Nils Ulltveit-Moe

• Konara, Konara Mudiyanselage Sandun Y.; Kolhe, Mohan Lal; Ulltveit-Moe, Nils & Balapuwaduge, Indika A.M. (2023). Reliability Enhancement of Fast Charging Station under Electric Vehicle Supply Equipment Failures and Repairs. Energies. ISSN 1996-1073. 16(6). doi: 10.3390/en16062933. Fulltekst i vitenarkiv Vis sammendrag

  This work focuses on the enhancement of the charging reliability of both scheduled (SEVs) and opportunistic (UEVs) electric vehicle (EV) users in an EV fast charging station (FCS). The proposed charging coordination strategies allow UEVs to exploit unused charging resources to optimally utilize the limited charging resources of FCS. However, the optimum utilization of limited charging resources of an FCS while assuring a reliable charging process for plugged-in EVs under random failures of electric vehicle supply equipment (EVSE) is a real challenge for the FCS controller. When the FCS admits UEVs in addition to SEVs, assuring a satisfactory quality of service to both EV user categories is also dispensable. Therefore, we analyze the performance of reservation of off-board mobile chargers (MOBCs) to enhance the charging reliability of EV users while achieving high charging resource utilization. This work proposes resource allocation and charging coordination strategies for an FCS where MOBCs are used to enhance the charging reliability of both SEVs and UEVs. Moreover, the proposed dynamic charging resource coordination strategies are analyzed with a continuous time Markov-chain (CTMC). The presented results from the CTMC model demonstrate that the proposed strategies outperform the EV charging process of the FCS in terms of high resource utilization and reliability while guaranteeing a satisfactory quality of service to EV users.

• Konara, Konara Mudiyanselage Sandun Y.; Kolhe, Mohan Lal; Ulltveit-Moe, Nils & Balapuwaduge, Indika A.M. (2023). Optimal Utilization of Charging Resources of Fast Charging Station with Opportunistic Electric Vehicle Users. Batteries. ISSN 2313-0105. 9(2). doi: 10.3390/batteries9020140. Fulltekst i vitenarkiv Vis sammendrag

  The key challenge with the rapid proliferation of electric vehicles (EVs) is to optimally manage the available energy charging resources at EV fast-charging stations (FCSs). Furthermore, the rapid deployment of fast-charging stations provides a viable solution to the potential driving range anxiety and charging autonomy. Costly grid reinforcements due to extra load caused by fast charging can be omitted using a dedicated energy storage and/or renewable energy system at the FCS. The energy supply and fixed number of EV supply equipment (EVSE) are considered as the limited charging resources of FCS. Amidst various uncertainties associated with the EV charging process, how to optimally utilize limited charging resources with opportunistic ultra-fast charging EV users (UEVs) is studied in this work. This work proposes resource allocation and charging coordination strategies that facilitate UEVs to dynamically exploit these limited charging resources with defined liabilities when pre-scheduled users (SEVs) do not occupy them to utilize limited charging resources maximally. Moreover, the proposed dynamic charging coordination strategies are analyzed with a Monte Carlo simulation (MCS). The presented numerical results reveal that the major drawbacks of under-utilization of limited charging resources by SEVs can be significantly improved through dynamic charging resource allocation and coordination along with UEVs. With the proposed charging coordination strategies in this study, the maximum charging resource utilization of considered FCS with 10 EVSE has been improved to 90%, which bounds to 78% only with SEVs.

• Sharma, Arvind; Kolhe, Mohan Lal; Konara, Konara Mudiyanselage Sandun Y.; Ulltveit-Moe, Nils; Muddineni, Kapil & Mudgal, Ashwini [Vis alle 7 forfattere av denne artikkelen] (2020). Performance assessment of institutional photovoltaic based energy system for operating as a micro-grid. Sustainable Energy Technologies and Assessments. ISSN 2213-1388. 37. doi: 10.1016/j.seta.2019.100563.
• Sharma, Arvind; Kolhe, Mohan Lal; Ulltveit-Moe, Nils; Muddineni, Kapil; Mudgal, Ashwini & Garud, Shirish (2019). Performance Analysis of Institutional Hybrid Energy System for Electrical Energy Tariffs. I NN, NN (Red.), 3RD INTERNATIONAL CONFERENCE ON ENERGY, ECOLOGY AND ENVIRONMENT (ICEEE 2019) AND 3RD INTERNATIONAL CONFERENCE ON ELECTRICAL INTELLIGENT VEHICLES (ICEIV 2019). DEStech Publishing Inc. ISSN 978-1-60595-645-9. s. 221–224. doi: 10.12783/dteees/iceee2019/31812.
• Sharma, Arvind; Kolhe, Mohan Lal; Ulltveit-Moe, Nils; Muddineni, Kapil; Mudgal, Ashwini & Garud, Shirish (2019). Voltage Rise Issues and Mitigation Techniques Due to High PV Penetration into the Distribution Network. I NN, NN (Red.), 2018 International Conference on Automation and Computational Engineering (ICACE-2018) IEEE Catalog Number: CFP18P07 - ART . IEEE (Institute of Electrical and Electronics Engineers). ISSN 978-1-5386-5464-4. s. 72–78. doi: 10.1109/ICACE.2018.8687041.
• Sharma, Arvind; Kolhe, Mohan Lal; Ulltveit-Moe, Nils; Mudgal, Ashwini; Muddineni, Kapil & Garud, Shirish (2019). Comparative Analysis of Different Types of Micro-grid Architectures and Controls. I Sharma, Vishnu & Singh, Manjeet (Red.), 2018 International Conference on Advances in Computing, Communication Control and Networking (ICACCCN), IEEE. IEEE (Institute of Electrical and Electronics Engineers). ISSN 978-1-5386-4119-4. s. 1200–1208. doi: 10.1109/ICACCCN.2018.8748491.
• Sharma, Arvind; Kolhe, Mohan Lal; Konara, Konara Mudiyanselage Sandun Y.; Mudgal, Ashwini; Muddineni, Kapil & Garud, Shirish [Vis alle 7 forfattere av denne artikkelen] (2019). Performance Assessment of Building Integrated Photovoltaic and Battery Energy System: A Case Study of TERI-Retreat Facilty in India. I Perković, Toni (Red.), 2019 4thInternational Conference on Smart and Sustainable Technologies(SpliTech). IEEE (Institute of Electrical and Electronics Engineers). ISSN 978-953-290-091-0. doi: 10.23919/SpliTech.2019.8783046.
• Sharma, Arvind; Kolhe, Mohan Lal; Konara, Konara Mudiyanselage Sandun Y.; Muddineni, Kapil; Mudgal, Ashwini & Garud, Shirish [Vis alle 7 forfattere av denne artikkelen] (2019). Operational Analysis of Institutional Energy System for Developing a Micro-grid. IOP Conference Series: Materials Science and Engineering. ISSN 1757-8981. 605(1). doi: 10.1088/1757-899X/605/1/012008.
• Hakbilen, Onur; Perinparajan, Piraveen; Eikeland, Michael & Ulltveit-Moe, Nils (2018). SAFEPASS - Presenting a Convenient, Portable and Secure Password Manager, Proceedings of the 4th International Conference on Information Systems Security and Privacy. SciTePress. ISSN 978-989-758-282-0. s. 292–303. doi: 10.5220/0006603102920303.
• Waagsnes, Henrik & Ulltveit-Moe, Nils (2018). Intrusion Detection System Test Framework for SCADA Systems, Proceedings of the 4th International Conference on Information Systems Security and Privacy. SciTePress. ISSN 978-989-758-282-0. s. 275–285. doi: 10.5220/0006588202750285. Vis sammendrag

