skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Trust and Security of Embedded Smart Devices in Advanced Logistics Systems
This paper addresses security and risk management of hardware and embedded systems across several applications. There are three companies involved in the research. First is an energy technology company that aims to leverage electric- vehicle batteries through vehicle to grid (V2G) services in order to provide energy storage for electric grids. Second is a defense contracting company that provides acquisition support for the DOD's conventional prompt global strike program (CPGS). These systems need protections in their production and supply chains, as well as throughout their system life cycles. Third is a company that deals with trust and security in advanced logistics systems generally. The rise of interconnected devices has led to growth in systems security issues such as privacy, authentication, and secure storage of data. A risk analysis via scenario-based preferences is aided by a literature review and industry experts. The analysis is divided into various sections of Criteria, Initiatives, C-I Assessment, Emergent Conditions (EC), Criteria-Scenario (C-S) relevance and EC Grouping. System success criteria, research initiatives, and risks to the system are compiled. In the C-I Assessment, a rating is assigned to signify the degree to which criteria are addressed by initiatives, including research and development, government programs, industry resources, security countermeasures, education and training, etc. To understand risks of emergent conditions, a list of Potential Scenarios is developed across innovations, environments, missions, populations and workforce behaviors, obsolescence, adversaries, etc. The C-S Relevance rates how the scenarios affect the relevance of the success criteria, including cost, schedule, security, return on investment, and cascading effects. The Emergent Condition Grouping (ECG) collates the emergent conditions with the scenarios. The generated results focus on ranking Initiatives based on their ability to negate the effects of Emergent Conditions, as well as producing a disruption score to compare a Potential Scenario's impacts to the ranking of Initiatives. The results presented in this paper are applicable to the testing and evaluation of security and risk for a variety of embedded smart devices and should be of interest to developers, owners, and operators of critical infrastructure systems.  more » « less
Award ID(s):
1916760
PAR ID:
10286334
Author(s) / Creator(s):
; ; ; ; ; ; ; ; ; ; ;
Date Published:
Journal Name:
2021 Systems and Information Engineering Design Symposium (SIEDS)
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, CESUN 2020)
    null (Ed.)
    Modern cyber-physical systems are enabled by electronic hardware and embedded systems. The security of these sub-components is a concern during the design and operational phases of cyber-physical system life cycles. Compromised electronics can result in mission-critical failures, unauthorized access, and other severe consequences. As systems become more complex and feature greater connectivity, system owners must make decisions regarding how to mitigate risks and ensure resilience and trust. This paper provides an overview of research efforts related to assessing and managing risks, resilience, and trust with an emphasis on electronic hardware and embedded systems. The research takes a decision-oriented perspective, drawing from the perspectives of scenario planning and portfolio analysis, and describes examples related to the risk-based prioritization of cyber assets in large-scale systems. 
    more » « less
  2. ; ; ; ; ; ; (, ACM)
    In recent years, electric vehicles (EVs) have emerged as a sustainable alternative to conventional automobiles. Distinguished by their environmental friendliness, superior performance, reduced noise, and low maintenance requirements, EVs offer numerous advantages over traditional vehicles. The integration of electric vehicles with cloud computing has heralded a transformative shift in the automotive industry. However, as EVs become increasingly interconnected with the internet, various devices, and infrastructure, they become susceptible to cyberattacks. These attacks pose a significant risk to the safety, privacy, and functionality of both the vehicles and the broader transportation infrastructure. In this paper, we delve into the topic of electric vehicles and their connectivity to the cloud. We scrutinize the potential attack vectors that EVs are vulnerable to and the consequential impact on vehicle operations. Moreover, we outline both general and specific strategies aimed at thwarting these cyberattacks. Additionally, we anticipate future developments aimed at enhancing EV performance and reducing security risks. 
    more » « less
  3. ; ; ; ; ; ; (, ACM)
    In recent years, computing has been moving rapidly from the centralized cloud to various edges. For instance, electric vehicles (EVs), one of the next-generation computing platforms, have grown in popularity as a sustainable alternative to conventional vehicles. Compared with traditional ones, EVs have many unique advantages, such as less environmental pollution, high energy utilization efficiency, simple structure, and convenient maintenance etc. Meanwhile, it is also currently facing lots of challenges, including short cruising range, long charging time, inadequate supporting facilities, cyber security risks, etc. Nevertheless, electric vehicles are still developing as a future industry, and the number of users keeps growing, with governments and companies around the world continuously investing in promoting EV-related supply chains. As an emerging and important computing platform, we comprehensively study electric vehicular systems and state-of-the-art EV-related technologies. Specifically, this paper outlines electric vehicles’ history, major architecture and components in hardware and software, current state-of-the-art technologies, and anticipated future developments to reduce drawbacks and difficulties. 
    more » « less
  4. ; (, Journal of Mechanical Design)
    null (Ed.)
    Abstract Concept screening is one of the gatekeepers of innovation process and thus is considered a vital component of engineering design. Yet, we know very little about how decisions are made during concept screening or the factors that inform these decisions. This is due, in part, to the fact that most prior work on concept screening in engineering design has focused on student populations or on industry professionals in an experimental setting which is not indicative of the risks and consequences professionals face in their daily work—particularly when it comes to innovative design process. Thus, the current study was developed to identify how the environmental settings (i.e., experimental versus naturalistic) and the role of the professionals in the design process (i.e., idea generators versus executives) impacts the criteria used to screen design ideas. Two studies were conducted including a workshop study with 45 design professionals from two companies in an experimental setting and a participatory ethnographic study with seven design professionals from a small electromechanical company in a naturalistic setting. The results showed stark differences in the criteria used to screen ideas between naturalistic and experimental practices and between idea generators and company executives. In addition, the results showed differences in the factors considered during concept screening between naturalistic and experimental environments. These results are used to identify opportunities for tools and methods that encourage the consideration of creative ideas in the engineering design industry and encourage appropriate risk-taking in engineering design. 
    more » « less
  5. ; ; ; ; (, Electronics)
    Cybersecurity is a concern for organizations in this era. However, strengthening the security of an organization’s internal network may not be sufficient since modern organizations depend on third parties, and these dependencies may open new attack paths to cybercriminals. Cyber Third-Party Risk Management (C-TPRM) is a relatively new concept in the business world. All vendors or partners possess a potential security vulnerability and threat. Even if an organization has the best cybersecurity practice, its data, customers, and reputation may be at risk because of a third party. Organizations seek effective and efficient methods to assess their partners’ cybersecurity risks. In addition to intrusive methods to assess an organization’s cybersecurity risks, such as penetration testing, non-intrusive methods are emerging to conduct C-TPRM more easily by synthesizing the publicly available information without requiring any involvement of the subject organization. In this study, the existing methods for C-TPRM built by different companies are presented and compared to discover the commonly used indicators and criteria for the assessments. Additionally, the results of different methods assessing the cybersecurity risks of a specific organization were compared to examine reliability and consistency. The results showed that even if there is a similarity among the results, the provided security scores do not entirely converge. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email