Implementace informačního modelu v prostředí systémové architektury / Information model implementation in systems architecture

Pořádek, Jiří

January 2013

This thesis deals with a field of information modeling and its relation to systems architecture. It is divided into two notional parts -- theoretical (first and second chapter) and practical (third and fourth chapter). First chapter explains the meaning of the term 'information model', compares it to the term 'data model' and then introduce its practical use in an enterprise modeling. It also defines the term of 'systems architecture' in its broad meaning and reduces it to three narrow meaning -- enterprise architecture, information architecture and information systems architecture, while it explains their relation to the information modeling. Finally this chapter provides the base for information model implementation methodology created later in the practical part of this thesis. Second chapter introduces architecture framework called TM Forum Frameworx specialized for a telecommunication services provider. It consists of three standards for business process, information and application architecture. The second one defines specific information model which is described partly in the second chapter and partly in the appendix B of this thesis. Third chapter describes the first of two contributions of this thesis - the information model implementation methodology. This methodology is applicable to any implementation of an information model. Three sections of this chapter contains diagrams and description of three phases of the methodology - pre-implementation phase, implementation phase and post-implementation phase. In the end of the chapter there is a table containing outputs of every single activity performed during all the phases. Fourth and last chapter then describes and evaluates real implementation of the information model from TM Forum Frameworx in the systems architecture department of an enterprise providing telecommunication services. This implementation based on the created methodology and its successful results then became the second contribution of this thesis.

Záznamového zařízení pro oblast civilního letectví / Data storage system for area of civil aviation

Kotulič, Dominik

January 2018

In the thesis the design of the Data Storage System (DSS) is proposed with the respect to the V-Model methodology. The design is based on users requirements, from which the system requirements are created and the technical specification of the DSS is developed. In the technical specifications the functionality of the DMM and HMI DSS subsystems are described and sub-system requirements are assigned to them, then they are subdivided and assigned to individual DMM (Data memory module) and HMI hardware items. Moreover, requirements are analyzed on hardware items, specific electronic components, are selected and implemented into the block design of the DMM hardware. Based on the block design of hardware, the hardware of the DMM subsystem is designed, selectively simulated and implemented along with the printed circuit board. On the implemented hardware of the DMM subsystems measurements are performed in order to verify the basic functionality of the hardware and the calculated, assimilated and measured values are compared as well. At the end of the thesis there is a short description of the implementation of the software design and its use for basic initialization of the selected processor, together with the verification of its basic function - measuring the frequency of the internal clock sources and the clock domains. The work is completed by sending a message of defined parameters to the selected communication line and sapling it by an oscilloscope, so that the basic function of the DMM subsystem is verified.

Návrh distribuovaného systému pro zpracování školní matriky ZŠ, SŠ, VOŠ / Distributed System for School Register of Basic and Secondary Schools

Martiš, Viktor

Unknown Date

One of the software success condition on the software market is permanent development to keep in condition with actual technical tools. That is the reason why SAS software is searching for a way how to fulfil customer's requirements better. The change to the distributed system architecture brings new opportunities and sets up competitive advantage for SAS concurrently. The subject of this thesis is to create the design of movement to the distributed system. The main reason is to make analysis, design and partial implementation meeting functional requirements of the new architecture.

