Análise quantitativa da extensão de áreas classificadas / QUANTITATIVE ANALYSIS OF THE SCOPE OF HAZARDOUS AREA.

Otsuka, Aroldo Hitoshi

28 November 2011

Classified areas are regions with explosive atmospheres and the purpose of characterizing it is to design or estimate its extent to prevent the risk of ignition in an industrial plant. We will demonstrate that the generic use of the method of classification of areas by default or standardized figure without proper technical justification is questioned by many authors and professionals specialized in the subject that warn about the subjective form with which the subject is treated and may cause distortions in the risk assessment. The objective of this study is to present a quantitative assessment of these extensions, and compare the results between the two methodologies. For this work, we used bibliographical, and through simulation, made sure the calculations for estimating them. Used fluid flow equations suggested in the work of Macmillan (1998), in order to determine the flow of the leak and the distance from the source until the concentration of LII (lower limit of flammability), axis x. To validate them, they used data from the experiments presented by Cox (1989). And finally, the results were compared classified areas extension for leak scenario proposed by the ABNT IEC 60079-10 (2006) with those obtained by drainage equations. The results demonstrated that simply transpose the distance of 1 meter radius, in the form of a sphere, from the seal of the valve that controls the flow of propane as standard, does not guarantee the accuracy of the extension of its classified area. . / Áreas Classificadas são regiões que apresentam atmosferas explosivas e a finalidade de caracterizá-las é de projetar ou estimar sua extensão para prevenir quanto ao risco de ignição numa planta industrial. Foi ratificado que o uso genérico do método de classificação de áreas por figura padronizada ou pré-definida, sem a devida justificativa técnica, é questionado por vários autores e profissionais especializados no assunto, os quais advertem sobre a forma subjetiva com que o tema é tratado, podendo ocasionar distorções na análise do risco. Este estudo teve como objetivo apresentar uma avaliação quantitativa das extensões de áreas classificadas e comparar os resultados obtidos entre as técnicas de classificação de áreas por figuras padronizadas ou pré-definidas e modelos matemáticos. Para a realização deste trabalho, adotou-se o levantamento bibliográfico, e por meio de simulação, efetuaram-se os cálculos para estimá-las. Foram utilizadas as equações de escoamento de fluidos sugeridos na obra de Macmillan (1998), objetivando determinar o fluxo do vazamento e o distanciamento da fonte até a concentração do LII (limite inferior de inflamabilidade), no eixo de x. Para validá-las, aplicaram-se os dados dos experimentos apresentados por Cox (1989). E por fim, foram comparados os resultados da extensão de áreas classificadas para o cenário de vazamento proposto pela norma NBR IEC 60079-10 (2006) com os obtidos pelas equações de escoamento. Demonstrou-se que simplesmente transpor o distanciamento de 1 metro de raio, na forma de uma esfera, a partir do selo da válvula que controla o fluxo do propano, conforme exemplo da norma, não garante a exatidão da extensão da sua área classificada.

Áreas classificadas

Atmosfera explosiva

Segurança do trabalho

ABNT NBR IEC 6009-10

Hazardous areas

Explosive atmosphere

Safety

ABNT NBR IEC 6009-10

CNPQ::ENGENHARIAS::ENGENHARIA QUIMICA

Management bezpečnosti informačních systémů v obci / Security Management of Information Systems for the Kaliště Municipality

Kutiš, Pavel

January 2013

This Diploma Thesis is being focused on Information Security Management System implementation for a certain municipality. The work has been divided into two parts. The first part deals with theoretical basis which are based on the ISO/IEC 27000 standards. The second part contains the practical implementation following the theoretical background from the first part. The implementation itself has been divided into three stages and this thesis is mainly concentrated on the first stage.

