fpraus.bib
@inproceedings{WG2006a,
title = {{Security in Networked Building Automation Systems}},
author = {Wolfgang Granzer and Wolfgang Kastner and Georg Neugschwandtner and Friedrich Praus},
booktitle = {Proc. 6th IEEE International Workshop on Factory Communication Systems (WFCS '06)},
year = {2006},
month = jun,
note = {{Best Paper Award of WFCS '06}},
pages = {283--292},
abstract = {Enriching Building Automation Systems (BAS) with new services formerly provided by separate subsystems promises synergies, but increases demands on the BAS architecture. In particular, the integration of security subsystems significantly tightens security requirements on the protocol of a networked control system. First, this paper gives a survey on security in BAS. Possible threats and attacks are discussed. Weaknesses in the security mechanisms of important open networked BAS (LonWorks, BACnet, KNX/EIB) are summarized. Then, a security extension to KNX/EIB is presented. It includes several security mechanisms that guarantee data integrity, confidentiality and freshness, as well as authentication to provide secure process data and management communication. Relevant configuration related issues such as key management and distribution are also addressed.},
file = {eibsec_wfcs2006.pdf:http\://www.auto.tuwien.ac.at/~wgranzer/eibsec_wfcs2006.pdf:PDF},
owner = {fritz},
timestamp = {2014.04.15}
}
@inproceedings{WG2006c,
title = {{A Modular Architecture for Building Automation Systems}},
author = {Wolfgang Granzer and Wolfgang Kastner and Georg Neugschwandtner and Friedrich Praus},
booktitle = {Proc. 6th IEEE International Workshop on Factory Communication Systems (WFCS '06)},
year = {2006},
month = jun,
pages = {99--102},
abstract = {The deployment of building automation systems (BAS) allows to increase comfort, safety and security and to reduce operational cost. Today such systems typically follow a two-layered hierarchical approach. While control networks interconnect distributed sensors, actuators and controllers, a backbone provides the necessary infrastructure for management tasks hosted by configuration and management devices. In addition, devices interconnecting the control network with the backbone and the backbone with further networks (e.g., the Internet) play a strategic role. All BAS devices contributing to a particular functionality differ in their requirements for hardware. This paper discusses requirements for devices used in the building automation domain and presents our work in progress to assemble platforms with different purposes relying on a modular architecture.},
file = {modular_wfcs2006.pdf:http\://www.auto.tuwien.ac.at/~wgranzer/modular_wfcs2006.pdf:PDF},
owner = {fritz},
timestamp = {2014.04.15}
}
@inproceedings{WG2009a,
title = {{Securing IP Backbones in Building Automation Networks}},
author = {Wolfgang Granzer and Daniel Lechner and Friedrich Praus and Wolfgang Kastner},
booktitle = {Proc. 7th IEEE International Conference on Industrial Informatics (INDIN '09)},
year = {2009},
month = {jun},
pages = {410--415},
abstract = { The use of IP networks as common backbone is becoming of increased interest in today’s building automation systems (BAS). However, with the use of IP also new attack scenarios that threaten the overall security of BAS are introduced. Due to the absence of native security mechanisms in IP and because of its long standing and pervasive use in the IT world, many vulnerabilities exist that are well-known to attackers. To counteracts these threats, this paper presents a generic concept to secure IP backbones that is tailored for the use in building automation. A main advantage of the concept is its flexibility. Due to the used protocol architecture, it is applicable to available BAS standards without the need of an adaption of existing BAS protocols. As a proof-of-concept, a prototype implementation for the KNX standard is also presented in the paper.},
file = {indin2009_secure_ip.pdf:http\://www.auto.tuwien.ac.at/~wgranzer/indin2009_secure_ip.pdf:PDF},
owner = {fritz},
timestamp = {2014.04.15}
}
@article{Granzer2013,
title = {{Source Code Plagiarism in Computer Engineering Courses}},
author = {Wolfgang Granzer and Friedrich Praus and Peter Balog},
journal = {JSCI: Journal of Systemics, Cybernetics and Informatics},
year = {2013},
number = {6},
pages = {4},
volume = {11},
abstract = {In today's university life, teachers are often confronted with plagiarism. A special form of plagiarism is source code plagiarism typically found in programming courses at universities and schools. Detecting or even preventing source code plagiarism is by no means a trivial task. Therefore, this paper explains and discusses different methods that can be used to prevent and detect source code plagiarism. The second part of this paper is focused on automatic tools that assist in detecting plagiarism. Finally, an approach is presented which can be used to detect source code plagiarism in PLC (programmable logic controller) programs.},
url = {http://www.iiisci.org/journal/sci/Abstract.asp?var=&id=iEB266TP}
}
@inproceedings{Granzer2012,
title = {{Source Code Plagiarism in Computer Engineering Courses}},
author = {Wolfgang Granzer and Friedrich Praus and Peter Balog},
booktitle = {Proc. 3rd International Conference on Education, Training and Informatic (ICETI'12)},
