Threat Modeling and Penetration Testing of a Yanzi IoT-system : A Survey on the Security of the system’s RF communication

Isabar, Diyala

January 2021

Internet of Thing (IoT) products have in recent years become increasingly popular with both industries and private consumers, and it has been forecasted that the number of connected devices around the world will be roughly 14 billion in the year 2022. One particular field that the booming of IoT solutions continues to create endless possibilities for is smart offices. Several different devices are connected in an office environment to create a better workplace and enable a better, faster and smarter working approach. However, while there are several advantages with IoTs, they have also introduced new security threats that can not be overlooked. In this thesis, the security of a smart office system designed by Yanzi is examined. The system consists of a gateway, 34 sensors and a cloud service embedded as a SaaS. The security analysis was performed in three steps: planning, penetration testing and reporting. Radio frequency (RF) hacking against the systems RF communication was the main focus of the work. Due to some technical issues, not all selected attacks were possible to perform. Out of three that were possible to perform, one of them revealed a security flaw. Different countermeasures for the found flaw were proposed. / ”Internet av saker” produkter har under de senaste åren blivit alltmer populära bland både industrier och privata konsumenter, och man har prognostiserat att antalet anslutna enheter runt om i världen kommer att vara ungefär 14 miljarder år 2022. Ett särskilt område som ökandet av IoT-lösningar fortsätter att skapa oändliga möjligheter för är smarta kontor. Flera olika enheter är anslutna i en kontorsmiljö för att skapa en bättre arbetsplats och möjliggöra ett bättre, snabbare och smartare arbetssätt. Även om det finns flera fördelar med IoT, har de också infört nya säkerhetshot som inte kan förbises. I denna avhandling undersöks säkerheten för ett smart kontorssystem som designats av Yanzi. Systemet består av en gateway, 34 sensorer och en molntjänst inbäddad som en SaaS. Säkerhetsanalysen utfördes i tre steg: planering, penetrationstestning och rapportering. Radiofrekvenshackning mot systemets radiokommunikation var huvudfokus för arbetet. På grund av vissa tekniska problem var det inte möjligt att utföra alla föreslagna attacker. Av de tre som var möjliga att utföra avslöjade en av dem ett säkerhetsfel. Olika motåtgärder för den funna sårbarheten föreslås.

Security

Internet of Things

penetration testing

threat assessment

threat modeling

ethical hacking

vulnerabilities

RF communication

smart office

Säkerhet

”Internet av saker”

penetrationstestning

hotbedömning

hotmodelering

etisk hacking

sårbarheter

radiokommunikation

smarta kontorN

Computer Sciences

Datavetenskap (datalogi)

Methods for Co-Orbital Threat Assessment in Space / Metoder för Koorbital Hotbedömning i Rymden

Dahlman, Mathias

January 2023

This study investigates methods for assessing threats in space. Space services are crucial to both civilian and military capabilities, and a loss of such systems could have severe consequences. Space systems are exposed to various types of threats. To ensure the benefits of space-based applications, protect space assets, improve security, and maintain the space environment, it is crucial to assess threats in space. This thesis focuses on co-orbital antagonistic threats arising from satellites that are capable of performing precision manoeuvres. These satellites could either perform physical attacks or perform operations such as inspection, eavesdropping, or disruption on other satellites. Lambert's problem can be utilised for calculating orbital transfers. By solving the problem iteratively over a range of values of when the transfer is executed and the transfer time, it is possible to detect when a transfer is feasible. This can be used to assess when a satellite can pose a threat to a target. The calculations of orbital transfers are improved by the implementation of a genetic algorithm. The algorithm can solve for both direct transfers to the target and transfers using multiple impulses. Furthermore, a genetic algorithm, called NSGA-II, which can handle multiple objective functions is also analysed. The implemented methods show the potential of being employed to assess threats, especially for direct transfers where a single impulse is executed to transfer to a target. In this case, it is possible to identify threats based on the satellite's $\Delta v$ budget. However, when additional impulses are introduced it becomes more complicated. It is more difficult to estimate when an attack is more likely to commence. The implemented methods show potential, but further research is required in order to develop a robust method to assess co-orbital threats.  The conducted analysis has highlighted a few aspects that are crucial for assessing co-orbital threats. Information about the $\Delta v$ budget of the satellite that potentially could pose a threat must be available. Furthermore, space surveillance and tracking capabilities are essential to detect orbital changes, which can be vital to perform counter-operations in the event of an attack / Denna studie undersöker metoder för hotbedöming i rymden. Rymdtjänster är av avgörande betydelse för både civila och militära förmågor och förlusten av sådana system kan leda till allvarliga konsekvenser. Rymdsystem är utsatta för olika typer av hot. För att säkerställa fördelarna med rymdbaserade tillämpningar, skydda rymdresurser, förbättra säkerheten och bevara rymdmiljön är det viktigt att bedöma hot i rymden. Detta examensarbete fokuserar på hot från precisionsmanövrerande satelliter som antingen kan genomföra fysiska attacker eller utföra operationer såsom inspektion, avlyssning eller störning av en annan satellit. Lamberts problem kan användas för att beräkna banmanövrar. Genom att lösa problemet iterativt över olika värden för när manöverna utförs och flygtiden är det möjligt att fastställa när en manöver är genomförbar. Detta kan användas för att bedöma när en satellit kan utgöra ett hot mot en målsatellit. Beräkningarna av banmanövrar förbättras genom implementeringen av en genetisk algoritm. Algoritmen kan lösa både direkta manövrar till målet och manövrar med flera impulser. Dessutom analyseras en genetisk algoritm, kallad NSGA-II, som kan hantera flera målfunktioner. De implementerade metoderna visar potential för att kunna användas för hotbedömning, särskilt för direkta manövrar där en enda impuls används för att ändra banan till målet. I detta fall är det möjligt att identifiera hot baserat på satellitens $\Delta v$-budget. Däremot blir det mer komplicerat när ytterligare impulser introduceras. Det blir svårare att bedöma när en attack sannolikt inleds. De implementerade metoderna visar potential, men ytterligare forskning krävs för att utveckla en robust metod för att bedöma hot från precisionsmanövrerande satelliter. Den genomförda analysen har framhävt några aspekter som är av avgörande betydelse för att utföra en hotbedömning. Information om satellitens $\Delta v$-budget som potentiellt kan utgöra ett hot måste vara tillgänglig. Dessutom är inmätning och övervakningsförmåga av satelliter avgörande för att upptäcka banförändringar, vilket kan vara kritiskt vid genomförande av motåtgärder i händelse av en attack.

