Establish a secure and trustworthy ICT environment for educational systems: a case study

Nowadays information and communication security has recently emerged as one of the most important tasks in the field of network management, operations and maintenance. The information security issue is of particular importance to the Taiwan Academic Network, a network which connects the networks of educational and research institutions in Taiwan. ICT environment in educational systems involves vast connected units and is featuring complexity, diversity and openness. In this paper, we investigate current situation of Taiwan Ministry of Education ICT security development and provide a case study. We also discussed challenges and solutions for improving ICT security environment in educational system.     

Vibrometry of industrial workers: A case study

Vibrometry was performed on 165 factory workers and supervisors in 18 different job classifications. A low vibrometry score indicates insensitivity to vibrations and thus potential compression neuropathy. Males had significantly higher scores than females. Subjective estimates of the job's repetitiveness, force requirement and wrist angle movement did not correlate significantly with the vibrometry score but pace did (self-paced jobs had higher scores). Questions relating to pain in the hands and numbness in the hands were significant predictors of the score. The conventional vibrometry score is the total from seven frequencies. Analysis shows only the top frequencies (125, 250, 500 Hz) are needed and possibly just 250 and 500 Hz.     

Security band-aids: more cost-effective than "secure" coding

Patching systems against the latest virus is a full-time job, and most corporations have heavier near-term problems facing them. The war between hackers and software is being fought on the front lines-in the users' trenches. But hunting down the "engineers" who write bad software won't win this war, at least not in the short run. With the best of intentions, development shops are trying to address bad software by learning secure coding practices. Application security tools are the most effective way your organization can protect itself today. Building more secure software is a goal, but it won't stop the virus that gets released tomorrow. It comes down to this: secure coding practices are not going to produce 100 percent bug-free software. Thus, application security tools should always play a part In your risk mitigation plan.     

Virtual factory approach for implementation of holonic control in industrial applications: A case study in die-casting industry

Design and implementation of holonic manufacturing control systems for the real industrial applications require risky, careful decisions to ensure that the manufacturing system will successfully satisfy the demands of an ever-changing market. This paper suggests a virtual reality (VR)-based methodology for enhancing the design and implementation process of holonic control systems in manufacturing practice. The major focus has been given to the implementation of holonic control into the small to medium size manufacturing enterprises (SMEs).     

SOFL: a formal engineering methodology for industrial applications

Formal methods have yet to achieve wide industrial acceptance for several reasons. They are not well integrated into established industrial software processes, their application requires significant abstraction and mathematical skills, and existing tools do not satisfactorily support the entire formal software development process. We have proposed a language called SOFL (Structured-Object-based-formal Language) and a SOFL methodology for system development that attempts to address these problems using an integration of formal methods, structured methods and object oriented methodology. Construction of a system uses structured methods in requirements analysis and specifications, and an object based methodology during design and implementation stages, with formal methods applied throughout the development in a manner that best suits their capabilities. The paper describes the SOFL methodology, which introduces some substantial changes from current formal methods practice. A comprehensive, practical case study of an actual industrial Residential Suites Management System illustrates how SOFL is used     

安全可信工业控制系统构建方案

针对当前工业控制系统所面临的信息安全问题,提出了一种安全可信的体系架构。首先分析了工控系统特点、整体模型和控制流程,然后结合可信计算的思想,对工控系统的启动、组态和运行进行了安全加固,设计了静态度量、安全传输以及运行结果安全性验证。该体系可有效提高工控系统的安全防御能力。     

Measuring data credibility and medical coding: a case study using a nationwide Portuguese inpatient database

Software Quality Journal - Some countries have adopted the diagnosis-related groups (DRG) system to pay hospitals according to the number and complexity of patients they treat. Translating diseases...     

The effectiveness of test-driven development: an industrial case study

Test-driven development (TDD) is a software development practice, where test cases are incrementally written before implementing the production code. This paper presents the results of a multi-case study investigating the effectiveness of TDD within an industrial environment. Three comparable medium-sized projects were observed during their development cycle. Two projects were driven without TDD practice, while the third one introduced TDD into the development process. The effectiveness of TDD was expressed in terms of external code quality, productivity, and maintainability. Our results indicate that the TDD developers produced higher quality code that is easier to maintain, although we did observe a reduction in productivity.     

Automated product line test case selection: industrial case study and controlled experiment

Automated test case selection for a new product in a product line is challenging due to several reasons. First, the variability within the product line needs to be captured in a systematic way; second, the reusable test cases from the repository are required to be identified for testing a new product. The objective of such automated process is to reduce the overall effort for selection (e.g., selection time), while achieving an acceptable level of the coverage of testing functionalities. In this paper, we propose a systematic and automated methodology using a feature model for testing (FM_T) to capture commonalities and variabilities of a product line and a component family model for testing (CFM_T) to capture the overall structure of test cases in the repository. With our methodology, a test engineer does not need to manually go through the repository to select a relevant set of test cases for a new product. Instead, a test engineer only needs to select a set of relevant features using FM_T at a higher level of abstraction for a product and a set of relevant test cases will be selected automatically. We evaluated our methodology via three different ways: (1) We applied our methodology to a product line of video conferencing systems called Saturn developed by Cisco, and the results show that our methodology can reduce the selection effort significantly; (2) we conducted a questionnaire-based study to solicit the views of test engineers who were involved in developing FM_T and CFM_T. The results show that test engineers are positive about adapting our methodology and models (FM_T and CFM_T) in their current practice; (3) we conducted a controlled experiment with 20 graduate students to assess the performance (i.e., cost, effectiveness and efficiency) of our automated methodology as compared to the manual approach. The results showed that our methodology is cost-effective as compared to the manual approach, and at the same time, its efficiency is not affected by the increased complexity of products.     

