SAFFRON is a risk modeling and data analytics tool that allows energy delivery OT operators to better understand the risks associated with cyber threats. At present they do not have the capability to fully understand the risks associated with the cyber threats of today and tomorrow – risks that will continue to grow as Information Technology (IT) and Operations Technology (OT) networks increasingly integrate. It is important to have a better understanding of these risks, costs, and potential consequences. This aggregation of risk data will inform EDS OT operators in understanding how risk changes as the software deployed changes, and support actions (i.e., identify corrective actions that reduce the risk.) Similarly, risk computation will support operators in equipment replacement and procurement by quantifying device risk and impact on the network. SAFFRON has developed a risk model and data analytics tool, along with the necessary algorithms that identify risk tolerance and strategy for assessing, responding to, and monitoring cyber security risks. Foundational validated research is presingly neededed to develop risk models and visual analytics that are understandable to OT operators and leads to or even suggests corrective action. The tool uses a simulation model of the physical/IT system and acts as a proxy for the physical infrastructure.
Situational Awareness framework that exploits different perspectives of the same financial data and assigns risk scores to entities (e.g. payment documents) to improve false positive ratios and assist the identification of fraudulent activity in huge and unlabeled financial data.
A novel Red Flag Network (RFNet) link analysis approach allows SAFARI to integrate the data generated by a variety of anomaly detectors. An RFNet is a network of entities (e.g. payment documents) where entities are connected if they participate in automatically raised red flags.
The SAFARI software platform can be upgraded and extended to take advantage of new advances and add more capabilities in data and visual analytics for fraud detection. Being a flexible software framework, SAFARI can keep up with business evolution and dynamics, having the potential to be a valuable advisor in decision-making in both the short and the long-term.
SAFARI's treemaps, RFNet and map data visualizations are enablers that provide insights into the related entities being inspected and unveil relationships that are hard to be discovered otherwise. The objective is to help SMEs in perceiving patterns, gain insights into the data and make sense of disparate but potentially related phenomena.
Fraud schemes arise when the red flags in RFNets are related and the case is solved when the loose ends are tied up. To relate red flags, SAFARI implements a Bayesian Belief Network (BBN) apporach for advanced evidence fusion and risk ranking. A BBN is a probabilistic graphical model that allows SAFARI to deal with fraud occurrence uncertainly by representing causal relationships among financial red flags to which observed occurrence is posted as evidence.
A number of governments and organizations around the world agree that the first step to address national and international problems such as energy independence, global warming or emergency resilience, is the redesign of electricity networks, known as Smart Grids. Typically, power grids have ”broadcasted” power from generation plants to large population of consumers on a suboptimal way. Nevertheless, the fusion of energy delivery networks and digital information networks, along with the introduction of intelligent monitoring systems (Smart Meters) and renewable energies, would enable two-way electricity trading relationships between electricity suppliers and electricity consumers. The availability of real-time information on electricity demand and pricing, would enable suppliers optimizing their delivery systems, while consumers would have the means to minimize their bill by turning on appliances at off-peak hours. The construction of the Smart Grid entails the design and deployment of information networks and systems of unprecedented requirements on storage, real-time event processing and availability. In this study, a series of system architectures to store and process Smart Meter reading Big Data are explored and compared aiming to establish a solid foundation in which future intelligent systems could be supported.
Sponsor: Multiple Sponsors, Public and Private
IT infrastructures in global corporations are appropriately compared with nervous systems, in which body parts (interconnected datacenters) exchange signals (request- responses) in order to coordinate actions (data visualization and manipulation). A priori inoffensive perturbations in the operation of the system or the elements composing the infrastructure can lead to catastrophic consequences. Downtime disables the capability of clients reaching the latest versions of the data and/or propagating their individual contributions to other clients, potentially costing millions of dollars to the organization affected. The imperative need of guaranteeing the proper functioning of the system not only forces to pay particular attention to network outages, hot-objects or application defects, but also slows down the deployment of new capabilities, features and equipment upgrades. Under these circumstances, decision cycles for these modifications can be extremely conservative, and be prolonged for years, involving multiple authorities across departments of the organization. Frequently, the solutions adopted are years behind state-of-the-art technologies or phased out compared to leading research on the IT infrastructure field. In this study, the utilization of a large-scale data infrastructure simulator is proposed, in order to evaluate the impact of ”what if” scenarios on the performance, availability and reliability of the system. The goal is to provide operators and designers a tool that allows understanding and predicting the consequences of the deployment of new network topologies, hardware configurations or software applications in a global data infrastructure, without affecting the service. The simulator was constructed using a multi-layered approach, providing a granularity down to the individual server component and client action, and was validated against the data infrastructure of a Fortune 500 company.