  This paper presents a SCADA intrusion detection system test framework that simulates SCADA traffic and detects malicious network activity. The framework combines several existing components such as Kali Linux, Conpot, QTester104 and OpenMUC in a virtual machine based framework to provide realistic SCADA traffic. It is agnostic to Intrusion Detection System (IDS) type, and is demonstrated in a case study comparing two popular signature-based IDS engines: Suricata and Snort. The IDS engines include rule-sets for the IEC 60870-5-104 and other SCADA protocols. Detected events from IDS sensors are sent to a distributed Elastic cluster which visualises them using Kibana dashboards. The experiments show that there is some difference in behaviour between Suricata and Snort’s ability to detect malicious traffic using the same SCADA ruleset, but these issues are relatively easy to mitigate. The IDS test framework also measures the latency from detection and until the IDS alerts are pre sented in the incident management system, which shows that Suricata has slightly better performance than Snort.

• Ulltveit-Moe, Nils; Gjøsæter, Terje; Assev, Sigurd M. & Øysæd, Halvard (2017). Towards Efficient Teacher Assisted Assignment Marking Using Ranking Metrics. I Costagliola, Gennaro; Uhomoibhi, James; Zvacek, Susan & McLaren, Bruce M. (Red.), Computers Supported Education: 8th International Conference, CSEDU 2016, Rome, Italy, April 21-23, 2016, Revised Selected Papers. Springer. ISSN 978-3-319-63184-4. s. 359–379. doi: 10.1007/978-3-319-63184-4_19.
• Ulltveit-Moe, Nils; Assev, Sigurd M.; Gjøsæter, Terje & Øysæd, Halvard (2016). Streamlining Assessment using a Knowledge Metric. I Uhomoibhi, James; Costagliola, Gennaro; Zvacek, Susan & McLaren, Bruce M. (Red.), CSEDU 2016 Proceedings of the 8th International Conference on Computer Supported Education, proceedings volume 1. SciTePress. ISSN 978-989-758-179-3. s. 190–197. doi: 10.5220/0005862601900197. Vis sammendrag

  This paper proposes an efficient tool-supported methodology for marking student assignment answers accord- ing to a knowledge metric. This metric gives a coarse hint of student answer quality based on Shannon entropy. The methodology supports marking student assignments across each sub-assignment answer, and the metric sorts the answers, so that the most comprehensive textual answers typically get the highest ranking, and can be marked first. This ensures that the teacher quickly gets an overview over the range of answers, which allows for determining a consistent marking scale in order to reduce the risk of scale sliding or hitting the wrong scale level during marking. This approach is significantly faster and more consistent than using the traditional approach, marking each assignment individually.

• Ulltveit-Moe, Nils; Pfrang, Steffen; Erdödi, Lazlo & Nebot, Héctor (2016). Mitigating Local Attacks Against a City Traffic Controller. I Camp, Olivier; Furnell, Steven & Mori, Paolo (Red.), Proceedings of the 2nd International Conference on Information Systems Security and Privacy, ICISSP 2016, February 19-21, 2016, in Rome, Italy. SciTePress. ISSN 978-989-758-167-0. s. 209–218. doi: 10.5220/0005649802090218. Vis sammendrag

  This paper demonstrates how a local attack against a city traffic controller located in a public area can be detected and mitigated in a cost-effective way. This is done by applying a general security methodology, an architecture and a set of new and existing tools integrated by the PRECYSE EU-project. The traffic controller does not contain built-in security and is connected to an information panel which is used for displaying traffic messages. The proposed solution is integrated with the incident management system of the city traffic control centre. This allows for increasing the situation awareness about attacks, as well as supporting a workflow for restoring the attacked device to its normal state and ensuring attack investigation.

• Nergaard, Henrik; Ulltveit-Moe, Nils & Gjøsæter, Terje (2016). ViSPE: A Graphical Policy Editor for XACML. I Camp, Olivier; Weippl, Edgar R.; Bidan, Christophe & Aïmeur, Esma (Red.), Information Systems Security and Privacy. Springer Science+Business Media B.V.. ISSN 978-3-319-27667-0. s. 107–121. doi: 10.1007/978-3-319-27668-7_7. Vis sammendrag

  In this paper we present the Visual Security Policy Editor (ViSPE), a policy-maker-friendly graphical editor for the eXtensible Access Control Markup Language (XACML). The editor is based on the programming language Scratch and implemented in Smalltalk. It uses a graphical block-based syntax for declaring access control polices that simplifies many of the cumbersome and verbose parts of XACML. Using a graphical language allows the editor to aid the policy-maker in building polices by providing visual feedback and by grouping blocks and operators that fit together and also indicating which blocks that stick together. It simplifies building policies while still maintaining the basic structure and logic of XACML.

• Ulltveit-Moe, Nils & Oleshchuk, Vladimir (2016). Enforcing mobile security with location-aware role-based access control. Security and Communication Networks. ISSN 1939-0114. 9(5), s. 429–439. doi: 10.1002/sec.879. Vis sammendrag

  This paper describes how location-aware role-based access control (RBAC) can be implemented on top of the Geospatial eXtensible Access Control Markup Language (GeoXACML). It furthermore sketches how spatial separation of duty constraints (both static and dynamic) can be implemented using GeoXACML on top of the XACML RBAC profile. The solution uses physical addressing of geographical locations, which facilitates easy deployment of authorisation profiles to the mobile device. Location-aware RBAC can be used to implement location-dependent access control and also other security enhancing solutions on mobile devices, such as location-dependent device locking, firewall, intrusion prevention or payment anti-fraud systems. The system has been implemented and tested, both to verify the server capacity and also the client capacity running on a mobile device

• Ai, Songpu; Kolhe, Mohan Lal; Lei, Jiao; Ulltveit-Moe, Nils & Zhang, Qi (2015). Domestic demand predictions considering influence of external environmental parameters, Industrial Informatics (INDIN), 2015 IEEE 13th International Conference on. IEEE conference proceedings. ISSN 978-1-4799-6649-3. s. 640 –644. doi: 10.1109/INDIN.2015.7281810. Vis sammendrag

  A precise prediction of domestic demand is very important for establishing home energy management system and preventing the damage caused by overloading. In this work, active and reactive power consumption prediction model based on historical power usage data and external environment parameter data (temperature and solar radiation) is presented for a typical Southern Norwegian house. In the presented model, a neural network is adopted as a main prediction technique and historical domestic load data of around 2 years are utilized for training and testing purpose. Temperature and global irradiation (which illustrates the solar radiation level quantitatively) are employed as external parameters. From the results, the efficiency of predictions are evaluated and compared. It can be observed from the numerical results that predictions using historical power data together with external data perform better than the case where only power usage data are adopted.

