liu.seSearch for publications in DiVA
Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 33) Show all publications
Strömbäck, F., Mannila, L., Asplund, M. & Kamkar, M. (2019). A Student's View of Concurrency: A Study of Common Mistakes in Introductory Courses on Concurrency. In: Proceedings of the 2019 ACM Conference on International Computing Education Research: . Paper presented at International Computing Education Research, Toronto ON, Canada, August 12 - 14, 2019 (pp. 229-237). New York, NY, USA: Association for Computing Machinery (ACM)
Open this publication in new window or tab >>A Student's View of Concurrency: A Study of Common Mistakes in Introductory Courses on Concurrency
2019 (English)In: Proceedings of the 2019 ACM Conference on International Computing Education Research, New York, NY, USA: Association for Computing Machinery (ACM), 2019, p. 229-237Conference paper, Published paper (Refereed)
Abstract [en]

This paper investigates common misconceptions held by students regarding concurrency in order to better understand how concurrency education can be improved in the future. As a part of the exam in two courses on concurrency and operating systems, students were asked to identify and eliminate any concurrency issues in a piece of code as a part of their final exam. Different types of mistakes were identified and the 216 answers were sorted into categories accordingly. The results presented in this paper show that while most students were able to identify the cause of an issue given its symptoms, only approximately half manage to successfully eliminate the concurrency issues. Many of the incorrect solutions fail to associate shared data with a synchronization primitive, e.g. using one lock to protect multiple instances of a data structure, or multiple locks to protect the same instance in different situations. This suggests that students may not only have trouble dealing with concepts related to concurrency, but also more fundamental concepts related to the underlying computational model. Finally, this paper proposes possible explanations for the students' mistakes in terms of improper mental models, and suggests types of problems that highlight the issues with these mental models to improve students' understanding of the subject.

Place, publisher, year, edition, pages
New York, NY, USA: Association for Computing Machinery (ACM), 2019
Keywords
computer science education, concurrency, mental models, synchronization
National Category
Computer and Information Sciences Learning
Identifiers
urn:nbn:se:liu:diva-159683 (URN)10.1145/3291279.3339415 (DOI)978-1-4503-6185-9 (ISBN)
Conference
International Computing Education Research, Toronto ON, Canada, August 12 - 14, 2019
Available from: 2019-08-17 Created: 2019-10-23 Last updated: 2019-10-16Bibliographically approved
Grimsdal, G., Lundgren, P., Vestlund, C., Boeira, F. & Asplund, M. (2019). Can Microkernels Mitigate Microarchitectural Attacks?. In: Aslan Askarov, René Rydhof Hansen, Willard Rafnsson (Ed.), Secure IT Systems: Nordsec 2019 (pp. 238-253). Cham: Springer
Open this publication in new window or tab >>Can Microkernels Mitigate Microarchitectural Attacks?
Show others...
2019 (English)In: Secure IT Systems: Nordsec 2019 / [ed] Aslan Askarov, René Rydhof Hansen, Willard Rafnsson, Cham: Springer, 2019, p. 238-253Chapter in book (Refereed)
Abstract [en]

Microarchitectural attacks such as Meltdown and Spectre have attracted much attention recently. In this paper we study how effective these attacks are on the Genode microkernel framework using three different kernels, Okl4, Nova, and Linux. We try to answer the question whether the strict process separation provided by Genode combined with security-oriented kernels such as Okl4 and Nova can mitigate microarchitectural attacks. We evaluate the attack effectiveness by measuring the throughput of data transfer that violates the security properties of the system. Our results show that the underlying side-channel attack Flush+Reload used in both Meltdown and Spectre, is effective on all investigated platforms. We were also able to achieve high throughput using the Spectre attack, but we were not able to show any effective Meltdown attack on Okl4 or Nova.

