In Industry 4.0, Cyber-Physical Systems (CPS) are formed by components, which are interconnected with each other over the Internet of Things (IoT). The resulting capabilities of sensing and affecting the physical world offer a vast range of opportunities, yet, at the same time pose new security challenges. To address these challenges there are various IoT Frameworks, which offer solutions for managing and controlling IoT-components and their interactions. In this regard, providing security for an interaction usually requires performing additional security-related tasks (e.g. authorisation, encryption, etc.) to prevent possible security risks. Research currently focuses more on designing and developing these frameworks and does not satisfactorily provide methodologies for evaluating the resulting costs of providing security. In this paper we propose an initial approach for measuring the resulting costs of providing security for interacting IoT-components by using a Security Cost Modell ing Framework. Furthermore, we describe the necessary building blocks of the framework and provide an experimental design showing how it could be used to measure security costs at runtime.

In the emerging industrial Internet of Things (IIoT) era, machine-to-machine (M2M) communication technology is considered as a key underlying technology for building IIoT environments, where devices (e.g., sensors, actuators, and gateways) are enabled to exchange information with each other in an autonomous way without human intervention. However, most of the existing M2M protocols that can be also used in the IIoT domain provide security mechanisms based on asymmetric cryptography resulting in high computational cost. As a consequence, the resource-constrained IoT devices are not able to support them appropriately and thus, many security issues arise for the IIoT environment. Therefore, lightweight security mechanisms are required for M2M communications in IIoT in order to reach its full potential. As a step toward this direction, in this paper, we propose a lightweight authentication mechanism, based only on hash and XOR operations, for M2M communications in IIoT environment. The proposed mechanism is characterized by low computational cost, communication, and storage overhead, while achieving mutual authentication, session key agreement, device's identity confidentiality, and resistance against the following attacks: replay attack, man-in-the-middle attack, impersonation attack, and modification attack.

Data with high security requirements is being processed and stored with increasing frequency in the Cloud. To guarantee that the data is being dealt in a secure manner we investigate the applicability of Assurance methodologies. In a typical Cloud environment the setup of multiple layers and different stakeholders determines security properties of individual components that are used to compose Cloud applications. We present a methodology adapted from Common Criteria for aggregating information reflecting the security properties of individual constituent components of Cloud applications. This aggregated information is used to categorise overall application security in terms of Assurance Levels and to provide a continuous assurance level evaluation. It gives the service owner an overview of the security of his service, without requiring detailed manual analyses of log files.

Facing food insecurity and overuse of resources due to effects of climate change, humanity needs to find new ways to secure food production and produce close to consumers. Vertical farming, where plants are grown in vertical arrays inside buildings with help of Information and Communication Technology (ICT) components, could contribute to solving this issue. Such systems integrate heterogeneous devices on different computing layers and acquire a lot of data to monitor and optimize the production process. We created an indoor testing unit in which growing conditions can be monitored and controlled to optimize growth of microgreens. This setup includes an Indoor Farming Support as a Service (IFSaaS) prototype that provides safe and secure monitoring and controlling, as well as self-adaption of an indoor farming system. In this article we provide information about the combination of most suitable technologies.

Cyber-Physical Systems (CPS) are formed through interconnected components capable of computation, communication, sensing and changing the physical world. The development of these systems poses a significant challenge since they have to be designed in a way to ensure cyber-security without impacting their performance. This article presents the Security Cost Modelling Framework (SCMF) and shows supported by an experimental study how it can be used to measure, normalise and aggregate the overall performance of a CPS. Unlike previous studies, our approach uses different metrics to measure the overall performance of a CPS and provides a methodology for normalising the measurement results of different units to a common Cost Unit. Moreover, we show how the Security Costs can be extracted from the overall performance measurements which allows to quantify the overhead imposed by performing security-related tasks. Furthermore, we describe the architecture of our experimental testbed and demonstrate the applicability of SCMF in an experimental study. Our results show that measuring the overall performance and extracting the security costs using SCMF can serve as basis to redesign interactions to achieve the same overall goal at less costs.

Interactive infographics are a powerful tool to represent and communicate complex information. In data-driven journalism journalists use interactive infographics to explain new insights and facts while telling complex stories on the basis of retrieved data. However, readers of online news are still unexperienced while using interactive infographics. The results of a user survey among readers of online newspapers show how readers use and interact with interactive infographics in online newspapers. To improve the acceptance among users and to identify success factors of their utilization the results of a usability study of interactive infographics are presented.