year = {2012},
month = {Mar},
note = {Best presentation award},
publisher = {Paper ID: EB266TP},
abstract = {In today's university life, teachers are often confronted with plagiarism. A special form of plagiarism is source code plagiarism typically found in programming courses at universities and schools. Detecting or even preventing source code plagiarism is by no means a trivial task. Therefore, this paper explains and discusses different methods that can be used to prevent and detect source code plagiarism. The second part of this paper is focused on automatic tools that assist in detecting plagiarism. Finally, an approach is presented which can be used to detect source code plagiarism in PLC (programmable logic controller) programs.},
owner = {fritz},
quality = {1},
timestamp = {2013.06.06},
url = {http://www.praus.at/dl.php?url=sourcecode_plagiarism_final.pdf}
}
@article{WG2010c,
title = {{Security in Building Automation Systems}},
author = {Wolfgang Granzer and Friedrich Praus and Wolfgang Kastner},
journal = {IEEE Transactions on Industrial Electronics},
year = {2010},
month = nov,
number = {11},
pages = {3622--3630},
volume = {57},
abstract = {Building automation systems are traditionally concerned with the control of heating, ventilation, air conditioning, as well as lighting and shading systems. They have their origin in a time where security has been considered as a side-issue at best. Nowadays, with the rising desire to integrate security-critical services that were formerly provided by isolated subsystems, security must no longer be neglected. Thus, the development of a comprehensive security concept is of utmost importance. This paper starts with a security threat analysis and identifies the challenges of providing security in the building automation domain. Afterwards, the security mechanisms of available standards are thoroughly analyzed. Finally, two approaches that provide both secure communication and secure execution of possibly untrusted control applications are presented.},
file = {sebas_tie.pdf:http\://www.auto.tuwien.ac.at/~wgranzer/sebas_tie.pdf:PDF},
owner = {fritz},
timestamp = {2014.04.15}
}
@inproceedings{Hammer2016,
title = {{KNX in academic education and training}},
author = {Clemens Hammer and Johannes Klug and Friedrich Praus},
booktitle = {Proc. KNX Scientific Conference},
year = {2016},
month = {October},
abstract = {{The home automation sector is a steadily growing market. Clearly, it is of importance to enhance
the current education and training programs at the involved institutes. However, this is often related
to a high investment into the required hardware, which provides a financial obstacle for students and
institutes. The usage of simulation and training kits as proposed in this paper not only allows to reduce
this financial barrier, but also enhances the quality of the education programs itself. Typical learning
outcomes and teaching use cases are (1) ETS commissioning, (2) user application development on
embedded devices, (3) smart phone application/visualization development or (4) providing a physical
test setup for specialists and researchers.
Especially the realization of a functional prototype setup represents a big challenge, since a lot of
physical devices such as lights, HVAC components or roller shutters are required. This is even harder
for larger courses with around 30 participants or more (a typical size of a class at university of applied
sciences), where one student or at most a group of two students should have access to smart home
hardware. Besides, it is desirable that these training kits allow different teaching methods such as
blended or distance learning.
To realize such a setup, one question arises: How can training equipment be developed, which
is space and cost effective on the one side and on the other side implements all necessary
components, which are equipped inside a typical smart home?
To reduce the finical investment into training devices, minimize the required dimensions of a physical
training setup and enhance trainings the paper describes the following three approaches:
-) Full simulation of the hardware and software (cf. Fig. 4): The advantage of a full simulation
method is, that no smart home hardware is needed. With the aid of a software simulator (JavaFX
and KNXnet/IP based, KNX group communication support), arbitrary sensors and actuators are
configured the same way as real hardware and the control interfaces and the current states
are displayed graphically. Additionally, a real hardware setup can be linked to the simulator via
KNXnet/IP. Teaching use cases (2) and (3) are supported.
-) Physical home automation components in combination with simulated process devices (cf. Fig. 5):
Real KNX hardware such as switching and dimming actuators, KNXnet/IP devices and control
panels are installed inside a mobile training case and the process devices are partly simulated.
This means, that for example lights are realized as a customary LED lamps, whereas roller shut-
ters and HVAC components are simulated by the usage of optical imitations (e.g. a visualization
element consisting of 8 blue LEDs simulating the current data point value of an air condition).
Teaching use cases (1) – (3) are supported.
