How Secure is Verisure’s Alarm System?

Hamid, Lars-Eric, Möller, Simon

January 2020

Security is a very important part of today’s society.Verisure is the leader in home alarm systems with 30 years ofexperience. In this project, we aim to evaluate how secure theiralarm system is from a software perspective. The system wasbought in January 2020. After an initial threat modeling, followedby penetration testing it turns out that the alarm system is not assecure as Verisure markets. We could find several security flawsin the system. Some of them let an attacker block the system,and others yield full control without the user’s knowledge. Thereare also a couple of vulnerabilities that could be exploited bypeople without any special knowledge regarding hacking or thesystem in general. / Säkerhet är en mycket viktig del i dagens samhälle. Verisure är ledande inom hemmalarmsystem med 30 års erfarenhet. I det här projektet utvärderar vi hur säkert deras larmsystem är från ett mjukvaruperspektiv. Systemet köptes i januari 2020. Efter en inledande hotmodellering och följande penetrationstester visar det sig att larmsystemet inte är lika säkert som Verisure marknadsför. Vi kunde under projektets gång hitta flera säkerhetsbrister i systemet. Några av dessa gör att en angripare kan blockera systemet och andra ger full kontroll utan användarnas vetskap. Det finns också ett par sårbarheter som kan utnyttjas av människor utan någon speciell kunskap om hacking eller systemet i allmänhet. / Kandidatexjobb i elektroteknik 2020, KTH, Stockholm

Alarm system

Cross-site request forgery

Cyber-security

Denial of Service

Hacking

Internet of Things

Verisure

Elektroteknik och elektronik

Resource Reservation for Time-Sensitive Vehicular Applications

Al-Khatib, Abdullah

16 December 2024

This thesis investigates cost-effective and reliable resource reservation strategies for time-sensitive and safety-critical vehicular (TSSCV) applications, such as autonomous and remote driving. These applications require deterministic and guaranteed access to mobile edge computing (MEC) resources, which is typically achieved through individual reservations. Vehicles submit reservation requests to mobile network operator (MNOs), which allocate computation and communication resources based on these requests. Therefore, optimizing the timing and method for vehicles to place reservation requests in both single and multiple MNO scenarios is crucial, especially in dynamic vehicular environments with fluctuating network conditions and limited resources. Efficient reservation requests are essential as vehicles lack complete information about future resource availability and costs. Additionally, real-world uncertainties, such as unpredictable mobility, which influences future reservation times and costs, complicate the design of an optimal reservation strategy. Furthermore, dynamic pricing models employed by MNOs introduce another layer of complexity to the decision-making process for reservation requests, updates, and exchanges due to their impact on market conditions like resource supply and demand. To address the challenges of resource reservation in single MNO scenarios, this thesis proposes an advanced reservation strategy leveraging a batched long short-term memory (LSTM) model. This approach optimizes the timing of reservations, leading to significant cost savings for vehicles. To further minimize update costs, one-shot and multi-shot reservation update strategies are introduced, complemented by the heuristic greedy reservation updates (HGRU) algorithm. For multiple MNO environments, the thesis addresses cost-effective resource selection by comparing prices and network conditions across MNOs. An adaptive Markov decision process (MDP) framework is proposed, incorporating a deep reinforcement learning (DRL) algorithm, specifically dueling deep Q-learning. To enhance learning efficiency, a novel area-wise approach and adaptive MDP closely resembling real-world conditions are introduced. Furthermore, the temporal fusion transformer (TFT) is employed to effectively handle time-dependent data during model training. The multi-phase training approach, involving both synthetic and real-world data, enables the DRL agent to learn from historical data and adapt to real-time observations. Additionally, a multi-objective approach using a double deep Q-learning algorithm is proposed to minimize the cost of reservation updates while ensuring an optimal strategy and reliable provisioning. Finally, this thesis explores the use of blockchain smart contracts to establish a secure, efficient, and transparent resource trading system for vehicular networks. This blockchain-based architecture optimizes reservation costs and addresses trust issues by enabling decentralized, secure, and cost-effective resource trading among vehicles. By leveraging smart contracts, the system ensures transparency and immutability in transactions, fostering trust among participating vehicles. Simulation results demonstrate that the proposed resource reservation algorithms in single MNO environments outperform benchmark reservation schemes, including immediate reservation schemes, in terms of cost minimization and resource utilization efficiency, which also pose challenges for resource guarantee. In multiple MNO environments, the algorithms effectively manage uncertainties and promote competition between MNOs than single MNO scenario potentially impacting guaranteed resource provisioning. Additionally, while the exchange reservation strategies enhance security, the absence of robust security mechanisms could result in unreliable resource requests from providers, posing challenges to guaranteed resource provisioning.

