A Formal Approach to Combining Prospective and Retrospective Security

The major goal of this dissertation is to enhance software security by provably correct enforcement of in-depth policies. In-depth security policies allude to heterogeneous specification of security strategies that are required to be followed before and after sensitive operations. Prospective security is the enforcement of security, or detection of security violations before the execution of sensitive operations, e.g., in authorization, authentication and information flow. Retrospective security refers to security checks after the execution of sensitive operations, which is accomplished through accountability and deterrence. Retrospective security frameworks are built upon auditing in order to provide sufficient evidence to hold users accountable for their actions and potentially support other remediation actions. Correctness and efficiency of audit logs play significant roles in reaching the accountability goals that are required by retrospective, and consequently, in-depth security policies. This dissertation addresses correct audit logging in a formal framework. Leveraging retrospective controls beside the existing prospective measures enhances security in numerous applications. This dissertation focuses on two major application spaces for in-depth enforcement. The first is to enhance prospective security through surveillance and accountability. For example, authorization mechanisms could be improved by guaranteed retrospective checks in environments where there is a high cost of access denial, e.g., healthcare systems. The second application space is the amelioration of potentially flawed prospective measures through retrospective checks. For instance, erroneous implementations of input sanitization methods expose vulnerabilities in taint analysis tools that enforce direct flow of data integrity policies. In this regard, we propose an in-depth enforcement framework to mitigate such problems. We also propose a general semantic notion of explicit flow of information integrity in a high-level language with sanitization. This dissertation studies the ways by which prospective and retrospective security could be enforced uniformly in a provably correct manner to handle security challenges in legacy systems. Provable correctness of our results relies on the formal Programming Languages-based approach that we have taken in order to provide software security assurance. Moreover, this dissertation includes the implementation of such in-depth enforcement mechanisms for a medical records web application

SiamixFormer: a fully-transformer Siamese network with temporal Fusion for accurate building detection and change detection in bi-temporal remote sensing images

Building detection and change detection using remote sensing images can help urban and rescue planning. Moreover, they can be used for building damage assessment after natural disasters. Currently, most of the existing models for building detection use only one image (pre-disaster image) to detect buildings. This is based on the idea that post-disaster images reduce the model's performance because of presence of destroyed buildings. In this paper, we propose a siamese model, called SiamixFormer, which uses pre- and post-disaster images as input. Our model has two encoders and has a hierarchical transformer architecture. The output of each stage in both encoders is given to a temporal transformer for feature fusion in a way that query is generated from pre-disaster images and (key, value) is generated from post-disaster images. To this end, temporal features are also considered in feature fusion. Another advantage of using temporal transformers in feature fusion is that they can better maintain large receptive fields generated by transformer encoders compared with CNNs. Finally, the output of the temporal transformer is given to a simple MLP decoder at each stage. The SiamixFormer model is evaluated on xBD, and WHU datasets, for building detection and on LEVIR-CD and CDD datasets for change detection and could outperform the state-of-the-art

Design of Intelligent PID Controller for AVR System Using an Adaptive Neuro Fuzzy Inference System

This paper presents a hybrid approach involving signal to noise ratio (SNR) and particle swarm optimization (PSO) for design the optimal and intelligent proportional-integral-derivative (PID) controller of an automatic voltage regulator (AVR) system with uses an adaptive neuro fuzzy inference system (ANFIS). In this paper determined optimal parameters of PID controller with SNR-PSO approach for some events and use these optimal parameters of PID controller for design the intelligent PID controller for AVR system with ANFIS.  Trial and error method can be used to find a suitable design of anfis based an intelligent controller. However, there are many options including fuzzy rules, Membership Functions (MFs) and scaling factors to achieve a desired performance. An optimization algorithm facilitates this process and finds an optimal design to provide a desired performance. This paper presents a novel application of the SNRPSO approach to design an intelligent controller for AVR. SNR-PSO is a method that combines the features of PSO and SNR in order to improve the optimize operation. In order to emphasize the advantages of the proposed SNR-PSO PID controller, we also compared with the CRPSO PID controller. The proposed method was indeed more efficient and robust in improving the step response of an AVR system and numerical simulations are provided to verify the effectiveness and feasibility of PID controller of AVR based on SNRPSO algorithm.DOI:http://dx.doi.org/10.11591/ijece.v4i5.652

