622 research outputs found
Risk management in a mega-project: the Universal EXPO 2015 case
The paper analyses the literature on risk management in mega-projects suggesting possible mitigation actions to be considered in the stakeholders' management. EXPO 2015 represents a perfect project to understand the strength of a rigorous methodological approach to uncertainty and the need for a mature consciousness at managerial level on these topics. Analysing real available data on this project, the number of visitors appears overestimated, so, by adopting a framework, called SHAMPU, the paper quantifies the relative impact and provides possible mitigation actions. Practical actions crossing the risk management phases in mega projects proposed by literature are suggested in the conclusions
RADIS: Remote Attestation of Distributed IoT Services
Remote attestation is a security technique through which a remote trusted
party (i.e., Verifier) checks the trustworthiness of a potentially untrusted
device (i.e., Prover). In the Internet of Things (IoT) systems, the existing
remote attestation protocols propose various approaches to detect the modified
software and physical tampering attacks. However, in an interoperable IoT
system, in which IoT devices interact autonomously among themselves, an
additional problem arises: a compromised IoT service can influence the genuine
operation of other invoked service, without changing the software of the
latter. In this paper, we propose a protocol for Remote Attestation of
Distributed IoT Services (RADIS), which verifies the trustworthiness of
distributed IoT services. Instead of attesting the complete memory content of
the entire interoperable IoT devices, RADIS attests only the services involved
in performing a certain functionality. RADIS relies on a control-flow
attestation technique to detect IoT services that perform an unexpected
operation due to their interactions with a malicious remote service. Our
experiments show the effectiveness of our protocol in validating the integrity
status of a distributed IoT service.Comment: 21 pages, 10 figures, 2 table
Adaptive Variable Structure Control System for Attitude Spacecraft Applications
L'abstract Ăš presente nell'allegato / the abstract is in the attachmen
Know Your Enemy: Stealth Configuration-Information Gathering in SDN
Software Defined Networking (SDN) is a network architecture that aims at
providing high flexibility through the separation of the network logic from the
forwarding functions. The industry has already widely adopted SDN and
researchers thoroughly analyzed its vulnerabilities, proposing solutions to
improve its security. However, we believe important security aspects of SDN are
still left uninvestigated. In this paper, we raise the concern of the
possibility for an attacker to obtain knowledge about an SDN network. In
particular, we introduce a novel attack, named Know Your Enemy (KYE), by means
of which an attacker can gather vital information about the configuration of
the network. This information ranges from the configuration of security tools,
such as attack detection thresholds for network scanning, to general network
policies like QoS and network virtualization. Additionally, we show that an
attacker can perform a KYE attack in a stealthy fashion, i.e., without the risk
of being detected. We underline that the vulnerability exploited by the KYE
attack is proper of SDN and is not present in legacy networks. To address the
KYE attack, we also propose an active defense countermeasure based on network
flows obfuscation, which considerably increases the complexity for a successful
attack. Our solution offers provable security guarantees that can be tailored
to the needs of the specific network under consideratio
Reaching law-based SMC for spacecraft applications with actuators constraints
This letter considers a robust sliding mode control method for a spacecraft attitude control. The design of the control law is based on the reaching law approach for continuous-time systems. A novel method is proposed to design the parameters of both the reaching law and the sliding surface. The reaching law ensures that during the reaching phase the states of the system remains bounded. Then, taking into account the parameters of the mathematical model, the bounds are defined so that the control law does not overload the actuator limits, whatever the initial
conditions. Furthermore, a variable gain is considered for the control law, to provide chattering alleviation of the control input. Numerical simulations are performed to show the effectiveness of the proposed approach
The divergence between actual and estimated costs in large industrial and infrastructure projects: is nuclear special?
Megaprojects are frequently over
budget and late all over the world in many different sectors. There has been little or no
improvement over the decades. Project performance today is roughly similar to ten,
twenty and thirty years ago. On the other hand, even if public opinion and the press are
focusing on nuclear projects being over budget and late, such poor performance is not a fatality. The Korean and the (pre-2000) French experience shows that it is possible to deliver nuclear projects on time and budget. Key success factors are the replication of existing reactors, a relative monoculture, a stable environment with experienced stakeholders and a long-term view. Some of these factors may no longer be replicable and the most promising way forward may be to start learning from other high technological sectors such as aerospace or oil and gas, where a number of major companies have evolved from national champions to global competitors
Project controlling in mega events: the Expo 2015 case
Although Universal Expositions are an incredible catalyst for the development of hosting cities, they have to face projectsâ common problems as over-budgets and delays. This last issue is critic since mega events have to respect a mandatory deadline and any delay could cause critical project scope reduction. It is thus fundamental to control efficiently and effectively their progress to obtain the best performances. Despite âproject controllingâ field is well-documented concerning mega-projects, there is a gap for mega events. In addition, literature focuses on strategic elements without providing operative methods to control the execution phase. This paper fi lls this gap highlighting how mega-events can be considered as âmega-programmesâ, suggesting supervision through a project envelope to avoid forecasting problems and proposing a gradual control according to project statuses. These results provide a model to monitor Milan Expo 2015 execution phase, guaranteeing that all projects involved end within deadlines
- âŠ