Journal of Systems Architecture最新文献

Post quantum secure and efficient data sharing scheme from attribute based encryption for VANETs over lattices 基于属性加密的栅格VANETs后量子安全高效数据共享方案

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-29 DOI: 10.1016/j.sysarc.2026.103718

Fenghe Wang, Meijiao Wang, Junquan Wang, Mengqi Gu

Data sharing plays a significant role for C2V communication in VANETs. To achieve the data confidentiality, access control, data authentication and efficiency in data sharing simultaneously, this paper proposes a post quantum secure and efficient data sharing scheme by designing an attribute-based encryption (ABE) over lattices for VANETs. The proposed scheme is secure under the selective attribute and chosen-plaintexts attack (IND-sAtt-CPA) and the security is proven under the hardness of the Learning With Errors (LWE) problem in the random oracle model. Thanks to the characters of the ABE concept which is the design foundation of the proposed scheme, we also achieve the fine-grained access control of the sharing data in this paper. Furthermore, the signature of the shared ciphertext is also generated before the data is shared. Hence the proposed scheme can efficiently resist several normal network attacks such as replay attack and impersonation attack etc. The space and computation analysis of the proposed scheme show that the proposed data sharing scheme is with shorter ciphertext length and lower encryption/decryption costs which have been checked by using Java language on a personal computer with Intel (R) Core (TM) i9-14900HX processor (2.20 GHz) and 32GB RAM. At last, using NS3 software, a network simulation is given to verify the communication effects. Simulation results show that the response latency of the proposed scheme is lower than that of several known ABE schemes in VANETs. And the average message loss rate of the proposed scheme is also controlled within an acceptable interval (much less than 5%) even in high-intensity communication scenarios.

在VANETs中，数据共享对C2V通信起着重要的作用。为了在数据共享中同时实现数据保密性、访问控制、数据认证和效率，本文提出了一种后量子安全、高效的数据共享方案，通过对VANETs设计基于格的属性加密（ABE）。该方案在选择性属性和选择明文攻击（ind - sat - cpa）下是安全的，并在随机oracle模型中的有错误学习（LWE）问题的困难下证明了该方案的安全性。本文还利用ABE概念的特点，实现了对共享数据的细粒度访问控制。ABE概念是本方案的设计基础。此外，在数据共享之前，还会生成共享密文的签名。因此，该方案能够有效抵御几种常见的网络攻击，如重放攻击和冒充攻击等。对所提方案的空间和计算分析表明，所提数据共享方案具有较短的密文长度和较低的加解密成本，并在Intel (R) Core (TM) i9-14900HX处理器（2.20 GHz）和32GB RAM的个人计算机上使用Java语言进行了验证。最后，利用NS3软件进行了网络仿真，验证了通信效果。仿真结果表明，该方案的响应延迟低于几种已知的VANETs中ABE方案的响应延迟。即使在高强度通信场景下，所提方案的平均消息丢失率也被控制在可接受的间隔内（远小于5%）。

{"title":"Post quantum secure and efficient data sharing scheme from attribute based encryption for VANETs over lattices","authors":"Fenghe Wang, Meijiao Wang, Junquan Wang, Mengqi Gu","doi":"10.1016/j.sysarc.2026.103718","DOIUrl":"10.1016/j.sysarc.2026.103718","url":null,"abstract":"<div><div>Data sharing plays a significant role for C2V communication in VANETs. To achieve the data confidentiality, access control, data authentication and efficiency in data sharing simultaneously, this paper proposes a post quantum secure and efficient data sharing scheme by designing an attribute-based encryption (ABE) over lattices for VANETs. The proposed scheme is secure under the selective attribute and chosen-plaintexts attack (IND-sAtt-CPA) and the security is proven under the hardness of the Learning With Errors (LWE) problem in the random oracle model. Thanks to the characters of the ABE concept which is the design foundation of the proposed scheme, we also achieve the fine-grained access control of the sharing data in this paper. Furthermore, the signature of the shared ciphertext is also generated before the data is shared. Hence the proposed scheme can efficiently resist several normal network attacks such as replay attack and impersonation attack etc. The space and computation analysis of the proposed scheme show that the proposed data sharing scheme is with shorter ciphertext length and lower encryption/decryption costs which have been checked by using Java language on a personal computer with Intel (R) Core (TM) i9-14900HX processor (2.20 GHz) and 32GB RAM. At last, using NS3 software, a network simulation is given to verify the communication effects. Simulation results show that the response latency of the proposed scheme is lower than that of several known ABE schemes in VANETs. And the average message loss rate of the proposed scheme is also controlled within an acceptable interval (much less than 5%) even in high-intensity communication scenarios.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"174 ","pages":"Article 103718"},"PeriodicalIF":4.1,"publicationDate":"2026-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146098574","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Exact constrained-training neural networks for confidential 8-bit arithmetic primitives in code obfuscation 代码混淆中机密8位算术原语的精确约束训练神经网络

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-29 DOI: 10.1016/j.sysarc.2026.103729