A NORMA ISO/IEC 17025 E O SAGRI - SISTEMA DE AVALIAÇÃO DA GESTÃO E RESULTADOS DA INOVAÇÃO - UMA PROPOSTA DE INTEGRAÇÃO

Scheid, Jane de Fátima Foliatti

06 August 2013

The testing laboratories are being required, by the regulatory agencies, to seek accreditations and recognitions of their quality management systems, ensuring their competence and traceability of the results. However, the concern about the competitiveness is not a seal. Laboratories require keep in their scopes, innovative methodologies that have the least amount of time and cost of analysis and greater efficiency. With these assumptions, the integration of appropriate practices to the requirements of standard ISO/IEC 17025: General requirements for the competence of testing and Calibration Laboratories, as the management evaluation system of Innovation results (SAGRI) may contribute with the needs imposed on the market. The present work is a study on the standardization of laboratories in accordance with ISO/IEC 17025 and management actions that contemplate the innovation, based on the theoretical study of the literature and research conducted in five testing laboratories accredited or recognized by an accreditation agency, through a questionnaire applied. The research is qualitative in character. The methodology departed from a conceptual basis of ISO and SAGRI, which subsequently were interpreted and related how the affinity between the two lines, offering greater clarity to the contextualization of the theme, which allowed the formulation of a proposal for integration between the norm and the evaluation system. The conclusion of the study presented the possible integration of the two systems, since innovation is part of the routine laboratory. It was concluded that laboratory guidelines must be deployed to all employees through tools and practices aligned to these directly related to strategic culture of the organization. / Os laboratórios de ensaio estão sendo exigidos, por órgãos reguladores, a buscar acreditações e reconhecimentos de seus sistemas de gestão da qualidade, garantindo a sua competência e a rastreabilidade dos resultados. No entanto, a preocupação quanto à competitividade não se resume a um selo. Os laboratórios necessitam manter em seus escopos, metodologias inovadoras que dispõem do menor tempo e custo de análise e maior eficiência. Com estas premissas, a integração das práticas adequadas tanto aos requisitos da norma ISO/IEC 17025: Requisitos Gerais para a Competência de Laboratórios de Ensaio e Calibração, como os do Sistema de Avaliação da Gestão de Resultados da Inovação (SAGRI) poderão contribuir com as necessidades impostas no mercado. O presente trabalho trata de um estudo sobre a normalização de laboratórios de acordo com a ISO/IEC 17025 e as ações de gestão que contemplam a inovação, com base no estudo teórico da literatura e pela pesquisa realizada em cinco laboratórios de ensaio acreditados ou reconhecidos por um organismo de credenciamento, através de um questionário aplicado. A pesquisa é de caráter qualitativo. A metodologia partiu de uma fundamentação conceitual da ISO e do SAGRI, na qual posteriormente foram interpretados e relacionados quanto a afinidade entre as duas linhas, oferecendo maior clareza à contextualização do tema, o que possibilitou a formulação de uma proposta de integração entre a norma e o sistema de avaliação. A conclusão do estudo apresentou a possível integração dos dois sistemas, desde que, a inovação faça parte da rotina do laboratório. Concluiu-se também, que as diretrizes do laboratório devem ser desdobradas a todos os colaboradores através de ferramentas e práticas alinhadas a estas estratégicas diretamente relacionadas à cultura da organização.

ISO/IEC 17025

Sistema de Gestão da Qualidade

Acreditação de laboratórios

SAGRI

Inovação

ISO/IEC 17025

Quality Management System

Laboratory Accreditation

SAGRI

Innovation

Functional Size Measurement and Model Verification for Software Model-Driven Developments: A COSMIC-based Approach

Marín Campusano, Beatriz Mariela

20 July 2011

Historically, software production methods and tools have a unique goal: to produce high quality software. Since the goal of Model-Driven Development (MDD) methods is no different, MDD methods have emerged to take advantage of the benefits of using conceptual models to produce high quality software. In such MDD contexts, conceptual models are used as input to automatically generate final applications. Thus, we advocate that there is a relation between the quality of the final software product and the quality of the models used to generate it. The quality of conceptual models can be influenced by many factors. In this thesis, we focus on the accuracy of the techniques used to predict the characteristics of the development process and the generated products. In terms of the prediction techniques for software development processes, it is widely accepted that knowing the functional size of applications in order to successfully apply effort models and budget models is essential. In order to evaluate the quality of generated applications, defect detection is considered to be the most suitable technique. The research goal of this thesis is to provide an accurate measurement procedure based on COSMIC for the automatic sizing of object-oriented OO-Method MDD applications. To achieve this research goal, it is necessary to accurately measure the conceptual models used in the generation of object-oriented applications. It is also very important for these models not to have defects so that the applications to be measured are correctly represented. In this thesis, we present the OOmCFP (OO-Method COSMIC Function Points) measurement procedure. This procedure makes a twofold contribution: the accurate measurement of objectoriented applications generated in MDD environments from the conceptual models involved, and the verification of conceptual models to allow the complete generation of correct final applications from the conceptual models involved. The OOmCFP procedure has been systematically designed, applied, and automated. This measurement procedure has been validated to conform to the ISO 14143 standard, the metrology concepts defined in the ISO VIM, and the accuracy of the measurements obtained according to ISO 5725. This procedure has also been validated by performing empirical studies. The results of the empirical studies demonstrate that OOmCFP can obtain accurate measures of the functional size of applications generated in MDD environments from the corresponding conceptual models. / Marín Campusano, BM. (2011). Functional Size Measurement and Model Verification for Software Model-Driven Developments: A COSMIC-based Approach [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/11237 / Palancia

