951 research outputs found
UMSL Bulletin 2023-2024
The 2023-2024 Bulletin and Course Catalog for the University of Missouri St. Louis.https://irl.umsl.edu/bulletin/1088/thumbnail.jp
UMSL Bulletin 2022-2023
The 2022-2023 Bulletin and Course Catalog for the University of Missouri St. Louis.https://irl.umsl.edu/bulletin/1087/thumbnail.jp
Security considerations in the open source software ecosystem
Open source software plays an important role in the software supply chain, allowing stakeholders to
utilize open source components as building blocks in their software, tooling, and infrastructure. But
relying on the open source ecosystem introduces unique challenges, both in terms of security and trust,
as well as in terms of supply chain reliability.
In this dissertation, I investigate approaches, considerations, and encountered challenges of stakeholders in the context of security, privacy, and trustworthiness of the open source software supply
chain. Overall, my research aims to empower and support software experts with the knowledge and
resources necessary to achieve a more secure and trustworthy open source software ecosystem. In the
first part of this dissertation, I describe a research study investigating the security and trust practices
in open source projects by interviewing 27 owners, maintainers, and contributors from a diverse set
of projects to explore their behind-the-scenes processes, guidance and policies, incident handling, and
encountered challenges, finding that participants’ projects are highly diverse in terms of their deployed
security measures and trust processes, as well as their underlying motivations. More on the consumer
side of the open source software supply chain, I investigated the use of open source components in
industry projects by interviewing 25 software developers, architects, and engineers to understand their
projects’ processes, decisions, and considerations in the context of external open source code, finding
that open source components play an important role in many of the industry projects, and that most
projects have some form of company policy or best practice for including external code. On the side of
end-user focused software, I present a study investigating the use of software obfuscation in Android
applications, which is a recommended practice to protect against plagiarism and repackaging. The
study leveraged a multi-pronged approach including a large-scale measurement, a developer survey, and
a programming experiment, finding that only 24.92% of apps are obfuscated by their developer, that
developers do not fear theft of their own apps, and have difficulties obfuscating their own apps. Lastly,
to involve end users themselves, I describe a survey with 200 users of cloud office suites to investigate
their security and privacy perceptions and expectations, with findings suggesting that users are generally
aware of basic security implications, but lack technical knowledge for envisioning some threat models.
The key findings of this dissertation include that open source projects have highly diverse security
measures, trust processes, and underlying motivations. That the projects’ security and trust needs are
likely best met in ways that consider their individual strengths, limitations, and project stage, especially
for smaller projects with limited access to resources. That open source components play an important
role in industry projects, and that those projects often have some form of company policy or best
practice for including external code, but developers wish for more resources to better audit included
components.
This dissertation emphasizes the importance of collaboration and shared responsibility in building and maintaining the open source software ecosystem, with developers, maintainers, end users,
researchers, and other stakeholders alike ensuring that the ecosystem remains a secure, trustworthy, and
healthy resource for everyone to rely on
Dependability for declarative mechanisms: neural networks in autonomous vehicles decision making.
Despite being introduced in 1958, neural networks appeared in numerous applications of different fields in the last decade. This change was possible thanks to the reduced costs of computing power required for deep neural networks, and increasing available data that provide examples for training sets. The 2012 ImageNet image classification competition is often used as a example to describe how neural networks became at this time good candidates for applications: during this competition a neural network based solution won for the first time. In the following editions, all winning solutions were based on neural networks. Since then, neural networks have shown great results in several non critical applications (image recognition, sound recognition, text analysis, etc...). There is a growing interest to use them in critical applications as their ability to generalize makes them good candidates for applications such as autonomous vehicles, but standards do not allow that yet.
Autonomous driving functions are currently researched by the industry with the final objective of producing in the near future fully autonomous vehicles, as defined by the fifth level of the SAE international (Society of Automotive Engineers) classification. Autonomous driving process is usually decomposed into four different parts: the where sensors get information from the environment, the where the data from the different sensors is merged into one representation of the environment, the that uses the representation of the environment to decide what should be the vehicles behavior and the commands to send to the actuators and finally the part that implements these commands. In this thesis, following the interest of the company Stellantis, we will focus on the decision part of this process, considering neural network based solution.
Automotive being a safety critical application, it is required to implement and ensure the dependability of the systems, and this is why neural networks use is not allowed at the moment: their lack of safety forbid their use in such applications. Dependability methods for classical software systems are well known, but neural networks do not have yet similar dependable mechanisms to guarantee their trust. This problem is due to several reasons, among them the difficulty to test applications with a quasi-infinite operational domain and whose functions are hard to define exhaustively in the specifications. Here we can find the motivation of this thesis: how can we ensure the dependability of neural networks in the context of decision for autonomous vehicles?