Place, publisher, year, edition, pages
Cham: Springer, 2019
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 11875
Series
Security and Cryptology ; 11875
National Category
Computer Sciences
Identifiers
urn:nbn:se:liu:diva-162665 (URN)10.1007/978-3-030-35055-0_15 (DOI)9783030350543 (ISBN)9783030350550 (ISBN)
Available from: 2019-12-13 Created: 2019-12-13 Last updated: 2019-12-13Bibliographically approved
Asplund, M. (2019). Combining Detection and Verification for Secure Vehicular Cooperation Groups. ACM Transactions on Cyber-Physical Systems, 4(1)
Open this publication in new window or tab >>Combining Detection and Verification for Secure Vehicular Cooperation Groups
2019 (English)In: ACM Transactions on Cyber-Physical Systems, ISSN 2378-962X, Vol. 4, no 1Article in journal (Refereed) Published
Abstract [en]

Coordinated vehicles for intelligent traffic management are instances of cyber-physical systems with strict correctness requirements. A key building block for these systems is the ability to establish a group membership view that accurately captures the locations of all vehicles in a particular area of interest. In this article, we formally define view correctness in terms of soundness and completeness and establish theoretical bounds for the ability to verify view correctness. Moreover, we present an architecture for an online view detection and verification process that uses the information available locally to a vehicle. This architecture uses an SMT solver to automatically prove view correctness (if possible). We evaluate this architecture using both synthetic and trace-based scenarios and demonstrate that the ability to verify view correctness is on par with the ability to detect view violations.

Place, publisher, year, edition, pages
ACM Press, 2019
National Category
Computer Sciences
Identifiers
urn:nbn:se:liu:diva-162658 (URN)10.1145/3322129 (DOI)
Available from: 2019-12-13 Created: 2019-12-13 Last updated: 2019-12-13
Bergman, S., Asplund, M. & Nadjm-Tehrani, S. (2019). Permissioned Blockchains and Distributed Databases: A Performance Study. Concurrency and Computation
Open this publication in new window or tab >>Permissioned Blockchains and Distributed Databases: A Performance Study
2019 (English)In: Concurrency and Computation, ISSN 1532-0626, E-ISSN 1532-0634, Concurrency and Computation, Practice and ExperienceArticle in journal (Refereed) Epub ahead of print
Abstract [en]

Blockchains are increasingly studied in the context of new applications. Permissioned blockchains promise to deal with the issue of complete removal of trust, a notion that is currently the hallmark of the developed society. Before the idea is adopted in contexts where resource efficiency and fast operation is a requirement, one could legitimately ask the question: can permissioned blockchains match the performance of traditional large‐scale databases? This paper compares two popular frameworks, Hyperledger Fabric and Apache Cassandra, as representatives of permissioned blockchains and distributed databases, respectively. We compare their latency for varying workloads and network sizes. The results show that, for small systems, blockchains can start to compete with traditional databases, but also that the difference in consistency models and differences in setup can have a large impact on the resulting performance.

Place, publisher, year, edition, pages
John Wiley & Sons, 2019
Keywords
blockchains, Cassandra, databases, Fabric, latency
National Category
Engineering and Technology Computer Systems
Identifiers
urn:nbn:se:liu:diva-161756 (URN)10.1002/cpe.5227 (DOI)
Available from: 2019-11-08 Created: 2019-11-08 Last updated: 2020-03-11Bibliographically approved
Asplund, M. (2018). Automatically proving the correctness of vehicle coordination. ICT Express, 4(1), 51-54
Open this publication in new window or tab >>Automatically proving the correctness of vehicle coordination
2018 (English)In: ICT Express, ISSN 2405-9595, Vol. 4, no 1, p. 51-54Article in journal (Refereed) Published
Abstract [en]

In the next generation of road-based transportation systems, where vehicles exchange information and coordinate their actions, a major challenge will be to ensure that the interaction rules are safe and lead to progress. In this paper we address the problem of automatically verifying the correctness of such distributed vehicular coordination protocols. We propose a novel modeling approach for communicating mobile entities based on the concept of satisfiability modulo theories (SMT). We apply this method to an intersection collision avoidance protocol and show how the method can be used to investigate the settings under which such a protocol achieves safety and progress.

