Development of an in-field tree imaging system : a thesis presented in partial fulfilment of the requirements for the degree of Master of Technology at Massey University

Quality inventory information is essential for optimal resource utilisation in the forestry industry. In-field tree imaging is a method which has been proposed to improve the preharvest inventor assessment of standing trees. It involves the application of digital imaging technology to this task. The method described generates a three dimensional model of each tree through the capture of two orthogonal images from ground level. The images are captured and analysed using the "TreeScan" in-field tree imaging system. This thesis describes the design, development, and evaluation of the TreeScan system. The thesis can also be used as a technical reference for the system and as such contains appropriate technical and design detail. The TreeScan system consists of a portable computer, a custom designed high resolution scanner with integral microcontroller, a calibration rod, and custom designed processing software. Images of trees are captured using the scanner which contains a CCD line scan camera and a precision scanning mechanism. Captured images are analysed on the portable computer using customised image processing software to estimate real world tree dimensions and shape. The TreeScan system provides quantitative estimates of five tree parameters; height, sweep, stem diameter, branch diameter, and feature separation such as internodal distance. In addition to these estimates a three dimensional model is generated which can be further processed to determine the optimal stem breakdown into logs

COST Action IC 1402 ArVI: Runtime Verification Beyond Monitoring -- Activity Report of Working Group 1

This report presents the activities of the first working group of the COST Action ArVI, Runtime Verification beyond Monitoring. The report aims to provide an overview of some of the major core aspects involved in Runtime Verification. Runtime Verification is the field of research dedicated to the analysis of system executions. It is often seen as a discipline that studies how a system run satisfies or violates correctness properties. The report exposes a taxonomy of Runtime Verification (RV) presenting the terminology involved with the main concepts of the field. The report also develops the concept of instrumentation, the various ways to instrument systems, and the fundamental role of instrumentation in designing an RV framework. We also discuss how RV interplays with other verification techniques such as model-checking, deductive verification, model learning, testing, and runtime assertion checking. Finally, we propose challenges in monitoring quantitative and statistical data beyond detecting property violation

Chip and Skim: cloning EMV cards with the pre-play attack

EMV, also known as "Chip and PIN", is the leading system for card payments worldwide. It is used throughout Europe and much of Asia, and is starting to be introduced in North America too. Payment cards contain a chip so they can execute an authentication protocol. This protocol requires point-of-sale (POS) terminals or ATMs to generate a nonce, called the unpredictable number, for each transaction to ensure it is fresh. We have discovered that some EMV implementers have merely used counters, timestamps or home-grown algorithms to supply this number. This exposes them to a "pre-play" attack which is indistinguishable from card cloning from the standpoint of the logs available to the card-issuing bank, and can be carried out even if it is impossible to clone a card physically (in the sense of extracting the key material and loading it into another card). Card cloning is the very type of fraud that EMV was supposed to prevent. We describe how we detected the vulnerability, a survey methodology we developed to chart the scope of the weakness, evidence from ATM and terminal experiments in the field, and our implementation of proof-of-concept attacks. We found flaws in widely-used ATMs from the largest manufacturers. We can now explain at least some of the increasing number of frauds in which victims are refused refunds by banks which claim that EMV cards cannot be cloned and that a customer involved in a dispute must therefore be mistaken or complicit. Pre-play attacks may also be carried out by malware in an ATM or POS terminal, or by a man-in-the-middle between the terminal and the acquirer. We explore the design and implementation mistakes that enabled the flaw to evade detection until now: shortcomings of the EMV specification, of the EMV kernel certification process, of implementation testing, formal analysis, or monitoring customer complaints. Finally we discuss countermeasures