Ning Shi , Lei Xu , Tianqing Zhu , WanLei Zhou , Weizhi Meng , Yu-an Tan

Neural networks are rarely utilized for exact arithmetic computations. However, we aim to leverage them as accurate computing units in code obfuscation scenarios. The effectiveness of traditional code obfuscation methods is increasingly compromised by advanced reverse-engineering tools, which exploit the semantic transparency of arithmetic operations. To address this, we propose constrained-training neural networks tailored to 8-bit integer addition and multiplication, the most common operations in security-critical software. For addition, we introduce a constrained training algorithm that integrates weight clipping, linearity-enforcing loss terms, and boundary-case oversampling, enabling convergence to 100% accuracy across the entire domain. For multiplication, we design the adaptive symbol-gated NALU (ASG-NALU), an improved 4-bit multiplier that achieves exact results with reduced complexity. Combined with a cascade decomposition strategy, it extends to 8-bit multiplication with guaranteed correctness. Experiments confirm 100% in-domain accuracy, while out-of-domain inputs trigger catastrophic failures that act as natural traps, providing hidden security checks against dynamic analysis. These results establish exact constrained-training neural networks as confidential arithmetic primitives and firmly position neural arithmetic as a promising approach for advancing code obfuscation techniques.

神经网络很少用于精确的算术计算。然而，我们的目标是利用它们作为代码混淆场景中的精确计算单元。传统代码混淆方法的有效性越来越受到先进的逆向工程工具的影响，这些工具利用了算术运算的语义透明性。为了解决这个问题，我们提出了针对8位整数加法和乘法的约束训练神经网络，这是安全关键软件中最常见的操作。此外，我们引入了一种约束训练算法，该算法集成了权重裁剪、线性强化损失项和边界情况过采样，使整个域的收敛精度达到100%。对于乘法，我们设计了自适应符号门控NALU (ASG-NALU)，这是一种改进的4位乘法器，可以在降低复杂度的情况下获得精确的结果。结合级联分解策略，它扩展到具有保证正确性的8位乘法。实验证实了100%的域内准确性，而域外输入触发灾难性故障，充当自然陷阱，为动态分析提供隐藏的安全检查。这些结果建立了精确的约束训练神经网络作为机密的算术原语，并坚定地将神经算法作为一种有前途的方法来推进代码混淆技术。

{"title":"Exact constrained-training neural networks for confidential 8-bit arithmetic primitives in code obfuscation","authors":"Ning Shi , Lei Xu , Tianqing Zhu , WanLei Zhou , Weizhi Meng , Yu-an Tan","doi":"10.1016/j.sysarc.2026.103729","DOIUrl":"10.1016/j.sysarc.2026.103729","url":null,"abstract":"<div><div>Neural networks are rarely utilized for exact arithmetic computations. However, we aim to leverage them as accurate computing units in code obfuscation scenarios. The effectiveness of traditional code obfuscation methods is increasingly compromised by advanced reverse-engineering tools, which exploit the semantic transparency of arithmetic operations. To address this, we propose constrained-training neural networks tailored to 8-bit integer addition and multiplication, the most common operations in security-critical software. For addition, we introduce a constrained training algorithm that integrates weight clipping, linearity-enforcing loss terms, and boundary-case oversampling, enabling convergence to 100% accuracy across the entire domain. For multiplication, we design the adaptive symbol-gated NALU (ASG-NALU), an improved 4-bit multiplier that achieves exact results with reduced complexity. Combined with a cascade decomposition strategy, it extends to 8-bit multiplication with guaranteed correctness. Experiments confirm 100% in-domain accuracy, while out-of-domain inputs trigger catastrophic failures that act as natural traps, providing hidden security checks against dynamic analysis. These results establish exact constrained-training neural networks as confidential arithmetic primitives and firmly position neural arithmetic as a promising approach for advancing code obfuscation techniques.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"173 ","pages":"Article 103729"},"PeriodicalIF":4.1,"publicationDate":"2026-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146090353","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

CAAS-DMSK: A Certificateless Anonymous Authentication Scheme with Dynamic Master Secret Keys in VANETs 基于动态主密钥的无证书匿名认证方案

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-29 DOI: 10.1016/j.sysarc.2026.103720

Yan Xu, Huilan Zhang, Jie Cui, Hong Zhong

Anonymous authentication can protect the communication security and vehicles’ identity privacy in Vehicular Ad Hoc Networks (VANETs). Certificateless authentication schemes eliminate the certificate management and key escrow problem, and several certificateless anonymous authentication schemes have been proposed for VANETs. In these schemes, the key generation center (KGC) and vehicles collaborate to generate the public/private key pairs. Although collaborative key generation between KGC and vehicles enhances security, both sides introduce critical vulnerabilities: vehicles independently generating public keys remain vulnerable to public key replacement (PKR) attacks, while KGC’s reliance on a static master secret key (MSK) in most schemes increases the risk of MSK leakage. Therefore, we propose a certificateless anonymous authentication scheme in VANETs, which is resistant to PKR attacks and supports dynamic MSK updating. The security analysis shows that the proposed scheme satisfies the security and privacy requirements of VANETs. Experimental results demonstrate that CAAS-DMSK reduces the computational costs by 41.53% in MSK updating.

