156 research outputs found
A Formal Approach to Combining Prospective and Retrospective Security
The major goal of this dissertation is to enhance software security by provably correct enforcement of in-depth policies. In-depth security policies allude to heterogeneous specification of security strategies that are required to be followed before and after sensitive operations. Prospective security is the enforcement of security, or detection of security violations before the execution of sensitive operations, e.g., in authorization, authentication and information flow. Retrospective security refers to security checks after the execution of sensitive operations, which is accomplished through accountability and deterrence. Retrospective security frameworks are built upon auditing in order to provide sufficient evidence to hold users accountable for their actions and potentially support other remediation actions. Correctness and efficiency of audit logs play significant roles in reaching the accountability goals that are required by retrospective, and consequently, in-depth security policies. This dissertation addresses correct audit logging in a formal framework.
Leveraging retrospective controls beside the existing prospective measures enhances security in numerous applications. This dissertation focuses on two major application spaces for in-depth enforcement. The first is to enhance prospective security through surveillance and accountability. For example, authorization mechanisms could be improved by guaranteed retrospective checks in environments where there is a high cost of access denial, e.g., healthcare systems. The second application space is the amelioration of potentially flawed prospective measures through retrospective checks. For instance, erroneous implementations of input sanitization methods expose vulnerabilities in taint analysis tools that enforce direct flow of data integrity policies. In this regard, we propose an in-depth enforcement framework to mitigate such problems. We also propose a general semantic notion of explicit flow of information integrity in a high-level language with sanitization.
This dissertation studies the ways by which prospective and retrospective security could be enforced uniformly in a provably correct manner to handle security challenges in legacy systems. Provable correctness of our results relies on the formal Programming Languages-based approach that we have taken in order to provide software security assurance. Moreover, this dissertation includes the implementation of such in-depth enforcement mechanisms for a medical records web application
SiamixFormer: a fully-transformer Siamese network with temporal Fusion for accurate building detection and change detection in bi-temporal remote sensing images
Building detection and change detection using remote sensing images can help
urban and rescue planning. Moreover, they can be used for building damage
assessment after natural disasters. Currently, most of the existing models for
building detection use only one image (pre-disaster image) to detect buildings.
This is based on the idea that post-disaster images reduce the model's
performance because of presence of destroyed buildings. In this paper, we
propose a siamese model, called SiamixFormer, which uses pre- and post-disaster
images as input. Our model has two encoders and has a hierarchical transformer
architecture. The output of each stage in both encoders is given to a temporal
transformer for feature fusion in a way that query is generated from
pre-disaster images and (key, value) is generated from post-disaster images. To
this end, temporal features are also considered in feature fusion. Another
advantage of using temporal transformers in feature fusion is that they can
better maintain large receptive fields generated by transformer encoders
compared with CNNs. Finally, the output of the temporal transformer is given to
a simple MLP decoder at each stage. The SiamixFormer model is evaluated on xBD,
and WHU datasets, for building detection and on LEVIR-CD and CDD datasets for
change detection and could outperform the state-of-the-art
Design of Intelligent PID Controller for AVR System Using an Adaptive Neuro Fuzzy Inference System
This paper presents a hybrid approach involving signal to noise ratio (SNR) and particle swarm optimization (PSO) for design the optimal and intelligent proportional-integral-derivative (PID) controller of an automatic voltage regulator (AVR) system with uses an adaptive neuro fuzzy inference system (ANFIS). In this paper determined optimal parameters of PID controller with SNR-PSO approach for some events and use these optimal parameters of PID controller for design the intelligent PID controller for AVR system with ANFIS. Trial and error method can be used to find a suitable design of anfis based an intelligent controller. However, there are many options including fuzzy rules, Membership Functions (MFs) and scaling factors to achieve a desired performance. An optimization algorithm facilitates this process and finds an optimal design to provide a desired performance. This paper presents a novel application of the SNRPSO approach to design an intelligent controller for AVR. SNR-PSO is a method that combines the features of PSO and SNR in order to improve the optimize operation. In order to emphasize the advantages of the proposed SNR-PSO PID controller, we also compared with the CRPSO PID controller. The proposed method was indeed more efficient and robust in improving the step response of an AVR system and numerical simulations are provided to verify the effectiveness and feasibility of PID controller of AVR based on SNRPSO algorithm.DOI:http://dx.doi.org/10.11591/ijece.v4i5.652