Research is now being conducted on the topic of dependability and safety of neural networks with several approaches being considered and our research is motivated by the great potential in safety critical applications mentioned above. In this thesis, we will focus on one category of method that seems to be a good candidate to ensure the dependability of neural networks by solving some of the problems of testing: the formal verification for neural networks. These methods aim to prove that a neural network respects a safety property on an entire range of its input and output domains. Formal verification is already used in other domains and is seen as a trusted method to give confidence in a system, but it remains for the moment a research topic for neural networks with currently no industrial applications.
The main contributions of this thesis are the following: a proposal of a characterization of neural network from a software development perspective, and a corresponding classification of their faults, errors and failures, the identification of a potential threat to the use of formal verification. This threat is the erroneous neural network model problem, that may lead to trust a formally validated safety property that does not hold in real life, the realization of an experiment that implements a formal verification for neural networks in an autonomous driving application that is to the best of our knowledge the closest to industrial use. For this application, we chose to work with an ACC (Adaptive Cruise Control) function, which is an autonomous driving function that performs the longitudinal control of a vehicle. The experiment is conducted with the use of a simulator and a neural network formal verification tool. The other contributions of the thesis are the following: theoretical example of the erroneous neural network model problem and a practical example in our autonomous driving experiment, a proposal of detection and recovery mechanisms as a solution to the erroneous model problem mentioned above, an implementation of these detection and recovery mechanisms in our autonomous driving experiment and a discussion about difficulties and possible processes for the implementation of formal verification for neural networks that we developed during our experiments
Recommended from our members
Sonic heritage: listening to the past
History is so often told through objects, images and photographs, but the potential of sounds to reveal place and space is often neglected. Our research project ‘Sonic Palimpsest’1 explores the potential of sound to evoke impressions and new understandings of the past, to embrace the sonic as a tool to understand what was, in a way that can complement and add to our predominant visual understandings. Our work includes the expansion of the Oral History archives held at Chatham Dockyard to include women’s voices and experiences, and the creation of sonic works to engage the public with their heritage. Our research highlights the social and cultural value of oral history and field recordings in the transmission of knowledge to both researchers and the public. Together these recordings document how buildings and spaces within the dockyard were used and experienced by those who worked there. We can begin to understand the social and cultural roles of these buildings within the community, both past and present
A Behavioural Decision-Making Framework For Agent-Based Models
In the last decades, computer simulation has become one of the mainstream modelling techniques in many scientific fields. Social simulation with Agent-based Modelling (ABM) allows users to capture higher-level system properties that emerge from the interactions of lower-level subsystems. ABM is itself an area of application of Distributed Artificial Intelligence and Multiagent Systems (MAS). Despite that, researchers using ABM for social science studies do not fully benefit from the development in the field of MAS. It is mainly because the MAS architectures and frameworks are built upon cognitive and computer science foundations and principles, creating a gap in concepts and methodology between the two fields. Building agent frameworks based on behaviour theory is a promising direction to minimise this gap. It can provide a standard practice in interdisciplinary teams and facilitate better usage of MAS technological advancement in social research. From our survey, Triandis' Theory of Interpersonal Behaviour (TIB) was chosen due to its broad set of determinants and inclusion of an additive value function to calculate utility values of different outcomes. As TIB's determinants can be organised in a tree-like structure, we utilise layered architectures to formalise the agent's components. The additive function of TIB is then used to combine the utilities of different level determinants. The framework is then applied to create models for different case studies from various domains to test its ability to explain the importance of multiple behavioural aspects and environmental properties. The first case study simulates the mobility demand for Swiss households. We propose an experimental method to test and investigate the impact of core determinants in the TIB on the usage of different transportation modes. The second case study presents a novel solution to simulate trust and reputation by applying subjective logic as a metric to measure an agent's belief about the consequence(s) of action, which can be updated through feedback. The third case study investigates the possibility of simulating bounded rationality effects in an agent's decision-making scheme by limiting its capability of perceiving information. In the final study, a model is created to simulate migrants' choice of activities in centres by applying our framework in conjunction with Maslow's hierarchy of needs. The experiment can then be used to test the impact of different combinations of core determinants on the migrants' activities. Overall, the design of different components in our framework enables adaptations for various contexts, including transportation modal choice, buying a vehicle or daily activities. Most of the work can be done by changing the first-level determinants in the TIB's model based on the phenomena simulated and the available data. Several environmental properties can also be considered by extending the core components or employing other theoretical assumptions and concepts from the social study. The framework can then serve the purpose of theoretical exposition and allow the users to assess the causal link between the TIB's determinants and behaviour output. This thesis also highlights the importance of data collection and experimental design to capture better and understand different aspects of human decision-making
