Wolfgang Kastner

Juergen Mangler, Konrad Diwol, Dieter Etz et al.

Industrial Safety deals with the physical integrity of humans, machines and the environment when they interact during production scenarios. Industrial Safety is subject to a rigorous certification process that leads to inflexible settings, in which all changes are forbidden. With the progressing introduction of smart robotics and smart machinery to the factory floor, combined with an increasing shortage of skilled workers, it becomes imperative that safety scenarios incorporate a flexible handling of the boundary between humans, machines and the environment. In order to increase the well-being of workers, reduce accidents, and compensate for different skill sets, the configuration of machines and the factory floor should be dynamically adapted, while still enforcing functional safety requirements. The contribution of this paper is as follows: (1) We present a set of three scenarios, and discuss how industrial safety mechanisms could be augmented through dynamic changes to the work environment in order to decrease potential accidents, and thus increase productivity. (2) We introduce the concept of a Cognition Aware Safety System (CASS) and its architecture. The idea behind CASS is to integrate AI based reasoning about human load, stress, and attention with AI based selection of actions to avoid the triggering of safety stops. (3) And finally, we will describe the required performance measurement dimensions for a quantitative performance measurement model to enable a comprehensive (triple bottom line) impact assessment of CASS. Additionally we introduce a detailed guideline for expert interviews to explore the feasibility of the approach for given scenarios.

Markus Wurzenberger, Florian Skopik, Roman Fiedler et al.

Most of today's security solutions, such as security information and event management (SIEM) and signature based IDS, require the operator to evaluate potential attack vectors and update detection signatures and rules in a timely manner. However, today's sophisticated and tailored advanced persistent threats (APT), malware, ransomware and rootkits, can be so complex and diverse, and often use zero day exploits, that a pure signature-based blacklisting approach would not be sufficient to detect them. Therefore, we could observe a major paradigm shift towards anomaly-based detection mechanisms, which try to establish a system behavior baseline -- either based on netflow data or system logging data -- and report any deviations from this baseline. While these approaches look promising, they usually suffer from scalability issues. As the amount of log data generated during IT operations is exponentially growing, high-performance analysis methods are required that can handle this huge amount of data in real-time. In this paper, we demonstrate how high-performance bioinformatics tools can be applied to tackle this issue. We investigate their application to log data for outlier detection to timely reveal anomalous system behavior that points to cyber attacks. Finally, we assess the detection capability and run-time performance of the proposed approach.

Markus Kammerstetter, Markus Muellner, Daniel Burian et al.

WPA2-Personal is widely used to protect Wi-Fi networks against illicit access. While attackers typically use GPUs to speed up the discovery of weak network passwords, attacking random passwords is considered to quickly become infeasible with increasing password length. Professional attackers may thus turn to commercial high-end FPGA-based cluster solutions to significantly increase the speed of those attacks. Well known manufacturers such as Elcomsoft have succeeded in creating world's fastest commercial FPGA-based WPA2 password recovery system, but since they rely on high-performance FPGAs the costs of these systems are well beyond the reach of amateurs. In this paper, we present a highly optimized low-cost FPGA cluster-based WPA-2 Personal password recovery system that can not only achieve similar performance at a cost affordable by amateurs, but in comparison our implementation would also be more than 5 times as fast on the original hardware. Since the currently fastest system is not only significantly slower but proprietary as well, we believe that we are the first to present the internals of a highly optimized and fully pipelined FPGA WPA2 password recovery system. In addition, we evaluated our approach with respect to performance and power usage and compare it to GPU-based systems. To assess the real-world impact of our system, we utilized the well known Wigle Wi-Fi network dataset to conduct a case study within the country and its border regions. Our results indicate that our system could be used to break into each of more than 160,000 existing Wi-Fi networks requiring 3 days per network on our low-cost FPGA cluster in the worst case.