Multipath Routing with Load Balancing in Wireless Ad Hoc Networks

Groleau, Romain

January 2005

In recent years, routing research concerning wired networks has focused on minimizing the maximum utilization of the links which is equivalent to reducing the number of bottlenecks while supporting the same traffic demands. This can be achieved using multipath routing with load balancing instead of single path routing using of routing optimizers. However, in the domain of ad hoc networks multipath routing has not been investigated in depth. We would like to develop an analogy between wired and wireless networks, but before that we need to identify the major differences between these two in the case of multipath routing. First, in order to increase the network throughput, the multiple paths have to be independent so they don't share the same bottlenecks. Then, due to radio propagation properties the link capacity is not constant. So using the maximum utilization metric for wireless networks is not suitable. Based on the research done in wired networks, which has shown that using multiple paths with load balancing policies between sourcedestination pairs can minimize the maximum utilization of the links, we investigate if this is applicable to ad hoc networks. This paper proposes a multipath routing algorithm with a load balancing policy. The results obtained from an indoor 802.11g network highlight two major points. The maximum throughput is not achieved with multipath routing, but with single path routing. However, the results on the delivery ratio are encouraging, indeed we observe a real improvement thanks to our multipath routing algorithm. / På senare år har routning forskningen angående trådnätverken focusen på att minska den maximala användingen av länkar vilket motsvarar än reducering av flaskhalsar medan man stöder samma trafikkrav. Det här kan åstadkommas genom att av multiväg routning med lasta balansering I stället för använder enkelvägrouting med routing optimizers. Emellertid har inom ad hoc nätverken multiväg routning har inte blivit undersökts på djupet. Vi skulle vilja utveckla en analogy emellan trådnätverk och trådlösnätverken.men främföre det behöver identifiera de store differenserna mellan dessa två vid multiväg routning. För det första måste de flerfaldiga vägarna vara oberoende för att öka nätverkens throughput så de inte delar samma flaskhalsar. Sedan är länkkapaciteten inte constant på grund av radiospridningsegenskaperna. Så den maximal användningsmetric för trådlös nätverken passar inte. Den här arbetetet föreslår en multiväg routning algoritm med lasta balanseringen. Resultaten få från en indoor 802.11g nätverk framhåller ger två store meningen. Den maximala throughput är inte åstadkoms med multiväg routing, men med enkelväg routning. Emellertid är resultaten på den leveransförhållande uppmuntrande; vi observera en verklig förbättring tack vare vår multiväg routning algoritmen.

802.11

static wireless ad hoc networks

multipath routing

load balancing

M-RNR

Communication Systems

Kommunikationssystem

Using the SEI CERT Secure Coding Standard to Reduce Vulnerabilities

Fisch, Johan, Haglund, Carl

January 2021

Security is a critical part of every software developed today and it will be even more important going forward when more devices are getting connected to the internet. By striving to improve the quality of the code, in particular the security aspects, there might be a reduction in the number of vulnerabilities and improvements of the software developed. By looking at issues from past problems and studying the code in question to see whether it follows the SEI CERT secure coding standards, it is possible to tell if compliance to this standard would be helpful to reduce future problems. In this thesis an analysis of vulnerabilities, written in C and C++, reported in Common Vulnerabilities and Exposures (CVE), will be done to verify whether applying the SEI CERT secure coding standard will help reduce vulnerabilities. This study also evaluates the SEI CERT rule coverage of three different static analysis tools, Rosecheckers, PVS-Studio and CodeChecker by executing them on these vulnerabilities. By using three different metrics, true positive, false negative and the run time. The results of the study are promising since it shows that compliance to the SEI CERT standard does indeed reduce vulnerabilities. Of the analyzed vulnerabilities it was found that about 60% of these could have been avoided, if the standard had been followed. The results of the tools were of great interest as well, it showed that the tools did not perform as well as the manual analysis, however, all of them found some SEI CERT rule violations in different areas. Conclusively, a combination of manual analysis and these three static analysis tools would have resulted in the highest number of vulnerabilities avoided.