Effect of injection strategies on a single-fuel RCCI combustion fueled with isobutanol/isobutanol + DTBP blends

© 2020 Elsevier Ltd. All rights reserved. This manuscript is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Licence (http://creativecommons.org/licenses/by-nc-nd/4.0/).In recent years, improved combustion controllability through in-cylinder reactivity stratification by using two different fuels have led to introduction of dual-fuel reactivity controlled compression ignition (RCCI) strategy. In conventional RCCI, gasoline or natural gas can be used as the low-reactivity fuel, and diesel or biodiesel can be used as the high-reactivity fuel. This strategy has the potential to operate with a single low-reactivity fuel and direct injection (DI) of the same fuel blended with a small amount of cetane improver. In the present study, numerical simulations have been carried out to study injection strategy in a single-fuel RCCI engine fueled with isobutanol – isobutanol + 20% di-tert-butyl peroxide (DTBP). Firstly, the effects of start of injection (SOI) timing, injection pressure (pinj), spray cone angle (SCA), and DI fuel ratio were explored. Then, the effect of DI fuel ratio was discussed in each best case in order to decrease the high DI requirement. The results indicate that SOI = −88° ATDC, pinj = 1400 bar, and SCA = 45° can improve the single-fuel RCCI engine performance and emissions compared to the baseline case (SOI = −58° ATDC, pinj = 600 bar, SCA = 72.5°). Moreover, it is shown that by advancing the SOI timing to −88° ATDC, a 20% reduction in DI ratio, 3.3% increase in gross indicated efficiency (GIE) together with reductions in CO, and NOx emissions by 3.56 g/kW-h and 0.254 g/kW-h, could be achieved, respectively.Peer reviewedFinal Accepted Versio

Electric Vehicle Supply Equipment Location and Capacity Allocation for Fixed-Route Networks

Electric vehicle (EV) supply equipment location and allocation (EVSELCA) problems for freight vehicles are becoming more important because of the trending electrification shift. Some previous works address EV charger location and vehicle routing problems simultaneously by generating vehicle routes from scratch. Although such routes can be efficient, introducing new routes may violate practical constraints, such as drive schedules, and satisfying electrification requirements can require dramatically altering existing routes. To address the challenges in the prevailing adoption scheme, we approach the problem from a fixed-route perspective. We develop a mixed-integer linear program, a clustering approach, and a metaheuristic solution method using a genetic algorithm (GA) to solve the EVSELCA problem. The clustering approach simplifies the problem by grouping customers into clusters, while the GA generates solutions that are shown to be nearly optimal for small problem cases. A case study examines how charger costs, energy costs, the value of time (VOT), and battery capacity impact the cost of the EVSELCA. Charger costs were found to be the most significant component in the objective function, with an 80\% decrease resulting in a 25\% cost reduction. VOT costs decrease substantially as energy costs increase. The number of fast chargers increases as VOT doubles. Longer EV ranges decrease total costs up to a certain point, beyond which the decrease in total costs is negligible

Correct Audit Logging: Theory and Practice

Retrospective security has become increasingly important to the theory and practice of cyber security, with auditing a crucial component of it. However, in systems where auditing is used, programs are typically instrumented to generate audit logs using manual, ad-hoc strategies. This is a potential source of error even if log analysis techniques are formal, since the relation of the log itself to program execution is unclear. This paper focuses on provably correct program rewriting algorithms for instrumenting formal logging specifications. Correctness guarantees that the execution of an instrumented program produces sound and complete audit logs, properties defined by an information containment relation between logs and the program’s logging semantics. We also propose a program rewriting approach to instrumentation for audit log generation, in a manner that guarantees correct log generation even for untrusted programs. As a case study, we develop such a tool for OpenMRS, a popular medical records management system, and consider instrumentation of break the glass policies.Engineering and Applied Science

