POINTER:a GDPR-compliant framework for human pentesting (for SMEs)

Penetration tests have become a valuable tool in any organisation’s arsenal, in terms of detecting vulnerabilities in their technical defences. Many organisations now also “penetration test” their employees, assessing their resilience and ability to repel human-targeted attacks. There are two problems with current frameworks: (1) few of these have been developed with SMEs in mind, and (2) many deploy spear phishing, thereby invading employee privacy, which could be illegal under the new European General Data Protection Regulation (GDPR) legislation. We therefore propose the PoinTER (Prepare TEst Remediate) Human Pentesting Framework. We subjected this framework to expert review and present it to open a discourse on the issue of formulating a GDPR- compliant Privacy-Respecting Employee Pentest for SMEs

Continuous maintenance and the future – Foundations and technological challenges

High value and long life products require continuous maintenance throughout their life cycle to achieve required performance with optimum through-life cost. This paper presents foundations and technologies required to offer the maintenance service. Component and system level degradation science, assessment and modelling along with life cycle ‘big data’ analytics are the two most important knowledge and skill base required for the continuous maintenance. Advanced computing and visualisation technologies will improve efficiency of the maintenance and reduce through-life cost of the product. Future of continuous maintenance within the Industry 4.0 context also identifies the role of IoT, standards and cyber security

Accessible and inclusive cyber security:a nuanced and complex challenge

It has been argued that human-centred security design needs to accommodate the considerations of three dimensions: (1) security, (2) usability and (3) accessibility. The latter has not yet received much attention. Now that governments and health services are increasingly requiring their citizens/patients to use online services, the need for accessible security and privacy has become far more pressing. The reality is that, for many, security measures are often exasperatingly inaccessible. Regardless of the outcome of the debate about the social acceptability of compelling people to access public services online, we still need to design accessibility into these systems, or risk excluding and marginalising swathes of the population who cannot use these systems in the same way as abled users. These users are particularly vulnerable to attack and online deception not only because security and privacy controls are inaccessible but also because they often struggle with depleted resources and capabilities together with less social, economic and political resilience. This conceptual paper contemplates the accessible dimension of human-centred security and its impact on the inclusivity of security technologies. We scope the range of vulnerabilities that can result from a lack of accessibility in security solutions and contemplate the nuances and complex challenges inherent in making security accessible. We conclude by suggesting a number of avenues for future work in this space.</p

Anthropocentric perspective of production before and within Industry 4.0

Abstract This paper presents a systematic literature review (SLR) of the anthropocentric perspective of production before and after (or, better, within) Industry 4.0. We identify central research clusters regarding traditional Anthropocentric Production Systems (APS) and Anthropocentric Cyber Physical Production Systems. By comparing the two perspectives, we are able to analyse new emerging paradigms in anthropocentric production caused by Industry 4.0. We further make prediction of the future role of the human operator, his needed knowledge and capabilities and how assistance systems support the Operator 4.0. Our paper gives a brief outlook of current and needed future research. It builds grounds for further scholarly discussion on the role of humans in the factory of the future

Towards a kansei-based user modeling methodology for eco-design

We propose here to highlight the benefits of building a framework linking Kansei Design (KD), User Centered Design (UCD) and Eco-design, as the correlation between these fields is barely explored in research at the current time. Therefore, we believe Kansei Design could serve the goal of achieving more sustainable products by setting up an accurate understanding of the user in terms of ecological awareness, and consequently enhancing performance in the Eco-design process. In the same way, we will consider the means-end chain approach inspired from marketing research, as it is useful for identifying ecological values, mapping associated functions and defining suitable design solutions. Information gathered will serve as entry data for conducting scenario-based design, and supporting the development of an Eco-friendly User Centered Design methodology (EcoUCD).ANR-ECOUS

Supporting community engagement through teaching, student projects and research

The Education Acts statutory obligations for ITPs are not supported by the Crown funding model. Part of the statutory role of an ITP is “... promotes community learning and by research, particularly applied and technological research ...” [The education act 1989]. In relation to this a 2017 TEC report highlighted impaired business models and an excessive administrative burden as restrictive and impeding success. Further restrictions are seen when considering ITPs attract < 3 % of the available TEC funding for research, and ~ 20 % available TEC funding for teaching, despite having overall student efts of ~ 26 % nationally. An attempt to improve performance and engage through collaboration (community, industry, tertiary) at our institution is proving successful. The cross-disciplinary approach provides students high level experience and the technical stretch needed to be successful engineers, technologists and technicians. This study presents one of the methods we use to collaborate externally through teaching, student projects and research