A Testbed for Trusted Telecommunications Systems in a Safety Critical Environment

  • Ian OliverEmail author
  • Aapo Kalliola
  • Silke Holtmanns
  • Yoan Miche
  • Gabriela Limonta
  • Borger Vigmostad
  • Kiti Muller
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11094)


Telecommunications systems are critical aspects of infrastructure with more safety-critical systems utilising their capabilities. Domains such as medicine and automotive applications are required to be resilient and failure tolerant. We have constructed a testbed environment that can be configured into various telecommunication operator configurations based around Network Function Virtualisation, Edge Cloud and Internet-of-Things along with trusted computing. Utilising a medical application as the motivating case to demonstrate reliability, resiliency and as a compelling demonstration we can investigate the interaction of these security technologies in telecommunications environment while providing a safety-critical use case.



This work has been partially funded by EU ECSEL Project SECREDAS (Grant Number: 783119) and EU Horizon 2020 Project SCOTT (Grant Number: 737422).


  1. 1.
    Ahmad, I., Kumar, T., Liyanage, M., Okwuibe, J., Ylianttila, M., Gurtov, A.V.: 5G security: analysis of threats and solutions. In: IEEE Conference on Standards for Communications and Networking, CSCN 2017, Helsinki, Finland, 18–20 September 2017, pp. 193–199. IEEE (2017).
  2. 2.
    Ambrosin, M., Conti, M., Ibrahim, A., Neven, G., Sadeghi, A.R., Schunter, M.: SANA. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS 2016, pp. 731–742. ACM Press, New York (2016).
  3. 3.
    Asokan, N., et al.: SEDA: Scalable Embedded Device Attestation.
  4. 4.
    Augot, D., Chabanne, H., Chenevier, T., George, W., Lambert, L.: A user-centric system for verified identities on the bitcoin blockchain. In: Garcia-Alfaro, J., Navarro-Arribas, G., Hartenstein, H., Herrera-Joancomartí, J. (eds.) ESORICS/DPM/CBT -2017. LNCS, vol. 10436, pp. 390–407. Springer, Cham (2017). Scholar
  5. 5.
    Berger, S., Cáceres, R., Goldman, K.A., Perez, R., Sailer, R., Doorn, L.: vTPM: Virtualizing the trusted platform module. In: USENIX Security, pp. 305–320 (2006)Google Scholar
  6. 6.
    Berger, S., Goldman, K., Pendarakis, D., Safford, D., Valdez, E., Zohar, M.: Scalable attestation: a step toward secure and trusted clouds. In: 2015 IEEE International Conference on Cloud Engineering, pp. 185–194. IEEE (2015).
  7. 7.
    Chen, L., Landfermann, R., Löhr, H., Rohe, M., Sadeghi, A.R., Stüble, C.: A protocol for property-based attestation. In: Proceedings of the First ACM Workshop on Scalable Trusted Computing - STC 2006, p. 7. ACM Press, New York (2006).
  8. 8.
    Danev, B., Masti, R.J., Karame, G.O., Capkun, S.: Enabling secure VM-vTPM migration in private clouds. In: ACSAC 2011, pp. 187–196 (2011)Google Scholar
  9. 9.
    Dewan, P., Durham, D., Khosravi, H., Long, M., Nagabhushan, G.: A hypervisor-based system for protecting software runtime memory and persistent storage. In: Proceedings of the 2008 Spring Simulation Multiconference, SpringSim 2008, pp. 828–835. Society for Computer Simulation International, San Diego, CA, USA (2008).
  10. 10.
    Dryburgh, L., Hewett, J.: Signaling System No. 7 (SS7/C7): Protocol, Architecture, and Applications. Cisco Press (2003)Google Scholar
  11. 11.
    Fajardo, V., Arkko, J., Loughney, J., Zorn, G.: Diameter Base Protocol. RFC 6733 (2012).
  12. 12.
    Ghosh, A., Sapello, A., Poylisher, A., Chiang, C.J., Kubota, A., Matsunaka, T.: On the feasibility of deploying software attestation in cloud environments. In: 2014 IEEE 7th International Conference on Cloud Computing, pp. 128–135. IEEE (2014).
  13. 13.
    Ghosh, M., Varghese, A., Gupta, A., Kherani, A.A., Muthaiah, S.N.: Detecting misbehaviors in VANET with integrated root-cause analysis. Ad Hoc Netw. 8(7), 778–790 (2010). Scholar
  14. 14.
    Holtmanns, S., Miche, Y., Oliver, I.: Subscriber profile extraction and modification via diameter interconnection. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds.) NSS 2017. LNCS, vol. 10394, pp. 585–594. Springer, Cham (2017). Scholar
  15. 15.
    Holtmanns, S., Oliver, I.: SMS and one-time-password interception in LTE networks. In: IEEE International Conference on Communications, ICC 2017, Paris, France, 21–25 May 2017, pp. 1–6. IEEE (2017).
  16. 16.
