Chief Research Scientist

Habtamu Abie

Show description information Hide description information

Dr. Habtamu Abie is currently chief research scientist at the Norwegian Computing Centre. Previously senior engineer and research scientist at Telenor Research and Development (1997-1999), scientific associate and fellow at CERN (European Organization for Nuclear Research), Geneva, Switzerland (1989-1993). Researcher at ABB Corporate Research, software development engineer at Nera-AS, Billingstad, Norway, and Alcatel Telecom Norway AS, Oslo, Norway (1994-1997). Received Engineering Diploma in Electrical Data Processing from Gjøvik Engineering College, and B.Sc., M.Sc. and Ph.D. degrees in Computer Science from the University of Oslo. Member of EURASC (European Academy of Sciences). IEEE Senior Member. Fellow of AAIA.

Other CVs

Google Scholar
ORCID
ACM Author Profile
ResearcherID

Research Interests

  • Adaptive and Evolving Security, Cyber Security, 5G-IoT, machine learning
  • AI for security, Cognitive IoT security, Game theory, evolving algorithms
  • Security for distributed systems, distributed object computing
  • Digital Rights Management, Privacy, Trust, Policy and Risk Management
  • Context-awareness, Mobile ad-hoc network, ubiquitous and ambient intelligent computing

Education

  • 1988 – Cand. Scient, Digital Technique, University of Oslo
  • 2005 – Dr. Scient, Informatics, University of Oslo

Work experience

  • 2016- Chief Research Scientist, Norwegian Computing Center, Norway
  • 2000-2016 Senior Research Scientist, Norwegian Computing Center, Norway
  • 1998-1999 Research Scientist, Telenor R&D, Security Group, Oslo, Norway
  • 1997-1998 Senior Engineer, Telenor R&D, Oslo, Norway
  • 1996-1997 Software Development Engineer, Alcatel Telecom Norway A/S
  • 1994-1996 Researcher, ABB Corporate Research and NERA AS Division Satcom, Norway
  • 1991-1993 Scientific Fellow, CERN PS/PO /CO, Geneva, Switzerland
  • 1989-1990 Scientific Associate, CERN/DELPHI, Geneva, Switzerland, FYS/UIO

Scientific Activities

  • 22+ journal articles
  • 4 books
  • 80 book chapters and scientific presentation at international conferences
  • Supervision of PhD students: 4 candidates

Chaired and Co-chaired

  • Cloud Security forum at IEEE ICC 2012 Industry Forums, Ottawa, Canada
  • EAI BodyNets-SeTTIT 2012 Workshop, Oslo Norway
  • ACM UbiComp-ASPI 2013 Workshop, Zurich, Switzerland
  • IEEE WiMob 2016 UCSA Symposium, New York, USA
  • MeSSa 2014, Vienna, Austria, MeSSa 2016, Copenhagen, Denmark, MeSSa 2017, Canterbury, United Kingdom, MeSSa 2018, Madrid, Spain, DeMeSSA 2019, Paris, France
  • Special Session on Cyber Security in Healthcare at IEEE ISMICT 2019, Oslo Norway
  • FINSEC 2019 in conjunction with ESORICS 2019, Luxembourg, CPS4CIP 2020 in conjunction with ESORICS 2020, Guildford, UK, CPS4CIP 20201 in conjunction with ESORICS 2021, Darmstadt, Germany on October 04–08, 2021
  • First ECSCI (European Cluster for Securing Critical Infrastructure) Workshop on Critical Infrastructure Protection, Virtual on Google Meet conference room, 24-25 June 2020
  • 1st Workshop on Cybersecurity in Healthcare 4.0 (SecHealth 2021) in conjunction with the Int. Conference on Availability, Reliability and Security (ARES 2021)

Projects

  • Digital security and privacy

Testbed for Critical In­fra­struc­ture Protection

The image shows a closeup of a person sat at a laptop. The only part of the person visible are their hands which appear to be typing.
  • Information and communication technology
  • Digital security and privacy

A framework for decentralised identity and consent management

The image shows a man in a white shirt holding an Apple iPhone. Image: Unsplash
  • Information and communication technology
  • Digital security and privacy

Developing a national framework for data management and AI in remote care

  • Digital security and privacy

Adaptive health data in blockchain technology

Lighthouse on a cliff at dusk, with its light shining across the sea toward the horizon.
  • Digital security and privacy
  • Earth observation
  • Explainable Artificial Intelligence

Trustworthy and sustainable AI (ENFIELD)

