Visible to the public Biblio

Found 129 results

Filters: Keyword is Automation  [Clear All Filters]
2022-09-09
Perucca, A., Thai, T. T., Fiasca, F., Signorile, G., Formichella, V., Sesia, I., Levi, F..  2021.  Network and Software Architecture Improvements for a Highly Automated, Robust and Efficient Realization of the Italian National Time Scale. 2021 Joint Conference of the European Frequency and Time Forum and IEEE International Frequency Control Symposium (EFTF/IFCS). :1—4.
Recently, the informatics infrastructure of INRiM Time and Frequency Laboratory has been completely renewed with particular attention to network security and software architecture aspects, with the aims to improve the reliability, robustness and automation of the overall set-up. This upgraded infrastructure has allowed, since January 2020, a fully automated generation and monitoring of the Italian time scale UTC(IT), based on dedicated software developed in-house [1]. We focus in this work on the network and software aspects of our set-up, which enable a robust and reliable automatic time scale generation with continuous monitoring and minimal human intervention.
2022-08-26
Rangnau, Thorsten, Buijtenen, Remco v., Fransen, Frank, Turkmen, Fatih.  2020.  Continuous Security Testing: A Case Study on Integrating Dynamic Security Testing Tools in CI/CD Pipelines. 2020 IEEE 24th International Enterprise Distributed Object Computing Conference (EDOC). :145–154.
Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps to ensure fast delivery of new features. This is achieved by automatically testing and releasing new software versions, e.g. multiple times per day. However, classical security management techniques cannot keep up with this quick Software Development Life Cycle (SDLC). Nonetheless, guaranteeing high security quality of software systems has become increasingly important. The new trend of DevSecOps aims to integrate security techniques into existing DevOps practices. Especially, the automation of security testing is an important area of research in this trend. Although plenty of literature discusses security testing and CI/CD practices, only a few deal with both topics together. Additionally, most of the existing works cover only static code analysis and neglect dynamic testing methods. In this paper, we present an approach to integrate three automated dynamic testing techniques into a CI/CD pipeline and provide an empirical analysis of the introduced overhead. We then go on to identify unique research/technology challenges the DevSecOps communities will face and propose preliminary solutions to these challenges. Our findings will enable informed decisions when employing DevSecOps practices in agile enterprise applications engineering processes and enterprise security.
Frumin, Dan, Krebbers, Robbert, Birkedal, Lars.  2021.  Compositional Non-Interference for Fine-Grained Concurrent Programs. 2021 IEEE Symposium on Security and Privacy (SP). :1416—1433.
Non-interference is a program property that ensures the absence of information leaks. In the context of programming languages, there exist two common approaches for establishing non-interference: type systems and program logics. Type systems provide strong automation (by means of type checking), but they are inherently restrictive in the kind of programs they support. Program logics support challenging programs, but they typically require significant human assistance, and cannot handle modules or higher-order programs.To connect these two approaches, we present SeLoC—a separation logic for non-interference, on top of which we build a type system using the technique of logical relations. By building a type system on top of separation logic, we can compositionally verify programs that consist of typed and untyped parts. The former parts are verified through type checking, while the latter parts are verified through manual proof.The core technical contribution of SeLoC is a relational form of weakest preconditions that can track information flow using separation logic resources. SeLoC is fully machine-checked, and built on top of the Iris framework for concurrent separation logic in Coq. The integration with Iris provides seamless support for fine-grained concurrency, which was beyond the reach of prior type systems and program logics for non-interference.
Winter, Kirsten, Coughlin, Nicholas, Smith, Graeme.  2021.  Backwards-directed information flow analysis for concurrent programs. 2021 IEEE 34th Computer Security Foundations Symposium (CSF). :1—16.