Entwicklung und Abstimmung eines Momentenmodells für eine Otto-DI-Motorsteuerung

Pietzsch, Albrecht

18 December 2017

Die Zulieferindustrie im Automobilbereich sieht sich heutzutage hochkomplexen Systemen bei der Entwicklung von Verbrennungsmotoren gegenüber. Applikationssteuergeräte mit passendem Datenstand werden selten von Fahrzeugherstellern an Dritte für die Entwicklung am Verbrennungsmotor bereitgestellt. Eine Alternative bieten Prototypensteuergeräte mit individuellen Softwarepaketen, die in ihrer Funktionalität auf die Bedürfnisse der Entwicklungsingenieure zugeschnitten sind. Die FlexECU von ETAS ist ein gutes Beispiel für solch ein offenes, kostengünstiges und seriennahes Prototypensteuergerät. Hauptbestandteil dieser Arbeit ist die Entwicklung und Integration eines Momentemodells in eine vorhandene Motorsteuerungssoftware sowie die Applikation dieses Modells am Motorprüfstand. Die Motivation für die Erweiterung der jetzigen Motorsteuerungssoftware um das Momentemodell ist, den Entwicklungsingenieuren ein möglichst seriennahes Steuergeräteumfeld bei der Erarbeitung innovativer verbrauchs- und schadstoffoptimierter Konzepte für den Verbrennungsmotor bereitzustellen. Bei der Evaluation wird gezeigt, dass die Integration und die Funktion des Momentenmodells grundsätzlich gelungen ist. Diese Arbeit bildet den Grundstein für eine umfangreiche Entwicklung, die noch einige Zeit in Anspruch nehmen wird, bis eine voll umfängliche abgesicherte Software geschaffen ist.:Abkürzungsverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I Verzeichnis der Formelzeichen und Symbole . . . . . . . . . . . . . . . II Variablenverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .V Abbildungsverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . VII Tabellenverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .VIII 1. Einleitung 1 1.1. Aufgabenstellung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 1.2. Zielsetzung und Aufbau der Arbeit . . . . . . . . . . . . . . . . . . .1 2. Stand der Technik 4 2.1. Steuerung und Regelung von Ottomotoren . . . . . . . . . . . . 4 2.2. Architektur Motorsteuerungssoftware . . . . . . . . . . . . . . . . 7 2.3. Das Momentenmodell . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 3. Theoretische Grundlagen 15 3.1. Innermotorische Drehmomentenerzeugung . . . . . . . . . . .15 3.2. Eingriffsmöglichkeiten und deren Geschwindigkeit . . . . . .18 4. Modellierung des Momentenmodells 20 4.1. Entwicklungsumgebung . . . . . . . . . . . . . . . . . . . . . . . . . .20 4.2. Modellbildung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 5. Versuch 34 5.1. Versuchsplanung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 5.2. Versuchsträger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 5.2.1. ETAS FlexECU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.2.2. Simulator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.2.3. Versuchsmotor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 5.2.4. Motorprüfstand . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40 5.3. Applikationssoftware . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 5.3.1. ETAS INCA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42 5.3.2. ETAS MDA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 5.3.3. ETAS ASCMO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43 6. Vorstellung der Ergebnisse . . . . . . . . . . . . . . . . . . . . . . . . .45 6.1. Ergebnisse der Applikation des Momentemodells . . . . . . 45 6.2. Evaluierung der Drehmomentumsetzung des Momentenmodells . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 6.3. Evaluierung der Untersysteme des Momentenmodells . . 62 7. Zusammenfassung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 Literatur- und Quellenverzeichnis . . . . . . . . . . . . . . . . . . . . . 75 Eidesstattliche Erklärung . . . . . . . . . . . . . . . . . . . . . . . . . . . .76 Anlagenverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 / Nowadays, the automotive supplier industry is confronted with highly complex systems for the development of internal combustion engines. Vehicle manufacturers very rarely provide third party developers with their engine control units with calibration access and matching description and data files for internal combustion engines. An alternative are prototype control units with individual software packages, which in their functionality are adapted to the needs of development engineers. One example for such an open, cost-effective and field-proven control system development platform is FlexECU from ETAS. The essential part of this thesis is the development and integration of a torque-based system structure for an existing engine management system and the calibration of this model on an engine test bench. The motivation for this improvement is to provide development engineers with a control unit environment as close to serial as possible for the development of consumption- and emission-optimized concepts for internal combustion engines. The evaluation shows that integration as well as functionality of the torque-based system structure has generally been achieved. This thesis lays the foundations for an extensive development of this system – although the creation of a fully verified and validated software will still take some time.:Abkürzungsverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I Verzeichnis der Formelzeichen und Symbole . . . . . . . . . . . . . . . II Variablenverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .V Abbildungsverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . VII Tabellenverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .VIII 1. Einleitung 1 1.1. Aufgabenstellung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 1.2. Zielsetzung und Aufbau der Arbeit . . . . . . . . . . . . . . . . . . .1 2. Stand der Technik 4 2.1. Steuerung und Regelung von Ottomotoren . . . . . . . . . . . . 4 2.2. Architektur Motorsteuerungssoftware . . . . . . . . . . . . . . . . 7 2.3. Das Momentenmodell . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 3. Theoretische Grundlagen 15 3.1. Innermotorische Drehmomentenerzeugung . . . . . . . . . . .15 3.2. Eingriffsmöglichkeiten und deren Geschwindigkeit . . . . . .18 4. Modellierung des Momentenmodells 20 4.1. Entwicklungsumgebung . . . . . . . . . . . . . . . . . . . . . . . . . .20 4.2. Modellbildung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 5. Versuch 34 5.1. Versuchsplanung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 5.2. Versuchsträger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 5.2.1. ETAS FlexECU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.2.2. Simulator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.2.3. Versuchsmotor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 5.2.4. Motorprüfstand . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40 5.3. Applikationssoftware . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 5.3.1. ETAS INCA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42 5.3.2. ETAS MDA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 5.3.3. ETAS ASCMO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43 6. Vorstellung der Ergebnisse . . . . . . . . . . . . . . . . . . . . . . . . .45 6.1. Ergebnisse der Applikation des Momentemodells . . . . . . 45 6.2. Evaluierung der Drehmomentumsetzung des Momentenmodells . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 6.3. Evaluierung der Untersysteme des Momentenmodells . . 62 7. Zusammenfassung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 Literatur- und Quellenverzeichnis . . . . . . . . . . . . . . . . . . . . . 75 Eidesstattliche Erklärung . . . . . . . . . . . . . . . . . . . . . . . . . . . .76 Anlagenverzeichnis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

