481 research outputs found

    Configuration Management of Distributed Systems over Unreliable and Hostile Networks

    Get PDF
    Economic incentives of large criminal profits and the threat of legal consequences have pushed criminals to continuously improve their malware, especially command and control channels. This thesis applied concepts from successful malware command and control to explore the survivability and resilience of benign configuration management systems. This work expands on existing stage models of malware life cycle to contribute a new model for identifying malware concepts applicable to benign configuration management. The Hidden Master architecture is a contribution to master-agent network communication. In the Hidden Master architecture, communication between master and agent is asynchronous and can operate trough intermediate nodes. This protects the master secret key, which gives full control of all computers participating in configuration management. Multiple improvements to idempotent configuration were proposed, including the definition of the minimal base resource dependency model, simplified resource revalidation and the use of imperative general purpose language for defining idempotent configuration. Following the constructive research approach, the improvements to configuration management were designed into two prototypes. This allowed validation in laboratory testing, in two case studies and in expert interviews. In laboratory testing, the Hidden Master prototype was more resilient than leading configuration management tools in high load and low memory conditions, and against packet loss and corruption. Only the research prototype was adaptable to a network without stable topology due to the asynchronous nature of the Hidden Master architecture. The main case study used the research prototype in a complex environment to deploy a multi-room, authenticated audiovisual system for a client of an organization deploying the configuration. The case studies indicated that imperative general purpose language can be used for idempotent configuration in real life, for defining new configurations in unexpected situations using the base resources, and abstracting those using standard language features; and that such a system seems easy to learn. Potential business benefits were identified and evaluated using individual semistructured expert interviews. Respondents agreed that the models and the Hidden Master architecture could reduce costs and risks, improve developer productivity and allow faster time-to-market. Protection of master secret keys and the reduced need for incident response were seen as key drivers for improved security. Low-cost geographic scaling and leveraging file serving capabilities of commodity servers were seen to improve scaling and resiliency. Respondents identified jurisdictional legal limitations to encryption and requirements for cloud operator auditing as factors potentially limiting the full use of some concepts

    Chatbots for Modelling, Modelling of Chatbots

    Full text link
    Tesis Doctoral inédita leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Ingeniería Informática. Fecha de Lectura: 28-03-202

    Exploring annotations for deductive verification

    Get PDF

    Economic and Social Consequences of the COVID-19 Pandemic in Energy Sector

    Get PDF
    The purpose of the Special Issue was to collect the results of research and experience on the consequences of the COVID-19 pandemic for the energy sector and the energy market, broadly understood, that were visible after a year. In particular, the impact of COVID-19 on the energy sector in the EU, including Poland, and the US was examined. The topics concerned various issues, e.g., the situation of energy companies, including those listed on the stock exchange, mining companies, and those dealing with renewable energy. The topics related to the development of electromobility, managerial competences, energy expenditure of local government units, sustainable development of energy, and energy poverty during a pandemic were also discussed

    A computational design decision support tool for material waste minimisation during architectural design

    Full text link
    Construction activities and building materials contribute to around 40% of global carbon emissions. Existing research shows that architectural design decisions about geometry and materials can significantly influence a project's building material waste extent. However, architects currently have limited means to understand the waste implications of their formal and material decisions while they are designing. Computational design tools offer ways to integrate material waste estimates into architectural design processes to make such information more accessible to architects while they are designing and in the early stages of the design process. Accordingly, this research investigates and develops a computational design tool to assist architects with understanding the relationship between design decisions and material waste estimates to influence waste minimisation 'at the source' in early-stage design. To do this, the research has adopted a computational design research approach to create and prototype a material waste estimation and optimisation tool that can be integrated into a 3D modelling environment and used by architects in early-stage design. To inform the development of the waste tool, the research also collected qualitative data using interviews about how architects perceive the issue of material waste and current waste mitigation methods adopted in their building projects in an Australian context. The interview findings were used to inform the iterative workflow design of the waste tool. The waste tool prototype operates by connecting to an external material database, mapping material selections to a 3D model using a material layout algorithm, calculating material waste offcut quantities (residual waste), and generating optimisation outputs. The performance of the prototype has been evaluated using architectural documentation for a number of multi-unit residential buildings provided by an architectural organisation. The research demonstrates that the waste tool prototype can visualise the problem of waste in a 3D environment and in relation to architecture design models and generate optimisation suggestions. Enabling architects and designers to engage with a material waste optimisation tool in the early design stage aims to foster awareness of zero material waste targets by providing actionable opportunities for material reduction

    A conceptual framework for uncertainty in software systems and its application to software architectures

    Get PDF
    The development and operation of a software system involve many aspects including processes, artefacts, infrastructure and environments. Most of these aspects are vulnerable to uncertainty. Thus, the identification, representation and management of uncertainty in software systems is important and will be of interest to many stakeholders in software systems. The hypothesis of this work is that such consideration would benefit from an underlying conceptual framework that allows stakeholders to characterise, analyse and mitigate uncertainties. This PhD proposes a framework to provide a generic foundation for the systematic and explicit consideration of uncertainty in software systems by consolidating and extending existing approaches to dealing with uncertainty, which are typically tailored to specific domains or artefacts. The thesis applies the framework to software architectures, which are fundamental in determining the structure, behaviour and qualities of software systems and are thus suited to serve as an exemplar artefact. The framework is evaluated using the software architectures of case studies from 3 different domains. The contributions of the research to the study of uncertainty in software systems include a literature review of approaches to managing uncertainty in software architecture, a review of existing work on uncertainty frameworks related to software systems, a conceptual framework for uncertainty in software systems, a conceptualisation of the workbench infrastructure as a basis for building an uncertainty consideration workbench of tools for representing uncertainty as part of software architecture descriptions, and an evaluation of the uncertainty framework using three software architecture case studies

