21 |
Towards Comprehensive Side-channel Resistant Embedded SystemsYao, Yuan 17 August 2021 (has links)
Embedded devices almost involve every part of our lives, such as health condition monitoring, communicating with other people, traveling, financial transactions, etc. Within the embedded devices, our private information is utilized, collected and stored. Cryptography is the security mechanism within the embedded devices for protecting this secret information. However, cryptography algorithms can still be analyzed and attacked by malicious adversaries to steal secret data. There are different categories of attacks towards embedded devices, and the side-channel attack is one of the powerful attacks.
Unlike analyzing the vulnerabilities within the cryptography algorithm itself in traditional attacks, the side-channel attack observes the physical effect signals while the cryptography algorithm runs on the device. These physical effects include the power consumption of the devices, timing, electromagnetic radiations, etc., and we call these physical effects that carry secret information side-channel leakage. By statistically analyzing these side-channel leakages, an attacker can reconstruct the secret information.
The manifestation of side-channel leakage happens at the hardware level. Therefore, the designer has to ensure that the hardware design of the embedded system is secure against side-channel attacks. However, it is very arduous work. An embedded systems design including a large number of electronic components makes it very difficult to comprehensively capture every side-channel vulnerability, locate the root cause of the side-channel leakage, and efficiently fix the vulnerabilities. In this dissertation, we developed methodologies that can help designers detect and fix side-channel vulnerabilities within the embedded system design at low cost and early design stage. / Doctor of Philosophy / Side-channel leakage, which reveals the secret information from the physical effects of computing secret variables, has become a serious vulnerability in secure hardware and software implementations. In side-channel attacks, adversaries passively exploit variations such as power consumption, timing, and electromagnetic emission during the computation with secret variables to retrieve sensitive information. The side-channel attack poses a practical threat to embedded devices, an embedded device's cryptosystem without adequate protection against side-channel leakage can be easily broken by the side-channel attack.
In this dissertation, we investigate methodologies to build up comprehensive side-channel resistant embedded systems. However, this is challenging because of the complexity of the embedded system. First, an embedded system integrates a large number of components. Even if the designer can make sure that each component is protected within the system, the integration of the components will possibly introduce new vulnerabilities. Second, the existing side-channel leakage evaluation of embedded system design happens post-silicon and utilizes the measurement on the prototype of the taped-out chip. This is too late for mitigating the vulnerability in the design. Third, due to the complexity of the embedded system, even though the side-channel leakage is detected, it is very hard to precisely locate the root cause within the design. Existing side-channel attack countermeasures are very costly in terms of design overhead. Without a method that can precisely identify the side-channel leakage source within the design, huge overhead will be introduced by blindly add the side-channel countermeasure to the whole design. To make the challenge even harder, the Power Distribution Network (PDN) where the hardware design locates is also vulnerable to side-channel attacks. It has been continuously demonstrated by researchers that attackers can place malicious circuits on a shared PDN with victim design and open the opportunities for the attackers to inject faults or monitoring power changes of the victim circuit.
In this dissertation, we address the challenges mentioned above in designing a side-channel-resistant embedded system. We categorize our contributions into three major aspects—first, we investigating the effects of integration of security components and developing corresponding countermeasures. We analyze the vulnerability in a widely used countermeasure - masking, and identify that the random number transfer procedure is a weak link in the integration which can be bypassed by the attacker. We further propose a lightweight protection scheme to protect function calls from instruction skip fault attacks. Second, we developed a novel analysis methodology for pre-silicon side-channel leakage evaluation and root cause analysis. The methodology we developed enables the designer to detect the side-channel leakage at the early pre-silicon design stage, locate the leakage source in the design precisely to the individual gate and apply highly targeted countermeasure with low overhead. Third, we developed a multipurpose on-chip side-channel and fault monitoring extension - Programmable Ring Oscillator (PRO), to further guarantee the security of PDN. PRO can provide on-chip side-channel resistance, power monitoring, and fault detection capabilities to the secure design. We show that PRO as application-independent integrated primitives can provide side-channel and fault countermeasure to the design at a low cost.
|
22 |
Embedding learning from adverse incidents: a UK case studyEshareturi, Cyril, Serrant, L. 28 October 2016 (has links)
Yes / This paper reports on a regionally based UK study uncovering what has worked well in learning from adverse incidents in hospitals. The purpose of this paper is to review the incident investigation methodology used in identifying strengths or weaknesses and explore the use of a database as a tool to embed learning.