在车载自组网（VANETs）中，匿名认证可以保护通信安全和车辆的身份隐私。无证书认证方案消除了证书管理和密钥托管问题，针对vanet提出了几种无证书匿名认证方案。在这些方案中，密钥生成中心（KGC）和车辆合作生成公钥/私钥对。虽然KGC和车辆之间的协作密钥生成增强了安全性，但双方都引入了关键漏洞：车辆独立生成公钥仍然容易受到公钥替换（PKR）攻击，而KGC在大多数方案中依赖静态主密钥（MSK）增加了MSK泄漏的风险。因此，我们提出了一种VANETs中的无证书匿名认证方案，该方案既能抵抗PKR攻击，又支持MSK动态更新。安全性分析表明，该方案满足VANETs的安全性和隐私性要求。实验结果表明，CAAS-DMSK算法使MSK更新的计算成本降低了41.53%。

{"title":"CAAS-DMSK: A Certificateless Anonymous Authentication Scheme with Dynamic Master Secret Keys in VANETs","authors":"Yan Xu, Huilan Zhang, Jie Cui, Hong Zhong","doi":"10.1016/j.sysarc.2026.103720","DOIUrl":"10.1016/j.sysarc.2026.103720","url":null,"abstract":"<div><div>Anonymous authentication can protect the communication security and vehicles’ identity privacy in Vehicular Ad Hoc Networks (VANETs). Certificateless authentication schemes eliminate the certificate management and key escrow problem, and several certificateless anonymous authentication schemes have been proposed for VANETs. In these schemes, the key generation center (KGC) and vehicles collaborate to generate the public/private key pairs. Although collaborative key generation between KGC and vehicles enhances security, both sides introduce critical vulnerabilities: vehicles independently generating public keys remain vulnerable to public key replacement (PKR) attacks, while KGC’s reliance on a static master secret key (MSK) in most schemes increases the risk of MSK leakage. Therefore, we propose a certificateless anonymous authentication scheme in VANETs, which is resistant to PKR attacks and supports dynamic MSK updating. The security analysis shows that the proposed scheme satisfies the security and privacy requirements of VANETs. Experimental results demonstrate that CAAS-DMSK reduces the computational costs by 41.53% in MSK updating.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"173 ","pages":"Article 103720"},"PeriodicalIF":4.1,"publicationDate":"2026-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146090395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

When fixes teach: Repair-aware contrastive learning for optimization-resilient binary vulnerability detection 当修复教：修复感知对比学习优化弹性二进制漏洞检测

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-28 DOI: 10.1016/j.sysarc.2026.103722

Zhenzhou Tian , Jiale Zhao , Ming Fan , Jiaze Sun , Yanping Chen , Lingwei Chen

Deep learning (DL)-based vulnerability detection in source code are prevalent, yet detecting vulnerabilities in binary code using this paradigm remains underexplored. The few works typically treat input instructions as individual entities, failing to extract and leverage fine-grained information due to their inability to account for the inherent connections and correlations between code segments and the impact of compilation optimizations. To address these challenges, this paper proposes Delta, a novel approach that incorporates Dynamic contrastive lEarning with vuLnerabiliTy repair Awareness to fine-tune pre-trained models, significantly enhancing the accuracy and efficiency of vulnerability detection in binary code. Delta proceeds by standardizing assembly instructions and utilizing function pairs that represent code before and after vulnerability repair along with their versions compiled under different optimization settings as contrastive learning samples. Building on these rich and diverse training signals, Delta fine-tunes CodeBERT using contrastive learning augmented with masked language modeling, resulting in a feature encoder CMBERT, which is adept at capturing nuanced vulnerability patterns in binary code and remain resilient to the impacts of compilation optimizations. DELTA is evaluated on the Juliet Test Suite dataset, achieving an average performance improvement of 8.04% in detection accuracy and 7.13% in F1 score compared to alternative methods.

基于深度学习（DL）的源代码漏洞检测很普遍，但使用这种范式检测二进制代码中的漏洞仍未得到充分探索。少数作品通常将输入指令视为单独的实体，由于无法解释代码段之间的内在联系和相关性以及编译优化的影响，因此无法提取和利用细粒度信息。为了应对这些挑战，本文提出了一种新的方法Delta，该方法将动态对比学习与漏洞修复意识相结合，对预训练模型进行微调，显著提高了二进制代码漏洞检测的准确性和效率。Delta将汇编指令标准化，并利用代表漏洞修复前后代码的函数对，以及在不同优化设置下编译的版本，作为对比学习样本。在这些丰富多样的训练信号的基础上，Delta使用对比学习和掩码语言建模对CodeBERT进行微调，从而产生了一个特征编码器CMBERT，它擅长捕捉二进制代码中细微的漏洞模式，并对编译优化的影响保持弹性。DELTA在Juliet Test Suite数据集上进行了评估，与其他方法相比，其检测精度平均提高了8.04%，F1分数提高了7.13%。

