Επεξεργασία ατράκτων ηλεκτροεγκεφαλογραφήματος ύπνου με ανάλυση ανεξάρτητων συνιστωσών / EEG sleep spindle processing with independent component analysis

Αλεβίζος, Ιωάννης Σ.

05 September 2007

Οι υπνικές άτρακτοι είναι απότομες αλλαγές της ρυθμικής δραστηριότητας που χαρακτηρίζονται από σταδιακή αύξηση και κατόπιν μείωση του πλάτους. Εμφανίζονται κυρίως στα στάδια 2,3 και 4 του υπνικού εγκεφαλογράμματος. Τοπογραφικές αναλύσεις έχουν δείξει την ύπαρξη δύο ξεχωριστών τύπων υπνικών ατράκτων, «αργές» και «ταχείς», περίπου στα 12 και 14 Hz, αντίστοιχα. Υπάρχουν ενδείξεις ότι υπάρχουν τουλάχιστον δύο, λειτουργικά, ξεχωριστές γεννήτριες υπνικών ατράκτων, που αντιστοιχούν στις κλάσεις συχνοτήτων. Ο λόγος της εργασίας αυτής ήταν η επεξεργασία υπνικών ατράκτων με την τεχνική Ανάλυσης Ανεξάρτητων Συνιστωσών (ICA) με σκοπό την έρευνα της πιθανότητας εξαγωγής, στα από την ICA ανακατασκευαζόμενα ηλεκτροεγκεφαλογραφήματα (ΗΕΓ), «συνιστωσών» ατράκτων που αντιστοιχούν σε ξεχωριστές δομές ΗΕΓ, και η μελέτη των πηγών που δημιουργούν αυτές τις συνιστώσες. Χρησιμοποιήθηκαν 8κάναλες καταγραφές υπνικών ατράκτων ΗΕΓ από έναν εξεταζόμενο, που καταγράφηκαν στα πλαίσια του Biopattern Network of Excellence, οι οποίες αρχικά επεξεργάστηκαν με ένα φίλτρο FIR με συχνότητες αποκοπής (-3dB) στα 6 και 21 Hz. Κατόπιν εφαρμόστηκε η ανάλυση ICA και εξάχθηκαν οι ανεξάρτητες συνιστώσες (ICs). Έγινε επιλογή των συνιστωσών οι οποίες θα ανακατασκεύαζαν τα ΗΕΓ και τέλος ανακατασκευάσθηκαν αυτά. Στα ανακατασκευασμένα ΗΕΓ έφαρμόστηκε η ανάλυση LORETA. Πρωτού γίνει όμως αυτό έγινε μία εξομείωση του «ευθύ» και «ανάστροφου» προβλήματος. Αυτό έγινε για να μελετήσουμε κατά πόσον θα μπορούσαμε να εξάγουμε αξιόπιστα αποτελέσματα από την τεχνική LORETA με τόσο μικρό αριθμό καναλιών καταγραφής. Η μελέτη αυτή έδειξε ότι τα αποτελέσματά μας θα μπορούσαν να μας δώσουν αξιόπιστες πληροφορίες όσον αφορά την ευρεία περιοχή παραγωγής των ατράκτων και όχι την ακριβή τους θέση. Τα τελικά αποτελέσματα έδειξαν ότι υπάρχει διαφοροποίηση, όσον αφορά την περιοχή παραγωγής τους, και σταθερότητα των πηγών που σχετίζονται με συνιστώσες ατράκτων που ανακατασκευάζονται από ξεχωριστές ομάδες ανεξαρτήτων συνιστωσών (ICs). / Sleep spindles are bursts of rhythmic activity characterized by progressively increasing, then gradually decreasing amplitude, present predominantly in stages 2, 3 and 4 of the sleep electroencephalogram (EEG). Topographic analyses of sleep spindle incidence suggested the existence of two distinct sleep spindle types, “slow” and “fast” spindles at approximately 12 and 14 Hz respectively. There are indications that there exist at least two functionally separated spindle generators, corresponding to each frequency spectrum class. The purpose of the present study was to process sleep spindles with Independent Component Analysis (ICA) in order to investigate the possibility of extracting, in the ICA-reconstructed EEG, spindle “components” corresponding to separate EEG activity patterns, and to investigate the sources underlying these spindle components. We used 8-channel EEG recordings of sleep spindles of a single subject, recorded in the framework of the Biopattern Network of Excellence, which were processed by a FIR filter with cut-off frequencies (-3 dB) at 6 and 21 Hz. Afterwards, ICA was applied and ICs were extracted. There were a choice of the ICs which would reconstruct the EEG and the EEG were finally reconstructed. Source analysis using Low-Resolution Brain Electromagnetic Tomography (LORETA) was applied on the reconstructed EEGs. Before that we made a simulation of the “direct” and “inverse” problem. This was made in order to investigate if we would extract reliable results from the LORETA technique with only 8-channel recordings. The investigation stated that the results could give reliable information only for the brain sites at which the spindle generators were located and not for their exact position. Results indicate separability and stability of sources related to sleep spindle components reconstructed from separate groups of Independent Components (ICs).

