Additive manufacturing applications in Defence Support Services: current practices and framework for implementation

This research investigates through a systems approach, “Additive Manufacturing” (AM) applications in “Defence Support Services” (DS2). AM technology is gaining increasing interest by DS2 providers, given its ability of rapid, delocalised and flexible manufacturing. From a literature review and interviews with industrial and academic experts, it is apparent that there is a lack of research on AM applications in DS2. This paper’s contribution is represented by the following which has been validated extensively by industrial and academic experts: (1) DS2 current practices conceptual models, (2) a framework for AM implementation and (3) preliminary results of a next generation DS2 based on AM. To carry out the research, a Soft System Methodology was adopted. Results from the research increased the confidence of the disruptive potential of AM within the DS2 context. The main benefits outlined are (1) an increased support to the availability given a reduced response time, (2) reduced supply chain complexity given only supplies of raw materials such as powder and wire, (3) reduced platform inventory levels, providing more space and (4) reduced delivery time of the component as the AM can be located near to the point of use. Nevertheless, more research has to be carried out to quantify the benefits outlined. This requirement provides the basis for the future research work which consists in developing a software tool (based on the framework) for experimentation purpose which is able to dynamically simulate different scenarios and outline data on availability, cost and time of service delivered

Automated intrusion recovery for web applications

Thesis (Ph. D.)--Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2013.Cataloged from PDF version of thesis.Includes bibliographical references (pages 93-97).In this dissertation, we develop recovery techniques for web applications and demonstrate that automated recovery from intrusions and user mistakes is practical as well as effective. Web applications play a critical role in users' lives today, making them an attractive target for attackers. New vulnerabilities are routinely found in web application software, and even if the software is bug-free, administrators may make security mistakes such as misconfiguring permissions; these bugs and mistakes virtually guarantee that every application will eventually be compromised. To clean up after a successful attack, administrators need to find its entry point, track down its effects, and undo the attack's corruptions while preserving legitimate changes. Today this is all done manually, which results in days of wasted effort with no guarantee that all traces of the attack have been found or that no legitimate changes were lost. To address this problem, we propose that automated intrusion recovery should be an integral part of web application platforms. This work develops several ideas-retroactive patching, automated UI replay, dependency tracking, patch-based auditing, and distributed repair-that together recover from past attacks that exploited a vulnerability, by retroactively fixing the vulnerability and repairing the system state to make it appear as if the vulnerability never existed. Repair tracks down and reverts effects of the attack on other users within the same application and on other applications, while preserving legitimate changes. Using techniques resulting from these ideas, an administrator can easily recover from past attacks that exploited a bug using nothing more than a patch fixing the bug, with no manual effort on her part to find the attack or track its effects. The same techniques can also recover from attacks that exploit past configuration mistakes-the administrator only has to point out the past request that resulted in the mistake. We built three prototype systems, WARP, POIROT, and AIRE, to explore these ideas. Using these systems, we demonstrate that we can recover from challenging attacks in real distributed web applications with little or no changes to application source code; that recovery time is a fraction of the original execution time for attacks with a few affected requests; and that support for recovery adds modest runtime overhead during the application's normal operation.by Ramesh Chandra.Ph.D

Assessing Resilience in Power Grids as a Particular Case of Supply Chain Management

Electrical power grids represent a critical infrastructure for a nation as well as strategically important. Literature review identified that power grids share basic characteristics with Supply Chain Management. This thesis presents a linear programming model to assess power grid resilience as a particular case of Supply Chain Management. Since resilient behavior is not an individual or specific system\u27s attribute but a holistic phenomenon based on the synergic interaction within complex systems, resilience drivers in power grids were identified. Resilience is a function of Reliability, Recovery Capability, Vulnerability and Pipeline Capacity. In order to embed heterogeneous variables into the model, parameterization of resilience drivers were developed. A principle of improving resilience through redundancy was applied in the model by using a virtual redundancy in each link which allows reliability improvement throughout the entire network. Vulnerability was addressed through the standard MIL-STD 882D, and mitigated through security allocation. A unique index (R) integrates the resilience complexity to facilitate alternate scenarios analysis toward strategic decision making. Decision makers are enabled to improve overall power grid performance through reliability development as well as security allocation at the more strategic links identified by the optimal solutions. Moreover, this tool lets decision makers fix grid variables such as reliability, reduced pipeline capacity, or vulnerabilities within the model in order to find optimal solutions that withstand disruptions. The model constitutes an effective tool not only for efficient reliability improvement but also for rational security allocation in the most critical links within the network. Finally, this work contributes to the federal government mandates accomplishment, intended to address electrical power-related risks and vulnerabilities