info:eu-repo/classification/ddc/620

ddc:620

4129315-0; 4062661-1; 7578671-0

Gestion de contexte pour l'optimisation de l'accès et l'adaptation des services sur des environnements hétérogènes / Context management for network access optimisation and services adaptation in heterogeneous environments

Loukil, Mehdi

20 December 2012

Dans le domaine des TIC, les services de demain seront certainement basés sur des systèmes ubiquitaires, omniprésents et pervasifs. Ces systèmes devront prendre en considération différents paramètres provenant de l’environnement de l’utilisateur, c’est à dire son contexte. Le contexte de l’utilisateur peut être composé d’informations statiques ou dynamiques, objectives ou subjectives, quantitatives ou qualitatives. Il peut inclure des données telles que la localisation géographique, les caractéristiques du terminal utilisé, la température ambiante, l’humeur de l’utilisateur. Afin d’améliorer la QoS et la QoE, les services et les systèmes doivent être adaptés aux changements du contexte des utilisateurs. Le contexte doit donc être collecté et interprété et les règles d’adaptation du système doivent être définies. Sur les systèmes étendus, riches, dynamiques et hétérogènes, tels que ceux considéré dans le cadre de cette thèse, ces opérations doivent être automatisées. Vu la quantité et la complexité des données contextuelles à considérer, l’utilisation de la sémantique dans la gestion de contexte peut faciliter cette automatisation et ouvrir la porte au raisonnement et à l’adaptation automatiques. Aujourd’hui, peu de solutions viables existent pour cette problématique. Nous proposons alors d’utiliser et d’adapter des mécanismes et technologies provenant du web sémantique pour décrire et manipuler les informations de contexte. Dans un premier temps, nous avons proposé une méthodologie de conception qui nous permit de proposer « Ubiquity-Ont » : une ontologie générique au domaine des TIC, flexible et extensible. Les données de contexte ont alors été décrites sous forme de concepts et d’instances, reliés par des relations sémantiques. Nous avons ensuite proposé une architecture overlay, composée de deux niveaux de vitalisation et permettant d’intégrer un gestionnaire de contexte, basé sur la sémantique, sur des environnements réseaux et services. Cette solution overlay permet de (a) masquer l’hétérogénéité des composants du système et (b) d’augmenter virtuellement les entités du système existant par les capacités nécessaires à la manipulation et au raisonnement sur les données sémantiques du contexte. Nos propositions ont étés implémentées et testées sur une plateforme réelle et appliquées à deux cas d’études : Gestion de la mobilité sur des environnements de réseaux d’accès hétérogènes et Optimisation de la consommation d’énergie dans les terminaux mobiles / Future Information and Telecommunication Systems are expected to be pervasive and ubiquitous solutions, able to consider users’ context and to automatically adapt to their environments. Traditional configuration and management tools are not adapted. The richness, the heterogeneity and the complexity of the upcoming systems require automated solutions able to gather contextual information, to reason on them and to make the appropriate adaptation decisions. The representation and the sharing of contextual information is a key issue. In this thesis, we proposed and used a methodology to conceive « Ubiquity-Ont », a generic ontology dedicated to Information and Telecommunication Systems. Contextual information are the described through semantic concepts, instances and relations. We then proposed an overlay architecture, composed of two virtualization layers that can integrate a semantic context management framework over existing networking environments. This architecture is able (a) to hide any heterogeneity among the system components and (b) to augment the different entities with additional capacities for context gathering, reasoning and sharing operations. The proposed solutions were then implemented and tested in Lab for two applications. The fisrt is related to mobility management over heterogeneous Wireless Networks and the second aims to power optimization on mobile terminals. These two case studies helped in proving and enhancing the proposed solutions

