An evaluation of security threats and vulnerabilities to a national key point : case study of Medupi Power Station

The theft of copper cable and working tools at Medupi Power Station is a serious concern. The aim of this study was to explore the occurrence of security threats and vulnerabilities at Medupi Power Stations as a National Key Point. An explorative qualitative research was used. Eighteen participants were selected purposefully. The data were collected using in-depth, semi-structured interviews conducted by telephone and tape recorder. Data were analysed using thematic data analysis. It was revealed that the common modus operandi used by thieves includes the smuggling of stolen goods, including copper. Among the causes of security threats and vulnerabilities are a lack of manpower to perform essential security functions. It is recommended that the theft of copper cable and working tools be prevented and various suggestions are provided. Future research should focus on addressing top management and management responsible for security to play a role in security functions and ensure that sufficient budget is allocated to the security functions.Security Risk ManagementM. Tech. (Security Management

Building disaster resilience within the Emirati energy sector and its infrastructure through a comprehensive strategic mitigation plan

The energy sector dominates in the United Arab Emirates (UAE) and consists of various assets - electricity, oil and natural gas - that are geographically dispersed and connected by systems and networks. The protection of these systems and assets within the energy sector, especially the safeguarding of the oil and gas infrastructure from any internal and external threats, should become a top priority in the UAE. Threats to geopolitical and economic stability that need to be considered and prepared for include tectonic activity, climate change, nuclear energy, terrorism and war. The aim of this research is to develop a framework to enhance the resilience of the UAE’s critical energy infrastructure facilities through a strategic disaster mitigation plan.The philosophy of this research is interpretivism. The research approach is inductive, whilst the research strategy is case study. The secondary data was taken from various academic and professional sources whilst the primary data collection included questionnaires and semi-structured interviews. Three facilities were selected for this research and they were electricity generating plants using gas - one in Abu Dhabi, one in Dubai and one in Sharjah. In total 100 questionnaires were distributed, out of which 42 were answered by energy sector workers (20 from Abu Dhabi, 15 from Dubai and 7 from Sharjah). Respondents of the questionnaire discussed issues such as energy sector preparedness, vulnerability and barriers to be overcome. Respondents believed that while the energy sector is best prepared for terrorism, extreme heat, and health and safety related accidents, it is ill prepared when it comes to facing natural hazards. The risk of terrorism was thought to be the greatest vulnerability. In addition, a total of 9 semi-structured interviews were conducted with Emirati energy sector managers who discussed the questionnaire responses and proposed further solutions to the concerns raised.This thesis provides important practical knowledge and makes a contribution to the provision of advice and methodological steps, derived from fieldwork, when it comes to developing a strategic mitigation plan and communicating it to the energy sector. It provides key information that could be used to improve the design and structure of current educational and professional programmes undertaken by individuals in the2disaster sector. The thesis provides tools for qualitatively evaluating the various threats and vulnerabilities faced by the UAE and acts as a platform for change.In terms of theoretical contributions, this research represents the first of its kind that engages both workers and managers in the Emirati energy sector. This gives academics and professionals unique insights into some of the significant problems that have become latent and perhaps would have continued unnoticed but require more comprehensive investigation. The study has specific implications for policy and practices within energy organisations operating in such settings, not to mention the way disaster is viewed

Software doping – Theory and detection

Software is doped if it contains a hidden functionality that is intentionally included by the manufacturer and is not in the interest of the user or society. This thesis complements this informal definition by a set of formal cleanness definitions that characterise the absence of software doping. These definitions reflect common expectations on clean software behaviour and are applicable to many types of software, from printers to cars to discriminatory AI systems. We use these definitions to propose white-box and black-box analysis techniques to detect software doping. In particular, we present a provably correct, model-based testing algorithm that is intertwined with a probabilistic-falsification-based test input selection technique. We identify and explain how to overcome the challenges that are specific to real-world software doping tests and analyses. The most prominent example of software doping in recent years is the Diesel Emissions Scandal. We demonstrate the strength of our cleanness definitions and analysis techniques by applying them to emission cleaning systems of diesel cars. All our car related research is unified in a Car Data Platform. The mobile app LolaDrives is one building block of this platform; it supports conducting real-driving emissions tests and provides feedback to the user in how far a trip satisfies driving conditions that are defined by official regulations.Software ist gedopt wenn sie eine versteckte Funktionalität enthält, die vom Hersteller beabsichtigt ist und deren Existenz nicht im Interesse des Benutzers oder der Gesellschaft ist. Die vorliegende Arbeit ergänzt diese nicht formale Definition um eine Menge von Cleanness-Definitionen, die die Abwesenheit von Software Doping charakterisieren. Diese Definitionen spiegeln allgemeine Erwartungen an "sauberes" Softwareverhalten wider und sie sind auf viele Arten von Software anwendbar, vom Drucker über Autos bis hin zu diskriminierenden KI-Systemen. Wir verwenden diese Definitionen um sowohl white-box, als auch black-box Analyseverfahren zur Verfügung zu stellen, die in der Lage sind Software Doping zu erkennen. Insbesondere stellen wir einen korrekt bewiesenen Algorithmus für modellbasierte Tests vor, der eng verflochten ist mit einer Test-Input-Generierung basierend auf einer Probabilistic-Falsification-Technik. Wir identifizieren Hürden hinsichtlich Software-Doping-Tests in der echten Welt und erklären, wie diese bewältigt werden können. Das bekannteste Beispiel für Software Doping in den letzten Jahren ist der Diesel-Abgasskandal. Wir demonstrieren die Fähigkeiten unserer Cleanness-Definitionen und Analyseverfahren, indem wir diese auf Abgasreinigungssystem von Dieselfahrzeugen anwenden. Unsere gesamte auto-basierte Forschung kommt in der Car Data Platform zusammen. Die mobile App LolaDrives ist eine Kernkomponente dieser Plattform; sie unterstützt bei der Durchführung von Abgasmessungen auf der Straße und gibt dem Fahrer Feedback inwiefern eine Fahrt den offiziellen Anforderungen der EU-Norm der Real-Driving Emissions entspricht