Designing and implementing multi-user applications: A case study

We have developed a new multi-user application that integrates and extends the concepts in a variety of current multi-user applications. It allows multiple users to store, retrieve and browse through information, communicate information both synchronously and asynchronously, create ‘pipes’ of consistent, editable and persistent views, and interactively specify handlers for events. It has been implemented using the experimental technologies of distributed objects and multi-user editor generation. Our work on this application suggests a new and practical model for designing and implementing multi-user applications. In this paper, we describe the user interface and implementation of the application, give the rationale for our design choices, describe our experience with the tools and techniques used in the implementation, and present conclusions and directions for future work.     

The use of the Nordic questionnaire in an industrial setting: a case study

The aims of this study were to identify: (1) whether patterns of reported injury are differentially affected by the structure of the interview and qualifications of the interviewer; and (2) whether the Nordic Questionnaire is sensitive enough to identify different patterns of reported injuries across two different workstations. To accomplish this the Standardized Nordic Questionnaire was administered by both a physiotherapist and an ergonomist to two similar but separate workstations of a manufacturing plant. Analysis of the injury-reporting frequencies produced results indicating increased reporting to the ergonomist in two of five upper limb and trunk body regions considered at one workstation and in one region at the other. Differences in reporting frequencies between workstations were also found. Physical demands analyses performed in each area confirmed that differing job requirements existed in the two workstations under consideration. Early identification of potential job-specific injuries by an in-house ergonomist can initiate appropriate intervention strategies prior to the onset of chronic injuries.     

BCH coding and intelligent watermark embedding: Employing both frequency and strength selection

This paper presents a novel approach of adaptive visual tuning of a watermark in Discrete Cosine Transform (DCT) domain. The proposed approach intelligently selects appropriate frequency bands as well as optimal strength of alteration. Genetic Programming (GP) is applied to structure the watermark by exploiting both the characteristics of human visual system and information pertaining to a cascade of conceivable attacks. The developed visual tuning expressions are dependent on frequency and luminance sensitivities, and contrast masking. To further enhance robustness, spread spectrum based watermarking and Bose–Chadhuri–Hocquenghem (BCH) coding is employed. The combination of spread spectrum sequence, BCH coding and GP based non-linear structuring makes it extremely difficult for an attacker to gain information about the secret knowledge of the watermarking system. Experimental results show the superiority of the proposed approach against the existing approaches. Especially, the margin of improvement in robustness will be of high importance in medical and context aware related applications of watermarking.     

Adaptive regulation of super-heated steam temperature: a case study in an industrial boiler

This paper describes the application of the MUSMAR predictive adaptive controller to the regulation of super heated steam temperature in a commercial boiler. The boiler considered produces 150 t/h of steam at maximum load, used both for electric energy production in a turbine and industrial use. The combination of predictive and adaptive techniques, relying on multiple models redundantly estimated, allows a continuous adjustment of the controller tuning for tracking plant dynamics variations. This paper describes experiments actually performed on the plant with adaptive predictive control, in particular in the presence of load changes. A reduction of steam temperature fluctuations with respect to an optimized cascade of PI controllers is observed.     

Integrating supercomputing clusters into education: a case study in biotechnology

The Journal of Supercomputing - The integration of a Supercomputer in the educational process improves student’s technological skills. The aim of the paper is to study the interaction between...     

Fuzzy rule interpolation for multidimensional input spaces with applications: a case study

Fuzzy rule based systems have been very popular in many engineering applications. However, when generating fuzzy rules from the available information, this may result in a sparse fuzzy rule base. Fuzzy rule interpolation techniques have been established to solve the problems encountered in processing sparse fuzzy rule bases. In most engineering applications, the use of more than one input variable is common, however, the majority of the fuzzy rule interpolation techniques only present detailed analysis to one input variable case. This paper investigates characteristics of two selected fuzzy rule interpolation techniques for multidimensional input spaces and proposes an improved fuzzy rule interpolation technique to handle multidimensional input spaces. The three methods are compared by means of application examples in the field of petroleum engineering and mineral processing. The results show that the proposed fuzzy rule interpolation technique for multidimensional input spaces can be used in engineering applications.     

Assessing software product line potential: an exploratory industrial case study

Corporate organizations sometimes offer similar software products in certain domains due to former company mergers or due to the complexity of the organization. The functional overlap of such products is an opportunity for future systematic reuse to reduce software development and maintenance costs. Therefore, we have tailored existing domain analysis methods to our organization to identify commonalities and variabilities among such products and to assess the potential for software product line (SPL) approaches. As an exploratory case study, we report on our experiences and lessons learned from conducting the domain analysis in four application cases with large-scale software products. We learned that the outcome of a domain analysis was often a smaller integration scenario instead of an SPL and that business case calculations were less relevant for the stakeholders and managers from the business units during this phase. We also learned that architecture reconstruction using a simple block diagram notation aids domain analysis and that large parts of our approach were reusable across application cases.