The constantly evolving cyber threat landscape is a latent problem for today's companies. This is especially true for the Small and Medium-sized Enterprises (SMEs) because they have limited resources to face the threats but, as a group, represent an extensive payload for cybercriminals to exploit. Moreover, the traditional cybersecurity approach of protecting against known threats cannot withstand the rapidly evolving technologies and threats used by cybercriminals. This study claims that cyber resilience, a more holistic approach to cybersecurity, could help SMEs anticipate, detect, withstand, recover from and evolve after cyber incidents. However, to operationalize cyber resilience is not an easy task, and thus, the study presents a framework with a corresponding implementation order for SMEs that could help them implement cyber resilience practices. The framework is the result of using a variation of Design Science Research in which Grounded Theory was used to induce the most important actions required to implement cyber resilience and an iterative evaluation from experts to validate the actions and put them in a logical order. Therefore, this study proposes that the framework could benefit SME managers to understand cyber resilience, as well as help them start implementing it with concrete actions and an order dictated by the experience of experts. This could potentially ease cyber resilience implementation for SMEs by making them aware of what cyber resilience implies, which dimensions it includes and what actions can be implemented to increase their cyber resilience.

Industrial Control Systems (ICS) and Supervisory Control systems and Data Acquisition (SCADA) networks implement industrial communication protocols to enable their operations. Modbus is an application protocol that allows communication between millions of automation devices. Unfortunately, Modbus lacks basic security mechanisms, and this leads to multiple vulnerabilities, due to both design and implementation. This issue enables certain types of attacks, for example, man in the middle attacks, eavesdropping attacks, and replay attack. The exploitation of such flaws may greatly influence companies and the general population, especially for attacks targeting critical infrastructural assets, such as power plants, water distribution and railway transportation systems. In order to provide security mechanisms to the protocol, the Modbus organization released security specifications, which provide robust protection through the blending of Transport Layer Security (TLS) with the traditional Modbus protocol. TLS will encapsulate Modbus packets to provide both authentication and message-integrity protection. The security features leverage X.509v3 digital certificates for authentication of the server and client. From the security specifications, this study addresses the security problems of the Modbus protocol, proposing a new secure version of a role-based access control model (RBAC), in order to authorize both the client on the server, as well as the Modbus frame. This model is divided into an authorization process via roles, which is inserted as an arbitrary extension in the certificate X.509v3 and the message authorization via unit id, a unique identifier used to authorize the Modbus frame. Our proposal is evaluated through two approaches: A security analysis and a performance analysis. The security analysis involves verifying the protocol's resistance to different types of attacks, as well as that certain pillars of cybersecurity, such as integrity and confidentiality, are not compromised. Finally, our performance analysis involves deploying our design over a testnet built on GNS3. This testnet has been designed based on an industrial security standard, such as IEC-62443, which divides the industrial network into levels. Then both the client and the server are deployed over this network in order to verify the feasibility of the proposal. For this purpose, different latencies measurements in industrial environments are used as a benchmark, which are matched against the latencies in our proposal for different cipher suites.

The growing adoption of Radio-frequency Identification (RFID) systems, particularly in the healthcare field, demonstrates that RFID is a positive asset for healthcare institutions. RFID offers the ability to save organizations time and costs by enabling data of traceability, identification, communication, temperature and location in real time for both people and resources. However, the RFID systems challenges are financial, technical, organizational and above all privacy and security. For this reason, recent works focus on attribute-based access control (ABAC) schemes. Currently, ABAC are based on mostly centralized models, which in environments such as the supply chain can present problems of scalability, synchronization and trust between the parties. In this manuscript, we implement an ABAC model in RFID systems based on a decentralized model such as blockchain. Common criteria for the selection of the appropriate blockchain are detailed. Our access control policies are executed through the decentralized application (DApp), which interfaces with the blockchain through the smart contract. Smart contracts and blockchain technology, on the one hand, solve current centralized systems issues as well as being flexible infrastructures that represent the relationship of trust and support essential in the ABAC model in order to provide the security of RFID systems. Our system has been designed for a supply chain environment with an use case suitable for healthcare systems, so that assets such as surgical instruments containing an associated RFID tag can only access to specific areas. Our system is deployed in both a local and Testnet environment in order to stablish a deep comparison and determining the technical feasibility.

