Efficient Contact State Graph Generation for Assembly Applications

An important aspect in the design of many automated assembly strategies is the ability to automatically generate the set of contact states that may occur during an assembly task. In this paper, we present an efficient means of constructing the set of all geometrically feasible contact states that may occur within a bounded set of misalignments (bounds determined by robot inaccuracy). This set is stored as a graph, referred to as an Assembly Contact State Graph (ACSG), which indicates neighbor relationships between feasible states. An ACSG is constructed without user intervention in two stages. In the first stage, all hypothetical primitive principle contacts (PPCs; all contact states allowing 5 degrees of freedom) are evaluated for geometric feasibility with respect to part-imposed and robot-imposed restrictions on relative positioning (evaluated using optimization). In the second stage, the feasibility of each of the various combinations of PPCs is efficiently evaluated, first using topological existence and uniqueness criteria, then using part-imposed and robot-imposed geometric criteria

Reinforcement learning for efficient network penetration testing

Penetration testing (also known as pentesting or PT) is a common practice for actively assessing the defenses of a computer network by planning and executing all possible attacks to discover and exploit existing vulnerabilities. Current penetration testing methods are increasingly becoming non-standard, composite and resource-consuming despite the use of evolving tools. In this paper, we propose and evaluate an AI-based pentesting system which makes use of machine learning techniques, namely reinforcement learning (RL) to learn and reproduce average and complex pentesting activities. The proposed system is named Intelligent Automated Penetration Testing System (IAPTS) consisting of a module that integrates with industrial PT frameworks to enable them to capture information, learn from experience, and reproduce tests in future similar testing cases. IAPTS aims to save human resources while producing much-enhanced results in terms of time consumption, reliability and frequency of testing. IAPTS takes the approach of modeling PT environments and tasks as a partially observed Markov decision process (POMDP) problem which is solved by POMDP-solver. Although the scope of this paper is limited to network infrastructures PT planning and not the entire practice, the obtained results support the hypothesis that RL can enhance PT beyond the capabilities of any human PT expert in terms of time consumed, covered attacking vectors, accuracy and reliability of the outputs. In addition, this work tackles the complex problem of expertise capturing and re-use by allowing the IAPTS learning module to store and re-use PT policies in the same way that a human PT expert would learn but in a more efficient way

Robust Procedures for Obtaining Assembly Contact State Extremal Configurations

Two important components in the selection of an admittance that facilitates force-guided assembly are the identification of: 1) the set of feasible contact states, and 2) the set of configurations that span each contact state, i.e., the extremal configurations. We present a procedure to automatically generate both sets from CAD models of the assembly parts. In the procedure, all possible combinations of principle contacts are considered when generating hypothesized contact states. The feasibility of each is then evaluated in a genetic algorithm based optimization procedure. The maximum and minimum value of each of the 6 configuration variables spanning each contact state are obtained by again using genetic algorithms. Together, the genetic algorithm approach, the hierarchical data structure containing the states, the relationships among the states, and the extremals within each state are used to provide a reliable means of identifying all feasible contact states and their associated extremal configurations

IAVS: Intelligent Active Network Vulnerability Scanner

Network security needs to be assured through runtime active evaluating and assessment. However, active vulnerability scanners suffer from serious deficiencies such as heavy scan traffic during the reconnaissance phase, uncertainty in the environment, and heavy reliance on experts. Generating a blind heavy load of attack packets not only causes usage of network resources, but it also increases the probability of detection by target defense systems and causes failure in finding vulnerabilities. Furthermore, environmental uncertainty increases pointless attempts of vulnerability scanners, which wastes time. Utilizing a decision-making method devised for uncertainty conditions, we present Intelligent Active Network Vulnerability Scanner (IAVS). IAVS is implemented as an extension on Hail Mary, the automatic execution mechanism in the Metasploit toolkit. IAVS learns from previous vulnerability exploitation attempts to select exploit codes purposefully. IAVS not only reduces the role of experts in the process of vulnerability testing, but it also decreases the volume of scanning requests during the reconnaissance phase by integrating the reconnaissance and exploitation phases. Our experimental results indicate a successful decrease in failed attempts. It is also demonstrated that improvements in the results of IAVS correspond directly to the rate of similarity among different vulnerabilities in systems of the target network; that is, the higher the similarity, the better the results of IAVS. Our experiments compared the results of IAVS and those of Hail Mary without the IAVS extension; these results show that IAVS improved Hail Marys successful attempts by around 37%.

