ICANN and the Internet -- lunch event with ICANN representatives hosted by the Computer Science department of University of Iceland.

Helmut Neukirchen, 13. March 2024

ICANN approached the Computer Science department at the University of Iceland to facilitate a meeting with students.

Among others, ICANN allocates IP addresses globally and takes care that we have top-level domain (TLD) names in the Internet such as .is -- while this is on the one hand very technical (e.g. DNSSEC, the Domain Name System Security Extensions), it can at the same time be a political challenge (e.g. after the 2022 Russian invasion of Ukraine, the Ukraine government asked ICANN to sanction Russia by revoking the .ru TLD).

Join us for an engaging lunch event on Wednesday, the 13th of March, from 12:30 PM to 3:00 PM, where we will combine the pleasure of delicious pizza with the opportunity to learn from enlightening presentations by representatives from ICANN.

Date: Wednesday, 13th March 2024

Time: 12:30-15:00

Location: Fenjamýri, Gróska (Room "Fenjamýri" is on the first floor of Gróska more or less at the location where you would end up if you drill from the Computer Science department down two floors).

ICANN, the pivotal organization responsible for ensuring a stable and secure internet infrastructure, will be shedding light on their critical work. This presentation will not only cover the foundational aspects of how ICANN operates but also delve into the pressing policy questions currently shaping the future of internet architecture.

Agenda:
Introduction to ICANN (Chris Mondini - Vice President, Stakeholder Engagement, Europe and Managing Director for Europe)

An Overview of Current Geopolitical Challenges (Nora Mari, Government and International Governmental Organisations (IGO) Engagement Manager)

Brief Introduction to DNSSEC (Gabriella Schittek, Stakeholder Engagement Director, Nordic & Central Europe)

This is a unique chance to gain insights into the behind-the-scenes efforts that make our daily internet use possible and to understand the policy challenges that could impact the internet's framework.

Join us for an afternoon of learning, networking, and, of course, pizza. See you there!

If you are a student, at University of Iceland, we kindly request that you register for the event, as seating is limited and for pizza-estimation purposes via: https://ugla.hi.is/vidburdir/SkodaVidburd.php?sid=1448&vidburdur_id=9192.

This event is in the context of Eyvör - the Cybersecurity National Coordination Centre Iceland (NCC-IS).

Computer Science department at UT messan 2024 IT fair

Helmut Neukirchen, 13. March 2024

The Computer Science department was heavily present at UT messan 2024, the biggest IT fair in Iceland. We had booths, showcasing computer games written by our students, research on using big touch screens, and cyber security demos. Also we were moderating a session and our rector was giving a talk on research that heavily involved our AI activities. Watch out for photos.

Cybersecurity specialisation now available in our Software Engineering Master's programme / Kjörsvið Netöryggi í mastersnám í hugbúnaðarverkfræði

Helmut Neukirchen, 1. March 2024

Starting from autumn 2024, we are offering the Cybersecurity specialisation now also in our Software Engineering Master's programme (so far, it was only available in Computer Science).

For details, see the course catalogue entry for the Software Engineering Master's programme / mastersnám í hugbúnaðarverkfræði (note that the set of mandatory courses is not 100% correct and still subject to change). For applying, have a look at the Icelandic web page mastersnám í hugbúnaðarverkfræði (netöryggi) or the English web page Software Engineering MSc programme (Cybersecurity). Application deadline is 15. April for students from Iceland.

If you rather want to do the Cybersecurity specialisation in our Computer Science MSc programme (it has less focus on Software Engineering and more on Computer Networks):

For details, see the course catalogue entry for the Computer Science Master's programme / mastersnám í hugbúnaðarverkfræði. For applying, have a look at the Icelandic web page mastersnám í tölvunarfræði (netöryggi) or the English web page Computer Science MSc programme (Cybersecurity). Application deadline is 15. April for students from Iceland.

I have also web page on the Collaboration for the joint cybersecurity M.Sc. programme of Reykjavik University (RU) and University of Iceland (UoI).

