About the project
Objective
SOS (Smart Och Säker) will enable users to securely store data in confidential cloud enclaves as well as automate the interaction between Internet of Things (IoT) devices via provably secure IoT apps. To achieve these goals, SOS will leverage the support for confidential computing in commodity server platforms, thereby providing end-users with a protected execution environment on third-party clouds. Building on these technologies, SOS will also help ensure that data is not unintentionally or maliciously leaked to unauthorized third parties. Finally, to demonstrate feasibility in realistic societal contexts, SOS will focus on two prime domains: telecare and distance education.
Background
Use of cloud-based IoT apps ensures on-demand computing and storage provisioning. However, this comes at the price of entrusting potentially sensitive data to a range of third-parties that constitute the cloud back-end: app developers, services running the IoT apps in the cloud, as well as the underlying cloud providers. The cloud computing paradigm entails further security and privacy concerns as data is often handled by a range of third-party sub processors. Besides operational aspects, the IoT platform operators that process data on cloud premises can be compromised, go bankrupt or be purchased by a competitor, along with all the collected data. Finally, the power of IoT apps can be abused by attackers.
Crossdisciplinary collaboration
The researchers in the team represent the School of Electrical Engineering & Computer Science, KTH and the Cybersecurity Unit, RISE.
Watch the recorded presentation at Digitalize in Stockholm 2022 event:
About the project
Objective
This research project will provide the foundations for Resilient Decentralized Computing: a new approach to rapidly build continuous, trusted and scalable applications with built-in resilience and privacy. While state-of-the-art cloud technologies require low-latency reliable networks at their core, the project proposes a decentralized computing abstraction inspired by biological structures, called “PODS”, which enables resilience and privacy even in decentralized networks of heterogeneous, often faulty devices that are geo-distributed and only partially online. PODS will be supported by a new programming system which will guarantee data consistency and privacy at compile time, even before software is executed.
Background
The prominent interest in big data technologies and cloud computing has led to significant advancements in how we can reliably store, process and provision data in controlled environments. These include managed data centers, that isolate human users from handling failure outbreaks and data consistency errors. In the context of smart cities and edge services, however, the majority of computing occurs at the “outskirts” of cloud data centers, namely the edge. Currently, the same level of maturity and isolation is yet to be reached in general-purpose software components that operate continuously outside managed cloud environments, yet encapsulate critical logic and actuation to real-world events. Creators and users of cloud and edge services today constantly face unintuitive complexities relating to data consistency, resilience to failures, scalability and privacy while working with non-declarative and low-level programming interfaces.
Crossdisciplinary collaboration
The researchers in the team represent the School of Electrical Engineering & Computer Science, KTH and the Division of Computer systems, RISE.
Watch the recorded presentation at Digitalize in Stockholm 2022 event:
About the project
Objective
This project will produce a landmark, large-scale qualitative study of the first algorithmic contraceptive on the market. Natural Cycles offers an algorithmic contraceptive option to more than 700,000 users worldwide. This provides an excellent testbed for studying how trust is developed, experienced, and maintained between primary and secondary users as well as an algorithmic health service. Crucial insights will be gained into e.g. the mechanisms by which users choose to trust and continue trusting an algorithmic digital health technology, with a focus on psychological, contextual and interpersonal factors.
Background
Algorithmic systems and Artificial Intelligence (AI) are poised to disrupt how we deliver and experience healthcare, providing new solutions to personal and public health issues. Trust has been identified as one key foundation for the success of digital health technologies. Mechanisms that promote trust are critical areas for research and innovation. Health interventions are often designed for use – and behaviour change – at an individual level. However, health choices, health behaviours, and critically trust in healthcare service providers are interpersonal and socially constructed. This calls for research on trust in health technologies engaging with the wider social context of ‘use’ when examining how trust is developed and maintained.
Crossdisciplinary collaboration
The researchers in the team represent the School of Electrical Engineering & Computer Science, KTH, and the Department of Computer and Systems Sciences (DSV), Stockholm University.
Watch the demo video of IntimateHealth here:
About the project
Objective
The Enabling Machine-Learning Intelligence for Network Cybersecurity (EMERGENCE) aims at enabling machine-learning-based analysis of high-speed network cybersecurity data. The first part of the project focuses on extracting the relevant fine-grained network metrics directly in the network devices and transforming these collected metrics into summaries that can be easily extracted from the devices. The second part of the project takes these summaries and feeds them into a machine learning system that is tailored to detect security attacks and performance-related issues. A key idea in the project is to leverage programmable network technologies that allow performing ad-hoc operations at the speed of the network before the summaries are sent to the slower machine learning systems.
One of the envisioned contributions of the project is the design and implementation of a framework that reconciles the different speeds at which today’s networks and machine learning systems operate.
Background
During the current global pandemic crisis, the Internet has played an essential role in allowing different parts of our society to continue operating without interruptions to the largest extent possible. However, the recent wave of cyber-attacks targeting the Internet infrastructure has raised concerns about the resilience of the Internet infrastructure. In contrast to general cybersecurity threats, which affect end-host systems, Internet-based network attacks target the core infrastructure of the Internet that is responsible for interconnecting all the billions of users, devices, and services together. Machine learning techniques to detect network-based cyber-attacks have long been limited by two unique aspects of the networking domain. First, network data is inherently volatile as traffic flows through a network without being stored. Second, network technologies are ill-suited for extracting fine-grained network information from high-speed networking devices. Both challenges will be addressed by relying on the emerging high-speed programmable network devices.
Crossdisciplinary collaboration
The researchers in the team represent the School of Electrical Engineering & Computer Science, KTH, and the Connected Intelligence unit at RISE Research Institutes of Sweden.
