Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt

Data Mining in Social Networks

The objective of the study is to examine the idea of Big Data and its applications in data mining. The data in the universe is expanding step by step every year and turns into large data. These significant data can be determined to utilize a few data mining undertakings. In short, Big Data can be called as an “asset” and data mining is a technique that is employed to give useful results. This paper implements an HACE algorithm that analysis the structure of big data and presents an efficient data mining technique. This framework model incorporates a mixture of information sources, mining techniques, customer interest, security, and data protection system. The study also analyzes and presents the challenges and issues faced in the big data model

Cloudarmor: Supporting Reputation-Based Trust Management for Cloud Services

Cloud services have become predominant in the current technological era. For the rich set of features provided by cloud services, consumers want to access the services while protecting their privacy. In this kind of environment, protection of cloud services will become a significant problem. So, research has started for a system, which lets the users access cloud services without losing the privacy of their data. Trust management and identity model makes sense in this case. The identity model maintains the authentication and authorization of the components involved in the system and trust-based model provides us with a dynamic way of identifying issues and attacks with the system and take appropriate actions. Further, a trust management-based system provides us with a new set of challenges such as reputation-based attacks, availability of components, and misleading trust feedbacks. Collusion attacks and Sybil attacks form a significant part of these challenges. This paper aims to solve the above problems in a trust management-based model by introducing a credibility model on top of a new trust management model, which addresses these use-cases, and also provides reliability and availability

Employee Performance Assessment in Quality Assurance

Employee performance often determines the progress of a company. Poor appraisals and improper assessment directly effects employee satisfaction and impair company results. Many managers rely primarily on behavioral impressions without appropriately including factual information of the actual work done. There is clear benefit from procedures that elicit and use both factual and subjective criteria for assessment. Analytical Hierarchy Process (AHP) is a methodology that can be applied to complex decisions with multiple criteria [29]. AHP has the capability to combine both subjective and objective evaluation factors, thereby minimizing bias in decision making [29]. The methodology also allows subjective measures from both managers and peers of a worker to be included. This project proposes a unique application of AHP for the calculation of employee performance by a quality assurance department. My implementation of the methodology shows how subjective evaluation by both managers and peers and factual data can be combined to better optimize performance appraisal results. The results of an AHP application can be presented to the manager in graphical format to facilitate comprehension and interpretation. My application of AHP improves upon all the current products in the market for performance appraisal through the methodology to include both multi source subjective and factual data

SAFE-FLOW : a systematic approach for safety analysis of clinical workflows

The increasing use of technology in delivering clinical services brings substantial benefits to the healthcare industry. At the same time, it introduces potential new complications to clinical workflows that generate new risks and hazards with the potential to affect patients’ safety. These workflows are safety critical and can have a damaging impact on all the involved parties if they fail.Due to the large number of processes included in the delivery of a clinical service, it can be difficult to determine the individuals or the processes that are responsible for adverse events. Using methodological approaches and automated tools to carry out an analysis of the workflow can help in determining the origins of potential adverse events and consequently help in avoiding preventable errors. There is a scarcity of studies addressing this problem; this was a partial motivation for this thesis.The main aim of the research is to demonstrate the potential value of computer science based dependability approaches to healthcare and in particular, the appropriateness and benefits of these dependability approaches to overall clinical workflows. A particular focus is to show that model-based safety analysis techniques can be usefully applied to such areas and then to evaluate this application.This thesis develops the SAFE-FLOW approach for safety analysis of clinical workflows in order to establish the relevance of such application. SAFE-FLOW detailed steps and guidelines for its application are explained. Then, SAFE-FLOW is applied to a case study and is systematically evaluated. The proposed evaluation design provides a generic evaluation strategy that can be used to evaluate the adoption of safety analysis methods in healthcare.It is concluded that safety of clinical workflows can be significantly improved by performing safety analysis on workflow models. The evaluation results show that SAFE-FLOW is feasible and it has the potential to provide various benefits; it provides a mechanism for a systematic identification of both adverse events and safeguards, which is helpful in terms of identifying the causes of possible adverse events before they happen and can assist in the design of workflows to avoid such occurrences. The clear definition of the workflow including its processes and tasks provides a valuable opportunity for formulation of safety improvement strategies

Mobile Framework for CT Image Reconstruction

Mobile devices have conquered the world from a common daily usage as e-mail to a complex application as Global Positioning System. The mobile devices have a potential to be developed as a computed device with an application to reconstruct images from computed tomography. The mobile CT application was developed to visualize the CT datasets by plotting out a test dataset to form a sinogram image on the mobile device’s screen. The image was obtained by reconstructed the CT datasets using filtered backprojection image processing algorithm. The CT datasets were filtered by using filtered datasets before the image reconstruction processes. The filtering process was a method to remove the blurring effect of the backprojection algorithm