Sponsor: SAP, Johnson & Johnson
In order to explore the implications of various approaches to granularity, security, and alternative pedigree models, a pharmaceutical Supply Chain simulator was developed. The simulator is composed of N supply chain tiers, such as Manufacturer, Wholesaler or Retailer, where each tier may have an arbitrary number of facilities. Each facility is modeled as a state machine running in its own thread of execution. Just like the links in a metal chain the members of a supply chain may only have business relationships with their immediate neighbors. They may or may not know about more distant members of the chain and even if they are aware of their existence they may not have a business relationship with them. The supply chain functions by executing business events between trading partners. One party initiates an event by sending a message to the other party, such as a Purchase Order (P.O. message). The state of a facility is determined by the number of Purchase Orders it has pending and how much stock it has accumulated in its Warehouse. The simulation is driven by Purchase Orders that are submitted “upstream” by the retail tier. Goods are manufactured in response to purchase orders and are shipped “downstream”. Initial results show the simulator is capable of modeling 100,000 facilities and 100 million items of product being injected into the system per day. The load on the registry can vary by a factor of over 1000 in peak to average load with around 200 messages per second being the peak load for a 1 million per day flow.
Understanding and predicting the security behavior of hardware configurations and software applications in a global data infrastructure is one of today's biggest challenges. We propose a simulator-based approach, providing a granularity down to the individual server component and client action. The goal is to provide operators and designers a tool that allows understanding and predicting the consequences of the deployment of new network topologies, hardware configurations or software applications in a global data infrastructure, without affecting the service.
The simulator introduces a holistic way of viewing performance, reliability, and availability of a globally distributed infrastructure and the information security mechanisms that safe guard them by borrowing ideas from meteorological weather to develop a holistic view of simulated IT infrastructure. The fundamentals of visualization and the use of event correlation will help to create an automated means of stepping through the process of finding a pattern in the events that are occurring. These patterns will help in analysis and decision making in order to mitigate the risk associated with a general performance and availability to information security.
The goal of this project is to do a Negative Authentication implementation. The Negative Filtering or Negative Authentication (NA) approach utilizes a form of complement profiles which resembles the censoring and maturation process of T- cells in the immune system. The scope and applicability issues of this approach in the context of existing (positive) authentication systems have been discussed. The negative authentication is implemented using a real-valued negative selection algorithm.
The objectives of the research are to provide a robust solution to immunizing authentication systems (local or remote) by putting an additional invisible layer of password protection to the user. In particular:
Impact analysis of large-scale cyber attacks is an important concern. Conducting repeatable experiments in impact analysis needs the ability to model the cyber environment in a highly portable fashion. MIT GDC’s Cyber Range has the ability to perform repeatable cyber capacity and attack tests and do the impact analysis of the tests for large globally networked enterprise systems. The two major capabilities are: (1) high fidelity models of systems so that the impacts of cyber attacks can be analyzed, (2) explicitly modeling the tests and the enterprise systems for repeatability and portability of the tests and test results.
Today’s supply chains are global, complex and involve many parties. Tackling smuggling is a shared problem which requires international collaboration. Any attempt to implement a tracking and tracing system should therefore facilitate and support the exchange and interrogation of information among all key supply chain stakeholders, including law enforcement, brand owners, distributors, importers, retailers and consumers, both within and across national borders.
Suppliers of technologies that purport to be able to track and trace products are starting to engage with governments all over the world in an attempt to sell their systems and support compliance with the Protocols.