-) Test labor with permanently installed actuators and sensors (cf. Fig. 6): The test labor itself is
realized as a room, which contains only real physical smart home components. Therefore, no
physical process needs to be simulated and the whole system behavior can be observed and
evaluated in real life. Teaching use cases (1) – (4) are supported.}},
owner = {fritz},
timestamp = {2016.11.11},
url = {http://www.praus.at/dl.php?url=KNX_in_academic_education_final.pdf}
}
@inproceedings{Isaacs2012,
title = {{Design \& development of a prototype android app for a KNX home}},
author = {Richard Isaacs and Friedrich Praus},
booktitle = {Proc. KNX Scientific Conference},
year = {2012},
month = {November},
abstract = {{Smartphone Apps provide personal and customizable access to the Internet and immediate surroundings. With the introduction of KNXnet/IP, an IP communication to KNX networks became possible enabling KNX installations to be connected to those Apps easily. This paper describes the relevant tasks for the design and development of a prototype Android App that provides location independent access for supervising a home network. The App imports a static configuration model of the home network and provides an intuitive user interface. This network configuration is automatically created by exported standard information from the KNX project database with an additional custom parsing. The open source Java library, Calimero, is used for the communication to a KNXnet/IP server for management and transport layer telegrams. The Android App implements a client/service architecture persisting all network data and events to a local database. The graphical user interface (GUI) provides a basic set of features for monitoring, import, diagnostic and control functions. The App is tested using the Siemens Gamma Training Kit (GTK) with a typical home configuration.}},
url = {http://www.praus.at/dl.php?url=knx12_android_final.pdf}
}
@incollection{ieeehandbook_knx,
title = {{K}{N}{X}},
author = {Wolfgang Kastner and Friedrich Praus and Georg Neugschwandtner and Wolfgang Granzer},
booktitle = {Industrial Electronics Handbook},
publisher = {CRC Press},
year = {2011},
chapter = {42},
edition = {2nd},
editor = {B.M. Wilamowski and J.D. Irwin},
pages = {42-1 -- 42-14},
volume = {2: Industrial Communication Systems},
owner = {fritz},
timestamp = {2014.04.15}
}
@conference{Kropf2013,
author = {Johannes Kropf and Barbara Prazak-Aram and Lukas Roedl and Friedrich Praus and Christian Siegel},
title = {{Large Scale Integration and evaluation of AAL Technologies in Eastern Austria - the moduLAAr project}},
booktitle = {AAL Forum},
year = {2013},
volume = {Session D3},
month = sep,
owner = {fritz},
quality = {1},
timestamp = {2013.10.11}
}
@phdthesis{Praus2015,
title = {Secure Control Applications in Smart Homes and Buildings},
author = {Friedrich Praus},
school = {Technische Universität Wien},
year = {2015},
month = {November},
abstract = {With today's ongoing integration of heterogeneous building automation systems, increased comfort, energy efficiency, improved building management, sustainability as well as advanced applications such as active assisted living scenarios become possible. These smart homes and buildings are implemented as decentralized systems, where embedded devices are connected via networks to exchange their data.
Obviously, the demands -- especially regarding security -- increase: Secure communication becomes equally important as secure software being executed on the embedded devices. While the former has (recently) been addressed by standardization committees and manufacturers, until now no scientific research is available, that targets the problem of secure control applications in this domain. No attack model has been defined, no security measures have been recommended, existing measures from other domains are either too cost or time intensive to deploy, cannot be trivially applied to or do not cover specific demands and constraints of the building automation domain. Thus, deploying adequate control application security measures is left open to developers, who are overburdened with the manifold and often unknown security requirements. This yields to insecure control applications, which enable adversaries to attack building automation systems.
This dissertation introduces an architecture for distributed control applications in smart homes and buildings, which tackles the problem on how to secure software running on different device classes. The following novelties are contributed, which -- to the best knowledge of the author -- have not been addressed in research, yet: a comprehensive identification of security requirements for control applications in smart homes and buildings, an application model capable of depicting control applications in a formal way, the concept of security attributes, being able to formally specify a security policy, and a framework, which allows the secure development and execution of control applications, and an enforcement of the defined security policies.},
file = {:/home/fritz/Privat/doktorratstudium/diss/AC12681645.pdf:PDF},
owner = {fritz},
timestamp = {2015.11.18}
}
@mastersthesis{PrausDipl2005,
author = {Friedrich Praus},
title = {{A Versatile Networked Embedded Platform for KNX/EIB}},
school = {Vienna University of Technology, Institute of Computer Aided Automation, Automation Systems Group},
year = {2005},