{"title":"When fixes teach: Repair-aware contrastive learning for optimization-resilient binary vulnerability detection","authors":"Zhenzhou Tian , Jiale Zhao , Ming Fan , Jiaze Sun , Yanping Chen , Lingwei Chen","doi":"10.1016/j.sysarc.2026.103722","DOIUrl":"10.1016/j.sysarc.2026.103722","url":null,"abstract":"<div><div>Deep learning (DL)-based vulnerability detection in source code are prevalent, yet detecting vulnerabilities in binary code using this paradigm remains underexplored. The few works typically treat input instructions as individual entities, failing to extract and leverage fine-grained information due to their inability to account for the inherent connections and correlations between code segments and the impact of compilation optimizations. To address these challenges, this paper proposes <strong><span>Delta</span></strong>, a novel approach that incorporates <strong>D</strong>ynamic contrastive l<strong>E</strong>arning with vu<strong>L</strong>nerabili<strong>T</strong>y repair <strong>A</strong>wareness to fine-tune pre-trained models, significantly enhancing the accuracy and efficiency of vulnerability detection in binary code. <span>Delta</span> proceeds by standardizing assembly instructions and utilizing function pairs that represent code before and after vulnerability repair along with their versions compiled under different optimization settings as contrastive learning samples. Building on these rich and diverse training signals, <span>Delta</span> fine-tunes CodeBERT using contrastive learning augmented with masked language modeling, resulting in a feature encoder CMBERT, which is adept at capturing nuanced vulnerability patterns in binary code and remain resilient to the impacts of compilation optimizations. DELTA is evaluated on the Juliet Test Suite dataset, achieving an average performance improvement of 8.04% in detection accuracy and 7.13% in F1 score compared to alternative methods.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"173 ","pages":"Article 103722"},"PeriodicalIF":4.1,"publicationDate":"2026-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146090397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Comments on “Contention-aware workflow scheduling on heterogeneous computing systems with shared buses” 对“基于共享总线的异构计算系统的竞争感知工作流调度”的评论

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-27 DOI: 10.1016/j.sysarc.2026.103700

Rajesh Devaraj

Heterogeneous computing systems (HCSs) use different types of processors to balance performance and efficiency for complex applications like workflows. These processors often share a communication bus. When multiple parts of an application try to send data at the same time, this shared bus gets congested, causing delays. Despite this being a common problem, few studies have looked at how to handle this communication bottleneck. To solve this, a new method called Contention-Aware Clustering-based List scheduling (CACL) is proposed. The objective of CACL is to minimize the overall schedule length for the input workflow application modeled as a Directed Acyclic Graph (DAG) to be executed on a HCS interconnected via shared communication buses. While solving this problem, CACL first assigns priorities to task nodes. However, this task priority assignment may occasionally lead to situations where a task is erroneously assigned higher priority compared to one or more of its predecessor tasks in the task graph. Since tasks are selected for processor assignment in the order of their priorities, this situation subsequently leads to violation of precedence relationships between tasks. In this comment, we present a counter example to highlight the design flaw in the task prioritization scheme and discuss possible ways to fix this flaw.

异构计算系统（HCSs）使用不同类型的处理器来平衡复杂应用程序（如工作流）的性能和效率。这些处理器通常共享一个通信总线。当应用程序的多个部分试图同时发送数据时，这个共享总线就会变得拥挤，从而导致延迟。尽管这是一个常见的问题，但很少有研究关注如何处理这一沟通瓶颈。为了解决这一问题，提出了一种基于争用感知聚类的列表调度方法。CACL的目标是最小化作为有向无环图（DAG）建模的输入工作流应用程序在通过共享通信总线互连的HCS上执行的总体调度长度。在解决这个问题时，CACL首先为任务节点分配优先级。然而，这种任务优先级分配可能偶尔会导致这样的情况：与任务图中的一个或多个前一个任务相比，一个任务被错误地分配了更高的优先级。由于任务是按照其优先级顺序选择处理器分配的，因此这种情况随后会导致任务之间的优先级关系被破坏。在这篇评论中，我们提出了一个反例来突出任务优先级方案中的设计缺陷，并讨论了修复该缺陷的可能方法。

{"title":"Comments on “Contention-aware workflow scheduling on heterogeneous computing systems with shared buses”","authors":"Rajesh Devaraj","doi":"10.1016/j.sysarc.2026.103700","DOIUrl":"10.1016/j.sysarc.2026.103700","url":null,"abstract":"<div><div>Heterogeneous computing systems (HCSs) use different types of processors to balance performance and efficiency for complex applications like workflows. These processors often share a communication bus. When multiple parts of an application try to send data at the same time, this shared bus gets congested, causing delays. Despite this being a common problem, few studies have looked at how to handle this communication bottleneck. To solve this, a new method called <em>Contention-Aware Clustering-based List scheduling</em> (CACL) is proposed. The objective of <em>CACL</em> is to minimize the overall schedule length for the input workflow application modeled as a Directed Acyclic Graph (DAG) to be executed on a HCS interconnected via shared communication buses. While solving this problem, <em>CACL</em> first assigns priorities to task nodes. However, this task priority assignment may occasionally lead to situations where a task is erroneously assigned higher priority compared to one or more of its predecessor tasks in the task graph. Since tasks are selected for processor assignment in the order of their priorities, this situation subsequently leads to violation of precedence relationships between tasks. In this comment, we present a counter example to highlight the design flaw in the task prioritization scheme and discuss possible ways to fix this flaw.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"173 ","pages":"Article 103700"},"PeriodicalIF":4.1,"publicationDate":"2026-01-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146090398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