A number of approaches have been developed for analysing information flow in concurrent programs in a compositional manner, i.e., in terms of one thread at a time. Early approaches modelled the behaviour of a given thread's environment using simple read and write permissions on variables, or by associating specific behaviour with whether or not locks are held. Recent approaches allow more general representations of environmental behaviour, increasing applicability. This, however, comes at a cost. These approaches analyse the code in a forwards direction, from the start of the program to the end, constructing the program's entire state after each instruction. This process needs to take into account the environmental influence on all shared variables of the program. When environmental influence is modelled in a general way, this leads to increased complexity, hindering automation of the analysis. In this paper, we present a compositional information flow analysis for concurrent systems which is the first to support a general representation of environmental behaviour and be automated within a theorem prover. Our approach analyses the code in a backwards direction, from the end of the program to the start. Rather than constructing the entire state at each instruction, it generates only the security-related proof obligations. These are, in general, much simpler, referring to only a fraction of the program's shared variables and thus reducing the complexity introduced by environmental behaviour. For increased applicability, our approach analyses value-dependent information flow, where the security classification of a variable may depend on the current state. The resulting logic has been proved sound within the theorem prover Isabelle/HOL.
Xu, Aidong, Fei, Lingzhi, Wang, Qianru, Wen, Hong, Wu, Sihui, Wang, Peiyao, Zhang, Yunan, Jiang, Yixin.  2021.  Terminal Security Reinforcement Method based on Graph and Potential Function. 2021 International Conference on Intelligent Computing, Automation and Applications (ICAA). :307—313.
By taking advantages of graphs and potential functions, a security reinforcement method for edge computing terminals is proposed in this paper. A risk graph of the terminal security protection system is constructed, and importance of the security protection and risks of the terminals is evaluated according to the topological potential of the graph nodes, and the weak points of the terminal are located, and the corresponding reinforcement method is proposed. The simulation experiment results show that the proposed method can upgrade and strengthen the key security mechanism of the terminal, improve the performance of the terminal security protection system, and is beneficial to the security management of the edge computing system.
Nazarova, O. Yu., Sklyarov, Alexey, Shilina, A. N..  2021.  Methods for Determining a Quantitative Indicator of Threats to Information Security in Telecommunications and Industrial Automation Systems. 2021 International Russian Automation Conference (RusAutoCon). :730—734.

The paper considers the issue of assessing threats to information security in industrial automation and telecommunication systems in order to improve the efficiency of their security systems. A method for determining a quantitative indicator of threats is proposed, taking into account the probabilistic nature of the process of implementing negative impacts on objects of both industrial and telecommunications systems. The factors that contribute and (or) initiate them are also determined, the dependences of the formal definition of the quantitative indicator of threats are obtained. Methods for a quantitative threat assessment as well as the degree of this threat are presented in the form of a mathematical model in order to substantiate and describe the method for determining a threat to industrial automation systems. Recommendations necessary for obtaining expert assessments of negative impacts on the informatisation objects and information security systems counteracting are formulated to facilitate making decisions on the protection of industrial and telecommunication systems.

2022-08-12
Sani, Abubakar Sadiq, Yuan, Dong, Meng, Ke, Dong, Zhao Yang.  2021.  R-Chain: A Universally Composable Relay Resilience Framework for Smart Grids. 2021 IEEE Power & Energy Society General Meeting (PESGM). :01–05.
Smart grids can be exposed to relay attacks (or wormhole attacks) resulting from weaknesses in cryptographic operations such as authentication and key derivation associated with process automation protocols. Relay attacks refer to attacks in which authentication is evaded without needing to attack the smart grid itself. By using a universal composability model that provides a strong security notion for designing cryptographic operations, we formulate the necessary relay resilience settings for strengthening authentication and key derivation and enhancing relay security in process automation protocols in this paper. We introduce R-Chain, a universally composable relay resilience framework that prevents bypass of cryptographic operations. Our framework provides an ideal chaining functionality that integrates all cryptographic operations such that all outputs from a preceding operation are used as input to the subsequent operation to support relay resilience. We apply R-Chain to provide relay resilience in a practical smart grid process automation protocol, namely WirelessHART.
2022-07-29
Suo, Siliang, Huang, Kaitian, Kuang, Xiaoyun, Cao, Yang, Chen, Liming, Tao, Wenwei.  2021.  Communication Security Design of Distribution Automation System with Multiple Protection. 2021 IEEE International Conference on Consumer Electronics and Computer Engineering (ICCECE). :750—754.
At present, the security protection of distribution automation system is faced with complex and diverse operating environment, and the main use of public network may bring greater security risks, there are still some deficiencies. According to the actual situation of distribution automation of China Southern Power Grid, this paper designs multiple protection technology, carries out encryption distribution terminal research, and realizes end-to-end longitudinal security protection of distribution automation system, which is effectively improving the anti-attack ability of distribution terminal.