abstract = {{The deployment of home and building automation systems allows to increase comfort, safety and security and reduce operational cost. Today such systems typically follow a hierarchical distributed approach. While control networks interconnect smart sensors and actuators, a backbone network provides the infrastructure for management tasks. Devices interconnecting these networks have a strategic role. Especially in the home domain, the integration of various control and data networks is essential for maximum benefit. The European Installation Bus (KNX/EIB) is a popular control network designed to enhance electrical installations in buildings. It uses a proprietary twisted pair (TP) medium to interconnect devices like smart light switches and dimmers. The objective of this thesis is to design an embedded and versatile platform for ongoing development in the area of home and building automation systems with a focus on KNX/EIB TP. Besides two KNX/EIB TP interfaces, it provides RS-232, USB and Ethernet connectivity. The platform moreover has sufficient processing power and storage, enabling it to act as a ``smart router'' or gateway. The thesis first presents a classification of control network devices. It then discusses the hardware and software requirements for the desired platform. A detailed presentation of its design, implementation and operation with respect to hardware and software follows.}},
url = {http://www.praus.at/dl.php?url=diplomarbeit_fpraus_printed.pdf}
}
@inproceedings{Praus2008,
title = {{Secure and Customizable Software Applications in Embedded Networks}},
author = {Friedrich Praus and Thomas Flanitzer and Wolfgang Kastner},
booktitle = {Proc. 13th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA'08)},
year = {2008},
month = {sep},
pages = {1473--1480},
abstract = {Improved technology and economically feasible costs allow a widespread deployment of embedded systems in various application domains - ranging from integration into cars, industrial automation up to building automation. A sophisticated security architecture considering the challenging constraints on these systems and providing secure communication, secure software as well as physical security is needed. This paper presents an approach to allow untrusted, possible (intentional) malicious software to be executed securely on a low end embedded system. A proof of concept and an evaluation for a building automation system is given.},
doi = {10.1109/ETFA.2008.4638590},
owner = {fritz},
timestamp = {2008.10.24},
url = {http://www.praus.at/dl.php?url=etfa2008_fpraus_secapp_final.pdf}
}
@inproceedings{Praus2016a,
title = {{KNX security devices}},
author = {Friedrich Praus and Wolfgang Granzer and Peter Balog},
booktitle = {Proc. KNX Scientific Conference},
year = {2016},
month = {October},
note = {{KNX Scientific Award 2016}},
abstract = {{As recently shown in [1], thousands of KNX installations are being connected to the Internet un-
protectedly. Fortunately, today security awareness is rising and security mechanisms are available,
allowing to secure KNX installations. KNX Data Security (AN158) and KNXnet/IP Security (AN159)
secure the building automation network (BAN) by providing secure communication as well as verify-
ing the identity of the involved network nodes (i.e. authentication). This prevents security threats like
unauthorized interception (e.g. network sniffing), modification (e.g. man-in-the-middle attacks) and
fabrication (e.g. replay attacks). Also, security guidelines are available [2, 3].
Nevertheless, network as well as device attacks exist, that cannot be prevented using such methods.
For BANs typical representatives are interruption attacks, which have the objective of making a service
or data unavailable. These attacks are also referred to as Denial of Service (DoS) attacks. In order to
interrupt the communication in a BAN, the adversary is trying to waste network and system resources
to prevent the sensor actuator and controller (SAC) from performing its expected function. DoS attacks
are always hard to handle, which is especially true for SACs where nodes are subject to stiff resource
limitations. Besides, attacks evolving from programming errors/bugs (i.e. buffer overflows) in software
running on KNX devices can still occur, even if security measures are deployed. Such attacks or
threats can only be detected or prevented by a system having a global view of exchanged process
data [1].
The paper is structured as follows: After a discussion on the security of KNX in the year 2016 in
Section 1, the process to provide security is discussed in Section 2. Section 3 presents two device
concepts that have the aim to prevent or at least to detect the attack scenarios mentioned above. A
so called secure KNX firewall acts as an interconnection device which is able to prevent attacks by
physically separating two or more different BANs. Process data exchange on the network interfaces
is being analyzed and depending on the deployed security policy data telegrams are filtered. It al-
lows to drop physically addressed telegrams, prohibit process data exchange between unknown user
applications, and evaluate security attributes allowing e.g. telegrams from specified devices contain-
ing specific data. A network based KNX Intrusion Detection System (IDS) on the other hand is able
to detect abnormal network communication as well as abnormal behavior of devices. After having
detected such an abnormal situation, it must be determined whether it has to be considered as an
attack. Typical attack scenarios that are detected by such an IDS are process data exchange between
user applications that violates a statically defined policy or communication relationship, unauthorized
management communication i.e. physical destination addresses, or high bus load.
The configuration of both device types is based on security policy which can be derived from the
ETS project. A test environment demonstrating compatibility to standard (existing) KNX installations
without influencing the normal operation regarding its performance is also presented.
