This work proposes a two-factor authentication method by integrating the second factor into the authentication service in system with a centralized user s database. This approach made it possible to achieve the universality of the process and reduce the authentication time. In this case, the compromise of the first factor becomes inexpedient. Simulation showed that the rest of the authentication parameters meet the requirements defined by international standards for two-factor authentication procedures.

There are three critical aspects of cyber security: authentication, safety, and secrecy. Consumers have access to a wide range of alternatives for improving the safety of passwordbased login systems. With two-factor authentication, the majority of this was done. Two-factor authentication combines singlefactor authentication processes. Two-factor authentication is becoming increasingly common and widely accepted in today’s technological age due to the growing need for privacy and security. Customized security measures are more effective and bought if they are easy to use and implement. For increased website and mobile app security, this study examines the consequences of using a three- factor authentication scheme. This post will present an app we built that might provide a good three-factor authentication approach without losing the convenience.

The computing capability of the embedded systems and bandwidth of the home network increase rapidly due to the rapid development of information and communication technologies. Many home appliances such as TVs, refrigerators, or air conditioners are now connected to the internet, then, the controlling firmware modules are automatically updatable via the network. TR-069 is a widely adopted standard for automatic appliance management and firmware update. Maintaining a TR069 network usually involves the design and deployment of the overall security and trust infrastructure, the update file repository and the update audit mechanisms. Thus, maintaining a dedicated TR-069 network is a heavy burden for the vendors of home appliances. Blockchain is an emerging technology that provides a secure and trust infrastructure based on distributed consensus. This paper reports the results of our initial attempt to design a prototype of a multitenant TR-069 platform based on the blockchain. The core idea is to reify each automatic deployment task as a smart contract instance whose transactions are recorded in the append-only distributed ledger and verified by the peers. Also, the overall design should be transparent to the original TR069 entities. We have built a prototype based on the proposed architecture to verify the feasibility in three key scenarios. The experimental results show that the proposed approach is feasible and is able to scale linearly in proportion to the number of managed devices.

Connected vehicles need to generate, store, process, and exchange a multitude of information with their environment. Much of this information is privacy-critical and thus regulated by privacy laws like the GDPR for Europe. In this paper, we analyze and rate exemplary data (flows) of the electric driving domain with regard to their criticality based on a reference architecture. We classify the corresponding ECUs based on their processed privacy-critical data and propose technical mitigation measures and technologies in form of generic privacy-enhancing building blocks according to the classification and requirements derived from the GDPR.

The integrated big data platform aims to provide one-stop development and operation capabilities for massive heterogeneous data. Various components are organically combined and managed in a unified way. At the same time, the underlying technical details are shielded from users, so as to finally achieve the purpose of convenient data development, reducing operation and maintenance costs, and standardizing management processes. This article introduces the functional modules that the platform should have one by one, covering data storage, data integration, data management and governance, data development, data processing and analysis, high availability, operation and maintenance management, and data security. Finally, the typical characteristics and development direction of the integrated big data platform are pointed out.

Practical cryptographic systems rely on a true random number generator (TRNG), which is a necessary component in any hardware Root-of-Trust (RoT). Hardware trust anchors are also integrated into larger chips, for instance as hard-IP cores in FPGAs, where the remaining FPGA fabric is freely programmable. To provide security guarantees, proper operation of the TRNG is critical. By that, adversaries are interested to tamper with the ability of TRNGs to produce unpredictable random numbers. In this paper, we show that an FPGA on-chip attack can reduce the true randomness of a TRNG integrated as a hard-IP module in the FPGA. This module is considered to be an immutable security module, compliant with NIST SP 800193 Platform Firmware Resilience Guidelines (PFR), which is a well known guideline for system resilience, and it is also certified by the Cryptographic Algorithm Validation Program (CAVP). By performing an on-chip voltage drop-based fault attack with user-programmable FPGA logic, the random numbers produced by the IP core fail NIST SP 800-22 and BSI AIS31 tests, meaning they are not truly random anymore. By that, this paper shows that new attack vectors can break even verified IP cores, since on-chip attacks are usually not considered in the threat model, which can still affect highly integrated systems.