Publications

  • 293 publications found
Chockalingam, Sabarathinam; Pirbhulal, Sandeep og Abie, Habtamu. (2026).
Improving Security and Privacy of Cognitive Digital Twins Through Dynamic Consent for Healthcare and Resilient Societies.
Lecture Notes in Computer Science (LNCS). ISSN 0302-9743 1611-3349. Vol. 16337. S. 293-305.
Vis sammendrag
Cognitive Digital Twins (CDTs) are virtual models of physical systems that integrate cognitive functions with real-time Internet of Things (IoT) data to support simulation, decision-making, and cyber resilience. In domains such as healthcare and smart cities, CDTs enable advanced capabilities but also introduce significant privacy and security risks, especially due to continuous, real-time data exchange and automated decision-making. This paper presents DC-TWIN, a dynamic consent-enabled CDT framework that addresses the limitations of static, one-time consent models in real-time, data-intensive environments. DC-TWIN introduces a multi-layered architecture consisting of: (i) a multi-layered architectural stack, including user control, policy management, dynamic trust, and data governance layers, that supports compliance monitoring, risk-aware user interfaces, consent history tracking, federated identity and role binding, and adaptive trust modeling, and (ii) a dynamic consent reasoning engine that uses contextual signals (e.g., user role, device status, network activity) and human factors (e.g., cognitive load, trust calibration, fatigue) to assess data access requests in real time, issuing granular decisions (grant, deny, prompt) or escalating for clarification. We highlight key use cases in healthcare, welfare technologies, and smart cities. The framework empowers users with real-time, contextual control over how their data is accessed, shared, and reused through adaptive interfaces and personalized consent mechanisms. By integrating dynamic consent reasoning, trust calibration, and continuous feedback loops, DC-TWIN supports transparent, compliant, and user-aligned data governance. It contributes to the secure and ethical deployment of CDTs by reinforcing user autonomy, enhancing risk communication, and enabling responsive consent management in critical domains such as healthcare.
Selstad, Knut; Pirbhulal, Sandeep; Abie, Habtamu; Lehkonen, Riku og Ari, Ismail. (2026).
SecureIoT: Robust AI-Driven Cyber Threat Detection for IoT Applications.
Lecture Notes in Computer Science (LNCS). ISSN 0302-9743 1611-3349. Vol. 16233. S. 202-222.
Vis sammendrag
The cyberattack surface in critical sectors is expanding due to the rapid proliferation of Internet of Things (IoT) devices. Artificial Intelligence (AI) models, such as Deep Neural Networks (DNNs) and Convolutional Neural Networks (CNNs), offer promising capabilities for detecting and classifying cyber threats. However, these models often struggle to generalize to previously unseen attacks after deployment. This study investigates how well different AI techniques can generalize to such novel threats in the presence of class imbalance. We evaluate three data balancing strategies: Generative Adversarial Networks (GAN), Synthetic Minority Over-sampling Technique (SMOTE), and class weighting. Experimental results indicate that DNNs outperform CNNs when provided with identical input data. While each balancing method has distinct advantages and trade-offs, the highest multiclass accuracy of 81.16 % was achieved by a DNN using GAN-augmented data for the previously seen attack types. The best performance on unseen attacks was achieved by a DNN trained with SMOTE, yielding a multiclass accuracy of 51 % among eight classes. The binary classification (benign vs. malicious) results were satisfactory, with DNN using GAN-augmented data achieving an accuracy of 99.20 %. These findings highlight the importance of not only separating data into training and test splits, but also incorporating a “seen vs. unseen” evaluation strategy.
Abie, Habtamu. (2026).
SFI NORCICS Norwegian Ecosystem for Secure IT-OT Integration (NESIOT) at the ResCri Kickoff Meeting. Norsk Regnesentral
Kick-off Meeting of INTPART Project Strengthening Resilience in Critical Sectors through IT-OT Integration and Human-Organizational Aspects Project (ResCri). 22. januar 2026. Norsk Regnesentral (Gaustadalléen 23A. 0373 Oslo) + Online.
Abie, Habtamu. (2026).
NESIOT - Norwegian Ecosystem for Secure IT-OT Integration at ResCri Webinar. IFE
ResCri Webinar on Resilient Digital Transformation in India–Norway Critical Sectors. 9. februar 2026. Webinar.
Abie, Habtamu og Pirbhulal, Sandeep. (2026).
Paneldebatt.
10. februar 2026.
Rocha-Gomes, João; Pirbhulal, Sandeep og Abie, Habtamu. (2025).
Adaptive digital twin analysis in healthcare: An opportunity for prescription digital therapeutics.
4. desember 2025. S. 12-12.
Vis sammendrag
Health systems in Norway and across Europe are under increasing strain from chronic conditions, long waiting times, and limited clinical capacity. At the same time, evidence-based digital therapeutics (DTx) are emerging as regulated tools to prevent, manage, and treat disease through clinically validated software interventions. Scandinavia has played a pioneering role in evaluating internet-delivered cognitive behavioural therapy for conditions such as insomnia and perinatal depression, demonstrating that well-designed, integrated digital solutions can complement existing healthcare services. However, despite promising trial evidence, large-scale adoption of DTx remains inconsistent due to regulatory, reimbursement, organisational, and cultural barriers. In parallel, simulation-based methods such as discrete-event modelling and digital twins are increasingly applied to optimise healthcare delivery and test alternative service configurations. Building on these developments, this project proposes the creation of an adaptive digital twin of a chronic care pathway to analyse how different deployment strategies for prescription digital therapeutics could impact system access, resilience, and resource utilisation.
Abie, Habtamu. (2025).
The EU-CIP Knowledge Hub for Securing Critical Infrastructures. ECSO North European Cyber Days
Day 3 Program: North European Brokerage Day. 5. november 2025. Oslo Science Park.
Abie, Habtamu. (2025).
European Cluster for Securing Critical Infrastructures (ECSCI). ECSCO The North European Cyber Days
Day 3 Program: North European Brokerage Day. 5. november 2025. Oslo Science Park.
Abie, Habtamu. (2025).
Keynote presentation Chair. ECSCO The North European Cyber Days
Keynote presentation: How geopolitical changes impact cybersecurity in manufacturing Knut Håkon Tolleshaug. Director IT Architecture and Cybersecurity. TINE SA. 4. november 2025. Oslo Science Park.
Abie, Habtamu. (2025).
Panel discussion: Secure IT-OT Integration for Critical Infrastructure Protection and Resilience.
4. november 2025.
Abie, Habtamu. (2025).
Investing in Secure and Sovereign AI: Geopolitics and Cybersecurity in Healthcare and Critical Sectors.
22. oktober 2025.
Vis sammendrag
In today’s rapidly evolving geopolitical climate, cybersecurity and digital sovereignty are more critical than ever for Europe’s resilience—and for investments in AI, healthcare and other critical sectors.
Abie, Habtamu. (2025).
European Cluster for Securing Critical Infrastructures (ECSCI) – The Critical Infrastructure Protection & Resilience Europe (CIPRE) interview.
16. september 2025.
Pirbhulal, Sandeep; Muzammal, Muhammad og Abie, Habtamu. (2025).
Enabling Secure Edge Intelligence: TinyML-Based Threat Detection in 5G and Future Networks.
IEEE wireless communications. 24. desember 2025. ISSN 1536-1284 1558-0687. S. 1-8.
Vis sammendrag
The evolution of 5G networks toward 6G presents an opportunity to shift from centralized security to decentralized, intelligent, and autonomous security. While 5G introduces decentralization through software-based virtualization and edge computing, it also exposes network infrastructure to a new and dynamic threat landscape that still relies largely on static, centrally deployed threat detection. This work proposes a lightweight anomaly detection framework based on Tiny Machine Learning (TinyML), specifically designed to address the latency, memory, and energy constraints of 5G edge devices. Using promising model compression techniques, including integer quantization and pruning, we demonstrate that highly optimized models can run entirely on-device without relying on cloud infrastructure. Our experiments using a real-world 5G dataset demonstrate that the quantized TinyDenseNet achieves over 99% detection accuracy while keeping the model size below 30 KB and inference latency under 11 ms. By embedding intelligent detection at the network edge, this approach presents self-defending, ultra-reliable, and context-aware infrastructures for future 6G networks. The proposed approach focuses on next-generation networks, in which decentralized, low-power, and privacy-preserving security mechanisms will be essential.
Abie, Habtamu. (2025).
ESORICS 2025 International Workshops: AutonomousCyber 2025, CPS4CIP 2025, DisA 2025, HS3 2025, MIST 2025, Toulouse, France, September 25–26, 2025, Revised Selected Papers, Part III.
Springer Nature. 1. ISBN 9783032161659.
Vis sammendrag
The ESORICS 2025 Workshops proceedings deal with up to date research and practical applications in computer security.
Chockalingam, Sabarathinam; Pirbhulal, Sandeep; Misra, Sanjay; Kvalvik, Petter og Abie, Habtamu. (2025).
FedTrust: Modelling Adaptive Trust-Risk for IoT-Enabled Federated Decentralized Systems.
IEEE Vehicular Technology Conference (VTC). 17. juni 2025. ISSN 1090-3038 2577-2465. Vol. 101. S. 1-6.
Vis sammendrag
Federated decentralized IoT systems are reshaping how data is exchanged and processed across domains such as smart cities and healthcare, yet ensuring trust in such dynamic, distributed environments remains a significant challenge. This paper introduces FedTrust, a layered framework that integrates decentralized communication, federated data services, and a self-adaptive trust-risk model to assess the trustworthiness of IoT devices in real time. By extending an established analytical trust model, we refine existing constructs and introduce new dimensions such as context awareness and behavioral monitoring to account for the operational variability of edge devices. Our proposed model computes risk and trust scores using weighted metrics, driving automated decisions and mitigation actions via a closed feedback loop. FedTrust provides a scalable and resilient approach for securing federated IoT ecosystems through continuous, data-driven trust calibration.
Ari, Ismail; Altunel, Nurkan Fatih; Ozgirgin, Tugce; Alisan, Ezgi Nur; Eryilmaz, Emir; Dalgan, Yarkin; Akturk, Ismail; Pirbhulal, Sandeep og Abie, Habtamu. (2025).
Providing Edge to Cloud Continuum With Adaptive Model Selection and Operational Score.
IEEE Vehicular Technology Conference (VTC). 17. juni 2025. ISSN 1090-3038 2577-2465. Vol. 101. S. 1-7.
Vis sammendrag