• Ulltveit-Moe, Nils; Nergaard, Henrik; Gjøsæter, Terje & Betts, Jennifer (2015). XACML Privacy Policy Editor for Critical Infrastructures. I Tryfonas, Theo & Askoxylakis, Ioannis G. (Red.), Human Aspects of Information Security, Privacy, and Trust - Third International Conference, HAS 2015, Held as Part of HCI International 2015. Springer. ISSN 978-3-319-20375-1. s. 705–716. doi: 10.1007/978-3-319-20376-8_63. Vis sammendrag

  This paper describes a Scratch-based eXtensible Access Control Markup Language (XACML) editor ViSPE that can be used for designing authorisation and anonymisation policies, as well as how these policies can be enforced by using the Reversible anonymiser. Private and confidential information can be protected based on identified security requirements, as described in two case studies. The first case covers privacy-enhanced IDS-alarm handling in a traffic control centre, and in the second case, we mitigate insider threats with a secure configuration deployment policy.

• Nergaard, Henrik; Ulltveit-Moe, Nils & Gjøsæter, Terje (2015). A Scratch-based Graphical Policy Editor for XACML, 1st International Conference on Information Systems Security and Privacy (ICISSP 2015), ESEO, Angers, Loire Valley - France, 9-11 February 2015. SciTePress. ISSN 978-989-758-081-9. doi: 10.5220/0005240101820190. Vis sammendrag

  Abstract: This paper proposes a policy-maker -friendly editor for the eXtensible Access Control Markup Language (XACML) based on the programming language Scratch. Scratch is a blocks-based programming language designed for teaching children programming, which allows users to build programs like a puzzle. We take this concept one step further with an XACML policy editor based on the graphic programming elements of Scratch implemented in Smalltalk. This allows for aiding the user on how to build policies by grouping blocks and operators that fit together and also indicating which blocks that will stick together. It simplifies building the XACML policies while still having an XACML "feel" of the graphic policies.

• Ulltveit-Moe, Nils & Oleshchuk, Vladimir (2015). A novel policy-driven reversible anonymisation scheme for XML-based services. Information Systems. ISSN 0306-4379. 48, s. 164–178. doi: 10.1016/j.is.2014.05.007. Vis sammendrag

  This paper proposes a reversible anonymisation scheme for XML messages that supports fine-grained enforcement of XACML-based privacy policies. Reversible anonymisation means that information in XML messages is anonymised, however the information required to reverse the anonymisation is cryptographically protected in the messages. The policy can control access down to octet ranges of individual elements or attributes in XML messages. The reversible anonymisation protocol effectively implements a multi-level privacy and security based approach, so that only authorised stakeholders can disclose confidential information up to the privacy or security level they are authorised for. The approach furthermore supports a shared secret based scheme, where stakeholders need to agree to disclose confidential information. Last, it supports time limited access to private or confidential information. This opens up for improved control of access to private or confidential information in XML messages used by a service oriented architecture. The solution provides horizontally scalable confidentiality protection for certain types of big data applications, like XML databases, secure logging and data retention repositories.

• Gjøsæter, Terje; Ulltveit-Moe, Nils; Kolhe, Mohan Lal; Hylsberg Jacobsen, Rune & Malki Ebeid, Emad Samuel (2014). Security and Privacy in the SEMIAH Home Energy Management System. I Grosspietsch, Erwin & Klöckner, Konrad (Red.), Proceedings of the Work in Progress Session held in connection with SEAA 2014 the 40th EUROMICRO Conference on Software Engineering and Advanced Applications and DSD 2014 the 17th EUROMICRO Conference on Digital System Design. Johannes Kepler University. ISSN 978-3-902457-40-0. s. 23–24.
• Ulltveit-Moe, Nils (2014). A roadmap towards improving managed security services from a privacy perspective. Ethics and Information Technology. ISSN 1388-1957. 16(3), s. 227–240. doi: 10.1007/s10676-014-9348-3. Vis sammendrag

  This paper proposes a roadmap for how privacy leakages from outsourced managed security services using intrusion detection systems can be controlled. The paper first analyses the risk of leaking private or confidential information from signature-based intrusion detection systems. It then discusses how the situation can be improved by developing adequate privacy enforcement methods and privacy leakage metrics in order to control and reduce the leakage of private and confidential information over time. Such metrics should allow for quantifying how much information that is leaking, where these information leakages are, as well as showing what these leakages mean. This includes adding enforcement mechanisms ensuring that operation on sensitive information is transparent and auditable. The data controller or external quality assurance organisations can then verify or certify that the security operation operates in a privacy friendly manner. The roadmap furthermore outlines how privacy-enhanced intrusion detection systems should be implemented by initially providing privacy-enhanced alarm handling and then gradually extending support for privacy enhancing operation to other areas like digital forensics, exchange of threat information and big data analytics based attack detection.

• Ulltveit-Moe, Nils; Gjøsæter, Terje; Assev, Sigurd M.; Køien, Geir Myrdahl & Oleshchuk, Vladimir (2013). Privacy handling for critical information infrastructures. I Gomes, Luís & Hübner, Michael (Red.), Industrial Informatics (INDIN), 2013 11th IEEE International Conference on. IEEE conference proceedings. ISSN 978-1-4799-0752-6. s. 688–694. doi: 10.1109/indin.2013.6622967. Vis sammendrag

  This paper proposes an architecture and a methodology for privacy handling in Critical Information Infrastructures. Privacy is in this respect considered as both the risk of revealing person-sensitive information, for example from critical infrastructures in health institutions, but also to identify and avoid leakage of confidential information from the critical information infrastructures themselves. The architecture integrates privacy enhancing technologies into an enterprise service bus, which allows for policy-controlled authorisation, anonymisation and encryption of information in XML elements or attributes in messages on the service bus. The proposed methodology can be used to identify, quantify and reduce leakages of private or confidential information. It also suggests privacy enforcement mechanisms to increase the resilience against sensitive information leakages caused by cyber attacks.

• Ulltveit-Moe, Nils & Oleshchuk, Vladimir (2012). Mobile Security with Location-Aware Role-Based Access Control. I Prasad, Ramjee; Farkas, Károly; Schmidt, Andreas U.; Lioy, Antonio; Russel, Giovanni; Luccio, Flaminia L.; Akan, Ozgur; Bellavista, Paolo; Cao, Jiannong; Dressler, Falko; Ferrari, Domenico; Gerla, Mario; Kobayashi, Hisashi; Palazzo, Sergio; Sahni, Sartaj; Shen, Xuemin; Stan, Mircea; Xiaohua, Jia; Zomaya, Albert & Coulson, Geoffry (Red.), Security and Privacy in Mobile Information and Communication Systems. Third International ICST Conference, MobiSec 2011, Aalborg, Denmark, May 17-19, 2011, Revised Selected Papers. Springer. ISSN 978-3-642-30244-2. s. 172–183. Vis sammendrag

  This paper describes how location-aware Role-Based Access Control (RBAC) can be implemented on top of the Geographically eXtensible Access Control Markup Language (GeoXACML). It furthermore sketches how spatial separation of duty constraints (both static and dynamic) can be implemented using GeoXACML on top of the XACML RBAC profile. The solution uses physical addressing of geographical locations which facilitates easy deployment of authorisation profiles to the mobile device. Location-aware RBAC can be used to implement location dependent access control and also other security enhancing solutions on mobile devices, like location dependent device locking, firewall, intrusion prevention or payment anti-fraud systems.