SEI CERT

Secure Coding

Static Analysis Tools

Security

Computer Sciences

Datavetenskap (datalogi)

Implementation and Evaluation of an Emulated Permission System for VS Code Extensions using Abstract Syntax Trees / Implementation och Utvärdering av ett Emulerat Behörighetssystem för Extensions i VS Code med hjälp av Abstrakta Syntaxträd

David, Åström

January 2021

Permission systems are a common security feature in browser extensions and mobile applications to limit their access to resources outside their own process. IDEs such as Visual Studio Code, however, have no such features implemented, and therefore leave extensions with full user permissions. This thesis explores how VS Code extensions access external resources and presents a proof-of-concept tool that emulates a permission system for extensions. This is done through static analysis of extension source code using abstract syntax trees, scanning for usage of Extension API methods and Node.js dependencies. The tool is evaluated and used on 56 popular VS Code extensions to evaluate what resources are most prevalently accessed and how. The study concludes that most extensions use minimal APIs, but often rely on Node.js libraries rather than the API for external functionality. This leads to the conclusion the inclusion of Node.js dependencies and npm packages is the largest hurdle to implementing a permission system for VS Code.

Visual Studio Code

Extensions

Permissions

Static Analysis

Abstract Syntax Trees

Computer Sciences

Datavetenskap (datalogi)

Security smells in open-source infrastructure as code scripts : A replication study

Hortlund, Andreas

January 2021

With the rising number of servers used in productions, virtualization technology engineers needed a new a tool to help them manage the rising configuration workload. Infrastructure as code(IaC), a term that consists mainly of techniques and tools to define wanted configuration states of servers in machine readable code files, which aims at solving the high workload induced by the configuration of several servers. With new tools, new challenges rise regarding the security of creating the infrastructure as code scripts that will take over the processing load. This study is about finding out how open-source developers perform when creating IaC scripts in regard to how many security smells they insert into their scripts in comparison to previous studies and such how developers can mitigate these risks. Security smells are code patterns that show vulnerability and can lead to exploitation. Using data gathered from GitHub with a web scraper tool created for this study, the author analyzed 400 repositories from Ansible and Puppet with a second tool created, tested and validated from previous study. The Security Linter for Infrastructure as Code uses static code analysis on these repositories and tested these against a certain ruleset for weaknesses in code such as default admin and hard-coded password among others. The present study used both qualitative and quantitative methods to analyze the data. The results show that developers that actively participated in developing these repositories with a creation date of at latest 2019-01-01 produced less security smells than Rahman et al (2019b, 2020c) with a data source ranging to November 2018. While Ansible produced 9,2 compared to 28,8 security smells per thousand lines of code and Puppet 13,6 compared to 31,1. Main limitation of the study come mainly in looking only at the most popular and used tools of the time of writing, being Ansible and Puppet. Further mitigation on results from both studies can be achieved through training and education. As well as the use of tools such as SonarQube for static code analysis against custom rulesets before the scripts are being pushed to public repositories.

infrastructure as code

security

Ansible

Puppet

static code analysis

security smells

Information Systems

USING TEMPORAL NETWORKS TO FIND THE INFLUENCER NODE OF THE BUGGY SITES IN THE CODE COMMUNITIES

Kanwardeep Singh Walia (12091133)

14 April 2022

<p>The cyber-attacks have increased, and with everything going digital, data theft has become a significant issue. This raises an alarm on the security of the source code. Sometimes, to release products early, the security of the code is compromised. Static analysis tools can help in finding possible security issues. Identifying and fixing the security issues may overwhelm the software developers. This process of "fixing" the errors or securing the code may take a lot of time, and the product may be released before all the errors are fixed. But these vulnerabilities in the source code may cost millions of dollars in case of a data breach. It is important to fix the security issues in the source code before releasing the product. This leads to the question of how to fix errors quickly so products can be rolled out with fewer security issues? A possible solution is to use temporal networks to find the influencer nodes in the source code. If these influencer variables are fixed, the connected security issues depending on the influencer in the community (functions) will also get fixed. The research question of the study: Can we identify the influencer node of the buggy site in the source code using temporal networks (K-tool) if the buggy sites present in the source code are identified using static analysis? The study also aims to know if it is faster to find the influencer node using the K-tool than the betweenness centrality algorithm. This research is an "Applied research" and will target the code written in C programming language. Possible vulnerabilities that can be fixed include "Integer Overflow", "Out of bounds", and "Buffer overflow." In the future, we plan to extend to other errors such as "Improper input validation." In this research, we will discuss how we can find the influencer node of the vulnerability (buggy site) in the source code after running the static analysis. Fixing this influencer node will fix the remaining errors pointed out by the static analysis. This will help in reducing the number of fixes to be done in the source code so that the product can be rolled out faster with less security issues.</p> <p><br></p>