Advancements in Deep Neural Network (DNN) models and hardware accelerators have made edge intelligence a practical alternative to cloud-based intelligence. However, application-specific requirements, such as accuracy, latency, security, and privacy, as well as workload fluctuations, necessitate dynamic allocation of edge and cloud resources. To facilitate such dynamic allocation, we propose an adaptive model selection and switching framework that leverages operational performance scores. We evaluate the approach using various object classification models, demonstrating its ability to balance accuracy and inference time while ensuring scalability and efficient resource utilization.
Pirbhulal, Sandeep; Abie, Habtamu og Muzammal, Muhammad. (2025).
AD-5GIoT: AI-based Anomaly Detection System for 5G-IoT Networks.
IEEE International Conference on Communications. ISSN 1550-3607 1938-1883. S. 3057-3062.
Vis sammendrag
In the context of a 5G-IoT communication environment, devices and users interact through the Internet, exposing them to numerous anomalies arising from diverse cybersecurity challenges including DDoS attacks, malware, and man-in-the-middle attacks. Consequently, it is essential to develop robust anomaly detection (AD) solutions specifically designed for 5G-IoT applications to safeguard them against these cyber threats. In this study, we propose an AI-based AD system that utilizes real-time traffic data for 5G-IoT networks, designed specifically for critical sectors such as healthcare, smart grid, industry 4.0, etc. The proposed AD system comprises three synchronized components aimed at enhancing the cybersecurity of 5G-enabled systems. These components include the 5G-IoT communication infrastructure, an AI-enabled AD engine, and an anomaly dashboard. To evaluate the performance of the proposed system, we conducted experiments using two AI models: Graph Neural Network (GNN) and Convolutional Neural Network (CNN). These experiments were performed on real-time 5G data, which included both benign and malicious traffic, generated over a 5G wireless network. The 5G-IoT anomaly detection system was evaluated using feature subsets, for k = 10 and k = 25. The results showed that with k = 10 and using the GNN learning model, the overall accuracy achieved was 99.19%. For the benign case, the precision was 98.86%, while for the malicious case, the precision was even higher at 99.71%. From our analysis, it can be concluded that the proposed system using GNN demonstrates promising results for binary classification in real-time 5G-IoT anomaly detection.
Abie, Habtamu og Pirbhulal, Sandeep. (2025).
CybAlliance WP2 Annual Mobility Report 2025.
Norsk Regnesentral. 10 S.
Vis sammendrag
CybAlliance is dedicated to fostering excellence in both research and education within the realms of cybersecurity and privacy in the healthcare sectors of Norway, the USA, France, and Germany. To fulfill this mission, a key objective is to facilitate the national and international mobility of students, researchers, and staff members. This objective is executed under Work Package 2 (WP2), titled "Research Cooperation," specifically Task 2.1, "Mobility." The aim of Task 2.1 is to organize 24 mobility placements for students, researchers, and staff at partner institutions. This report details the outcomes of Deliverable 2.1, the "Annual Mobility Report," for the activities carried out in the year 2025. It encompasses the planning, execution, and outcomes of the mobility stays, analyzing their impact on enhancing collaborative research and educational endeavors among the partner institutions.
Abie, Habtamu og Pirbhulal, Sandeep. (2025).
CybAlliance WP2 Annual National and International Workshops Report 2025.
Norsk Regnesentral. 12 S.
Vis sammendrag
The primary objective of CybAlliance is to establish a long-term strategic alliance to enhance research and education in cybersecurity and privacy within the healthcare sector. To achieve this, one of the key objectives is to organize workshops, webinars, and open seminars, facilitating discussions among national and international collaborators about the strengths and opportunities within this domain. This objective is pursued under WP2 ("Research Cooperation"), specifically Task 2.2 ("Organize the Annual Workshop/Webinar"), which aims to hold annual workshops and webinars. These events bring together like-minded researchers and stakeholders from various regions to discuss domain-specific strengths and opportunities. Additionally, the creation of various blogs and social media articles aims to broaden awareness of potential developments to a larger audience. This task not only provides networking opportunities and a platform for disseminating results in education, research, and innovation but also contributes to developing INTPART synergies and collaborations in healthcare projects. This report details the outcomes of D2.2 ("Organize the Annual National Workshop") carried out in 2025.
Abie, Habtamu og Pirbhulal, Sandeep. (2025).
CybAlliance WP2 Annual Open Seminar Report 2025.
Norsk Regnesentral. 8 S.
Vis sammendrag
CybAlliance is dedicated to enhancing healthcare security and privacy competencies by fostering international collaboration in research, innovation, and education. A key objective to support this goal is the organization of workshops, webinars, and open seminars, enabling both national and international collaborators to convene and explore the strengths and opportunities within the domain. This objective is encapsulated within WP2 ("Research Cooperation"), specifically under Task 2.3 ("Open Seminar"), which seeks to provide a platform for discussing the outcomes of the project with interested industry and academic personnel who are not part of the consortium. Through this task, the project offers networking opportunities and a platform for disseminating results related to educational, research, and innovative activities, by organizing both national and international academic and industrial open seminars. This report details the outcomes of D2.3 ("Organize Open Seminar") accomplished in 2025, highlighting the achievements and impact of this task.
Xu, Shouhuai; Pirbhulal, Sandeep og Abie, Habtamu. (2025).
An Architecture of Adaptive Cognitive Digital Twins for Resilient Healthcare Infrastructures and Services.
Communications in Computer and Information Science (CCIS). ISSN 1865-0929 1865-0937. Vol. 2404. S. 3-22.
Vis sammendrag
Modern healthcare infrastructures and services are dependent on advanced data analytics, sensing and communication technologies that include 5G/6G networks, Artificial intelligence (AI), Internet of Medical Things (IoMT), Information Technology (IT), and Operational Technology (OT). This integration incurs a large vulnerability surface and cyber attackers can exploit those vulnerabilities to wage successful attacks against modern healthcare infrastructures and services. Therefore, identifying potential vulnerabilities in healthcare infrastructures and services and securing end-to-end monitoring of sensitive healthcare infrastructures and services are crucial for achieving resilient healthcare infrastructures and services. In this paper, we propose an architecture designed to enhance the resilience of healthcare infrastructures and services. This architecture is centered around the concept of Adaptive Cognitive Digital Twins (ACDTs), which are capable of orchestrating adaptive defenses to proactively respond to anticipated cyber attacks. Our architecture has seven layers. We detail the functions at each layer of the architecture to guide the design and development of mechanisms that can be employed at each layer.
Abie, Habtamu; Gkioulos, Vasileios; Katsikas, Sokratis og Pirbhulal, Sandeep. (2025).
Preface - Secure and Resilient Digital Transformation of Healthcare.
S. 1-3.
Vis sammendrag
SUNRISE2024isaforumforresearchersandpractitionersworkingonthesecureandresilientdigitaltransformationofhealthcare.Digitaltransformationinhealthcareencom-passestheuseofadvancedtechnologiestoenhancepatientcareandaddresstheevolvingdemandsofcaredelivery,particularlythetransitiontohome-basedcarefromhospitalsettings.Whilecenteringonpatientneeds,italsoentailsindispensableadjustmentsandadvancementsofhealthcareprocesses.Whereasvariousbenefitsofthistransforma-tionarebroadlyacknowledged,theincreasedconnectivity,thehugevolumeofsensitivehealthinformation,andthelackofsufficientcybersecurityawarenessandcultureamongbothhealthcareprofessionalsandpatientsresultinincreasedcybersecurityriskandmakedigitalhealthcareattractivetocybercriminalsandpronetocybersecurityattackssuchasphishing,ransomware,distributeddenial-of-serviceattacks,andmalware.Thecon-nectionofmedicaldevicestotheInternet,hospitalnetworks,andotherdevicesextendsthepotentialforattacks,therebyraisingconcernsforpatientsafety.TheCOVID-19pandemicbroughtattentiontotheinterconnectednatureofcybersecurityandprivacyrisksinhealthcare.Theneedtoenhancecybersecurityandresilienceinhealthcareanditssupplychainhasbeenheightened,requiringthedevelopmentofnewsolutions.Toaddressthesechallenges,theworkshopaimedtobringtogethersecurityresearchersandpractitioners,healthcareprofessionalsandmanagersofhealthcaretorethinksecuredigitalizationandresilienceofhealthcare.
Chockalingam, Sabarathinam; Pirbhulal, Sandeep; Misra, Sanjay; Kvalvik, Petter og Abie, Habtamu. (2025).
FedTrust: Modelling Adaptive Trust-Risk for IoT-enabled Federated Decentralized Systems. IEEE
2025 IEEE 101st Vehicular Technology Conference (VTC2025-Spring). 17–20. juni 2025. Oslo. Norway.
Vis sammendrag
The lecture is based on the article https://hdl.handle.net/11250/5326972
Abie, Habtamu og Pirbhulal, Sandeep. (2025).
Workshop on Securing Smart Future: AI-Based Anomaly Detection in IT-OT. Habtamu Abie and Sandeep Pirbhulal
Kongsberg Agenda,. 19. juni 2025. Kongsberg. Kafé Tråkka 1.etg - Kirkens Bymisjon.
Ari, Ismail; Pirbhulal, Sandeep og Abie, Habtamu. (2025).
Providing Edge to Cloud Continuum with Adaptive Model Selection and Operational Score. IEEE
2025 IEEE 101st Vehicular Technology Conference: VTC2025-Spring. 17–20. juni 2025. Oslo. Norway.
Vis sammendrag
Advancements in Deep Neural Network (DNN) models and hardware accelerators have made edge intelligence a practical alternative to cloud-based intelligence. However, application specific requirements, such as accuracy, latency, security, and privacy, as well as workload fluctuations, necessitate dynamic allocation of edge and cloud resources. To facilitate such dynamic allocation, we propose an adaptive model selection and switching framework that leverages operational performance scores. We evaluate the approach using various object classification models, demonstrating its ability to balance accuracy and inference time while ensuring scalability and efficient resource utilization.
Chockalingam, Sabarathinam; Pirbhulal, Sandeep; Kaliyar, Pallavi og Abie, Habtamu. (2025).
Dynamic Safety and Security Risk Assessment in Healthcare and Critical Infrastructures.
Communications in Computer and Information Science (CCIS). ISSN 1865-0929 1865-0937. Vol. 2404. S. 23-42.
Vis sammendrag