info:eu-repo/classification/ddc/600

ddc:600

Fahrzeug; Berechnung; Kommunikation

Development and Integration of a Low-Cost Occupancy Monitoring System

Mahjoub, Youssif

12 1900

The world is getting busier and more crowded each year. Due to this fact resources such as public transport, available energy, and usable space are becoming congested and require vast amounts of logistical support. As of February 2018, nearly 95% of Americans own a mobile cell phone according to the Pew Research Center. These devices are consistently broadcasting their presents to other devices. By leveraging this data to provide occupational awareness of high traffic areas such as public transit stops, buildings, etc logistic efforts can be streamline to best suit the dynamics of the population. With the rise of The Internet of Things, a scalable low-cost occupancy monitoring system can be deployed to collect this broadcasted data and present it to logistics in real time. Simple IoT devices such as the Raspberry Pi, wireless cards capable of passive monitoring, and the utilization of specialized software can provide this capability. Additionally, this combination of hardware and software can be integrated in a way to be as simple as a typical plug and play set up making system deployment quick and easy. This effort details the development and integration work done to deliver a working product acting as a foundation to build upon. Machine learning algorithms such as k-Nearest-Neighbors were also developed to estimate a mobile device's approximate location inside a building.

Probe Request

Raspberry Pi

Scapy

Kismet

Monitor mode

Occupancy

Monitoring

IoT

Internet of Things

Mobile Device

Engineering, Electronics and Electrical

Computer Science

Wireless communication systems.

Internet of things.

A pattern-driven and model-based vulnerability testing for Web applications / Une approche à base de modèles et de patterns pour le test de vulnérabilités d'applications Web

Vernotte, Alexandre

29 October 2015

Cette thèse propose une approche originale de test de vulnérabilité Web à partir de modèles etdirigée par des patterns de tests, nommée PMVT. Son objectif est d’améliorer la capacité de détectionde quatre types de vulnérabilité majeurs, Cross-Site Scripting, Injections SQL, Cross-Site RequestForgery, et Privilege Escalation. PMVT repose sur l’utilisation d’un modèle comportemental del’application Web, capturant ses aspects fonctionnels, et sur un ensemble de patterns de test devulnérabilité qui adressent un type de vulnérabilité de manière générique, quelque soit le type del’application Web sous test.Par l’adaptation de technologies MBT existantes, nous avons développé une chaîne outillée complèteautomatisant la détection des quatre types de vulnérabilité. Ce prototype a été exprimenté et évaluésur deux applications réelles, actuellement utiliseés par plusieurs dizaines de milliers d’utilisateurs.Les résultats d’expérimentation démontrent la pertinence et de l’efficience de PMVT, notamment enaméliorant de façon significative la capacité de détection de vulnérabilités vis à vis des scannersautomatiques d’applications Web existants. / This thesis proposes an original approach, dubbed PMVT for Pattern-driven and Model-basedVulnerability Testing, which aims to improve the capability for detecting four high-profile vulnerabilitytypes, Cross-Site Scripting, SQL Injections, CSRF and Privilege Escalations, and reduce falsepositives and false negatives verdicts. PMVT relies on the use of a behavioral model of theapplication, capturing its functional aspects, and a set of vulnerability test patterns that addressvulnerabilities in a generic way. By adapting existing MBT technologies, an integrated toolchain that supports PMVT automates thedetection of the four vulnerability types in Web applications. This prototype has been experimentedand evaluated on two real-life Web applications that are currently used by tens of thousandsusers. Experiments have highlighted the effectiveness and efficiency of PMVT and shown astrong improvement of vulnerability detection capabilities w.r.t. available automated Web applicationscanners for these kind of vulnerabilities.