Efficient and Risk-Aware Control of Electricity Distribution Grids

This article presents an economic model predictive control (EMPC) algorithm for reducing losses and increasing the resilience of medium-voltage electricity distribution grids characterized by high penetration of renewable energy sources and possibly subject to natural or malicious adverse events. The proposed control system optimizes grid operations through network reconfiguration, control of distributed energy storage systems (ESSs), and on-load tap changers. The core of the EMPC algorithm is a nonconvex optimization problem integrating the ESSs dynamics, the topological and power technical constraints of the grid, and the modeling of the cascading effects of potential adverse events. An equivalent (i.e., having the same optimal solution) proxy of the nonconvex problem is proposed to make the solution more tractable. Simulations performed on a 16-bus test distribution network validate the proposed control strategy

Artificial Intelligence for Resilience in Smart Grid Operations

Today, the electric power grid is transforming into a highly interconnected network of advanced technologies, equipment, and controls to enable a smarter grid. The growing complexity of smart grid requires resilient operation and control. Power system resilience is defined as the ability to harden the system against and quickly recover from high-impact, low-frequency events. The introduction of two-way flows of information and electricity in the smart grid raises concerns of cyber-physical attacks. Proliferated penetration of renewable energy sources such as solar photovoltaic (PV) and wind power introduce challenges due to the high variability and uncertainty in generation. Unintentional disruptions and power system component outages have become a threat to real-time power system operations. Recent extreme weather events and natural disasters such as hurricanes, storms, and wildfires demonstrate the importance of resilience in the power system. It is essential to find solutions to overcome these challenges in maintaining resilience in smart grid. In this dissertation, artificial intelligence (AI) based approaches have been developed to enhance resilience in smart grid. Methods for optimal automatic generation control (AGC) have been developed for multi-area multi-machine power systems. Reliable AI models have been developed for predicting solar irradiance, PV power generation, and power system frequencies. The proposed short-horizon AI prediction models ranging from few seconds to a minute plus, outperform the state-of-art persistence models. The AI prediction models have been applied to provide situational intelligence for power system operations. An enhanced tie-line bias control in a multi-area power system for variable and uncertain environments has been developed with predicted PV power and bus frequencies. A distributed and parallel security-constrained optimal power flow (SCOPF) algorithm has been developed to overcome the challenges in solving SCOPF problem for large power networks. The methods have been developed and tested on an experimental laboratory platform consisting of real-time digital simulators, hardware/software phasor measurement units, and a real-time weather station

The approaches to quantify web application security scanners quality: A review

The web application security scanner is a computer program that assessed web application security with penetration testing technique. The benefit of automated web application penetration testing is huge, which web application security scanner not only reduced the time, cost, and resource required for web application penetration testing but also eliminate test engineer reliance on human knowledge. Nevertheless, web application security scanners are possessing weaknesses of low test coverage, and the scanners are generating inaccurate test results. Consequently, experimentations are frequently held to quantitatively quantify web application security scanner's quality to investigate the web application security scanner's strengths and limitations. However, there is a discovery that neither a standard methodology nor criterion is available for quantifying the web application security scanner's quality. Hence, in this paper systematic review is conducted and analysed the methodology and criterion used for quantifying web application security scanners' quality. In this survey, the experiment methodologies and criterions that had been used to quantify web application security scanner's quality is classified and review using the preferred reporting items for systematic reviews and meta-analyses (PRISMA) protocol. The objectives are to provide practitioners with the understanding of methodologies and criterions that available for measuring web application security scanners' test coverage, attack coverage, and vulnerability detection rate, while provides the critical hint for development of the next testing framework, model, methodology, or criterions, to measure web application security scanner quality