Critical Infrastructures, such as healthcare, are essential for maintaining societal well-being and bolstering the nation's economy. The growing integration of Cyber Physical Systems (CPSs), such as social robots, into these infrastructures has made them more susceptible to both random faults and cyber-attacks. Traditional risk assessment frameworks typically address either safety or security risks, but often lack the capability to dynamically assess and mitigate both in an integrated manner. In our previous work, we developed a Bayesian Network (BN) framework that helps in developing BN models for distinguishing random faults and attacks, primarily for diagnostic purposes. However, this framework did not include proactive security measures. In this study, we enhance the BN framework to facilitate the development of models that incorporate proactive security measures by considering mitigating factors. In addition, we introduce extended Component Fault Trees (CFTs) for knowledge elicitation, leveraging their formal structure and practitioners’ familiarity with Fault Tree analysis. We propose a translation scheme from extended CFTs to BNs to further refine the framework. The effectiveness of this framework is demonstrated through two use cases: remote patient monitoring in healthcare, and the deployment of social robots in smart cities. This study presents a holistic framework for dynamic safety and security risk assessment in critical environments, featuring a closed feedback loop between information sources and the risk evaluation and treatment stages to ensure continuous monitoring, analysis, and adaptation to evolving risks.
Abie, Habtamu; Gkioulos, Vasileios; Katsikas, Sokratis og Pirbhulal, Sandeep. (2025).
Secure and Resilient Digital Transformation of Healthcare: Second International Workshop, SUNRISE 2024, Bergen, Norway, November 25, 2024, Proceedings.
Springer. 2404;SUNRISE 2024. ISBN 9783031855580. 129 S.
Pirbhulal, Sandeep; Abie, Habtamu og Muzammal, Muhammad. (2025).
AD-5GIoT: AI-based Anomaly Detection System for 5G-IoT Networks. IEEE
ICC 2025 - IEEE International Conference on Communications. 10. juni 2025. Montreal.
Pirbhulal, Sandeep; Abie, Habtamu; Jullum, Martin; Nielsen, Didrik og Løland, Anders. (2025).
AI/ML for 5G and Beyond Cybersecurity.
arXiv.org. 23. mai 2025. ISSN 2331-8422.
Vis sammendrag
The advancements in communication technology (5G and beyond) and global connectivity Internet of Things (IoT) also come with new security problems that will need to be addressed in the next few years. The threats and vulnerabilities introduced by AI/ML based 5G and beyond IoT systems need to be investigated to avoid the amplification of attack vectors on AI/ML. AI/ML techniques are playing a vital role in numerous applications of cybersecurity. Despite the ongoing success, there are significant challenges in ensuring the trustworthiness of AI/ML systems. However, further research is needed to define what is considered an AI/ML threat and how it differs from threats to traditional systems, as currently there is no common understanding of what constitutes an attack on AI/ML based systems, nor how it might be created, hosted and propagated [ETSI, 2020]. Therefore, there is a need for studying the AI/ML approach to ensure safe and secure development, deployment, and operation of AI/ML based 5G and beyond IoT systems. For 5G and beyond, it is essential to continuously monitor and analyze any changing environment in real-time to identify and reduce intentional and unintentional risks. In this study, we will review the role of the AI/ML technique for 5G and beyond security. Furthermore, we will provide our perspective for predicting and mitigating 5G and beyond security using AI/ML techniques
Abie, Habtamu og Pirbhulal, Sandeep. (2025).
Webinar on Adaptive AI for Pioneering Secure Healthcare Innovation. NR
ENFIELD Project. 18. mars 2025. Online.
Vis sammendrag
A compelling webinar that delves deep into the transformative impact of Adaptive AI on the healthcare industry. Discover how this cutting-edge technology is not only reshaping patient care, diagnostics, and treatment plans but also revolutionizing administrative processes by enhancing accuracy and improving outcomes. Learn about the real-time adaptive learning capabilities of AI and its role in personalizing medicine, optimizing operational efficiency, enhancing security, and setting new standards in healthcare excellence. This session is a part of the ENFIELD project, a pioneering initiative to establish a European Center of Excellence for AI, focusing on its application in healthcare, one of the key verticals of the project. Understand how Adaptive AI, as one of the core pillars of ENFIELD, ensures trustworthiness, sustainability, and enhanced security while driving advancements in healthcare. Ideal for healthcare professionals, AI researchers, policymakers, and tech enthusiasts, this webinar offers a unique opportunity to gain insights into the future of healthcare, shaped by ethical, sustainable, and highly effective AI solutions. Don’t miss the chance to see how Adaptive AI is pioneering secure healthcare innovation, promising transformative potential for Europe and beyond.
Haukaas, Christian; Ahle, Ulrich; Abie, Habtamu og Kvalvik, Petter. (2024).
Panel discussion and Q&A: How to build trustworthy digital infrastructure in critical sectors: challenges and opportunities in Norway and Europe. Klosser Innovasjon AS, VentureNet, IFE, Smart Innovation
Nordic Digital Innovation Ecosystem: Theme development of critical digital infrastructure in Norway. 6. juni 2024. Hamar Kulturhuset. Hamar.
Abie, Habtamu. (2024).
Enablers of digital trust, security and safety in critical sectors. Klosser Innovasjon AS
Nordic Digital Innovation Ecosystem: Theme development of critical digital infrastructure in Norway. 6. juni 2024. Hamar Kulturhuset. Hamar.
Abie, Habtamu og Pirbhulal, Sandeep. (2024).
Autonomous Adaptive Security Framework for 5G-Enabled IoT.
arXiv.org. ISSN 2331-8422.
Ari, Ismail; Balkan, Kerem; Pirbhulal, Sandeep og Abie, Habtamu. (2024).
Ensuring Security Continuum from Edge to Cloud: Adaptive Security for IoT-based Critical Infrastructures using FL at the Edge.
S. 4921-4929.
Franke, Katrin; Abie, Habtamu; Årnes, Andre og Sandvik, Jens-Petter Skjelvåg. (2024).
Forensic triage of digital evidence from the Internet of Things.
Norges teknisk-naturvitenskapelige universitet. 2024:342. ISBN 9788232682737.
Vis sammendrag
The Internet of Things (IoT) has long been a popular topic that has led to numerous commercial innovations and products in a wide range of fields. As the number of deployed IoT systems worldwide rises, these systems should be considered during criminal investigations. IoT forensics, a field under the digital forensics umbrella, focuses on IoT systems that have been the witness of, the tool for, or the target of an incident. The resources required for examining all devices and data in an IoT system keep increasing; this is usually not reflected in the amount of resources devoted to criminal investigations. The need for methods and technology to optimize available investigation resources is vital if we are to maintain the ability to acquire the most relevant evidence. The purpose of forensic triage is to prioritize the forensic tasks and to prioritize the devices and storage media that are most likely to contain relevant evidence. This research project has focused on methods to optimize a forensic triage in two ways: to find the lifetime of the evidence and the location of the evidence. A model of evidence volatility has been developed, consisting of information volatility and data volatility. This dichotomy of information and data is similar to the concepts of information theory, where the information a message is conveying is encoded and transmitted as data. This study also examines data volatility as the basis of evidence volatility. A generic data volatility model has been developed to analyze the Coffee file system, a file system optimized for resource-constrained IoT devices. Fog computing systems can be found in IoT systems. They are networks of nodes where data processing is offloaded from central cloud servers to nodes closer to the network’s edges, and they blur the distinction between server, producer, consumer, and infrastructure devices. When processing nodes are closer to the edges of the system, the latency of data being transmitted, processed, and returned is kept low, and the required capacity of the network links to the central parts of the network is lower than if all data has to be sent through those links. The probability of a node’s containing data is a product of the probability that the data has been in the node and that the data still exists at the current time. The data volatility describes the latter, and to find the former, a measure that would give a higher score to a node containing data has been proposed. The proposed method is contingent on knowledge about network capacities and connection strength, and about the endpoints of the nodes producing the data and the nodes consuming the processed data, and it has been tested empirically by means of network simulations. Comparing the proposed method against several graph centrality measures yielded better results for the proposed method, especially with respect to much larger networks. The measure was also insensitive to dynamic elements in the network, network topologies, and fog system architectures. In addition, two case studies have been performed and published. The first focuses on the reliability of evidence by testing the correctness of a device’s data during power failures. The second is a forensic examination and reverse engineering of the Coffee file system that has subsequently been used for data volatility research. In summary, optimizing investigation resources is becoming more important as more devices are connected to the Internet, and more complex IoT networks emerge. This research has developed and tested some models that can help investigators perform forensic triage and save their resources to locate the most relevant data from huge and complex IoT systems. Moreover, this research has laid the foundation for further research on evidence volatility, the lifetime of evidence, an essential aspect of evidence dynamics. Finally, the main objective is to give investigators methods and tools to find the most relevant evidence from resource-constrained devices in complex IoT systems, given the limited available investigation resources.
Abie, Habtamu; Gkioulos, Vasileios; Pirbhulal, Sandeep og Katsikas, Sokratis. (2024).
Secure and Resilient Digital Transformation of Healthcare. First Workshop, SUNRISE 2023, Stavanger, Norway, November 30, 2023, Proceedings.
Springer. ISBN 9783031558283.
Katsikas, Sokratis; Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Cambiaso, Enrico; Ugarelli, Rita; Praça, Isabel; Li, Wenjuan; Meng, Weizhi; Furnell, Steven; Katt, Basel; Pirbhulal, Sandeep; Shukla, Ankur; Ianni, Michele; Preda, Mila Dalla; Choo, Kim-Kwang Raymond; Correia, Miguel Pupo; Sileno, Giovanni; Alishahi, Mina; Kalutarage, Harsha og Yanai, Naoto. (2024).
Computer Security. ESORICS 2023 International Workshops. CPS4CIP, ADIoT, SecAssure, WASP, TAURIN, PriST-AI, and SECAI, The Hague, The Netherlands, September 25–29, 2023, Revised Selected Papers, Part II.
Springer. ISBN 9783031541285.