Employing Trusted Execution Environment (TEE) technology such as ARM TrustZone to deploy sensitive security modules and credentials for secure, authenticated access is the go-to solution to address integrity and confidentiality challenges in untrusted devices. While it has been attracting attention as an effective building block for secure enterprise IT systems (e.g., BYOD), these secure operating systems are often not open-source, and thus system operators and developers have to largely depend on mobile platform vendors to deploy their applications in the secure world on TEE. Our solution, called GateKeeper, addresses the primary obstacle for system operators to adopt ARM TrustZone TEE to deploy their own, in-house security systems, by enabling the operators more control and flexibility on Trusted App (TA) installation and update procedure without mandating involvement of the mobile platform vendors at each iteration. In this paper, we first formulate an ecosystem for enabling such operator-centric TA management, and then discuss the design of GateKeeper, which is a comprehensive framework to enable operator-centric TA management on top of GlobalPlatform specification. We further present a proof-ofconcept implementation using OP-TEE open-source secure OS to demonstrate the feasibility and practical resource consumption (less than 1000 lines of code and 500 KBytes on memory).

The computing capability of the embedded systems and bandwidth of the home network increase rapidly due to the rapid development of information and communication technologies. Many home appliances such as TVs, refrigerators, or air conditioners are now connected to the internet, then, the controlling firmware modules are automatically updatable via the network. TR-069 is a widely adopted standard for automatic appliance management and firmware update. Maintaining a TR069 network usually involves the design and deployment of the overall security and trust infrastructure, the update file repository and the update audit mechanisms. Thus, maintaining a dedicated TR-069 network is a heavy burden for the vendors of home appliances. Blockchain is an emerging technology that provides a secure and trust infrastructure based on distributed consensus. This paper reports the results of our initial attempt to design a prototype of a multitenant TR-069 platform based on the blockchain. The core idea is to reify each automatic deployment task as a smart contract instance whose transactions are recorded in the append-only distributed ledger and verified by the peers. Also, the overall design should be transparent to the original TR069 entities. We have built a prototype based on the proposed architecture to verify the feasibility in three key scenarios. The experimental results show that the proposed approach is feasible and is able to scale linearly in proportion to the number of managed devices.

Internet of Things (IoT) devices are increasingly deployed nowadays in various security-sensitive contexts, e.g., inside homes or in critical infrastructures. The data they collect is of interest to attackers as it may reveal living habits, personal data, or the operational status of specific targets. This paper presents an approach to counter software manipulation attacks against running processes, data, or configuration files on an IoT device, by exploiting trusted computing techniques and remote attestation. We have used a Raspberry Pi 4 single-board computer device equipped with Infineon Trusted Platform Module (TPM) v2, acting as an attester. A verifier node continuously monitors the attester and checks its integrity through remote attestation protocol and TPM-enabled operations. We have exploited the Keylime framework from MIT Lincoln Laboratories as remote attestation software. Through tests, we show that remote attestation can be performed within short time (in order of seconds), allowing to restrict the window of exposure of such devices to attacks against the running software and/or hosted data.

In this paper, the electronic structure of selfassembled InGaN/GaN nanowire heterojunctions is investigated. By growing the "T" shaped InGaN/GaN nanowire heterojunction structure, the crystal quality of InGaN was improved, and the phase separation phenomenon of In0.5Ga0.5N nanowires was found. Firstly, it is found that the morphology of GaN self-assembled nanowires is better when the V/III ratio is 9. Then, the morphology and physical properties of InGaN/GaN nanowire heterojunctions with different in compositions were studied. It was found that with the increase of the in composition, the lateral extension of InGaN became serious and the crystal quality deteriorated. A trusted platform module with a similar mechanism but oriented to the cloud environment was proposed, which could monitor the security status of all virtual machines in the virtual group and give Validators provide a view of the trusted state of semiconductor materials.