A malicious attack on a safety-critical system can derive in an undesired behavior of the system that may result in a failure. In this case, the reliability of the device is decreased, and it might affect directly to safety. Therefore, the security is also an essential issue to consider in the design of safety-critical systems. The main problem when safety and security are considered is to make them work together without interfering each other. A safety-critical device needs to be certified following standards like IEC-61508, and any security mechanisms must not affect this certification. This paper describes a system that integrates safety and security mechanisms to improve reliability without affecting safety certification. With the aim of reaching the required safety level, a redundant system is considered. This system is an n out of m distributed and synchronized voter. The synchronization method is based on the precision time protocol (IEEE-1588) allowing that all devices on a local network have the same time.

Independently on the business case addressed, one of the main drawbacks of the railway use cases that need continuous Global Navigation Satellite Systems data is the lack of availability for the 100% of the time of the journey. Additionally, the integrity assessment of the position estimation given is also mandatory for safety critical applications. Thus, tunnels and multipath effects are one of the most challenging situations for the continuous positioning systems. In this context, an autonomous on-board Complementary Positioning System has been proposed to overcome the limitation of Global Navigation Satellite System based positioning systems. This paper proposes a positioning enhancement solution by means of fusing data from the satellite navigation system and inertial measurement units. That hybrid solution provides higher availability and accuracy to the positioning specially on known blocked scenarios, such as tunnels, or urban canyons, by means of a novel environment aware map aided software technique named Known Blocked Scenarios algorithm... This paper describes the Complementary Positioning System and the field test carried out in a challenging environment to validate the enhancement proposed by the authors, which demonstrate the benefits that this system has in known harsh environments for railways.

The popular Internet service, YouTube, has adopted by default the HyperText Markup Language version 5 (HTML5). With this adoption, YouTube has moved to Dynamic Adaptive Streaming over HTTP (DASH) as Adaptive BitRate (ABR) video streaming technology. Furthermore, rate adaptation in DASH is solely receiver-driven. This issue motivates this work to make a deep analysis of YouTube's particular DASH implementation. Firstly, this article provides a state of the art about DASH and adaptive streaming technology, and also YouTube traffic characterization related work. Secondly, this paper describes a new methodology and test-bed for YouTube's DASH implementation traffic characterization and performance measurement. This methodology and test-bed do not make use of proxies and, moreover, they are able to cope with YouTube traffic redirections. Finally, a set of experimental results are provided, involving a dataset of 310 YouTube's videos. The depicted results show a YouTube's traffic pattern characterization and a discussion about allowed download bandwidth, YouTube's consumed bitrate and quality of the video. Moreover, the obtained results are cross-validated with the analysis of HTTP requests performed by YouTube's video player. The outcomes of this article are applicable in the field of Quality of Service (QoS) and Quality of Experience (QoE) management. This is valuable information for Internet Service Providers (ISPs), because QoS management based on assured download bandwidth can be used in order to provide a target end-user's QoE when YouTube service is being consumed.

Most critical applications today depend on computers, so a computer failure can cause financial disaster, serious injury, or even death. In this context, railways are considered a critical application, so they must meet the highest standards of availability and safety. Availability ensures continuous operation of the system, while a safe system must behave correctly in all operating and environmental conditions.

The European Union (EU) is bolstering the railway sector with the aim of making it a direct competitor of the aviation sector. For that to occur, railway efficiency has to be improved by means of increasing capacity and reducing operational expenditure. Tracks are currently used below their maximum capacity. Given this fact and the EU's goals for the railway sector, research on solutions for on-board positioning system based on global navigation satellite systems (GNSS) have arisen in recent years. By taking advantage of GNSS, safety critical positioning systems will be able to use the infrastructure more efficiently. However, GNSS based positioning systems still cannot fulfill current normative validation processes, mainly, due to the fact that GNSS based positioning performance evaluation is not compatible with the key performance indicators (KPIs) used to assess railway systems performance: reliability, availability, maintainability, and safety. This paper proposes a methodology and unified key performance indicators (KPIs). Additionally, it shows real examples to address this issue. It aims to fill the gap between the current railway standardization process and any on-board positioning system.

It is necessary to verify the faults tolerance of the European Train Control System (ETCS) on-board unit even if these faults are uncommon. Traditional test methods defined and used in ETCS do not allow to check this, so it is necessary to develop a new mechanism of tests. This paper presents the design and implementation of a saboteur applied to the railway sector. The main purpose of the saboteur is the fault injection in the communication interfaces. By means of a virtual laboratory it is possible to simulate actual train journeys to test the ETCS on-board unit. Making use of the saboteurs andthe virtual laboratory it is possible to analyse the behaviour of the train in the presence of unexpected faults, and to verify that the decisions taken are correct to ensure the required safety level. Therefore, this work shows a testing strategy based on different kinds of train journeys when faults are injected, and the analysis of the results.