Άτρακτοι

616.804 754 7

Spindles

Sleep EEG

Independent component cnalysis (ICA)

Independent components (ICs)

LORETA

Optimisation du traitement numérique de signaux générés dans un cristal de ICs

Lagrange, Simon

11 1900

Ce travail a pour but l'optimisation du traitement numérique de signaux générés dans le cristal de ICs d'un calorimètre électromagnétique, dans le cadre d'expériences à haut taux de comptage telle que Belle II. La scintillation du cristal est convertie en signal électronique par une photopentode de Hamamatsu avec un gain de 150±2 électrons par photoélectron, pour être amplifiée par un préamplificateur. Le shaper, un filtre actif de type CR-(RC)^4, effectue ensuite une mise en forme du signal, qu'un ADC numérise alors pour qu'il soit traité numériquement par le DSP. À partir de formes de référence, le DSP peut extraire l'énergie déposée par une particule incidente et le temps d'occurence de son passage. Pour définir les formes de référence, on a déterminé que sur les trois approches étudiées, soit des formes moyennes expérimentales, soit à partir de la fonction analytique pour un filtre actif ou soit une somme de 3 gaussiennes, la plus optimale est l'ajustement de cette dernière fonction, que ce soit avec un générateur d'impulsions ou un cristal de ICs. De plus, la règle pour convertir l'amplitude des signaux mesurés en énergie déposée dans le cristal a été établie, malgré une gamme dynamique étroite. On a aussi observé des temps moyens de propagation de la scintillation dans le cristal de 47±4 ns et 3,4±0,5 $\mu$s, liés aux deux états d'excitation accessibles aux atomes du ICs, mais aussi à la géométrie du cristal, aux réflexions de photons sur les parois et au temps de réaction des circuits électroniques, qui allongent ces temps de scintillation mesurés. / The goal of this work is to optimize the digital processing of signals generated in the CsI crystal of an electromagnetic calorimeter, in the context of high counting rate experiments like Belle II. The scintillation from the crystal is converted into an electronic signal by a Hamamatsu photopentode with a gain of 150±2 electrons per photoelectron, to then be amplified by a preamplifier. The signal is then shaped by the shaper, a CR-(RC)^4 active filter, before it is digitized by an ADC, to be processed by the DSP. Using reference shapes, the DSP can extract the energy deposited by an incident particle and the time of occurence of it going through the crystal. To define the reference shapes, we determined that of the three approaches studied, which are experimental average shapes, the analytical function for an active filter and the sum of 3 gaussian functions, the best results were achieved using the last one, both with the pulse generator and the CsI crystal. Also, a conversion formula has been established to convert the measured signals' amplitudes into deposited energy in the crystal, despite a narrow dynamic range. We also observed average propagation times of the scintillation through the crystal of 47±4 ns and 3,4±0,5 $\mu$s, related to the two accessible excitation states of the CsI atoms, but also to the crystal's geometry, the reflections of photons on its surface and the reaction time of the electronics circuits, which make those scintillation times appear longer.

