A novel cash-plus intervention to safeguard sexual reproductive health and HIV vulnerabilities in young women in Cape Town, South Africa

Naledi Tracey, Noncayana

11 September 2023

Background Cash plus interventions augment cash transfers with other empowering interventions to influence behaviours. This research assesses the Women of Worth (WoW) program and evaluates the effectiveness of a cash transfer (CT) of ZAR300 ($22USD22) conditional on attending 12-session customised empowerment interventions to improve SRH/HIV outcomes in young women (19-24yrs) in Cape Town, South Africa. Methods A multiphase, mixed-methods, experimental study targeting 10 000 Participants in two subdistricts was conducted. Participants were randomised 1:1 to receive the interventions with CT ("cash + care" or C+C) or without CT (“Care”). Phase 1a piloted the interventions, Phase 1b implemented an adapted intervention, and Phase 2 was an open label C+C only scale up demonstration phase. Logistic regression models were fitted with subject-specific random mixed effects, to estimate changes in self-reported HIV, behavioural and structural SRH risks from baseline to (a) end of WoW and (b) follow up (6-30months post-exposure) irrespective of WoW completion. Mixed research methods were used to optimise engagement, evaluate implementation fidelity and determine the pathways of effectiveness for the interventions. Results The Women of Worth empowerment programme was implemented with adequate fidelity however adaptative research methods were essential for ensuring a sustained programme. 8765 (87,7%) of the 9995 WoW initiators were evaluated with 904 (10,3%); 4212 (48,1%) and 3649 (41,6%) women in Phases 1a, 1b and 2 respectively. In Phase 1a & 1b, participants in the “C+C” group were 60 times (OR 60.37; 95%CI: 17.32; 210.50.p

HIV vulnerabilities

A discrete event simulation-based approach for managing cyber vulnerabilities in a full-service deep waterway port

Mimesh, Hebah Mohammed

13 December 2019

Deepwater sea ports are considered to be gateways for global trade and susceptible to a diverse range of risks, including natural disasters such as hurricane, storm, drought, as well as a course of events ranging from human error to malicious cyber-attack. To deal with cyber vulnerabilities, this study examines how cyber-attack to a given technology (e.g., Programmable Logic Controllers (PLC), Radio Frequency Identification Tags (RFID), Navigation Technologies, and others) impacts the overall port operations. We use Port of Pascagoula as testbed to visualize and validate the modeling results utilizing FlexSim software. Several sets of experiments are conducted to provide important managerial insights for decision makers. Results indicate that cyber-attack on technologies used by the port may significantly impact the port operations. In overall, cyber-attack has meaningful impacts on ports systems that may result in significant economic and operational loss as well as long-term security and sustainability for overall ports performances.

cyber-attack

vulnerabilities

ports

An assessment of supply chain vulnerabilities to dynamic disruptions in the pharmaceutical supply chain

