to a class of hardware attacks known as side-channel attacks. To reduce the energy consumption and defend against side-channel attacks, we propose combining adiabatic logic and Magnetic Tunnel Junctions to form our novel Energy Efficient-Adiabatic CMOS/MTJ Logic (EE-ACML). EE-ACML is shown to be both low energy and secure when compared to existing CMOS/MTJ architectures. EE-ACML reduces dynamic energy consumption with adiabatic logic, while MTJs reduce the leakage power of a circuit. To show practical functionality and energy savings, we designed one round of PRESENT-80 with the proposed EE-ACML integrated with an adiabatic clock generator. The proposed EE-ACML-based PRESENT-80 showed energy savings of 67.24% at 25 MHz and 86.5% at 100 MHz when compared with a previously proposed CMOS/MTJ circuit. Furthermore, we performed a CPA attack on our proposed design, and the key was kept secret.
ABSTRACT
The last few decades have seen a large proliferation in the prevalence of cyber-physical systems. This has been especially highlighted by the explosive growth in the number of Internet of Things (IoT) devices. Unfortunately, the increasing prevalence of these devices has begun to draw the attention of malicious entities which exploit them for their own gain. What makes these devices especially attractive is the various resource constraints present in these devices that make it difficult to add standard security features. Therefore, one intriguing research direction is creating security solutions out of already present components such as sensors. Physically Unclonable Functions (PUFs) are one potential solution that use intrinsic variations of the device manufacturing process for provisioning security. In this work, we propose a novel weak PUF design using thermistor temperature sensors. Our design uses the differences in resistance variation between thermistors in response to temperature change. To generate a PUF that is reliable across a range of temperatures, we use a response-generation algorithm that helps mitigate the effects of temperature variation on the thermistors. We tested the performance of our proposed design across a range of environmental operating conditions. From this we were able to evaluate the reliability of the proposed PUF with respect to variations in temperature and humidity. We also evaluated the PUF's uniqueness using Monte Carlo simulations.