Place, publisher, year, edition, pages
Elsevier, 2018
National Category
Computer Sciences
Identifiers
urn:nbn:se:liu:diva-162657 (URN)10.1016/j.icte.2018.01.013 (DOI)
Available from: 2019-12-13 Created: 2019-12-13 Last updated: 2020-01-22
Asplund, M., Lövhall, J. & Nadjm-Tehrani, S. (2018). In-store payments using Bitcoin. In: 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS): . Paper presented at 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS). IEEE
Open this publication in new window or tab >>In-store payments using Bitcoin
2018 (English)In: 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), IEEE, 2018Conference paper, Published paper (Refereed)
Abstract [en]

The possibility of in-store payments would further increase the potential usefulness of cryptocurrencies. However, this would require much faster transaction verification than current solutions provide (one hour for Bitcoin) since customers are likely not prepared to wait a very long time for their purchase to be accepted by a store. We propose a solution for enabling in-store payments with waiting times in the order of a few seconds, which is still compatible with the current Bitcoin protocol. The idea is based on a payment card in combination with a protocol for ensuring that losing a card does not mean losing the money on it. We analyse the required transaction verification delay and also the potentially added risks that the solution brings compared to current systems.

Place, publisher, year, edition, pages
IEEE, 2018
Series
International Conference on New Technologies Mobility and Security, ISSN 2157-4952
National Category
Computer Sciences
Identifiers
urn:nbn:se:liu:diva-152219 (URN)10.1109/NTMS.2018.8328738 (DOI)000448864200068 ()978-1-5386-3662-6 (ISBN)978-1-5386-3663-3 (ISBN)
Conference
9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)
Note

Funding agencies: Research Centre on Resilient Information and Control Systems (RICS) - Swedish civil contingencies agency (MSB)

Available from: 2018-10-22 Created: 2018-10-22 Last updated: 2019-06-19
Lin, C.-Y., Nadjm-Tehrani, S. & Asplund, M. (2018). Timing-Based Anomaly Detection in SCADA Networks. In: Critical Information Infrastructures Security: . Paper presented at CRITIS, Lucca, Italy, 8-13 October, 2017 (pp. 48-59). Springer
Open this publication in new window or tab >>Timing-Based Anomaly Detection in SCADA Networks
2018 (English)In: Critical Information Infrastructures Security, Springer, 2018, p. 48-59Conference paper, Published paper (Refereed)
Abstract [en]

Supervisory Control and Data Acquisition (SCADA) systems that operate our critical infrastructures are subject to increased cyber attacks. Due to the use of request-response communication in polling, SCADA traffic exhibits stable and predictable communication patterns. This paper provides a timing-based anomaly detection system that uses the statistical attributes of the communication patterns. This system is validated with three datasets, one generated from real devices and two from emulated networks, and is shown to have a False Positive Rate (FPR) under 1.4%. The tests are performed in the context of three different attack scenarios, which involve valid messages so they cannot be detected by whitelisting mechanisms. The detection accuracy and timing performance are adequate for all the attack scenarios in request-response communications. With other interaction patterns (i.e. spontaneous communications), we found instead that 2 out of 3 attacks are detected.

Place, publisher, year, edition, pages
Springer, 2018
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349
Keywords
SCADA, Industrial Control System (ICS), Anomaly detection, Traffic periodicity
National Category
Computer Systems
Identifiers
urn:nbn:se:liu:diva-154394 (URN)10.1007/978-3-319-99843-5_5 (DOI)978-3-319-99842-8 (ISBN)978-3-319-99843-5 (ISBN)
Conference
CRITIS, Lucca, Italy, 8-13 October, 2017
Projects
RICS (Resilient Information and Control Systems)
Available from: 2019-02-11 Created: 2019-02-11 Last updated: 2019-02-15Bibliographically approved
Asplund, M. & Nadjm-Tehrani, S. (2016). Attitudes and Perceptions of IoT Security in Critical Societal Services. IEEE Access, 4, 2130-2138
Open this publication in new window or tab >>Attitudes and Perceptions of IoT Security in Critical Societal Services
2016 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 4, p. 2130-2138Article in journal (Refereed) Published
Abstract [en]

A quiet revolution that impacts several sectors, ranging over transport, home automation, energy, industrial control, and health services is undergoing with addition of new networked devices leading to enhanced services. In this paper, we aim to identify information security requirements that are common over several (vertical) sectors, and in particular, ones that impact critical societal services, namely, the energy, water, and health management systems. We present the results of an interview-based study where actors in these sectors were asked about their perceptions and attitudes on the security of Internet of Things (IoT). We set these perceptions and attitudes in context through a literature review of IoT security, and relate to current challenges in this area. This paper demonstrates that despite an overall optimistic view on IoT in critical societal services, there is a lack of consensus on risks related to IoT security.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2016
Keywords
Internet of Things, security, risk, critical infrastructure, health
National Category
Computer Systems
Identifiers
urn:nbn:se:liu:diva-130081 (URN)10.1109/ACCESS.2016.2560919 (DOI)000377414800010 ()
Note

