Thomas Ulz

Human computation for constraint-based recommenders

PeopleViews is a Human Computation based environment for the construction of constraint-based recommenders. Constraint-based recommender systems support the handling of complex items where constraints (e.g., between user requirements and item properties) can be taken into account. When applying such systems, users are articulating their requirements and the recommender identifies solutions on the basis of the constraints in a recommendation knowledge base. In this paper, we provide an overview of the PeopleViews environment and show how recommendation knowledge can be collected from users of the environment on the basis of micro-tasks. We also show how PeopleViews exploits this knowledge for automatically generating recommendation knowledge bases. In this context, we compare the prediction quality of the recommendation approaches integrated in PeopleViews using a DSLR camera dataset.

SECURECONFIG: NFC and QR-code based hybrid approach for smart sensor configuration

In smart factories and smart homes, devices such as smart sensors are connected to the Internet. Independent of the context in which such a smart sensor is deployed, the possibility to change its configuration parameters in a secure way is essential. Existing solutions do provide only minimal security or do not allow to transfer arbitrary configuration data. In this paper, we present an NFC- and QR-code based configuration interface for smart sensors which improves the security and practicability of the configuration altering process while introducing as little overhead as possible. We present a protocol for configuration as well as a hardware extension including a dedicated security controller (SC) for smart sensors. For customers, no additional hardware other than a commercially available smartphone will be necessary which makes the proposed approach highly applicable for smart factory and smart home contexts alike.

Bring your own key for the industrial Internet of Things

High tech strategies such as Industry 4.0 and Smart Manufacturing require industrial devices to be connected to the Internet. This movement towards interconnected industrial devices poses significant security risks as confidential data must be transferred and stored using untrustworthy channels and cloud servers. End-to-end private key cryptography is suitable to protect the confidentiality, integrity, and authenticity of data. However, private key cryptography has some drawbacks such as the so-called key distribution problem. A possible solution, factory installed keys, are untrustworthy as the two partners relying on end-to-end cryptography can not be sure that no other party is in possession of the used keys. To overcome these problems, the Bring Your Own Key (BYOK) principle based on Near Field Communication (NFC) and dedicated secured hardware is presented in this paper.

Hardware Secured, Password-based Authentication for Smart Sensors for the Industrial Internet of Things

Sensors are a vital component for the Internet of Things. These sensors gather information about their environment and pass this information to control algorithms and/or actuators. To operate as effective as possible the sensors need to be reconfigurable, which allows the operators to optimize the sensing activities. In this work we focus on the mechanisms of such reconfiguration possibilities. As the reconfiguration can also be used to manipulate the sensors (and their attached systems) in a subtle way, the security of the reconfiguration interface is of utmost importance. Within this work we test a lightweight authentication method for use on a smart sensor and describe a possible implementations of the authentication mechanism on a hardware security module.

SystemC Test Case Generation with the Gazebo Simulator

The current approach of hardware simulators are testbeds that supply the Device under Test (DUT) with inputs. These sequences of inputs are the result of engineers reverse engineering the use cases extracting the inputs from them and adding some extreme cases. This paper describes an approach where the input sequences are generated directly from the use case itself. The use case is therefore simulated in an environmental simulator such as Gazebo. This generates the stimuli for the DUT. To facilitate the compatibility between the different simulation environments we present an easy-to-use and easy-to-implement communication strategy.

Secured and Easy-to-Use NFC-Based Device Configuration for the Internet of Things

Public awareness regarding security aspects in the Internet of Things (IoT) is currently rising due to regular media presence of various IoT-related security breaches. One of the major weaknesses of IoT devices is the absence of appropriate mechanisms for firmware and configuration updates. In addition, improved security concepts often result in poor usability which discourages users from relying on these concepts. Therefore, in this paper, we present an easy-to-use NFC-based configuration approach for IoT devices that is secured by appropriate security measures in software and hardware. Since industrial usage of such a configuration approach entails different requirements than home usage, we present and compare three different configuration processes. The applicability of our approach is demonstrated by two prototypical implementations, as well as a detailed security analysis. We also show that the imposed overhead due to the implemented security measures is negligible for most configuration updates.