    Holtmanns, S., Rao, S.P., Oliver, I.: User location tracking attacks for LTE networks using the interworking functionality. In: 2016 IFIP Networking Conference, Networking 2016 and Workshops, Vienna, Austria, 17–19 May 2016, pp. 315–322. IEEE (2016).
  17. 17.
    Jäger, B.: Security orchestrator: introducing a security orchestrator in the context of the ETSI NFV reference architecture. In: 2015 IEEE TrustCom/BigDataSE/ISPA, Helsinki, Finland, 20–22 August 2015, vol. 1, pp. 1255–1260. IEEE (2015).
  18. 18.
    Jøsang, A., Pope, S.: Semantic constraints for trust transitivity. In: Proceedings of the 2nd Asia-Pacific Conference on Conceptual Modelling, APCCM 2005, vol. 43, pp. 59–68. Australian Computer Society Inc., Darlinghurst, Australia, Australia (2005).
  19. 19.
    Kalliola, A., Lal, S., Ahola, K., Oliver, I., Miche, Y., Holtmanns, S.: Testbed for security orchestration in a network function virtualization environment. In: 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017, Berlin, Germany, 6–8 November 2017, pp. 1–4. IEEE (2017).
  20. 20.
    Kalliola, A., Lee, K., Lee, H., Aura, T.: Flooding DDoS mitigation and traffic management with software defined networking. In: 4th IEEE International Conference on Cloud Networking, CloudNet 2015, Niagara Falls, ON, Canada, 5–7 October 2015, pp. 248–254. IEEE (2015).
  21. 21.
    Kennell, R., Jamieson, L.H.: Establishing the genuinity of remote computer systems (2003).
  22. 22.
    Liu, Q., Weng, C., Li, M., Luo, Y.: An In-VM measuring framework for increasing virtual machine security in clouds. IEEE Secur. Priv. 8(6), 56–62 (2010). Scholar
  23. 23.
    Lukander, K., Jagadeesan, S., Chi, H., Müller, K.: OMG!: a new robust, wearable and affordable open source mobile gaze tracker. In: Proceedings of the 15th International Conference on Human-computer Interaction with Mobile Devices and Services, MobileHCI 2013, pp. 408–411. ACM, New York (2013).
  24. 24.
    Marja, S., et al.: Live delivery of neurosurgical operating theater experience in virtual reality. J. Soc. Inf. Disp. 26(2), 98–104 (2018)CrossRefGoogle Scholar
  25. 25.
    Miche, Y., et al.: Data anonymization as a vector quantization problem: control over privacy for health data. In: Buccafurri, F., Holzinger, A., Kieseberg, P., Tjoa, A.M., Weippl, E. (eds.) CD-ARES 2016. LNCS, vol. 9817, pp. 193–203. Springer, Cham (2016). Scholar
  26. 26.
    Oliver, I., Holtmanns, S., Miche, Y., Lal, S., Hippeläinen, L., Kalliola, A., Ravidas, S.: Experiences in trusted cloud computing. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds.) NSS 2017. LNCS, vol. 10394, pp. 19–30. Springer, Cham (2017). Scholar
  27. 27.
    Oliver, I., Lal, S., Ravidas, S., Taleb, T.: Assuring virtual network function image integrity and host sealing in Telco cloud. In: IEEE ICC 2017, Paris, France (2017)Google Scholar
  28. 28.
    Osborn, J.D., Challener, D.C.: Trusted Platform Module Evolution. Johns Hopkins APL Tech. Dig. 32(2), 536–543 (2013)Google Scholar
  29. 29.
    Seshadri, A., Luk, M., Perrig, A.: SAKE: software attestation for key establishment in sensor networks. In: Nikoletseas, S.E., Chlebus, B.S., Johnson, D.B., Krishnamachari, B. (eds.) DCOSS 2008. LNCS, vol. 5067, pp. 372–385. Springer, Heidelberg (2008). Scholar
  30. 30.
    TCG: Trusted Platform Module Library, Part 1: Architecture. Trusted Platform Module Library Specification, Family 2.0 Level 00, Revision 01.38, The Trusted Computing Group, September 2016Google Scholar
  31. 31.
    Thottan, M., et al.: The network OS: carrier-grade SDN control of multi-domain, multi-layer networks. Bell Labs Tech. J. 21, 1–29 (2017)Google Scholar
  32. 32.
    Yeluri, R., Castro-Leon, E.: Trusted virtual machines: ensuring the integrity of virtual machines in the cloud, pp. 161–178. Apress, Berkeley, CA (2014)Google Scholar
  33. 33.
    Yu, A., Qin, Y., Wang, D.: Obtaining the integrity of your virtual machine in the cloud. In: Lambrinoudakis, C., Rizomiliotis, P., Wlodarczyk, T.W. (eds.) IEEE 3rd International Conference on Cloud Computing Technology and Science, CloudCom 2011, Athens, Greece, November 29–December 1 2011, pp. 213–222. IEEE Computer Society (2011).

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Ian Oliver
    • 1
    Email author
  • Aapo Kalliola
    • 1
  • Silke Holtmanns
    • 1
  • Yoan Miche
    • 1
  • Gabriela Limonta
    • 2
  • Borger Vigmostad
    • 2
  • Kiti Muller
    • 3
  1. 1.Cybersecurity Research GroupNokia Bell-LabsEspooFinland
  2. 2.Mobile Networks: Radio CloudNokia NetworksEspooFinland
  3. 3.Medical and Neuroscience GroupNokia Bell-LabsEspooFinland

Personalised recommendations