Fighting the dark side:a scoping review of dark pattern mitigation
Abstract. As technology plays an ever-greater role in the everyday life of people, during the last decade there has been a rising concern about designers using their knowledge of human behaviour to design interfaces that trick users into doing things against their best interest. These design patterns are known as dark patterns, and the human-computer interaction and design communities have condemned their use. Informed by research, lawmakers have also started to form regulations against them. This thesis aimed to first introduce what the current state of dark pattern research is, and then answer the research question of how the usage of dark patterns could be mitigated. To answer the research question, a literature review in the form of scoping review was conducted. In scoping review, 28 articles that considered dark pattern mitigation were found to be relevant to the research question. Thematic analysis was used as a qualitative analysis method to identify common themes in articles. As a result, dark pattern mitigation tactics could be divided into seven different themes: company actions and economic value, regulating dark patterns, raising public awareness, tools for users, designing for the well-being of users, educating designers and developers, and enhancing dark pattern research. Mitigation tactics or propositions were then introduced in more detail under these themes. The results of the scoping review demonstrate that there is no one specific weapon to be used in the fight against dark patterns. On the contrary, different techniques from different fields need to be used together to effectively identify and mitigate dark patterns
An Investigation of Evaluation Approaches for Dietary Digital Interventions for Improving Children's Dietary Intake
To help promote healthier eating practises in children, Public Health England launched the Change4Life Food Scanner app, which provides nutritional feedback on barcode scanned products. The aim of this thesis was to develop a framework for evaluating dietary digital interventions (DDI) in improving 4-11 year old children's dietary intake.
A narrative review (Chapter 2) and content analysis of behaviour change techniques (BCTs) within the Food Scanner app (Chapter 3) were conducted to increase understanding of DDI mechanisms of behaviour change. A systematic review (Chapter 4), and stakeholder engagement (Chapter 5) explored the methodological approaches, and generated recommendations, to evaluating (cost) effectiveness of DDIs within a child population. Results informed aspects of a pilot randomised controlled trial (RCT), with feasibility and acceptability parameters, that evaluated the effectiveness (Chapter 6) and economic and health impacts (Chapter 7) of the app. Food diaries, questionnaires, healthcare resource use, and health-related quality of life measures were analysed in SPSS and STATA, whilst qualitative data was analysed thematically.
There was no preliminary evidence to suggest app (cost) effectiveness in improving diet. RCT methods were considered feasible, however improved alternatives are discussed. Four recommendations for the development and evaluation of DDIs emerged. Firstly, the effectiveness of DDIs is constrained by aspects of the current food system; DDIs should form part of broader interventions to achieve food system shifts. Secondly, in the light of difficulties in generating evidence of long-term intervention effects, economic modelling may be a solution to implementing empirical evaluations. Thirdly, the app can be improved through BCT and content development. Finally, app evolution and iterative evaluation processes should be embedded within evaluation frameworks to aid DDI developments.
Results can be used to aid DDI developments targeting child outcomes. Results can additionally support future evaluations of DDIs by demonstrating feasible approaches, alongside suggestions for improved methodologies
Application of knowledge management principles to support maintenance strategies in healthcare organisations
Healthcare is a vital service that touches people's lives on a daily basis by providing treatment and
resolving patients' health problems through the staff. Human lives are ultimately dependent on the skilled
hands of the staff and those who manage the infrastructure that supports the daily operations of the
service, making it a compelling reason for a dedicated research study. However, the UK healthcare sector
is undergoing rapid changes, driven by rising costs, technological advancements, changing patient
expectations, and increasing pressure to deliver sustainable healthcare. With the global rise in healthcare
challenges, the need for sustainable healthcare delivery has become imperative. Sustainable healthcare
delivery requires the integration of various practices that enhance the efficiency and effectiveness of
healthcare infrastructural assets. One critical area that requires attention is the management of
healthcare facilities.
Healthcare facilitiesis considered one of the core elements in the delivery of effective healthcare services,
as shortcomings in the provision of facilities management (FM) services in hospitals may have much more
drastic negative effects than in any other general forms of buildings. An essential element in healthcare
FM is linked to the relationship between action and knowledge. With a full sense of understanding of
infrastructural assets, it is possible to improve, manage and make buildings suitable to the needs of users
and to ensure the functionality of the structure and processes.
The premise of FM is that an organisation's effectiveness and efficiency are linked to the physical
environment in which it operates and that improving the environment can result in direct benefits in
operational performance. The goal of healthcare FM is to support the achievement of organisational
mission and goals by designing and managing space and infrastructural assets in the best combination of
suitability, efficiency, and cost. In operational terms, performance refers to how well a building
contributes to fulfilling its intended functions.
