Search for: All records

Objective Cellphone ubiquity has increased distracted pedestrian behaviour and contributed to growing pedestrian injury rates. A major barrier to large-scale implementation of prevention programmes is unavailable information on potential monetary benefits. We evaluated net economic societal benefits of StreetBit, a programme that reduces distracted pedestrian behaviour by sending warnings from intersection-installed Bluetooth beacons to distracted pedestrians’ smartphones. Methods Three data sources were used as follows: (1) fatal, severe, non-severe pedestrian injury rates from Alabama’s electronic crash reporting system; (2) expected costs per fatal, severe, non-severe pedestrian injury—including medical cost, value of statistical life, work-loss cost, quality-of-life cost—from CDC and (3) prevalence of distracted walking from extant literature. We computed and compared estimated monetary costs of distracted walking in Alabama and monetary benefits from implementing StreetBit to reduce pedestrian injuries at intersections. Results Over 2019–2021, Alabama recorded an annual average of 31 fatal, 83 severe and 115 non-severe pedestrian injuries in intersections. Expected costs/injury were US$11 million, US$339 535 and US$93 877, respectively. The estimated distracted walking prevalence is 25%–40%, and StreetBit demonstrates 19.1% (95% CI 1.6% to 36.0%) reduction. These figures demonstrate potential annual cost savings from using interventions like StreetBit statewide ranging from US$18.1 to US$29 million. Potential costs range from US$3 208 600 (beacons at every-fourth urban intersection) to US$6 359 200 (every other intersection). Conclusions Even under the most parsimonious scenario (25% distracted pedestrians; densest beacon placement), StreetBit yields US$11.8 million estimated net annual benefit to society. Existing data sources can be leveraged to predict net monetary benefits of distracted pedestrian interventions like StreetBit and facilitate large-scale intervention adoption. 

In modern healthcare, smart medical devices are used to ensure better and informed patient care. Such devices have the capability to connect to and communicate with the hospital's network or a mobile application over wi-fi or Bluetooth, allowing doctors to remotely configure them, exchange data, or update the firmware. For example, Cardiovascular Implantable Electronic Devices (CIED), more commonly known as Pacemakers, are increasingly becoming smarter, connected to the cloud or healthcare information systems, and capable of being programmed remotely. Healthcare providers can upload new configurations to such devices to change the treatment. Such configurations are often exchanged, reused, and/or modified to match the patient's specific health scenario. Such capabilities, unfortunately, come at a price. Malicious entities can provide a faulty configuration to such devices, leading to the patient's death. Any update to the state or configuration of such devices must be thoroughly vetted before applying them to the device. In case of any adverse events, we must also be able to trace the lineage and propagation of the faulty configuration to determine the cause and liability issues. In a highly distributed environment such as today's hospitals, ensuring the integrity of configurations and security policies is difficult and often requires a complex setup. As configurations propagate, traditional access control and authentication of the healthcare provider applying the configuration is not enough to prevent installation of malicious configurations. In this paper, we argue that a provenance-based approach can provide an effective solution towards hardening the security of such medical devices. In this approach, devices would maintain a verifiable provenance chain that would allow assessing not just the current state, but also the past history of the configuration of the device. Also, any configuration update would be accompanied by its own secure provenance chain, allowing verification of the origin and lineage of the configuration. The ability to protect and verify the provenance of devices and configurations would lead to better patient care, prevent malfunction of the device due to malicious configurations, and allow after-the-fact investigation of device configuration issues. In this paper, we advocate the benefits of such an approach and sketch the requirements, implementation challenges, and deployment strategies for such a provenance-based system. 

Autonomous vehicles (AVs) are envisioned to enhance safety and efficiency on the road, increase productivity, and positively impact the urban transportation system. Due to recent developments in autonomous driving (AD) technology, AVs have started moving on the road. However, this promising technology has many unique security challenges that have the potential to cause traffic accidents. Though some researchers have exploited and addressed specific security issues in AD, there is a lack of a systematic approach to designing security solutions using a comprehensive threat model. A threat model analyzes and identifies potential threats and vulnerabilities. It also identifies the attacker model and proposes mitigation strategies based on known security solutions. As an emerging cyber-physical system, the AD system requires a well-designed threat model to understand the security threats and design solutions. This paper explores security issues in the AD system and analyzes the threat model using the STRIDE threat modeling process. We posit that our threat model-based analysis will help improve AVs' security and guide researchers toward developing secure AVs. 

Connected autonomous vehicles (CAVs) have fostered the development of intelligent transportation systems that support critical safety information sharing with minimum latency and making driving decisions autonomously. However, the CAV environment is vulnerable to different external and internal attacks. Authorized but malicious entities which provide wrong information impose challenges in preventing internal attacks. An essential requirement for thwarting internal attacks is to identify the trustworthiness of the vehicles. This paper exploits interaction provenance to propose a trust management framework for CAVs that considers both in-vehicle and vehicular network security incidents, supports flexible security policies and ensures privacy. The framework contains an interaction provenance recording and trust management protocol that extracts events from interaction provenance and calculates trustworthiness using fuzzy policies based on the events. Simulation results show that the framework is effective and can be integrated with the CAV stack with minimal computation and communication overhead. 

Connected vehicles (CVs) have facilitated the development of intelligent transportation system that supports critical safety information sharing with minimum latency. However, CVs are vulnerable to different external and internal attacks. Though cryptographic techniques can mitigate external attacks, preventing internal attacks imposes challenges due to authorized but malicious entities. Thwarting internal attacks require identifying the trustworthiness of the participating vehicles. This paper proposes a trust management framework for CVs using interaction provenance that ensures privacy, considers both in-vehicle and vehicular network security incidents, and supports flexible security policies. For this purpose, we present an interaction provenance recording and trust management protocol. Different events are extracted from interaction provenance, and trustworthiness is calculated using fuzzy policies based on the events.