A structured approach to evaluating the impact of implementing a component-based system in the automotive engine manufacturing domain

Component-based (CB) technology applied to the control system of production machinery is one of the new research developments in the automotive manufacturing sector. Although it is important to evaluate the technical aspects of this new paradigm, an appreciation of the impact from the business and human aspects is equally important to the stakeholders in the industry. Current evaluation approaches do not offer a method to capture and analyse the impact of CB technology that is simple to use and produces results that are readily understood by all the interested parties. The definition of an approach for evaluating the business and human aspects of implementing a CB system in the automotive sector is discussed. An evaluation strategy has been formulated comprising (1) knowledge elicitation, (2) investigation of future implementation scenarios, (3) data representation and analysis using enterprise modelling approaches, and (4) simulation and model analysis using proprietary software toolkits.     

State-of-the-art and recent developments in micro/nanoscale pressure sensors for smart wearable devices and health monitoring systems

Small-sized, low-cost, and high-sensitivity sensors are required for pressure-sensing applications because of their critical role in consumer electronics, automotive applications, and industrial environments. Thus, micro/nanoscale pressure sensors based on micro/nanofabrication and micro/nanoelectromechanical system technologies have emerged as a promising class of pressure sensors on account of their remarkable miniaturization and performance. These sensors have recently been developed to feature multifunctionality and applicability to novel scenarios, such as smart wearable devices and health monitoring systems. In this review, we summarize the major sensing principles used in micro/nanoscale pressure sensors and discuss recent progress in the development of four major categories of these sensors, namely, novel material-based, flexible, implantable, and selfpowered pressure sensors.     

Security Analysis of Smart Speaker: Security Attacks and Mitigation

The speech recognition technology has been increasingly common in our lives. Recently, a number of commercial smart speakers containing the personal assistant system using speech recognition came out. While the smart speaker vendors have been concerned about the intelligence and the convenience of their assistants, but there have been little mentions of the smart speakers in security aspects. As the smart speakers are becoming the hub for home automation, its security vulnerabilities can cause critical problems. In this paper, we categorize attack vectors and classify them into hardware-based, network-based, and software-based. With the attack vectors, we describe the detail attack scenarios and show the result of tests on several commercial smart speakers. In addition, we suggest guidelines to mitigate various attacks against smart speaker ecosystem.     

Network Log-Based SSH Brute-Force Attack Detection Model

The rapid advancement of IT technology has enabled the quick discovery, sharing and collection of quality information, but has also increased cyberattacks at a fast pace at the same time. There exists no means to block these cyberattacks completely, and all security policies need to consider the possibility of external attacks. Therefore, it is crucial to reduce external attacks through preventative measures. In general, since routers located in the upper part of a firewall can hardly be protected by security systems, they are exposed to numerous unblocked cyberattacks. Routers block unnecessary services and accept necessary ones while taking appropriate measures to reduce vulnerability, block unauthorized access, and generate relevant logs. Most logs created through unauthorized access are caused by SSH brute-force attacks, and therefore IP data of the attack can be collected through the logs. This paper proposes a model to detect SSH brute-force attacks through their logs, collect their IP address, and control access from that IP address. In this paper, we present a model that extracts and fragments the specific data required from the packets of collected routers in order to detect indiscriminate SSH input attacks. To do so, the model multiplies a user’s access records in each packet by weights and adds them to the blacklist according to a final calculated result value. In addition, the model can specify the internal IP of an attack attempt and defend against the first 29 destination IP addresses attempting the attack.     

Risk assessment of LPG automotive refuelling facilities

Quantified risk analysis (QRA) was used for the revision of regulatory separation distances associated with medium size liquefied petroleum gas (LPG) refuelling facilities used in automotive service (gas) stations. Typically these facilities consist of a 7.5 kl pressure vessel, pump, pipework, dispensing equipment and safety equipment. Multi-tank installations are relatively uncommon.This paper describes the hazard scenarios considered, the risk analysis procedure and the selection and application of data for initiating events and for rates of failure of mechanical components and of the pressure vessel. Human errors and intervention possibilities were also considered. Because of the inapplicability of established consequence models and the relatively small scale of the facilities, a number of tests were performed to estimate flame length, flame impingement effects, ignition probabilities and the effectiveness of screening devices.     