We present an experimental evaluation of energy usage and performance in a wireless LAN cell based on a test bed using the 5 GHz ISM band for 802.11a and 802.11n. We have taken an application-level approach, by varying the packet size and transmission rate at the protocol level and evaluating energy usage across a range of application transmission rates using both large and small packet sizes. We have observed that both the application's transmission rate and the packet size have an impact on energy efficiency for transmission in our test bed. We also included in our experiments evaluation of the energy efficiency of emulations of YouTube and Skype flows, and a comparison with Ethernet transmissions.

We assume that each region has its own competitive advantage in growing certain grape varieties, as all varieties have different capabilities to cope with specific weather or climate conditions. In this paper we first analyze the effects of annual weather changes on yields in order to find, which weather is advantageous for which grape variety. This analysis should lead to some kind of ideal weather scenario for each grape variety (like dry and sunny with small rain etc.). In as second step the changing weather conditions in each region are reconciled with these scenarios in order to give recommendations where different grape varieties should be grown. In the third step we compare our recommendations with the distribution of grape varieties in South African wine regions and the uprooting and planting behavior of grape growers.

The Internet of Things (IoT) is rapidly changing the number of connected devices and the way they interact with each other. This increases the need for an automated and secure onboarding procedure for IoT devices, systems and services. Device manufacturers are entering the market with internet connected devices, ranging from small sensors to production devices, which are subject of security threats specific to IoT. The onboarding procedure is required to introduce a new device in a System of Systems (SoS) without compromising the already onboarded devices and the underlying infrastructure. Onboarding is the process of providing access to the network and registering the components for the first time in an IoT/SoS framework, thus creating a chain of trust from the hardware device to its hosted software systems and their provided services. The large number and diversity of device hardware, software systems and running services raises the challenge to establish a generic onboarding procedure. In this paper, we present an automated and secure onboarding procedure for SoS. We have implemented the onboarding procedure in the Eclipse Arrowhead framework. However, it can be easily adapted for other IoT/SoS frameworks that are based on Service-oriented Architecture (SoA) principles. The automated onboarding procedure ensures a secure and trusted communication between the new IoT devices and the Eclipse Arrowhead framework. We show its application in a smart charging use case and perform a security assessment.

With the increasing popularity of cloud computing, security in cloud-based applications is gaining awareness and is regarded as one of the most crucial factors for the long term success of such applications. Despite all benefits of cloud computing, its fate lies in its success in gaining trust from its users achieved by ensuring cloud services being built in a safe and secure manner. This work evaluates existing security standards and tools for creating Critical Infrastructure (CI) services in cloud environments -- often implemented as cyber physical systems (CPS). We also identify security issues from a literature review and from a show case analysis. Furthermore, we analyse and evaluate how mitigation options for identified open security issues for CI in the cloud point to individual aspects of standards and guidelines to support the creation of secure CPS/CI in the cloud. Additionally, we presented the results in a multidimensional taxonomy based on the mapping of the issues and the standards and tools. We show which areas require the attention as they are currently not covered completely by existing standards, guidelines and tools.

The growing demand for interoperability between system components within a connected car has led to new security challenges in automotive development. The existing components, based on established technology, are often being combined to form such a connected car. For such established technologies, individual, often sector specific threat and vulnerability catalogs exist. The aim of this paper is to identify blocks of established technologies in a connected car and to consolidate the corresponding threat and vulnerability catalogs relevant for the individual constituent components. These findings are used to estimate the impact on specific system components and subsystems to identify the most crucial components and threats.

Der Beitrag erläutert in kompakter Weise, was Content Curation ist und welche Potentiale mit dem Einsatz von Content Curation im E-Learning für Lernende und Organisationen verbunden sind. Auch werden Modelle für die Umsetzung von Content Curation erläutert und eine Schritt-für-Schritt-Anleitung für die Auswahl eines passenden Content-Curation-Tools gegeben.

The use of videos in teaching is becoming more and more widespread. For this purpose, not only existing videos are used, but also exclusive videos are created. There are different types of instructional videos used and created for teaching. It is useful to know which design principles these videos should follow in order to evaluate the quality of existing learning videos and to know the criteria one should consider when creating exclusive instructional videos. Therefore, questions arise as to how these videos should be designed to equally support theory and practice and what educational requirements they should meet for the use in teaching. These questions are answered with the framework of the study in hand that applied the method design-based research, incorporating qualitative and quantitative research methods. Survey instruments were guided interviews with experts, questionnaires for school students and a focus group. Participants in the study were teachers and students from the Vienna University of Teacher Education. The field of application was nutrition and consumer education for teaching students of the middle school. The results are presented in the form of design principles