With the development of Internet of Things (IoT) technology, the digital pill has been employed as an IoT system for emerging remote health monitoring to detect the impact of medicine intake on patients’ biological index. The medical data is then used for model training with federated learning. An adversary can launch poisoning attacks by tampering with patients’ medical data, which will lead to misdiagnosis of the patients’ conditions. Lots of studies have been conducted to defend against poisoning attacks based on blockchain or hardware. However, 1) Blockchain-based schemes can only exploit on-chain data to deal with poisoning attacks due to the lack of off-chain trusted entities. 2) Typical hardware-based schemes have the bottleneck of single point of failure. To overcome these defects, we propose a defense scheme via multiple Trusted Platform Modules (TPMs) and blockchain oracle. Benefitting from multiple TPMs verification results, a distributed blockchain oracle is proposed to obtain off-chain verification results for smart contracts. Then, the smart contracts could utilize the off-chain verification result to identify poisoning attacks and store the unique identifiers of the non-threatening IoT device immutably on the blockchain as a whitelist of federated learning participants. Finally, we analyze the security features and evaluate the performance of our scheme, which shows the robustness and efficiency of the proposed work.

Embedded smart devices are widely used in people s life, and the security problems of embedded smart devices are becoming more and more prominent. Meanwhile lots of methods based on software have been presented to boot the system safely and ensure the security of the system execution environment. However, it is easy to attack and destroy the methods based on software, which will cause that the security of the system cannot be guaranteed. Trusted Computing Group proposed the method of using Trusted Platform Module (TPM) to authenticate the credibility of the platform, which can solve the disadvantages of using methods based on software to protect the system. However, due to the limited resource and volume of embedded smart devices, it is impossible to deploy TPM on embedded smart devices to ensure the security of the system operating environment. Therefore, a novel trusted boot model for embedded smart devices without TPM is proposed in this paper, in which a device with TPM provides trusted service to realize the trusted boot of embedded smart devices without TPM through the network and ensure the credibility of the system execution environment.

This paper presents a case study about the initial phases of the interface design for an artificial intelligence-based decision-support system for clinical diagnosis. The study presents challenges and opportunities in implementing a human-centered design (HCD) approach during the early stages of the software development of a complex system. These methods are commonly adopted to ensure that the systems are designed based on users needs. For this project, they are also used to investigate the users potential trust issues and ensure the creation of a trustworthy platform. However, the project stage and heterogeneity of the teams can pose obstacles to their implementation. The results of the implementation of HCD methods have shown to be effective and informed the creation of low fidelity prototypes. The outcomes of this process can assist other designers, developers, and researchers in creating trustworthy AI solutions.

The Assessment List for Trustworthy AI (ALTAI) was developed by the High-Level Expert Group on Artificial Intelligence (AI HLEG) set up by the European Commission to help assess whether the AI system that is being developed, deployed, procured, or used, complies with the seven requirements of Trustworthy AI, as specified in the AI HLEG’s Ethics Guidelines for Trustworthy AI. This paper describes the self-evaluation process of the SHAPES pilot campaign and presents some individual case results applying the prototype of an interactive version of the Assessment List for Trustworthy AI. Finally, the available results of two individual cases are combined. The best results are obtained from the evaluation category ‘transparency’ and the worst from ‘technical robustness and safety’. Future work will be combining the missing self-assessment results and developing mitigation recommendations for AI-based risk reduction recommendations for new SHAPES services.

Recent advances in artificial intelligence, specifically machine learning, contributed positively to enhancing the autonomous systems industry, along with introducing social, technical, legal and ethical challenges to make them trustworthy. Although Trustworthy Autonomous Systems (TAS) is an established and growing research direction that has been discussed in multiple disciplines, e.g., Artificial Intelligence, Human-Computer Interaction, Law, and Psychology. The impact of TAS on education curricula and required skills for future TAS engineers has rarely been discussed in the literature. This study brings together the collective insights from a number of TAS leading experts to highlight significant challenges for curriculum design and potential TAS required skills posed by the rapid emergence of TAS. Our analysis is of interest not only to the TAS education community but also to other researchers, as it offers ways to guide future research toward operationalising TAS education.