• Ulltveit-Moe, Nils & Oleshchuk, Vladimir (2012). Decision-cache based XACML authorisation and anonymisation for XML documents. Computer Standards & Interfaces. ISSN 0920-5489. 34(6), s. 527–534. doi: 10.1016/j.csi.2011.10.007. Vis sammendrag

  This paper describes a decision cache for the eXtensible Access Control Markup Language (XACML) that supports fine-grained authorisation and anonymisation of XML based messages and documents down to XML attribute and element level. The decision cache is implemented as an XACML obligations service, where a specification of the XML elements to be authorised and anonymised is sent to the Policy Enforcement Point (PEP) during initial authorisation. Further authorisation of individual XML elements according to the authorisation specification is then performed on all matching XML resources, and decisions are stored in the decision cache. This makes it possible to cache fine-grained XACML authorisation and anonymisation decisions, which reduces the authorisation load on the Policy Decision Point (PDP). The theoretical solution is related to a practical case study consisting of a privacy-enhanced intrusion detection system that needs to perform anonymisation of Intrusion Detection Message Exchange Format (IDMEF) XML messages before they are sent to a security operations centre that operates in privacy-preserving mode. The solution increases the scalability of XACML based authorisation significantly, and may be instrumental in implementing federated authorisation and anonymisation based on XACML in several areas, including intrusion detection systems, web services, content management systems and GRID based authentication and authorisation.

• Ulltveit-Moe, Nils & Oleshchuk, Vladimir (2011). A Composite Privacy Leakage Indicator. Wireless Personal Communications. ISSN 0929-6212. 61(3), s. 511–526. doi: 10.1007/s11277-011-0383-7. Vis sammendrag

  This paper proposes a Subjective Logic based composite privacy leakage metric that both takes into account the amount of information leakage and also that information with high entropy in some cases may be considered encrypted. It is furthermore shown both analytically and experimentally that Min-entropy is considered better than Shannon, Rényi or Max entropy for identifying encrypted content for the composite metric. This is in particular useful for implementing privacy-enhanced Intrusion Detection Systems (IDS), where sampled encrypted traffic can be considered to have low risk of revealing sensitive information. The combined metric can be used in a Policy Enforcement Point that acts as a proxy/anonymiser in order to to reduce the leakage of private or sensitive information from the IDS sensors to an outsourced Managed Security Service provider. Although the composite privacy indicator is IDS specific, the authorisation architecture is general, and may also be useful for anonymising or pseusonymising sensitive information from or to other types of sensors that need to be exposed to the Internet. The solution is based on the eXtensible Access Control Markup Language policy language extended with support for Subjective Logic, in order to provide a method for expressing fine-grained access control policies that are based on uncertain evidences.

• Ulltveit-Moe, Nils; Oleshchuk, Vladimir A & Køien, Geir M. (2011). Location-Aware Mobile Intrusion Detection with Enhanced Privacy in a 5G Context. Wireless Personal Communications. ISSN 0929-6212. 57(3), s. 317–338. doi: 10.1007/s11277-010-0069-6. Vis sammendrag

  The paper proposes a location-aware mobile Intrusion Prevention System (mIPS) architecture with enhanced privacy that is integrated in Managed Security Service (MSS). The solution is envisaged in a future fifth generation telecommunications (5G) context with increased but varying bandwidth, a virtualised execution environment and infrastructure that allows threads, processes, virtual machines and storage to be migrated to cloud computing services on demand, to dynamically scale performance and save power. 5G mobile devices will be attractive targets for malicious software, and this threat will in some cases change with location. Mobile devices will store more sensitive information and will also be used to a larger extent for sensitive transactions than they typically do today. In addition, a distributed execution environment in itself gives raise to some new security challenges. In order to handle these security challenges, we have proposed the location-aware mIPS architecture, which benefits from a distributed execution environment where processor intensive services can be outsourced to Cloud hosting providers. The mIPS supports querying location threat profiles in a privacy-preserving way, and ensures that mIPS alerts sent to the the first-line MSS are anonymised. We finally perform an analysis of potential strengths and weaknesses of the proposed approach.

• Ulltveit-Moe, Nils & Oleshchuk, Vladimir (2010). PRIvacy LEakage Methodology (PRILE) for IDS Rules. IFIP Advances in Information and Communication Technology. ISSN 1868-4238. 320, s. 213–225. doi: 10.1007/978-3-642-14282-6_17.
• Ulltveit-Moe, Nils & Oleshchuk, Vladimir (2010). Privacy Violation Classification of Snort Ruleset, Parallel, Distributed and Network-Based Processing (PDP), 2010 18th Euromicro International Conference on. IEEE conference proceedings. ISSN 978-1-4244-5672-7. s. 654–658. Vis sammendrag

  It is important to analyse the privacy impact of Intrusion Detection System (IDS) rules, in order to understand and quantify the privacy-invasiveness of network monitoring services. The objective in this paper is to classify Snort rules according to the risk of privacy violations in the form of leaking sensitive or confidential material. The classification is based on a ruleset that formerly has been manually categorised according to our PRIvacy LEakage (PRILE) methodology. Such information can be useful both for privacy impact assessments and automated tests for detecting privacy violations. Information about potentially privacy violating rules can subsequently be used to tune the IDS rule sets, with the objective to minimise the expected amount of data privacy violations during normal operation. The paper suggests some classification tasks that can be useful both to improve the PRILE methodology and for privacy violation evaluation tools. Finally, two selected classification tasks are analysed by using a Nai¿ve Bayes classifier

• Oleshchuk, Vladimir & Ulltveit-Moe, Nils (2010). PRIvacy LEakage Methodology (PRILE) for IDS rules. I Bezzi, M* (Red.), Privacy and Identity Management for Life. Springer. ISSN 978-3-642-14281-9. s. 213–225. Vis sammendrag

  This paper introduces a methodology for evaluating PRIvacy LEakage in signature-based Network Intrusion Detection System (IDS) rules. IDS rules that expose more data than a given percentage of all data sessions are defined as privacy leaking. Furthermore, it analyses the IDS rule attack specific pattern size required in order to keep the privacy leakage below a given threshold, presuming that occurrence frequencies of the attack pattern in normal text are known. We have applied the methodology on the network intrusion detection system Snort's rule set. The evaluation confirms that Snort in its default configuration aims at not being excessively privacy invasive. However we have identified some types of rules rules with poor or missing ability to distinguish attack traffic from normal traffic. Denne artikkelen introduserer en metodikk for å evaluere personvernlekkasje i signaturbaserte nettverksinnbruddsdeteksjonssystemregler (IDS). IDS regler som eksponerer mer data enn en gitt prosentandel av alle datasesjoner blir definert som en personvernlekkasje. Videre så analyseres størrelsen på den angrepsspesifikke delen av IDS regelen for å holde personvernlekkasjen under en gitt terskelverdi, gitt att forekomstfrekvensen av angrepsmønstre i normaltrafikk er kjent. Vi har tested metodikken på nettverksinnbruddsdeteksjonssystemet Snort sitt regelsett. Evalueringen bekrefter at Snort i standardkonfigurasjon i ikke har målsetning om å ha unødvendig stor innvirkning fra et personvernperspektiv. Vi har imidlertid identifisert noen regler med dårlig eller manglende evne til å skille angrepstrafikk fra normaltrafikk.