Cybersecurity tabletop exercise Arctic Cranes

Helmut Neukirchen, 22. February 2024

On 29.11.2023, we had a Cybersecurity tabletop exercise entitled Arctic Cranes that was arranged by the Fulbright visiting scholar Larry Leibrock with an introduction by Sigurður Emil Pálsson from the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). In this exercise, a response to a cyber-attack on the harbour infrastructure, in particular the cranes to load and unload vessels, was trained. In the worst case, this would mean that Iceland would run out of food or medicines (a limited supply might be possible to provide via air freight, though -- at least as long as there is no cyber-attack on air traffic at the same time).
In addition to the above parties who facilitated this event, this was in the context of Eyvör/NCC-IS the National Cybersecurity Coordination Centre of Iceland (co-funded by the European Union) and the Ministry of Higher Education, Science and Innovation-funded joint cybersecurity Master's programme.

EVSE-DIN access via Modbus and mbpoll

Helmut Neukirchen, 16. December 2023

An Electric Vehicle Supply Equipment (EVSE) is the controller in a wallbox that checks how many Ampere the charging cable is able to transfer (as indicated by the PP resistor inside the cable) and communicates this via a PWM signal to the electric vehicle (EV) and when the EV signals that it wants to charge, then the EVSE finally closes the contactor inside the wallbox so that the charging current can flow to the onboard charger (OBC) inside the EV (the OBC then slowly ramps up the charging current and ramps it down at the end of charging, so contactor closing/connecting and opening/disconnecting does not involve an electric arc, so that contactor welding is not an issue).

After the Phoenix Contact EVSE in my Wallbe Eco 3.6 kW wallbox died, I replaced it with an EVSE-DIN (essentially the EVSE-WB in a DIN rail enclosure) from EV Racing. Note that there are types with a DC residual current monitoring and without. If you take the variant without, then you need to have a type B RCD.

I bought the version with Modbus from the seller OpenWB: that seller had Modbus already enabled (factory setting is disabled) and had the maximum current set to 13 A (more foolproof than the default 32 A), but had unfortunately also disabled PP detection and had it instead set to 32 Ampere (instead of measuring the PP resistor value).

I also bought an RS485 to USB converter so that I can access the EVSE-DIN's Modbus via USB.

The EVSE-DIN is very simple, but there exists a third party add-on that uses an ESP32 to add Wifi support, web server and other functionality: EVSE-WiFi. (And if you want to play around a lot with an EVSE: use an EV simulator to try out your EVSE, including checking error-handling: as any contactor, the contactors inside the EV have limited amount of open/close cycles, so using your car to test your EVSE may exhaust the cycles of the contactor inside your car).

Modbus is the protocol, RS485 is the physical layer (often, this is called RTU mode, but in fact, RTU mode means that each byte contains 8 bit of information instead of using ASCII character encoding where two ASCII characters would be needed for transmitting 8 bits) -- there exist also a TCP layer as lower layer for Modbus.

By default, 16 bit values are transmitted as values (when bit-level access is supported, then bits are called coils).

For EVSE-DIN with RS485, the baudrate is 9600 with 8N1, i.e. data bits are 8, parity is none, and stop bits is 1. The Modbus slave address of the EVSE-DIN is 1, but that can be changed via Modbus register 2001.

The registers that are accessible via Modbus can be found in the EVSE-DIN documentation.

On my Linux system, the RS485 to USB converter can be accessed via /dev/ttyUSB0 and that needs be accessed as super user.

I use mbpoll to read and write data:

To read the 10 registers from 1000 to 1009 via RS485, with addresses starting from 0 and a 1-time printout (using mbpoll's default slave address, i.e. 1):
sudo mbpoll -m rtu -b 9600 -d 8 -P none -s 1 -0 -1 /dev/ttyUSB0 -r 1000 -c 10

The result is
mbpoll 1.0-0 - FieldTalk(tm) Modbus(R) Master Simulator
Copyright © 2015-2019 Pascal JEAN, https://github.com/epsilonrt/mbpoll
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions; type 'mbpoll -w' for details.

