ENSURING SPECIFICATION COMPLIANCE, ROBUSTNESS, AND SECURITY OF WIRELESS NETWORK PROTOCOLS

Several newly emerged wireless technologies (e.g., Internet-of-Things, Bluetooth, NFC)—extensively backed by the tech industry—are being widely adopted and have resulted in a proliferation of diverse smart appliances and gadgets (e.g., smart thermostat, wearables, smartphones), which has ensuingly shaped our modern digital life. These technologies include several communication protocols that usually have stringent requirements stated in their specifications. Failing to comply with such requirements can result in incorrect behaviors, interoperability issues, or even security vulnerabilities. Moreover, lack of robustness of the protocol implementation to malicious attacks—exploiting subtle vulnerabilities in the implementation—mounted by the compromised nodes in an adversarial environment can limit the practical utility of the implementation by impairing the performance of the protocol and can even have detrimental effects on the availability of the network. Even having a compliant and robust implementation alone may not suffice in many cases because these technologies often expose new attack surfaces as well as new propagation vectors, which can be exploited by unprecedented malware and can quickly lead to an epidemic

Lessons from Formally Verified Deployed Software Systems (Extended version)

The technology of formal software verification has made spectacular advances, but how much does it actually benefit the development of practical software? Considerable disagreement remains about the practicality of building systems with mechanically-checked proofs of correctness. Is this prospect confined to a few expensive, life-critical projects, or can the idea be applied to a wide segment of the software industry? To help answer this question, the present survey examines a range of projects, in various application areas, that have produced formally verified systems and deployed them for actual use. It considers the technologies used, the form of verification applied, the results obtained, and the lessons that can be drawn for the software industry at large and its ability to benefit from formal verification techniques and tools. Note: a short version of this paper is also available, covering in detail only a subset of the considered systems. The present version is intended for full reference.Comment: arXiv admin note: text overlap with arXiv:1211.6186 by other author

Applied Analysis and Synthesis of Complex Systems: Proceedings of the IIASA-Kyoto University Joint Seminar, June 28-29, 2004

This two-day seminar aimed at introducing the new development of the COE by Kyoto University to IIASA and discussing general modeling methodologies for complex systems consisting of many elements, mostly via nonlinear, large-scale interactions. We aimed at clarifying fundamental principles in complex phenomena as well as utilizing and synthesizing the knowledge derived out of them. The 21st Century COE (Center of Excellence) Program is an initiative by the Japanese Ministry of Education, Culture, Science and Technology (MEXT) to support universities establishing discipline-specific international centers for education and research, and to enhance the universities to be the world's apex of excellence with international competitiveness in the specific research areas. Our program of "Research and Education on Complex Functional Mechanical Systems" is successfully selected to be awarded the fund for carrying out new research and education as Centers of Excellence in the field of mechanical engineering in 2003 (five-year project), and is expected to lead Japanese research and education, and endeavor to be the top in the world. The program covers general backgrounds in diverse fields as well as a more in-depth grasp of specific branches such as complex system modeling and analysis of the problems including: nonlinear dynamics, micro-mesoscopic physics, turbulent transport phenomena, atmosphere-ocean systems, robots, human-system interactions, and behaviors of nano-composites and biomaterials. Fundamentals of those complex functional mechanical systems are macroscopic phenomena of complex systems consisting of microscopic elements, mostly via nonlinear, large-scale interactions, which typically present collective behavior such as self-organization, pattern formation, etc. Such phenomena can be observed or created in every aspect of modern technologies. Especially, we are focusing upon; turbulent transport phenomena in climate modeling, dynamical and chaotic behaviors in control systems and human-machine systems, and behaviors of mechanical materials with complex structures. As a partial attainment of this program, IIASA and Kyoto University have exchanged Consortia Agreement at the beginning of the program in 2003, and this seminar was held to introduce the outline of the COE program of Kyoto University to IIASA researchers and to deepen the shared understandings on novel complex system modeling and analysis, including novel climate modeling and carbonic cycle management, through joint academic activities by mechanical engineers and system engineers. In this seminar, we invited a distinguished researcher in Europe as a keynote speaker and our works attained so far in the project were be presented by the core members of the project as well as by the other contributing members who participated in the project. All IIASA research staff and participants of YSSP (Young Scientist Summer Program) were cordially invited to attend this seminar to discuss general modeling methodologies for complex systems

