Security Analysis of System Behaviour - From "Security by Design" to "Security at Runtime" -

The Internet today provides the environment for novel applications and processes which may evolve way beyond pre-planned scope and purpose. Security analysis is growing in complexity with the increase in functionality, connectivity, and dynamics of current electronic business processes. Technical processes within critical infrastructures also have to cope with these developments. To tackle the complexity of the security analysis, the application of models is becoming standard practice. However, model-based support for security analysis is not only needed in pre-operational phases but also during process execution, in order to provide situational security awareness at runtime. This cumulative thesis provides three major contributions to modelling methodology. Firstly, this thesis provides an approach for model-based analysis and verification of security and safety properties in order to support fault prevention and fault removal in system design or redesign. Furthermore, some construction principles for the design of well-behaved scalable systems are given. The second topic is the analysis of the exposition of vulnerabilities in the software components of networked systems to exploitation by internal or external threats. This kind of fault forecasting allows the security assessment of alternative system configurations and security policies. Validation and deployment of security policies that minimise the attack surface can now improve fault tolerance and mitigate the impact of successful attacks. Thirdly, the approach is extended to runtime applicability. An observing system monitors an event stream from the observed system with the aim to detect faults - deviations from the specified behaviour or security compliance violations - at runtime. Furthermore, knowledge about the expected behaviour given by an operational model is used to predict faults in the near future. Building on this, a holistic security management strategy is proposed. The architecture of the observing system is described and the applicability of model-based security analysis at runtime is demonstrated utilising processes from several industrial scenarios. The results of this cumulative thesis are provided by 19 selected peer-reviewed papers

Studies of conformation and configuration using crystallographic methods

This Thesis demonstrates the use of the Cambridge Crystallographic Database for structure correlation studies in two very different fields. The first part of the Thesis (Chapters 2 and 3) is concerned with the systematic conformational analysis of medium-sized rings and satisfies the objectives of the study by: (i) applying novel classification techniques to the conformational descriptions of both the seven- and eight-membered rings, (ii) interpreting the results in terms of the relevant conformational hypersurface by locating the highly populated regions of that hypersurface and mapping the interconversion pathways, (iii) studying, modifying and improving the available methodologies for data analysis, and (iv) relating the conformational minima found using these methods to both the chemical environments of the fragments under investigation, and to energetic features of the hypersurface obtained by computational methods. The second major structure correlation experiment involves the analysis and description of 3-coordinated transition metal complexes using both simple geometrical models and group-theoretically based symmetry deformation coordinates. Non-bonded interactions will be seen to play a significant part in the geometry of the 3-coordinated fragment, and extrapolation of these results leads to the rationalisation of an addition/elimination scheme linking 4- and 2-coordinated fragments through the intermediate 3-coordinated species. Chapter 5 describes the crystallographic structure determinations of eight novel compounds: 3,5-cycloheptadienyl-3,5 dinitrobenzoate [C(_14)H(_12)O(_6)N(_2)]; a 34-membered diolide [C(_32)H(_60)O(_4)]; l-iodo-3-tosyloxy-propan-2-ane [C(_10)H(_11)O(_4)IS)]; 1β, 9 β -diacetyl- 7α-chloro-cis-hydrindane [C(_13)H(_19)O(_2)CI]; (R,R)-l,4-bis (2'-chloro-1 '-hydoxyethyl) benzene [C(_10)H(_12)O(_2)CI(_2)]; a fused penta-cyclic ring compound [C(_17)H(_14)]; 1,4 dibenzyl- 1,2,4,5-tetraazacyclohexane [C(_16) H(_20) N(_4)]; 1,5-di (2'-chloroacetoxy)-3,3-dimethyl-2,4- diphenyl-3-silapentane [C(_22)H(_26)O(_4) CI(_2) Si]

