7,692 research outputs found
Why We Cannot (Yet) Ensure the Cybersecurity of Safety-Critical Systems
There is a growing threat to the cyber-security of safety-critical systems.
The introduction of Commercial Off The Shelf (COTS) software, including
Linux, specialist VOIP applications and Satellite Based Augmentation Systems
across the aviation, maritime, rail and power-generation infrastructures has created
common, vulnerabilities. In consequence, more people now possess the technical
skills required to identify and exploit vulnerabilities in safety-critical systems.
Arguably for the first time there is the potential for cross-modal attacks
leading to future ‘cyber storms’. This situation is compounded by the failure of
public-private partnerships to establish the cyber-security of safety critical applications.
The fiscal crisis has prevented governments from attracting and retaining
competent regulators at the intersection of safety and cyber-security. In particular,
we argue that superficial similarities between safety and security have led
to security policies that cannot be implemented in safety-critical systems. Existing
office-based security standards, such as the ISO27k series, cannot easily be integrated
with standards such as IEC61508 or ISO26262. Hybrid standards such as
IEC 62443 lack credible validation. There is an urgent need to move beyond
high-level policies and address the more detailed engineering challenges that
threaten the cyber-security of safety-critical systems. In particular, we consider
the ways in which cyber-security concerns undermine traditional forms of safety
engineering, for example by invalidating conventional forms of risk assessment.
We also summarise the ways in which safety concerns frustrate the deployment of
conventional mechanisms for cyber-security, including intrusion detection systems
Increasing resilience of ATM networks using traffic monitoring and automated anomaly analysis
Systematic network monitoring can be the cornerstone for
the dependable operation of safety-critical distributed
systems. In this paper, we present our vision for informed
anomaly detection through network monitoring and
resilience measurements to increase the operators'
visibility of ATM communication networks. We raise the
question of how to determine the optimal level of
automation in this safety-critical context, and we present a
novel passive network monitoring system that can reveal
network utilisation trends and traffic patterns in diverse
timescales. Using network measurements, we derive
resilience metrics and visualisations to enhance the
operators' knowledge of the network and traffic behaviour,
and allow for network planning and provisioning based on
informed what-if analysis
Essay Review: Implications for Educators of Daniel Everett’s Language: The Cultural Tool
This essay review discusses Everett (2012), Language: The Cultural Tool, with particular emphasis on implications for educators. While Everett does not belong to the discourse of pedagogy and policy for classrooms, his findings and arguments resonate powerfully with the contemporary challenges of PK-12 classrooms and teacher preparation
Principles for increased resilience in critical networked infrastructures
We propose a framework for deploying stronger, intelligent resilience mechanisms in mission-critical ATM networks over and above that offered by physical n-fold redundancy. We
compare the challenges facing power and data network resilience and discuss disruptive threats to real-world operations. Using recorded live data from an ATM data network we argue our proposed architecture with deployable, distributed on-demand anomaly detection and monitoring modules provides enhanced fail-secure versus current fail-safe resilience
Laypeoples' and experts' risk perception of cloud computing
Cloud computing is revolutionising the way software services are procured and used by Government organizations and SMEs. Quantitative risk assessment of Cloud services is complex and undermined by specific security concerns regarding data confidentiality, integrity and availability. This study explores how the gap between the quantitative risk assessment and the perception of the risk can produce a bias in the decision-making process about Cloud computing adoption. The risk perception of experts in Cloud computing (N=37) and laypeople (N=81) about ten Cloud computing services was investigated using the psychometric paradigm. Results suggest that the risk perception of Cloud services can be represented by two components, called dread risk and unknown risk, which may explain up to 46% of the variance. Other factors influencing the risk perception were perceived benefits, trust in regulatory authorities and technology attitude. This study suggests some implications that could support Government and non-Government organizations in their strategies for Cloud computing adoption
Communicating the Value of Ergonomics to Management – Part 2: Ergonomics ROI Case Study Applications
More than ever, human factors engineers and ergonomists need to justify our practice’s value to management. How can we effectively communicate with management? How should we present a Return on Investment (ROI) that leadership will find useful that addresses company profits, cost savings, productivity, first time quality, and turnover? What else does management care about other than ROI? This second panel in a two panel series will specifically highlight case studies in which presenters give examples of situations in which ROI for ergonomics was investigated from a business value. The session will start with four case study lectures followed by a panel discussion led by the moderators. The audience will be encouraged to participate with their own questions and comments
A Possible Approach for Addressing Neglected Human Factors Issues of Systems Engineering
The increasing complexity of safety-critical applications has led to the introduction of decision support tools in the transportation and process industries. Automation has also been introduced to support operator intervention in safety-critical applications. These innovations help reduce overall operator workload, and filter application data to maximize the finite cognitive and perceptual resources of system operators. However, these benefits do not come without a cost. Increased computational support for the end-users of safety-critical applications leads to increased reliance on engineers to monitor and maintain automated systems and decision support tools. This paper argues that by focussing on the end-users of complex applications, previous research has tended to neglect the demands that are being placed on systems engineers. The argument is illustrated through discussing three recent accidents. The paper concludes by presenting a possible strategy for building and using highly automated systems based on increased attention by management and regulators, improvements in competency and training for technical staff, sustained support for engineering team resource management, and the development of incident reporting systems for infrastructure failures. This paper represents preliminary work, about which we seek comments and suggestions
The Identification of Extreme Asymptotic Giant Branch Stars and Red Supergiants in M33 by 24 {\mu}m Variability
We present the first detection of 24 {\mu}m variability in 24 sources in the
Local Group galaxy M33. These results are based on 4 epochs of MIPS
observations, which are irregularly spaced over ~750 days. We find that these
sources are constrained exclusively to the Holmberg radius of the galaxy, which
increases their chances of being members of M33. We have constructed spectral
energy distributions (SEDs) ranging from the optical to the sub-mm to
investigate the nature of these objects. We find that 23 of our objects are
most likely heavily self-obscured, evolved stars; while the remaining source is
the Giant HII region, NGC 604. We believe that the observed variability is the
intrinsic variability of the central star reprocessed through their
circumstellar dust shells. Radiative transfer modeling was carried out to
determine their likely chemical composition, luminosity, and dust production
rate (DPR). As a sample, our modeling has determined an average luminosity of
(3.8 0.9) x 10 L and a total DPR of (2.3 0.1) x
10 M yr. Most of the sources, given the high DPRs and
short wavelength obscuration, are likely "extreme" AGB (XAGB) stars. Five of
the sources are found to have luminosities above the classical AGB limit
(M 54,000 L), which classifies them as probably
red supergiants (RSGs). Almost all of the sources are classified as oxygen
rich. As also seen in the LMC, a significant fraction of the dust in M33 is
produced by a handful of XAGB and RSG stars.Comment: 36 pages, 14 figures, 4 tables, Accepted for publication in A
- …