Computer System Security

static analysis

influencers

nodes

C language

betweenness centrality

bugs

security

important nodes

Grinding mill circuit control from a plant-wide control perspective

Le Roux, Johan Derik

January 2016

A generic plant-wide control structure is proposed for the optimal operation of a grinding mill circuit. An economic objective function is defined for the grinding mill circuit with reference to the economic objective of the larger mineral processing plant. A mineral processing plant in this study consists of a comminution and a separation circuit and excludes the extractive metallurgy at a metal refinery. The comminution circuit's operational performance primarily depends on the mill's performance. Since grindcurves define the operational performance range of a mill, the grindcurves are used to define the setpoints for the economic controlled variables for optimal steady-state operation. For a given metal price, processing cost, and transportation cost, the proposed structure can be used to define the optimal operating region of a grinding mill circuit for the best economic return of the mineral processing plant. The plant-wide control structure identifies the controlled and manipulated variables to ensure the grinding mill circuit can be maintained at the desired operating condition. The plant-wide control framework specifies regulatory and supervisory control aims which can be achieved by means of non-linear model-based control. An impediment to implementing model-based control is the computational expense to solve the non-linear optimisation function. To resolve this issue, the reference-command tracking version of model predictive static programming (MPSP) is applied to a grinding mill circuit. MPSP is an innovative optimal control technique that combines the philosophies of Model Predictive Control (MPC) and approximate dynamic programming. The performance of the proposed MPSP control technique, is compared to the performance of a standard non-linear MPC (NMPC) technique applied to the same plant for the same conditions. Results show that the MPSP control technique is more than capable of tracking the desired set-point in the presence of model-plant mismatch, disturbances and measurement noise. The performance of MPSP and NMPC compare very well, with definite advantages offered by MPSP. The computational speed of MPSP is increased through a sequence of innovations such as the conversion of the dynamic optimization problem to a low-dimensional static optimization problem, the recursive computation of sensitivity matrices, and using a closed form expression to update the control. The MPSP technique generally takes only a couple of iterations to converge, even when input constraints are applied. Therefore, MPSP can be regarded as a potential candidate for on-line applications of the NMPC philosophy to real-world industrial process plants. The MPSP and NMPC simulation studies above assume full-state feedback. However, this is not always possible for industrial grinding mill circuits. Therefore, a non-linear observer model of a grinding mill is developed which distinguishes between the volumetric hold-up of water, solids, and the grinding media in the mill. Solids refer to all ore small enough to discharge through the end-discharge grate, and grinding media refers to the rocks and steel balls. The rocks are all ore too large to discharge from the mill. The observer model uses the accumulation rate of solids and the discharge rate as parameters. It is shown that with mill discharge flow-rate, discharge density, and volumetric hold-up measurements, the model states and parameters are linearly observable. Although instrumentation at the mill discharge is not yet included in industrial circuits because of space restrictions, this study motivates the benefits to be gained from including such instrumentation. An Extended Kalman Filter (EKF) is applied in simulation to estimate the model states and parameters from data generated by a grinding mill simulation model from literature. Results indicate that if sufficiently accurate measurements are available, especially at the discharge of the mill, it is possible to reliably estimate grinding media, solids and water hold-ups within the mill. Such an observer can be used as part of an advanced process control strategy. / 'n Generiese aanlegwye beheerstruktuur vir die optimale beheer van 'n maalmeulkring word voorgehou. 