Operating System Support for Redundant Multithreading

Failing hardware is a fact and trends in microprocessor design indicate that the fraction of hardware suffering from permanent and transient faults will continue to increase in future chip generations. Researchers proposed various solutions to this issue with different downsides: Specialized hardware components make hardware more expensive in production and consume additional energy at runtime. Fault-tolerant algorithms and libraries enforce specific programming models on the developer. Compiler-based fault tolerance requires the source code for all applications to be available for recompilation. In this thesis I present ASTEROID, an operating system architecture that integrates applications with different reliability needs. ASTEROID is built on top of the L4/Fiasco.OC microkernel and extends the system with Romain, an operating system service that transparently replicates user applications. Romain supports single- and multi-threaded applications without requiring access to the application's source code. Romain replicates applications and their resources completely and thereby does not rely on hardware extensions, such as ECC-protected memory. In my thesis I describe how to efficiently implement replication as a form of redundant multithreading in software. I develop mechanisms to manage replica resources and to make multi-threaded programs behave deterministically for replication. I furthermore present an approach to handle applications that use shared-memory channels with other programs. My evaluation shows that Romain provides 100% error detection and more than 99.6% error correction for single-bit flips in memory and general-purpose registers. At the same time, Romain's execution time overhead is below 14% for single-threaded applications running in triple-modular redundant mode. The last part of my thesis acknowledges that software-implemented fault tolerance methods often rely on the correct functioning of a certain set of hardware and software components, the Reliable Computing Base (RCB). I introduce the concept of the RCB and discuss what constitutes the RCB of the ASTEROID system and other fault tolerance mechanisms. Thereafter I show three case studies that evaluate approaches to protecting RCB components and thereby aim to achieve a software stack that is fully protected against hardware errors

Critical Infrastructures You Can Trust: Where Telecommunications Fits

This paper discusses two NISs: the public telephone network (PTN) and the Internet. Being themselves large and complex NISs, they not only merit study in their own right but can help us to understand some of the technical problems faced by the developers and operators of other NISs. In addition, the high cost of building a global communications infrastructure from the ground up implies that one or both of these two networks is likely to furnish communications services for most other NISs. Therefore, an understanding of the vulnerabilties of the PTN and Internet informs the assessment of the trustworthiness of other NISs. Ideas for improving the trustworthiness of the PTN and Internet are also proposed, both for the short-term (by improved use of existing technologies and procedures) and for the long-term (by identifying some areas where the state-of-the-art is inadequate and research is therefore needed). Finally, some observations are offered about Internet telephony and the use of the Internet for critical infrastructures

A Universal Cybersecurity Competency Framework for Organizational Users

The global reliance on the Internet to facilitate organizational operations necessitates further investments in organizational information security. Such investments hold the potential for protecting information assets from cybercriminals. To assist organizations with their information security, The National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NCWF) was created. The framework referenced the cybersecurity work, knowledge, and skills required to competently complete the tasks that strengthen their information security. Organizational users’ limited cybersecurity competency contributes to the financial and information losses suffered by organizations year after year. While most organizational users may be able to respond positively to a cybersecurity threat, without a measure of their cybersecurity competency they represent a cybersecurity threat to organizations. The main goal of this research study was to develop a universal Cybersecurity Competency Framework (CCF) to determine the demonstrated cybersecurity Knowledge, Skills, and Tasks (KSTs) through the NCWF (NICE, 2017) as well as identify the cybersecurity competency of organizational users. Limited attention has been given in cybersecurity research to determine organizational users’ cybersecurity competency. An expert panel of cybersecurity professionals known as Subject Matter Experts (SMEs) validated the cybersecurity KSTs necessary for the universal CCF. The research study utilized the explanatory sequential mixed-method approach to develop the universal CCF. This research study included a developmental approach combining quantitative and qualitative data collection in three research phases. In Phase 1, 42 SMEs identified the KSTs needed for the universal CCF. The results of the validated data from Phase 1 were inputted to construct the Phase 2 semi-structured interview. In Phase 2, qualitative data were gathered from 12 SMEs. The integration of the quantitative and qualitative data validated the KSTs. In Phase 3, 20 SMEs validated the KST weights and identified the threshold level. Phase 3 concluded with the SMEs\u27 aggregation of the KST weights into the universal CCF index. The weights assigned by the SMEs in Phase 3 showed that they considered knowledge as the most important competency, followed by Skills, then Tasks. The qualitative results revealed that training is needed for cybersecurity tasks. Phase 3 data collection and analysis continued with the aggregation of the validated weights into a single universal CCF index score. The SMEs determined that 72% was the threshold level. The findings of this research study significantly contribute to the body of knowledge on information systems and have implications for practitioners and academic researchers. It appears this is the only research study to develop a universal CCF to assess the organizational user’s competency and create a threshold level. The findings also offer further insights into what organizations need to provide cybersecurity training to their organizational users to enable them to competently mitigate cyber-attacks

RISKS IDENTIFICATION AND MITIGATION IN UAV APPLICATIONS DEVELOPMENT PROJECTS

With the recent advances in aircraft technologies, software, sensors, and communications, Unmanned Aerial Vehicles (UAVs) can offer a wide range of applications. UAVs can play important roles in applications, such as search and rescue, situation awareness in natural disasters, environmental monitoring, and perimeter surveillance. Developing UAV applications involves integrating hardware, software, sensors, and communication components with the UAV’s base system. UAV applications development projects are complex because of the various development stages and the integration complexity of high component. This research addresses the business and technical challenges encountered by UAV applications development and Project Management (PM). It identifies the risks associated with UAV applications development and compares various risk mitigation and management techniques that can be used. The study also investigates the role of Knowledge Management (KM) in reducing and managing risks. Furthermore, this study proposes a KM framework that reduces risks in UAV applications development projects. In addition, the proposed framework relies on KM and text mining techniques to enhance the efficiency of executing these projects