EDF-VD-based energy efficient scheduling for imprecise mixed-criticality task with resource synchronization 基于edf - vd的不精确混合临界任务资源同步节能调度

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-27 DOI: 10.1016/j.sysarc.2026.103725

Yi-Wen Zhang, Quan-Huang Zhang

Prior work on mixed-criticality scheduling with resource synchronization based on Earliest Deadline First with Virtual Deadlines immediately abandons all low-criticality (LO) tasks when the system enters high-criticality (HI) mode, which is not reasonable in practical systems. In this paper, we address the scheduling problem of the imprecise mixed-criticality task model with shared resources in which LO tasks continue to execute with a reduced time budget in HI mode. Thereafter, we propose a new resource access protocol called IMC-SRP, and outline some properties of the IMC-SRP. Moreover, we present sufficient conditions for the schedulability analysis of the IMC-SRP. To save energy, we propose a new algorithm called EAS-IMC-SRP. Furthermore, we use synthetic tasksets to evaluate the proposed algorithm.

以往基于“最早截止日期优先”和“虚拟截止日期”的混合临界调度方法在系统进入高临界模式时，会立即放弃所有低临界任务，这在实际系统中是不合理的。在本文中，我们解决了具有共享资源的不精确混合临界任务模型的调度问题，其中LO任务在HI模式下以减少的时间预算继续执行。在此基础上，我们提出了一种新的资源访问协议IMC-SRP，并概述了IMC-SRP的一些特性。此外，我们还给出了IMC-SRP可调度性分析的充分条件。为了节约能源，我们提出了一种新的算法easc - imc - srp。此外，我们使用合成任务集来评估所提出的算法。

引用次数: 0

Privacy-preserving access control and trust management for multi-authority in IoMT systems IoMT系统中多授权机构的隐私保护访问控制和信任管理

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-24 DOI: 10.1016/j.sysarc.2026.103719

Chenlu Xie, Xiaolin Gui

Internet of Medical Things (IoMT) devices generate a huge amount of real-time data on a daily basis, which can be analyzed by medical practitioners to optimize diagnosis and treatment. Due to the complexity of devices and users in IoMT systems, robust measures are needed to ensure security and quality of service or information. However, most existing schemes require a trusted central authority to generate secret keys for users, which is often impractical in real-world scenarios. Although many multi-authority access control schemes have been proposed to address this issue, they still lack stronger defense and supervision mechanisms to effectively regulate user access. In this paper, we propose a privacy-preserving multi-authority access control scheme that enables policy hiding and efficiently prevents malicious access attacks. Specifically, multiple untrusted authorities independently generate attribute keys through secure two-party computation and zero-knowledge proofs. Even if multiple authorities collude, they cannot trace secret keys. Furthermore, the scheme enhances privacy by breaking the mapping between attributes and the access matrix. What is more, we also construct a dynamic access control mechanism based on trust management, which can effectively curb persistent access attacks by malicious data users. Our security analysis and experimental results show that the scheme achieves semantic security, resists collusion attacks, and constrains the malicious behavior of data users with minimal online encryption computational costs compared to other schemes.

医疗物联网（IoMT）设备每天都会产生大量的实时数据，医生可以对这些数据进行分析，以优化诊断和治疗。由于IoMT系统中设备和用户的复杂性，需要强有力的措施来确保服务或信息的安全和质量。然而，大多数现有方案需要一个可信的中央权威机构为用户生成密钥，这在现实场景中通常是不切实际的。尽管已经提出了许多多权限访问控制方案来解决这一问题，但它们仍然缺乏更强的防御和监督机制来有效地规范用户的访问。本文提出了一种保护隐私的多权限访问控制方案，该方案既能实现策略隐藏，又能有效防止恶意访问攻击。具体来说，多个不受信任的权威机构通过安全的双方计算和零知识证明，独立地生成属性密钥。即使多个机构串通，他们也无法追踪密钥。此外，该方案通过打破属性和访问矩阵之间的映射来增强隐私性。此外，我们还构建了一种基于信任管理的动态访问控制机制，能够有效遏制恶意数据用户的持续访问攻击。安全性分析和实验结果表明，与其他方案相比，该方案以最小的在线加密计算成本实现了语义安全，抵抗合谋攻击，约束了数据用户的恶意行为。

{"title":"Privacy-preserving access control and trust management for multi-authority in IoMT systems","authors":"Chenlu Xie, Xiaolin Gui","doi":"10.1016/j.sysarc.2026.103719","DOIUrl":"10.1016/j.sysarc.2026.103719","url":null,"abstract":"<div><div>Internet of Medical Things (IoMT) devices generate a huge amount of real-time data on a daily basis, which can be analyzed by medical practitioners to optimize diagnosis and treatment. Due to the complexity of devices and users in IoMT systems, robust measures are needed to ensure security and quality of service or information. However, most existing schemes require a trusted central authority to generate secret keys for users, which is often impractical in real-world scenarios. Although many multi-authority access control schemes have been proposed to address this issue, they still lack stronger defense and supervision mechanisms to effectively regulate user access. In this paper, we propose a privacy-preserving multi-authority access control scheme that enables policy hiding and efficiently prevents malicious access attacks. Specifically, multiple untrusted authorities independently generate attribute keys through secure two-party computation and zero-knowledge proofs. Even if multiple authorities collude, they cannot trace secret keys. Furthermore, the scheme enhances privacy by breaking the mapping between attributes and the access matrix. What is more, we also construct a dynamic access control mechanism based on trust management, which can effectively curb persistent access attacks by malicious data users. Our security analysis and experimental results show that the scheme achieves semantic security, resists collusion attacks, and constrains the malicious behavior of data users with minimal online encryption computational costs compared to other schemes.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"173 ","pages":"Article 103719"},"PeriodicalIF":4.1,"publicationDate":"2026-01-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146090487","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