Protocol configuration: Modbus RTU
Slave configuration...: address = [1]
start reference = 1000, count = 10
Communication.........: /dev/ttyUSB0, 9600-8N1
t/o 1.00 s, poll rate 1000 ms
Data type.............: 16-bit register, output (holding) register table

-- Polling slave 1...
[1000]: 13
[1001]: 0
[1002]: 1
[1003]: 32
[1004]: 0
[1005]: 18
[1006]: 1
[1007]: 0
[1008]: 0
[1009]: 0

To read the 17 registers from 2000 to 2016:
sudo mbpoll -m rtu -b 9600 -d 8 -P none -s 1 -0 -1 /dev/ttyUSB0 -r 2000 -c 17

The result is
[2000]: 13
[2001]: 1
[2002]: 5
[2003]: 1
[2004]: 0
[2005]: 521
[2006]: 0
[2007]: 32
[2008]: 65535 (-1)
[2009]: 3
[2010]: 6
[2011]: 10
[2012]: 16
[2013]: 25
[2014]: 32
[2015]: 48
[2016]: 63

When writing values, be aware that you need always to write at least two consecutive values (i.e. do a read to find out what the second value is and simply rewrite it). If you try to write only one single value to EVSE-DIN, you will get the following error:
Write output (holding) register failed: Illegal function

The reason is that Modbus function code 06 for writing a single value is not supported by EVSE-DIN.
From the above EVSE-DIN PDF:

NOTE#3: Only functions 03 (Read Holding Registers) and 16 (Preset Multiple Registers)
are implemented. For more details please check: http://www.simplymodbus.ca/FAQ.htm

Therefore, to write values, take care to write at least two values to make mbpoll use the Modbus function 16 (Preset Multiple Registers).

Changes that I did:

Set default (maximum) charging current to 17 Ampere in order to reflect the cable and circuit breaker rating in my garage (which is 16 A, but my EV is careful and uses always a little bit less, i.e. 16 A when the EVSE allows to use 17 A):
Change register 2000 from 13 to 17.

As single values cannot be written to EVSE-DIN, I had to write multiple values and the above read shows that 2001 is 1, so I wrote starting from 2000 the two values 17 1:
sudo mbpoll -m rtu -b 9600 -d 8 -P none -s 1 -0 /dev/ttyUSB0 -r 2000 17 1,

Make LED not quickly flashing when idle, but permanently on when idle (and slowly flashing when charging, i.e. contactor is on. Any remaining fast flashing is an indicator of an error):

Change bit 2 in register 2005 to gain constant LED ON while no EV is connected. Register 2005 had a value of 521, i.e. 0b1000001001 = (bit 1 set, i.e. button can be used to change charging current; bit 3 set, i.e. support to charge with ventilation for lead battery-based EVs; bit 9 set, i.e. pilot auto recover delay) and after setting bit 2, the new values is 525. Writing that value should work via

Enable PP detection (i.e. it takes the maximum charge current from the connected charging cable):

Change register 2007 from 32 to 0.

As single values cannot be written to EVSE-DIN, I wrote multiple values and the above read shows that 2006 is 0, so I wrote starting from 2005 the three values 525 0 0:

sudo mbpoll -m rtu -b 9600 -d 8 -P none -s 1 -0 /dev/ttyUSB0 -r 2005 525 0 0,
which gives

bpoll 1.0-0 - FieldTalk(tm) Modbus(R) Master Simulator
Copyright © 2015-2019 Pascal JEAN, https://github.com/epsilonrt/mbpoll
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions; type 'mbpoll -w' for details.

Protocol configuration: Modbus RTU
Slave configuration...: address = [1]
start reference = 2005, count = 3
Communication.........: /dev/ttyUSB0, 9600-8N1
t/o 1.00 s, poll rate 1000 ms
Data type.............: 16-bit register, output (holding) register table

Written 3 references.

A new read confirms that the changes have been applied:

sudo mbpoll -m rtu -b 9600 -d 8 -P none -s 1 -0 -1 /dev/ttyUSB0 -r 2000 -c 17
mbpoll 1.0-0 - FieldTalk(tm) Modbus(R) Master Simulator
Copyright © 2015-2019 Pascal JEAN, https://github.com/epsilonrt/mbpoll
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions; type 'mbpoll -w' for details.

