PLC Code Vulnerabilities Through SCADA Systems

Supervisory Control and Data Acquisition (SCADA) systems are widely used in automated manufacturing and in all areas of our nation\u27s infrastructure. Applications range from chemical processes and water treatment facilities to oil and gas production and electric power generation and distribution. Current research on SCADA system security focuses on the primary SCADA components and targets network centric attacks. Security risks via attacks against the peripheral devices such as the Programmable Logic Controllers (PLCs) have not been sufficiently addressed. Our research results address the need to develop PLC applications that are correct, safe and secure. This research provides an analysis of software safety and security threats. We develop countermeasures that are compatible with the existing PLC technologies. We study both intentional and unintentional software errors and propose methods to prevent them. The main contributions of this dissertation are: 1). Develop a taxonomy of software errors and attacks in ladder logic 2). Model ladder logic vulnerabilities 3). Develop security design patterns to avoid software vulnerabilities and incorrect practices 4). Implement a proof of concept static analysis tool which detects the vulnerabilities in the PLC code and recommend corresponding design patterns

Making Graphic Management Models Smarter

In management, graphic models are an undervalued and poorly used form of theory-building and communication that should be treated with the same rigor that is commonly demanded of text. Graphic models are highly effective for depicting and explaining organizational complexity when designed appropriately. Using two mutual influence models in accountability as an example, we point out common flaws in modelling, and suggest guidelines on how to make graphic models smarter

Deep Static Modeling of invokedynamic

Java 7 introduced programmable dynamic linking in the form of the invokedynamic framework. Static analysis of code containing programmable dynamic linking has often been cited as a significant source of unsoundness in the analysis of Java programs. For example, Java lambdas, introduced in Java 8, are a very popular feature, which is, however, resistant to static analysis, since it mixes invokedynamic with dynamic code generation. These techniques invalidate static analysis assumptions: programmable linking breaks reasoning about method resolution while dynamically generated code is, by definition, not available statically. In this paper, we show that a static analysis can predictively model uses of invokedynamic while also cooperating with extra rules to handle the runtime code generation of lambdas. Our approach plugs into an existing static analysis and helps eliminate all unsoundness in the handling of lambdas (including associated features such as method references) and generic invokedynamic uses. We evaluate our technique on a benchmark suite of our own and on third-party benchmarks, uncovering all code previously unreachable due to unsoundness, highly efficiently

Efficient analysis and storage of large-scale genomic data

The impending advent of population-scaled sequencing cohorts involving tens of millions of individuals with matched phenotypic measurements will produce unprecedented volumes of genetic data. Storing and analysing such gargantuan datasets places computational performance at a pivotal position in medical genomics. In this thesis, I explore the potential for accelerating and parallelizing standard genetics workflows, file formats, and algorithms using both hardware-accelerated vectorization, parallel and distributed algorithms, and heterogeneous computing. First, I describe a novel bit-counting operation termed the positional population-count, which can be used together with succinct representations and standard efficient operations to accelerate many genetic calculations. In order to enable the use of this new operator and the canonical population count on any target machine I developed a unified low-level library using CPU dispatching to select the optimal method contingent on the available instruction set architecture and the given input size at run-time. As a proof-of-principle application, I apply the positional population-count operator to computing quality control-related summary statistics for terabyte-scaled sequencing readsets with >3,800-fold speed improvements. As another application, I describe a framework for efficiently computing the cardinality of set intersection using these operators and applied this framework to efficiently compute genome-wide linkage-disequilibrium in datasets with up to 67 million samples resulting in up to >60-fold improvements in speed for dense genotypic vectors and up to >250,000-fold savings in memory and >100,000-fold improvement in speed for sparse genotypic vectors. I next describe a framework for handling the terabytes of compressed output data and describe graphical routines for visualizing long-range linkage-disequilibrium blocks as seen over many human centromeres. Finally, I describe efficient algorithms for storing and querying very large genetic datasets and specialized algorithms for the genotype component of such datasets with >10,000-fold savings in memory compared to the current interchange format.Wellcome Trus

Study of a navigation and traffic control technique employing satellites. Volume 3 - User hardware Interim report

User hardware configurations and requirements for navigation and air traffic control technique using satellite

Linking engagement and performance: The social network analysis perspective

Theories developed by Tinto and Nora identify academic performance, learning gains, and involvement in learning communities as significant facets of student engagement that, in turn, support student persistence. Collaborative learning environments, such as those employed in the Modeling Instruction introductory physics course, provide structure for student engagement by encouraging peer-to-peer interactions. Because of the inherently social nature of collaborative learning, we examine student interactions in the classroom using network analysis. We use centrality---a family of measures that quantify how connected or "central" a particular student is within the classroom network---to study student engagement longitudinally. Bootstrapped linear regression modeling shows that students' centrality predicts future academic performance over and above prior GPA for three out of four centrality measures tested. In particular, we find that closeness centrality explains 28 % more of the variance than prior GPA alone. These results confirm that student engagement in the classroom is critical to supporting academic performance. Furthermore, we find that this relationship for social interactions does not emerge until the second half of the semester, suggesting that classroom community develops over time in a meaningful way