Single- and dual-carrier microwave noise abatement in the deep space network

The NASA/JPL Deep Space Network (DSN) microwave ground antenna systems are presented which simultaneously uplink very high power S-band signals while receiving very low level S- and X-band downlinks. Tertiary mechanisms associated with elements give rise to self-interference in the forms of broadband noise burst and coherent intermodulation products. A long-term program to reduce or eliminate both forms of interference is described in detail. Two DSN antennas were subjected to extensive interference testing and practical cleanup program; the initial performance, modification details, and final performance achieved at several planned stages are discussed. Test equipment and field procedures found useful in locating interference sources are discussed. Practices deemed necessary for interference-free operations in the DSN are described. Much of the specific information given is expected to be easily generalized for application in a variety of similar installations. Recommendations for future investigations and individual element design are given

Extending the Exposure Score of Web Browsers by Incorporating CVSS

When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Yet its content differs from one browser to another. Despite the privacy and security risks of User-Agent strings, very few works have tackled this problem. Our previous work proposed giving Internet browsers exposure relative scores to aid users to choose less intrusive ones. Thus, the objective of this work is to extend our previous work through: first, conducting a user study to identify its limitations. Second, extending the exposure score via incorporating data from the NVD. Third, providing a full implementation, instead of a limited prototype. The proposed system: assigns scores to users’ browsers upon visiting our website. It also suggests alternative safe browsers, and finally it allows updating the back-end database with a click of a button. We applied our method to a data set of more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available here [4].</p

Composable architecture for rack scale big data computing

The rapid growth of cloud computing, both in terms of the spectrum and volume of cloud workloads, necessitate re-visiting the traditional rack-mountable servers based datacenter design. Next generation datacenters need to offer enhanced support for: (i) fast changing system configuration requirements due to workload constraints, (ii) timely adoption of emerging hardware technologies, and (iii) maximal sharing of systems and subsystems in order to lower costs. Disaggregated datacenters, constructed as a collection of individual resources such as CPU, memory, disks etc., and composed into workload execution units on demand, are an interesting new trend that can address the above challenges. In this paper, we demonstrated the feasibility of composable systems through building a rack scale composable system prototype using PCIe switch. Through empirical approaches, we develop assessment of the opportunities and challenges for leveraging the composable architecture for rack scale cloud datacenters with a focus on big data and NoSQL workloads. In particular, we compare and contrast the programming models that can be used to access the composable resources, and developed the implications for the network and resource provisioning and management for rack scale architecture

Insights from the Inventory of Smart Grid Projects in Europe: 2012 Update

By the end of 2010 the Joint Research Centre, the European Commission’s in-house science service, launched the first comprehensive inventory of smart grid projects in Europe1. The final catalogue was published in July 2011 and included 219 smart grid and smart metering projects from the EU-28 member states, Switzerland and Norway. The participation of the project coordinators and the reception of the report by the smart grid community were extremely positive. Due to its success, the European Commission decided that the project inventory would be carried out on a regular basis so as to constantly update the picture of smart grid developments in Europe and keep track of lessons learnt and of challenges and opportunities. For this, a new on-line questionnaire was launched in March 2012 and information on projects collected up to September 2012. At the same time an extensive search of project information on the internet and through cooperation links with other European research organizations was conducted. The resulting final database is the most up to date and comprehensive inventory of smart grids and smart metering projects in Europe, including a total of 281 smart grid projects and 90 smart metering pilot projects and rollouts from the same 30 countries that were included in the 2011 inventory database. Projects surveyed were classified into three categories: R&D, demonstration or pre-deployment) and deployment, and for the first time a distinction between smart grid and smart metering projects was made. The following is an insight into the 2012 report.JRC.F.3-Energy securit

Model-based symbolic design space exploration at the electronic system level: a systematic approach