The main contents of the paper are based on the dissertation of the author [4].}},
owner = {fritz},
url = {http://www.praus.at/dl.php?url=KNX_Security_Devices_Praus_Paper.pdf}
}
@inproceedings{PrausETFA2007,
title = {{A Simulation Framework for Fault-Tolerant Clock Synchronization in Industrial Automation Networks}},
author = {Friedrich Praus and Wolfgang Granzer and Georg Gaderer and Thilo Sauter},
booktitle = {Proc. 12th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA'07)},
year = {2007},
month = {September},
pages = {1465--1472},
abstract = {Many applications such as distributed measurements or real-time networks benefit from a common notion of time. Protocols providing high precision and simple clock synchronization are necessary to achieve such a common time base. However, most of the available protocols are lacking with regard to fault tolerance and performance in case of a fault. The project IMAGINE (Introduction of Master Group Based Industrial Ethernet) overcomes these limitations by introducing a fault-tolerant IEEE 1588 master group. A proof of concept for a largeor even medium- scale network is, however, very difficult to obtain under laboratory conditions. Therefore, a simulation framework has been developed, which is presented in this paper.},
owner = {fritz},
timestamp = {2007.08.30},
url = {http://www.praus.at/dl.php?url=ETFA07_Simulation.pdf}
}
@inproceedings{PrausINDIN2009,
title = {{Enhanced Control Application Development in Building Automation}},
author = {Friedrich Praus and Wolfgang Granzer and Wolfgang Kastner},
booktitle = {Proc. 7th IEEE International Conference on Industrial Informatics (INDIN'09)},
year = {2009},
month = {jun},
pages = {390--395},
abstract = {Building Automation Systems (BAS) lack a common application model. Thus, the development of control applications (CAs) is not a very straightforward task and requires profound expertise. When in addition security has to be considered, inexperienced developers are overwhelmed by the manifold demands and constraints. This paper presents an approach to ease the CA development and at the same time to provide security for their execution. The main idea is to base the application model on a generic ontology and to provide a sandbox for the execution environment. The programming concept, configuration and management issues as well as the workflow are described in detail. Finally, a proof of concept for BACnet and KNX is given.},
owner = {fritz},
timestamp = {2009.04.09},
url = {http://www.praus.at/dl.php?url=indin2009_fpraus_controlapp_final.pdf}
}
@inproceedings{Praus2014,
title = {{Identifying Unsecured Building Automation Installations}},
author = {Friedrich Praus and Wolfgang Kastner},
booktitle = {Proc. 19th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA'14)},
year = {2014},
month = {September},
number = {978-1-4799-4845-1},
abstract = {Building automation systems rely more and more on IP-based communication, which allows easier management, maintenance and, in general, interaction with other domains. When the connection to the Internet comes into play, security mechanisms need to be deployed to prevent attacks on these systems. Based on a worldwide scan of IPv4 addresses, this paper illustrates that security awareness is unfortunately still neglected. Thousands of building automation systems are directly connected to the Internet, allowing unauthenticated and unauthorized access to their underlying datapoints.},
owner = {fritz},
timestamp = {2007.08.30},
url = {http://www.praus.at/dl.php?url=PF-007536.pdf}
}
@inproceedings{Praus2014a,
title = {{Spotting Unsecured KNX Installations}},
author = {Friedrich Praus and Wolfgang Kastner},
booktitle = {Proc. KNX Scientific Conference},
year = {2014},
month = {November},
note = {{KNX Scientific Award 2014}},
abstract = {{IP based KNX installations are meantime widespread all over the world. They allow interconnec-
tion of different KNX field segments to a common backbone which might be home for management
applications. Also, IP-based access paves the way for energy monitoring and management systems
dedicated for functional buildings. Future homes and ambient assisted living applications may benefit
from new services that reside within the cloud.
The Internet itself, however, is an open medium, which is used by adversaries all over the world to
attack connected devices. In the industrial automation, such attacks already have been performed.
Even worse, often security vulnerabilities are present in those sensors, actuators and controllers. To
our best knowledge, up to now no extensive research is available, which deeply analyzes existing KNX
installations being connected to the Internet.
Thus, based on a worldwide scan of IPv4 addresses, this paper will illustrate that security awareness
among integrators, developers and end-users is unfortunately still neglected in the KNX domain. Thou-
sands of installations are directly connected to the Internet, allowing unauthenticated and unauthorized
access to their underlying datapoints. This paper also covers a discussion on possible countermea-
sures as well as the non-functional and functional security requirements in KNX.