Therefore, comprehensive deployment of efficient FM approaches is essential for ensuring quality
healthcare provision while positively impacting overall patient experiences. In this regard, incorporating
knowledge management (KM) principles into hospitals' FM processes contributes significantly to ensuring
sustainable healthcare provision and enhancement of patient experiences. Organisations implementing
KM principles are better positioned to navigate the constantly evolving business ecosystem easily.
Furthermore, KM is vital in processes and service improvement, strategic decision-making, and
organisational adaptation and renewal.
In this regard, KM principles can be applied to improve hospital FM, thereby ensuring sustainable
healthcare delivery. Knowledge management assumes that organisations that manage their
organisational and individual knowledge more effectively will be able to cope more successfully with the challenges of the new business ecosystem. There is also the argument that KM plays a crucial role in
improving processes and services, strategic decision-making, and adapting and renewing an organisation.
The goal of KM is to aid action – providing "a knowledge pull" rather than the information overload most
people experience in healthcare FM. Other motivations for seeking better KM in healthcare FM include
patient safety, evidence-based care, and cost efficiency as the dominant drivers. The most evidence exists
for the success of such approaches at knowledge bottlenecks, such as infection prevention and control,
working safely, compliances, automated systems and reminders, and recall based on best practices. The
ability to cultivate, nurture and maximise knowledge at multiple levels and in multiple contexts is one of
the most significant challenges for those responsible for KM. However, despite the potential benefits,
applying KM principles in hospital facilities is still limited. There is a lack of understanding of how KM can
be effectively applied in this context, and few studies have explored the potential challenges and
opportunities associated with implementing KM principles in hospitals facilities for sustainable healthcare
delivery.
This study explores applying KM principles to support maintenance strategies in healthcare organisations.
The study also explores the challenges and opportunities, for healthcare organisations and FM
practitioners, in operationalising a framework which draws the interconnectedness between healthcare.
The study begins by defining healthcare FM and its importance in the healthcare industry. It then discusses
the concept of KM and the different types of knowledge that are relevant in the healthcare FM sector.
The study also examines the challenges that healthcare FM face in managing knowledge and how the
application of KM principles can help to overcome these challenges. The study then explores the different
KM strategies that can be applied in healthcare FM. The KM benefits include improved patient outcomes,
reduced costs, increased efficiency, and enhanced collaboration among healthcare professionals.
Additionally, issues like creating a culture of innovation, technology, and benchmarking are considered.
In addition, a framework that integrates the essential concepts of KM in healthcare FM will be presented
and discussed.
The field of KM is introduced as a complex adaptive system with numerous possibilities and challenges.
In this context, and in consideration of healthcare FM, five objectives have been formulated to achieve
the research aim. As part of the research, a number of objectives will be evaluated, including appraising
the concept of KM and how knowledge is created, stored, transferred, and utilised in healthcare FM,
evaluating the impact of organisational structure on job satisfaction as well as exploring how cultural
differences impact knowledge sharing and performance in healthcare FM organisations.
This study uses a combination of qualitative methods, such as meetings, observations, document analysis
(internal and external), and semi-structured interviews, to discover the subjective experiences of
healthcare FM employees and to understand the phenomenon within a real-world context and attitudes of healthcare FM as the data collection method, using open questions to allow probing where appropriate
and facilitating KM development in the delivery and practice of healthcare FM.
The study describes the research methodology using the theoretical concept of the "research onion". The
qualitative research was conducted in the NHS acute and non-acute hospitals in Northwest England.
Findings from the research study revealed that while the concept of KM has grown significantly in recent
years, KM in healthcare FM has received little or no attention. The target population was fifty (five FM
directors, five academics, five industry experts, ten managers, ten supervisors, five team leaders and ten
operatives). These seven groups were purposively selected as the target population because they play a
crucial role in KM enhancement in healthcare FM. Face-to-face interviews were conducted with all
participants based on their pre-determined availability. Out of the 50-target population, only 25 were
successfully interviewed to the point of saturation. Data collected from the interview were coded and
analysed using NVivo to identify themes and patterns related to KM in healthcare FM.
The study is divided into eight major sections. First, it discusses literature findings regarding healthcare
FM and KM, including underlying trends in FM, KM in general, and KM in healthcare FM. Second, the
research establishes the study's methodology, introducing the five research objectives, questions and
hypothesis. The chapter introduces the literature on methodology elements, including philosophical views
and inquiry strategies. The interview and data analysis look at the feedback from the interviews. Lastly, a
conclusion and recommendation summarise the research objectives and suggest further research.
Overall, this study highlights the importance of KM in healthcare FM and provides insights for healthcare
FM directors, managers, supervisors, academia, researchers and operatives on effectively leveraging
knowledge to improve patient care and organisational effectiveness
- …