Protocol configuration: Modbus RTU
Slave configuration...: address = [1]
start reference = 2000, count = 17
Communication.........: /dev/ttyUSB0, 9600-8N1
t/o 1.00 s, poll rate 1000 ms
Data type.............: 16-bit register, output (holding) register table

-- Polling slave 1...
[2000]: 17
[2001]: 1
[2002]: 5
[2003]: 1
[2004]: 0
[2005]: 525
[2006]: 0
[2007]: 0
[2008]: 65535 (-1)
[2009]: 3
[2010]: 6
[2011]: 10
[2012]: 16
[2013]: 25
[2014]: 32
[2015]: 48
[2016]: 63

The LED is now on when idle (instead of nervously blinking). Also, after having enabled PP detection, register 1003 has then the value 5 with no cable attached and 20 with an 20 Ampere cable attached.

In future, I might try enabling a second LED (via pin AN) as a dedicated error LED (need to find out what the normal LED does then display). Currently, the single LED is on when the wallbox is idle, i.e. no EV connected, flashes two times quickly followed by a short pause when the EV is connected (PWM generated by EVSE), but does not charge (e.g. EV finished charging or EV is initiating charging), and flashes slowly while the EV is charging, i.e. the contactor is closed.

I might also re-use the keyswitch of the Wallbe Eco case to interrupt charging: interrupting the CP signal should be the way to go...

Another future work is to upgrade the wallbox to 20 Amps and 3 phases. I already added a 3L+N contactor and the charging port cabling supports 20 Amps as well as the Phoenix terminal blocks do. Just all internal wiring needs to be upgraded to 3 phase 20 Amps.

Eyvör NCC-IS and ICEDEF cybersecurity talks join the Icelandic HPC Community Workshop

Helmut Neukirchen, 13. December 2023

The cybersecurity projects Eyvör NCC-IS and ICEDEF partnered with the Icelandic HPC Community Workshop event series.

At the 13th Icelandic HPC Community Workshop we have a couple of cybersecurity talks:

  • Geir Olav Dyrkolbotn (NTNU): Strengthening the Defence of Norway through knowledge
  • Skeggi Thormar (Upwind): eBPF and Cyber Security
  • Tom Welsh (University of Iceland): Adaptive Inspection of Industry 4.0 Supply Chains for Fraud Detection

December 13, 2023 5:00 PM, Gróska, Bjargargötu 1, 102 Reykjavik – Entrance A, 1st Floor, Room Fenjamýri

See the agenda for more details.

Postdoctoral Researcher in Secure Software Engineering and Vulnerability Reporting Programmes (2 years initially) at University of Iceland

Helmut Neukirchen, 2. December 2023

Update: The position is not vacant anymore.

Field of Work:

The department of Computer Science in the School of Engineering and Natural Sciences at the University of Iceland seeks applicants for a post-doctoral researcher in the area of Secure Software Engineering and Vulnerability Reporting Programmes to work as part of the Digital Europe Programme project Defend Iceland ICEDEF.

The position is initially funded for 2 years with possibility of extension.

The ICEDEF project involves the creation of a national vulnerability reporting web portal and associated services for paying bounties to ethical hackers for discovering these vulnerabilities. Once vulnerabilities are reported there are challenges in effectively integrating (and verifying the effectiveness) of the fixes into the software development life cycle. Technical challenges include poor observability of the software supply chain and an inability to affect it due to change, intellectual property, proprietary development pipelines, 3rd party libraries and infrastructure, etc. Social challenges are related to the impact of identified vulnerabilities on business continuity and clearly translating the results and impact to industry partners and stakeholders.

The responsibilities of the role are envisioned to include:

Developing and implementing a research project in vulnerability reporting programs.
Education of secure development practices and software vulnerabilities to stakeholders.
Assisting in the organisation of security events such as hackathons and workshops.
Contributing to the maintenance of cybersecurity research infrastructure.
Supervising research assistants.