Many suppliers, however, are providing questionable and at times conflicting advice to governments about how to both meet the obligations of the Protocol and what constitutes a track and trace system. Such activity typically includes promotion of proprietary, country-specific technologies and systems.
Leveraging our experience in systems architecture, supply chain, and RFID, we are currently testing and evaluating various models to support external stakeholder engagement efforts on track and trace related issues.
Through the past year I have been thinking through a “transparent food” idea leveraging the web, crowd sourcing, and mobile devices.
The core of the idea can be grouped into 3 tiers (see document):
In the internet of things calling card style, “The What, When, Where, and Why”.
Having worked on RFID and supply chain systems and I am very excited about the possibility of building an equivalent infrastructure based on phone platforms and light weight web services, in a decentralized infrastructure. What’s more, the same type of approach has great parallels with the challenges of the developing world.
High-level design considerations and implementation challenges of an RFID-reader-equipped multi-UAV (unmanned aerial vehicle) system to aid inventory automation in a warehouse. We explore simulation, employing probabilistic-like algorithm for navigation decision, was also conducted to visualize the feasibility of the system.
An autonomous vehicle carrying an RFID reader is also implemented to test hardware reliability and the feasibility of a grounded robot to perform inventory in a three dimensional space.
Many organizations have agreements with the European Commission (EC) that obligates them to track products that are manufactured, bought or sold in the European Union to the customer level. The agreement includes an implementation plan that increases the number of markets (and consequently shipping points) and levels of customers covered over time. In coming years, most existing in house systems will not scale. In addition, there is the potential for other regulatory bodies will also demand product-tracking information.
Large retail customers are beginning to request that suppliers attach RFID tags to products destined for their stores. It is important that organizations avoid product reporting to business partners using incompatible integration mechanisms. A viable alternative to unwieldy multiple point-to-point solutions is a standards-based secure network leveraging the Internet. The emerging global RFID Network, though admittedly in its early stages, promises to be just that.
Research project evaluates the global RFID network. It will outline the current gaps between the in house solutions and the anticipated RFID global Network and describe the path that organizations should take to make in house solutions compliant.
|Williams, John R., Sergio Herrero, Christopher Leonardi, Abel Sanchez, and Zeyar Aung. "Large in-memory cyber-physical security-related analytics via scalable coherent shared memory architectures." In Computational Intelligence in Cyber Security (CICS), 2011 IEEE Symposium on, pp. 1-9. IEEE, 2011.|
|Herrero-Lopez, Sergio, John R. Williams, and Abel Sanchez. "Large-scale simulator for global data infrastructure optimization." In Cluster Computing (CLUSTER), 2011 IEEE International Conference on, pp. 54-64. IEEE, 2011.|
|Arenas-Martínez, M., Sergio Herrero-Lopez, Abel Sanchez, John R. Williams, Paul Roth, Paul Hofmann, and Alexander Zeier. "A comparative study of data storage and processing architectures for the smart grid." In Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on, pp. 285-290. IEEE, 2010.|
|M. Arenas-Martinez, S. Herrero-Lopez, A. Sanchez, J. R. Williams, P. Roth, P. Hofmann, A. Zeier, “Smart grid simulator for next generation utility software systems”, SAP Report, Palo Alto, July 2010.|
