Journal of Internet Services and Applications

Safe and Protected: Combining Protection Mechanism with Safety Verification In Autonomous Vehicles

2025-10-01T09:59:27+00:00

Protection mechanisms, also known as security mechanisms, in automotive systems are proactive components that continuously monitor vehicle signals to detect early signs of potential faults. For autonomous vehicles, it is essential that safety models, such as Responsibility-Sensitive Safety (RSS), which governs longitudinal and lateral safety, account for these mechanisms to enable timely and effective countermeasures against imminent actuation failures. A typical example is the proactive application of braking to increase longitudinal distance and mitigate the risk of losing braking capability. In this paper, we present a data-centric approach for modeling protection mechanisms using the SmartData framework, which facilitates the automatic derivation of safety properties for real-time formal verification via a Safety Enforcement Unit (SEU). We introduce extensions to RSS proper response strategies, enabling them to anticipate potential actuation constraints by leveraging shared internal states of protection mechanisms and a predictive time-to-trigger metric. We formally demonstrate that our approach preserves compliance with the original RSS safety guarantees by extending its inductive proof structure. Furthermore, we validate the feasibility of our solution through empirical evaluation, showing that the embedded formal verification can automatically extract properties from publish-subscribe message systems and operate at runtime with minimal overhead (less than 1% of platform processing capacity). Finally, we integrate our approach with RSS and a representative protection mechanism within the CARLA simulator to showcase its effectiveness in a realistic autonomous driving environment.

Leveraging zero trust and risk indicators to support continuous vulnerability compliance

2025-09-10T13:45:11+00:00

Open source dependencies are the leading source of vulnerabilities in applications and are often exploited in software supply chain attacks. Efforts to assess vulnerabilities are employed during DevSecOps pipelines in order to keep a system compliant with security regimes. However, current strategies for continuous compliance are limited to preventing issues before deployment, and thus do not address changes in dynamic aspects such as newfound vulnerabilities, let alone how to respond to such incidents. In this work, we leverage zero-trust to enable continuous, post-deployment vulnerability compliance assessment, isolating workloads that fail to meet a minimum security posture. This approach balances exploitation prevention with application availability --- a fundamental trade-off for critical use cases. The solution is built on top of SPIRE, a robust open-source identity provider based on workload attestation, and implements a custom plugin that responds to compliance violations driven by dynamic aspects exposed by OWASP's Dependency Track, an open-source tool for monitoring software components and their dependencies for vulnerabilities. To enhance flexibility in the security-availability trade-off, we introduce a grace period mechanism, enabling organizations to defer enforcement of newly identified vulnerabilities based on workload criticality, thus supporting availability for non-critical workloads without compromising long-term security. Finally, we evaluate the performance impact of this approach on a SPIRE environment, showing that the added resource usage reliably remains within the recommended 16 GiB of RAM and 4 vCPUs to run Dependency Track in production. We also show that the plugin adds less than 6 seconds of latency to the attestation process, which is insignificant given its default frequency of twice per hour. Moreover, the results confirm that the approach successfully prevents vulnerability exploitation by prioritizing security, while enabling controlled flexibility in less critical contexts.

Drone Surveillance System Availability and Reliability: A Comprehensive Analytical and Numerical Modeling Approach

2025-09-10T13:37:37+00:00

This paper proposes an approach to evaluate the availability and reliability of drone surveillance systems using complementary modeling techniques. Resilient system architecture with drone and battery redundancy is analyzed using two modeling strategies: (i) an analytical model based on Continuous-Time Markov Chains (CTMC), which yields closed-form availability equations, and (ii) a numerical model employing Stochastic Petri Nets (SPN) to handle more complex redundancy scenarios. Both models consider key factors such as battery charging/discharging times, drone failure and repair rates, and replacement operations. Sensitivity analyses highlight battery-related parameters as critical to system performance. Case studies show that optimizing component parameters can yield up to 97% availability, while redundancy alone can provide 91%. Combined strategies can achieve up to 99.89% availability. For long missions (30 hours), reliability analysis indicates that 15--20 redundant batteries and charging times below 36 minutes are needed to maintain over 80% reliability. For shorter missions, discharge times over 144 minutes are beneficial. This integrated modeling approach provides a robust framework for dependability assessment, guiding the design of resilient and cost-effective drone surveillance systems for mission-critical applications.