}},
owner = {fritz},
timestamp = {2014.12.05},
url = {http://www.praus.at/dl.php?url=Spotting_unsecured_KNX_installations-Praus_final.pdf}
}
@inproceedings{PrausINDIN2010,
title = {{Secure Control Applications in Building Automation Using Domain Knowledge}},
author = {Friedrich Praus and Wolfgang Kastner},
booktitle = {Proc. 8th IEEE International Conference on Industrial Informatics (INDIN'10)},
year = {2010},
month = {jul},
pages = {52--57},
abstract = {When security-critical applications are considered to be integrated into the building automation domain, two requirements need to be fulfilled: providing security features at the network level and support for security mechanisms at the application level. This paper tackles the second goal using domain knowledge based on existing and related international application level standards. After the demands for secure applications and an underlying security policy are stated, a system model is derived that allows specifying security attributes for data points, function blocks, embedded applications, and, finally, distributed control applications. In conclusion, the applicability of the model is demonstrated for selected use cases.},
owner = {fritz},
timestamp = {2010.04.26},
url = {http://www.praus.at/dl.php?url=indin2010_fpraus_policy_final.pdf}
}
@inproceedings{Praus2008a,
title = {{User Applications Development Using Embedded Java}},
author = {Friedrich Praus and Wolfgang Kastner},
booktitle = {Proc. KNX Scientific Conference},
year = {2008},
month = {November},
abstract = {Building Automation Systems (BAS) aim at improving control and management of mechanical and electrical systems in buildings. It is the task of Sensors, Actuators and Controllers (SACs) to interact with the physical environment and perform measurement and control tasks. In building automation networks they, typically, consist of a network interface and a microcontroller (MCU) where an application specific hardware is attached. In a similar way, the software may be split into a system software part providing basic functionality and a (customizable) user application (UA) dealing with the attached hardware. Within KNX this concept is well known, as customized application modules are connected via the physical external interface to standardized bus attachment units. However, KNX UA development traditionally required profound hardware knowledge. This paper presents an approach to leverage user application development. With limited hardware resources of SACs in mind, an embedded virtual machine provides a lean environment for Java based user applications. Interfacing to KNX and the specific hardware is done by a well-defined Java user application programming interface. In addition, a management interface allows to download and configure UAs inside the virtual machine. The programming concept, configuration and management issues as well as the workflow are described in detail. As proof of concept for SACs supporting our approach two hardware platforms have been chosen: a stripboard equipped with an ATMega168 MCU and KNX connection via the Freebus project, and KNXcalibur, a Fujitsu MCU based board connected to KNX via TP-UART. The contribution is rounded up by a first performance analysis.},
url = {http://www.praus.at/dl.php?url=knx08_embeddedjava_final.pdf}
}
@inproceedings{PrausJSC2006,
title = {{A Versatile Networked Embedded Platform for KNX/EIB}},
author = {Friedrich Praus and Wolfgang Kastner},
booktitle = {Junior Scientific Conference},
year = {2006},
month = {April},
pages = {{59-60}},
abstract = {{The deployment of home and building automation systems (BAS) allows to increase comfort, safety and security and to reduce operational cost. Today such systems typically follow a hierarchical distributed approach. While control networks interconnect smart sensors and actuators, a backbone network provides the infrastructure for management tasks. Devices interconnecting these networks play a strategic role. Especially in the home domain, the integration of various control and data networks is essential for maximum benefit.}},
url = {http://www.praus.at/dl.php?url=jsc06_fritz_praus_final.pdf}
}
@inproceedings{PrausKNX2004,
title = {{Yet Another All-purpose EIBNet/IP Gateway}},
author = {Friedrich Praus and Wolfgang Kastner and Oliver Alt},
booktitle = {Proc. KNX Scientific Conference},
year = {2004},
month = {October},
abstract = {{Currently, we are designing a universal-applicable gateway to KNX systems. The hardware is based on an Fujitsu 16bit micro-controller with 24 MHz, 24Kbyte RAM, 384Kbyte flash memory, full USB support, 4 UARTs, 3 channels for I2C bus communication and an external bus interface. Our gateway will support EIBnet/IP (tunneling and routing) with an embedded web-server facilitating HEAD, GET and POST requests and CGI scripts. The gateway is intended as universal platform for ongoing development concerning integration of other fieldbus and multimedia bus systems to KNX, as well as gateway for remote IP services. In addition, it serves as a base for work in progress regarding the development of a set-top box for integration into the OSGi environment and plug and play networks. The paper presents the design of the hardware interfaces and interesting parts of the software implementation.}},
url = {http://www.praus.at/dl.php?url=Multipurpose%20EIB%20Gateway.pdf}
}
@inproceedings{PrausKNX2006a,
title = {{A Versatile Networked Embedded Platform for KNX/EIB}},
author = {Friedrich Praus and Wolfgang Kastner and Georg Neugschwandtner},
booktitle = {Proc. KNX Scientific Conference},
year = {2006},
month = {November},
abstract = {{The deployment of building automation systems (BAS) allows to increase comfort, safety and security and reduce operational cost at the same time. Today such systems typically follow a twolayered hierarchical approach. While control networks interconnect distributed sensors, actuators and controllers, a backbone provides the necessary infrastructure for management tasks hosted by configuration and management devices. In addition, devices interconnecting the control network with the backbone on the one hand and the backbone with further networks (e.g., the Internet) on the other hand play a strategic role. According to their particular functionality and the resulting demands on the necessary hardware and software support, BAS devices can be categorized in three distinct device classes. Based upon this classification the paper presents a generic hardware and software framework whose flexible design fits all these classes. Devices for a particular purpose (i.e., class) can be derived from the universally applicable, generic framework, easing development. This process is demonstrated for a multi-purpose hardware platform applicable to multiple device classes. Moreover, three case studies for this platform are presented which illustrate how software applications from all classes make use of this universally applicable platform. }},
url = {http://www.praus.at/dl.php?url=praus-versatile_platform-knxsci06-website.pdf}
}
@inproceedings{Praus2016,
title = {Software security requirements in building automation},
author = {Friedrich Praus and
Wolfgang Kastner and
Peter Palensky},
booktitle = {Sicherheit 2016: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit,
Beitr{\"{a}}ge der 8. Jahrestagung des Fachbereichs Sicherheit
der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 5.-7. April
2016, Bonn},
year = {2016},
pages = {217--228},
bibsource = {dblp computer science bibliography, http://dblp.org},
biburl = {http://dblp.uni-trier.de/rec/bib/conf/sicherheit/PrausKP16},
timestamp = {Fri, 27 May 2016 11:35:16 +0200},
url = {http://subs.emis.de/LNI/Proceedings/Proceedings256/217.pdf}
}
@article{Praus2016b,
title = {{Secure Control Applications in Smart Homes and Buildings}},
author = {Friedrich Praus and Wolfgang Kastner and Peter Palensky},
journal = {Journal of Universal Computer Science},
year = {2016},
month = {September},
number = {9},
pages = {1249--1273},
volume = {22},
abstract = {{With today’s ongoing integration of heterogeneous building automation sys-
tems, increased comfort, energy efficiency, improved building management, sustainabil-
ity as well as advanced applications such as active & assisted living scenarios become
possible. These smart homes and buildings are implemented as decentralized systems,
where embedded devices are connected via networks to exchange their data.