|Herrero-Lopez, Sergio, John R. Williams, and Abel Sanchez. "Parallel multiclass classification using SVMs on GPUs." In Proceedings of the 3rd Workshop on General-Purpose Computation on Graphics Processing Units, pp. 2-11. ACM, 2010.|
|John R. Williams, Abel Sanchez, Bill Mitchell, Sergio Hererro, "Next Generation Software Systems for Smart Grid and Smart City", SAP Academic Research Conference, August 21, 2009|
|J. R. Williams, A. Sanchez, P. Hofmann, T. Lin, M. Lipton, K. Mantripragada, “Evaluating registry architectures using a state machine simulator in a massively threaded environment”, Auto-ID Laboratory Whitepaper, January 2008. S. Herrero-Lopez, A. Sanchez and J. R. Williams, “Architecting an in-memory database system for EPCIS”, Auto-ID Laboratory Whitepaper, January 2008.|
|Williams, John R., Abel Sanchez, Paul Hofmann, Tao Lin, Michael Lipton, and Krish Mantripragada. "7 Modeling supply chain network traffic." RFID Technology and Applications (2008): 87.|
Smart Cities / Big Data
|R. Clune, J. Connor, J. Ochsendorf, G. Kocur, A. Sanchez. 2013. "The performance of optimization algorithms on bridge design problems." Journal of Computers and Structures, 2013|
|M. Nouh, M. Hadhrawy, A.Sanchez, A.Alfaris. 2013. A Collaborative Web-based Decision Support Platform for Planning Complex Engineering Systems: A Design and Architecture Framework. EURO Working Group on Decision Support Systems (EWG-DSS Thessaloniki-2013). (Best Paper Award.)|
|M K Hadhrawi, M Nouh, A Alfaris, and A Sanchez, "CoPI: A Web-Based Collaborative Planning Interface Platform" HIMI/HCII 2013, Part III, LNCS 8018, pp. 287-296, 2013.|
|M. Nouh, M. Hadhrawy, A.Sanchez, A.Alfaris. 2013. Towards Cloud-based Decision Support Platform for Group Decision Making. IEEE International Conference on Systems, Man, and Cybernetics (SMC'13).|
|Nouh, M., Alabdulkareem, A., Gowharji, W., Alfaris, A. and Sanchez, A. 2014. "A Web-based Decision Support Platform for Multidimensional Modeling of Complex Engineering Systems", lecture notes in Business Information Processing "Impact of the Web of Things in Decision Support Systems for Global Environments", Springer, 2014.|
|M.Hadhrawi, M.Nouh, A.Alfaris, A.Sanchez. 2013. CPI: A Web-based Multi-user Collaborative Planning, Decision Support and Visualization Interface. HCI International" + " 13, July 21-26, 2013, Las Vegas, Nevada, USA.|
IOT / Smart Grid / Security
|Almaatouq, A., Alabdulkareem, A., Nouh, M., Alsaleh, M., Alarifi, A., Sanchez, A., Alfaris, A. and Williams, J. 2014. "A Malicious Activity Detection System Utilizing Predictive Modeling in Complex Environments", paper to be presented at the 11th Annual IEEE CCNC, Las Vegas, Nevada USA, January 10-13.|
|Li, Depeng, Zeyar Aung, John R. Williams, and Abel Sanchez. "Privacy Preservation Protocol for Automatic Appliance Control Application in Smart Grid." In IEEE Internet of Things Journal, 2014|
|Dipankar Dasgupta, Denise Ferebee, Sanjib Saha, Abhijit Nag, Alvaro Madero, Abel Sanchez and John Williams. "A Grid-Based Approach for Negative Authentication." in IEEE SSCI, 2014|
|Li, Depeng, Zeyar Aung, John R. Williams, and Abel Sanchez. "Fine-Grained Encryption for Search and Rescue Operation on Internet of Things." APWC on CSE. 2014|
|Li, Depeng, Zeyar Aung, John R. Williams, and Abel Sanchez. "Efficient and Fault-Diagnosable Authentication Scheme for Advanced Metering Infrastructure." (2013).|
|Aung, Zeyar, Mohamed Toukhy, John Williams, Abel Sanchez, and Sergio Herrero. "Towards Accurate Electricity Load Forecasting in Smart Grids." In DBKDA 2012, The Fourth International Conference on Advances in Databases, Knowledge, and Data Applications, pp. 51-57. 2012.|
|Li, Depeng, Zeyar Aung, Srinivas Sampalli, John Williams, and Abel Sanchez. "Privacy Preservation Scheme for Multicast Communica-tions in Smart Buildings of the Smart Grid." (2012).|