Yaroson, Emilia V., Sharief, Karam, Shah, Awn, Breen, Liz

09 1900

Yes / Objective: The adverse impact of supply chain disruptions on the operational performance of supply chains have been suggested to emanate from its existing vulnerabilities. However, empirical studies regarding this proposition remain limited. This study provides empirical evidence of vulnerabilities in the face of dynamic disruptions in the pharmaceutical supply chain. This is geared at developing resilience strategies capable of curbing these forms of disruptions. Research Approach: In seeking to achieve the objective of this study, the mixed method research design in a longitudinal framework was adopted. It involved a two-step procedure where the study began by conducting semi-structured interviews with the downstream stakeholders of the pharmaceutical supply chain. Here the sampling method adopted was both purposive and snowballing. Data collected from this process was analysed using thematic analysis where key variables were coded for further analysis. Findings from the interviews were employed to construct close ended questionnaires. The questionnaires were administered online, approximately nine months after the first data collection process ended and analysed using various statistical techniques. Findings: The themes that emerged from the first phase of the data generation process were classified into five main pillars which include: supply chain characteristics, regulatory framework (schemas), imbalance of market power, managerial decisions and supply chain structures. These themes were further confirmed by the findings from the survey. The study finds that imbalance of market power generates negative welfare such as time consumption and stress on the downstream stakeholders of the pharmaceutical supply chain. In the same vein, dependence on suppliers and consumers in designing the supply chain exacerbates the impact of a dynamic disruption. The findings from the survey complement these pillars by identifying other vulnerabilities: price manipulation, inadequate policies, inefficient manufacturing processes as well as available training in handling these vulnerabilities. Originality/Value: By providing empirical evidence of the vulnerabilities within the pharmaceutical supply chain in the face of a dynamic disruption, this study extends operations management literature by highlighting vulnerability benchmarks against which resilience strategies can be employed in dynamic disruptive scenarios. The innovative aspect of this research is the ability to identify the vulnerabilities peculiar to the pharmaceutical supply chain which is required in order to successfully develop strategies that are resilient to dynamic disruptions. Research Impact: This study extends existing debates on supply chain vulnerabilities as well as supply chain disruptions. Practical Impact: This study contributes to practical managerial decisions, as the identifications of vulnerabilities to dynamic disruptions will aid pharmaceutical and or operations managers in assessing supplier selection and design.

Supply chains

Pharmaceutical industry

Vulnerabilities

Vulnerability Analysis Case Studies of Control Systems Human Machine Interfaces

McGrew, Robert Wesley

11 May 2013

This dissertation describes vulnerability research in the area of critical infrastructure security. The intent of this research is to develop a set of recommendations and guidelines for improving the security of Industrial Control System (ICS) and Supervisory Control and Data Acquisition systems software. Specifically, this research focuses on the Human- Machine Interface (HMI) software that is used on control panel workstations. This document covers a brief introduction to control systems security terminology in order to define the research area, a hypothesis for the research, and a discussion of the contribution that this research will provide to the field. Previous work in the area by other researchers is summarized, followed by a description of the vulnerability research, analysis, and creation of deliverables. Technical information on the details of a number of vulnerabilities is presented for a number of HMI vulnerabilities, for which either the author has performed the analysis, or from public vulnerability disclosures where sufficient information about the vulnerabilities is available. Following the body of technical vulnerability information, the common features and characteristics of known vulnerabilities in HMI software are discussed, and that information is used to propose a taxonomy of HMI vulnerabilities. Such a taxonomy can be used to classify HMI vulnerabilities and organize future work on identifying and mitigating such vulnerabilities in the future. Finally, the contributions of this work are presented, along with a summary of areas that have been identified as interesting future work.

security

exploits

vulnerabilities

control systems

HMI

SCADA

Cumulative Vulnerabilities: Substance Use in Adolescence and in Recovery

Tomlinson, Devin Christine

27 July 2023

Substance use and substance use disorders (SUDs) pose a significant health and economic concern in the United States. Conditions and comorbidities exist that are associated with substance use onset, continuation, and outcomes. In the theory of Reinforcer Pathology, we can categorize these conditions into vulnerabilities, or factors that may be associated with susceptibility to substance use onset and poorer outcomes in substance use recovery. The theory of vulnerabilities and reinforcer pathology is tested through three investigations. The first investigation sought to establish the relationship between cumulative vulnerabilities and adolescent substance use in a cross-sectional analysis. The second investigation evaluates the temporal relationship of cumulative vulnerabilities and substance use among adolescents. The final investigation establishes the relationship of cumulative vulnerabilities and substance use among individuals in recovery from Opioid Use Disorder. Collectively, these reports suggest that the intersection and cumulation of vulnerabilities to substance use and substance use disorders are directly related to substance use outcomes. Future research and reports in the substance use domain should consider these constructs, their accumulation, and their co-occurrence patterns. / Doctor of Philosophy / Substance use and substance use disorders are a great health and economic concern in the United States. Conditions that are related to trying substances, using substances, and outcomes of this substance use. In the theory of Reinforcer Pathology, we can call these conditions vulnerabilities, or conditions that may be associated with the likelihood of starting to use substances and having poorer substance use outcomes in the long-term. Three studies investigate the theory of vulnerabilities and Reinforcer Pathology. First, the relationship between cumulative vulnerabilities and substance use among adolescents is assessed cross-sectionally or simultaneously. The second study examines the relationship between cumulative vulnerabilities and adolescent substance use over time. The third study examines the relationship between cumulative vulnerabilities and substance use among individuals in recovery from Opioid Use Disorder. Collectively, the studies in this report suggest that the overlap and cumulation of vulnerabilities to substance use and substance use disorders is related to substance use outcomes. Future research and other reports in the substance use domain should consider these constructs, their accumulation, and their co-occurrence patterns.