MSICST: Multiple-Scenario Industrial Control System Testbed for Security Research

A security testbed is an important aspect of Industrial Control System (ICS) security research. However, existing testbeds still have many problems in that they cannot fully simulate enterprise networks and ICS attacks. This paper presents a Multiple-Scenario Industrial Control System Testbed (MSICST), a hardware-in-the-loop ICS testbed for security research. The testbed contains four typical process scenarios: thermal power plant, rail transit, smart grid, and intelligent manufacturing. We use a combination of actual physical equipment and software simulations to build the process scenario sand table and use real hardware and software to build the control systems, demilitarized zone, and enterprise zone networks. According to the ICS cyber kill chain, the attacker is modeled, and two typical attack scenarios are constructed in the testbed. Through research into this security solution, whitelist-based host protection and a new Intrusion Detection System (IDS) are proposed and tested.     

Identification of safety and security critical systems and activities

There are many initiatives taken to identify safety and security critical systems and activities, at different levels and in different contexts, ranging from infrastructures at the societal level to equipment on the production plant level. Different approaches are implemented to define the critical systems and activities. Some of these relate to vulnerabilities, others incorporate the probability dimension and are risk based. We also see approaches taking into account values of the decision-maker and relevant stakeholders. In this paper, we discuss the rationale for these approaches. Is vulnerability an adequate measure to be used as a basis for determining criticality? Is it meaningful to specify safety and security critical systems and activities without addressing risk? How should we take into account the limitations of the risk assessments? Should we extend the concept of criticality to also cover utility aspects? We bring new insights into the discussion by being precise on the key risk concepts—including uncertainty, probability and expected value—and considering alternative risk perspectives. A novel approach is suggested based on expected values and uncertainties in underlying phenomena and processes. Our main concern is activities with potential severe consequences and large uncertainties.     

An Asset-Based Approach to Mitigate Zero-Day Ransomware Attacks

This article presents an asset-based security system where security practitioners build their systems based on information they own and not solicited by observing attackers’ behavior. Current security solutions rely on information coming from attackers. Examples are current monitoring and detection security solutions such as intrusion prevention/detection systems and firewalls. This article envisions creating an imbalance between attackers and defenders in favor of defenders. As such, we are proposing to flip the security game such that it will be led by defenders and not attackers. We are proposing a security system that does not observe the behavior of the attack. On the contrary, we draw, plan, and follow up our own protection strategy regardless of the attack behavior. The objective of our security system is to protect assets rather than protect against attacks. Virtual machine introspection is used to intercept, inspect, and analyze system calls. The system call-based approach is utilized to detect zero-day ransomware attacks. The core idea is to take advantage of Xen and DRAKVUF for system call interception, and leverage system calls to detect illegal operations towards identified critical assets. We utilize our vision by proposing an asset-based approach to mitigate zero-day ransomware attacks. The obtained results are promising and indicate that our prototype will achieve its goals.     

当前网络安全形势与应急响应

随着互联网应用的迅速发展,各种网络安全威胁不断出现。本文介绍了网络安全所呈现的特点以及目前所面临的形势。攻击方法的更新、攻击技术的提升以及攻击范围的扩大给应急工作带来了考验。应急工作的管理现状存在一定的问题,在核心技术、安全保障方面都比较落后。借鉴传统领域的应急体系,改善当前应急技术措施成为网络安全工作的重要部分。针对新时期的网络安全应急工作环境,提出了调动体系力量,多方联动的消除方法,从体制和机制等方面来进行保证,以防止网络威胁产生的巨大影响。     

Assessment of information impacts in power system security against malicious attacks in a general framework

In the analysis of power systems security, recently a new concern related to possible malicious attacks caught much attention. Coordination among different transmission system operators (TSO) in an interconnected power system to counteract such attacks has become an important problem. This paper presents a general framework for describing the physical, cyber and decision-making aspects of the problem and their interrelations; within this framework, an analytic tool for the assessment of information impacts in handling on-line security after a malicious attack is proposed and discussed. The model is based on the socially rational multi-agent systems and the equilibrium of a fictitious play is considered to analyze the impacts of various levels of information available to the interconnected system operators on the outcomes of the decision-making process under attack. A 34-buses test system, with 3 systems interconnected by tie-lines, is presented to illustrate the model and compare the impacts of different information scenarios.     