Test de Vulnérabilité

Test à partir de Modèles

Patterns de Test de Vulnérabilité

Applications Web

Cross-Site Scripting

Injections SQL

Cross-Site Request Forgery

Privilege Escalation

Vulnerability Testing

Model-Based Testing

Vulnerability Test Patterns

Web applications

Cross- Site Scripting

SQL Injections

Cross-Site Request Forgery

Privilege Escalation

004.678

Bidding models for bond market auctions / Budgivningsmodeller förauktioner på obligationsmarknaden

Engman, Kristofer

January 2019

In this study, we explore models for optimal bidding in auctions on the bond market using data gathered from the Bloomberg Fixed Income Trading platform and MIFID II reporting. We define models that aim to fulfill two purposes. The first is to hit the best competitor price, such that a dealer can win the trade with the lowest possible margin. This model should also take into account the phenomenon of the Winner's Curse, which states that the winner of a common value auction tends to be the bidder who overestimated the value. We want to avoid this since setting a too aggressive bid could be unprofitable even when the dealer wins. The second aim is to define a model that estimates a quote that allows the dealer to win a certain target ratio of trades. We define three novel models for these purposes that are based on the best competitor prices for each trade, modeled by a Skew Exponential Power distribution. Further, we define a proxy for the Winner's Curse, represented by the distance of the estimated price from a reference price for the trade calculated by Bloomberg which is available when the request for quote (RFQ) arrives. Relevant covariates for the trades are also included in the models to increase the specificity for each trade. The novel models are compared to a linear regression and a random forest regression method using the same covariates. When trying to hit the best competitor price, the regression models have approximately equal performance to the expected price method defined in the study. However, when incorporating the Winner's Curse proxy, our Winner's Curse adjusted models are able to reduce the effect of the Winner's Curse as we define it, which the regression methods cannot. The results of the models for hitting a target ratio show that the actual hit ratio falls within an interval of 5% of the desired target ratio when running the model on the test data. The inclusion of covariates in the models does not impact the results as much as expected, but still provide improvements with respect to some measures. In summary, the novel methods show promise as a first step towards building algorithmic trading for bonds, but more research is needed and should incorporate more of the growing data set of RFQs and MIFID II recorded transaction prices. / I denna studie utforskar vi modeller för optimal budgivning för auktioner på obligationsmarknaden med hjälp av data som samlats in från plattformen Bloomberg Fixed Income Trading och MIFID II-rapportering. Vi definierar modeller som ämnar att uppfylla två syften. Det första är att träffa det bästa konkurrentpriset så att en handlare kan vinna auktionen med minsta möjliga marginal. Denna modell bör också ta hänsyn till fenomenet Winner's Curse, som innebär att vinnaren av en så kallad common value auction tenderar att vara den budgivare som överskattat värdet. Vi vill undvika detta eftersom det kan vara olönsamt att skicka ett alltför aggressivt bud även om handlaren vinner. Det andra syftet är att definiera en modell som uppskattar ett pris som gör det möjligt för handlaren att vinna en viss andel av sina obligationsaffärer. Vi definierar tre nya modeller för dessa ändamål som bygger på de bästa konkurrentpriserna för varje transaktion vi har data på. Dessa modelleras av en Skew Exponential Power-fördelning. Vidare definierar vi en variabel som indirekt mäter fenomenet Winner's Curse, representerad av budprisets avstånd från ett referenspris för transaktionen beräknad av Bloomberg som är tillgänglig när en request for quote (RFQ) anländer. Relevanta kovariat för transaktionen implementeras också i modellerna för att öka specificiteten för varje transaktion. De nya modellerna jämförs med en linjärregression och en random forest-regression som använder samma kovariat. När målet är att träffa det bästa konkurrentpriset ger regressionsmodellerna ungefär samma resultat som expected price-modellen som definieras i denna studie. När man däremot integrerar effekten av Winner's Curse med den definierade indirekta variablen kan vår Winner's Curse-justerade modell minska effekten av Winner's Curse, vilket regressionsmetoderna inte kan. Resultaten av modellerna som ämnar vinna en förbestämd andel av transaktionerna visar att den faktiska andelen transaktioner som man vinner faller inom ett intervall på 5% kring den önskade andelen när modellen körs på testdata. Att inkludera kovariat i modellerna påverkar inte resultaten till den grad som uppskattades, men ger mindre förbättringar med avseende på vissa mättal. Sammanfattningsvis visar de nya metoderna potential som ett första steg mot att bygga algoritmisk handel för obligationer, men mer forskning behövs och bör utnyttja mer av den växande datamängden av RFQs och MIFID II-rapporterade transaktionspriser.

