Approche à base de vérification formelle de modèle pour une utilisation sécuritaire de la cuisinière d'un habitat intelligent

Pour s'assurer que les personnes âgées soient en sécurité au domicile, le projet INOVUS s'intéresse aux risques liés à l'utilisation de la cuisinière. Dans le cadre de ce projet, les travaux de M.Sc. présentés dans ce mémoire se concentrent sur la perspective logicielle de la détection et de la prévention des risques physiques pour la personne, lors de la réalisation de tâches utilisant la cuisinière. Dans un premier temps, une revue des risques à domicile recensés dans la littérature a permis de définir la couverture nécessaire à une telle solution. Certaines situations dangereuses ont ensuite été sélectionnées pour définir un modèle de solution satisfaisant. Le développement d'une solution de sécurité pour la personne entraîne des contraintes de fiabilité de très haut niveau pour la technologie produite.Pour répondre à ce besoin, la proposition de ces travaux de M.Sc. est l'utilisation de spécifications formelles. Ces outils permettent d'obtenir un plus haut degré de fiabilité de logiciels. En se basant sur ces outils, un modèle de solution a été élaboré pour le projet INOVUS, et ce à l'aide du vérificateur de modèle ALLOY. Enfin, une implémentation en Java de ce prototype a été réalisée afin d'évaluer les résultats de détection des situations dangereuses. Ce prototype permet alors à la fois de valider l'approche de développement choisie, ainsi que d'établir une preuve de concept d'une telle solution de sécurité

Les figures de l'utilisateur aux Bell Labs : analyse de la construction des représentations dans la R&D industrielle

In this thesis we examine the genealogy of the concept of user and its contemporary dramaturgy in industrial research. For forty years, the literature in sciences and technology studies, in design and in strategy have been revealing the importance of users in the innovation process. This thesis is the result of a doctoral research that aims at exploring further this issue by studying the institutional, economical and socio-technical reasons that settle the user as an artefact in the research laboratory of Bell Labs. Our theorical frameword combine both semiotic (Charles S. Peirce) and symbolic (Lucien Sfez) aproaches, and the theory of actor-network (Bruno Latour). We focus on the terms of the representational system of the user and its symbolic implications in Bell Laboratories : the diffusion of the concept in the scientific journal of Bell Labs through a statistical analysis, the different types of user-model in Bell Labs history through a speech analysis, and the process of user integration through the socio-technical analysis of an innovation project. For this research, we developed a methodology designed at tracking and analyzing the birth and propagation of concepts in innovation. Finally we defend that Bell Labs, through its user-models, have established an equivalence between human and machine that make the user a symbolic picture half human, half-machine.Cette thèse examine la généalogie du concept d’utilisateur et sa mise en scène contemporaine dans la recherche et développement industriel. De nombreuses recherches du champ des sciences et techniques, du design et de la stratégie ont mis en évidence ces 40 dernières années le rôle clé de l’utilisateur dans le processus d’innovation. Le laboratoire de recherche Bell Labs sert de terrain d’analyse car il permet d’observer sur une période de 88 années les raisons institutionnelles, économiques et socio-techniques qui ont établi l’utilisateur comme un artefact à même de répondre aux enjeux industriels de formalisation des conditions de réceptions et d’usages dans le but de les intégrer aux objets en développement dans le domaine des télécommunications. Ancré au confluent des approches sémiotique (C. S. Peirce), symbolique (L. Sfez), et de la théorie de l’acteur-réseau (B. Latour), nous analysons les différents termes du système représentatif de l’utilisateur et sa symbolique aux Bell Labs : la diffusion du concept dans le journal scientifique de Bell Labs à partir d’une analyse statistique, les différents types de figures de l’utilisateur présents dans ce journal avec une analyse de discours, et le processus de prise en compte de l’utilisateur par l’analyse socio-technique d’un projet d’innovation. Pour ce travail, nous avons développé une méthodologie permettant le suivi et l’analyse de l’émergence et de la diffusion des concepts d’innovation. In fine, nous défendons que les Bell Labs, au travers des représentations de l’utilisateur, ont progressivement établi une équivalence entre l’homme et la machine qui porte l’utilisateur au rang d’image symbolique mi-homme mi-machine