Sharma, Kavya, Chakravarti, Praveen Kumar, Sharma, Rohan, Parashar, Kanishq, Pal, Nisha.  2021.  A Review on Internet of Things Based Door Security. 2021 4th Biennial International Conference on Nascent Technologies in Engineering (ICNTE). :1—4.
{On considering workplace thefts as a major problem, there is a requirement of designing a vandal proof door hardware and locking mechanism for ensuring the security of our property. So the door lock system with extra security features with a user friendly cost is suggested in this paper. When a stranger comes at the door, he/she has to pass three security levels for unlocking the solenoid locks present at the door and if he fails to do so, the door will remain locked. These three levels are of three extraordinary security features as one of them is using Fingerprint sensor, second is using a knocking pattern, and the last lock is unlocked by the preset pin/pattern entered by the user. Since, in addition to these features, there is one more option for the case of appearing of guest at the door and that is the Image capturing using web-camera present at the door and here the owner of the house is able to unlock all the locks if he wants the guest to enter the home. This all will be monitored by Node MCU}.
Liu, Wei, Zhao, Tao.  2021.  Vulnerability Assessment and Attack Simulation of Power IoT Based on the Attractiveness of Equipment Assets. 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). 4:1246—1250.
With the rapid development of the electric power Internet-of-Things (power IoT) technology and the widespread use of general-purpose software, hardware and network facilities, the power IoT has become more and more open, which makes the traditional power system face new cyber security threats. In order to find the vulnerable device nodes and attack links in the power IoT system, this paper studies a set of attack path calculation methods and vulnerability node discovery algorithms, which can construct a power IoT attack simulation program based on the value of equipment assets and information attributes. What’s more, this paper has carried on the example analysis and verification on the improved IEEE RBTS Bus 2 system. Based on the above research plan, this paper finally developed a set of power IoT attack simulation tool based on distribution electronic stations, which can well find the vulnerable devices in the system.
2022-07-12
T⊘ndel, Inger Anne, Vefsnmo, Hanne, Gjerde, Oddbj⊘rn, Johannessen, Frode, Fr⊘ystad, Christian.  2021.  Hunting Dependencies: Using Bow-Tie for Combined Analysis of Power and Cyber Security. 2020 2nd International Conference on Societal Automation (SA). :1—8.
Modern electric power systems are complex cyber-physical systems. The integration of traditional power and digital technologies result in interdependencies that need to be considered in risk analysis. In this paper we argue the need for analysis methods that can combine the competencies of various experts in a common analysis focusing on the overall system perspective. We report on our experiences on using the Vulnerability Analysis Framework (VAF) and bow-tie diagrams in a combined analysis of the power and cyber security aspects in a realistic case. Our experiences show that an extended version of VAF with increased support for interdependencies is promising for this type of analysis.
2022-07-01
Mani, Santosh, Nene, Manisha J.  2021.  Self-organizing Software Defined Mesh Networks to Counter Failures and Attacks. 2021 International Conference on Intelligent Technologies (CONIT). :1–7.
With current Traditional / Legacy networks, the reliance on manual intervention to solve a variety of issues be it primary operational functionalities like addressing Link-failure or other consequent complexities arising out of existing solutions for challenges like Link-flapping or facing attacks like DDoS attacks is substantial. This physical and manual approach towards network configurations to make significant changes result in very slow updates and increased probability of errors and are not sufficient to address and support the rapidly shifting workload of the networks due to the fact that networking decisions are left to the hands of physical networking devices. With the advent of Software Defined Networking (SDN) which abstracts the network functionality planes, separating it from physical hardware – and decoupling the data plane from the control plane, it is able to provide a degree of automation for the network resources and management of the services provided by the network. This paper explores some of the aspects of automation provided by SDN capabilities in a Mesh Network (provides Network Security with redundancy of communication links) which contribute towards making the network inherently intelligent and take decisions without manual intervention and thus take a step towards Intelligent Automated Networks.
2022-06-14
Zakharov, E. R., Zakharova, V. O., Vlasov, A. I..  2021.  Methods and Algorithms for Generating a Storage Key Based on Biometric Parameters. 2021 International Russian Automation Conference (RusAutoCon). :137–141.
