Towards Cybersecurity by Design: A multi-level reference model for requirements-driven smart grid cybersecurity

This paper provides a first step towards a reference model for end-to-end cybersecurity by design in the electricity sector. The envisioned reference model relies, among others, on the integrated consideration of two currently fragmented, but complementary, reference models: NISTIR 7628 and powerLang. As an underlying language architecture of choice, we rely on multi-level modeling, specifically on the Flexible Meta Modeling and Execution Language (FMMLx), as multi-level modeling supports a natural integration across different abstraction levels inherent to reference models. This paper’s contributions are a result of one full consideration of Wieringa’s engineering cycle: for problem investigation, we describe the problems the reference model should address; for treatment design, we contribute the requirements the reference model should fulfill; for treatment implementation, we provide reference model’s fragments implemented in an integrated modeling and programming environment. Finally, for treatment evaluation, we perform expert interviews to check, among others, the artefact’s relevance and utility

The application of computer based instructions in MET

Today-computers had been developed from Charles Babbage\u27s Difference Engine and Herman Hollerith\u27s Tabulating Machine, which were invented many decades ago. The development nowadays is dynamic, both in hardware and software, it makes the prices fall dramatically. It became possible and reasonable for developing countries to use the computers in their MET institutions and start teaching the cadets and officers. I believe that, in one day, microcomputers may take the workload of a tutor in classes in different forms (e.g. full mission-simulators). Microcomputers may also become one of the solutions for the shortage of lecturers. When the institution is furnished with computers, it is important to make sure that computers are used effectively. It is possible that teaching can be enhanced by using CBI (Computer Based Instructions) lessons and by using Computer Managed Learning(CML) systems. There are advantages and disadvantages in CBI use. The teacher should know them how they can affect the students’ learning psychology, so that he or she can avoid demotivation among the students. One should also be aware of computerphobia and should take care of the students who are computerphobic. In designing the CBI lessons, it is important to have the knowledge of the use of text, color, and graphic for presenting information as well as formulating questions and providing feedback. In developing the CBI lessons, aiming at the achievement of creativity and student motivation, one should plan the procedure step by step to minimize the drawbacks. There are eight steps needed to be taken for developing a CBI program. Like in a task analysis, the first step is to define the objectives of the subject that we are going to develop as a CBI program, after correctly selecting the level of the students. Details of the steps are explained in chapter III. It also explains the use of a hand scanner to produce the graphic and text that will be used in the lesson programs. Following the step-by-step procedure, a tutorial program on Lifeboat Equipments has been produced. This is to share my knowledge to the other maritime educators as a practical experience. Even the commercially produced software existing on the market is not perfect for every user nor are the CBI programs or this program. It is a start and is intended to encourage other lecturers in maritime institutions to begin, to develop CBI program. For further development of the teaching environment, we should look forward to using multi-media application packages that may include CD-ROM drive, sound card, video frame grabber card, etc. Updating of knowledge is necessary and this can be done by: (a) reading books, magazines on the computers and applications, and papers from conferences such as IMLA (International Maritime Lecturers’ Association), INSLC (International Navigation Simulator Lecturers’ Conference), (b) participating in regional and international computer associations, and (c) exchanging experiences among the institutes through writing and electronic mail

Activating supply chain business models' value potentials through Systems Engineering

New business opportunities, driven by smart digitalization technology and initiatives such as Industry 4.0, significantly change business models and their innovation rate. The complexity of methodologies developed in recent decades for balancing exploration and exploitation activities of digital transformation has risen. Still, the desired integration levels across organizational levels were often not reached. Systems thinking promises to holistically consider interdisciplinary relationships and objectives of various stakeholders across supply chain ecosystems. Systems theory-based concepts can simultaneously improve value identification and aligned transformation among supply networks' organizational and technical domains. Hence, the study proposes synthesizing management science concepts such as strategic alignment with enterprise architecture concepts and artificial intelligence (AI)-driven business process optimization to increase innovation productivity and master the increasing rate of business dynamics at the same time. Based on a critical review, the study explores concepts for innovation, transformation, and alignment in the context of Industry 4.0. The essence has been compiled into a systems engineering-driven framework for agile value generation on operational processes and high-order capability levels. The approach improves visibility for orchestrating sustainable value flows and transformation activities by considering the ambidexterity of exploring and exploiting activities and the viability of supply chain systems and sub-systems. Finally, the study demonstrates the need to harmonize these concepts into a concise methodology and taxonomy for digital supply chain engineering.OA-hybri

Large-scale educational telecommunications systems for the US: An analysis of educational needs and technological opportunities

The needs to be served, the subsectors in which the system might be used, the technology employed, and the prospects for future utilization of an educational telecommunications delivery system are described and analyzed. Educational subsectors are analyzed with emphasis on the current status and trends within each subsector. Issues which affect future development, and prospects for future use of media, technology, and large-scale electronic delivery within each subsector are included. Information on technology utilization is presented. Educational telecommunications services are identified and grouped into categories: public television and radio, instructional television, computer aided instruction, computer resource sharing, and information resource sharing. Technology based services, their current utilization, and factors which affect future development are stressed. The role of communications satellites in providing these services is discussed. Efforts to analyze and estimate future utilization of large-scale educational telecommunications are summarized. Factors which affect future utilization are identified. Conclusions are presented

Three Essays on Law Enforcement and Emergency Response Information Sharing and Collaboration: An Insider Perspective

This dissertation identifies what may be done to overcome barriers to information sharing among federal, tribal, state, and local law enforcement agencies and emergency responders. Social, technical, and policy factors related to information sharing and collaboration in the law enforcement and emergency response communities are examined. This research improves information sharing and cooperation in this area. Policing in most societies exists in a state of dynamic tension between forces that tend to isolate it and those that tend to integrate its functioning with other social structures (Clark, 1965). Critical incidents and crimes today cross jurisdictions and involve multiple stakeholders and levels. Law enforcement and emergency response agencies at federal, tribal, state, and local levels, including private sector entities, gather information and resources but do not effectively share this with each other. Despite mandates to improve information sharing and cooperation, gaps remain perhaps because there is no clear understanding of what the barriers to information sharing are. Information sharing is examined using a multi-method, primarily qualitative, approach. A model for information sharing is presented that identifies social, technical, and policy factors as influencers. Facets of General Systems Theory, Socio-technical Theory, and Stakeholder Theory (among others) are considered in this context. Information sharing is the subject of the first work of the dissertation: a theoretical piece arguing for use of a conceptual framework consisting of social, technical, and policy factors. Social, technology, and policy factors are investigated in the second essay. That essay introduces a new transformative technology, edgeware, that allows for unprecedented connectivity among devices. Social and policy implications for crisis response are examined in light of having technological barriers to sharing resources reduced. Human and other factors relevant to information sharing and collaboration are further examined through a case study of the Central New York Interoperable Communications Consortium (CNYICC) Network, a five-county collaboration involving law enforcement, public safety, government, and non-government participants. The three included essays have a common focus vis-à-vis information sharing and collaboration in law enforcement and emergency response. The propositions here include: (P1) Information sharing is affected by social, technical, and policy factors, and this conceptualization frames the problem of information sharing in a way that it can be commonly understood by government and non-government stakeholders. The next proposition involves the role of technology, policy, and social systems in information sharing: (P2) Social and policy factors influence information sharing more than technical factors (assuming it is physically possible to connect and/or share). A third proposition investigated is: (P3) Social factors play the greatest role in the creation and sustaining of information sharing relationships. The findings provide a greater understanding of the forces that impact public safety agencies as they consider information sharing and will, it is hoped, lead to identifiable solutions to the problem from a new perspective

Aviation Safety/Automation Program Conference

The Aviation Safety/Automation Program Conference - 1989 was sponsored by the NASA Langley Research Center on 11 to 12 October 1989. The conference, held at the Sheraton Beach Inn and Conference Center, Virginia Beach, Virginia, was chaired by Samuel A. Morello. The primary objective of the conference was to ensure effective communication and technology transfer by providing a forum for technical interchange of current operational problems and program results to date. The Aviation Safety/Automation Program has as its primary goal to improve the safety of the national airspace system through the development and integration of human-centered automation technologies for aircraft crews and air traffic controllers

A sense of self for power side-channel signatures: instruction set disassembly and integrity monitoring of a microcontroller system

Cyber-attacks are on the rise, costing billions of dollars in damages, response, and investment annually. Critical United States National Security and Department of Defense weapons systems are no exception, however, the stakes go well beyond financial. Dependence upon a global supply chain without sufficient insight or control poses a significant issue. Additionally, systems are often designed with a presumption of trust, despite their microelectronics and software-foundations being inherently untrustworthy. Achieving cybersecurity requires coordinated and holistic action across disciplines commensurate with the specific systems, mission, and threat. This dissertation explores an existing gap in low-level cybersecurity while proposing a side-channel based security monitor to support attack detection and the establishment of trusted foundations for critical embedded systems. Background on side-channel origins, the more typical side-channel attacks, and microarchitectural exploits are described. A survey of related side-channel efforts is provided through side-channel organizing principles. The organizing principles enable comparison of dissimilar works across the side-channel spectrum. We find that the maturity of existing side-channel security monitors is insufficient, as key transition to practice considerations are often not accounted for or resolved. We then document the development, maturation, and assessment of a power side-channel disassembler, Time-series Side-channel Disassembler (TSD), and extend it for use as a security monitor, TSD-Integrity Monitor (TSD-IM). We also introduce a prototype microcontroller power side-channel collection fixture, with benefits to experimentation and transition to practice. TSD-IM is finally applied to a notional Point of Sale (PoS) application for proof of concept evaluation. We find that TSD and TSD-IM advance state of the art for side-channel disassembly and security monitoring in open literature. In addition to our TSD and TSD-IM research on microcontroller signals, we explore beneficial side-channel measurement abstractions as well as the characterization of the underlying microelectronic circuits through Impulse Signal Analysis (ISA). While some positive results were obtained, we find that further research in these areas is necessary. Although the need for a non-invasive, on-demand microelectronics-integrity capability is supported, other methods may provide suitable near-term alternatives to ISA