Foundations of secure computation

Issued as Workshop proceedings and Final report, Project no. G-36-61

Factors Influencing Customer Satisfaction towards E-shopping in Malaysia

Online shopping or e-shopping has changed the world of business and quite a few people have decided to work with these features. What their primary concerns precisely and the responses from the globalisation are the competency of incorporation while doing their businesses. E-shopping has also increased substantially in Malaysia in recent years. The rapid increase in the e-commerce industry in Malaysia has created the demand to emphasize on how to increase customer satisfaction while operating in the e-retailing environment. It is very important that customers are satisfied with the website, or else, they would not return. Therefore, a crucial fact to look into is that companies must ensure that their customers are satisfied with their purchases that are really essential from the ecommerce’s point of view. With is in mind, this study aimed at investigating customer satisfaction towards e-shopping in Malaysia. A total of 400 questionnaires were distributed among students randomly selected from various public and private universities located within Klang valley area. Total 369 questionnaires were returned, out of which 341 questionnaires were found usable for further analysis. Finally, SEM was employed to test the hypotheses. This study found that customer satisfaction towards e-shopping in Malaysia is to a great extent influenced by ease of use, trust, design of the website, online security and e-service quality. Finally, recommendations and future study direction is provided. Keywords: E-shopping, Customer satisfaction, Trust, Online security, E-service quality, Malaysia

Proceedings of the Seventh Congress of the European Society for Research in Mathematics Education

International audienceThis volume contains the Proceedings of the Seventh Congress of the European Society for Research in Mathematics Education (ERME), which took place 9-13 February 2011, at Rzeszñw in Poland

Whole-Chip ESD CAD Tools and Scalable ESD Device Modeling Methodology

Electrostatic discharge (ESD) failure is a major reliability problem to integrated circuits (IC). On-chip ESD protection is mandatory for all IC chips to protect against any possible ESD damages. Therefore, Whole-chip ESD protection circuit simulation is essential to chip-level ESD protection design synthesis, optimization, verification and prediction. Today, trial-and-error approaches still dominate in practical ESD circuit designs due to lack of full-chip ESD simulation tools and accurate ESD device modeling technique.This thesis reports a new chip-level ESD CAD tool, which can accurately extract ESD devices from layout files, generate an ESD netlist, simulate ESD discharge function at chip level and conduct full-chip ESD zapping test simulation. This CAD tool is designed with several unique algorithms and a smart ESD parametric checking mechanism, which takes full consideration of ESD protection operation principles. Therefore, this new CAD tool is different from existing simple ESD spacing and bus resistance checking approaches, and can achieve whole-chip ESD protection verification and prediction. The CAD tool consists of three modules: an ESD device extraction module , an ESD design inspection module and an ESD zapping test module . The ESD extraction module can accurately extract arbitrary ESD protection structures at full chip level. Decomposed-based subgraph isomorphism algorithm is used for ESD device extraction to improve time efficiency. The ESD design inspection module serves to remove non-critical ESD devices extracted based upon a novel smart parametric checking mechanism. The ESD zapping test module is developed to perform complex ESD protection zapping test simulation using Dijkstra's algorithm to resolve the problem of finding the critical ESD discharging path at chip level. The new ESD CAD tool was verified at full chip level using ESD protection designs implemented in 0.35µm BiCMOS technology. ESD device models were reported for traditional diode and MOSFET type ESD structures. However, due to complex ESD behaviors, particularly the electro-thermal-process-device-circuit-layout coupling effects, the existing ESD models have limited accuracy in describing complex ESD physics and coupling effects, such as thermal boundary condition and snapback I-V behavior.This thesis presents a new scalable ESD behavioral modeling technique, which uses Verilog-A to develop accurate ESD behavior models for various ESD protection structures, such as novel nano crossbar ESD protection structures, novel 3D field-programmable ESD protection structures using SONOS and NCD ESD devices, silicon controlled rectifier (SCR) based ESD protection structures, HV diode and SCR ESD protection structures, 28nm CMOS gated diode and DTSCR ESD protection structures. The new scalable ESD behavior modeling technique was fully verified by SPICE circuit simulation and transmission line pulse (TLP) ESD testing, which will enable whole-chip ESD circuit design optimization and verification. Flip chip technique using ball grid ball (BGA) pad-ring arrays is a popular technology for small footprint chips used in size-sensitive electronics. However, ESD protection design for ICs using large BGA pad-ring array is an emerging challenge since where to place an ESD structure becomes a real layout design problem. This thesis reports design of a BGA pad-ring array with different ESD metal routing for a visible light communication (VLC) transceiver implemented in 180nm BCD technology at whole-chip level. The ESD structures and their ESD-critical parameters, and the ESD metal bus resistance were extracted by our ESD Extractor CAD tool. The new ESD behavior modeling technique was used to model the ESD structures. The extraction and modeling was validated by SPICE simulation and TLP testing for different ESD metal routing