substance use

addiction

vulnerabilities

adolescents

recovery

A Framework for Deriving Verification and Validation Strategies to Assess Software Security

Bazaz, Anil

26 April 2006

In recent years, the number of exploits targeting software applications has increased dramatically. These exploits have caused substantial economic damages. Ensuring that software applications are not vulnerable to the exploits has, therefore, become a critical requirement. The last line of defense is to test before hand if a software application is vulnerable to exploits. One can accomplish this by testing for the presence of vulnerabilities. This dissertation presents a framework for deriving verification and validation (V&V) strategies to assess the security of a software application by testing it for the presence of vulnerabilities. This framework can be used to assess the security of any software application that executes above the level of the operating system. It affords a novel approach, which consists of testing if the software application permits violation of constraints imposed by computer system resources or assumptions made about the usage of these resources. A vulnerability exists if a constraint or an assumption can be violated. Distinctively different from other approaches found in the literature, this approach simplifies the process of assessing the security of a software application. The framework is composed of three components: (1) a taxonomy of vulnerabilities, which is an informative classification of vulnerabilities, where vulnerabilities are expressed in the form of violable constraints and assumptions; (2) an object model, which is a collection of potentially vulnerable process objects that can be present in a software application; and (3) a V&V strategies component, which combines information from the taxonomy and the object model; and provides approaches for testing software applications for the presence of vulnerabilities. This dissertation also presents a step-by-step process for using the framework to assess software security. / Ph. D.

Vulnerabilities

Verification

Validation

Software Security

Constraints

Assumptions

Modeling vulnerabilities in cyber-physical spaces

McVey, Keith

January 1900

Master of Science / Department of Computer Science / Eugene Vasserman / There is continuing growth in the need to secure critical infrastructures from malicious adversaries. These adversaries can attack systems from different forms. They can physically break in and steal something important, or they can attack from the cyber realm in order to steal critical information. This project combines the modeling process for physical spaces along with a logic reasoning tool that can identify the state of a networked device in order to analyze large enterprise systems for combined cyber-physical vulnerabilities. Using a pure model checker would not be able to handle the near infinite states that a computer or networked device may be in. Therefore this new approach combines the use of a logic analyzer tool that with a well-defined set of rules that reasons about the security and trustworthiness of devices in the model. While there has been long study of how to secure a building from intrusion, and much research about defense against cyber attacks, there is always a large gap between the two in practice. This approach may no longer be sufficient against today’s adversaries and offers little to no defense against insider threats. Combining the two in this new form allows for a more complete security view and protection against more advanced adversaries. Then this thesis shows how this approach meets a series of requirements for an effective vulnerability analysis. This is achieved by executing a model based on a real world facility with a series of induced faults that would on their own not be enough to be a vulnerability but tied together would have series consequences. This thesis shows how this approach can then be used to detail potentially unseen vulnerabilities and develop fixes for them to help create a more secure facility.