Application of underbalanced tubing conveyed perforation in horizontal wells: A case study of perforation optimization in a giant oil field in Southwest Iran

Underbalanced perforation can substantially reduce formation damage and improve the efficiency of production operation. The field in question is a giant oil field in Southwest Iran, with over 350,000 bbl/day production rates. Reservoir X is the main reservoir of the field and includes 139 horizontal wells out of the total of 185 production wells drilled in the field. Despite its technical difficulties, under-balance perforation has been proven to result in high productivity ratios and has been shown to reduce workover costs if appropriately conducted. Therefore, this study investigated a customized underbalanced tubing conveyed perforation to enhance oil production. First, post-drilling formation damage was estimated using Perforating Completion Solution Kits. Next, high-density guns (types 73 and 127) with high melting explosives were selected based on the reservoir and well specifications. angles of 60◦ and 90◦ , shot densities of 16 and 20 shots per meter, perforation diameters of By conducting a sensitivity analysis using schlumberger perforating analyzer program, shot 8 and 10 mm, and helix hole distribution were selected as optimized perforation parameters and resulted in productivity ratios up to 1.18. The current study provides a case study of applying a combination of two previously proven technologies, tubing convoyed and underbalanced perforation, in Iran’s giant oilfield. The method used and the outcome could be used to analyze the efficiency of applying the technology in other green or mature fields.Cited as: Mohammadian, E., Dastgerdi, M. E., Manshad, A. K., Mohammadi, A. H., Liu, B., Iglauer, S., Keshavarz, A. Application of underbalanced tubing conveyed perforation in horizontal wells: A case study of perforation optimization in a giant oil field in Southwest Iran. Advances in Geo-Energy Research, 2022, 6(4): 296-305. https://doi.org/10.46690/ager.2022.04.0

Analyzing the Impacts of a Successful Diffusion of Shared E-Scooters and Other Micromobility Devices and Efficient Management Strategies for Successful Operations in Illinois

Active transportation can play an important role in promoting more physically active and positive public health outcomes. While walking and biking provide significant physical health benefits, their modal share remains low. As a new form of micromobility service, shared e-scooters can enhance the suite of options available in cities to promote active transportation and fill in the gaps when walking or biking are not preferred. Although e-scooters show potential as a mode of transportation, it is unclear whether people will adopt the technology for everyday use. Furthermore, shared micromobility (e.g., electric scooters) is gaining attention as a complementary mode to public transit and is expected to offer a solution to access/egress for public transit. However, few studies have analyzed integrated usage of shared e-scooters and public transit systems while using panel data to measure spatial and temporal characteristics. This study aims to examine the adoption and frequency of shared e-scooter usage and provide policy implementation. To do so, the researchers launched a survey in the Chicago region in late 2020 and collected a rich data set that includes residents’ sociodemographic details and frequency of shared e-scooter use. To characterize the frequency, the researchers used an ordered probit structure. The findings show that respondents who are male, low income, Millennials and Generation Z, or do not have a vehicle are associated with a higher frequency of shared e-scooter use. Furthermore, this study utilizes shared e-scooter trips for a 35-day measurement period from 10 shared e-scooter operators in Chicago, where the researchers used a random-parameter negative binomial modeling approach to analyze panel effects. The findings highlight the critical role of spatial and temporal characteristics in the integration of shared e-scooters with transit.IDOT-R27-215Ope

Explicit Auditing

The Calculus of Audited Units (CAU) is a typed lambda calculus resulting from a computational interpretation of Artemov's Justification Logic under the Curry-Howard isomorphism; it extends the simply typed lambda calculus by providing audited types, inhabited by expressions carrying a trail of their past computation history. Unlike most other auditing techniques, CAU allows the inspection of trails at runtime as a first-class operation, with applications in security, debugging, and transparency of scientific computation. An efficient implementation of CAU is challenging: not only do the sizes of trails grow rapidly, but they also need to be normalized after every beta reduction. In this paper, we study how to reduce terms more efficiently in an untyped variant of CAU by means of explicit substitutions and explicit auditing operations, finally deriving a call-by-value abstract machine