DISTINÏCT: Data poISoning atTacks dectectIon usiNg optÏmized jaCcarddisTance

Machine Learning (ML) systems often involve a re-training process to make better predictions and classifications. This re-training process creates a loophole and poses a security threat for ML systems. Adversaries leverage this loophole and design data poisoning attacks against ML systems. Data poisoning attacks are a type of attack in which an adversary manipulates the training dataset to degrade the ML system’s performance. Data poisoning attacks are challenging to detect, and even more difficult to respond to, particularly in the Internet of Things (IoT) environment. To address this problem, we proposed DISTINÏCT, the first proactive data poisoning attack detection framework using distance measures. We found that Jaccard Distance (JD) can be used in the DISTINÏCT (among other distance measures) and we finally improved the JD to attain an Optimized JD (OJD) with lower time and space complexity. Our security analysis shows that the DISTINÏCT is secure against data poisoning attacks by considering key features of adversarial attacks. We conclude that the proposed OJD-based DISTINÏCT is effective and efficient against data poisoning attacks where in-time detection is critical for IoT applications with large volumes of streaming data.     

基于模型的汽车电控单元仿真测试技术研究

首先介绍了三种在环仿真测试技术:模型在环仿真,软件在环仿真和硬件在环仿真的基本原理,以及它们在车用电控单元研制过程中不同阶段的应用。在此基础上,作者研制了汽车电动驻车制动控制器软件在环仿真测试系统及汽车组合仪表电控单元通讯软件自动测试硬件在环仿真测试系统。前者实现了对电动驻车制动系统的全参数动态模拟,为电动驻车制动系统控制软件的开发测试提供了仿真测试环境;后者实现了对组合仪表电控单元通讯软件的自动测试。     

Creep Resistant Magnesium Alloys for Powertrain Applications

Creep resistant magnesium alloys are candidate materials for automotive powertrain applications. Since the 90's, a number of new creep‐resistant magnesium alloy systems have been investigated and developed. These are for the most part based on rare‐earth, alkaline earth, and silicon additions. This paper gives an overview of creep resistance in magnesium and a review of creep resistant magnesium alloys for power‐train applications.     

Automotive reliability inference based on past data and technical knowledge

The constantly increasing market requirements of high quality vehicles ask for the automotive manufacturers to carry out—before starting mass production—reliability demonstration tests on new products. However, due to cost and time limitation, a small number of copies of the new product are available for testing, so that, when the classical approach is used, a very low level of confidence in reliability estimation results in. In this paper, a Bayes procedure is proposed for making inference on the reliability of a new upgraded version of a mechanical component, by using both failure data relative to a previous version of the component and prior information on the effectiveness of design modifications introduced in the new version. The proposed procedure is then applied to a case study and its feasibility in supporting reliability estimation is illustrated.     

Evaluating Intrusion‐Tolerant Certification Authority Systems

Various intrusion‐tolerant certification authority (CA) systems have been proposed to provide attack resilient certificate signing (or update) services. However, it is difficult to compare them against each other directly, due to the diversity in system organizations, threshold signature schemes, protocols and usage scenarios. We present a framework for intrusion‐tolerant CA system evaluation, which consists of three components, namely, an intrusion‐tolerant CA model, a threat model and a metric for comparative evaluation. The evaluation framework covers system organizations, protocols, usage scenarios, the period of certificate validity, the revocation rate and the mean time to recovery. Based on the framework, four representative systems are evaluated and compared in three typical usage scenarios, producing reasonable and insightful results. The interdependence between usage scenarios and system characteristics is investigated, providing a guideline to design better systems for different usage scenarios. The proposed framework provides an effective and practicable method to evaluate intrusion‐tolerant CA systems quantitatively, and helps customers to choose and configure an intrusion‐tolerant CA system. Moreover, the comparison results offer valuable insights to further improve the attack resilience of intrusion‐tolerant CA systems. Copyright © 2011 John Wiley & Sons, Ltd.     

Managing the virtual team and controlling effectiveness

The design, manufacture and delivery of a product require even-higher levels of expertise and resource. Companies are finding that better internal and external communications can help leverage these resources to better effect; hence, there are initiatives such as simultaneous engineering, knowledge management and team working. These are being supported by ever-increasing expenditure on Information Technology (IT) infrastructures, such as Intranets, Extranets and Enterprise Resource Management systems such as SAP-R3. Virtual Teamworking has been suggested as a new solution, and is the use of IT to support multidisciplinary teamwork between experts separated by distance and time. This paper describes current collaborative practices in the automotive supply chain, and identifies some crucial issues that need to be addressed for successful implementation of virtual teams. Based on these issues identified from a literature survey and from practical trials and observations, an outline methodology for implementing effective virtual teams and managing them successfully is described. Behind the scenes of public declarations of success in adoption lies a struggle to realize significant benefits. Virtual teaming, to implement concurrent engineering, is not specifically addressed in the published literature. This paper focuses on this and uses data and observations from real teams doing real concurrent engineering work in the automotive industry.     

