12th of July at 16h00, Omid Asghari and Fernando Vidal will give two short presentations, to promote discussion on two relevant ongoing or disruptive topics. Afterwards, there will be a social gathering where everyone can talk freely on whatever subjects they like.
Location: G4.1
Omid Asghari – “Lead Time Analysis for UAVs failure prediction in U-space”
Bio
Omid is a second-year Ph.D. student at the University of Coimbra. He earned his Bachelor’s degree in Computer Engineering – Software from the University of Kurdistan in 2014. Subsequently, he decided to immigrate to Tehran to pursue a master’s degree at the Islamic Azad University, Science and Research branch in Tehran, which he completed in 2018. During his master’s program, he gained practical experience in the industry as a software developer, specializing later as an application security specialist, accumulating a total of six years of professional experience. Omid’s research interests primarily focus on the safety and security of Unmanned Aerial Vehicles (UAVs) and U-space services, secure coding, and the dependability and security of computer systems.
Abstract
In recent years, UAVs have been increasingly used in urban environments due to agility in movement, simplicity in me- chanics, low price, and ability to access locations that are difficult or impossible to reach by humans. A significant number of drones are expected to fly in the urban sky shortly. The profitable nature of commercial UAVs/drone applications in urban space will imply a high density of drones; therefore, avoiding mid-air collisions will be critical for the safe operation of the UAVs. In Europe, U- space services are being created to guarantee the safe operations of UAVs in urban Very Low Level (VLL) airspace. In order to avoid collisions, U-space considers a separation minima (i.e., the minimum safe distance between UAVs) surrounding each UAV. Thus, violating the separation minima, which might be caused by abnormal conditions (e.g., bad weather conditions), failure conditions (e.g., GPS failure in UAVs), or unreliable behavior of the system (e.g., inaccurate GPS positioning data or erratic position estimation by flight controller), could potentially result in conflicts that require immediate mitigation measures to avoid mid-air collisions. Failure prediction is a promising method for preventing separation minima violations in U-space services. However, in order to have effective failure prediction, the lead time, which is the time between the activation of a fault and its manifestation in a system as a failure, must account for both the prediction step and the subsequent mitigation actions. This paper aims to evaluate the lead time in UAV systems in the presence of positioning-related issues (as being critical for the safe operation of UAVs) from a U-space perspective. We used fault injection to inject 18 different types of faults (or emulating failures) in 28 different UAV missions. The results show that the lead time for 17 types of faults injected is at least 14 seconds (in some cases, no failure occurred). Thus, U-space has at least 14 seconds to predict and mitigate such faults. In the case of GPS failure (i.e., GPS signal is entirely missing), lead time is about 5 seconds, requiring faster strategies for failure prediction and mitigation plans.
Fernando Vidal – “OpenSCV: An Open Hierarchical Taxonomy for Smart Contract Vulnerabilities”
Bio
Fernando Vidal is a Ph.D. student at the University of Coimbra, Portugal. His research interests are related to blockchain technology. Fernando has been publishing at international conferences, addressing some of his findings of blockchain technology, such as vulnerabilities in smart contracts and revocation. Fernando has applied his acquired knowledge, helping companies implement blockchain technology through consulting.
Abstract
Smart contracts are nowadays at the core of most blockchain systems, as they specify and allow an agreement between entities that wish to perform a transaction. As any computer program, smart contracts are subject to the presence of residual faults, including severe security vulnerabilities, which require that the vulnerable contract is terminated in the blockchain. In this context, research began to be developed to prevent the deployment of smart contract holding vulnerabilities, mostly in the form of vulnerability detection tools. Along with these efforts, several and heterogeneous vulnerability classification schemes arised (e.g., most notably DASP and SWC). At the time of writing, these are mostly outdated initiatives, despite the fact that smart contract vulnerabilities are continuously being discovered and the associated rich information being mostly disregarded. In this paper, we propose OpenSCV, a new and Open hierarchical taxonomy for Smart Contract Vulnerabilities, which is open to community contributions and matches the current state of the practice, while being prepared to handle future modifications and evolution. The taxonomy was built based on the analysis of research on vulnerability classification, community-maintained classification schemes, and research on smart contract vulnerability detection. We show how OpenSCV covers the announced detection ability of current vulnerability detection tools, and highlight its usefulness as a resource in smart contract vulnerability research.