Documentary examination was conducted of all adverse incidents reported between 1 June 2011 and 30 June 2012 by three UK National Health Service hospitals. One root cause analysis report per adverse incident for each individual hospital was sent to an advisory group for a review. Using terms of reference supplied, the advisory group feedback was analysed using an inductive thematic approach. The emergent themes led to the generation of questions which informed seven in-depth semi-structured interviews.
“Time” and “work pressures” were identified as barriers to using adverse incident investigations as tools for quality enhancement. Methodologically, a weakness in approach was that no criteria influenced the techniques which were used in investigating adverse incidents. Regarding the sharing of learning, the use of a database as a tool to embed learning across the region was not supported.
Softer intelligence from adverse incident investigations could be usefully shared between hospitals through a regional forum.
The use of a database as a tool to facilitate the sharing of learning from adverse incidents across the health economy is not supported.
|
23 |
Investigation of Wear in Spline Coupling for Saw Unit JPS R5500Blomqvist, Per, Athir, Patrus January 2019 (has links)
JPS Teknik AB in Färila, located in the middle of Sweden, is a company in manufacturingsaw units to harvester heads. This thesis is about the company's best selling saw unit, JPSR5500. The saw unit is powered by a hydraulic motor, the torque is transmitted from themotor into the saw unit thought a spline coupling. In this spline coupling, some of the unitshave been weared out after about 2000 harvester machine hours. When the splines wear outthe failure induce a total stop, the bolt connecting the hub and the motor shaft breaks, and thesaw unit assembly get loose. The purpose with this study is to find the root cause of thefailure and the goal is to give suggestions to improve the design to avoid failure. The method used to achieve the purpose is based on Ullman's mechanical design processwhere a root cause analysis is a central part. This analysis is built on two main pillars, aliterature study concerning previous research about wear in spline couplings and a knowledgebased study about the product with a customer focus. A sample of previous research in thistopic is about the load distribution in a spline coupling due to different load cases and angularmisalignment, wear mechanisms and the effect of washers in a pretension bolt joint with adynamic working condition. The main conclusions of this study is that the hydraulic motor axis should be extended. Theoperator's manual and assembly instructions should be updated and revised annually, thecompany should also invest in education and training for the users of the product.
|
24 |
Continuous Video Quality of Experience Modelling using Machine Learning Model TreesChapala, Usha Kiran, Peteti, Sridhar January 1996 (has links)
Adaptive video streaming is perpetually influenced by unpredictable network conditions, whichcauses playback interruptions like stalling, rebuffering and video bit rate fluctuations. Thisleads to potential degradation of end-user Quality of Experience (QoE) and may make userchurn from the service. Video QoE modelling that precisely predicts the end users QoE underthese unstable conditions is taken into consideration quickly. The root cause analysis for thesedegradations is required for the service provider. These sudden changes in trend are not visiblefrom monitoring the data from the underlying network service. Thus, this is challenging toknow this change and model the instantaneous QoE. For this modelling continuous time, QoEratings are taken into consideration rather than the overall end QoE rating per video. To reducethe user risk of churning the network providers should give the best quality to the users. In this thesis, we proposed the QoE modelling to analyze the user reactions change over timeusing machine learning models. The machine learning models are used to predict the QoEratings and change patterns in ratings. We test the model on video Quality dataset availablepublicly which contains the user subjective QoE ratings for the network distortions. M5P modeltree algorithm is used for the prediction of user ratings over time. M5P model gives themathematical equations and leads to more insights by given equations. Results of the algorithmshow that model tree is a good approach for the prediction of the continuous QoE and to detectchange points of ratings. It is shown that to which extent these algorithms are used to estimatechanges. The analysis of model provides valuable insights by analyzing exponential transitionsbetween different level of predicted ratings. The outcome provided by the analysis explains theuser behavior when the quality decreases the user ratings decrease faster than the increase inquality with time. The earlier work on the exponential transitions of instantaneous QoE overtime is supported by the model tree to the user reaction to sudden changes such as video freezes.
|
25 |
Re-Engineering the Operational System to Enhance the Customer Orientation of a Mid-Size Firm: A Field Study.Muhdi, Rani 04 May 2002 (has links)
The operational advantages of a pull system are very well documented. These advantages include not only operational efficiency and quality, but also the enhancement of the customer oriented of the organization.
The objective of this field study is to examine the applicability and potential advantages of a pull operational system in a mid-size manufacturing organization. Philosophies, tools, and concepts of Just-in-Time, Theory of Constraints, Business Process Re-engineering, and Root Cause Analysis are used to analyze the existing operational system, to identify its weaknesses, and finally to re-engineer it to be more consistent with a pull operational system.