Gestion du contexte

Sémantique

Ontologie

Architecture système

Sensible au contexte

Adaptation de services réseaux

Context management

Semantic

Ontology

System architecture

Context sensitivity

Network services adaptation

Resources and services optimization

Modernisering av mjukvaruarkitektur för äldre mjukvarusystem / Modernization of software architecture for legacy software systems

Saffo, Farah, Saeed, Basma

January 2021

Flera företag använder sig än idag av mjukvarusystem som är uppbyggda med äldre mjukvaruarkitektur som den monolitiska. Ett av dessa företag är Consid vars personalsystem är uppbyggt med det utdaterade ramverket klassisk ASP och där användargränssnitt samt logik kan direkt kommunicera med varandra. Detta medför begränsningar som uppstår till följd av brister i modularitet på grund av valet av mjukvaruarkitektur, vilket försvårar vidareutveckling och ändringar i ett system. Dessa begränsningar påverkar i sin tur parametrar som prestanda, skalbarhet, säkerhet, robusthet samt integrering med modernare tekniker.  I denna rapport presenteras en litteraturstudie samt en semistrukturerad intervjustudie, i syfte att undersöka vilka mjukvaruarkitekturer som är lämpliga att implementera vid en modernisering av en monolitisk mjukvaruarkitektur. Arbetet diskuterade också vilka utmaningar som kan uppstå vid en sådan modernisering och hur de hanteras på ett effektivt sätt. Ett bedömningsschema med önskvärda parametrar, med avseende på skalbarhet, prestanda, säkerhet och robusthet, togs fram för att underlätta avgörandet vid val av mjukvaruarkitektur. Utifrån detta, beslutades det att en prototyp med en REST-baserad arkitektur skulle implementeras och utvärderas.  Resultatet av prototypen, till följd av re-architecting, visade en ökad modularisering av mjukvaruarkitekturen. I jämförelse mot med det tidigare systemet har den nya prototypen ingen större påverkan på prestanda i form av responstid. Däremot bidrog prototypen till förbättrad skalbarhet när det gäller vidareutvecklingen av systemet, eftersom det förenklar införandet av ny funktionalitet. Prototypen hade också högre säkerhet genom att isolera lager ifrån varandra samt dölja underliggande detaljer i implementationen. Dessutom blev prototypen inte bara mer robust till följd av modulariseringen, men även enklare att utföra integrationstester samt destruktiva tester mot. / Several companies still use software systems that are built with older software architecture such as the monolithic one. One of these companies is Consid, whose personnel system is built with the outdated framework Classic ASP and where the user interface and logic can directly communicate with each other. This entails limitations that arise because of shortcomings in modularity due to the choice of software architecture, which complicates further development and changes in a system. These limitations in turn, affect parameters such as performance, scalability, security, robustness, and integration with modern technologies. In this work, a literature study was conducted as well as a semi-structured interview study in order to investigate which software architectures are suitable to implement when a modernization of a monolithic software architecture, is carried out. The work also discussed the challenges that may arise in a modernization of the software architecture and how they are handled efficiently. An assessment scheme with desirable parameters regarding scalability, performance, security, and robustness, was developed to facilitate the decision in the choice of software architecture. Based on this, it was decided that a prototype with a REST-based architecture would be implemented and evaluated. The result of the prototype, following re-architecting, showed an increased modularization of the software architecture. Compared to the previous system, the new prototype has no major impact on performance in terms of response time. However, the prototype contributed to better scalability in the further development of the system as it simplifies the introduction of new functionality. The prototype also had higher security by isolating layers from each other and hiding the underlying details in the implementation. In addition, the prototype not only became more robust because of the modularization, but also easier to perform destructive tests against.