'n Ekonomiese doelwitfunksie is gedefinieer vir die maalmeulkringbaan met verwysing tot die ekonomiese doelwit van die groter mineraalverwerkingsaanleg. 'n Mineraalverwerkingsaanleg bestaan in hierdie studie slegs uit die vergruisings- en skeidingskringbane. Die ekstraktiewe metallurgie by die metaal raffinadery word uitgesluit. Die vergruisingskringbaan se operasionele werksverrigting is hoofsaaklik van die maalmeul se werksverrigting afhanklik. Aangesien maalkurwes die bereik van die maalmeul se werksverrigting beskryf, kan die maalkurwes gebruik word om die stelpunte van die ekonomiese beheerveranderlikes te definieer vir werking by optimale gestadigde toestand. Gegewe 'n bepaalde metaalprys, bedryfskoste, en vervoerkoste, kan die voorgestelde struktuur gebruik word om die optimale werksgebied vir die maalmeulkring te definieer vir die beste ekonomiese gewin van die algehele mineraalverwerkingsaanleg. Die aanlegwye beheerstruktuur omskryf die beheerveranderlikes en manipuleerbare veranderlikes wat benodig word om die maalmeulkring by die gewenste werksgebied te handhaaf. Die aanlegwye beheerstruktuur spesifiseer regulatoriese en toesighoudende beheer doelwitte. Hierdie doelwitte kan bereik word deur gebruik te maak van nie-lineêre model gebaseerde beheer. Die probleem is dat die bewerkingskoste om nie-lineëre optimeringsfunksies op te los 'n struikelblok is om model gebaseerde beheer op industriële aanlegte toe te pas. Ter oplossing hiervan, word die stelpunt-volg weergawe van model gebaseerde voorspellende statiese programmering (MVSP) toegepas op 'n maalmeulkringbaan. MVSP is 'n innoverende optimale beheertegniek, en bestaan uit 'n kombinasie van die filosofieë van model gebaseerder voorspellende beheer (MVB) en aanpassende dinamiese programmering. Die verrigting van die voorgestelde MVSP beheertegniek word vergelyk met die verrigting van 'n standaard nie-lineëre MVB (NMVB) tegniek deur beide beheertegnieke op dieselfde aanleg vir dieselfde toestande toe te pas. Resultate dui aan dat die MVSP beheertegniek in staat is om die gekose stelpunt te midde van model-aanleg wanaanpassing, steurnisse, en metingsgeraas te volg. Die verrigting van MVSP en NMVB vergelyk goed, maar MVSP bied duidelike voordele. Die bewerkingspoed vir MVSP word vinniger gemaak deur die dinamiese optimeringsprobleem in 'n laeorde statiese optimeringsprobleem te omskep, die sensitiwiteitsmatrikse rekursief uit te werk, en deur 'n geslote uitdrukking ter opdatering van die beheeraksie te gebruik. Die MVSP beheertegniek benodig normaalweg slegs 'n paar iterasies om tot 'n oplossing te konvergeer, selfs indien beperkings op die insette toegepas word. Om die rede word MVSP as 'n potensiële kandidaat beskou vir aanlyntoepasings van die NMVB filosofie op industriële aanlegte. Die MVSP en NMVB simulasie studies hierbo neem aan dat volle toestandterugvoer moontlik is. Hierdie is nie altyd moontlik vir industriële maalmeulkringbane nie. Om die rede is 'n nie-lineêre waarnemingsmodel van 'n maalmeul ontwikkel. Die model onderskei tussen die volumetriese hoeveelheid water, vaste stowwe, en maalmedia in die meul. Vaste stowwe verwys na alle erts wat klein genoeg is om deur die uitskeidingsif aan die ontslagpunt van die meul te vloei. Maalmedia verwys na rotse en staalballe in die meul, met rotse wat te groot is om deur die uitskeidingsif te vloei. Die waarnemingsmodel maak gebruik van die ontslaantempo en die opeenhopingstempo van vaste stowwe as parameters. Indien die meul se ontslagvloeitempo, ontslagdigtheid, en totale volumetriese aanhouding gemeet word, is alle toestande en parameters van die waarnemingsmodel lineêr waarneembaar. Alhoewel instrumentasie by die meul se ontslagpunt as gevolg van ruimte beperkings nog nie op industriële aanlegte ingesluit word nie, dui hierdie studie die voordele aan wat verkrygbaar is deur sulke instrumentasie in te sluit. 'n Verlengde Kalman Filter (VKF) word in simulasie gebruik om die model se toestande en parameters af te skat. 'n Bestaande maalmeul simulasie model vanuit die literatuur word gebruik om die nodige data vir die VKF te genereer. Resultate dui aan dat indien die metings akkuraat genoeg is, veral by die ontslagpunt van die meul, betroubare afskattings van die volumetriese hoeveelheid maalmedia, vaste stowwe, en water in die meul gemaak kan word. So 'n afskatter kan vorentoe gebruik word as deel van 'n gevorderde prosesbeheer strategie. / Thesis (PhD)--University of Pretoria, 2016. / Electrical, Electronic and Computer Engineering / PhD / Unrestricted