• Oleshchuk, Vladimir & Ulltveit-Moe, Nils (2009). Two Tiered Privacy Enhanced Intrusion Detection System Architecture, IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, 2009, IDAACS 2009. IEEE conference proceedings. ISSN 9781424449019. s. 8–14. Vis sammendrag

  The paper describes an architecture for privacy-enhanced intrusion detection systems, that separates privacy-invasive and privacy-preserving operations. This can be useful in cases where less sensitive network monitoring is outsourced to a third party and more sensitive network monitoring operations and data forensics are performed in-house or by law enforcement agencies.

• Ulltveit-Moe, Nils (2008). Måling av utvalgte tilgjengelighetsindikatorer på norske offentlige nettsteder, Statusrapport 08 - samfunnsutviklingen for personer med nedsatt funksjonsevne. Nasjonalt dokumentasjonssenter for personer med nedsatt funksjonsevne.. s. 256–265. Vis sammendrag

  Rapporten "Måling av utvalgte tilgjengelighetsindikatorer for HTML- og PDF-dokumenter på norske offentlige nettsteder" er laget av eGovMon Obseriatoriet ved Universitetet i Agder og Tingtun AS på bestilling av Nasjonalt dokumentasjonssenter for personer med nedsatt funksjonsevne. Rapporten viser at det er et betydelig forbedringspotensiale på norske offentlige hjemmesider når det gjelder publisering av HTML- of PDF-dokumenter. Vi har valgt å undersøke disse formatene fordi de i stor grad benyttes som standard av det offentlige. Kvalitetsproblemene kan føre til problemer for flere grupper av personer med nedsatt funksjonsevne. The report "Measurement of selected accessibility indicators for HTML- and PDF-documents on public norwegian web sites" is made by the eGovMon Observatory at the University of Agder and Tingtun AS on order from National Documentation Centre for Persons with Disabilities. The report shows that there is considereble room for improvement on norwegian web pages concerning publishing of HTML- and PDF- documents. We chose these formats because they to a large extent is being used as standards by public authorities. The quality problems may cause problems for several groups of people with disabilities.

• Radianti, Jaziar & Ulltveit-Moe, Nils (2008). Classification of Malicious Tools in Underground Markets for Vulnerabilities, NISK 2008. Tapir Akademisk Forlag. s. 19–32. Vis sammendrag

  The presence of black markets encourages the search for and exploitation of vulnerabilities through direct attack, malware spread or extortion. This study is the earlier part of the supply chain of the black economy. It focuses on the dynamics of the supply and services part of the black economy. The objectives of this paper are three-fold: Firstly, we briefly describe the disguised observation method used in several on-line black markets to obtain the information and the black market¿s attributes. Secondly, we identify and classify available types and function of malicious tools and services in the black markets. Finally we discuss the market supply chain, dynamics and implications of this black economy. Here we explore three aspects: opportunities that generate these black markets, the meritocratic effects that drive the early part of the supply chain and the empowerment feeling that acts as recruitment agent and fuels the entry level market for hackers.

• Ulltveit-Moe, Nils; Olsen, Morten Goodwin; Pillai, Anand Balachandran; Thomsen, Christian; Gjøsæter, Terje & Snaprud, Mikael Odd H. (2008). Architecture for large-scale automatic web accessibility evaluation based on the UWEM methodology, Norsk informatikkonferanse : NIK 2008. Tapir Akademisk Forlag. s. 95–106. Vis sammendrag

  The European Internet Accessibility Observatory (EIAO) project has developed an observatory for performing large scale automatic web accessibility evaluations of public sector web sites in Europe. The architecture includes a distributed web crawler that crawls web sites for links until either a given budget of web pages have been identified or the web site has been crawled exhaustively. Subsequently, a uniform random subset of the crawled web pages is sampled and sent for accessibility evaluation. The evaluation results are stored in a Resource Description Format (RDF) database that later is loaded into the EIAO data warehouse using an Extract-Transform-Load (ETL) tool. The aggregated indicator results in the data warehouse are finally presented in a Plone based online reporting tool. This paper describes the final version of the EIAO architecture and outlines some of the technical and architectural challenges that the project faced, and the solutions developed towards building a system capable of regular large-scale accessibility evaluations with sufficient capacity and stability. It also outlines some possible future architectural improvements.

• Bühler, Christian; Heck, Helmut; Perlick, O.; Nietzio, Annika & Ulltveit-Moe, Nils (2006). Interpreting results from large scale automatic evaluation of web accessibility. Lecture Notes in Computer Science (LNCS). ISSN 0302-9743. 4061, s. 184–191. Vis sammendrag

  The large amount of data produced by automatic web accessibility evaluation has to be preprocessed in order to enable disabled users or policy makers to draw meaningful conclusions from the assessment. We study different methods for interpretation and aggregation of the results provided by automatic assessment tools. Current approaches do not meet all the requirements suggested in the literature. Based on the UCAB approach decribed in UWEM 0.5 we develop a new aggregation function targeted at the requirements.

• Snaprud, Mikael Odd H.; Ulltveit-Moe, Nils; Balachandran, Anand Pillai & Olsen, Morten Goodwin (2006). A proposed architecture for large scale web accessibility assessment. Lecture Notes in Computer Science (LNCS). ISSN 0302-9743. 4061, s. 234–241. Vis sammendrag

  This paper outlines the architecture of a system designed to demonstrate large scale web accessibility assessment developed in a European research project. The system consists of a set of integrated software components designed to automatically evaluate accessibility metrics for a large number of websites and present results in a common report. The system architecture is designed to be maintainable, scalable, and extensible in order to facilitate further development of the tool. To meet these design criteria within a limited set of resources, an Open Source approach is adopted both for selecting, designing and developing the software.