Qualification requirements:

PhD in Computer Science, Software Engineering or related to Cybersecurity more broadly.
Proficiency in English.
Strong communication skills and the ability to work both individually and in groups.

Beneficial:

A strong publication history in high-quality software engineering and/or security journals and conferences. (e.g. IEEE and ACM).
Experience in developing, delivering, and innovating in cybersecurity and software engineering education.
Experience in server administration including virtualisation and cloud tools.
Application:

Interested parties should, in the first instance, send a CV and covering letter explaining their motivation for applying and their research interests in software engineering and/or cybersecurity via e-mail to Dr. Tom Welsh (tomwelsh@hi.is) and Dr. Helmut Neukirchen (helmut@hi.is).

For an informal discussion regarding research topics, responsibilities, or Iceland in general prior to this please feel free to contact Tom or Helmut as above.

Work Environment:

The University of Iceland is a flourishing community of knowledge in the heart of Reykjavik. A modern, diversified, and rapidly developing state university, it offers opportunities for study and research in over 400 programmes spanning most fields of science and scholarship.
https://english.hi.is/

The University of Iceland's School of Engineering and Natural Sciences employs about 390 people in teaching and research. The School offers an exciting working environment where about a quarter of all employees and graduate students are international. The School has about 2000 students, with about 800 students in the Faculty of Industrial Engineering, Mechanical Engineering and Computer Science.
https://english.hi.is/school_of_engineering_and_natural_sciences

The Department of Computer Science is located in the University Science Park's new "House of Ideas" together with a vibrant community of startup and tech companies of all sizes.

Iceland participates in many cooperative European programmes, such as Horizon Europe and the Digital Europe Programme. The country consistently ranks at or close to the top of the Human Development Index, Global Gender Gap Index, LGBT Equality Index and Global Peace Index. For more information on living and working in Reykjavik, see https://www.reykjaviksciencecity.is/ and https://english.hi.is/international_staff_services

Digital Europe-funded cybersecurity projects Eyvör NCC-IS and ICEDEF started

Helmut Neukirchen, 1. December 2023


While we had the the Icelandic National Coordination Centre (NCC-IS) for Cybersecurity established already in 2022, it got now even stronger by benefiting since October 2023 from a two year co-funding via the Digital Europe Programme. We even gave it an Icelandic name: Eyvör – National Cybersecurity Coordination Centre of Iceland. Eyvör NCC-IS will raise awareness and foster education in Iceland in the field of cybersecurity.

For more info, see also my research page on Eyvör NCC-IS.


Another project has started in November 2023 with three year co-funding via the Digital Europe Programme: ICEDEF – Defend Iceland. The ICEDEF project involves the creation of a national vulnerability reporting web portal and associated services for paying bounties to ethical hackers for discovering these vulnerabilities. (Our research shows that vulnerability reporting needs to be improved in Iceland.) The Icelandic Defend Iceland web page gives an idea how that could look like (do not get confused by that fact that on some screenshots depicted on that web page, still the old working title Hack Iceland is used).

Once vulnerabilities are reported there are challenges in effectively integrating (and verifying the effectiveness) of the fixes into the software development life cycle and University of Iceland will take care of this together and educate stakeholders about secure development practices and software vulnerabilities, e.g. via security events such as hackathons and workshops.

For more info, see also my research page on ICEDEF.

Vacancy: We are hiring a postdoc for ICEDEF: please contact me or our new cybersecurity professor Tom Welsh.

European Researchers' Night 2023 / Vísindavaka 2023

Helmut Neukirchen, 26. September 2023

On Saturday, 30. September 2023, 13:00-18:00, there was Vísindavaka 2023, the Icelandic family-friendly-during-daytime edition of European Researchers' Night 2023 at Laugardalshöll.