Abie, Habtamu; Gran, Bjørn Axel; Hagen, Raymond André; Raymond, Rune Winther; Omerovic, Aida og Redhu, Surender. (2024).
Adaptive AI revolutionizing cybersecurity, safety and risk management. Smart Innovation Norway, eSmart Systems, IFE
AI+ Conference. AI+Risk Session. 17–18. april 2024. Halden.
Vis sammendrag
Adaptive AI revolutionizing cybersecurity, safety and risk management. Adaptive AI aims to continuously learn and adapt to changes in real-world circumstances. What are the opportunities, challenges, and impact of Adaptive AI on cybersecurity, safety and risk management? How does adaptive AI ensure cybersecurity resilience, safety and risk management in the face of unpredictability and uncertainty changes?
Katsikas, Sokratis; Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Cambiaso, Enrico; Ugarelli, Rita; Praça, Isabel; Li, Wenjuan; Meng, Weizhi; Furnell, Steven; Katt, Basel; Pirbhulal, Sandeep; Shukla, Ankur; Ianni, Michele; Preda, Mila Dalla; Choo, Kim-Kwang Raymond; Correia, Miguel Pupo; Abhishta, Abhishta; Sileno, Giovanni; Alishahi, Mina; Kalutarage, Harsha og Yanai, Naoto. (2024).
Computer Security. ESORICS 2023 International Workshops CPS4CIP, ADIoT, SecAssure, WASP, TAURIN, PriST-AI, and SECAI, The Hague, The Netherlands, September 25–29, 2023, Revised Selected Papers, Part II.
Springer Cham. 14399;II. ISBN 9783031541285. 776 S.
Abie, Habtamu; Gkioulos, Vasileios; Katsikas, Sokratis og Pirbhulal, Sandeep. (2024).
Secure and Resilient Digital Transformation of Healthcare, First Workshop, SUNRISE 2023, Stavanger, Norway, November 30, 2023, Proceedings.
Springer Cham. 1884;1. ISBN 9783031558283. 111 S.
Abie, Habtamu og Pirbhulal, Sandeep. (2024).
CybAlliance WP2 Annual National and International Workshops Report 2024.
Norsk Regnesentral. 8 S.
Pirbhulal, Sandeep; Chockalingam, Sabarathinam; Shukla, Ankur og Abie, Habtamu. (2024).
IoT cybersecurity in 5G and beyond: a systematic literature review.
International Journal of Information Security. ISSN 1615-5262 1615-5270. S. 2827-2827.
Vis sammendrag
The 5th generation (5G) and beyond use Internet of Things (IoT) to offer the feature of remote monitoring for different applications such as transportation, healthcare, and energy. There are several advantages of 5G and beyond for IoT applications like high speed and low latency. However, they are prone to cybersecurity threats due to networks softwarization and virtualization, thus raising additional security challenges and complexities. In this paper, we conducted a systematic literature review (SLR) of cybersecurity for 5G and beyond-enabled IoT. By developing a taxonomy to classify and characterize existing research, we identified and analyzed strategies, key patterns, mechanisms, performance evaluation, validation parameters and challenges of cybersecurity and resilience for 5G and beyond-enabled IoT in existing studies. We used “Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA)” recommendations for this SLR. Through our search in scientific databases, 4449 records published between 2017 and 2023 were initially identified, which were then reduced to 558 records after title and abstract screening to be considered for the eligibility check process. After screening the full-text, 79 articles were finalized for thorough analysis. The findings of this study suggest that 35% of the included studies focus on authentication and access control as security aspects, 59% studies are based on combination of both network layer and application layer as main operation layer, and 34% of the included studies use real-time implementation for validation purpose while the remaining studies utilize simulation or theoretical analysis. Our SLR also highlights open research challenges of 5G and beyond-enabled IoT cybersecurity and suggests a tentative solution for each challenge, which can be a focus of future research. Finally, key limitations of our SLR and threats to validity are addressed.
Pirbhulal, Sandeep; Chockalingam, Sabarathinam; Abie, Habtamu og Lau, Nathan. (2024).
Cognitive Digital Twins for Improving Security in IT-OT Enabled Healthcare Applications.
S. 153-163.
Vis sammendrag
Digital Twins (DTs), serving as virtual replicas of physical systems, facilitate novel pathways for real-time monitoring, and informed decision making in different healthcare applications such as remote surgery, hospital management, and telemedicine. In the rapidly evolving landscape of cyber security, the emergence of DTs has provided unparalleled capabilities of preempting cyber threats, testing incident response strategies, and compliance testing. Moreover, Cognitive Digital Twins (CDTs) not only replicate physical systems but also have the ability to learn and make decisions. However, such a human-in-the-loop decision making approach is lacking for improving security in Information Technology (IT) and Operational Technology (OT) infrastructures while IT-OT integration in healthcare introduces new cyber security concerns and an increasing threat landscape. In this study, we developed a conceptual CDT-based adaptive cyber security framework for IT-OT enabled healthcare applications which has the potential to address cyber threats in varying situations. This framework integrates physical and virtual healthcare twin for healthcare service providers in addition to a knowledge base of security/privacy events and cognitive cycle for facilitating the human-in-the-loop approach. This framework could enhance cyber security in IT-OT healthcare by incorporating interdisciplinary fields such as adaptive security, health information exchange, human factors, IT-OT integration, risk management, among others. This study also presents some prominent use cases for IT-OT healthcare systems
Abie, Habtamu; Gkioulos, Vasileios; Katsikas, Sokratis og Pirbhulal, Sandeep. (2024).
Preface - Secure and Resilient Digital Transformation of Healthcare.
Communications in Computer and Information Science (CCIS). ISSN 1865-0929 1865-0937. Vol. 1884.
Abie, Habtamu. (2024).
SFI NORCICS NESIOT (Norwegian Ecosystem for Secure IT-OT Integration) Introduction. SFI NORCICS NESIOT
1st Annual Conference on Secure IT-OT Integration for successful digitalization. 16. februar 2024. Radisson Blu Airport Hotel Oslo Gardermoen.
Abie, Habtamu og Pirbhulal, Sandeep. (2024).
CybAlliance WP2 Annual Open Seminar Report 2024.
Norsk Regnesentral. 5 S.
Abie, Habtamu og Pirbhulal, Sandeep. (2024).
CybAlliance WP2 Annual Mobility Report 2024.
Norsk Regnesentral. 15 S.
Abie, Habtamu; Pandey, Pankaj; Courbassier, Antonio; Røstad, Lillian; Gran, Bjørn Axel og Sen, Sagar. (2024).
When AI Meets IT-OT Integration: Motivations, Challenges, and Applications. SFI NORCICS NESIOT
1st Annual Conference on Secure IT-OT Integration for successful digitalization. 16. februar 2024. Radisson Blu Airport Hotel Oslo Gardermoen.
Vis sammendrag
Talks and discussions reflecting current activities, gaps, and support needed for standardisation, policy making and technical for use of AI, and the use of AI on OT Cyber security
Sandvik, Jens-Petter; Franke, Katrin; Abie, Habtamu og Årnes, Andre. (2023).
Evidence in the fog – Triage in fog computing systems.
Forensic Science International: Digital Investigation. ISSN 2666-2825 2666-2817. Vol. 44. S. 1-11.
Vis sammendrag
Fog computing promises improved service scalability and lower latency for IoT systems. The concept closes the gap between full computing capabilities at the network's edge and cloud systems' centrally located processing infrastructure. The drawback of the former is the high power requirements at the edge nodes, and the latter is the high latency for the data being transmitted from the edge to the cloud and back. One of the challenges for a digital forensic investigator facing a fog is the number of possible data locations, as the node functioning as the server processing data can be selected among several nodes in the network. An investigator typically has limited resources for an investigation; the more possible evidence locations, the more resources are required to collect and examine the data locations. A triage is thus needed to prioritize collecting and examining the evidence. This work analyzes measures that can identify which fog nodes are more likely to contain data, and it uses simulations to test the measures' precision and sensitivity. It aims for digital forensic investigators to maximize the utility of the available investigation resources, such that all relevant evidence is found on time.
Abie, Habtamu. (2023).
European Knowledge Hub and Policy Testbed for Critical Infrastructure Protection (EU-CIP). Forth and Norsk Regnesentral
Roundtable Discussion on Security and Secure Information Exchange in the Healthcare Sector. 26. januar 2023. NR. Oslo.
Abie, Habtamu. (2023).
Norwegian Ecosystem Secure IT-OT Integration at CSG kickoff. University of Jyväskylä
CSG Project Kickoff. 6. februar 2023. ABB. Pitäjänmäki. Helsinki.
Abie, Habtamu. (2023).
European Cluster for Securing Critical Infrastructures – ECSCI. Forth and Norsk Regnesentral
Roundtable Discussion on Security and Secure Information Exchange in the Healthcare Sector. 26. januar 2023. NR. Oslo.
Abie, Habtamu. (2023).
Norwegian Ecosystem for Secure IT-OT Integration (NESIOT). NR and NTNU
NESIOT Kickoff meeting. 24. januar 2023. NR. Oslo.
Abie, Habtamu. (2023).
NESIOT (Norwegian Ecosystem for Secure IT-OT Integration). Forth and Norsk Regnesentral
Roundtable Discussion on Security and Secure Information Exchange in the Healthcare Sector. 26. januar 2023. NR. Oslo.
Abie, Habtamu. (2023).
The ECSCI Cluster Achievements.
S. 18-20.
Vis sammendrag
The European Cluster for Securing Critical Infrastructures (ECSCI) is a cluster of EU funded R&D projects, kicked off during the H2020 Work Programme, derived by the needs and interests of projects and experts conducting research and innovation on critical infrastructures protection (CIP) and resilience. Its initial objective and driving force are to create synergies and foster emerging disruptive solutions to security issues via cross-project collaboration and innovation. The ECSCI cluster shares experiences and best practices about CIP in different sectors, consolidates and reflects a European approach for Cyber-Physical and Hybrid Threat Intelligence in the CIP domain, and focuses on research that protects and secures critical infrastructures and services respecting the differences between individual projects, such as the different approaches, sectors of interest, or target groups, while establishing tight and productive connections with closely related or complementary H2020 and HEU projects. This talk presents the achievements of the ECSCI cluster hitherto.
Abie, Habtamu. (2023).
The Future of the European Cluster for Securing Critical Infrastructures – ECSCI. EU-CIP Project & ECSCI Cluster
EU-CIP Project & ECSCI Cluster 1st Annual Conference on Critical Infrastructure Resilience: “Reinventing Resilience”. 20. september – 21. oktober 2023. Brussels. Belgium.
Vis sammendrag