Legacy system

system architecture

software architecture

monolith

SOA

REST

micro services

re-architecting

refactorization

system replacement

Äldre system

systemarkitektur

mjukvaruarkitektur

monolit

SOA

REST

mikro-tjänster

re-architecting

refaktorisering

systemersättning

Software Engineering

Programvaruteknik

Advanced metering infrastructure reference model with automated cyber security analysis

Blom, Rikard

January 2017

European Union has set a target to install nearly 200 million smart metersspread over Europe before 2020, this leads into a vast increase of sensitiveinformation flow for Distribution System Operators (DSO’s), simultaneously thisleads to raised cyber security threats. The in and outgoing information of the DSOneeds to be processed and stored by different Information technology (IT)- andOperational Technology (OT)-systems depending on the information. High demandsare therefore required of the enterprise cyber security to be able to protect theenterprise IT- and OT-systems. Sensitive customer information and a variety ofservices and functionality is examples that could be fatal to a DSO if compromised.For instance, if someone with bad intentions has the possibility to tinker with yourelectricity, while you’re away on holiday. If they succeed with the attack and shuttingdown the house electricity, your food stored in your fridge and freezer would mostlikely to be rotted, additionally damage from defrost water leaking could cause severedamaging on walls and floors. In this thesis, a detailed reference model of theadvanced metering architecture (AMI) has been produced to support enterprisesinvolved in the process of implementing smart meter architecture and to adapt to newrequirements regarding cyber security. This has been conduct using foreseeti's toolsecuriCAD, foreseeti is a proactive cyber security company using architecturemanagement. SecuriCAD is a modeling tool that can conduct cyber security analysis,where the user can see how long time it would take for a professional penetrationtester to penetrate the systems in the model depending of the set up and defenseattributes of the architecture. By varying defense mechanisms of the systems, fourscenarios have been defined and used to formulate recommendations based oncalculations of the advanced meter architecture. Recommendation in brief: Use smalland distinct network zones with strict communication rules between them. Do diligentsecurity arrangements for the system administrator PC. The usage of IntrusionProtection System (IPS) in the right fashion can delay the attacker with a percentageof 46% or greater. / Europeiska Unionen har satt upp ett mål att installera nära 200miljoner smarta elmätare innan år 2020, spritt utöver Europa, implementeringen ledertill en rejäl ökning av känsliga dataflöden för El-distributörer och intresset av cyberattacker ökar. Både ingående och utgående information behöver processas och lagraspå olika IT- och OT-system beroende på informationen. Höga krav gällande ITsäkerhet ställs för att skydda till exempel känslig kundinformation samt en mängdvarierande tjänster och funktioner som är implementerade i systemen. Typer avattacker är till exempel om någon lyckats få kontroll over eltillgängligheten och skullestänga av elektriciteten till hushåll vilket skulle till exempel leda till allvarligafuktskador till följd av läckage från frysen. I den här uppsatsen så har en tillräckligtdetaljerad referens modell för smart elmätar arkitektur tagits fram för att möjliggörasäkerhetsanalyser och för att underlätta för företag i en potentiell implementation avsmart elmätare arkitektur. Ett verktyg som heter securiCAD som är utvecklat avforeseeti har använts för att modellera arkitekturen. securiCAD är ett modelleringsverktyg som använder sig av avancerade beräknings algoritmer för beräkna hur långtid det skulle ta för en professionell penetrationstestare att lyckats penetrera de olikasystem med olika sorters attacker beroende på försvarsmekanismer och hurarkitekturen är uppbyggd. Genom att variera systemens försvar och processer så harfyra scenarion definierats. Med hjälp av resultaten av de fyra scenarierna så harrekommendationer tagits fram. Rekommendationer i korthet: Använd små ochdistinkta nätverkszoner med tydliga regler som till exempel vilka system som fårkommunicera med varandra och vilket håll som kommunikationen är tillåten.Noggranna säkerhetsåtgärder hos systemadministratörens dator. Användningen avIPS: er, genom att placera och använda IPS: er på rätt sätt så kan man fördröjaattacker med mer än 46% enligt jämförelser mellan de olika scenarier.