Se alle arbeider i Cristin

• Ulltveit-Moe, Nils (2014). Privacy-enhanced Network Monitoring. Universitetet i Agder. ISBN 978-82-7117-762-1. 277 s. Vis sammendrag

  This PhD dissertation investigates two necessary means that are required for building privacy-enhanced network monitoring systems: a policy-based privacy or confidentiality enforcement technology; and metrics measuring leakage of private or confidential information to verify and improve these policies. The privacy enforcement mechanism is based on fine-grained access control and reversible anonymisation of XML data to limit or control access to sensitive information from the monitoring systems. The metrics can be used to support a continuous improvement process, by quantifying leakages of private or confidential information, locating where they are, and proposing how these leakages can be mitigated. The planned actions can be enforced by applying a reversible anonymisation policy, or by removing the source of the information leakages. The metrics can subsequently verify that the planned privacy enforcement scheme works as intended. Any significant deviations from the expected information leakage can be used to trigger further improvement actions. The most significant results from the dissertation are: a privacy leakage metric based on the entropy standard deviation of given data (for example IDS alarms), which measures how much sensitive information that is leaking and where these leakages occur; a proxy offering policy-based reversible anonymisation of information in XML-based web services. The solution supports multi-level security, so that only authorised stakeholders can get access to sensitive information; a methodology which combines privacy metrics with the reversible anonymisation scheme to support a continuous improvement process with reduced leakage of private or confidential information over time. This can be used to improve management of private or confidential information where managed security services have been outsourced to semi-trusted parties, for example for outsourced managed security services monitoring health institutions or critical infrastructures. The solution is based on relevant standards to ensure backwards compatibility with existing intrusion detection systems and alarm databases.

Se alle arbeider i Cristin

• Pietrzak, Barbara; Ward, Adrian; Cheung, Man Kit; Schwendimann, Beat A.; Mollaoglu, Gurkan & Duong, Michael Tran [Vis alle 33 forfattere av denne artikkelen] (2018). Education for the future. Science. ISSN 0036-8075. 360(6396), s. 1409–1412. doi: 10.1126/science.aau3877. Vis sammendrag

  We asked young scientists: Are our schools and universities adequately prepared to educate young people for future challenges? What is the most pressing issue in your field, and what one improvement could your country make to its current education system to prepare students to face it? The responses expressed concerns about the current state of education in countries around the world. Many students lack access to the information they need, and those with access are often constrained by curriculum that emphasizes rote learning and isolated subjects. Our respondents suggested a variety of improvements to prepare the next generation for success.

• Ulltveit-Moe, Nils (2017). Inportance of Cyber Security to Secure Microgrid Control System Networks.
• Ulltveit-Moe, Nils (2016). Horizon 2020 Secure Societies European Info Day and Brokerage Event Brussels, 5-6 April 2016, University of Agder.
• Carulli, Marco; Ulltveit-Moe, Nils & Apuzzo, Gian Matteo (2016). Collaborative Research Projects at University of Agder - Do's and Dont's. Vis sammendrag

  Short presentation presented at the panel discussion - Learning and Ageing in the Digital Era. Examples of Collaborative Research Projects.

• Ulltveit-Moe, Nils (2015). FrontScraper - Improving Assignment Marking Using Knowledge Metrics.
• Ulltveit-Moe, Nils; Assev, Sigurd M.; Gjøsæter, Terje & Øysæd, Halvard (2015). FrontScraper – Digital Assessment Tool.
• Tveit, Christina & Ulltveit-Moe, Nils (2015). Doktorbesøk på Gjerstad skole. [Avis]. Aust Agder Blad. Vis sammendrag

  Under AbelSeminared forrige torsdag, hadde 4. og 6. klasse besøk av 1. amanuensis ved Universitetet i Agder. Doktor Nils Ulltveit-Moe holdt foredrag om forskning, spill og lek.

• Øybekk, Kristen & Ulltveit-Moe, Nils (2015). Doktorer som leker. [Internett]. http://www.igjerstad.no/doktorer-som-leker. Vis sammendrag

  Gjerstad kan skilte med mer enn 10 doktorer. Det må være godt over landsgjennomsnittet folketallet tatt i betraktning. Den første var Ingeborg Ulltveit-Moe, tanta til doktor Nils. Han er den foreløpige siste doktoren Gjerstad har fått. Under AbelSeminaret forrige torsdag, hadde 4. og 6. klasse besøk av 1. amanuensis ved Universitetet i Agder UiA, doktor Nils Ulltveit-Moe. Han hadde foredraget "Forskning, spill og lek".

• Gjøsæter, Terje; Ulltveit-Moe, Nils & Nergaard, Henrik (2015). Security and Privacy in the SEMIAH Home Energy Management System.
• Gjøsæter, Terje; Nergaard, Henrik & Ulltveit-Moe, Nils (2015). SEMIAH Security and Privacy leaflet. Vis sammendrag

  Shifting energy consumption from peaks to off-peaks where there is high generation of electricity from renewable energy sources

• Ulltveit-Moe, Nils & Gjøsæter, Terje (2015). Forskning - Spill og Lek ?
• Krell, Claudia & Ulltveit-Moe, Nils (2015). Hands-on verinice screencasts. [Internett]. Verinice. Vis sammendrag

  From installing and working with verinice to importing OpenVAS scans: 16 screencasts, produced by Nils Ulltveit-Moe, guide users through the OpenSource information security management system (ISMS). They're all available via YouTube.

• Gjøsæter, Terje & Ulltveit-Moe, Nils (2015). MAGERITCC - MAGERIT OCIL testsuite and Control Catalogue for Verinice. Vis sammendrag

  This project contains a MAGERIT control catalogue for the Verinice information security management system and an Open Checklist Initiative Language (OCIL) testsuite for MAGERIT. MAGERIT is a Spanish risk assessment standard that is available for free.

• Smith, Paul; Ulltveit-Moe, Nils & Grassi, Leonardo (2015). Applied Methodology for the Protection of Industrial Control Systems. Vis sammendrag

  We have demonstrated use of the PRECYSE methodology. Tests done on the two demonstrators illustrate that the methodology can be used to identify security vulnerabilities and map these to prioritised risks. The PRECYSE methodology has proved to be effective in reducing the measured gap in security.

• Ulltveit-Moe, Nils (2015). arftoverinice - ARF to Verinice .vna conversion filter. Vis sammendrag

  This program converts reports from the OpenVAS vulnerability scanner in the Asset Reporting Format (ARF) and generates a .vna file containing assets and risks generated from the ARF report. This file can be imported into the Verinice risk assessment system.

• Ulltveit-Moe, Nils (2014). Science ethics: Young scientists speak [14]. Science. ISSN 0036-8075. 345(6192). doi: 10.1126/science.345.6192.24.
• Siegl, Stefan & Ulltveit-Moe, Nils (2014). Secure by design:An approach for a virtual power plant.
• Ulltveit-Moe, Nils (2014). My Experience doing a PhD.
• Ulltveit-Moe, Nils (2014). Reversible Anonymiser for XML Documents. Vis sammendrag

  This project contains an XACML controlled reversible anonymisation scheme for XML documents. The tool consists of an anonymiser and deanonymiser which are implemented as proxy based web services. It allows for anonymisation and authorisation of information in XML documents down to octet ranges of elements and attributes of messages. It supports multi-level security, default PERMIT and DENY anonymisation policies, key sharing and location-based authorisation using the GeoXACML framework. The current implementation can anonymise IDMEF messages from intrusion detection systems, in order to implement privacy-enhanced IDS services. It can relatively easily be modified to handle other XML formats.