HPA: Manipulating deep reinforcement learning via adversarial interaction HPA：通过对抗性互动操纵深度强化学习

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-22 DOI: 10.1016/j.sysarc.2026.103685

Kanghua Mo , Zhengxin Zhang , Yuanzhi Zhang , Yucheng Long , Zhengdao Li

Recent studies have demonstrated that policy manipulation attacks on deep reinforcement learning (DRL) systems can lead to the learning of abnormal policies by victim agents. However, existing work typically assumes that the attacker can manipulate multiple components of the training process, such as reward functions, environment dynamics, or state information. In IoT-enabled smart societies, where AI-driven systems operate in interconnected and data-sensitive environments, such assumptions raise serious concerns regarding security and privacy. This paper investigates a novel policy manipulation attack in competitive multi-agent reinforcement learning under significantly weaker assumptions, where the attacker only requires access to the victim’s training settings and, in some cases, the learned policy outputs during training. We propose the honeypot policy attack (HPA), in which an adversarial agent induces the victim to learn an attacker-specified target policy by deliberately taking suboptimal actions. To this end, we introduce a honeypot reward estimation mechanism that quantifies the amount of reward sacrifice required by the adversarial agent to influence the victim’s learning process, and adapts this sacrifice according to the degree of policy manipulation. Extensive experiments on three representative competitive games demonstrate that HPA is both effective and stealthy, exposing previously unexplored vulnerabilities in DRL-based systems deployed in IoT-driven smart environments. To the best of our knowledge, this work presents the first policy manipulation attack that does not rely on explicit tampering with internal components of DRL systems, but instead operates solely through admissible adversarial interactions, offering new insights into security challenges faced by emerging AIoT ecosystems.

最近的研究表明，针对深度强化学习（DRL）系统的策略操纵攻击可以导致受害者代理学习异常策略。然而，现有的工作通常假设攻击者可以操纵训练过程的多个组件，例如奖励函数、环境动态或状态信息。在物联网驱动的智能社会中，人工智能驱动的系统在相互关联和数据敏感的环境中运行，这种假设引发了对安全和隐私的严重担忧。本文研究了竞争多智能体强化学习中的一种新的策略操纵攻击，在明显较弱的假设下，攻击者只需要访问受害者的训练设置，在某些情况下，在训练期间学习的策略输出。我们提出了蜜罐策略攻击（HPA），其中敌对代理通过故意采取次优行为诱导受害者学习攻击者指定的目标策略。为此，我们引入了一种蜜罐奖励估计机制，该机制量化了对抗代理影响受害者学习过程所需的奖励牺牲量，并根据策略操纵的程度对这种牺牲进行调整。在三个具有代表性的竞争游戏中进行的广泛实验表明，HPA既有效又隐蔽，暴露了在物联网驱动的智能环境中部署的基于drl的系统中以前未被探索的漏洞。据我们所知，这项工作提出了第一个策略操纵攻击，它不依赖于对DRL系统内部组件的显式篡改，而是仅通过可接受的对抗性相互作用进行操作，为新兴AIoT生态系统面临的安全挑战提供了新的见解。

{"title":"HPA: Manipulating deep reinforcement learning via adversarial interaction","authors":"Kanghua Mo , Zhengxin Zhang , Yuanzhi Zhang , Yucheng Long , Zhengdao Li","doi":"10.1016/j.sysarc.2026.103685","DOIUrl":"10.1016/j.sysarc.2026.103685","url":null,"abstract":"<div><div>Recent studies have demonstrated that policy manipulation attacks on deep reinforcement learning (DRL) systems can lead to the learning of abnormal policies by victim agents. However, existing work typically assumes that the attacker can manipulate multiple components of the training process, such as reward functions, environment dynamics, or state information. In IoT-enabled smart societies, where AI-driven systems operate in interconnected and data-sensitive environments, such assumptions raise serious concerns regarding security and privacy. This paper investigates a novel policy manipulation attack in competitive multi-agent reinforcement learning under significantly weaker assumptions, where the attacker only requires access to the victim’s training settings and, in some cases, the learned policy outputs during training. We propose the honeypot policy attack (HPA), in which an adversarial agent induces the victim to learn an attacker-specified target policy by deliberately taking suboptimal actions. To this end, we introduce a honeypot reward estimation mechanism that quantifies the amount of reward sacrifice required by the adversarial agent to influence the victim’s learning process, and adapts this sacrifice according to the degree of policy manipulation. Extensive experiments on three representative competitive games demonstrate that HPA is both effective and stealthy, exposing previously unexplored vulnerabilities in DRL-based systems deployed in IoT-driven smart environments. To the best of our knowledge, this work presents the first policy manipulation attack that does not rely on explicit tampering with internal components of DRL systems, but instead operates solely through admissible adversarial interactions, offering new insights into security challenges faced by emerging AIoT ecosystems.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"173 ","pages":"Article 103685"},"PeriodicalIF":4.1,"publicationDate":"2026-01-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146090348","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