    Specificity of the innate immune responses to different classes of non-tuberculous mycobacteria

    Get PDF
    Mycobacterium avium is the most common nontuberculous mycobacterium (NTM) species causing infectious disease. Here, we characterized a M. avium infection model in zebrafish larvae, and compared it to M. marinum infection, a model of tuberculosis. M. avium bacteria are efficiently phagocytosed and frequently induce granuloma-like structures in zebrafish larvae. Although macrophages can respond to both mycobacterial infections, their migration speed is faster in infections caused by M. marinum. Tlr2 is conservatively involved in most aspects of the defense against both mycobacterial infections. However, Tlr2 has a function in the migration speed of macrophages and neutrophils to infection sites with M. marinum that is not observed with M. avium. Using RNAseq analysis, we found a distinct transcriptome response in cytokine-cytokine receptor interaction for M. avium and M. marinum infection. In addition, we found differences in gene expression in metabolic pathways, phagosome formation, matrix remodeling, and apoptosis in response to these mycobacterial infections. In conclusion, we characterized a new M. avium infection model in zebrafish that can be further used in studying pathological mechanisms for NTM-caused diseases

    DICO Toolkit for Digital Career Stories

    Get PDF
    Digital Career Stories – Opening new career paths for arts and culture students, or DICO for short, has been a 2-year-long pedagogical development project. Its main objective was to develop innovative narrative and arts- and design-based methods that together form the Digital Career Story methodology introduced in this toolkit. Through the methodology developed, the project aimed to encourage reflection and self-reflection skills in higher education students, along with their digital and creative skills, and to help them build professional identities and design career paths, as well as enhancing their resilience, self-efficacy and self-esteem. The specific target group of the project was students of arts and culture subjects, but the pedagogical methods can just as well be used with other higher education students. The DICO project was the joint effort of a consortium of five European universities: Turku University of Applied Sciences (TUAS), Finland (as the applicant and coordinator of the project), University of Macerata (UniMC), Italy, Staffordshire University (SU), United Kingdom, Moholy-Nagy University of Art and Design (MOME), Hungary, and the Technical University of Dublin (TU Dublin), Ireland. The project was funded by the Erasmus+ programme and lasted from March 2021 to February 2023.The DICO Toolkit contains the project results in the form of a handbook intended for lecturers, counsellors and mentors in Higher Education Institutions (HEIs), and for cultural and creative organisations and professionals. It aims to provide both theoretical frameworks and practical tools for developing art-based methodologies with HEI students in the arts and culture. The book is structured into three sections – Theories and methodologies, Implementing creative methods, and Project evaluation and further resources – and concludes with an Appendix

    Flexible Hardware-based Security-aware Mechanisms and Architectures

    Get PDF
    For decades, software security has been the primary focus in securing our computing platforms. Hardware was always assumed trusted, and inherently served as the foundation, and thus the root of trust, of our systems. This has been further leveraged in developing hardware-based dedicated security extensions and architectures to protect software from attacks exploiting software vulnerabilities such as memory corruption. However, the recent outbreak of microarchitectural attacks has shaken these long-established trust assumptions in hardware entirely, thereby threatening the security of all of our computing platforms and bringing hardware and microarchitectural security under scrutiny. These attacks have undeniably revealed the grave consequences of hardware/microarchitecture security flaws to the entire platform security, and how they can even subvert the security guarantees promised by dedicated security architectures. Furthermore, they shed light on the sophisticated challenges particular to hardware/microarchitectural security; it is more critical (and more challenging) to extensively analyze the hardware for security flaws prior to production, since hardware, unlike software, cannot be patched/updated once fabricated. Hardware cannot reliably serve as the root of trust anymore, unless we develop and adopt new design paradigms where security is proactively addressed and scrutinized across the full stack of our computing platforms, at all hardware design and implementation layers. Furthermore, novel flexible security-aware design mechanisms are required to be incorporated in processor microarchitecture and hardware-assisted security architectures, that can practically address the inherent conflict between performance and security by allowing that the trade-off is configured to adapt to the desired requirements. In this thesis, we investigate the prospects and implications at the intersection of hardware and security that emerge across the full stack of our computing platforms and System-on-Chips (SoCs). On one front, we investigate how we can leverage hardware and its advantages, in contrast to software, to build more efficient and effective security extensions that serve security architectures, e.g., by providing execution attestation and enforcement, to protect the software from attacks exploiting software vulnerabilities. We further propose that they are microarchitecturally configured at runtime to provide different types of security services, thus adapting flexibly to different deployment requirements. On another front, we investigate how we can protect these hardware-assisted security architectures and extensions themselves from microarchitectural and software attacks that exploit design flaws that originate in the hardware, e.g., insecure resource sharing in SoCs. More particularly, we focus in this thesis on cache-based side-channel attacks, where we propose sophisticated cache designs, that fundamentally mitigate these attacks, while still preserving performance by enabling that the performance security trade-off is configured by design. We also investigate how these can be incorporated into flexible and customizable security architectures, thus complementing them to further support a wide spectrum of emerging applications with different performance/security requirements. Lastly, we inspect our computing platforms further beneath the design layer, by scrutinizing how the actual implementation of these mechanisms is yet another potential attack surface. We explore how the security of hardware designs and implementations is currently analyzed prior to fabrication, while shedding light on how state-of-the-art hardware security analysis techniques are fundamentally limited, and the potential for improved and scalable approaches
    • …
    corecore