• Ulltveit-Moe, Nils (2014). Cloud-based Mobile Health Apps.
• Benjaminy, Shelly; Doerksen, Rosalie; Li, Fengbo; Grieves, Roddy; Valluru, Girish & Jacob, Karen J. [Vis alle 15 forfattere av denne artikkelen] (2014). Science ethics: Young scientists speak. Science. ISSN 0036-8075. 345(6192), s. 24–27. doi: 10.1126/science.345.6192.24.
• Ulltveit-Moe, Nils; Lid, Geir & Øigård, Stein Harald (2014). Kunnskapens teaterscene. [Avis]. Agderposten. Vis sammendrag

  Han har forsket seg frem mot denne dagen i fem år. Nå skal all hans faglige kunnskap opp til utprøving og til doms – på noen timer.

• Ulltveit-Moe, Nils (2014). Privacy-enhanced Network Monitoring.
• Ulltveit-Moe, Nils (2014). Privacy enhancing Technologies for Cloud Computing.
• Ulltveit-Moe, Nils & Walstad, Svein (2014). Doktoranden fra Mo. [Internett]. Aust-Agder Blad. Vis sammendrag

  De fleste av våre lesere vet godt hvem Olav Ulltveit-Moe i Gjerstad er. Men sønnen Nils, som også bor på Mo, er nok ikke så kjent. Selv om han forsker på og fronter store EU-prosjekter om datasikkerhet. Tirsdag 8. april skal han forsvare sin doktorgradsavhandling som går på hvordan man kan redusere personvernlekkasje ved dataovervåkning.

• Ulltveit-Moe, Nils; Welhaven Løchen, Liv Eva & Raustøl, Håvard (2014). Han vil redde dine opplysninger. [Internett]. NRK Sørlandet. Vis sammendrag

  UiA-lektor Nils Ulltveit- Moe mener å ha funnet ut hvordan man kan hindre personvernlekkasje ved dataovervåkning.

• Ulltveit-Moe, Nils & Raustøl, Håvard (2014). Radiointervju med Nils Ulltveit-Moe på Sørlandssendinga om doktorgradsavhandlingen "Personvernforbedret dataovervåkning". [Radio]. NRK Sørlandet.
• Ulltveit-Moe, Nils & Walstad, Svein (2014). Tar doktorgrad og forsker på datasikkerhet i Europa. [Avis]. Aust-Agder Blad. Vis sammendrag

  Gjersdølingen Nils Ulltveit-Moe forsker på, og fronter flere EU prosjekter om datasikkerhet. 8. april skal han dessuten forsvare sin doktorgradsavhandling som omhandler reduksjon av personvernlekkasje ved dataovervåkning.

• Ulltveit-Moe, Nils (2014). SnakeSpeed - Compete with Snakes on Eating the Frog.
• Ma, Zhendong; Smith, Paul; McLaughlin, Kieran; Ulltveit-Moe, Nils & Kippe, Jörg (2014). PRECYSE Security Technologies for Critical Infrastructure Security.
• Ulltveit-Moe, Nils & Grassi, Leonardo (2014). PRECYSE Framework for ICS Security: Methodology, Architecture and Test suite.
• Ulltveit-Moe, Nils & Gjøsæter, Terje (2014). WP2 Methodology to identify assets and associated threats and vulnerabilities.
• Ulltveit-Moe, Nils (2013). Enforcing Privacy for Critical Infrastructures.
• Gjøsæter, Terje & Ulltveit-Moe, Nils (2013). WP2 - Methodology to identify assets and associated threates and vulnerabilities - Risks and Challenges.
• Gjøsæter, Terje & Ulltveit-Moe, Nils (2013). WP2 - Methodology to identify assets and associated threats and vulnerabilities.
• Gjøsæter, Terje & Ulltveit-Moe, Nils (2013). Consortium Partner Presentation - University of Agder (UiA).
• Ulltveit-Moe, Nils & Gjøsæter, Terje (2013). PRECYSE WP2 Methodology: Architectural issues, D2.2, Action plan.
• Ulltveit-Moe, Nils (2013). PRECYSE Architecture from a Strategic Planning and Operational Perspective.
• Ulltveit-Moe, Nils (2013). PRECYSE Architecture from a Strategic Planning and Operative Perspective.
• Cáceres, Santiago; Marqués, Antonio; Ulltveit-Moe, Nils & Francavilla, Gianpiero (2012). PRECYSE, Prevention, Protection and Reaction to Cyber Attacks to Critical Infrastructures.
• Ulltveit-Moe, Nils (2012). Norsk PRECYSE Brukergruppe Kravvalideringsworkshop.
• Ulltveit-Moe, Nils (2012). PRECYSE - Prevention and Reaction to Cyber Attacks on Critical Infrastructures.
• Ulltveit-Moe, Nils (2012). WP2 Methodology Workshop, Finalisation of D2.1 Methodology Specification.
• Ulltveit-Moe, Nils (2012). WP2 Methodology and Supporting Tools.
• Ulltveit-Moe, Nils (2012). WP2 Requirements Analysis.
• Ulltveit-Moe, Nils (2012). WP2 kickoff meeting.
• Ulltveit-Moe, Nils (2012). WP2 Methodology to Identify Assets and Associated Threats and Vulnerabilities.
• Ulltveit-Moe, Nils (2011). Fullfinansiert doktorgradsutdanning - kan Norge fortsette med dette som snart eneste land i Europa?
• Ulltveit-Moe, Nils (2010). Ethics of Network Monitoring. Vis sammendrag

  There is a need for increased ethical awareness and better ethical guidelines both for computer security managers and practitioning security analysts. The current situation is that network monitoring in some areas may be too privacy invasive, whereas other areas, like investigation of transnational on-line crime, is impeded both by lack of electronic evidence and legal hindrances across national borders. This article proposes how Kant's deontological ethics can be applied to network monitoring for solving the privacy against security dilemma. It also discusses reasons to consider better handling of information privacy from a Utilitarian perspective. Network monitoring is shown to benefit from basing moral decisions on quantifiable privacy and security metrics both from a Utilitarian and Kantian perspective. Another moral problem that is analysed, is whether automatic blocking of malicious traffic is better than surveillance of such activities. It also discusses how incentive compatible contractual means can be used to reduce the Moral Hazard both from a privacy and security perspective for outsourced network monitoring. Furthermore, the analysis identifies a need to inform moral agents about network monitoring in order to deter rational adversaries. It is not common practice to give such information for monitored networks today.

• Ulltveit-Moe, Nils (2009). Privacy-Enhanced Network Monitoring. Vis sammendrag

  Emphasis of this talk: present a set of techniques that may be useful for privacy-enhanced network monitoring. How can we improve privacy without loosing too much efficiency and usability? The main focus is on intrusion detection systems (IDS). Some examples on traffic analysis systems. The focus is not on how to reduce the false positive rate. (Although smaller FP rate would make privacy handling easier.)