GAS: A scheduling primitive dependency analysis-based cost model for tensor program optimization 基于调度原语依赖分析的张量程序优化成本模型

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-21 DOI: 10.1016/j.sysarc.2026.103721

Yonghua Hu , Anxing Xie , Yaohua Wang , Zhe Li , Zenghua Cheng , Junyang Tang

Automatically generating high-performance tensor programs has become a promising approach for deploying deep neural networks. A key challenge lies in designing an effective cost model to navigate the vast scheduling search space. Existing approaches typically fall into two categories, each with limitations: offline learning cost models rely on large pre-collected datasets, which may be incomplete or device-specific, and online learning cost models depend on handcrafted features, requiring substantial manual effort and expertise.

We propose GAS, a lightweight framework for generating tensor programs for deep learning applications. GAS reformulates feature extraction as a sequence-dependent analysis of scheduling primitives. Our cost model integrates three key factors to uncover performance-critical insights within scheduling sequences: (1) decision factors allocation, quantifying entropy and skewness of scheduling primitive factors to capture their dominance; (2) primitive contribution weights, measuring the relative impact of primitives on overall performance; and (3) structural semantic alignment, capturing correlations between scheduling primitive factors and hardware parallelism mechanisms. This approach reduces the complexity of handcrafted feature engineering and extensive pre-training datasets, significantly improving both efficiency and scalability. Experimental results on NVIDIA GPUs demonstrate that GAS achieves average speedups of 3.79

\times

over AMOS and 2.22

\times

over Ansor, while also consistently outperforming other state-of-the-art tensor compilers.

自动生成高性能张量程序已成为部署深度神经网络的一种很有前途的方法。一个关键的挑战在于设计一个有效的成本模型来导航巨大的调度搜索空间。现有的方法通常分为两类，每一类都有局限性：离线学习成本模型依赖于大量预先收集的数据集，这些数据集可能是不完整的或特定于设备的，在线学习成本模型依赖于手工制作的特征，需要大量的手工工作和专业知识。我们提出GAS，一个轻量级框架，用于为深度学习应用程序生成张量程序。GAS将特征提取重新表述为调度原语的序列相关分析。我们的成本模型集成了三个关键因素来揭示调度序列中的性能关键洞察：(1)决策因素分配，量化调度原始因素的熵和偏度，以捕获它们的主导地位；(2)原语贡献权重，衡量原语对整体性能的相对影响；(3)结构语义对齐，捕获调度原语因素与硬件并行机制之间的相关性。这种方法降低了手工特征工程和大量预训练数据集的复杂性，显著提高了效率和可扩展性。在NVIDIA gpu上的实验结果表明，GAS的平均速度比AMOS高3.79倍，比Ansor高2.22倍，同时也始终优于其他最先进的张量编译器。

{"title":"GAS: A scheduling primitive dependency analysis-based cost model for tensor program optimization","authors":"Yonghua Hu , Anxing Xie , Yaohua Wang , Zhe Li , Zenghua Cheng , Junyang Tang","doi":"10.1016/j.sysarc.2026.103721","DOIUrl":"10.1016/j.sysarc.2026.103721","url":null,"abstract":"<div><div>Automatically generating high-performance tensor programs has become a promising approach for deploying deep neural networks. A key challenge lies in designing an effective cost model to navigate the vast scheduling search space. Existing approaches typically fall into two categories, each with limitations: offline learning cost models rely on large pre-collected datasets, which may be incomplete or device-specific, and online learning cost models depend on handcrafted features, requiring substantial manual effort and expertise.</div><div>We propose GAS, a lightweight framework for generating tensor programs for deep learning applications. GAS reformulates feature extraction as a sequence-dependent analysis of scheduling primitives. Our cost model integrates three key factors to uncover performance-critical insights within scheduling sequences: (1) decision factors allocation, quantifying entropy and skewness of scheduling primitive factors to capture their dominance; (2) primitive contribution weights, measuring the relative impact of primitives on overall performance; and (3) structural semantic alignment, capturing correlations between scheduling primitive factors and hardware parallelism mechanisms. This approach reduces the complexity of handcrafted feature engineering and extensive pre-training datasets, significantly improving both efficiency and scalability. Experimental results on NVIDIA GPUs demonstrate that GAS achieves average speedups of 3.79<span><math><mo>×</mo></math></span> over AMOS and 2.22<span><math><mo>×</mo></math></span> over Ansor, while also consistently outperforming other state-of-the-art tensor compilers.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"173 ","pages":"Article 103721"},"PeriodicalIF":4.1,"publicationDate":"2026-01-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146039223","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

EdgeTrust-Shard: Hierarchical blockchain architecture for federated learning in cross-chain IoT ecosystems EdgeTrust-Shard：跨链物联网生态系统中联邦学习的分层区块链架构

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-21 DOI: 10.1016/j.sysarc.2026.103701