Funding Agencies|Vinnova; Formas; Swedish Energy Agency under IoT Strategy Program; RICS:The Research Centre on Resilient Information and Control Systems - Swedish Civil Contingencies Agency; CENIIT Project [14.04]

Available from: 2016-07-06 Created: 2016-07-06 Last updated: 2018-08-14Bibliographically approved
Vergara Alonso, E. J. & Nadjm-Tehrani, S. (2016). Fairness and Incentive Considerations in Energy Apportionment Policies. ACM Transactions on Modeling and Performance Evaluation of Computing Systems, 2(1)
Open this publication in new window or tab >>Fairness and Incentive Considerations in Energy Apportionment Policies
2016 (English)In: ACM Transactions on Modeling and Performance Evaluation of Computing Systems, ISSN 2376-3639, Vol. 2, no 1Article in journal (Refereed) Published
Abstract [en]

The energy consumption of a system is determined by the system component usage patterns and interactions between the coexisting entities and resources. Energy accounting plays an essential role to reveal the contribution of each entity to the total consumption and for energy management. Unfortunately, energy accounting inherits the apportionment problem of accounting in general, which does not have a general single best solution. In this paper we leverage cooperative game theory commonly used in cost allocation problems to study the energy apportionment problem, i.e., the problem of prescribing the actual energy consumption of a system to the consuming entities (e.g., applications, processes or users of the system).

We identify five relevant fairness properties for energy apportionment and present a detailed categorisation and analysis of eight previously proposed energy apportionment policies from different fields in computer and communication systems. In addition, we propose two novel energy apportionment policies based on cooperative game theory which provide strong fairness notion and a rich incentive structure. Our comparative analysis in terms of the identified five fairness properties as well as information requirement and computational complexity shows that there is a trade-off between fairness and the other evaluation criteria. We provide guidelines to select an energy apportionment policy depending on the purpose of the apportionment and the characteristics of the system.

Place, publisher, year, edition, pages
ACM Digital Library, 2016
Keywords
energy apportionment, energy accounting, cooperative game theory, energy management
National Category
Computer Sciences
Identifiers
urn:nbn:se:liu:diva-138088 (URN)10.1145/2970816 (DOI)
Available from: 2017-06-08 Created: 2017-06-08 Last updated: 2018-08-14Bibliographically approved
Asplund, M. (2015). Model-based Membership Verification in Vehicular Platoons. In: Proceedings: 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops . Paper presented at The 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, Rio de Janeiro, Brazil, 22 June 2015 (pp. 125-132). IEEE Computer Society
Open this publication in new window or tab >>Model-based Membership Verification in Vehicular Platoons
2015 (English)In: Proceedings: 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops , IEEE Computer Society, 2015, p. 125-132Conference paper, Published paper (Refereed)
Abstract [en]

Cooperative vehicular systems have the potentialto significantly increase traffic efficiency and safety. However,they also raise the question of to what extent information thatis received from other vehicles can be trusted. In this paperwe present a novel approach for increasing the trustworthinessof cooperative driving through a model-based approach forverifying membership views in vehicular platoons. We define aformal model for platoon membership, cooperative awarenessclaims, and membership verification mechanisms. With the helpof a satisfiability solver, we are able to quantitatively analysethe impact of different system parameters on the verifiability ofreceived information. Our results demonstrate the importance ofcross validating received messages, as well as the surprising diffi-culty in establishing correct membership views despite powerfulverification mechanisms.

Place, publisher, year, edition, pages
IEEE Computer Society, 2015
National Category
Computer Sciences
Identifiers
urn:nbn:se:liu:diva-123682 (URN)10.1109/DSN-W.2015.21 (DOI)978-1-4673-8044-7 (ISBN)
Conference
The 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, Rio de Janeiro, Brazil, 22 June 2015
Projects
Verifiable real-time coordination for safe cooperative driving
Available from: 2016-01-08 Created: 2016-01-08 Last updated: 2018-01-10Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0003-1916-3398

Search in DiVA

Show all publications