The interoperability between on track balises and the on board Balise Transmission Module systems depends on both sides' susceptibility and allowed emissions. For that assessment, the document that governs the testing methodology, tools and procedures (Subset 116) needs to be completed prior to its publication. The present paper proposes an advance beyond the state of the art for the rolling stock emission assessment in terms of the test setup and of the post-processing procedure. The documentation commonly used in ERTMS-related issues has been analyzed and the common tools and procedures have been taken into consideration for the proposal presented by the authors. (C) 2015 Elsevier Ltd. All rights reserved.

A SDK (Software Development Kit) to test, develop or improve safety-critical systems is presented. The SDK has three main modules: voter, saboteur and sniffer. The voter can be configured as ¿m out of n¿ where m and n can be any number but always n > m, each redundant channel uses a microcontroller as a main system. The saboteur examines the information that goes through the information interchange path, altering it and generating faulty data, modification of the evaluation hardware is minimized by using saboteurs in the communication between elements. The sniffer can display the data that passes over a network, it can be configured to handle three different protocols UART, CAN or TCP/IP.

The smart city concept is often simply considered equivalent only to technology. This paper starts by introducing the necessity of a holistic, integrated, and multidisciplinary approach to the concept of smart cities. Smart cities are evolving by the creation of tools that are application specific; therefore, European classification of smart city applications will be reviewed (as authors have used these criteria to classify the analyzed applications) and the relationship between the different European smart classification standards are analyzed. Moreover, in order to see how reality aligns with the theoretical concept of smart cities, the authors analyzed 61 applications from 33 smart cities distributed in North America, South America, Europe and Asia. From these, 16 specific applications from eight cities have been selected and described in detail so they provide an overview of existing tools in different application areas, as defined by European standards. After showing actual smart cities, the concepts and steps for building future smart cities are suggested in a conclusion.

Purpose This article focuses on a novel Advanced Train LocAtion Simulator (ATLAS) for on-board railway location using wireless communication technologies, such as satellite navigation and location based systems. ATLAS allows the creation of multiple simulation environments providing a versatile tool for testing and assessing new train location services. This enhancement reduces the number of tests performed in real scenarios and trains, reducing the cost and development time of new location systems as well as assessing the performance level for given tracks. Methods The simulation platform is based on modular blocks, where each block can be replaced or improved. The platform uses Monte Carlo Simulation to generate results with statistical significance. This implementation allows the modification of the development platform to cover multiple requirements, such as, ranging errors in the input parameters or including other positioning technologies. In this paper, the generated input parameter errors have been taken from the results of the field tests realized by the 3GPP ensuring the validity of the used parameter errors. However, these could be easily adapted by the user to particular characterized environments. Results Case studies for the validation of ATLAS will be also introduced, including preliminary results related to the use of Global System for Mobile communications in Railway (GSM-R) and Universal Mobile Telecommunications System (UMTS) technologies for positioning. The validation stage provides a way to test the platform functionalities and verify its flexibility. Conclusions The versatility of the platform to perform simulations using same configuration parameters for different case studies can be highlighted. Furthermore, first conclusions are drawn from the obtained results. The characterization of the infrastructure for the simulation and the performance improvement of the location systems in the tunnels (e.g., by including Inertial Measurement Unit (IMU)) are necessary to achieve accuracy levels that can be valid for ETCS level 3.

User QoE can be used to provide context-awareness to multimedia networks as it is the most valuable parameter to identify the needed network resources and provide an adaptation which offers an optimum service for each user. This article provides a brief survey of techniques that can be used to deal with QoE adaptation, and an end-to-end context-aware architecture proposed in R2D2 multimedia network (developed within European CELTIC program). The QoE support and the role of the Home Gateway (HG) within this network will also be highlighted

Portable systems and global communications open a broad spectrum for new health applications. In the framework of electrophysiological applications, several challenges are faced when developing portable systems embedded in Cloud computing services. In order to facilitate new developers in this area based on our experience, five areas of interest are presented in this paper where strategies can be applied for improving the performance of portable systems: transducer and conditioning, processing, wireless communications, battery and power management. Likewise, for Cloud services, scalability, portability, privacy and security guidelines have been highlighted.