Validation de spécifications de systèmes d'information avec Alloy

Le présent mémoire propose une investigation approfondie de l’analyseur Alloy afin de juger son adaptabilité en tant que vérificateur de modèles. Dans un premier temps, l’étude dresse un tableau comparatif de six vérificateurs de modèles, incluant Alloy, afin de déterminer lequel d’entre eux est le plus apte à résoudre les problématiques de sécurité fonctionnelle posées par les systèmes d’information. En conclusion de cette première phase, Alloy émerge comme l’un des analyseurs les plus performants pour vérifier les modèles sur lesquels se fondent les systèmes d’information. Dans un second temps, et sur la base des problématiques rencontrées au cours de cette première phase, l’étude rapporte une série d’idiomes pour, d’une part, présenter une manière optimisée de spécifier des traces et, d’autre part, trouver des recours afin de contourner les limitations imposées par Alloy. À ces fins, le mémoire propose deux nouveaux cas d’espèce, ceux d’une cuisinière intelligente et d’une boîte noire, afin de déterminer si oui ou non l’analyseur est capable de gérer les systèmes dynamiques possédant de nombreuses entités avec autant d’efficacité que les systèmes qui en possèdent moins. En conclusion, le mémoire rapporte que Alloy est un bon outil pour vérifier des systèmes dynamiques mais que sa version récente, DynAlloy, peut être encore mieux adapté pour le faire puisque précisément conçu pour faire face aux spécificités de ce type de système. Le mémoire s’achève sur une présentation sommaire de ce dernier outil

Un processus formel d'intégration de politiques de contrôle d'accès dans les systèmes d'information

Security is a key aspect in information systems (IS) development. One cannot build a bank IS without security in mind. In medical IS, security is one of the most important features of the software. Access control is one of many security aspects of an IS. It defines permitted or forbidden execution of system's actions by an user. Between the conception of an access control policy and its effective deployment on an IS, several steps can introduce unacceptable errors. Using formal methods may be an answer to reduce errors during the modeling of access control policies. Using the process algebra EB[superscript 3], one can formally model IS. Its extension, EB[superscript 3]SEC, was created in order to model access control policies. The ASTD notation combines Harel's Statecharts and EB[superscript 3] operators into a graphical and formal notation that can be used in order to model IS. However, both methods lack tools allowing a designer to prove or verify security properties in order to validate an access control policy. Furthermore, the implementation of an access control policy must correspond to its abstract specification. This thesis defines translation rules from EB[superscript 3] to ASTD, from ASTD to Event-B and from ASTD to B. It also introduces a formal architecture expressed using the B notation in order to enforce a policy over an IS. This modeling of access control policies in B can be used in order to prove properties, thanks to the B prover, but also to verify properties using ProB, a model checker for B. Finally, a refinement strategy for the access control policy into an implementation is proposed. B refinements are proved, this ensures that the implementation corresponds to the initial model of the access control policy

An evaluation of small satellite technology transfer and capability-building in Algeria