Obviously, the demands – especially regarding security – increase: Secure communica-
tion becomes equally important as secure software being executed on the embedded
devices. While the former has been addressed by standardization committees, manu-
facturers and researchers, until now the problem of secure control applications in this
domain has not been addressed extensively. This leads to insecure and unprotected soft-
ware being executed on the embedded devices. Thus, adversaries are capable of attack-
ing building automation systems.
This paper introduces an architecture for distributed control applications in smart
homes and buildings, which tackles the problem on how to secure software running on
different device classes. The following novelties are contributed: an application model
capable of depicting control applications in a formal way, the concept of security at-
tributes, being able to formally specify a security policy, and a framework, which allows
the secure development and execution of control applications, and an enforcement of
the defined security policies.}},
owner = {fritz},
timestamp = {2016.11.11},
url = {http://www.jucs.org/jucs_22_9/secure_control_applications_in}
}
@inproceedings{PrausKNX2010,
title = {{Open Source Approaches to Integrate KNX into Media Centers}},
author = {Friedrich Praus and Christian Reinisch and Paul Leitner and Wolfgang Kastner},
booktitle = {Proc. KNX Scientific Conference},
year = {2010},
month = nov
}
@inproceedings{Reinisch2008,
title = {{Integration of Heterogeneous Building Automation Systems Using Ontologies}},
author = {Christian Reinisch and Wolfgang Granzer and Friedrich Praus and Wolfgang Kastner},
booktitle = {Proceedings of 34th Annual Conference of the IEEE Industrial Electronics Society (IECON '08)},
year = {2008},
month = nov,
pages = {2736--2741},
abstract = {The challenge of integrating heterogeneous systems in order to combine their functionality is of utmost importance for the further deployment of building automation systems. The goal is to allow comprehensive communication among the systems. This will provide enhanced possibilities thus making way for intelligent buildings. Traditionally, integration is achieved using gateways which require considerable configuration effort. To alleviate this overhead and provide a unified system view, a generic application model is proposed that can accommodate all functionality found in building automation systems. The employment of this model promises several benefits such as a central point for configuration and system access. The method of choice are ontologies, which allow to offer a seminal representation of knowledge, an abstraction of the heterogeneous network infrastructure and automatic reasoning on the stored knowledge.},
file = {IntegrationOntologies-IECON08.pdf:http\://www.auto.tuwien.ac.at/~creinisch/papers/IntegrationOntologies-IECON08.pdf:PDF},
owner = {fritz},
timestamp = {2010.02.09}
}
@inproceedings{Reinisch2006,
title = {{Wireless Communication in KNX/EIB}},
author = {Christian Reinisch and Wolfgang Granzer and Friedrich Praus and Wolfgang Kastner},
booktitle = {Proc. KNX Scientific Conference},
year = {2006},
month = {November},
owner = {fritz},
timestamp = {2015.08.06}
}
@inproceedings{Samardzija2012,
title = {{ANT goes KNX -- an open platform gateway for ANT and KNX}},
author = {Luka Samardzija and Friedrich Praus},
booktitle = {Proc. KNX Scientific Conference},
year = {2012},
month = {November},
abstract = {{This paper investigates the interoperability of ANT and KNX. ANT is a low power wireless networking technology targeted for embedded systems. KNX is a world wide standard for home and building control. Although the KNX standard already implements a wide range of application fields and further additional implementations e.g. a tabled-pc contorled home environment, ANT is capable to enhancement the KNX expirience. This paper handles the interoperability of ANT and KNX, starting with brief hardware introduction, examining the firm- and middleware, and in a final step analysing the application level and protocol features of both technologies. The main focus of this work is not only a theoretical and informal investigation, but a pragmatic realisation of an ANT/KNX gateway. The result of this paper is a generic and open framework for the junction of ANT and KNX.}},
url = {http://www.praus.at/dl.php?url=knx12_ANTgoesKNX_final.pdf}
}
@inproceedings{Schindelboeck2016,