Estimation of the importance measures of multi-state elements by Monte Carlo simulation

A generalization of some frequently used importance measures has been proposed by some of the authors for application to multi-state systems constituted by multi-state elements. This paper deals with the Monte Carlo (MC) estimation of these measures, which entails evaluating the system output performance under restrictions on the performance levels of its multi-state elements. Simulation procedures are proposed according to two different performance-restriction approaches. Further, the flexibility of the MC method is exploited to account for load-sharing and operational dependencies among parallel elements. The approach is tested on a multi-state transmission system of literature.     

A surrogate-based multiobjective metaheuristic and network degradation simulation model for robust toll pricing

Robust transportation network design problems generally rely on systems engineering methods that share common research gaps. First, problem sizes are constrained due to the use of multi-objective solution algorithms that are notoriously inefficient due to computationally expensive function evaluations. Second, link disruptions at a network level are difficult to model realistically. In this paper, a stochastic search metaheuristic based on radial basis functions is proposed for constrained multiobjective problems. It is proven to converge, and compared with conventional metaheuristics for four representative test problems. A scenario simulation method based on multivariate Bernoulli random variables that accounts for correlations between link failures is proposed to sample scenarios for a mean-variance toll pricing problem. Four tests are conducted on the classical Sioux Falls network to gain some insights into the algorithm, the simulation model, and to the robust toll pricing problem. The first test empirically measures the efficiency of the simulation algorithm and approximate Pareto set by obtaining a standard error in the ε-indicator measure for a given number of scenarios and iterations. The second test compares the dominance of the proposed heuristic’s solutions with a conventional multiobjective genetic algorithm by comparing the average ε-indicator. The third test quantifies the gap due to falsely assuming that link failures are independent of each other when they are not. The last test quantifies the value of having the flexibility to adapt a Pareto set of toll pricing solutions to changing probability regimes such as peak and off-peak hurricane or snow seasons.     

Response corridors for the medial–lateral compressive stiffness of the human arm: Implications for side impact protection

The biofidelity of side impact anthropomorphic test devices (ATDs) is crucial in order to accurately predict injury risk of human occupants. Although the arm serves as a load path to the thorax, there are currently no biofidelity response requirements for the arm. The purpose of this study was to characterize the compressive stiffness of male and female arms in medial–lateral loading and develop corresponding stiffness response corridors. This was accomplished by performing a series of pendulum tests on 18 isolated post-mortem human surrogate (PMHS) arms, obtained from four male and five female surrogates, at impact velocities of 2 m/s and 4 m/s. Matched tests were performed on the arm of the SID-IIs ATD for comparison. The arms were oriented vertically with the medial side placed against a rigid wall to simulate loading during a side impact automotive collision. The force versus deflection response data were normalized to that of a 50th percentile male and a 5th percentile female using a new normalizing technique based on initial arm width, and response corridors were developed for each impact velocity. A correlation analysis showed that all non-normalized dependent variables (initial stiffness, secondary stiffness, peak force, and peak deflection) were highly correlated with the initial arm width and initial arm circumference. For both impact velocities the PMHS arms exhibited a considerable amount of deflection under very low force before any substantial increase in force occurred. The compression at which the force began to increase considerably was consistent with the average tolerable medial–lateral arm compression experienced by volunteers. The initial stiffness (K1), secondary stiffness (K2), peak force, and peak deflection were found to significantly increase (p < 0.05) with respect to impact velocity for both the non-normalized and normalized PMHS data. Although the response of the SID-IIs arm was similar to that of the female PMHS arms for both impact velocities, the SID-IIs arm did not exhibit a considerable toe region and therefore did not fall within the response corridors for the 5th percentile female. Overall, the results of the current study could lead to improved biofidelity of side impact ATDs by providing valuable data necessary to validate the compressive response of the ATD arm independent of the global ATD thoracic response.