• Ulltveit-Moe, Nils; Snaprud, Mikael Odd H.; Nietzio, Annika; Olsen, Morten Goodwin & Thomsen, Christian (2006). Early results from automatic accessibility benchmarking of public European web sites from the European Internet Accessibility Observatory (EIAO).
• Mohagheghi, Parastoo; Snaprud, Mikael Odd H.; Balachandran, Anand Pillai & Ulltveit-Moe, Nils (2005). Including users and external contributors in a European research project.
• Snaprud, Mikael Odd H.; Jensen, Christian S.; Ulltveit-Moe, Nils; Nytun, Jan P.; Rafoshei-Klev, M.E. & Sawicka, Agata [Vis alle 7 forfattere av denne artikkelen] (2002). Towards a Web Accessibility Monitor.
• Hanssen, Øyvind; Sawicka, Agata; Rafoshei-Klev, M.E.; Nytun, Jan P.; Ulltveit-Moe, Nils & Snaprud, Mikael Odd H. [Vis alle 7 forfattere av denne artikkelen] (2002). Towards a Web Accessibility Monitor.
• Sharma, Arvind; Kolhe, Mohan Lal & Ulltveit-Moe, Nils (2021). Techno-Economic Performance Evaluation of Photovoltaic based Micro-Grid with Energy Management Strategies. Universitetet i Agder. ISSN 978-82-8427-018-0. Fulltekst i vitenarkiv Vis sammendrag

  The operational performance of grid connected micro-grid system can be affected by many factors e.g. techno-economic sizing, appropriate energy management strategy, geographical locations, grid constrains and electricity energy pricing dynamics. To make renewable energy based micro-grid system more reliable as well as efficient and economically viable, it is imperative to consider a holistic approach and investigate all these factors for design and operation of the micro-grid system. In this work, techno-economic sizing of distributed generator(s) with energy storage are analyzed for operating grid connected PV based system as a micro-grid, even during the possible grid outage period. Energy management strategies have been proposed and evaluated for improving techno-economic performance of the PV based micro-grid system. Performance of the micro-grid system can be significantly improved using appropriate energy management strategies for maximizing the use of local energy resources and battery energy throughput. Impact of electricity energy pricing dynamics has been analyzed for techno-economic operation of the grid connected PV based micro-grids at the selected geographical locations (i.e. Tropical and Nordic climates). The local grid limits on the operation of the micro-grid system has been evaluated for maximizing the local energy resources utilization with consideration of peak demand and energy pricing. The regional energy pricing dynamics and local grid limits have considerable impact on performance of the PV based micro-grid. The maximum penetration of PV based micro-grid (i.e. hosting capacity study) within the distribution power network has been assessed considering the network constraints (e.g. voltage or/and loading of the power lines, etc.) and they have significant impact on PV capacity installations at different buses. The increasing penetration of PV based micro-grid system affects the voltage quality within the distribution network. The reactive power versus voltage (Q-V) droop control technique has been evaluated for managing the voltage profile within the prescribed limits. The Q-V droop function has been implemented in the PV inverter and tested its operation using the real time digital simulator and power hardware- in- loop method for improving the voltage profile within the distributed network. The presented results in this work are going to be useful for promoting the PV based micro-grid within the distribution network.

• Ulltveit-Moe, Nils; Nergaard, Henrik; Erdödi, László; Gjøsæter, Terje; Kolstad, Erland & Berg, Pål (2016). Secure Information Sharing in an Industrial Internet of Things. arXiv.org. Vis sammendrag

  This paper investigates how secure information sharing with external vendors can be achieved in an Industrial Internet of Things (IIoT). It also identifies necessary security requirements for secure information sharing based on identified security challenges stated by the industry. The paper then proposes a roadmap for improving security in IIoT which investigates both short-term and long-term solutions for protecting IIoT devices. The short-term solution is mainly based on integrating existing good practices. The paper also outlines a long term solution for protecting IIoT devices with fine-grained access control for sharing data between external entities that would support cloud-based data storage.

• Gabioud, Dominique; Erdodi, Laszlo; Basso, Gillian; Unander, Harald; Werlen, Karl & Ulltveit-Moe, Nils [Vis alle 10 forfattere av denne artikkelen] (2015). SEMIAH D3.2 – Overall System Requirements and Functional Specifications. SEMIAH Consortium.
• Henriksen, Bjørnar; Kolstad, Erland; Unander, Harald; Ulltveit-Moe, Nils & Gjøsæter, Terje (2015). SEMIAH D3.1 Verification and Validation Plan. SEMIAH Consortium. Vis sammendrag

  This document contains a high-level verification and validation plan for SEMIAH. It describes the test strategy and methods that will be utilised to complement the software development activities in WP6. The SEMIAH test strategy is mainly based on International Software Testing Qualifications Board’s (ISTQB’s) Agile Test Extension [1]. The testing activities will be divided in four phases: feature development, continuous integration, system test, and pilot system. The business requirements will be validated in acceptance tests through exploratory testing. Features or functionalities of the SEMIAH system will be tested in the feature acceptance tests during the development phase. Nominated feature tests will also be included in the system test and regression testing. Non-functional requirements will be tested either as a natural part of the feature development or during system integration or system test activities. In the integration and system test phases the system will be built step-by-step as new features are delivered from the feature development tasks. At the end, a final system acceptance test will be conducted before the system is released for pilot testing in actual homes. Verification of Develco, Netplus, and Fraunhofer OGEMA products and their wireless interfaces towards appliances or smart devices are not part of this test strategy, nor is the testing of research features that are not to be integrated in the pilot system.

• Ulltveit-Moe, Nils; Gjøsæter, Terje; Erdödi, László & Siegl, Stefan (2015). D8.1 Specification of Security and Privacy Handling. SEMIAH Consortium.
• Ulltveit-Moe, Nils (2015). Verinice Course for PRECYSE. Sourceforge. Vis sammendrag

  This document describes how to use Verinice for performing risk assessments according to the PRECYSE methodology for critical information infrastructures. It was used as an internal course in how to use Verinice in the PRECYSE project. The document amongst others describes how to import data from the vulnerability scanner OpenVAS, and how to model the identified vulnerabilities as risks. It also shows how risks can be mitigated by using countermeasures from the MAGERIT catalogue of countermeasures developed by the project.

• Ulltveit-Moe, Nils & Oleshchuk, Vladimir (2013). Measuring privacy leakage for IDS rules. eprint arXiv:1308.5421. Vis sammendrag

  This paper proposes a measurement approach for estimating the privacy leakage from Intrusion Detection System (IDS) alarms. Quantitative information flow analysis is used to build a theoretical model of privacy leakage from IDS rules, based on information entropy. This theoretical model is subsequently verified empirically both based on simulations and in an experimental study. The analysis shows that the metric is able to distinguish between IDS rules that have no or low expected privacy leakage and IDS rules with a significant risk of leaking sensitive information, for example on user behaviour. The analysis is based on measurements of number of IDS alarms, data length and data entropy for relevant parts of IDS rules (for example payload). This is a promising approach that opens up for privacy benchmarking of Managed Security Service providers.

Se alle arbeider i Cristin