UCTD

Mineral processing

Model predictive control

Model predictive static programming

State and parameter estimation

The Effects of Kinesiology Tape on Static Postural Control in Individuals with Functional Ankle Instability

Ly, Kien Trung

03 September 2020

Functional ankle instability (FAI) is characterized by the recurrent giving way of the ankle and the constant feeling of instability that affects the quality of life of its patients adversely. Kinesiology Tape (KT), differed from the traditional rigid athletic tape, becomes more popular as a new therapeutic tool for injuries management. It is reported to decrease pain, promote blood circulation and natural healing of muscular functioning. However, scientific evidence of KT’s effects on FAI remains very limited. Therefore, the purpose of the present study was to investigate if applying KT on the unstable ankle may improve static postural control in individuals with FAI. Twenty young adults with FAI performed a series of static quiet bipedal and unipedal stances on a force platform. Postural control was assessed by four measures derived from the centre of pressure (COP) data: 95% Confidence ellipse of total displacements (area), standard deviation of displacements (SD), mean velocity and mean power frequency (MPF). Measurements were taken at three different times: baseline or no tape, immediately after the application of KT on the unstable ankle, and 24 hours after the taping application with the tape remaining on the ankle. Results revealed only minor changes in mean velocity and MPF in unipedal stances immediately after KT application. However, the overall results indicated statistically insignificant improvements in postural control performance neither immediately after KT application nor after 24 hours. In conclusion, our results suggest that the use of KT did not affect bipedal and unipedal stances of individuals with functional ankle instability.

Static postural control

Kinesiology Tape

Functional ankle instability

Bipedal stance

Unipedal stance

The analysis and co-design of weakly-consistent applications / L'analyse et co-design des applications faiblement-cohérent

Najafzadeh, Mahsa

22 April 2016

Afin d'assurer disponibilité et réactivité, de nombreux systèmes distribués reposent sur des bases de données répliquées qui maintiennent des copies (répliques) des données sur différents serveurs. la cohérence constitue un défi important dans la mise en oeuvre des bases de données répliquées. les concepteurs de bases de données repliquées doivent faire un choix difficile entre une cohérence forte, qui guarantit une large gamme d'invariants applicatifs, mais qui est lente et fragile, et une réplication asynchrone, qui assure un bon niveau de disponibilité et de réactivité, mais laisse le programmeur face à de possibles anomalies liées à la concurrence.pour résoudre ce dilemme, des bases de données commerciales et recherche fournissent une cohérence hybride qui permet au programmeur d'exiger une cohérence forte pour certaines opérations, et d'ainsi permettre une synchronisation.cette thèse étudie l'analyse et la mise en oeuvre d'une application et de la cohérence associée, de manière à assurer les invariants de cette application avec un minimum d'exigences de cohérence. les trois principales contributions de cette thèse sont: 1) nous proposons le premier outil d'analyse statique destiné à prouver la validité d'invariants d'applications de base de données à modèle de cohérence hybride. 2) nous présentons la mise en application de notre outil d'analyse dans le cadre de la conception d'un système de fichiers dont la sémantique permet un comportement similaire à posix et à un coût résonable. 3)nous proposons un ensemble de patterns utiles, susceptibles d'aider les développeurs d'application dans l'implémentation d'invariants les plus communs. / Distributed databases take advantage of replication to bring data close to the client, and to always be available. the primary challenge for such databases is to ensure consistency. recent research provide hybrid consistency models that allow the database supports asynchronous updates by default, but synchronisation is available upon request. to help programmers exploit the hybrid consistency model, we propose a set of useful patterns,proof rules, and tool for proving integrity invariants of applications. in the first part, we study a sound proof rule that enables programmers to check whether the operations of a given application semantics maintain the application invariants under a given amount of parallelism. we have developed a smt-based tool that automates this proof, and verified several example applications using the tool. in the second part, we apply the above methodology to the design of a replicated file system.the main invariant is that the directory structure forms a tree. we study three alternative semantics for the file system. each exposes a different amount of parallelism, and different anomalies. using our tool-assisted rules, we check whether a specific file system semantics maintains the tree invariant, and derive an appropriate consistency protocol. in the third part of this thesis, we present three classes of invariants: equivalence, partial order, and single-item generic. each places some constraints over the state. each of these classes maps to a different storage-layer consistency property: respectively, atomicity, causal ordering, or total ordering.

