[en] CALCULATION OF SECURITY INDEXES IN POWER SYSTEMS BASED ON TIME DOMAIN SIMULATION / [pt] CÁLCULO DE ÍNDICES DE SEGURANÇA EM SISTEMAS DE ENERGIA ELÉTRICA BASEADO EM SIMULAÇÃO NO DOMÍNIO DO TEMPO

JOAO MAGALHAES DAHL

16 October 2006

[pt] Os sistemas de energia elétrica estão operando atualmente próximos dos limites de estabilidade, comprometendo a segurança. Este fato tem sido evidenciado por diversos blackouts no mundo inteiro. A avaliação da segurança dinâmica torna-se, então, fundamental. O objetivo é a busca de um método rápido e, sobretudo, confiável, para analisar o comportamento dinâmico de um sistema de energia elétrica. Esta dissertação trata, portanto, do problema da avaliação da segurança dinâmica de sistemas de energia elétrica. A avaliação é realizada através da determinação das margens de estabilidade, utilizando os resultados de simulações no domínio do tempo, que fornece informações qualitativas a respeito da estabilidade na primeira oscilação. O grupo de geradores severamente perturbados é determinado e a margem de estabilidade de cada um deles é calculada. O gerador que apresentar a menor margem determina a margem de estabilidade do sistema. Quando a margem de estabilidade assume valor nulo, o tempo crítico de eliminação da falta é obtido. Estes resultados são comparados com aqueles determinados pelo método de tentativa e erro, utilizando um programa convencional de estabilidade transitória. Desta forma, as contingências são classificadas em função dos tempos críticos de eliminação de falta, de acordo com o nível de severidade. Essa classificação permite reduzir o conjunto de contingências a ser estudado. A contribuição deste trabalho é mostrar que o critério baseado na aceleração imediatamente após a eliminação da falta é mais eficaz que aquele baseado na aceleração imediatamente após a ocorrência da falta para a indicação do grupo de geradores severamente perturbados. / [en] Power systems have been operating nowadays near to the stability limits putting security under risk. This is one of the reasons why the dynamic security assessment is a fundamental tool to avoid the occurrence of blackouts in the whole world. The goal is a reliable and fast way to evaluate the dynamic behavior of a power system. This dissertation deals with the problem of dynamic security assessment of power systems. The evaluation is performed based on stability margins calculated from time domain simulation results, providing qualitative information about the first swing stability. The group of severely disturbed machines is defined and the stability margins are determined. The machine with the lowest margin determines the stability margin of the system. When the system margin approaches the zero value, the critical clearing time is obtained. These outcomes are compared with that ones determined by trial and error method using a conventional transient stability program. Having done that, a contingency ranking is defined according to the critical clearing time. The ranking minimizes the number of contingencies that have to be studied. This dissertation shows that the criterion to define the group of severely disturbed machines based on the machine accelerations at the instant immediately after the fault clearing time is more efficient than that one based on the machine accelerations at the instant immediately after the fault occurrence.

Read more

[pt] ESTABILIDADE TRANSITORIA

[en] TRANSIENT STABILITY

[pt] AVALIACAO DA SEGURANCA DINAMICA

[en] DYNAMIC SECURITY ASSESSMENT

[pt] CLASSIFICACAO DE CONTINGENCIAS

[en] CONTINGENCY RANKING

[pt] INDICES DE SEGURANCA

[en] SECURITY INDEXES

[pt] SIMULACAO NO DOMINIO DO TEMPO

[en] TIME DOMAIN SIMULATION

Investigations and Development in the Area of Automated Security Evaluation of Android Devices with Focus on Bluetooth