With 6500 visitors, we had even more guests than last year. The Computer Science department of University of Iceland had a booth there, showcasing some of their research:

  • Cybersecurity: Eyvör/NCC-IS, the National Coordination Centre Iceland for Cybersecurity will start 1st of October with full force using co-funding from the European commission. The Computer Science department of University of Iceland is part of it and we will show three pieces to raise awareness:
    • Has my user info (in the worst case: my password) been leaked? Look up who else owns your login data: https://haveibeenpwned.com
      Note: if your data shows up there to have been leaked, then this is not your fault, but the fault of the website that was storing your data in an insecure manner and you should change your password at that website (also check whether the password has been leaked or only, e.g., your email adress). However, it is your fault if you use the same password for multiple websites: should your password leak from one website, criminals will try that password on other websites and will have success if you use the same password there. Use different passwords for different services. Even better: use multifactor authentication, i.e. not just a password that can be easily leaked, but in addition something that can be less easily stolen, such as your phone: an authenticator app running on it, an SMS sent to your phone number, or the Icelandic digital ID on your SIM card.
    • An online quiz on how good you are at identifying phishing emails, i.e. emails trying to trick you into providing information, e.g. passwords: https://cybersecuritymonth.eu/quiz (Note: solutions not provided online -- you need to visit us to get hints where you were wrong and where you were right!)
    • A flyer for kids: Hvernig á að vera öruggur á netinu
  • CoE RAISE (Centre of Excellence for Research on AI- and Simulation-Based Engineering at Exascale) gives a glimpse into artificial intelligence by using a neural network that runs purely in your browser without any connection to a super computer. Simply use the camera of your smartphone (or laptop) to detect objects in real-time -- just open the following web page and allow your browser to use the camera: https://nvndr.csb.app/

    (Allow some seconds, up to a minute, for loading the trained model and initialisation.)
  • Interaction design with sketches on a huge touch screen:
  • A 3D scanner that scans the shape of your ear: used in CoE RAISE in order to find with AI out how the shape of your ear influences how you hear from different directions.
  • A remote sensing demonstration that relates also to work done in CoE RAISE where neural networks are used to classify land cover from satellite images: Compete against a neural network to classify land cover!
  • Quantum computing: a new piece to show, therefore no photos yet -- you really need to come and see!

See you at Laugardalshöll!

Salary as PhD student (and postdoc) / laun doktorsnema (og nýdoktor)

Helmut Neukirchen, 22. September 2023

As the typical advertisement for a PhD student position has some statement like "salary according to wages contract", an applicant does not know what this means in practise for the salary to expect.

Currently, the union responsible for PhD students at University of Iceland is Félag háskólakennara / Association of University Teachers. They made a contract with University of Iceland. For the latest version, check for Stofnanasamningur Fh og HÍ. In the version from 5. March 2021, you find in Section 4.3 that PhD students (doktorsnemar) get salary level 030. The first two digits are the y axis in the salary table and the last digit is the x axis.

There are two salary tables, one for academic staff, i.e. those who have a PhD ("A 696") and another one for administrative staff ("S 695") -- note that these cryptic numbers are sometimes used a pre-fix in front of the salary level, e.g. "695 030". As PhD students have not yet a PhD degree, rather the non-academic, i.e. the administrative staff salary table applies, so you need to look at Launatafla stjórnsýslu.

The most recent salary table is from 1. April 2023. Take care to have in that spreadsheet the tab "Mánaðarlaun" opened to get the monthly salary. There, you will find that salary level 030 gives you 462 586 kr. per month (as of 1. April 2023.). This is before taxes, so feeding this into a tax calculator gives 361 867 kr. after taxes (as of the tax system valid at time of writing, i.e. 2023).

P.S.: As postdoc (Icelandic term: nýdoktor), the academic salary table applies and you have at least salary level 061 (which is 662 090 kr. in the salary table at time of writing). But for academic staff, in fact an evaluation system applies where the salary depends on the amount of publications that you accumulated over your life. Each publication gives points (for details do a web search for "Evaluation System for Public Higher Education Institutions") and the Table 2.3 in the Stofnanasamningur Fh og HÍ shows a mapping of points to salary levels. While if your PhD is 5 years or longer ago, your are not called a postdoctoral fellow anymore, but a research specialist, but this alone does not increase your salary level.