Auction

winner's curse

request for quote

RFQ

statistics

applied mathematics

financial mathematics

bond

e-auction

fixed income

skew exponential power

mifid II

pricing

Budgivning

winner's curse

request for quote

RFQ

statistik

tillämpad matematik

finansiell matematik

obligation

e-auktion

fixed income

skew exponential power

mifid II

prissättning

Probability Theory and Statistics

Sannolikhetsteori och statistik

「道德臉面」威脅對選擇求助對象及考量因素的影響

韓貴香, Han, Kuei-Hsiang

Unknown Date

本研究採情境實驗法，探討具有「道德臉面」威脅的請託情境，如何影響個人選擇不同的求助對象。研究一操弄請託情境為「有關」vs.「無關」道德臉面的威脅。結果發現：在「無關」道德臉面威脅的情境，絕大多數的問卷填答者，選擇向情感性關係的家人求助，這時個人決定找家人幫忙的主要考量，是希望獲得「較好的協助」；反之，在「有關」道德臉面威脅的情境下，絕大多數的問卷填答者，選擇向工具性關係的陌生人求助，而此時個人主要的考量，是為了「維護面子」。不過，在「有關」道德臉面威脅的請託情境，又無陌生人可以求助的情況，問卷填答者選擇向家人或朋友求助的人數，並沒有顯著的差異。 研究二操弄威脅「道德臉面」的請託情境，事件當事人和請託者之間不同的自我關聯程度（自己vs. 家人vs. 朋友），以及此失面子事件的發生，是否有一可被接受或同情的「合理藉口」。研究發現：當「自己」就是事件當事人，且沒有合理藉口時，問卷填答者傾向選擇工具性關係的陌生人求助。反之，如果事件的發生有一可解釋的外在理由，則問卷填答者選擇向陌生人和朋友求助的人數沒有顯著差異。當事件當事人是「家人」且沒有合理藉口時，填答者同樣會選擇向陌生人求助。不過，當「家人」有可被同情的藉口時，則絕大多數的填答者，選擇向朋友求助。在當事人是「朋友」的情境，則不管事件發生的理由為何，大多數的問卷填答者，均選擇向混合性關係的其他朋友求助。與研究一相同的是問卷填答者在選擇向「朋友」求助時，考量的因素是希望能獲得「較好的協助」，反之，當其選擇向「陌生人」求助時，考量的因素則是希望能「維護面子」。 研究三則設計在威脅個人「道德臉面」的請託情境中，有一些可以讓事件當事人覺得不會沒面子的可幫助熟識者（同事）。並操弄讓當事人感到「沒面子」程度不同的求助對象選擇（同事vs.陌生人vs.家人vs.朋友）。研究發現：當有不會讓當事人覺得沒面子的對象存在時，問卷填答者多優先選擇向此對象（同事）求助。只有在沒有此對象可以選擇的情況下，填答者才會退而求其次地選擇向「陌生人」求助，在連陌生人也無法選擇的情況下，問卷填答者選擇向家人或朋友求助的人數則沒有顯著差異。分析研究的資料則發現，影響問卷填答者分別選擇向「同事」、「陌生人」、「家人」或「朋友」求助的主要因素，是因為相對而言，在該不同求助對象的選擇下，問卷填答者對該對象比較不會覺得「沒面子」。 整體而言，在威脅「道德臉面」的請託情境中，最能預測問卷填答者，選擇哪一種關係對象求助的預測變項，是其「沒面子」的感受，而非西方個人主義文化中強調的「自尊」。同時，當個人因覺得「沒面子」而選擇向陌生人求助時，其考量的主要因素是希望能「維護面子」。換言之，在會威脅自己面子的情況下，是否能獲得對方「比較好的協助」，則不是那麼重要。