The results of this field study appear to be consistent with reported findings in the literature. The results point to both operational gains and customer related benefits which can be attributed to the pull operational system philosophy. Conclusions and recommendations are presented and discussed in light of their practical and theoretical implications.
|
26 |
Rotorsaksanalyser av testriggar : En studie av vad som krävs av Scanias forsknings- och utvecklingsavdelning för att rotorsaksanalyser ska fungera på bästa sätt / Root Cause Analysis of Test Beds : A study of what is needed from Scania's Research- and Development department to make Root Cause Analysis work in the best possible wayLidström, Jonatan January 2015 (has links)
När Scanias maskiner som ska testa nya lastbilskomponenter eller hela lastbilar, så kallade testriggar, inte fungerar som de ska så fanns det i dagsläget en uppfattning att problemen i vissa fall dels var återkommande och dels var svåranalyserade. På grund av detta ville Scania Tekniskt Centrum (STC) införa rotorsaksanalyser av när testriggar inte fungerade som de skulle. Denna studie har undersökt vad som i dagsläget behövde förändras och vad som möjliggjorde att rotorsaksanalyser av fallerande hos testriggarna skulle fungera så bra som möjligt. En nulägesanalys gjordes. Resultaten av denna visade på att fyra roller fanns som var involverade i att åtgärda fel hos testriggarna, nämligen de som äger riggarna, de som arbetar med underhåll av riggarna, de som utvecklar riggarna och de som är ansvariga för arbetsmiljön och säkerheten hos riggarna. En process map skapades för att visa hur dessa roller i dagsläget samverkade för att bygga testriggar och åtgärda fel hos dem. Resultaten av nulägesanalysen visade på att fyra övergripande faktorer påverkade huruvida rotorsaksanalyser skulle kunna genomföras. Den första var att ha ett väldefinierat standardförfarande att följa. Den andra var att det fanns en kultur som tillät att utföra rotorsaksanalyser. Den tredje var att bakgrundskunskap kring ett fel skulle finnas tillgänglig. Den fjärde var att kunna sammansätta grupper av olika typer av roller som skulle kunna samarbeta. Dessa fyra faktorer var de som utgicks ifrån för att redovisa saker som fungerade väl och saker som krävde förändring för att rotorsaksanalyser skulle fungera på bästa sätt. Utöver detta gavs förslag på förändringar som skulle åtgärda saker som förhindrade rotorsaksanalyser.
|
27 |
Data Analysis Discussions: From Hesitancy to ThirstJanuary 2016 (has links)
abstract: A core reform area of President Obama’s Race to the Top (RTT) framework, the Statewide Longitudinal Data Systems (SLDS) program, offered funding to states for the development of their own data systems. As a result, Arizona received funding to build a longitudinal student data system. However the targeted audience—teachers—needed training to move from a state of ‘data rich but information poor’ to one of developing actionable knowledge.
In this mixed methods action research study, six teachers from three schools participated in job-embedded data-informed decision making (DIDM) and root cause analysis (RCA) professional development to improve their abilities to employ DIDM and RCA strategies to determine root causes for student achievement gaps. This study was based on the theories of situated learning, specifically the concept of communities of practice (CoP), change theory, and the Concerns-Based Adoption Model (CBAM). Because teachers comprise most of the workforce in a district, it is important to encourage them to shift from working in isolation to effectively implement and sustain changes in practice. To address this concern, an online wiki provided an avenue for participants to interact, reflect, and share experiences across schools as they engaged in the application of new learning.
The results from this ten-week study indicated an increase in participant readiness levels to: (a) use and manage data sources, (b) apply strategies, and (c) collaborate with others to solve problems of practice. Results also showed that participants engaged in collaborative conversation using the online wiki when they wanted to share concerns or gain further information to make decisions. The online collaboration results indicated higher levels of online discussion occurred when participants were attempting to solve a problem of practice during the learning process.