The theoretical basis made it possible to implement software for automated secure biometric verification and personal identification, which can be used by information security systems (including access control and management systems). The work is devoted to solving an urgent problem - the development of methods and algorithms for generating a key for a storage device based on biometric parameters. Biometric cryptosystems take advantage of biometrics to improve the security of encryption keys. The ability not to store a key that is derived from biometric data is a direct advantage of the method of generating cryptographic keys from biometric data of users over other existing encryption methods.
Kuznetsova, Nataliya M., Karlova, Tatyana V., Bekmeshov, Alexander Y., Kirillova, Elena A., Mikhaylova, Marianna V., Averchenkov, Andrey V..  2021.  Mathematical and Algorithmic Prevention of Biometric Data Leaks. 2021 International Conference on Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS). :210–212.
Biometric methods are the most effective and accurate authentication methods. However, a significant drawback of such methods is the storage of authentication information in clear text. The article is devoted to solving this problem by means of symmetric encryption method and the method of dividing the memory space. The method of symmetric encryption ensures confidentiality during storage and transmission of biometric characteristics, the method of dividing the memory space provides an increase of information security level during processing of biometric characteristics.
2022-06-10
Ramachandran, Gowri Sankar, Deane, Felicity, Malik, Sidra, Dorri, Ali, Jurdak, Raja.  2021.  Towards Assisted Autonomy for Supply Chain Compliance Management. 2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). :321–330.

In an agricultural supply chain, farmers, food processors, transportation agencies, importers, and exporters must comply with different regulations imposed by one or more jurisdictions depending on the nature of their business operations. Supply chain stakeholders conventionally transport their goods, along with the corresponding documentation via regulators for compliance checks. This is generally followed by a tedious and manual process to ensure the goods meet regulatory requirements. However, supply chain systems are changing through digitization. In digitized supply chains, data is shared with the relevant stakeholders through digital supply chain platforms, including blockchain technology. In such datadriven digital supply chains, the regulators may be able to leverage digital technologies, such as artificial intelligence and machine learning, to automate the compliance verification process. However, a barrier to progress is the risk that information will not be credible, thus reversing the gains that automation could achieve. Automating compliance based on inaccurate data may compromise the safety and credibility of the agricultural supply chain, which discourages regulators and other stakeholders from adopting and relying on automation. Within this article we consider the challenges of digital supply chains when we describe parts of the compliance management process and how it can be automated to improve the operational efficiency of agricultural supply chains. We introduce assisted autonomy as a means to pragmatically automate the compliance verification process by combining the power of digital systems while keeping the human in-the-loop. We argue that autonomous compliance is possible, but that the need for human led inspection processes will never be replaced by machines, however it can be minimised through “assisted autonomy”.

2022-06-09
Yin, Weiru, Chai, Chen, Zhou, Ziyao, Li, Chenhao, Lu, Yali, Shi, Xiupeng.  2021.  Effects of trust in human-automation shared control: A human-in-the-loop driving simulation study. 2021 IEEE International Intelligent Transportation Systems Conference (ITSC). :1147–1154.
Human-automation shared control is proposed to reduce the risk of driver disengagement in Level-3 autonomous vehicles. Although previous studies have approved shared control strategy is effective to keep a driver in the loop and improve the driver's performance, over- and under-trust may affect the cooperation between the driver and the automation system. This study conducted a human-in-the-loop driving simulation experiment to assess the effects of trust on driver's behavior of shared control. An expert shared control strategy with longitudinal and lateral driving assistance was proposed and implemented in the experiment platform. Based on the experiment (N=24), trust in shared control was evaluated, followed by a correlation analysis of trust and behaviors. Moderating effects of trust on the relationship between gaze focalization and minimum of time to collision were then explored. Results showed that self-reported trust in shared control could be evaluated by three subscales respectively: safety, efficiency and ease of control, which all show stronger correlations with gaze focalization than other behaviors. Besides, with more trust in ease of control, there is a gentle decrease in the human-machine conflicts of mean brake inputs. The moderating effects show trust could enhance the decrease of minimum of time to collision as eyes-off-road time increases. These results indicate over-trust in automation will lead to unsafe behaviors, particularly monitoring behavior. This study contributes to revealing the link between trust and behavior in the context of human-automation shared control. It can be applied in improving the design of shared control and reducing risky behaviors of drivers by further trust calibration.