© Cranfield University, 2018The potential for satellite technology to make an essential contribution to socio-economic development has been recognised by the international community since the onset of space adventure in the late 1950s. Due to its complexity and the resources required, satellite technology development has always been the reserve of major powers. However, a new trend emerged in the 1990s towards developing smaller and cheaper satellites. It is driven by the spectacular development in information and communication technologies, advances in technology miniaturisation, rising performance of off-the-shelf components, and space sector globalisation. This trend has lowered barriers to entry for small developing countries. They have used the new mechanism of small satellite collaborative projects in order to transfer Earth observation small satellite technology from developed countries. Like other developing countries, Algeria has leveraged this trend and engaged successively in three Earth observation small satellite collaborative projects with foreign companies in order to build small satellite capability. The purpose of this study is, thus, to evaluate whether Algeria has skilfully combined the technology acquired from abroad with local efforts to build effective and sustainable local small satellite capability. Technological capability-building through technology transfer usually refers to the ability to reconcile two categories of factors: i) exogenous factors, external to the country’s socio-economic environment, that condition the transfer of technology from abroad - these factors are traditionally gathered under the body of knowledge called ‘technology transfer’; and ii) endogenous factors, relating to the local effort to effectively acquire and indigenise the transferred technology – these factors are traditionally gathered under the body of knowledge called ‘technological capability-building’. Technological capability-building through technology transfer is also viewed as a learning process where knowledge is transferred from abroad and locally diffused. The evaluation approach adopted in this study examines the small satellite capability-building programme from a knowledge-oriented perspective. Algeria’s ii context is appraised by using the Innovation System analytical approach. The programme planning is evaluated by using the ‘strategic planning’ analytical approach. The programme implementation is evaluated by placing technological learning at the heart of the study. Two systemic models for the evaluation of knowledge flow from the transferor to the transferee, and then to its local environment, have been devised and tested. The knowledge-oriented perspective has been triangulated with perspectives stemming from the two traditional bodies of knowledge: technology transfer and technological capability-building. The evaluation has been comprehensive by taking into account factors across different levels of analysis: individual and team (micro level); organisation or firm (meso level); and national, sectoral and international (macro level). The evaluation has been performed through a mixed method research design. The research findings indicate that the process of building small satellite technological capability in Algeria has provided mixed results, and the most concerning are at the macro level. Algeria has failed to establish a strong foothold between the nascent satellite development activities and a local supply chain. Moreover, at the meso level, Algeria has not established an effective learning organisation that can lead, synergistically and coherently, satellite development activities. Finally, at the micro level, Algeria has failed to align technology transfer mechanisms with satellite development objectives. Based on these findings, the study highlights the need for clear strategies with prioritised objectives. It recommends elevating management capability-building as an absolute priority, and suggests the adoption of appropriate technology transfer mechanisms and a diversified projects portfolio

Agile project management: a potential tool for enhancing innovation capacity in organisations

To develop their projects, organisations have different methodologies to use. Thus, they often use the same methods they already know and are used to. Often organisations would favourite common project management methodologies like Waterfall methodology. It has already proven its worth, but has also its flaws and limits. Since the beginning of the century new methodologies have been developed: the agile methodologies. Those methodologies are quite new and not very much known or used except by organisations from IT sectors. This thesis aims to analyse if and how the agile methodologies used during project managements encourage the innovation of an organisation. This thesis will highlight the advantages and limits of both waterfall and agile methodologies, before emphasising innovation enablers. Through qualitative interviews, this research will establish and compare the characteristics of an innovative team and the characteristics of an agile team. Then, it will establish the interests and issues to use agile methodologies to innovate.Para desenvolver seus projetos, as organizações têm diferentes metodologias. Assim, eles costumam usar os mesmos métodos que eles já conhecem e estão acostumados. Frequentemente, as organizações preferem metodologias comuns de gerenciamento de projetos, como a metodologia em cascata or “Waterfall”. Já provou seu valor, mas também tem suas falhas e limites. Desde o início do século, novas metodologias foram desenvolvidas: as metodologias Agile. Essas metodologias são bastante novas e pouco conhecidas ou usadas, exceto pelas organizações dos setores de TI. Esta tese tem como objetivo analisar se e de que modo as metodologias Agile utilizadas durante a gestão de projetos incentivam a inovação de uma organização. Esta tese destacará as vantagens e os limites das metodologias em cascata e Agile, antes de enfatizar os facilitadores de inovação. Por meio de entrevistas qualitativas, este estudo irá estabelecer e comparar as características de uma equipe inovadora e as características de uma equipe Agile. Então, estabelecerá os interesses e questões para usar metodologias Agile para inovar