Effect of injection strategies on a single-fuel RCCI combustion fueled with isobutanol/isobutanol + DTBP blends
© 2020 Elsevier Ltd. All rights reserved. This manuscript is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Licence (http://creativecommons.org/licenses/by-nc-nd/4.0/).In recent years, improved combustion controllability through in-cylinder reactivity stratification by using two different fuels have led to introduction of dual-fuel reactivity controlled compression ignition (RCCI) strategy. In conventional RCCI, gasoline or natural gas can be used as the low-reactivity fuel, and diesel or biodiesel can be used as the high-reactivity fuel. This strategy has the potential to operate with a single low-reactivity fuel and direct injection (DI) of the same fuel blended with a small amount of cetane improver. In the present study, numerical simulations have been carried out to study injection strategy in a single-fuel RCCI engine fueled with isobutanol – isobutanol + 20% di-tert-butyl peroxide (DTBP). Firstly, the effects of start of injection (SOI) timing, injection pressure (pinj), spray cone angle (SCA), and DI fuel ratio were explored. Then, the effect of DI fuel ratio was discussed in each best case in order to decrease the high DI requirement. The results indicate that SOI = −88° ATDC, pinj = 1400 bar, and SCA = 45° can improve the single-fuel RCCI engine performance and emissions compared to the baseline case (SOI = −58° ATDC, pinj = 600 bar, SCA = 72.5°). Moreover, it is shown that by advancing the SOI timing to −88° ATDC, a 20% reduction in DI ratio, 3.3% increase in gross indicated efficiency (GIE) together with reductions in CO, and NOx emissions by 3.56 g/kW-h and 0.254 g/kW-h, could be achieved, respectively.Peer reviewedFinal Accepted Versio
Electric Vehicle Supply Equipment Location and Capacity Allocation for Fixed-Route Networks
Electric vehicle (EV) supply equipment location and allocation (EVSELCA)
problems for freight vehicles are becoming more important because of the
trending electrification shift. Some previous works address EV charger location
and vehicle routing problems simultaneously by generating vehicle routes from
scratch. Although such routes can be efficient, introducing new routes may
violate practical constraints, such as drive schedules, and satisfying
electrification requirements can require dramatically altering existing routes.
To address the challenges in the prevailing adoption scheme, we approach the
problem from a fixed-route perspective. We develop a mixed-integer linear
program, a clustering approach, and a metaheuristic solution method using a
genetic algorithm (GA) to solve the EVSELCA problem. The clustering approach
simplifies the problem by grouping customers into clusters, while the GA
generates solutions that are shown to be nearly optimal for small problem
cases. A case study examines how charger costs, energy costs, the value of time
(VOT), and battery capacity impact the cost of the EVSELCA. Charger costs were
found to be the most significant component in the objective function, with an
80\% decrease resulting in a 25\% cost reduction. VOT costs decrease
substantially as energy costs increase. The number of fast chargers increases
as VOT doubles. Longer EV ranges decrease total costs up to a certain point,
beyond which the decrease in total costs is negligible
Recommended from our members
Correct Audit Logging: Theory and Practice
Retrospective security has become increasingly important to the theory and practice of cyber security, with auditing a crucial component of it. However, in systems where auditing is used, programs are typically instrumented to generate audit logs using manual, ad-hoc strategies. This is a potential source of error even if log analysis techniques are formal, since the relation of the log itself to program execution is unclear. This paper focuses on provably correct program rewriting algorithms for instrumenting formal logging specifications. Correctness guarantees that the execution of an instrumented program produces sound and complete audit logs, properties defined by an information containment relation between logs and the program’s logging semantics. We also propose a program rewriting approach to instrumentation for audit log generation, in a manner that guarantees correct log generation even for untrusted programs. As a case study, we develop such a tool for OpenMRS, a popular medical records management system, and consider instrumentation of break the glass policies.Engineering and Applied Science