The continuously growing importance of today’s technology paradigms such as the Internet of Things (IoT) and the new 5G/6G standard open up unique features and opportunities for smart systems and communication devices. Famous examples are edge computing and network slicing. Generational technology upgrades provide unprecedented data rates and processing power. At the same time, these new platforms must address the growing security and privacy requirements of future smart systems. This poses two main challenges concerning the digital processing hardware. First, we need to provide integrated trustworthiness covering hardware, runtime, and the operating system. Whereas integrated means that the hardware must be the basis to support secure runtime and operating system needs under very strict latency constraints. Second, applications of smart systems cover a wide range of requirements where "one- chip-fits-all" cannot be the cost and energy effective way forward. Therefore, we need to be able to provide a scalable hardware solution to cover differing needs in terms of processing resource requirements.In this paper, we discuss our research on an integrated design of a secure and scalable hardware platform including a runtime and an operating system. The architecture is built out of composable and preferably simple components that are isolated by default. This allows for the integration of third-party hardware/software without compromising the trusted computing base. The platform approach improves system security and provides a viable basis for trustworthy communication devices.

The traditional process of renting the house has several issues such as data security, immutability, less trust and high cost due to the involvement of third party, fraudulent agreement, payment delay and ambiguous contracts. To address these challenges, a blockchain with smart contracts can be an effective solution. This paper leverages the vital features of blockchain and smart contract for designing a trustworthy and secured house rental system. The proposed system involves offchain and on-chain transactions on hyperledger blockchain. Offchain transaction includes the rental contract creation between tenant and landlord based on their mutual agreement. On-chain transactions include the deposit and rent payment, digital key generation and contract dissolution, by considering the agreed terms and conditions in the contract. The functional and performance analysis of the proposed system is carried out by applying the different test cases. The proposed system fulfills the requirements of house rental process with high throughput (\textgreater92 tps) and affordable latency (\textless0.7 seconds).

With the development of networked embedded technology, the requirements of embedded systems are becoming more and more complex. This increases the difficulty of requirements analysis. Requirements patterns are a means for the comprehension and analysis of the requirements problem. In this paper, we propose seven functional requirements patterns for complex embedded systems on the basis of analyzing the characteristics of modern embedded systems. The main feature is explicitly distinguishing the controller, the system devices (controlled by the controller) and the external entities (monitored by the controller). In addition to the requirements problem description, we also provide observable system behavior description, I∼O logic and the execution mechanism for each pattern. Finally, we apply the patterns to a solar search subsystem of aerospace satellites, and all the 20 requirements can be matched against one of the patterns. This validates the usability of our patterns.

In order to assess the fire risk of the intelligent buildings, a trustworthy classification model was developed, which provides model supporting for the classification assessment of fire risk in intelligent buildings under the urban intelligent firefight construction. The model integrates Bayesian Network (BN) and software trustworthy computing theory and method, designs metric elements and attributes to assess fire risk from four dimensions of fire situation, building, environment and personnel; BN is used to calculate the risk value of fire attributes; Then, the fire risk attribute value is fused into the fire risk trustworthy value by using the trustworthy assessment model; This paper constructs a trustworthy classification model for intelligent building fire risk, and classifies the fire risk into five ranks according to the trustworthy value and attribute value. Taking the Shanghai Jing’an 11.15 fire as an example case, the result shows that the method provided in this paper can perform fire risk assessment and classification.