In this thesis, a novel, fully systematic approach is proposed that addresses the automated design space exploration at the electronic system level. The problem is formulated as multi-objective optimization problem and is encoded symbolically using Answer Set Programming (ASP). Several specialized solvers are tightly coupled as background theories with the foreground ASP solver under the ASP modulo Theories (ASPmT) paradigm. By utilizing the ASPmT paradigm, the search is executed entirely systematically and the disparate synthesis steps can be coupled to explore the search space effectively.In dieser Arbeit wird ein vollständig systematischer Ansatz präsentiert, der sich mit der Entwurfsraumexploration auf der elektronischen Systemebene befasst. Das Problem wird als multikriterielles Optimierungsproblem formuliert und symbolisch mit Hilfe von Answer Set Programming (ASP) kodiert. Spezialisierte Solver sind im Rahmen des ASP modulo Theories (ASPmT) Paradigmas als Hintergrundtheorien eng mit dem ASP Solver gekoppelt. Durch die Verwendung von ASPmT wird die Suche systematisch ausgeführt und die individuellen Schritte können gekoppelt werden, um den Suchraum effektiv zu durchsuchen

TEMPERATURE AND RATE DEPENDENT PARTITIONED CONSTITUTIVE RELATIONSHIPS FOR 95.5PB2SN2.5AG SOLDER ALLOY

One of the biggest challenges for power electronic devices is to be reliable in harsh environments. The operating temperatures in typical applications can go as high as 200ºC. The die attachment material of a power electronic device is one of the weak links in the system. The eutectic Sn-Pb solder alloy, which is the most commonly used permanent interconnect in electronics packaging cannot fulfill these service requirements, hence there is a need to find suitable replacements. Durability characterization is essential in order to accurately predict the reliability of the solder alloy chosen for the die attach material under life cycle loads. A large number of models are available, which can be used to determine the life of die attach in small signal and power modules, however the shortfall of these models is the lack of test data for all but the most common (e.g. eutectic Sn-Pb solder) die attach materials. Hence, relevant constitutive properties must be measured, as they are essential for quantitative characterization of damage accumulated in the die attach, the knowledge of which is essential for accurate durability assessment. The aim of this study is to determine the relevant constitutive properties for high temperature high lead 95.5Pb2Sn2.5Ag solder alloy (Indalloy 163) by implementing the direct local measurement technique. Temperature and loading rate dependent mechanical and constitutive properties of the afore mentioned solder alloy have been obtained by modeling the experimental data gathered by conducting monotonic, isothermal, constant strain rate tests at a range of temperatures and strain rates utilizing miniature single-lap shear specimens, with a partitioned form of the general constitutive equation

An environmental evaluation procedure for coastal township and resort development proposals in South Africa

Includes bibliographies.Most coastal nations recognise the environmental, economic and educational value of their coastal zones. Consequently, they have developed integrated management programmes and employ a variety of strategies, in particular, Environmental Impact Assessment, to promote the sustainable use and development of these resource- rich areas. In South Africa, the absence of a formal, holistic and systematic procedure for evaluating proposals that affect the coastal environment is identified as one of the main causes of coastal degradation. The Integrated Environmental Management Procedure, developed in 1992, provides a generic framework within which the planning and evaluation of proposals, significantly affecting the environment can be made. Further development of more detailed procedures, practical guidelines and tools for specific activities or in particular environments, is now urgently required. The central aim of this dissertation is to develop an environmental evaluation procedure for coastal township and resort development proposals, consistent with the principles of Integrated Environmental Management, and appropriate to the conditions in a developing country, such as South Africa. The proposed procedure addresses key weaknesses inherent in most Environmental Impact Assessment systems in developing countries and incorporates and builds upon relevant Coastal Zone Management strategies operative in South Africa. Furthermore, it seeks to unpack and clarify the Environmental Impact Assessment concept by identifying its underlying principles, clarifying procedural requirements and making operational the processes which characterise it. To assist with implementation, a variety of tools and a series of practical guidelines have been developed. The key features of the procedure were derived from an extensive literature review, an examination of the environmental evaluation and coastal management systems operating in South Africa, a questionnaire survey amongst coastal managers, and from case study material. Action research informed ideas for making operational the processes of scoping and public participation. Particular attention was given to identifying and developing appropriate methods and guidelines for identifying impacts, determining impact significance, involving the public, assessing recreational carrying capacity, clarifying trade-offs amongst alternatives, marrying expert opinion and local experiential knowledge and incorporating subjective value judgements into the assessment and decision-making processes. It is submitted that the employment of this procedure to all proposals affecting the coastal zone and the establishment of the proposed institutional mechanisms for its implementation, will streamline and enhance existing coastal management efforts and give direction to the further development and implementation of an Integrated Coastal Zone Management programme for South Africa