Tuan-Dung Tran, Phuong-Dai Bui, Van-Hau Pham

Enabling AI-driven real-time distributed computing on the edge-cloud continuum requires overcoming a critical dependability challenge: resource-constrained IoT devices cannot participate in Byzantine-resilient federated learning due to a 1940-fold memory gap, with robust aggregation methods demanding 512MB–2GB while microcontrollers offer only 264KB SRAM. We present EdgeTrust-Shard, a novel system architecture designed for dependability, security, and scalability in edge AI. It enables real-time Byzantine-resilient federated learning on commodity microcontrollers by distributing computational complexity across the network topology. The framework’s contributions include optimal

M = \sqrt{N}

clustering for

O (N)

communication, a Multi-Factor Proof-of-Performance consensus mechanism providing quadratic Byzantine suppression with proven

O (T^{- 1 / 2})

convergence, and platform-optimized cryptography delivering a 3.4-fold speedup for real-time processing. A case study using a hybrid physical-simulation deployment demonstrates the system’s efficacy, achieving 93.9–94.7% accuracy across Byzantine attack scenarios at 30% adversary presence within a 140KB memory footprint on Raspberry Pi Pico nodes. By outperforming adapted state-of-the-art blockchain-FL systems like FedChain and BlockFL by up to 9.3 percentage points, EdgeTrust-Shard provides a critical security enhancement for the edge-cloud continuum, transforming passive IoT data sources into dependable participants in distributed trust computations for next-generation applications such as smart cities and industrial automation.

在边缘云连续体上实现人工智能驱动的实时分布式计算需要克服一个关键的可靠性挑战：由于内存缺口达40倍，资源受限的物联网设备无法参与拜占庭弹性联邦学习，而强大的聚合方法需要512MB-2GB，而微控制器仅提供264KB SRAM。我们提出了EdgeTrust-Shard，这是一种新颖的系统架构，专为边缘人工智能的可靠性，安全性和可扩展性而设计。它通过在网络拓扑上分配计算复杂性，在商品微控制器上实现实时拜占庭弹性联邦学习。该框架的贡献包括用于O(N)通信的最优M=N聚类，提供二次拜占庭抑制的多因素性能证明共识机制，具有已证明的O（T−1/2）收敛性，以及为实时处理提供3.4倍加速的平台优化加密。使用混合物理模拟部署的案例研究证明了系统的有效性，在Raspberry Pi Pico节点140KB内存占用内，在30%的对手存在的拜占庭攻击场景中，实现了93.9-94.7%的准确率。通过比FedChain和BlockFL等最先进的区块链- fl系统高出9.3个百分点，EdgeTrust-Shard为边缘云连续体提供了关键的安全性增强，将被动物联网数据源转化为下一代应用（如智能城市和工业自动化）分布式信任计算的可靠参与者。

{"title":"EdgeTrust-Shard: Hierarchical blockchain architecture for federated learning in cross-chain IoT ecosystems","authors":"Tuan-Dung Tran, Phuong-Dai Bui, Van-Hau Pham","doi":"10.1016/j.sysarc.2026.103701","DOIUrl":"10.1016/j.sysarc.2026.103701","url":null,"abstract":"<div><div>Enabling AI-driven real-time distributed computing on the edge-cloud continuum requires overcoming a critical dependability challenge: resource-constrained IoT devices cannot participate in Byzantine-resilient federated learning due to a 1940-fold memory gap, with robust aggregation methods demanding 512MB–2GB while microcontrollers offer only 264KB SRAM. We present EdgeTrust-Shard, a novel system architecture designed for dependability, security, and scalability in edge AI. It enables real-time Byzantine-resilient federated learning on commodity microcontrollers by distributing computational complexity across the network topology. The framework’s contributions include optimal <span><math><mrow><mi>M</mi><mo>=</mo><msqrt><mrow><mi>N</mi></mrow></msqrt></mrow></math></span> clustering for <span><math><mrow><mi>O</mi><mrow><mo>(</mo><mi>N</mi><mo>)</mo></mrow></mrow></math></span> communication, a Multi-Factor Proof-of-Performance consensus mechanism providing quadratic Byzantine suppression with proven <span><math><mrow><mi>O</mi><mrow><mo>(</mo><msup><mrow><mi>T</mi></mrow><mrow><mo>−</mo><mn>1</mn><mo>/</mo><mn>2</mn></mrow></msup><mo>)</mo></mrow></mrow></math></span> convergence, and platform-optimized cryptography delivering a 3.4-fold speedup for real-time processing. A case study using a hybrid physical-simulation deployment demonstrates the system’s efficacy, achieving 93.9–94.7% accuracy across Byzantine attack scenarios at 30% adversary presence within a 140KB memory footprint on Raspberry Pi Pico nodes. By outperforming adapted state-of-the-art blockchain-FL systems like FedChain and BlockFL by up to 9.3 percentage points, EdgeTrust-Shard provides a critical security enhancement for the edge-cloud continuum, transforming passive IoT data sources into dependable participants in distributed trust computations for next-generation applications such as smart cities and industrial automation.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"173 ","pages":"Article 103701"},"PeriodicalIF":4.1,"publicationDate":"2026-01-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146090346","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0