請託

道德臉面

恥感文化

社會心理均衡

選擇求助對象

favor-request

moral face

shame culture

psychosocial-homeostasis

helper-seeking

La politesse dans la communication interculturelle : les stratégies de politesse utilisées par les coréens apprenant le français comme langue seconde lors des situations de demande

Bae, Jin Ah

02 1900

La présente recherche a pour objectif d’examiner les stratégies de politesse utilisées par des apprenants coréens qui apprennent le français comme langue seconde lors des situations de demande et de mettre en évidence le rôle de la L1 et de la culture d’origine des apprenants quant à leurs choix des stratégies de politesse en français. Trois groupes de répondants ont participé à la recherche : 30 locuteurs natifs coréens qui habitent à Séoul, en Corée, 30 étudiants coréens apprenant le français comme langue seconde à Montréal, au Canada, et 30 locuteurs natifs francophones habitant Montréal. Les données recueillies auprès des locuteurs natifs ont servi de bases de données reflétant respectivement les normes de la L1 et celles de la langue cible. Pour la collecte de données, nous avons utilisé quatre outils : le Discourse Completion Test (DCT) écrit, des échelles d’évaluation des variables contextuelles, un Questionnaire à choix multiples (QCM) ainsi qu’une entrevue semi-structurée. Les réponses obtenues au DCT écrit ont été analysées à l’aide du schéma de codage élaboré dans le cadre du Cross-Cultural Speech Act Realization Project (CCSARP) (Blum-Kulka, House, & Kasper, 1989). Les résultats de notre recherche ont démontré que les apprenants coréens ont estimé les variables contextuelles, comme l’intimité et le pouvoir social ressentis vis-à-vis de l’interlocuteur dans les situations de demande de façon similaire aux locuteurs natifs francophones, alors qu’ils ont eu tendance à estimer une plus grande gravité d’imposition de la demande que les deux groupes de locuteurs natifs dans plusieurs situations de demande. Quant aux stratégies de demande, tandis que ce sont les stratégies indirectes qui ont été le plus fréquemment utilisées par les apprenants coréens et les locuteurs natifs francophones, les apprenants coréens ont montré une tendance au transfert pragmatique de la L1, en recourant aux stratégies directes plus fréquemment que les locuteurs natifs francophones. De plus, étant donné que les apprenants coréens ont utilisé beaucoup moins d’atténuateurs que les locuteurs natifs francophones, leurs formules de demande étaient plus directes et moins polies que celles employées par les locuteurs natifs francophones. En ce qui concerne les mouvements de soutien (supportive moves), les apprenants coréens se sont démarqués des deux groupes de locuteurs natifs, en recourant plus fréquemment à certaines catégories de mouvements de soutien que les autres répondants. Les analyses de corrélation entre l’estimation des variables contextuelles et le choix des stratégies de politesse nous ont permis de constater que les apprenants coréens ainsi que les locuteurs natifs francophones ont eu tendance à utiliser davantage d’atténuateurs lorsque le locuteur possède moins de pouvoir social. Les implications des résultats pour l’enseignement et l’apprentissage des aspects de la politesse dans la classe de français langue seconde ont été exposées. / The aim of this study is to investigate request strategies that Korean learners of French use in request situations. The role played by the learners’ first language and their culture of origin in making these choices will also be explored. Three groups of respondents participated in this study: 30 native Korean speakers living in Seoul, Korea, 30 Korean French learners in Montreal, Canada, and 30 French native speakers living in Montreal. Data collected from native speakers of both Korean and French were used to create baseline data reflecting first and second language norms respectively. Four data collecting methods were used: the Discourse Completion Test (DCT); an assessment questionnaire evaluating situational factors such as intimacy, the social power between interlocutors and the degree of imposition of requests; the multiple choice questionnaire (MCQ); and a semi-constructed interview. The responses obtained from the written DCT were analysed using the coding scheme elaborated in the Cross-Cultural Speech Act Realization Project (CCSARP) (Blum-Kulka, House, & Kasper, 1989). The results of the study showed that the Korean French learners estimated situational factors like intimacy and the relative social power that they feel with interlocutors in a manner similar to that of the French native speakers. However, in many situations, the Korean learners of French tended to estimate that a request represented a greater imposition than either group of native speakers. Further, while the Korean French learners frequently used indirect strategies as the French native speakers used them, they showed a tendency towards pragmatic transfer from their first language (L1), using direct strategies more frequently than their native French-speaking counterparts. Moreover, as the Korean French learners used downgraders far less frequently, their semantic formulas were more direct and less polite than the ones used by French native speakers. Concerning supportive moves, the Korean French learners showed a different tendency from the two groups of native speakers, in that they used some categories of supportive moves more frequently. The correlation analysis between the results of the assessment questionnaire about situational factors and the politeness strategies used by respondents revealed that the Korean learners and the French native speakers used more downgraders when they have less social power than the hearer. Finally, the implications of these findings as relates to the pedagogical and didactic aspects of politeness in French as a second language classroom are examined.