NFV Platforms: Taxonomy, Design Choices and Future Challenges

Due to the intrinsically inefficient service provisioning in traditional networks, Network Function Virtualization (NFV) keeps gaining attention from both industry and academia. By replacing the purpose-built, expensive, proprietary network equipment with software network functions consolidated on commodity hardware, NFV envisions a shift towards a more agile and open service provisioning paradigm. During the last few years, a large number of NFV platforms have been implemented in production environments that typically face critical challenges, including the development, deployment, and management of Virtual Network Functions (VNFs). Nonetheless, just like any complex system, such platforms commonly consist of abounding software and hardware components and usually incorporate disparate design choices based on distinct motivations or use cases. This broad collection of convoluted alternatives makes it extremely arduous for network operators to make proper choices. Although numerous efforts have been devoted to investigating different aspects of NFV, none of them specifically focused on NFV platforms or attempted to explore their design space. In this paper, we present a comprehensive survey on the NFV platform design. Our study solely targets existing NFV platform implementations. We begin with a top-down architectural view of the standard reference NFV platform and present our taxonomy of existing NFV platforms based on what features they provide in terms of a typical network function life cycle. Then we thoroughly explore the design space and elaborate on the implementation choices each platform opts for. We also envision future challenges for NFV platform design in the incoming 5G era. We believe that our study gives a detailed guideline for network operators or service providers to choose the most appropriate NFV platform based on their respective requirements. Our work also provides guidelines for implementing new NFV platforms

Knowledge Management and Law Enforcement: An Examination of Knowledge Management Strategies of the Police Information System (POLNET) in the Turkish National Police

This research study explores knowledge management (KM) in law enforcement, focusing on the POLNET system established by the Turkish National Police as a knowledge-sharing tool. This study employs a qualitative case study for exploratory and descriptive purposes. The qualitative data set came from semi-structured face-to-face and telephone interviews, as well as self-administered e-mail questionnaires. The sample was composed of police administrators who created POLNET, working under the Department of Information Technologies and the Department of Communication. A content analysis method is used to analyze the data. This study finds that law enforcement organizations' KM strategies have several differences from Handzic and Zhou's integrated KM model. Especially, organizational culture and structure of law enforcement agencies differently affect knowledge creation, conversion, retrieval, and sharing processes. Accordingly, this study offers a new model which is dynamic and suggests that outcomes always affect drivers

Smart Borders or a Humane World?

On January 20, 2021, his first day in office, President Biden issued an executive order pausing the remaining construction of the southern border wall initiated during the Trump administration. Soon after, the White House sent a bill to Congress, the US Citizenship Act of 2021, calling for the deployment of "smart technology" to "manage and secure the southern border."This report delves into the rhetoric of "smart borders" to explore their ties to a broad regime of border policing and exclusion that greatly harms migrants and refugees who either seek or already make their home in the United States. Investment in an approach centered on border and immigrant policing, it argues, is incompatible with the realization of a just and humane world.The report concludes by arguing that we must move beyond a narrow debate limited to "hard" versus "smart" borders toward a discussion of how we can move toward a world where all people have the support needed to lead healthy, secure, and vibrant lives. A just border policy would ask questions such as: How do we help create conditions that allow people to stay in the places they call home, and to thrive wherever they reside? When people do have to move, how can we ensure they are able to do so safely? When we take these questions as our starting point, we realize that it is not enough to fix a "broken" system. Rather, we need to reimagine the system entirely

Information and communication technologies for knowledge management processes in the public sector in Kenya : a case study of the State Department of Infrastructure

Information and Communication Technologies (ICTs) are considered facilitators of knowledge management processes in organizations. This study investigated ICTs for knowledge management processes at the State Department of Infrastructure in Kenya. The study’s objectives were to: establish the level of knowledge management awareness, find out knowledge management processes, identify types of ICTs used for knowledge management processes, and identify challenges experienced by State Department of Infrastructure in the use of ICTs for knowledge management processes. The study findings were determined after applying a qualitative research approach and a case study research design. A purposive sampling technique was used to select 21 participants who were heads of sections at the State Department of Infrastructure in Kenya. Data were collected through semi-structured interviews, analyzed and interpreted thematically according to the objectives of the study. Findings of the study revealed that most participants were aware of the meanings of the concepts of knowledge and knowledge management, types of knowledge and importance of knowledge management in the department. Knowledge management processes in the State Department of Infrastructure entail knowledge creation, codification, retention, sharing and storage. ICTs mostly used for knowledge management processes in the department include: emails, mobile phones, desktop computers, computer servers, and flash disks. The department is faced with the challenges of lack of knowledge management strategies, policies and adequate staff awareness on the use of ICTs for knowledge management processes. In conclusion, the State Department of Infrastructure has a functional ICT infrastructure. However, the department is not using ICTs provided by this study’s Web 2.0 driven SECI model for knowledge management processes such as blogs, wikis, LinkedIn, Facebook, and Twitter. The study therefore proposes that the State Department of Infrastructure should increase its use of Web 2.0 technologies, collaborative content systems and e-learning technologies. The department should also digitize its records; automate its library services; set up intranet, and adopt a centralized knowledge-based system. Further, Public Service Commission of Kenya should formulate a knowledge management strategy and policy to guide on the use of ICTs for knowledge management processes. This strategy and policy can then be cascaded to public sector organizations such as the State Department of Infrastructure.Information ScienceM.A. (Information Science