Jie, Chen.  2021.  Information Security Risk Assessment of Industrial Control System Based on Hybrid Genetic Algorithms. 2021 13th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA). :423–426.
In order to solve the problem of quantitative assessment of information security risks in industrial control systems, this paper proposes a method of information security risk assessment for industrial control systems based on modular hybrid genetic algorithm. Combining with the characteristics of industrial control systems, the use of hybrid genetic algorithm evidence theory to identify, evaluate and assess assets and threats, and ultimately come to the order of the size of the impact of security threats on the specific industrial control system information security. This method can provide basis for making decisions to reduce information security risks in the control system from qualitative and quantitative aspects.
2022-06-08
Jia, Xianfeng, Liu, Tianyu, Sun, Chunhui, Wu, Zhi.  2021.  Analysis on the Application of Cryptographic Technology in the Communication Security of Intelligent Networked Vehicles. 2021 6th International Conference on Automation, Control and Robotics Engineering (CACRE). :423–427.

Intelligent networked vehicles are rapidly developing in intelligence and networking. The communication architecture is becoming more complex, external interfaces are richer, and data types are more complex. Different from the information security of the traditional Internet of Things, the scenarios that need to be met for the security of the Internet of Vehicles are more diverse and the security needs to be more stable. Based on the security technology of traditional Internet of Things, password application is the main protection method to ensure the privacy and non-repudiation of data communication. This article mainly elaborates the application of security protection methods using password-related protection technologies in car-side scenarios and summarizes the security protection recommendations of contemporary connected vehicles in combination with the secure communication architecture of the Internet of Vehicles.

Yang, Ruxia, Gao, Xianzhou, Gao, Peng.  2021.  Research on Intelligent Recognition and Tracking Technology of Sensitive Data for Electric Power Big Data. 2021 13th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA). :229–234.
Current power sensitive data security protection adopts classification and grading protection. Company classification and grading are mainly in formulating specifications. Data classification and grading processing is carried out manually, which is heavy and time-consuming, while traditional data identification mainly relies on rules for data identification, the level of automation and intelligence is low, and there are many problems in recognition accuracy. Data classification and classification is the basis of data security protection. Sensitive data identification is the key to data classification and classification, and it is also the first step to achieve accurate data security protection. This paper proposes an intelligent identification and tracking technology of sensitive data for electric power big data, which can improve the ability of data classification and classification, help the realization of data classification and classification, and provide support for the accurate implementation of data security capabilities.
2022-06-06
Papallas, Rafael, Dogar, Mehmet R..  2020.  Non-Prehensile Manipulation in Clutter with Human-In-The-Loop. 2020 IEEE International Conference on Robotics and Automation (ICRA). :6723–6729.
We propose a human-operator guided planning approach to pushing-based manipulation in clutter. Most recent approaches to manipulation in clutter employs randomized planning. The problem, however, remains a challenging one where the planning times are still in the order of tens of seconds or minutes, and the success rates are low for difficult instances of the problem. We build on these control-based randomized planning approaches, but we investigate using them in conjunction with human-operator input. In our framework, the human operator supplies a high-level plan, in the form of an ordered sequence of objects and their approximate goal positions. We present experiments in simulation and on a real robotic setup, where we compare the success rate and planning times of our human-in-the-loop approach with fully autonomous sampling-based planners. We show that with a minimal amount of human input, the low-level planner can solve the problem faster and with higher success rates.
2022-05-20
Phan, Cao-Thanh, Rahali, Mohamed, Morin, Cédric.  2021.  Threat detection and mitigation with MonB5G components in the aLTEr scenario. 2021 IEEE International Mediterranean Conference on Communications and Networking (MeditCom). :1–2.
This demo presents a new approach to detecting and countering the aLTEr attack by proactively searching for the threat and automatically remediating it. These processes leverage AI/ML techniques and the automation framework offered by the MonB5G architecture.
Sion, Laurens, Van Landuyt, Dimitri, Yskout, Koen, Verreydt, Stef, Joosen, Wouter.  2021.  Automated Threat Analysis and Management in a Continuous Integration Pipeline. 2021 IEEE Secure Development Conference (SecDev). :30–37.