Functional size measurement

Model-driven development

Cosmic measurement method

Defect detection

Quality of conceptual models

Oo-method

Iso/iec 5725

Iso/iec 19761

LENGUAJES Y SISTEMAS INFORMATICOS

Návrh zavedení bezpečnostních opatření ve společnosti vyvíjející software / Proposal for the Implementation of Security Measures in the Software Development Company

Štěpánek, Daniel

January 2017

Master's thesis focuses on proposal for the implementation of security measures in the software development company. Theoretical section defines chosen information security terms. Analytical section deals with analysis and assessment of current security situation in the company. Solution proposal contains risk analysis, proposal of security measures for risk treatment and economic evaluation.

Zavedení ISMS do podniku podporujícího kritickou infrastrukturu / Proposal for the ISMS Implementation in Company with CI Support

Šebrle, Petr

January 2017

This diploma thesis deals with the methodology of Management of Information Security in a medium size company supporting critical infrastructure. The first part is focused on the theoretical aspects of the topic. Practical part consists of analysis of the current state, risk analysis and correction arrangements according to the attachment A of standard ČSN ISO/IEC 27001:2014. Implementation of ISMS is divided into four phases. This thesis however covers the first two phases only

Problematika vyhodnocování blokovacích podmínek rozvodny pomocí GOOSE zpráv / The issue of evaluating of interlocking in substations using GOOSE messages

Ditrych, Marek

January 2019

This master thesis focuses on problematics of GOOSE messages used for evaluation of blocking conditions of substations in the electrical power plant in Opatovice (EOP). Firstly, the thesis describes the multifunctional electrical protection relay 7SJ64 as well as GOOSE messages, that are run by protocol IEC 61850. Next, it contains a brief description of the energy consumption of EOP itself, since the project was written for its protection relays. In the practical part of the thesis, an experimental network consisting of two distinct substations with three 7SJ64 multifunctional protection relays was designed together with simple blocking conditions. These require information about the state of circuit breakers. The whole communication is carried by GOOSE messages. Moreover, to inform about the loss of GOOSE messages, the logical function SI_GET_S (decoder) was used inside the coding interface of DIGSI programme called CFC. This function was then tested in the experimental network using each different condition, that experienced interruptions of communication caused either by simulated defect of optical cabels, or by „user‘s mistakes“ in the settings of communication parameters in DIGSI. Finally, the system protecting from the loss of GOOSE messages was incorporated into the existing project evaluating blocking conditions in the block substation of EOP.

Samočinné testování mikrokontrolerů / Self-Testing of Microcontrollers

Denk, Filip

January 2019

This Master's thesis deals with functional safety of electronic systems. Specifically, it focuses on self-testing of the microprocessor and its peripherals at the software level. The main aim of the thesis is to design and implement a set of functions written in programming language C or assembly language, which automatically test the selected areas of the microcontroller. Resources and methods used in the implemented solution also aim to meet the requirements according to the safety standard IEC 60730-1, Annex H, Software Class B. The microcontroller NXP LPC55S69 was chosen as a hardware platform. It consists of two ARM Cortex-M33 cores. As a result, the example application is provided, which uses implemented test functions at the run-time. Example application also contains a graphical user interface with fault injection ability.

Testování zranitelností v průmyslových sítích / Vulnerabilities assessment for industrial protocols

Zahradník, Jiří

January 2020

Thesis deals with testing of selected vulnerabilities from the IEC 61850 standard and following design of mitigation measures for selected vulnerabilities. Author simulated vulnerabilities of the GOOSE protocol, NTP attack and attack ona MMS client. Those attacks were GOOSE stNum, GOOSE semantic, GOOSE test bit,GOOSE replay, GOOSE flood, NTP spoofing and MMS password capture. Attacks on protocols GOOSE and MMS were successful, attack on NTP was only partially successful since the device confirmed receiving spoofed time, however it did not change it’s inner clock. Author then designed possible mitigation measures. Tool for automatic testing of selected vulnerabilities, parser for the GOOSE protocol and lightweight multiplatform parser for configuration files were created as well.The outcome of this thesis allows the implementation of lager scale tool for penetration testing of industrial networks as well as it allows implementation of discussed mitigation measures.

Návrh procesů pro společnost poskytující IT služby s ohledem na ISMS a ITSM / Draft of Processes for IT Outsourcing Company Considering ISMS and ITSM

Haller, Martin

January 2012

The goal of this diploma thesis is to design processes for existing ICT company mainly providing services. This work contains models of the designed processes and proposes convenient information system. All the designed processes are evaluated against ISO/IEC 27000 and ISO/IEC 20000 standards.