Security risk assessment in cloud computing domains

Cyber security is one of the primary concerns persistent across any computing platform. While addressing the apprehensions about security risks, an infinite amount of resources cannot be invested in mitigation measures since organizations operate under budgetary constraints. Therefore the task of performing security risk assessment is imperative to designing optimal mitigation measures, as it provides insight about the strengths and weaknesses of different assets affiliated to a computing platform. The objective of the research presented in this dissertation is to improve upon existing risk assessment frameworks and guidelines associated to different key assets of Cloud computing domains - infrastructure, applications, and users. The dissertation presents various informal approaches of performing security risk assessment which will help to identify the security risks confronted by the aforementioned assets, and utilize the results to carry out the required cost-benefit tradeoff analyses. This will be beneficial to organizations by aiding them in better comprehending the security risks their assets are exposed to and thereafter secure them by designing cost-optimal mitigation measures --Abstract, page iv

The integration of hazard evaluation procedures and requirements engineering for safety-critical embedded systems

Although much work has been done on assessing safety requirements in programmable systems, one very important aspect, the integration of hazard evaluation procedures and requirements engineering, has been somewhat neglected. This thesis describes the derivation and application of a methodology, HAZAPS (HAZard Assessment in Programmable Systems). The methodology assists at the requirements stage in the development of safety-critical embedded systems. The objectives are to identify hazards in programmable systems, construct and model the associated safety requirements, and, finally, to assess these requirements. HAZAPS integrates safety engineering and software modelling techniques. The analysis of more than 300 computer related incidents provided the criteria used to identify, select and modify safety engineering techniques. [Continues.

Security Risk Management for the Internet of Things

In recent years, the rising complexity of Internet of Things (IoT) systems has increased their potential vulnerabilities and introduced new cybersecurity challenges. In this context, state of the art methods and technologies for security risk assessment have prominent limitations when it comes to large scale, cyber-physical and interconnected IoT systems. Risk assessments for modern IoT systems must be frequent, dynamic and driven by knowledge about both cyber and physical assets. Furthermore, they should be more proactive, more automated, and able to leverage information shared across IoT value chains. This book introduces a set of novel risk assessment techniques and their role in the IoT Security risk management process. Specifically, it presents architectures and platforms for end-to-end security, including their implementation based on the edge/fog computing paradigm. It also highlights machine learning techniques that boost the automation and proactiveness of IoT security risk assessments. Furthermore, blockchain solutions for open and transparent sharing of IoT security information across the supply chain are introduced. Frameworks for privacy awareness, along with technical measures that enable privacy risk assessment and boost GDPR compliance are also presented. Likewise, the book illustrates novel solutions for security certification of IoT systems, along with techniques for IoT security interoperability. In the coming years, IoT security will be a challenging, yet very exciting journey for IoT stakeholders, including security experts, consultants, security research organizations and IoT solution providers. The book provides knowledge and insights about where we stand on this journey. It also attempts to develop a vision for the future and to help readers start their IoT Security efforts on the right foot

Mobile application for long distance vehicles booking of passengers in Kenya

A Thesis submitted in partial fulfillment of the requirements for the Degree of Master of Science in Computer-Based Information Systems at Strathmore UniversityMaking a booking for a journey has been one of the challenges affecting passengers who travel for long distances. Public transport is one field that is facing extreme pressures with customers demanding higher service levels at an affordable prices. Over years, public transport is supposed to facilitate movement of people from one location to next conveniently and in a cheaper way but this is not the case in Kenya where there are a lot of inconveniences affecting passengers using public service vehicles. To ensure a passenger makes a booking in advance, they are required to visit the booking office prior to their travel date and pay for the journey in form of cash causing inconvenience and thus making the passenger to incur an extra cost in order to make a booking in advance. Thus, this study aims at developing a mobile application that would assist passengers in making a booking at their own convenience by indicating their pick-up location so that they do not have to visit the booking office thus saving them time and travelling cost and reduced queues in booking offices and the number of staff employed leading to increased revenues. In addition, the passenger would be in a position to make payment via M-PESA or Credit Card. A simple web page is provided to add some booking details to the database to be used by the mobile application and at the same time to make a booking for few passengers who would visit the office to make a booking and for viewing reports. Data collection was achieved through questionnaires and review of existing data sources. The study was carried out in line with the ethical practices as specified by the University’s rules and regulations