Computer science

Modeling Cyber-physical

Vulnerabilities

Computer Science (0984)

Race, Renters, and Serial Segregation in Portland, Oregon and Beyond

Nguyen, Gennie

06 September 2018

Homeownership may be the American Dream, but renting is the American reality for nearly half of Portland, Oregon’s residents. In Oregon, where I conducted fieldwork from 2014 to 2017, a statewide ban on rent control, the prevalent use of no-cause evictions, and the lack of renters’ protections pushed Portland residents, especially renters, into a Housing State of Emergency. Many renters in this housing crisis are forced to rent and face the threat of being repeatedly displaced as their apartment units change hands from investor-to-investor. These investor landlords used no-cause evictions to remove tenants from their homes and to quickly empty entire apartment buildings, flip the buildings, and increase their rate of return. As gentrification increased the rent in Portland, it also push low-income people and communities of color as they moved to the suburbs in search of scarce low-income rental housing. Employing ethnographic methods of participant observation and in-depth interviewing, this dissertation explores the inequalities built into the rental housing system for different groups of vulnerable tenants in Portland. A qualitative analysis revealed that families of color and low-income residents not only experience serial displacement as renters, but also serial segregation. / 2020-09-06

Global suburbs

Housing

Interconnected vulnerabilities

Portland (Or.)

Oregon

Serial segregation

Quantitative information flow of side-channel leakages in web applications

Huang, Xujing

January 2016

It is not a secret that communications between client sides and server sides in web applications can leak user confidential data through side-channel attacks. The lower lever traffic features, such as packet sizes, packet lengths, timings, etc., are public to attackers. Attackers can infer a user's web activities including web browsing histories and user sensitive information by analysing web traffic generated during communications, even when the traffic is encrypted. There has been an increasing public concern about the disclosure of user privacy through side-channel attacks in web applications. A large amount of work has been proposed to analyse and evaluate this kind of security threat in the real world. This dissertation addresses side-channel vulnerabilities from different perspectives. First, a new approach based on verification and quantitative information flow is proposed to perform a fully automated analysis of side-channel leakages in web applications. Core to this aim is the generation of test cases without developers' manual work. Techniques are implemented into a tool, called SideAuto, which targets at the Apache Struts web applications. Then the focus is turned to real-world web applications. A black-box methodology of automatically analysing side-channel vulnerabilities in real-world web applications is proposed. This research demonstrates that communications which are not explicitly involving user sensitive information can leak user secrets, even more seriously than a traffic explicitly transmitting user information. Moreover, this thesis also examines side-channel leakages of user identities from Google accounts. The research demonstrates that user identities can be revealed, even when communicating with external websites included in Alexa Top 150 websites, which have no relation to Google accounts.

Mobile Phone and Infrastructure Vulnerabilities

Kannan, Prasanna, Krasniqi, Nesret

January 2007

The first mobile threat that appeared in the year 2004, that is Cabir.A has shown that mobile phone threat is a proof-of -concept application. However, most Symbian malwares are still quite primitive and not in the form of executable code. It is able to replicate itself via Bluetooth devices supporting Symbian Series 60 user interface platform. To date (October 2007), Cabir.A has been widespread over many countries such as Malaysia, United States, United Kingdom, Italy, Russia, Indonesia, Japan, Singapore, Australia and New Zealand.The current target for mobile phone attacks has a certain focus on the Symbian Series 60 user interface platform mainly because of its increasing market share. The vulnerabilities of the years 2005 and 2006 have included more than 120 types of variants and new virus attacks has been using Cabir variants as a basis to create more dangerous and damageable malware.At the beginning of 2005 the main types of mobile malware had matured and were used by virus writers over the next eighteen months, including the following:1. Worms that spread via Smartphone protocols and services2. Vandal Trojans that install themselves in the system by exploiting Symbian design faults3. Trojans designed for financial gainThere are only a few main types of behavior but in practice mobile malware comes in a multitude of forms. / Uppsatsnivå: D

mobile vulnerabilities

symbian viruses

Engineering and Technology

Teknik och teknologier