Calorimètre électromagnétique

ICs

Shaper

DSP

Traitement numérique

Belle II

Electromagnetic calorimeter

CsI

Digital processing

Návrh řízení informační bezpečnosti v průmyslovém prostředí / Design of information security management in the industrial environment

Kadlec, Miroslav

January 2018

The diploma thesis deals with the design of information security management in the industrial environment. In the first part of thesis is mentioned the theoretical background from the area of information security. The analysis of the default status is followed, and the risk analysis is also performed. Further, the thesis deals with the design of the industrial network infrastructure and its management.

Návrh na zavedení průmyslového řešení ISMS ve výrobní společnosti / A Proposal for Industrial ISMS Implementation in Manufacturing Company

Kulhánek, Radek

January 2016

This diploma thesis deals with industrial ISMS implementation in manufacturing company. The theoretical part of thesis summarizes the theoretical knowledge in the field of information security and industrial security. In the following section company AB Komponenty s.r.o. is analysed. Then is performed analysis of risks based on selected assets and potential threats. Followed by design of the countermeasure to minimalize potential threats.

Attack Surface Management : Principles for simplifying the complexity of OT security

Veshne, Jyotirmay

January 2023

Purpose: Operational technology (OT) environments face significant risks and threats stemming from Industry 4.0. The security landscape for OT is confronted with unprecedented challenges due to the expanding attack surface resulting from factors like cloud adoption, Industrial Internet of Things, and increased mobility. Securing OT networks has become increasingly complex, and relying solely on perimeter firewalls or air gaps is a flawed approach. Malicious actors now target OT systems for high-stakes ransoms and lockouts, exploiting the manufacturing industry's reluctance to disrupt operations. Conventional security measures are insufficient against insider threats and agile hackers who can maneuver within the network. These adversaries display patience and persistence, often waiting for months to gain unauthorized access.  Acknowledging the complexity of OT within industrial organizations, the objective of this master's thesis is to offer a set of simplified principles and practices that can serve as valuable guidance for practitioners seeking to establish effective Attack Surface Management (ASM) strategies in OT environments. These OT security practices embody a comprehensive approach to cybersecurity, empowering OT security practitioners to adapt to ever-evolving industry dynamics and establish baseline protection against various threats and vulnerabilities. Design/Methodology/Approach: This thesis utilizes Action Design Research (ADR), which combines Action Research (AR) and Design Science (DS) approaches. ADR is applied to address a specific problem in an organizational context, involving intervention, evaluation, and the creation of new IT principles and practices. ADR is chosen as the appropriate methodology to guide the development and evaluation of a prototype OT Remote Connectivity and the secure integration of MES components into the organizational OT environment. Findings: This study made a valuable contribution to the field by introducing five innovative Design Principles (DPs) specifically designed to simplify ASM in OT environments. These newly proposed DPs complement the existing ones and address emerging challenges and considerations in the rapidly evolving landscape of OT security. They provide practitioners with fresh perspectives, guidelines, and approaches to enhance the effectiveness and efficiency of ASM strategies in OT. Practical Implications: The research project gives a comprehensive checklist of secure practices for OT, these were formulated and implemented, considering the entire lifecycle of OT devices. These practices encompassed various stages, from design, procurement to disposal, and aimed to enhance the security posture of OT systems. Building upon these secure practices, a functional prototype was developed to facilitate secure remote connectivity for suppliers/vendors and the seamless integration of Manufacturing Execution System (MES) components.