Network Traffic Measurements, Applications to Internet Services and Security

The Internet has become along the years a pervasive network interconnecting billions of users and is now playing the role of collector for a multitude of tasks, ranging from professional activities to personal interactions. From a technical standpoint, novel architectures, e.g., cloud-based services and content delivery networks, innovative devices, e.g., smartphones and connected wearables, and security threats, e.g., DDoS attacks, are posing new challenges in understanding network dynamics. In such complex scenario, network measurements play a central role to guide traffic management, improve network design, and evaluate application requirements. In addition, increasing importance is devoted to the quality of experience provided to final users, which requires thorough investigations on both the transport network and the design of Internet services. In this thesis, we stress the importance of users’ centrality by focusing on the traffic they exchange with the network. To do so, we design methodologies complementing passive and active measurements, as well as post-processing techniques belonging to the machine learning and statistics domains. Traffic exchanged by Internet users can be classified in three macro-groups: (i) Outbound, produced by users’ devices and pushed to the network; (ii) unsolicited, part of malicious attacks threatening users’ security; and (iii) inbound, directed to users’ devices and retrieved from remote servers. For each of the above categories, we address specific research topics consisting in the benchmarking of personal cloud storage services, the automatic identification of Internet threats, and the assessment of quality of experience in the Web domain, respectively. Results comprise several contributions in the scope of each research topic. In short, they shed light on (i) the interplay among design choices of cloud storage services, which severely impact the performance provided to end users; (ii) the feasibility of designing a general purpose classifier to detect malicious attacks, without chasing threat specificities; and (iii) the relevance of appropriate means to evaluate the perceived quality of Web pages delivery, strengthening the need of users’ feedbacks for a factual assessment

Dynamique de collaboration au sein des équipes dispersées : Le cas des projets d'ingénierie

La globalisation des marchés, la cherté des compétences, et le développement sans précédent des technologies de l’information et des communications (TIC) encouragent les entreprises à réviser leurs pratiques. Désormais, les entreprises se procurent des ressources bien au-delà de leurs frontières organisationnelles et nationales, et leurs équipes deviennent de plus en plus étendues. Pour la réalisation des projets d’ingénierie, la constitution des équipes dispersées dont les membres collaborent sur une base régulière est devenue un mode de fonctionnement de plus en plus répandu. Cependant, cette pratique amène un contexte nouveau qui se caractérise par la diversité culturelle, la variété des pratiques, la différence des TIC utilisées, la rivalité, etc. Il s’agit là d’une dynamique complexe qui nécessite davantage d’exploration. L’objectif général du présent projet de recherche est de développer une meilleure compréhension de la collaboration en contexte de dispersion des équipes de projets. Pour y répondre, une exploration de la littérature qui porte sur la collaboration et la dynamique des équipes dispersées est effectuée. Cette investigation a permis de développer un modèle caractéristique du phénomène étudié. Ce modèle qui exprime, en effet, les facteurs déterminants de la collaboration, le contexte auquel cette collaboration fait face, et l’impact que celle-ci exerce sur la performance des équipes de projets.----------Market globalization, the scarcity of skills, and the explosive development of information and communications technologies (ICT) compel companies to scrutinize their practices. Henceforth, companies will seek resources beyond their organizational and national boundaries, and project teams will become increasingly distributed. To carry out engineering projects, today’s enterprises require distributed teams whose members work together regularly and intensely. However, this practice has raised new challenges: cultural diversity, differing practices, incompatible ICT, rivalries, and more. This complex dynamic needs to be understood and effectively managed. The overall objective of this research project is to develop a better understanding of how collaboration works in distributed project teams. First, the literature on collaboration and the dynamics of distributed teams is reviewed. A model including the different determinants of collaboration, the characteristics of collaborative environments, and the impact of collaboration on project team performance is then presented. To verify the validity of the model, an empirical survey was administered to professionals involved with distributed engineering projects. Based on data gathered from 253 project teams, various research hypotheses are confirmed. The results support the central role of collaboration in successful distributed projects. Superior collaborative functioning depends on several factors: organizational support, ICT, project manager leadership, and the flexibility and commitment of team members. Moreover, the collaborative dynamic is found to be influenced by various contextual factors, including member distributedness, and within-team trust and rivalry. Our results provide both a practical and theoretical contribution through a better understanding of collaboration in distributed project teams to enable optimal management