|Li, Depeng, Zeyar Aung, John R. Williams, and Abel Sanchez. "Efficient authentication scheme for data aggregation in smart grid with fault tolerance and fault diagnosis." In Innovative Smart Grid Technologies (ISGT), 2012 IEEE PES, pp. 1-8. IEEE, 2012.|
|Li, Depeng, Zeyar Aung, Srinivas Sampalli, John Williams, and Abel Sanchez. "Privacy Preservation for Smart Grid Multicast via Hybrid Group Key Scheme." (2012).|
|Li, Depeng, Zeyar Aung, John Williams, and Abel Sanchez. P3: Privacy Preservation Protocol for Appliance Control Application. Technical report, 2012.|
|Faisal, Mustafa, Zeyar Aung, John Williams, and Abel Sanchez. "Securing advanced metering infrastructure using intrusion detection system with data stream mining." Intelligence and Security Informatics (2012): 96-111.|
|Mao, Tingting, John R. Williams, and Abel Sanchez. "An interoperable internet scale solution for RFID network security." In Computer Communications and Networks, 2009. ICCCN 2009. Proceedings of 18th Internatonal Conference on, pp. 1-6. IEEE, 2009.|
|Mao, Tingting, John Williams, and Abel Sanchez. "Interoperable internet scale security framework for rfid networks." In Data Engineering Workshop, 2008. ICDEW 2008. IEEE 24th International Conference on, pp. 94-99. IEEE, 2008.|
|I. Yu, A. Sanchez and J. R. Williams, “A prototype design for a decentralized EPC discovery service”, Auto-ID Laboratory Whitepaper, January 2008.|
|Ong, Jin Hock, Abel Sanchez, and John Williams. "Multi-UAV System for Inventory Automation." In RFID Eurasia, 2007 1st Annual, pp. 1-6. IEEE, 2007.|
|Williams, John R., and Abel Sanchez. "‘Supply Chain Realms with Data Streams and Location Services." EU RFID (2007).|
|Ning, Hai, John R. Williams, Alexander H. Slocum, and Abel Sanchez. "Inkboard-tablet pc enabled design-oriented learning." Advanced Technology for Learning 2, no. 1 (2005): 1-8.|
|H. Ning, J.R. Williams, A.H. Slocum, A. Sanchez, "On-line Peer Review in Teaching Design-oriented Courses", International Conference on Education and Information Systems: Technology and Applications (EISTA ’03), August 2003|
|Workie, Nahom. "CyberVisual: Designing User Environments for Large Scale Networks and Simulations." diss., Massachusetts Institute of Technology, 2014. Advisor: Abel Sanchez|
|Clune, Rory. "Algorithm Selection in Structural Optimization." diss., Massachusetts Institute of Technology, 2013. PhD Committee: Abel Sanchez|
|Madero, Alvaro. "Password Secured Systems and Negative Authentication." diss., Massachusetts Institute of Technology, 2013. Advisor: Abel Sanchez|
|Pinto, Alejandro. "Technology Adoption in Automotive Product Development." diss., Massachusetts Institute of Technology, 2014. Advisor: Abel Sanchez|
|Hsu, Tina. "Repeatable Large Systems Cyber Impact Analysis." diss., Massachusetts Institute of Technology, 2012. UAP Advisor: Abel Sanchez|
|Insausti, Xabier. "Design and Implementation of a Breast Health Reminder and Tracking System." diss., Massachusetts Institute of Technology, 2009. Best thesis award University of Navarra, national award Spanish National Engineering Academy, Advisor: Abel Sanchez|
|Mao, Tingting. "Interoperable Internet-Scale Security Framework for RFID Networks." diss., Massachusetts Institute of Technology, 2008. Advisor: Abel Sanchez|
|Sun, Miao. "A syndication-based messaging protocol for the global RFID network." diss., Massachusetts Institute of Technology, 2008. Advisor: Abel Sanchez|
|Fabo, Ane. "Repeatable Large Systems Cyber Impact Analysis." diss., Massachusetts Institute of Technology, 2008. Advisor: Abel Sanchez|
|Ong, JinHock. "Mobile RFID system for inventory automation." diss., Massachusetts Institute of Technology, 2008. Advisor: Abel Sanchez|
|Poulopoulos, Dimitrios. "Extending the Current Object Model of the LLRP Specification." diss., Massachusetts Institute of Technology, 2008. Advisor: Abel Sanchez|
|Constantinou, Fivos. "An object-oriented implementation of a Low Level Reader Protocol (LLRP) library." diss., Massachusetts Institute of Technology, 2007. Advisor: Abel Sanchez|