Holmquist, Robin

January 2023

Bluetooth is a technology that has been implemented in over 5 billion devices and therefore has a considerable impact. It is the dominant technology for shortrange wireless communication. Modern society relies heavily on information technology (IT), and this has introduced a significant threat to society and companies in the form of hackers whether they be state-sponsored, political activists, or part of organized crime. This has introduced the need for companies and organizations that strive to make devices more secure, as well as standards that can be used for evaluating how secure a device is. Common Criteria (CC) is an internationally recognized set of guidelines and standards that can be used for security evaluation. There is a growing demand for enhanced efficiency in the field of security evaluation, especially considering the move to agile methodologies in information and communication technology (ICT) product development. Historically, security evaluation has been tailored to each individual product. The current trends in the certification and global ICT evaluation industry indicate a move in the direction of a greater reliance on predefined test cases. In this thesis, I describe how I designed, developed, and evaluated a toolkit that automates the evaluation of Android devices concerning a selection of security requirements that concern Bluetooth from the Mobile Device Fundamentals Protection Profile in CC. This involved a literature study, examination of the Bluetooth Core Specification, software development, and evaluation of the toolkit. My results from evaluating the toolkit found that it only reports non-compliance with a security requirement if the target of evaluation (TOE) is non-compliant. Additionally, every time the toolkit reported compliance with a security requirement, manual evaluation verified that the TOE truly complied with the security requirement. Finally, during the development phase, I discovered a vulnerability that had not been discovered during manual evaluation. It has been confirmed by the developer to be a vulnerability and a patch is currently being developed. My evaluation indicates that the toolkit I have developed is reliable and that it could therefore be used in the security industry. By finding a vulnerability by using automation, I have shown that automation could potentially be a useful approach for vulnerability research. Similarly to fuzzing, automation can be used to expose a system to behavior that it does not expect and therefore potentially reveal vulnerabilities. / Bluetooth är en teknologi som har implementerats i över 5 miljarder enheter och har därför stor inverkan. Det är den dominerande teknologin för trädlös kommunikation med kort räckvidd. Det moderna samhället är starkt beroende av informationsteknologi (IT), och detta har introducerat ett betydande hot mot samhället och företag i form av hackare oavsett om de är statligt sponsrade, politiska aktivister, eller en del av organiserad brottslighet. Detta har introducerat ett behov av företag och organisationer som strävar efter att göra enheter säkrare, såväl som standarder som kan användas för att utvärdera hur säker en enhet är. Common Criteria (CC) är en internationellt erkänd uppsättning riktlinjer och standarder som kan användas för säkerhetsutvärdering. Det finns en växande efterfrågan på ökad effektivitet inom området för säkerhetsutvärdering, särskilt med tanke på övergången till agila metoder för produktutveckling inom information- och kommunikations-teknologi. Historiskt sett har säkerhetsutvärdering skräddarsytts för varje enskild produkt. De nuvarande trenderna i certifieringsindustrin och globala ICT-utvärderingsindustrin indikerar en förflyttning i riktning mot ett mer frekvent användande av fördefinierade testfall. I denna uppsats beskriver jag hur jag designade, utvecklade och utvärderade ett verktyg som automatiserar utvärderingen av Android-enheter gällande ett urval av säkerhetskrav som rör Bluetooth från Mobile Device Fundamentals Protection Profile i CC. Detta innebar en litteraturstudie, granskning av Bluetooth Core Specification, mjukvaruutveckling och utvärdering av verktyget. Mina resultat från utvärderingen av verktyget visade att den bara rapporterar bristande efterlevnad med ett säkerhetskrav om målet för utvärdering (TOE) inte efterlever säkerhetskravet i fråga. Dessutom, varje gång verktyget rapporterade överensstämmelse med ett säkerhetskrav, verifierade manuell utvärdering att TOE:n verkligen efterlevde säkerhetskravet i fråga. Slutligen, under utvecklingsfasen upptäckte jag en sårbarhet som inte upptäckts under manuell utvärdering. Sårbarhet har bekräftats av utvecklaren och en patch håller på att utvecklas. Min utvärdering visar att det verktyg som jag har utvecklat är tillförlitlig och att den därför skulle kunna användas i säkerhetsbranschen. Genom att hitta en sårbarhet genom automatisering har jag visat att automatisering skulle kunna vara en användbar metod för sårbarhetsforskning. På samma sätt som fuzzing kan automatisering används för att utsätta ett system för beteenden som det inte förväntar sig och därför potentiellt avslöja sårbarheter.

Read more

Bluetooth

Android

Common Criteria

Automated dynamic security evaluation

Mobile device security

Bluetooth

Android

Common Criteria

S¨akerhet f¨or mobila enheter

Computer and Information Sciences

Data- och informationsvetenskap