Advanced Metering infrastructure

AMI

Smart meter infrastructure

smart meter

securiCAD

DSO

Enterprise architecture

system architecture

architecture analysis

cyber security analysis

network security

Elektroteknik och elektronik

Smart connected homes : concepts, risks, and challenges

Bugeja, Joseph

January 2018

The growth and presence of heterogeneous connected devices inside the home have the potential to provide increased efficiency and quality of life to the residents. Simultaneously, these devices tend to be Internet-connected and continuously monitor, collect, and transmit data about the residents and their daily lifestyle activities. Such data can be of a sensitive nature, such as camera feeds, voice commands, physiological data, and more. This data allows for the implementation of services, personalization support, and benefits offered by smart home technologies. Alas, there has been a rift of security and privacy attacks on connected home devices that compromise the security, safety, and privacy of the occupants. In this thesis, we provide a comprehensive description of the smart connected home ecosystem in terms of its assets, architecture, functionality, and capabilities. Especially, we focus on the data being collected by smart home devices. Such description and organization are necessary as a precursor to perform a rigorous security and privacy analysis of the smart home. Additionally, we seek to identify threat agents, risks, challenges, and propose some mitigation approaches suitable for home environments. Identifying these is core to characterize what is at stake, and to gain insights into what is required to build more robust, resilient, secure, and privacy-preserving smart home systems. Overall, we propose new concepts, models, and methods serving as a foundation for conducting deeper research work in particular linked to smart connected homes. In particular, we propose a taxonomy of devices; classification of data collected by smart connected homes; threat agent model for the smart connected home; and identify challenges, risks, and propose some mitigation approaches. / <p>Note: The papers are not included in the fulltext online.</p>

Smart Connected Homes

Internet of Things

Smart Home Devices

Data Lifecycle

Security Risks

Privacy Management

Vulnerability Assessment

Security Mitigations

Threat Agents

Smart Home Services

System Architecture

Engineering and Technology

Teknik och teknologier

Requirements Engineering Process according to Automotive Standards in a Model-driven Framework / Processus d’ingénierie des exigences dans un environnment à base de modèles selon les normes automobiles