Application of underbalanced tubing conveyed perforation in horizontal wells: A case study of perforation optimization in a giant oil field in Southwest Iran
Underbalanced perforation can substantially reduce formation damage and improve the efficiency of production operation. The field in question is a giant oil field in Southwest Iran, with over 350,000 bbl/day production rates. Reservoir X is the main reservoir of the field and includes 139 horizontal wells out of the total of 185 production wells drilled in the field. Despite its technical difficulties, under-balance perforation has been proven to result in high productivity ratios and has been shown to reduce workover costs if appropriately conducted. Therefore, this study investigated a customized underbalanced tubing conveyed perforation to enhance oil production. First, post-drilling formation damage was estimated using Perforating Completion Solution Kits. Next, high-density guns (types 73 and 127) with high melting explosives were selected based on the reservoir and well specifications. angles of 60◦ and 90◦ , shot densities of 16 and 20 shots per meter, perforation diameters of By conducting a sensitivity analysis using schlumberger perforating analyzer program, shot 8 and 10 mm, and helix hole distribution were selected as optimized perforation parameters and resulted in productivity ratios up to 1.18. The current study provides a case study of applying a combination of two previously proven technologies, tubing convoyed and underbalanced perforation, in Iran’s giant oilfield. The method used and the outcome could be used to analyze the efficiency of applying the technology in other green or mature fields.Cited as: Mohammadian, E., Dastgerdi, M. E., Manshad, A. K., Mohammadi, A. H., Liu, B., Iglauer, S., Keshavarz, A. Application of underbalanced tubing conveyed perforation in horizontal wells: A case study of perforation optimization in a giant oil field in Southwest Iran. Advances in Geo-Energy Research, 2022, 6(4): 296-305. https://doi.org/10.46690/ager.2022.04.0
Analyzing the Impacts of a Successful Diffusion of Shared E-Scooters and Other Micromobility Devices and Efficient Management Strategies for Successful Operations in Illinois
Active transportation can play an important role in promoting more physically active and positive public health outcomes. While walking and biking provide significant physical health benefits, their modal share remains low. As a new form of micromobility service, shared e-scooters can enhance the suite of options available in cities to promote active transportation and fill in the gaps when walking or biking are not preferred. Although e-scooters show potential as a mode of transportation, it is unclear whether people will adopt the technology for everyday use. Furthermore, shared micromobility (e.g., electric scooters) is gaining attention as a complementary mode to public transit and is expected to offer a solution to access/egress for public transit. However, few studies have analyzed integrated usage of shared e-scooters and public transit systems while using panel data to measure spatial and temporal characteristics. This study aims to examine the adoption and frequency of shared e-scooter usage and provide policy implementation. To do so, the researchers launched a survey in the Chicago region in late 2020 and collected a rich data set that includes residents’ sociodemographic details and frequency of shared e-scooter use. To characterize the frequency, the researchers used an ordered probit structure. The findings show that respondents who are male, low income, Millennials and Generation Z, or do not have a vehicle are associated with a higher frequency of shared e-scooter use. Furthermore, this study utilizes shared e-scooter trips for a 35-day measurement period from 10 shared e-scooter operators in Chicago, where the researchers used a random-parameter negative binomial modeling approach to analyze panel effects. The findings highlight the critical role of spatial and temporal characteristics in the integration of shared e-scooters with transit.IDOT-R27-215Ope
Explicit Auditing
The Calculus of Audited Units (CAU) is a typed lambda calculus resulting from
a computational interpretation of Artemov's Justification Logic under the
Curry-Howard isomorphism; it extends the simply typed lambda calculus by
providing audited types, inhabited by expressions carrying a trail of their
past computation history. Unlike most other auditing techniques, CAU allows the
inspection of trails at runtime as a first-class operation, with applications
in security, debugging, and transparency of scientific computation.
An efficient implementation of CAU is challenging: not only do the sizes of
trails grow rapidly, but they also need to be normalized after every beta
reduction. In this paper, we study how to reduce terms more efficiently in an
untyped variant of CAU by means of explicit substitutions and explicit auditing
operations, finally deriving a call-by-value abstract machine
- …