Fog computing moves computation from the cloud to edge devices to support IoT applications with faster response times and lower bandwidth utilization. IoT users and linked gadgets are at risk to security and privacy breaches because of the high volume of interactions that occur in IoT environments. These features make it very challenging to maintain and quickly share dynamic IoT data. In this method, cloud-fog offers dependable computing for data sharing in a constantly changing IoT system. The extended IoT cloud, which initially offers vertical and horizontal computing architectures, then combines IoT devices, edge, fog, and cloud into a layered infrastructure. The framework and supporting mechanisms are designed to handle trusted computing by utilising a vertical IoT cloud architecture to protect the IoT cloud after the issues have been taken into account. To protect data integrity and information flow for different computing models in the IoT cloud, an integrated data provenance and information management method is selected. The effectiveness of the dynamic scaling mechanism is then contrasted with that of static serving instances.

This paper first describes the security and privacy challenges for the Internet of Things IoT) systems and then discusses some of the solutions that have been proposed. It also describes aspects of Trustworthy Machine Learning (TML) and then discusses how TML may be applied to handle some of the security and privacy challenges for IoT systems.

Advances in the frontier of intelligence and system sciences have triggered the emergence of Autonomous AI (AAI) systems. AAI is cognitive intelligent systems that enable non-programmed and non-pretrained inferential intelligence for autonomous intelligence generation by machines. Basic research challenges to AAI are rooted in their transdisciplinary nature and trustworthiness among interactions of human and machine intelligence in a coherent framework. This work presents a theory and a methodology for AAI trustworthiness and its quantitative measurement in real-time context based on basic research in autonomous systems and symbiotic human-robot coordination. Experimental results have demonstrated the novelty of the methodology and effectiveness of real-time applications in hybrid intelligence systems involving humans, robots, and their interactions in distributed, adaptive, and cognitive AI systems.

The management of technical debt related to non-functional properties such as security, reliability or other trustworthiness dimensions is of paramount importance for critical systems (e.g., safety-critical, systems with strong privacy constraints etc.). Unfortunately, diverse factors such as time pressure, resource limitations, organizational aspects, lack of skills, or the fast pace at which new risks appears, can result in an inferior level of trustworthiness than the desired or required one. In addition, there is increased interest in considering trustworthiness characteristics, not in isolation, but in an aggregated fashion, as well as using this knowledge for risk quantification. In this work, we propose a trustworthiness debt measurement approach using 1) established categories and subcategories of trustworthiness characteristics from SQuaRE, 2) a weighting approach for the characteristics based on an AHP method, 3) a composed indicator based on a Fuzzy method, and 4) a risk management and analysis support based on Monte Carlo simulations. Given the preliminary nature of this work, while we propose the general approach for all trustworthiness dimensions, we elaborate more on security and reliability. This initial proposal aims providing a practical approach to manage trustworthiness debt suitable for any life cycle phase and bringing the attention to aggregation methods.

The computation of data trustworthiness during double-sided two-way-ranging with ultra-wideband signals between IoT devices is proposed. It relies on machine learning based ranging error correction, in which the certainty of the correction value is used to quantify trustworthiness. In particular, the trustworthiness score and error correction value are calculated from channel impulse response measurements, either using a modified k-nearest neighbor (KNN) or a modified random forest (RF) algorithm. The proposed scheme is easily implemented using commercial ultra-wideband transceivers and it enables real time surveillance of malicious or unintended modification of the propagation channel. The results on experimental data show an improvement of 47\% RMSE on the test set when only trustworthy measurements are considered.

Artificial intelligence (AI) technology is becoming common in daily life as it finds applications in various fields. Consequently, studies have strongly focused on the reliability of AI technology to ensure that it will be used ethically and in a nonmalicious manner. In particular, the fairness of AI technology should be ensured to avoid problems such as discrimination against a certain group (e.g., racial discrimination). This paper defines seven requirements for eliminating factors that reduce the fairness of AI systems in the implementation process. It also proposes a measure to reduce the bias and discrimination that can occur during AI system implementation to ensure the fairness of AI systems. The proposed requirements and measures are expected to enhance the fairness and ensure the reliability of AI systems and to ultimately increase the acceptability of AI technology in human society.