Watch the recorded presentation at Digitalize in Stockholm 2022 event:
About the project
Objective
Our proposal is to develop a programming system called “Portals” that combines the built-in trust of cloud data stream processing and the flexibility of message-driven decentralized programming systems. The unique design of Portals enables the construction of systems composed of multiple services, each built in isolation, so atomic processing and data-protection rights are uniformly maintained. Portals’ innovative approach lies in encoding data ownership, processing atomicity within data in transit, and exposing them to the programmer as core programming elements, namely “atoms” and “portals”. This will simplify complex systems engineering by multiple independent teams and enable a new form of serverless computing where any stateful service can be offered as a utility across cloud and edge.
Background
Enabling trust in distributed services is not an easy task. Trust comes in different forms and concrete challenges. For example, data systems can be trusted for their data-protection guarantees (e.g., GDPR), allowing users to access or delete their data or revoke access at any time. Trust can also be manifested in safety or consistency guarantees, enabling exactly-once processing semantics or serializable transactions. All such examples of implementing trust are extremely hard problems in practice that go way beyond the reach and expertise of system engineers, especially when implementing distributed services with multiple copies of the data being accessed simultaneously. Portals is a first-of-a-kind programming system that materializes all aspects of trust within its programming and execution model. Programs written in portals can scale and evolve while guaranteeing that all properties and invariants that manifest “trust” are constantly satisfied.
Another important driving need behind Portals is flexibility, accessibility and ease of use. A programming system is meant to simplify the work of its developers substantially. Serverless computing has been one of the rising concepts in cloud computing technologies in the last few years; that is, a model where developers can build and deploy their applications without worrying about the underlying infrastructure. However, current serverless platforms often have limitations regarding the types of applications that can be built and the ability to interface with persistent state. Portals aim to address these limitations by providing a message-driven decentralized programming system that allows developers to easily build and deploy a wide range of applications. The system’s unique design enables developers to focus on the business logic of their applications and the interdependencies while being oblivious to the decentralized underlying infrastructure or transactional mechanisms employed in the background.
Overall, Portals is a unique programming system that aims to simplify the work of developers while also enabling trust in distributed services. Its innovative approach combines the scalability, security and reliability of cloud data stream processing with the flexibility of actor programming systems. It enables a new form of serverless computing where any stateful service can be offered as a utility across cloud and edge environments.
Crossdisciplinary collaboration
The researchers in the team represent the School of Electrical Engineering at KTH and the Computer Science and Digital Systems Division, Computer Systems Lab at RISE Research Institutes of Sweden.
Watch the recorded presentation at the Digitalize in Stockholm 2023 event:
Portals Website: https://www.portals-project.org/
About the project
Objective
This project will complement our landmark, large-scale qualitative study of the first algorithmic contraceptive on the market – Natural Cycles – by examining the experiences of individuals who have previously used the service as a form of contraception but no longer subscribe to it. Our layered approach to trust also encompasses psychological, contextual and interpersonal factors that question and enliven current trust models in AI and algorithmic systems. Through the project, we expect to learn about what happens when trust in digital intimate health technologies breaks down and to co-design user experience mechanisms that respond to what an intimate digital health technology could do to re-establish trust when it has been challenged or lost.
Background
Algorithmic systems and Artificial Intelligence (AI) are poised to disrupt how we deliver and experience healthcare, providing new solutions to personal and public health issues. Trust has been identified as one key foundation for the success of digital health technologies. Mechanisms that promote trust are critical areas for research and innovation. Health interventions are often designed for use – and behaviour change – at an individual level. However, health choices, health behaviours, and critical trust in healthcare service providers are interpersonal and socially constructed. This calls for research on how trust is developed, experienced, and maintained between users and an algorithmic health service – but also what happens when something goes wrong with the technology or between the people using it as a part of an intimate relationship.
Crossdisciplinary collaboration
The researchers in the team represent the Department of Computer and Systems Sciences (DSV), Stockholm University, and the School of Electrical Engineering and Computer Science, KTH.
Watch the recorded presentation at the Digitalize in Stockholm 2023 event:
About the project
Objective
In Emergence 2.0, we aim to build reliable, secure, high-speed edge networks that enable the deployment of mission-critical applications, such as remote vehicle driving and industrial sensor & actuator control. We will design a novel system for enabling fine-grained network visibility and intelligent control planes that are i) reactive to quickly detect and react to anomalies or attacks in edge networks and IoT networks, ii) accurate to avoid missing sophisticated attacks or issue unwanted alerts without reason, iii) expressive, to support complex analysis of data and packet processing pipelines using ML classifiers, and iv) efficient, to consume up to 10x less energy resources compared to state of the art.
Background
Detecting cyber-attacks, failures, misconfigurations, or sudden changes in the traffic workload must rely on two components: i) an accurate/reactive network monitoring system that provides network operators with fine-grained visibility into the underlying network conditions and ii) an intelligent control plane that is fed with such visibility information and learns to distinguish different events that will trigger mitigation operations (e.g., filtering malicious traffic).
Today’s networks rely on general-purpose CPU servers equipped with large memories to support fine-grained visibility of a small fraction (1%) of the forwarded traffic (i.e., user-faced traffic). Even for such small amounts of traffic, recent work has shown that a network must deploy >100 general-purpose, power-hungry CPU-based servers to process a single terabit of traffic per second, costing millions of dollars to build and power with electricity. Today’s data centre networks must support thousands of terabits per second of traffic across their cloud and edge data centre infrastructure.
Crossdisciplinary collaboration
The researchers in the team represent the KTH School of Electrical Engineering and Computer Science, the Department of Computer Science and the Connected Intelligence unit at RISE Research Institutes of Sweden.
Watch the recorded presentation at the Digitalize in Stockholm 2023 event: