Mechanical, Electronic Design and Implementation of a CanSaT

This Bachelor’s Thesis is addressed for developing an improved CanSat aimed to become the new kit used on the CanSat Competition organized by the ESA. The improvements are meant not only for improving the kit’s efficiency but also to make a well-informed instruction manual as a way to get students to comprehend better the device’s hardware. By understanding this hardware, they will be getting a closer look of the Aerospace world. It should be remarked that the Open CanSat kit, designed by Czech engineers, is a kit used in the ESA CanSat competition in all Europe. Therefore, our final and most ambitious goal is to develop a kit that would substitute the Czech kit and ideally used by all European Competitors. The main purpose of this project is developing an improved CanSat kit able to compete in the market with a already-existing Czech CanSat kit. This kit will be composed of two differentiated blocks: a transmitter which will be introduced on the CanSat ”can” and launched for measuring several parameters (temperature,pressure,etc) and a receiver which will be on the ground receiving the measures taken by the transmitter. Note that the transmitter will be composed of three differentiated PCBs while the receiver will be composed of only one PCB. The development and implementation of this project is performed following a Reverse Engineering method giving realism and getting the student closer to professional techniques, widely recognized in the job market. Furthermore, the complexity and multidisciplinary scope of this Bachelor’s Thesis allows covering not only the different specialties of the Bachelor’s degree in Telecommunication Engineering but also acquiring knowledge and transverse abilities from other fields of the Engineering, such as Mechanical engineering field. Besides specific software of each of the mentioned areas, advanced techniques of machining (aluminum milling), manufacturing (solder reflow) or characterization of different devices (lithium batteries, antennas...) among others, have been analyzed and applied. The result of the exposed culminates with the obtainment of a complete and functional CanSat kit, which provides a more economic and efficient solution to the already used Open CanSat kit designed by the Czech engineers. Moreover, this Bachelor’s Thesis is aimed to demonstrate the knowledge acquired by the author during the degree’s academic years exhibiting the acquired knowledge about electronic and PCB design and firmware implementation (using RTOS instead of a SuperLoop architecture p.e). It should also be a proof of the student’s abilities to handle tools such as Altium Designer® 19, SolidWorks®, VS Code, PlatformIO, VNA and a In-Circuit Debugger. Even though we aim for developing a functional product, it would be a great success if the knowledge acquired during this project surpass the basic-knowledge acquired during the academic years at the expense of not having a complete functional product. Consequently, we are not focusing so much on having a ready to commercialize product (it is a long shot that would take more time than the one we have for developing this Bachelor Thesis) but in compacting all the knowledge acquired during the five years of university as well as gain the necessary skills that an engineer should have before starting to work on any company.Este Trabajo de Fin de Grado tiene como objetivo el desarrollo de un CanSat mejorado destinado a convertirse en el nuevo kit utilizado en el CanSat Competition organizado por la ESA. Las mejoras están destinadas no solo a mejorar la eficiencia del kit, sino también a crear un manual de instrucciones bien informado como una forma de que los estudiantes comprendan mejor el hardware del dispositivo. Al comprender este Hardware (HW), podrán ver más de cerca el mundo aeroespacial. Cabe destacar que el kit Open CanSat, diseñado por ingenieros checos, es un kit utilizado en la competición ESA CanSat en toda Europa. Por lo tanto, nuestro objetivo final y más ambicioso es desarrollar un kit que sustituya al kit checo y que sea idealmente utilizado por todos los competidores europeos. El objetivo principal de este proyecto es desarrollar un kit CanSat mejorado capaz de competir en el mercado con un kit CanSat checo ya existente. Este kit estará compuesto por dos bloques diferenciados: un transmisor que se introducirá en la "lata" del CanSat y se lanzará para medir varios parámetros (temperatura, presión, etc) y un receptor que estará en tierra recibiendo las medidas tomadas por el transmisor. Tengase en cuenta que el transmisor estará compuesto por tres PCB diferentes, mientras que el receptor estará compuesto por una única PCB. El desarrollo e implementación de este proyecto se ha realizado siguiendo un proceso de Ingeniería Inversa dando realismo y acercando al alumno a técnicas profesionales, ampliamente reconocidas en el mercado laboral. Además, la complejidad y alcance multidisciplinar de esta Tesis de Grado permite abarcar no solo las diferentes especialidades del Grado en Ingeniería de Telecomunicación sino también adquirir conocimientos y habilidades transversales de otros campos de la Ingeniería, como el campo de la Ingeniería Mecánica. Además del software específico de cada una de las áreas mencionadas, se han analizado y aplicado técnicas avanzadas de mecanizado (fresado de aluminio), fabricación (reflujo de soldadura) o caracterización de diferentes dispositivos (baterías de litio, antenas ...) entre otros. El resultado de lo expuesto culmina con la obtención de un completo y funcional kit CanSat, que aporta una solución más económica y eficiente al ya utilizado kit Open CanSat diseñado por los ingenieros checos. Además, este Trabajo de Fin de Grado tiene como objetivo demostrar los conocimientos adquiridos por la autora durante los años académicos delgrado, mostrando los conocimientos adquiridos sobre el diseño electrónico y de PCBs y la implementación de software (utilizando RTOS en lugar de una arquitectura SuperLoop p.e). También debe ser una prueba de las habilidades del estudiante para manejar herramientas como Altium Designer® 19, SolidWorks®, VS Code, PlatformIO, VNA and a In-Circuit Debugger. Si bien nuestro objetivo es desarrollar un producto funcional, sería un gran éxito si los conocimientos adquiridos durante este proyecto superan los conocimientos básicos adquiridos durante los cursos académicos a costa de no tener un producto funcional completo. En consecuencia, no nos estamos enfocando tanto en tener un producto listo para comercializar (es una posibilidad remota que llevaría más tiempo que el que tenemos para desarrollar este Trabajo de Fin de Grado) sino en compactar todos los conocimientos adquiridos durante los cinco años de universidad, así como adquirir las habilidades necesarias que debe tener una ingeniera antes de comenzar a trabajar en cualquier empresa

E-commerce security enhancement and anomaly intrusion detection using machine learning techniques

With the fast growth of the Internet and the World Wide Web, security has become a major concern of many organizations, enterprises and users. Criminal attacks and intrusions into computer and information systems are spreading quickly and they can come from anywhere on the globe. Intrusion prevention measures, such as user authentication, firewalls and cryptography have been used as the first line of defence to protect computer and information systems from intrusions. As intrusion prevention alone may not be sufficient in a highly dynamic environment, such as the Internet, intrusion detection has been used as the second line of defence against intrusions. However, existing cryptography-based intrusion prevention measures implemented in software, have problems with the protection of long-term private keys and the degradation of system performance. Moreover, the security of these software-based intrusion prevention measures depends on the security of the underlying operating system, and therefore they are vulnerable to threats caused by security flaws of the underlying operating system. On the other hand, existing anomaly intrusion detection approaches usually produce excessive false alarms. They also lack in efficiency due to high construction and maintenance costs. In our approach, we employ the "defence in depth" principle to develop a solution to solve these problems. Our solution consists of two lines of defence: preventing intrusions at the first line and detecting intrusions at the second line if the prevention measures of the first line have been penetrated. At the first line of defence, our goal is to develop an encryption model that enhances communication and end-system security, and improves the performance of web-based E-commerce systems. We have developed a hardware-based RSA encryption model to address the above mentioned problems of existing software-based intrusion prevention measures. The proposed hardware-based encryption model is based on the integration of an existing web-based client/server model and embedded hardware-based RSA encryption modules. DSP embedded hardware is selected to develop the proposed encryption model because of its advanced security features and high processing capability. The experimental results showed that the proposed DSP hardware-based RSA encryption model outperformed the software-based RSA implementation running on Pentium 4 machines that have almost double clock speed of the DSP's clock speed at large RSA encryption keys. At the second line of defence, our goal is to develop an anomaly intrusion detection model that improves the detection accuracy, efficiency and adaptability of existing anomaly detection approaches. Existing anomaly detection systems are not effective as they usually produce excessive false alarms. In addition, several anomaly detection approaches suffer a serious efficiency problem due to high construction costs of the detection profiles. High construction costs will eventually reduce the applicability of these approaches in practice. Furthermore, existing anomaly detection systems lack in adaptability because no mechanisms are provided to update their detection profiles dynamically, in order to adapt to the changes of the behaviour of monitored objects. We have developed a model for program anomaly intrusion detection to address these problems. The proposed detection model uses a hidden Markov model (HMM) to characterize normal program behaviour using system calls. In order to increase the detection rate and to reduce the false alarm rate, we propose two detection schemes: a two-layer detection scheme and a fuzzy-based detection scheme. The two-layer detection scheme aims at reducing false alarms by applying a double-layer test on each sequence of test traces of system calls. On the other hand, the fuzzy-based detection scheme focuses on further improving the detection rate, as well as reducing false alarms. It employs the fuzzy inference to combine multiple sequence information to correctly determine the sequence status. The experimental results showed that the proposed detection schemes reduced false alarms by approximately 48%, compared to the normal database scheme. In addition, our detection schemes generated strong anomaly signals for all tested traces, which in turn improve the detection rate. We propose an HMM incremental training scheme with optimal initialization to address the efficiency problem by reducing the construction costs, in terms of model training time and storage demand. Unlike the HMM batch training scheme, which updates the HMM model using the complete training set, our HMM incremental training scheme incrementally updates the HMM model using one training subset at a time, until convergence. The experimental results showed that the proposed HMM incremental training scheme reduced training time four-fold, compared to the HMM batch training, based on the well-known Baum-Welch algorithm. The proposed training scheme also reduced storage demand substantially, as the size of each training subset is significantly smaller than the size of the complete training set. We also describe our complete model for program anomaly detection using system calls in chapter 8. The complete model consists of two development stages: training stage and testing stage. In the training stage, an HMM model and a normal database are constructed to represent normal program behaviour. In addition, fuzzy sets and rules are defined to represent the space and combined conditions of the sequence parameters. In the testing stage, the HMM model and the normal database, are used to generate the sequence parameters which are used as the input for the fuzzy inference engine to evaluate each sequence of system calls for anomalies and possible intrusions. The proposed detection model also provides a mechanism to update its detection profile (the HMM model and the normal database) using online training data. This makes the proposed detection model up-to-date, and therefore, maintains the detection accuracy