European Commission encourages collaboration among funded projects. The Liaison plan is to create the ECSCI (European Cluster for Securing Critical Infrastructures) cluster of EU projects dealing with cyber and physical security of critical infrastructures and underpinning complex architectures. The main high-level objectives of the ECSCI cluster are scientific collaboration, technical collaboration, communication & dissemination, stakeholder alliance, and marketplace. The presentation discusses the specific ECSCI objectives, the consolidation and reflection of a European approach for cyber-physical threat intelligence in critical infrastructure protection, collaboration & information sharing, the achievements of the cluster and its future and sustainability, and key takeaways.
Katsikas, Sokratis; Cuppens, Frédéric; Kalloniatis, Christos; Mylopoulos, John; Pallas, Frank; Pohle, Jörg; Sasse, Angela; Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Cambiaso, Enrico; Vidal, Jorge Maestre; Monge, Marco Antonio Sotelo; Albanese, Massimiliano; Katt, Basel; Pirbhulal, Sandeep og Shukla, Ankur. (2023).
Computer Security. ESORICS 2022 International Workshops, CyberICPS 2022, SECPRE 2022, SPOSE 2022, CPS4CIP 2022, CDT&SECOMANE 2022, EIS 2022, and SecAssure 2022.
Springer. 2022. ISBN 9783031254604. 290 S.
Abie, Habtamu og Pirbhulal, Sandeep. (2023).
CybAlliance WP2 Annual National and International Workshops Report 2023.
Norsk Regnesentral. 30 S.
Abie, Habtamu og Pirbhulal, Sandeep. (2023).
CybAlliance WP2 Annual Mobility Report 2023.
Norsk Regnesentral. 10 S.
Abie, Habtamu og Pirbhulal, Sandeep. (2023).
CybAlliance WP2 Annual Open Seminar Report 2023.
Norsk Regnesentral. 20 S.
Pirbhulal, Sandeep; Abie, Habtamu; Shukla, Ankur og Katt, Basel. (2023).
A Cognitive Digital Twin Architecture for Cybersecurity in IoT-Based Smart Homes.
Lecture Notes in Electrical Engineering. ISSN 1876-1100 1876-1119. Vol. 1035. S. 63-70.
Vis sammendrag
Home Sensing Technology Conference paper A Cognitive Digital Twin Architecture for Cybersecurity in IoT-Based Smart Homes Sandeep Pirbhulal, Habtamu Abie, Ankur Shukla & Basel Katt Conference paper First Online: 09 April 2023 336 Accesses Part of the Lecture Notes in Electrical Engineering book series (LNEE,volume 1035) Abstract Cognitive Digital Twin (CDT) is an extension of Digital Twin with cognitive capabilities to monitor and analyse complex and unforeseen behaviours and to ensure critical reasoning and decision-making. Thus, CDT has a potential for enhancing cybersecurity for the Internet of Things (IoT)-based applications such as smart homes. In this paper, we developed a conceptual CDT architecture for improving cybersecurity in smart homes with dynamic threat detection and mitigation capabilities. The proposed approach applies closed feedback loops between cognitive process and cybersecurity using artificial intelligence and machine learning techniques. This will allow continuous monitoring of security-related information and analytics with complex behaviours within a virtual environment. The developed approach allows security testing and simulation in the virtual world for prediction and anticipation of dynamic security threats. It also facilitates dynamic updates to the physical world of attack prevention strategies for the dynamic optimization of smart homes security. Finally, this paper discusses the applicability of the developed CDT architecture in other IoT-based critical sectors.
Gkotsis, Ilias og Abie, Habtamu. (2023).
ECSCI: European Cluster for Securing Critical Infrastructures.
Proceedings of the Research and Innovation Symposium for European SECURITY and Defense – RISE-SD Conferences. ISSN 2945-1183. Issue 2023. S. 161-163.
Abie, Habtamu; Gugliandolo, Emilia; Jovanovic, Aleksandar og Soldatos, John. (2023).
EU-CIP: European Knowledge Hub and Policy Testbed for Critical Infrastructure Protection.
Proceedings of the Research and Innovation Symposium for European SECURITY and Defense – RISE-SD Conferences. ISSN 2945-1183. Issue 2023. S. 130-133.
Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Cambiaso, Enrico; Ugarelli, Rita Maria og Praça, Isabel. (2023).
CPS4CIP 2023 Preface - The 4th International Workshop on Cyber-Physical Security for Critical Infrastructures Protection.
Lecture Notes in Computer Science (LNCS). ISSN 0302-9743 1611-3349. S. 1-5.
Abie, Habtamu; Katsikas, Sokratis; Pirbhulal, Sandeep og Djupdal, Hanne Mari Solhaug. (2023).
SFI-NORCICS Norwegian Ecosystem for Secure IT-OT Integration (NESIOT) Kick-off. SFI NORCICS and NESIOT
NESIOT Kick-off. 24. januar 2023. Norsk Regnesentral. Gaustadalléen 23A. 0373 Oslo.
Abie, Habtamu; Gkotsis, Ilias; Athanatos, Manos; Ugarelli, Rita Maria; Čaleta, Denis; Lodi, Lorenzo; Peppo, Fabrizio Di og Jovanović, Aleksandar. (2023).
Consolidated Proceedings of the Second ECSCI Workshop on Critical Infrastructure Protection and Resilience.
Steinbeis-Edition. ISBN 9783956632853. 142 S.
Vis sammendrag
Modern critical infrastructures (or “critical entities” as now defined in the new EU-CER Directive) are becoming increasingly complex, turning into distributed, large-scale cyber-physical systems. Cyberphysical attacks are increasing in number, scope, and sophistication, making it difficult to predict their total impact. Thus, addressing cyber security and physical security separately is no longer effective, but more integrated approaches, that consider both physical security risks and cyber-security risks, along with their interrelationships, interactions and cascading effects, are needed to face the challenge of combined cyber-physical attacks. Addressing them successfully, need coordinated and integrated responses, which must be disseminated and exploited further to the EU funded projects’ frameworks or individual research studies’ reports, through raising awareness initiatives, such as the 2nd ECSCI Workshop on CIP. This workshop presented the different approaches on integrated (i.e., cyber and physical) security in several different industrial sectors, such as finance, healthcare, energy, air transport, communications, industrial plants, gas, and water. The peculiarities of critical infrastructure protection in each one of these sectors have been discussed and addressed by the different projects of the ECSCI cluster that presented their outcomes, discussing the technical, ethical and societal aspects and the underlying technologies. Specifically, novel techniques have been presented for integrated security modelling, IoT security, artificial intelligence for securing critical infrastructures, resilience of critical infrastructures, ethical and legal aspects of cybersecurity, combating hybrid threats to critical infrastructure, cyber and physical threats detection, increased automation for detection, prevention and mitigation measure, information and knowledge sharing, standards and regulations for the protection of critical infrastructures, common platforms for cascading effects on the different critical infrastructures, combined safety and security solutions, cyber security awareness, and the landscape of advanced combined cyber and physical threats. The workshop included three opening remarks, three keynote speeches, twenty-one project presentations, two roundtable and panel discussions, twenty-one thematic presentations, and closing remarks. The audience included scientists and experts in the field of critical infrastructure protection, CISOs, CIOs, CERTs, CSIRTs, CSOs, cyber and physical security experts representing different sectors and policy makers for critical infrastructure protection.
Katsikas, Sokratis; Lambrinoudakis, Costas; Cuppens, Nora; mylopoulos, John; Kalloniatis, Christos; Meng, Weizhi; Furnell, Steven; Pallas, Frank; Pohle, Jörg; Sasse, Angela; Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Cambiaso, Enrico; Vidal, Jorge Maestre og Monge, Marco Antonio Sotelo. (2022).
Computer Security. ESORICS 2021 International Workshops CyberICPS, SECPRE, ADIoT, SPOSE, CPS4CIP, and CDT&SECOMANE, Darmstadt, Germany, October 4–8, 2021, Revised Selected Papers.
Springer. 13106. ISBN 9783030954833. 578 S.
Abie, Habtamu og Pirbhulal, Sandeep. (2022).
5G-Enabled IoT for IT-OT Integration. Norsk Regnesentral
SFI NORCICS Partner Workshop. 19. oktober 2022. Gaustadalleen 23a. 0373 Oslo.
Abie, Habtamu og Pirbhulal, Sandeep. (2022).
Focus Area 1-IT and OT Integration. NTNU Campus Gjøvik
SFI NORCICS Research Workshop. 10. juni 2022. Teknologiveien 22. 2815 Gjøvik.
Pirbhulal, Sandeep; Abie, Habtamu; Jullum, Martin; Nielsen, Didrik og Løland, Anders. (2022).
AI/ML for 5G and Beyond Cybersecurity.
Norsk Regnesentral. DART/15/22. 25 S.
Sodhro, Ali Hassan; Lakhan, Abdullah; Pirbhulal, Sandeep; Grønli, Tor-Morten og Abie, Habtamu. (2022).
A Lightweight Security Scheme for Failure Detection in Microservices IoT-Edge Networks.
Conference. 17–19. januar 2022.
Vis sammendrag
Nowadays, microservices-based applications such as E-Business, E-Healthcare, 3D-Gaming, and Augmented Reality has latterly drawn attention in the research area. The microservices enabled applications are different from traditional monolithic applications with the high demand of security and fault detection, therefore, a lightweight secure and failure detection enabled schemes widely required for the new applications. This paper proposes a new lightweight microservices mobile cloud (Mob-Cloud) the framework that replaces the heavyweight virtual machine (VM) based on mobile cloud computing (MCC). The study devises MFHE (Modified Fully Homomorphism Encryption) and WATFA (Workload Assignment Transient Fault Aware) schemes to deal with security and failures. Simulation results show that the proposals are practical for the considered problem
Abie, Habtamu. (2022).
Norwegian Ecosystem for Secure IT-OT Integration (NESIOT). Vilija Balionyte-Merle, SINTEF
NGINO Final Meeting. 29. november 2022. Forskningsveien 1. Oslo.
Pirbhulal, Sandeep og Abie, Habtamu. (2022).
NORCICS D3.6.2.22: Requirements and specification for dynamic risk assessment in 5G-enabled IoT.
Norsk Regnesentral. DART/19/22. 18 S.
Abie, Habtamu og Pirbhulal, Sandeep. (2022).
NORCICS D3.6.1.22: Report on strategies and specification for cybersecurity scenarios for 5G-enabled IoT.
Norsk Regnesentral. DART/17/22. 30 S.
Katsikas, Sokratis; Lambrinoudakis, Costas; Cuppens, Nora; Mylopoulos, John; Kalloniatis, Christos; Meng, Weizhi; Furnell, Steven; Pallas, Frank; Pohle, Jörg; Sasse, Angela; Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Cambiaso, Enrico; Vidal, Jorge Maestre og Monge, Marco Antonio Sotelo. (2022).
Computer Security. ESORICS 2021 International Workshops.
Springer. ISBN 9783030954833.
Sodhro, Ali Hassan; Lakhan, Abdullah; Pirbhulal, Sandeep; Grønli, Tor-Morten og Abie, Habtamu. (2022).
A Lightweight Security Scheme for Failure Detection in Microservices IoT-Edge Networks.
Vis sammendrag
Nowadays, microservices-based applications such as E-Business, E-Healthcare, 3D-Gaming, and Augmented Reality have latterly drawn attention in the research area. The microservices enabled applications are different from traditional monolithic applications with high demand of security and fault detection, therefore, a lightweight secure and failure detection enabled schemes widely required for the new applications. This paper proposes a new lightweight microservices mobile cloud (Mob-Cloud) framework that replaces the heavyweight virtual machine (VM) based on mobile cloud computing (MCC). The study devises MFHE (Modified Fully Homomorphism Encryption) and WATFA (Workload Assignment Transient Fault Aware) schemes to deal with security and failures. Simulation results show that the proposals are practical for the considered problem.