OT

ICS

SCADA

CPS

IIoT

IoT

Attack Surface

MES

Attack Surface Management

Security

Remote connectivity

Elektroteknik och elektronik

TRACE DATA-DRIVEN DEFENSE AGAINST CYBER AND CYBER-PHYSICAL ATTACKS.pdf

Abdulellah Abdulaziz M Alsaheel (17040543)

11 October 2023

<p dir="ltr">In the contemporary digital era, Advanced Persistent Threat (APT) attacks are evolving, becoming increasingly sophisticated, and now perilously targeting critical cyber-physical systems, notably Industrial Control Systems (ICS). The intersection of digital and physical realms in these systems enables APT attacks on ICSs to potentially inflict physical damage, disrupt critical infrastructure, and jeopardize human safety, thereby posing severe consequences for our interconnected world. Provenance tracing techniques are essential for investigating these attacks, yet existing APT attack forensics approaches grapple with scalability and maintainability issues. These approaches often hinge on system- or application-level logging, incurring high space and run-time overheads and potentially encountering difficulties in accessing source code. Their dependency on heuristics and manual rules necessitates perpetual updates by domain-knowledge experts to counteract newly developed attacks. Additionally, while there have been efforts to verify the safety of Programming Logic Controller (PLC) code as adversaries increasingly target industrial environments, these works either exclusively consider PLC program code without connecting to the underlying physical process or only address time-related physical safety issues neglecting other vital physical features.</p><p dir="ltr">This dissertation introduces two novel frameworks, ATLAS and ARCHPLC, to address the aforementioned challenges, offering a synergistic approach to fortifying cybersecurity in the face of evolving APT and ICS threats. ATLAS, an effective and efficient multi-host attack investigation framework, constructs end-to-end APT attack stories from audit logs by combining causality analysis, Natural Language Processing (NLP), and machine learning. Identifying key attack patterns, ATLAS proficiently analyzes and pinpoints attack events, minimizing alert fatigue for cyber analysts. During evaluations involving ten real-world APT attacks executed in a realistic virtual environment, ATLAS demonstrated an ability to recover attack steps and construct attack stories with an average precision of 91.06%, a recall of 97.29%, and an F1-score of 93.76%, providing a robust framework for understanding and mitigating cyber threats.</p><p dir="ltr">Concurrently, ARCHPLC, an advanced approach for enhancing ICS security, combines static analysis of PLC code and data mining from ICS data traces to derive accurate invariants, providing a comprehensive understanding of ICS behavior. ARCHPLC employs physical causality graph analysis techniques to identify cause-effect relationships among plant components (e.g., sensors and actuators), enabling efficient and quantitative discovery of physical causality invariants. Supporting patching and run-time monitoring modes, ARCHPLC inserts derived invariants into PLC code using program synthesis in patching mode and inserts invariants into a dedicated monitoring program for continuous safety checks in run-time monitoring mode. ARCHPLC adeptly detects and mitigates run-time anomalies, providing exceptional protection against cyber-physical attacks with minimal overhead. In evaluations against 11 cyber-physical attacks on a Fischertechnik manufacturing plant and a chemical plant simulator, ARCHPLC protected the plants without any false positives or negatives, with an average run-time overhead of 14.31% in patching mode and 0.4% in run-time monitoring mode.</p><p dir="ltr">In summary, this dissertation provides invaluable solutions that equip cybersecurity professionals to enhance APT attack investigation, enabling them to identify and comprehend complex attacks with heightened accuracy. Moreover, these solutions significantly bolster the safety and security of ICS infrastructure, effectively protecting critical systems and strengthening defenses against cyber-physical attacks, thereby contributing substantially to the field of cybersecurity.</p>

Software and application security

System and network security

ICS Security

forensics investigation

attack detection

Reliability of SRAMs and 3D TSV ICS: Design Protection from Soft Errors and 3D Thermal Modeling

Shiyanovskii, Yuriy

26 June 2012

No description available.