threats in space

threat assessment

Lambert's problem

genetic algorithms

NSGA-II

hot i rymden

hotbedömning

Lamberts problem

genetiska algoritmer

NSGA-II

Aerospace Engineering

Rymd- och flygteknik

Autonomous agent-based simulation of an AEGIS Cruiser combat information center performing battle air-defense commander operations

Calfee, Sharif H.

03 1900

The AEGIS Cruiser Air-Defense Simulation is a program that models the operations of a Combat Information Center (CIC) team performing the ADC duties in a battle group using Multi-Agent System (MAS) technology implemented in the Java programming language. Set in the Arabian Gulf region, the simulation is a top-view, dynamic, graphics-driven software implementation that provides a picture of the CIC team grappling with a challenging, complex problem. Conceived primarily as a system to assist ships, waterfront training teams, and battle group staffs in ADC training and doctrine formulation, the simulation was designed to gain insight and understanding into the numerous factors (skills, experience, fatigue, aircraft numbers, weather, etc.) that influence the performance of the overall CIC team and watchstanders. The program explores the team's performance under abnormal or high intensity/stress situations by simulating their mental processes, decision-making aspects, communications patterns, and cognitive attributes. Everything in the scenario is logged, which allows for the reconstruction of interesting events (i.e. watchstander mistakes, chain-of-error analysis) for use in post-scenario training as well as the creation of new, more focused themes for actual CIC team scenarios. The simulation also tracks various watchstander and CIC team performance metrics for review by the user. / Lieutenant, United States Navy

Artificial intelligence

Military applications

AEGIS (Weapons system)

Battle Group Air-Defense

Multi-Agent Systems

Artificial Intelligence

Air-Defense Commander

Naval Simulations

Combat Information Center

Air-Defense Simulation

AEGIS, Cruiser

CG, Human-Computer Interface (HCI)

Watchstander Training

Naval Air Defense

Threat Assessment

Decision Making

Cognitive Factors

AEGIS Doctrine, Air-Defense Doctrine

Interactive Training Systems

Watchstander Fatigue

Link-16/TADIL J

Link-11/TADIL A

USS Vincennes

DETERMINING SCHOOL SAFETY CONCERNS: THE LIVED EXPERIENCES OF A MIDDLE SCHOOL SAFETY TEAM

Aaron Michael Leniski (12936086)

27 June 2022

<p>  </p> <p>A school safety team collaborates with stakeholders to promote and maintain a physically and psychologically safe school environment. Together they must identify safety deficits and prioritize initiatives and practices. This phenomenological qualitative case study examined how a school safety team makes decisions and determines safety outcomes. Individual interviews and a focus group discussion explored how they calibrate what a safety concern is to help prevent violence. Four emergent themes were identified: (1) severity and impact, (2) safety-minded culture, (3) communication and collaboration, and (4) leadership. In addition, the study explored whether one of Bronfenbrenner’s ecological systems has more influence over the others when validating a concern. This study suggests that the Microsystem is most influential. From these findings, three assertions were proposed to help the school safety team, and building leaders promote safe school practices: (1) The safety team must establish collaborative relationships with stakeholders and develop convenient reporting systems to collect concerns; (2) A school safety team judges a safety concern by the severity and potential impact on the school environment; and (3) Leadership is vital for the school safety team to prepare for, respond to, and address safety concerns. These findings aim to help stakeholders promote and maintain a safe learning environment as they evaluate perceived safety concerns by highlighting areas to focus on to improve the calibration process. Though a school safety team may never know how many times they were right in calibrating a concern, a single error will be well known.</p>

Secondary education

School Safety

Case Study

Qualitative

Phenomenological

Safety Concerns

Students

Teachers

Counselors

Administrators

Principals

Superintendents

School Board

Threat Assessment

Safety Team

Policy

Leadership

Communication

Collaboration

Severity

Impact

Safety-minded

Culture

SRO

School Resource Officer

Safety Plan

Safety Audit

Building Leader

Bronfenbrenner’s ecological theory

violence

prevention