Trcek, Denis; Abie, Habtamu og Skomedal, Åsmund. (2022).
Adaptive Safety for Internet of Things in e-Health.
arXiv.org. ISSN 2331-8422.
Vis sammendrag
Wireless pervasive computing devices are rapidly penetrating our environments, where e-Health is among the most critical ones. In the e-Health environment it is not only important to address security and privacy issues (which are usually in the focus), but also safety needs for appropriate treatment. With an increasing proportion of pervasive (smart dust) devices which lack computing power, security, privacy, and safety provisioning in such environments is a demanding task - not to mention additional requirement about their adaptive provisioning. However, some twenty years ago an interesting research branch in computing domain appeared, called trust management. This branch is considered as a very handy alternative to support traditional hard security and privacy approaches. It is, therefore, often referred to as soft security (privacy) provisioning mechanism. As trust is inherently adaptive and as security and safety are much related, this paper presents a new approach where trust management is deployed in e-Health environments to enable adaptive safety provisioning. This paper also introduces a trustworthiness calculation framework that extends trust management methods with a comparative analysis of computational trust in Internet of Things (IoT).
Abie, Habtamu; Schulz, Trenton og Savola, Reijo. (2022).
Adaptive Security and Trust Management for Autonomous Messaging Systems.
arXiv.org. ISSN 2331-8422.
Vis sammendrag
With society's increased dependence on information communication systems, the need for dependable, trustable, robust, and secure adaptive systems becomes ever more acute. Modern autonomic message-oriented middleware platforms have stringent requirements for self-healing, adapting, evolving, fault-tolerance, security, and active vulnerability assessment, especially when the internal working model of a system and the environmental influences on the system are uncertain during run-time. In this paper, we present an adaptive and evolving security approach, and adaptive trust management approach to autonomous messaging middleware systems. This approach learns, anticipates, evolves, and adapts to a changing environment at run-time in the face of changing threats. The approach combines adaptive risk-based security, trust-based security, and security-based trust: the resultant supra-additive synergy improves and increases the strength of security and the degree of trust in the system. The approach also integrates different metrics, assessment tools, and observation tools that improve and increase the assessability and verifiability of the trustworthiness of the system. Validation of results is through industrial case studies and end-user assessment.
Hamdi, Mohamed; Pirbhulal, Sandeep og Abie, Habtamu. (2022).
A Homomorphic Digital Signature Scheme for the Internet of Things.
IoT. ISSN 2624-831X.
Vis sammendrag
In this paper, we address the problem of compatibility between digital signature schemes and in-network aggregation approaches. In the IoT world, the gateways alter the signed network flows when performing in-network aggregation. Therefore, existing conventional approaches are not suitable for verifying the authenticity of the original flows. This raises the need for energy-effective and secure schemes that enable the destination to validate aggregated network flows. In this regard, a lightweight homomorphic signature scheme is proposed which supports the implementation of aggregation procedures without affecting the verification process. We demonstrate the unforgeability and the privacy of our scheme. We also perform an analytical study of its energy-efficiency. The results suggest that the proposed scheme considerably decreases the processing overhead of the existing set-homomorphic signature schemes. Moreover, it does not add any communication overhead to traditional (non-homomorphic) signature schemes. This, in turn, improves the energy consumption by 30% compared to existing homomorphic signature techniques.
Pirbhulal, Sandeep; Abie, Habtamu; Shukla, Ankur og Katt, Basel. (2022).
A Cognitive Digital Twin Architecture for Cybersecurity in IoT-based Smart Homes. Macquarie University
Fifteenth International Conference on Sensing Technology (ICST’15). 5–7. desember 2022. Sydney.
Abie, Habtamu. (2022).
European Cluster for Securing Critical Infrastructures (ECSCI) at ENSURESEC Final Conference. INOV
ENSURESEC Final Conference. 20. mai 2022. Online-Webex.
Abie, Habtamu. (2022).
European Cluster for Securing Critical Infrastructures (ECSCI) at The 2nd ECSCI Virtual Workshop. ECSCI Cluster
The 2nd ECSCI Virtual Workshop. 27–29. april 2022. Online-Google Meet.
Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Cambiaso, Enrico; Ugarelli, Rita Maria og Praça, Isabel. (2022).
CPS4CIP 2022 Preface - 3rd Cyber-Physical Security for Critical Infrastructures Protection.
Lecture Notes in Computer Science (LNCS). ISSN 0302-9743 1611-3349.
Pirbhulal, Sandeep; Abie, Habtamu og Shukla, Ankur. (2022).
Towards a Novel Framework for Reinforcing Cybersecurity using Digital Twins in IoT-based Healthcare Applications.
IEEE Vehicular Technology Conference (VTC). ISSN 1090-3038 2577-2465.
Vis sammendrag
In recent years, the cybersecurity attacks on the internet of things (IoT)-based healthcare systems became the major concern for researchers and health organizations. With time, the sophistication of these attacks is increasing. Therefore, healthcare service providers must implement efficient security mechanisms carefully while taking the advantages of connected devices without compromising the patient safety and disturbing the real-time health services. A digital twin (DT) is a virtual representation of a real-time counterpart of a physical world. DT offers significant advantages to cybersecurity experts, empowering them to predict risks without entering the physical world, and to simulate and test cyber-attacks that would otherwise be infeasible to do in real-time in the physical environment. DT in healthcare helps to identify security vulnerabilities, conduct attack simulations, and potential security breaches by creating a virtual replica of the targeted healthcare systems. In this paper, a novel and automated conceptual framework is developed for reinforcing the cybersecurity in IoT-based healthcare using DT technology. It includes the conceptualization and analysis of the proposed framework which can provide dynamic and adaptive security solution to identify real-time threats and vulnerabilities in IoTbased healthcare applications.
Sandvik, Jens-Petter; Franke, Katrin; Abie, Habtamu og Årnes, Andrè. (2022).
Quantifying data volatility for IoT forensics with examples from Contiki OS.
Forensic Science International: Digital Investigation. ISSN 2666-2825 2666-2817. Vol. 40.
Vis sammendrag
Forensic investigations are often conducted under limited resource availability such as time, equipment, and people. As data acquisition is resource-demanding already, a higher emphasis needs to be put on prioritizing the investigative steps to optimize the probability of collecting the relevant evidence. Data volatility measures how quickly data disappears from a system and is an essential part of assessing the likelihood of collecting the most valuable evidence. An investigator can use a model for the volatility to estimate the probability of the existence of evidence. This work motivates and details a model for data volatility and exemplifies it for the Coffee File System used in Contiki OS, an operating system for IoT devices. We conducted experiments to test how well the model corresponds to the collected simulated data and cross-validate the model with observations from file system operations. The results revealed that an approximated model based on the known workings of the file system underestimated the volatility. While there are many sources describing volatility qualitatively, there is little research on quantitative volatility, and this paper is a stepping stone to understanding a quantitative approach to evidence volatility.
Sandvik, Jens-Petter; Franke, Katrin; Abie, Habtamu og Årnes, Andrè. (2021).
Coffee forensics — Reconstructing data in IoT devices running Contiki OS.
Forensic Science International: Digital Investigation. ISSN 2666-2825 2666-2817. Vol. 37.
Vis sammendrag
The ability to examine evidence and reconstruct files from novel IoT operating systems, such as Contiki with its Coffee File System, is becoming vital in digital forensic investigations. Two main challenges for an investigator facing such devices are that (i) the forensic artifacts of the file system are not well documented, and (ii) there is a lack of available forensic tools. To meet these challenges, we use code review and an emulator to gain insight into the Coffee file system, including its functionality, and implement reconstruction of deleted and modified data from extracted flash memory in software. We have integrated this into a forensic tool, COFFOR, and analyzed the Coffee File System to reconstruct deleted and modified files. This paper presents an overview of the artifacts in the file system and implements methods for the chronological ordering of the deleted file versions, and discusses these methods’ limitations. Our results demonstrate that forensic acquisition and analysis of devices running the Contiki operating system can reveal live and deleted files, as well as file version history. In some cases, a complete, chronological ordering of the version history can be reconstructed.
Abie, Habtamu. (2021).
Predictive Analytics for Cyber-Physical Threat Intelligence in Financial Sector Infrastructures. H2020 FINSEC, SOTER and FIN-TECH projects
Recent Security Advances in the Finance Sector: Cost-Effective Resilience for the Connected Digital Finance Ecosystem. 14. januar 2021. Virtual.
Abie, Habtamu. (2021).
Machine Learning as an Enabler for Cyber-Physical Security. ASSENTIAN LIMITED
Financial Services: Digital Transformation and the Cyber Imperative. 22–23. april 2021. Zoom.
Soceanu, Omri; Adir, Allon; Aharoni, Ehud; Greenberg, Lev og Abie, Habtamu. (2021).
A Cloud-Based Anomaly Detection for IoT Big Data.
S. 87-104.
Vis sammendrag
Security of IoT systems is a growing concern with rising risks and damages due to successful attacks. Breaches are inevitable, attacks have become more sophisticated, and securing critical infrastructure has become a greater challenge. Anomaly detection is an established approach for detecting security attacks, without relying on predefined rules or signatures of potential attacks. However, existing outlier detection techniques require adaptation if they are to be applied in a Big Data cloud context. We describe a novel outlier detection solution, which is currently being used by hundreds of customers with highly variable data scales. We describe our work in adapting this technology to handle IoT on a Big Data cloud setting. Specifically, we focus on efficient outlier analysis and managing large numbers of alerts using automatically controlled alert budgets.
Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Cambiaso, Enrico; Ugarelli, Rita; Giunta, Gabriele; Praça, Isabel og Battisti, Federica. (2021).
Cyber-Physical Security for Critical Infrastructures Protection.
Springer Nature. 12618;12618. ISBN 9783030697815. 225 S.
Vis sammendrag
This book constitutes the refereed proceedings of the First International Workshop on Cyber-Physical Security for Critical Infrastructures Protection, CPS4CIP 2020, which was organized in conjunction with the European Symposium on Research in Computer Security, ESORICS 2020, and held online on September 2020. The 14 full papers presented in this volume were carefully reviewed and selected from 24 submissions. They were organized in topical sections named: security threat intelligence; data anomaly detection: predict and prevent; computer vision and dataset for security; security management and governance; and impact propagation and power traffic analysis. The book contains 6 chapters which are available open access under a CC-BY license.
Soceanu, Omri; Greenberg, Lev; Adir, Allon; Aharoni, Ehud og Abie, Habtamu. (2021).
Anomaly Detection for Critical Financial Infrastructure Protection.
S. 495-514.
Vis sammendrag
Anomaly detection is a family of analytical techniques that identifies and learns typical properties of a system and reports significant deviations from the typical system’s normal properties as outliers. The anomaly detection techniques can provide protection from new zero-day attacks whenever these attacks lead to deviations from typical behaviours of the system, and do not require a balanced training set in which both malicious and benign events are equally represented. These techniques are better fit for real industrial systems where malicious events are much rarer than benign events. They are important tools to detect abnormalities in the critical financial infrastructures and services. The FINSEC project has developed scalable anomaly detection for cyber-physical integrated security using physical (e.g., cameras) and cyber probes (e.g., Skydive, IDS [Intrusion Detection Systems], etc.).
Boudko, Svetlana; Abie, Habtamu; Nigussie, Ethiopia og Savola, Reijo. (2021).
Towards Federated Learning-based Collaborative Adaptive Cybersecurity for Multi-microgrids.
S. 83-90.
Vis sammendrag
Multi-microgrids (MMGs) provide economic and environmental benefits to society by improving operational flexibility, stability and reliability of a smart grid. MMGs have greater complexity than conventional power networks due to the use of multiple infrastructures, communication protocols, controllers, and intelligent electronic devices. The distributed and heterogeneous connectivity technologies of the MMGs and their need to exchange information with external sources as well as the vulnerabilities in the communication networks and software-based components, make MMGs susceptible to cyberattacks. In this work, we present a conceptual framework for collaborative adaptive cybersecurity that is able to proactively detect security incidents. The framework utilizes federated learning for collaborative training of shared prediction models in a decentralized manner. The methodology used in this research is mainly analytical. This involves analysis of how the principles of a collaborative adaptive cybersecurity can be applied to the MMG environments resulting in the development of theoretical models which can then be validated in practice by prototyping and using real time simulation.
Boudko, Svetlana; Abie, Habtamu; Boscolo, Mirna og Ferrario, Davide. (2021).
Predictive Analytics Service for Security of Blockchain and Peer-to-Peer Payment Solutions.
Lecture Notes in Electrical Engineering. ISSN 1876-1100 1876-1119. Vol. 739. S. 71-81.
Vis sammendrag
The blockchain and Peer-To-Peer Payment solutions become adopted by financial institutions. While these changes bring significant service benefits they also increase the risks and vulnerabilities of the financial services. In this paper, we investigate, develop, and evaluate machine learning (ML) algorithms for predicting attacks on blockchain nodes and a Peer to Peer payment system. We have evaluated a set of machine learning algorithms that include classifica-tion ML algorithms from the scikit-learn library. We demonstrate that the pro-posed solution is able to predict cyber-physical attacks close to 100% accuracy. We have implemented a service prototype as a proof of concept. The prediction is done based on the collected data of the blockchain and peer-to-peer payment nodes. For the evaluation of the algorithms, a set of highly reputable classifica-tion metrics has been selected and applied.
Pirbhulal, Sandeep og Abie, Habtamu. (2021).
Digital Twins for Enhancing Cybersecurity in Smart Homes.
Norsk Regnesentral. DART/03/21. 23 S.
Abie, Habtamu; Ferrario, Davide; Troiano, Ernesto; Soldatos, John; Peppo, Fabrizio Di; Jovanović, Aleksandar; Gkotsis, Ilias og Markakis, Evangelos. (2021).
Consolidated Proceedings of the first ECSCI Workshop on Critical Infrastructure Protection, Virtual Workshop, June 24–25, 2020.
Steinbeis-Edition. ISBN 9783956630873. 55 S.
Vis sammendrag
Modern critical infrastructures (“critical entities” in the terminology of the new EU-CER Directive) are becoming increasingly complex, turning into distributed, large-scale cyber-physical systems. Cyber-physical attacks are increasing in number, scope, and sophistication, making it difficult to predict their total impact. Thus, addressing cyber security and physical security separately is no longer effective, but more integrated approaches, that consider both physical security risks and cyber-security risks, along with their interrelationships, interactions and cascading effects, are needed to face the challenge of combined cyber-physical attacks. To face them successfully, aligned and integrated responses are needed, and this workshop has provided a great opportunity to do it: aligning and integrating not only the positions of single projects but also of many intended users of their results. This workshop presented the different approaches on integrated (i.e., cyber and physical) security in seven different industrial sectors, such as finance, healthcare, energy, air transport, communications, industrial plants, gas, and water. The peculiarities of critical infrastructure protection in each one of these sectors have been discussed and addressed by the different projects of the ECSCI cluster that presented their outcomes, discussing the technical, ethical and societal aspects and the underlying technologies. Specifically, novel techniques have been presented for integrated security modelling, IoT security, artificial intelligence for securing critical infrastructures, resilience of critical infrastructures, distributed ledger technologies for security information sharing and increased automation for detection, prevention and mitigation measures. The workshop included two opening remarks, two keynote speeches, 11 project presentations, 2 roundtable and panel discussions and 10 thematic presentations. The audience included scientists and experts in the field of critical infrastructure protection, CISOs, CIOs, CERTs, CSIRTs, CSOs, cyber and physical security experts representing different sector and policy makers for Critical Infrastructure protection.
Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Cambiaso, Enrico; Ugarelli, Rita Maria; Giunta, Gabriele; Praça, Isabel og Battisti, Federica. (2021).
CPS4CIP 2020 Preface - Cyber-Physical Security for Critical Infrastructures Protection.
Lecture Notes in Computer Science (LNCS). ISSN 0302-9743 1611-3349.
Boudko, Svetlana og Abie, Habtamu. (2020).
Predictive Analytics Service for Security of Blockchain and Peer-to-Peer Payment Solutions. iCatse
11th International Conference on Information Science and Applications 2020. 16–18. desember 2020. Virtual Conference.
Abie, Habtamu og Boudko, Svetlana. (2020).
Anticipatory Adaptive Security for IoT-based Smart Grids Infrastructure and Value-added Services.
Norsk Regnesentral. DART/09/20. 13 S.
Vis sammendrag
The report describes the research and development of adaptive security addressing the protection of "IoT-based smart grids" against evolutionary threats and attacks through the prediction and advanced behavioural analysis of big data from IoT Smart Grids by automating prevention, detection, and recovery from the failures of security and privacy protections at run-time and by re-configuring control parameters and security goals.
Savola, Reijo; Kylänpää, Markku og Abie, Habtamu. (2020).
Risk-driven security metrics for an Android smartphone application.
International Journal of Electronic Business. ISSN 1470-6067 1741-5063. Vol. 15. Issue 4. S. 297-324.
Vis sammendrag
Security management in Android smartphone platforms is a challenge. This challenge can be overcome at least partially by developing systematically risk-driven security objectives and controls for the target system, and determining how to offer sufficient evidence of its security performance via metrics. The target system of our investigation is an Android platform utilised for public safety and security mobile networks. We develop and analyse the security objectives and controls for these systems based on a technological risk analysis. In addition, we investigate how effective and efficient security metrics can be developed for the target system, and describe implementation details of enhanced security controls for authentication, authorisation, and integrity objectives. Our analysis includes implementation details of selected security controls and a discussion of their security effectiveness. It also includes conceptualisation and description of adaptive security for an Android platform which can improve the flexibility and effectiveness of these security controls and end-users confidence in service providers.
Abie, Habtamu. (2020).
The European Cluster for Securing Critical Infrastructures (ECSCI): Objectives, Success Stories, and Takeaways. ECSCI-European Cluster for Securing Critical Infrastructures
The first ECSCI Workshop on Critical Infrastructure Protection. 24. juni 2020 – 25. juni 2021. Virtual workshop. on Google Meet conference room.
Vis sammendrag
The European Cluster for Securing Critical infrastructures (ECSCI) is a cluster of H2020 projects for securing critical infrastructures. Its main objective is to bring about synergetic, emerging disruptive solutions to security issues via cross-projects collaboration and innovation. The cluster will research how to protect critical infrastructures and services, highlighting differences (approaches, sectors of interest, etc.) between the clustered projects and establishing tight and productive connections with closely related and complementary H2020 projects. The presentation highlights the ECSCI liaison plan, specific objectives, cluster members, success stories, and takeaways.