Computer Engineering

Electrical Engineering

Soft Error

SRAMs

Hardening

Reliability

Memory Cell Design

3D ICs

TSV

Through-Silicon Vias

Thermal Modeling

Thermal Management

Simulation of industrial control system field devices for cyber security

Andersson, Dorothea

January 2017

Industrial Control Systems (ICS) are an integral part of modernsociety, not least when it comes to controlling and protecting criticalinfrastructure such as power grids and water supply. There is a need to testthese systems for vulnerabilities, but it is often difficult if not impossible to doso in operational real time systems since they have been shown to be sensitiveeven to disturbances caused by benign diagnostic tools. This thesis exploreshow ICS field devices can be simulated in order to fool potential antagonists,and how they can be used in virtualized ICS for cyber security research. 8different field devices were simulated using the honeypot daemon Honeyd,and a generally applicable simulation methodology was developed. It was alsoexplored how these simulations can be further developed in order to functionlike real field devices in virtualized environments. / Industriella informations- och styrsystem utgör en viktig delav vårt moderna samhälle, inte minst när det gäller kontroll och skydd avkritisk infrastruktur som elnät och vattenförsörjning. Det finns stora behov avatt säkerhetstesta dessa typer av system, vilket ofta är omöjligt iproduktionsmiljöer med realtidskrav som är erkänt känsliga för störningar, tilloch med från vanligt förekommande analysverktyg. Denna rapport presenterarhur vanliga komponenter i industriella informations- och styrsystem kansimuleras för att lura potentiella antagonister, och hur de kan användas ivirtualiserade styrsystem för cybersäkerhetsforskning. 8 olika komponentersimulerades med hjälp av Honeyd, och en generellt applicerbarsimuleringsmetodik utvecklades. Hur dessa simuleringar kan vidareutvecklasför att fungera som riktiga styrsystemskomponenter i virtualiserade miljöer harockså undersökts.

Elektroteknik och elektronik

A DISTRIBUTED NETWORK MANAGEMENT AGENT FOR FAULT TOLERANT INDUSTRIAL NETWORKS

Leclerc, Sebastian, Ekrad, Kasra

January 2024

Within industrial systems, dependability is critical to keep the system reliable and available. Faults leading to failures of the whole system must be mitigated by a laborious design, testing, and verification process. This thesis aims to build a Network Management Agent (NMA), capable of fault detection, localization, and recovery in an Ethernet environment. The chosen NMA environment was a distributed industrial system using a redundant controller pair, where the controllers must determine when the roles should switch in case of primary failure. In the industrial context, this role-switching must be bounded and robust enough to withstand mixed traffic classes competing for network resources. An NMA was built to monitor the network with the help of Media Redundancy Protocol (MRP), heartbeats, and industrial switch queue status queries. The NMA could distinguish between node and link failure by localizing the fault while adjusting the network's Quality of Service (QoS). The controllers could safely switch roles after an average difference of 29.7065 ms from the moment the primary failed, and the secondary took over. Link failure was detected in three possible locations within 31.297 ms and the location was found within 373.419 ms. To the authors' best knowledge, other solutions mainly target L3 networks or require specialized supporting technology, whereas MRP was found in the majority of the investigated industrial switches. The proposed solution requires any heartbeat-like function sent from the switch, which MRP offers, and can be generalized to any environment where distinguishing a link from a node failure is important. QoS anomaly detection however requires capable switches and configuration of rules to prioritize the traffic accordingly.

ICN

ICS

DCS

Redundant Controller Pair

Network Fault Monitoring

Link Failure Detection and Localization

QoS Anomaly Detection and Restoration

MRP

Embedded Systems

Inbäddad systemteknik

Charakterisierung zellulärer Immunantworten von mit SIV immunisierten und infizierten Makaken / Characterization of cellular immune responses in macaques immunized and infected with SIV

Schulte, Reiner

01 November 2007

No description available.

570 Biowissenschaften, Biologie

Mathematics and Computer Science

Rhesusaffe

SIV

Impfstoff

Gedächtnis-T-Zellen

Lymphozyten

intrazelluläre Zytokinfärbung

ICS

rhesus monkey

simian immunodeficiency virus

SIV

vaccine

memory T-cells

lymphocyte

intracellular cytokine staining

ICS

42.32

44.45

46.52

MED 334: Infektionskrankheiten