Inter-device Sensor-Fusion for Action Authorization on Industrial Mobile Robots

Usage of mobile robots in industry increased significantly in recent years. However, mobile robots introduce additional safety issues for human workforce and pose a higher risk of failures in production due to possible abnormal robot behavior. Such abnormal behavior could, among other things, be caused by security weaknesses that entail attacks. These problems lead to a need for action authorization mechanisms to protect humans and mitigate possible costly failures. In this paper, we propose an authorization mechanism for critical actuator actions on industrial mobile robots. The mechanism relies on security principles that prevent adversaries from unauthorized action execution. To the best knowledge of the authors, no similar concept for secured action authorization for industrial mobile robots is currently known in research. Our evaluation shows more than 80% of additional safety hazard causes introduced by the lack of security can be mitigated with the proposed authorization mechanism.

Secured Offline Authentication on Industrial Mobile Robots using Biometric Data

The increased usage of mobile robots in the industrial context entails higher safety risks for employees on the production floor. To enable safety, the usage of security concepts on industrial mobile robots is essential. One step towards security is authentication that is necessary to prevent unauthorized people from manipulating an industrial mobile robot’s software or configuration. Traditional authentication schemes that utilize username and password are not feasible for industrial mobile robots as either (a) a remote connection would be necessary to check the credentials or (b) the credentials need to be checked locally on the robot. Remote connections are problematic due to connectivity problems similar to them at RoboCup Logistics League competitions. If the credentials need to be checked on the robot, the usernames and passwords of all authorized people need to be stored and maintained there. As both possibilities are not feasible for industrial mobile robots, we propose an offline authentication approach that uses biometric data to authenticate a user on a mobile robot. The approach uses expiring passwords and a smart card to authenticate authorized people on the mobile robot. The smart card is equipped with a fingerprint reader to check that only authorized people are allowed to authenticate at a mobile robot. To show that the approach is able to provide secured authentication, a threat analysis is performed.

Sneakernet on wheels: Trustworthy NFC-based robot to machine communication

Wireless communication technologies such as WiFi, ZigBee, or Bluetooth often suffer from interference due to many devices using the same, unregulated frequency spectrum. Also, wireless coverage can be insufficient in certain areas of a building. At the same time, eavesdropping a wireless communication outside a building might be easy due to the extended communication range of particular technologies. These issues affect mobile robots and especially industrial mobile robots since the production process relies on dependable and trustworthy communication. Therefore, we present an alternative communication approach that uses Near Field Communication (NFC) to transfer confidential data such as production-relevant information or configuration updates. Due to NFC lacking security mechanisms, we propose a secured communication framework that is supported by dedicated hardware-based secure elements. To show the feasibility of our approach, an Industry 4.0 inspired production process that uses our communication approach is evaluated in simulation.

Hardware-Secured Configuration and Two-Layer Attestation Architecture for Smart Sensors

The necessity to (re-)configure Internet of Things devices such as smart sensors during their entire lifecycle is becoming more important due to recent attacks targeting these devices. Allowing configuration parameters to be changed in any phase of a smart sensors lifecycle allows security updates or new key material to be applied. Also, the functionality of a smart sensor can be altered by changing its configuration. The challenges that need to be considered when enabling the configuration of arbitrary parameters are the security and usability of the configuration interface, the secured storage of confidential configuration data, and the attestation of successfully applied configuration updates. Therefore, we present an NFC-based configuration approach that relies on dedicated secured hardware to solve these challenges. In addition to a hardware extension for smart sensors, we also present a secured configuration protocol as well as a two-layer configuration attestation process to verify the correct utilization of all transmitted configuration parameters.