Base de données répliquée

Cohérence

Synchronisation

Invariant

Analyse statique

Vérification

Invariant

Static analysis

Replicated database

004

Scheduling Of 2-Operation Jobs On A Single Machine To Minimize The Number Of Tardy Jobs

Yeleswarapu, Radhika M

14 November 2003

This study focuses on the study of a unique but commonly occurring manufacturing problem of scheduling of customized jobs consisting of two operations on a single multi-purpose machine with the performance objective of minimizing the number of tardy jobs (jobs that are not completed by their due dates). Each customized job to be complete needs one unique operation and one common operation performed on it. We considered a static case in this work. The objective of minimizing the number of tardy jobs is considered where all jobs have equal weights and the maximum tardiness has no effect on the performance. This problem is proved in literature as NP-hard and hence practically very difficult to obtain optimal solution within reasonable computational time. Till date only a pseudo-polynomial algorithm is given to solve this problem with no concrete computational experiments designed to prove the efficiency and working of the algorithm for different problem instances. We propose a heuristic algorithm based on the Moore-Hodgson's algorithm combining with other procedures and optimal schedule properties from the literature to solve this problem. In literature, Moore-Hodgson's algorithm is an efficient heuristic algorithm that minimizes the number of tardy jobs for the classical single machine one-operation problems. The performance of the heuristic is evaluated through extensive computational experiments for large real size data. The obtained results are compared to the solutions obtained by implementing the optimal pseudo-polynomial algorithm and the performance of the heuristic is tested on large data sets. The test data for the computational experiments are generated randomly using MATLAB 6.1. Future directions of research and development on the problem to improve the obtained solution by the heuristic algorithm are given.

Machine scheduling

Moore-hodgson’s algorithm

Optimal schedule

Static problem

Order of complexity

American Studies

Arts and Humanities

UAE Preschool Teachers' Attitudes toward Inclusion Education by Specialty and Cultural Identity

Hussain, Afraa Salah

01 January 2017

Inclusion of children with special education needs into public classrooms in United Arab Emirates applied in 2006. The application of inclusion programs started in high schools, and followed by elementary schools and preschools. Teachers' attitudes toward inclusion evaluated among high school and elementary teachers but not among preschool teachers. The effect of the cultural background of teaching staff on inclusion education not evaluated in a UAE preschool. The purpose of this quantitative study was to examine the effect of educational specialty and culture on teachers' attitudes toward an inclusion education system in United Arab Emirates. The theory of planned behavior of Ajzan (1991) used in this study to explain teachers' attitudes. This quantitative study evaluated teachers' attitudes toward inclusion education through a distributed questionnaire, including a demographics form and a STATIC scale for evaluating teachers' attitudes. A two-factor ANOVA used to test the effects of teachers' specialty and cultural background on STATIC scores. Findings showed a main effect of preschool teachers' cultural identity on their attitudes toward inclusion education. Teachers with Asian identity showed better attitudes toward inclusion education than Gulf identity or African identity teachers. No differences found between preschool teachers' specialty (general and special education teachers) on their attitudes toward inclusion education. This study will contribute to social change by providing valuable knowledge about UAE preschool teachers' attitudes toward the application of inclusion education to improve the inclusion classrooms settings and environment.

culture

general teachers

Inclusion education

special education teachers

Static scale

United Arab Emirates

Psychology