@misc{KrstićJentzsch2018,
  author    = {Krstić, Miloš and Jentzsch, Anne-Kristin},
  title     = {Reliability, safety and security of the electronics in automated driving vehicles - joint lab lecturing approach},
  series = {2018 12TH European Workshop on Microelectronics Education (EWME)},
  journal   = {2018 12TH European Workshop on Microelectronics Education (EWME)},
  publisher = {IEEE},
  address   = {New York},
  isbn      = {978-1-5386-1157-9},
  pages     = {21 -- 22},
  year      = {2018},
  abstract  = {This paper proposes an education approach for master and bachelor students to enhance their skills in the area of reliability, safety and security of the electronic components in automated driving. The approach is based on the active synergetic work of research institutes, academia and industry in the frame of joint lab. As an example, the jointly organized summer school with the respective focus is organized and elaborated.},
  language  = {en}
}
@article{LorenzClemensSchroetteretal.2022,
  author    = {Lorenz, Claas and Clemens, Vera Elisabeth and Schr{\"o}tter, Max and Schnor, Bettina},
  title     = {Continuous verification of network security compliance},
  series = {IEEE transactions on network and service management},
  volume    = {19},
  journal   = {IEEE transactions on network and service management},
  number    = {2},
  publisher = {Institute of Electrical and Electronics Engineers},
  address   = {New York},
  issn      = {1932-4537},
  doi       = {10.1109/TNSM.2021.3130290},
  pages     = {1729 -- 1745},
  year      = {2022},
  abstract  = {Continuous verification of network security compliance is an accepted need. Especially, the analysis of stateful packet filters plays a central role for network security in practice. But the few existing tools which support the analysis of stateful packet filters are based on general applicable formal methods like Satifiability Modulo Theories (SMT) or theorem prover and show runtimes in the order of minutes to hours making them unsuitable for continuous compliance verification. In this work, we address these challenges and present the concept of state shell interweaving to transform a stateful firewall rule set into a stateless rule set. This allows us to reuse any fast domain specific engine from the field of data plane verification tools leveraging smart, very fast, and domain specialized data structures and algorithms including Header Space Analysis (HSA). First, we introduce the formal language FPL that enables a high-level human-understandable specification of the desired state of network security. Second, we demonstrate the instantiation of a compliance process using a verification framework that analyzes the configuration of complex networks and devices - including stateful firewalls - for compliance with FPL policies. Our evaluation results show the scalability of the presented approach for the well known Internet2 and Stanford benchmarks as well as for large firewall rule sets where it outscales state-of-the-art tools by a factor of over 41.},
  language  = {en}
}
@misc{SahlmannClemensNowaketal.2020,
  author    = {Sahlmann, Kristina and Clemens, Vera and Nowak, Michael and Schnor, Bettina},
  title     = {MUP},
  series = {Postprints der Universit{\"a}t Potsdam : Mathematisch-Naturwissenschaftliche Reihe},
  journal   = {Postprints der Universit{\"a}t Potsdam : Mathematisch-Naturwissenschaftliche Reihe},
  number    = {1094},
  issn      = {1866-8372},
  doi       = {10.25932/publishup-48901},
  url       = {http://nbn-resolving.de/urn:nbn:de:kobv:517-opus4-489013},
  pages     = {23},
  year      = {2020},
  abstract  = {Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.},
  language  = {en}
}
@article{SahlmannClemensNowaketal.2020,
  author    = {Sahlmann, Kristina and Clemens, Vera and Nowak, Michael and Schnor, Bettina},
  title     = {MUP},
  series = {Sensors},
  volume    = {21},
  journal   = {Sensors},
  number    = {1},
  publisher = {MDPI},
  address   = {Basel},
  issn      = {1424-8220},
  doi       = {10.3390/s21010010},
  pages     = {21},
  year      = {2020},
  abstract  = {Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.},
  language  = {en}
}