Stratégies de politesse

Apprenants coréens

Français langue seconde

Acte de demande

Transfert pragmatique

Pragmatique de l'interlangue

CCSARP

Politeness strategies

Korean learners

French as second language

Request speech act

Pragmatic transfer

Interlanguage pragmatics

Cloud application platform - Virtualization vs Containerization : A comparison between application containers and virtual machines

Vestman, Simon

January 2017

Context. As the number of organizations using cloud application platforms to host their applications increases, the priority of distributing physical resources within those platforms is increasing simultaneously. The goal is to host a higher quantity of applications per physical server, while at the same time retain a satisfying rate of performance combined with certain scalability. The modern needs of customers occasionally also imply an assurance of certain privacy for their applications. Objectives. In this study two types of instances for hosting applications in cloud application platforms, virtual machines and application containers, are comparatively analyzed. This investigation has the goal to expose advantages and disadvantages between the instances in order to determine which is more appropriate for being used in cloud application platforms, in terms of performance, scalability and user isolation. Methods. The comparison is done on a server running Linux Ubuntu 16.04. The virtual machine is created using Devstack, a development environment of Openstack, while the application container is hosted by Docker. Each instance is running an apache web server for handling HTTP requests. The comparison is done by using different benchmark tools for different key usage scenarios and simultaneously observing the resource usage in respective instance. Results. The results are produced by investigating the user isolation and resource occupation of respective instance, by examining the file system, active process handling and resource allocation after creation. Benchmark tools are executed locally on respective instance, for a performance comparison of the usage of physical resources. The amount of CPU operations executed within a given time is measured in order determine the processor performance, while the speed of read and write operations to the main memory is measured in order to determine the RAM performance. A file is also transmitted between host server and application in order to compare the network performance between respective instance, by examining the transfer speed of the file. Lastly a set of benchmark tools are executed on the host server to measure the HTTP server request handling performance and scalability of each instance. The amount of requests handled per second is observed, but also the resource usage for the request handling at an increasing rate of served requests and clients. Conclusions. The virtual machine is a better choice for applications where privacy is a higher priority, due to the complete isolation and abstraction from the rest of the physical server. Virtual machines perform better in handling a higher quantity of requests per second, while application containers is faster in transferring files through network. The container requires a significantly lower amount of resources than the virtual machine in order to run and execute tasks, such as responding to HTTP requests. When it comes to scalability the prefered type of instance depends on the priority of key usage scenarios. Virtual machines have quicker response time for HTTP requests but application containers occupy less physical resources, which makes it logically possible to run a higher quantity of containers than virtual machines simultaneously on the same physical server.

Openstack

Docker

Simon Vestman

Malvacom

Malvacom AB

Application container

virtual machine

performance

scalability

comparison

user isolation

abstraction

resource allocation

containerization

virtualization

cloud application platform

platform as a service

CPU

RAM

efficiency

request handling

Computer Systems

Datorsystem

Eutanázie a trestní právo / Euthanasia and Criminal Law

Karásková, Barbora

January 2018

The thesis deals with legal aspects of euthanasia with special focus on criminal law context. It is divided into four broad chapters. First chapter defines terms that need to be understood perfectly for further work on the topic. Therefore, it deals with the term "euthanasia" and its division into active and passive euthanasia, direct and indirect, requested and unsolicited. There are also mentioned some related institutes such as dysthanasia, palliative and hospice care and assisted suicide. Last but not least, this chapter presents some arguments for and against euthanasia. Second chapter is devoted to legislation in foreign countries where euthanasia (or assisted suicide) has been legalized. Wider context of foreign legislation is important for realizing the consequences that possible legalization of euthanasia in the Czech Republic would bring. It can be clearly seen on the example of individual foreign states what legalization of euthanasia entails, how stringent the conditions that a request for termination of life has to meet are, and ultimately, we can decide whether we tend to endorse the legalization of euthanasia or go in the opposite course. Third chapter focuses on the merit of the matter, which is the legal regulation of euthanasia in the Czech Republic and the context of...