Overall, participants (a) used collaborative strategies to seek, create, and/or utilize multiple sources of data, not just student learning data, (b) worked through implementation challenges when making changes in practice, and (c) sought further types of data collection to inform their decisions about root causes. Implications from this study warrant further investigation into the use of an online CoP as an avenue for increasing teacher collaboration across schools. / Dissertation/Thesis / Doctoral Dissertation Leadership and Innovation 2016
|
28 |
A Model to Identify Failure & the Root CauseMustafa, Mohamed January 2017 (has links)
Through identifying failure manufacturing companies compete in today’s world to gain beneficial attributes. The purpose if this thesis is to develop a model towards identifying failure and the root cause. The model developed to identify failure and the root cause toward it, which should result it decrease in failure time (nonfunction machine). The developed model has tested and analyzed in a manufacturing company. The model has been established through studies based on preventive and predictive maintenance: FMEA & RCA.
|
29 |
Root-cause analysis with data-driven methods and machine learning in lithium-ion battery tests : Master's thesis about detecting deviations with PCARademacher, Frans January 2022 (has links)
The increased demand of energy storage systems and electric vehicles on the market result in high demand of lithium-ion batteries. As a lithium-ion battery manufacturer, Northvolt runs quality tests on the products to assess their performance, life and safety. Batteries that are tested are most often behaving as expected, but sometimes deviations occur. Anomaly detection is today most often performed by plotting and comparing produced data to other test-data to find which parameters that are deviating. The purpose of this thesis is to automatize anomaly detection and a proposed solution is to use state-of-the-art machine learning methods. These include using supervised and unsupervised machine learning. Before applying machine learning, the feature engineering is presented. It describes what parameters are extracted from the experiment data sets. Then the supervised machine learning framework is described. For the unsupervised machine learning, a principal component analysis is presented to locate deviations. This thesis also presents a differential capacity analysis, as this could be incorporated with the features in the future. The results shows that the subset of labeled data for supervised learning is too small to produce a model that predicts future deviations. The extracted features are also used in the principal component analysis, where the results show deviations (outliers) and aid targeting the anomalies. These can then be used to determine the root-cause of particular anomalies and mitigate future deviations.
|
30 |
Ökad processkvalitet vid tillverkning av handhållna elverktyg med hjälp av tillämpad rotorsaksanalysNordström, Tommy, Arvidsson, Alexander January 2017 (has links)
Atlas Copco is a global Swedish industrial company that develops and manufactures handheld electric and air powered tools. Their customers can be found in the automotive and aerospace industries, industrial manufacturing and maintenance, as well as in vehicle service and maintenance. This bachelor's degree project examines the ability to increase the process efficiency of the company's factory in Tierp by expanding the ability to perform further testing of the tools that show deviations at the final test. Today, extensive testing of all assembled power tools is carried out in the factory before they are sent to the customer. When a deviation is detected, the tool is repaired by replacing components in a certain order. By expanding the troubleshooting methodology, the repair process can be shortened. Based on a comprehensive database a statistical analysis has been performed which shows that approximately 47% of the tools that are unable to meet quality standards have the same error code. Over 37% of these devices are repaired by replacing the main board of the tool. This study indicates that in many cases it is not the main board which is the cause, but errors in the assembly. Using root cause analysis, structured interviews, surveys, developed test protocols and test platforms, a number of factors have been identified that can contribute to increased process quality. The thesis proposes the introduction of an expanded test platform that can help repair technicians in their work. It also suggests a number of constructional changes in the tools that prevents incorrect assembles. / Atlas Copco är ett globalt svenskt industriföretag som bland annat utvecklar och tillverkar handhållna el- och tryckluftsdrivna verktyg för kunder inom fordons- och flygindustrierna, industriell tillverkning och underhåll, samt inom fordonsservice. Detta kandidatexamensarbete undersöker möjligheten att öka processeffektiviteten i företagets fabrik i Tierp genom att utöka möjligheterna att utföra ytterligare test av de verktyg som visar avvikelser vid sluttest. I fabriken genomförs idag omfattande tester av alla monterade elverktyg innan de skickas till kund. När en avvikelse upptäcks repareras verktyget genom att komponenter byts ut i en viss ordning. Genom att utöka möjligheterna till felsökning kan reparationsprocessen kortas ner. Utifrån en omfattande databas har en statistik sammanställning utförts som visar att cirka 47% av de verktyg som inte klarar sluttestet uppvisar samma felkod. Över 37% av dessa enheter repareras genom att byta verktygets huvudkort. Denna studie ger indikationer på att det i många fall inte är huvudkortet som är problemet utan felaktigheter i monteringen. Med hjälp av rotorsaksanalys, strukturerade intervjuer, enkäter och utveckling av testprotokoll samt en teststation har ett antal faktorer kunnat identifieras vilka kan bidra till en ökad processkvalitet. Undersökningen föreslår införande av en utökad testplattform som kan hjälpa reparatörerna i sitt arbete. Den föreslår även ett antal konstruktionsändringar i verktygen som omöjliggör en felaktig montering.
|
Page generated in 0.0931 seconds