Security and privacy threat modeling is commonly applied to systematically identify and address design-level security and privacy concerns in the early stages of architecture and design. Identifying and resolving these threats should remain a continuous concern during the development lifecycle. Especially with contemporary agile development practices, a single-shot upfront analysis becomes quickly outdated. Despite it being explicitly recommended by experts, existing threat modeling approaches focus largely on early development phases and provide limited support during later implementation phases.In this paper, we present an integrated threat analysis toolchain to support automated, continuous threat elicitation, assessment, and mitigation as part of a continuous integration pipeline in the GitLab DevOps platform. This type of automation allows for continuous attention to security and privacy threats during development at the level of individual commits, supports monitoring and managing the progress in addressing security and privacy threats over time, and enables more advanced and fine-grained analyses such as assessing the impact of proposed changes in different code branches or merge/pull requests by analyzing the changes to the threat model.
2022-05-19
Ndichu, Samuel, Ban, Tao, Takahashi, Takeshi, Inoue, Daisuke.  2021.  A Machine Learning Approach to Detection of Critical Alerts from Imbalanced Multi-Appliance Threat Alert Logs. 2021 IEEE International Conference on Big Data (Big Data). :2119–2127.
The extraordinary number of alerts generated by network intrusion detection systems (NIDS) can desensitize security analysts tasked with incident response. Security information and event management systems (SIEMs) perform some rudimentary automation but cannot replicate the decision-making process of a skilled analyst. Machine learning and artificial intelligence (AI) can detect patterns in data with appropriate training. In practice, the majority of the alert data comprises false alerts, and true alerts form only a small proportion. Consequently, a naive engine that classifies all security alerts into the majority class can yield a superficial high accuracy close to 100%. Without any correction for the class imbalance, the false alerts will dominate algorithmic predictions resulting in poor generalization performance. We propose a machine-learning approach to address the class imbalance problem in multi-appliance security alert data and automate the security alert analysis process performed in security operations centers (SOCs). We first used the neighborhood cleaning rule (NCR) to identify and remove ambiguous, noisy, and redundant false alerts. Then, we applied the support vector machine synthetic minority oversampling technique (SVMSMOTE) to generate synthetic training true alerts. Finally, we fit and evaluated the decision tree and random forest classifiers. In the experiments, using alert data from eight security appliances, we demonstrated that the proposed method can significantly reduce the need for manual auditing, decreasing the number of uninspected alerts and achieving a performance of 99.524% in recall.
Deng, Xiaolei, Zhang, Chunrui, Duan, Yubing, Xie, Jiajun, Deng, Kai.  2021.  A Mixed Method For Internal Threat Detection. 2021 IEEE 5th Information Technology,Networking,Electronic and Automation Control Conference (ITNEC). 5:748–756.
In recent years, the development of deep learning has brought new ideas to internal threat detection. In this paper, three common deep learning algorithms for threat detection are optimized and innovated, and feature embedding, drift detection and sample weighting are introduced into FCNN. Adaptive multi-iteration method is introduced into Support Vector Data Description (SVDD). A dynamic threshold adjustment mechanism is introduced in VAE. In threat detection, three methods are used to detect the abnormal behavior of users, and the intersection of output results is taken as the final threat judgment basis. Experiments on cert r6.2 data set show that this method can significantly reduce the false positive rate.
2022-05-06
Wotawa, Franz, Klampfl, Lorenz, Jahaj, Ledio.  2021.  A framework for the automation of testing computer vision systems. 2021 IEEE/ACM International Conference on Automation of Software Test (AST). :121–124.
Vision systems, i.e., systems that enable the detection and tracking of objects in images, have gained substantial importance over the past decades. They are used in quality assurance applications, e.g., for finding surface defects in products during manufacturing, surveillance, but also automated driving, requiring reliable behavior. Interestingly, there is only little work on quality assurance and especially testing of vision systems in general. In this paper, we contribute to the area of testing vision software, and present a framework for the automated generation of tests for systems based on vision and image recognition with the focus on easy usage, uniform usability and expandability. The framework makes use of existing libraries for modifying the original images and to obtain similarities between the original and modified images. We show how such a framework can be used for testing a particular industrial application on identifying defects on riblet surfaces and present preliminary results from the image classification domain.