Fatores críticos sobre manifestações de interesse em Parcerias Público-Privadas e as propriedades da visão do produto / Critical success factors of unsolicited proposal in Public-Private Partnerships and product vision properties

Caproni, Tiago Vieira

08 March 2018

Os Procedimentos de Manifestação de Interesse (PMI) e Propostas Não Solicitadas (PNS) são mecanismos para a viabilização de projetos de Parcerias Público-Privadas (PPP/PFIs). Contudo, a ausência de critérios claros para avaliação e priorização de parceiros, de forma transparente e técnica, leva à seleção adversa de propostas, contribuindo para o insucesso dos projetos. O principal instrumento utilizado na avaliação PPP/PFIs é uma análise quantitativa baseada no Value For Money (VfM). O propósito deste trabalho foi investigar os problemas relacionados com os processos de avaliação das propostas dos PMI submetidas aos órgãos demandantes dos serviços. Iniciou-se com a análise do Fatores Críticos para o Sucesso (FCSs) das PPP/PFIs, dos PMI e PNS, identificadas na literatura. Os Fatores Críticos foram apresentados a um conjunto de 78 especialistas que responderam também sobre a processo de análise das propostas. No questionário os autores foram confrontados também com as propriedades da visão. O resultado indica que a análise com o VfM seria incompleta e insuficiente para capturar a complexidade do escopo destes projetos. A pesquisa possibilitou ainda organizar os fatores críticos em 7 dimensões a serem consideradas na avaliação destes projetos. Essas dimensões podem ser utilizadas para a criação de instrumentos de avaliação e um exemplo foi proposto, um indicador nomeado de índice \"T\", avaliado por um grupo de 12 especialistas em projetos de PPP/PFIs. A pesquisa contribui, portanto, para apoiar a criação de instrumentos de avaliação de PPP/PFIs que considerem uma análise mais ampla, considerando aspectos qualitativos e quantitativos. / Unsolicited Proposals (UNPs) are one of the main mechanisms for verifying the feasibility of Public-Private Partnerships (PPP/PFIs/PFIs) projects. However, the lack of clear criteria to evaluate and to prioritize the partner, in a transparent and technical way, has led to adverse selection of proposals increasing the level of failure of these projects. The main instrument used in the PPP/PFIs evaluation is a quantitative analysis based on Value for Money. The purpose of this research was to investigate the problems related with the processes of evaluation of the Unsolicited Proposals (UNPs) that are submitted to the respective government offices. The study compiles the analysis of Critical Success Factors (CSFs) for Public-Private Partnerships (PPP/PFI) and the Unsolicited Proposals (UNPs), identified in the literature, and synthetized by the evaluation of a group of 78 specialists, resulting in the organization of 7 (seven) dimensions to be considered in the evaluation of these projects. This study also demonstrated that, according to these experts, the analysis with VfM would be incomplete and insufficient to capture the complexity of the scope of these projects. As an alternative a set of 7 (seven) indicators where created related to each dimension and a general index that synthetize the performance in the dimensions, considering qualitative and quantitative aspects. The index was labeled as \"T\" index and evaluated by a group of 12 (twelve) experts on PPP/PFI projects. The results from the analyses indicate that the index allows a linear comparative analysis between the proposals received by the public entity requesting the Public- Private Partnership (PPP/PFI) services. The model of indicators decreases the subjectivity of the choices made by public managers, resulting in greater transparency for the process of proposal qualification and security to the market.

Escopo

Index

Indicadores

Indicator

Índice

Parceria Público-Privada (PPP/PFI)

Product Vision

Proposta Não Solicitada (PNS)

Public-Private Partnership (PPP/PFI)

Request for Proposal (RFP)

Scope

Unsolicited Proposal (UNPs)

Visão do Produto