Design of an integrated airframe/propulsion control system architecture

The design of an integrated airframe/propulsion control system architecture is described. The design is based on a prevalidation methodology that uses both reliability and performance. A detailed account is given for the testing associated with a subset of the architecture and concludes with general observations of applying the methodology to the architecture

Cognitive Machine Individualism in a Symbiotic Cybersecurity Policy Framework for the Preservation of Internet of Things Integrity: A Quantitative Study

This quantitative study examined the complex nature of modern cyber threats to propose the establishment of cyber as an interdisciplinary field of public policy initiated through the creation of a symbiotic cybersecurity policy framework. For the public good (and maintaining ideological balance), there must be recognition that public policies are at a transition point where the digital public square is a tangible reality that is more than a collection of technological widgets. The academic contribution of this research project is the fusion of humanistic principles with Internet of Things (IoT) technologies that alters our perception of the machine from an instrument of human engineering into a thinking peer to elevate cyber from technical esoterism into an interdisciplinary field of public policy. The contribution to the US national cybersecurity policy body of knowledge is a unified policy framework (manifested in the symbiotic cybersecurity policy triad) that could transform cybersecurity policies from network-based to entity-based. A correlation archival data design was used with the frequency of malicious software attacks as the dependent variable and diversity of intrusion techniques as the independent variable for RQ1. For RQ2, the frequency of detection events was the dependent variable and diversity of intrusion techniques was the independent variable. Self-determination Theory is the theoretical framework as the cognitive machine can recognize, self-endorse, and maintain its own identity based on a sense of self-motivation that is progressively shaped by the machine’s ability to learn. The transformation of cyber policies from technical esoterism into an interdisciplinary field of public policy starts with the recognition that the cognitive machine is an independent consumer of, advisor into, and influenced by public policy theories, philosophical constructs, and societal initiatives

Security Enhanced Applications for Information Systems

Every day, more users access services and electronically transmit information which is usually disseminated over insecure networks and processed by websites and databases, which lack proper security protection mechanisms and tools. This may have an impact on both the users’ trust as well as the reputation of the system’s stakeholders. Designing and implementing security enhanced systems is of vital importance. Therefore, this book aims to present a number of innovative security enhanced applications. It is titled “Security Enhanced Applications for Information Systems” and includes 11 chapters. This book is a quality guide for teaching purposes as well as for young researchers since it presents leading innovative contributions on security enhanced applications on various Information Systems. It involves cases based on the standalone, network and Cloud environments

Professional English. Fundamentals of Software Engineering

Посібник містить оригінальні тексти фахового змісту, які супроводжуються термінологічним тематичним вокабуляром та вправами різного методичного спрямування. Для студентів, які навчаються за напрямами підготовки: «Програмна інженерія», «Комп’ютерні науки» «Комп’ютерна інженерія»

Cybersecurity Planning Insight: CSCD (Cyber Security and Cyber Defense) Control: Framework For Strategic Direction and Governance

Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Information Systems and Technologies ManagementIn this recent time, the importance of cybersecurity and cyber defense is sky-high. Everyone uses different devices, IT infrastructures, and applications for various purposes at school, office, home, hospitals everywhere. With the enlightenment of technology, the nature of cyber-attack has been changed dramatically, and that is why the number of cyber-attacks have been increased. Enterprises face billions of Euros loss from such incidents; even the data loss and operational hazard may have a devastating impact not only on the service, security, privacy, brand image but also upon overall business. A constrictive and realistic CSCD (cyber security and cyber defense) strategy along with the proper implementation of it, can safeguard the enterprises and strongly from cyber attacks. In this paper, we prepare an improved CSCD control framework based on several hundreds of scientific papers and frameworks. Moreover, we identify different aspects and strategic elements by holistic CSCD control risk assessment and data analysis for preparing CSCD strategy and planning of different levels of organizations to maintain effective CSCD governance and cyber resilience