title = {{A Diabetes Self-Management Prototype in an AAL-Environment to Detect Remarkable Health States}},
author = {Denise Schindelböck and Friedrich Praus and Walter Gall},
booktitle = {Health Informatics Meets eHealth},
year = {2016},
editor = {Günter Schreier and Elske Ammenwerth and Alexander Hörbst and Dieter Hayn},
note = {{ISBN: 978-1-61499-645-3, Best Scientific Poster Award eHealth Summit Austria 2016}},
pages = {273--280},
publisher = {IOS Press},
volume = {223},
abstract = {{Every year life span is increasing and simultaneously the proportion of people with one or more chronic diseases. This paper presents an implementation of a prototype with a decision tree to detect dangerous health conditions for Diabetes Type 1 and Diabetes Type 2. With the information we collect from Personal Health Devices and data from the Active-Assisted-Living environment, we are in the position to customize thresholds and to get individual results. With the help of a modified Glucose-Insulin Model (based on the minimal model of Stolwijk & Hardy) we predicted the future glucose concentration of the patient. We validated our model with an intention-to-treat pilot study including 8 subjects and obtained a significantly better (p < 2.2−16) result than the original model.}},
doi = {10.3233/978-1-61499-645-3-273},
owner = {fritz},
timestamp = {2016.05.11},
url = {http://ebooks.iospress.nl/volume/health-informatics-meets-ehealth-predictive-modeling-in-healthcare-from-prediction-to-prevention-proceedings-of-the-10th-ehealth2016-conference}
}
@inproceedings{Wagner2013,
title = {{Ambient Assitive Technologies: The mobile robot P3AAT}},
author = {Richard Wagner and Peter Wolff and Klaus Sch\"affer and Friedrich Praus},
booktitle = {Proceedings of the Austrian Robotics Workshop (ARW'13)},
year = {2013},
editor = {Wilfried Kubinger and Alexander Hofmann and Friedrich Praus},
month = {May},
number = {978-3-200-03095-4},
pages = {93--97},
publisher = {FH Technikum Wien},
abstract = {{This paper reports preliminary results on a student project dealing with the development of an autonomous mobile service robot. The robot is able to navigate autonomously, detect bottles in different shapes and grasp them. The paper describe the hardware components used by the robot and the software architecture based on the Robot Operation System.}},
url = {http://embsys.technikum-wien.at/arw13/Proceedings_ARW13_nice.pdf}
}
@inproceedings{C.Orth2017,
author = {C. Orth and D. Tsiamitros and G. Kokkonis and D. Stimoniaris and I. Deligkiozi and D. Leonardos and M. Lehtonen and J.Liesmaki and S. Pettersen and C. Pedersen and F. Christange and T. Hamacher and A. Blume and P. Panagiotou and W. Kastner and W. Granzer and F. Praus and A. Ozdemir and A. Gaglia and E. Dialynas and Y. Stephanedes},
title = {Smart Buildings and Electric Transportation Systems for a secure and efficient power network},
booktitle = {Smart Cities and Mobility as a Service},
year = {2017},
month = {dec}
}
@inproceedings{Sabic2018,
title = {{Network Intrusion Detection in Building Automation Systems}},
author = {Alija Sabic and Wolfgang Granzer and Friedrich Praus},
booktitle = {Proc. KNX Scientific Conference},
year = {2018},
month = {October},
owner = {fritz},
url = {https://www.knx.org/knx-en/for-professionals/newsroom/en/news/KNX-Scientific-Conference-2018/}
}
@conference{Deinhofer2019,
author = {Martin Deinhofer and Alija Sabic and Friedrich Praus},
title = {{Unterstützungstechnologien in Smart Homes: kostengünstig \& praxisnah; AsTeRICS: Alternative Eingabegeräte \& AAC}},
booktitle = {{IKT} Forum},
year = {2019},
address = {Linz, Austria},
month = jul
}
@inproceedings{BillmannM.2019,
author = {M. Billmann and S. Werner and Roland Höller and Friedrich Praus and Andreas Puhm and Niki Kerö},
title = {{Open-Source Crypto IP Cores for FPGAs - Overview and Evaluation}},
booktitle = {Proceedings of the 27th Austrochip Conference on Microelectronics},
year = {2019},
pages = {8},
address = {Vienna, Austria},
month = oct
}
@book{Praus2023,
title = {Accreditation Of The Degree Programme In {ICT} At Jamk University Of Applied Sciences 2023},
publisher = {Finnish Education Evaluation Centre},
year = {2023},
author = {Friedrich Praus and Kati Isoaho and Tanja Korhonen and Paula Lozano Duarte and Joonas Lyytinen},
editor = {Juha Juvonen and Ahoy, Jussi Aho},
volume = {Publications 21:2023},
isbn = {978-952-206-798-2},
url = {https://karvi.fi/wp-content/uploads/2023/06/Karvi_21_2023_web-003.pdf}
}
@comment{{jabref-meta: databaseType:bibtex;}}