In 2016, a countermeasure against the Nankai trough long-period and long-duration ground motions (LPGMs) was announced. However, response spectrum method (RSM), indicated by Ministry of Construction notification Vol. 2009 (MCN), is out countermeasure. An RSM that considers characteristic changes due to repeated deformation has also been proposed, but since damping correction formula MCN used, i...

In an earlier paper [Danielsson, 1986], we studied the problem of estimating the safety effect of a countermeasure on the expected number of accidents at road junctions when high-accident sites are selected for the study. Often, however, the countermeasure leads to varying effectiveness on different types of accidents. This paper is a generalization in that we estimate effects of countermeasure...

In this paper we study a parity check based countermeasure proposed by Chen et al. that thwarts their attack by detecting byte fault injection during the AES key schedule process. We provide a generalization of their approach that allows to derive parity equations for every AES sizes not given by the authors. We analyze why Chen et al. countermeasure does not properly works. Doing so we are abl...

Virtualization has become of increasing importance for the security of embedded systems during the last years. One of the major threats to this security is posed by side channel attacks. In this work, Bernstein’s time-driven cache-based timing attack against AES is revisited in a virtualization security scenario and the PikeOS micro kernel system is presented. A novel countermeasure against tim...

Random delays are a countermeasure against a range of side channel and fault attacks that is often implemented in embedded software. We propose a new method for generation of random delays and a criterion for measuring the efficiency of a random delay countermeasure. We implement this new method along with the existing ones on an 8-bit platform and mount practical side-channel attacks against t...

Dean and Hu proposed a probabilistic countermeasure to the classic access(2)/open(2) TOCTTOU race condition in privileged Unix programs [4]. In this paper, we describe an attack that succeeds with very high probability against their countermeasure. We then consider a stronger randomized variant of their defense and show that it, too, is broken. We conclude that access(2) must never be used in p...

Security risk analysis should be conducted regularly to maintain an acceptable level of security. In principle, all risks that are unacceptable according to the predefined criteria should be mitigated. However, risk mitigation comes at a cost, and only the countermeasures that cost-efficiently mitigate risks should be implemented. This paper presents an approach to integrate the countermeasure ...

Existing risk assessment methods often rely on a context of a target software system at a particular point in time. Such contexts of long-living software systems tend to evolve over time. Consequently, risks might also evolve. Therefore, in order to deal with evolving risks, decision makers need to select an appropriate risk countermeasure alternative that is more resilient to evolution than ot...