A Comparative and Analytical Study for Choosing the Best Suited SDN Network Operating System for Cloud Data Center

The growing deployment of Software Defined Network (SDN) paradigm in the academic and commercial sectors resulted in many different Network Operating Systems (NOS). As a result, adopting the right NOS requires an analytical study of the available alternatives according to the target use case. This study aims to determine the best NOS according to the requirements of Cloud Data Center (CDC). This paper evaluates the specifications of the most common open-source NOSs. The studied features have been classified into two groups, i.e., non-functional features such as availability, scalability, ease of use, maturity, security and interoperability, and functional features, such as virtualization, fault verification and troubleshooting, packet forwarding techniques and traffic protection solutions. A Decision support system, Analytical Hierarchy Process (AHP) has been applied for assessing specifications of the inspected NOSs, namely, ONOS, Opendaylight (ODL), Floodlight, Ryu, POX and Tungsten. Our investigation revealed that ODL is the most suitable NOS for CDC compared to the rest studied NOSs. However, ODL and ONOS have almost similar scores compared to the rest NOSs.

FIVER – Robust Verification of Countermeasures against Fault Injections

Fault Injection Analysis is seen as a powerful attack against implementations of cryptographic algorithms. Over the last two decades, researchers proposed a plethora of countermeasures to secure such implementations. However, the design process and implementation are still error-prone, complex, and manual tasks which require long-standing experience in hardware design and physical security. Moreover, the validation of the claimed security is often only done by empirical testing in a very late stage of the design process. To prevent such empirical testing strategies, approaches based on formal verification are applied instead providing the designer early feedback.In this work, we present a fault verification framework to validate the security of countermeasures against fault-injection attacks designed for ICs. The verification framework works on netlist-level, parses the given digital circuit into a model based on Binary Decision Diagrams, and performs symbolic fault injections. This verification approach constitutes a novel strategy to evaluate protected hardware designs against fault injections offering new opportunities as performing full analyses under a given fault models.Eventually, we apply the proposed verification framework to real-world implementations of well-established countermeasures against fault-injection attacks. Here, we consider protected designs of the lightweight ciphers CRAFT and LED-64 as well as AES. Due to several optimization strategies, our tool is able to perform more than 90 million fault injections in a single-round CRAFT design and evaluate the security in under 50 min while the symbolic simulation approach considers all 2128 primary inputs.

Fault Verification Simulation for Light-Emission Microscopy and Liquid-Crystal Analysis

A new logic-model derivation method for leak faults observed by light-emission microscopy (LEM) or in liquid-crystal analysis (LCA) has been developed to verify those faults by comparing them with failures observed on an LSI tester. Since CMOS devices display various kinds of faulty behavior depending on leak resistance, it is essential to include the effects of this resistance in logic models. Considering that the resistance of leaks observed in LEM and LCA ranges from 10 to 10,000 ohm, the new logic models have been derived so that the leak fault could be easily incorporated into logic simulators without SPICE simulation. The feasibility of the proposed method has been demonstrated by using it to diagnose LEM and LCA faults causing logic failure in a 20k-gate logic LSI circuit.