Adedjouma, Morayo

12 July 2012

L'industrie automobile des systèmes embarqués critiques est confrontée de nos jours à une complexité croissante, tandis que les coûts, les performances en termes d'intelligence, les caractéristiques, les capacités et les délais de commercialisation de leurs produits sont constamment remises en question. Face à cela, l'objectif principal pour les constructeurs et fournisseurs automobiles devient désormais de contrôler la qualité et la fiabilité des systèmes mécatroniques et embarqués. L'existence de normes internationales comme le HIS Automotive SPICE et l’ISO26262 est une contrainte supplémentaire qu'ils doivent prendre en compte s’ils veulent atteindre cet objectif. De plus, assurer la bonne gestion de la sécurité et la qualité du produit ne suffit pas: il est essentiel de veiller à ce que nous produisons un système qui n'est pas seulement sécuritaire et bien, mais aussi que nous produisons le bon système. Cela induit donc une plus grande prise en compte des exigences.Dans cette thèse, nous traitons le challenge du développement des systèmes embarqués automobiles suivant l’Ingénierie Dirigée par les Modèles (IDM) qui répondent aux exigences des utilisateurs et des standards du domaine et qui permettent de maîtriser davantage la qualité des produits développés. Le problème à résoudre a été abordé sur plusieurs phases qui sont ensuite utilisés conjointement. En premier, nous définissons un métamodèle fusionnant les approches orienté qualité produit et qualité processus selon respectivement les normes ISO26262 et SPICE. Puis, dans un but de certification, nous proposons une méthodologie générique basée sur ce métamodèle commun où une évaluation du processus de développement induite par l’HIS standard ainsi qu’une évaluation de la sécurité fonctionnelle induite par l’ISO2626 sont simultanément effectuées. Ce résultat est traduit au travers de la définition d'un framework outillé où nous appliquons la méthode d'évaluation propre au standard SPICE. En deuxième phase, nous définissons un métamodèle pour gérer les actifs de sécurité concernant ces normes automobiles au niveau produit. Ce métamodèle définit comment capturer les exigences et l’architecture d’un système de telle manière qu'ils puissent être traçables entre eux et également traçables depuis des documents de spécifications d’origine. Enfin, une approche à base de modèle où l'interaction des modèles de processus et le produit est géré afin de répondre aux besoins identifiés dans la première phase est développé pour soutenir la gestion de projet. L'approche utilise la modélisation des processus et leur mesure pour améliorer le contrôle et le suivi de projet et de réduire par la même les coûts et les fréquences de replanification.Les avantages de la contribution sont démontrés sur une application pilote automobile, validant ainsi le travail de recherche au vue des faiblesses identifiées préalablement dans le contexte. / The embedded safety-critical systems industry is facing an exponential increase in the complexity and variety of systems and devices while costs, performance in terms of intelligence, features, capacities and time to market are constantly challenged. The main objective for automotive manufacturers and suppliers is now becoming the control of quality and the dependability of embedded and mechatronic systems. The existence of internationally recognized standards such as the Automotive SPICE and ISO26262 is a further constraint that must be managed to meet this objective. Nevertheless, ensuring sound management of safety and viewpoints is insufficient. It is also essential to ensure that we produce a system that is not only compliant and well-defined, but also that we produce the “right” system. Therefore, this leads to greater consideration of the requirements.In this thesis, we address the challenge of development of automotive embedded systems following the model-driven engineering paradigm that meet the user needs and the regulatory constraints of the domain and that further mastered the quality of developed product. We resolve the problem in many steps which are subsequently used jointly. In the first phase, we define a merging approach which embodies a product quality and process quality approaches regarding the ISO26262 and SPICE standards following the model-driven engineering paradigm. Then, in a certification assessment purpose, we propose a generic methodology where an HIS assessment and a functional safety audit is simultaneously performed without altering their original meanings. This commitment results into the definition of a tooled framework where we apply the SPICE assessment method to the common metamodel defined from the merging work. In a second phase, we define a metamodel for manage safety assets regarding these automotive standards at product level. This metamodel defines how the requirements and architecture of a system can be captured in such a way that they can be traceable from each other and from origin specifications documents. Finally, a model-based approach where the interaction of process and product models is managed to address requirements identified in the precedent phases is developed to support project management. The approach uses process modeling and measurement to improve the control and the monitoring of project and to reduce the cost and frequency of re-planning.The benefits of the contribution are demonstrated on an ongoing automotive pilot application, thereby validating the research work against the weaknesses identified prealably in the context.

Systèmes automobiles

Ingénierie des exigences

Ingénierie des processus

Ingénierie Dirigée par les Modèles

Architecture système

Support à la certification

Traçabilité

Sécurité fonctionelle

Evaluation de la qualité

HIS Automotive SPICE

ISO26262

Automotive systems

Requirement engineering

Process engineering

Model driven engineering

System architecture

Certification support

Traceability

Safety

Quality assessment

HIS Automotive SPICE

ISO26262

使用ActiveX元件來改善暨有視窗主從企業資訊系統的可部署性 / Improving the Deployability of Existing Windows-Based Client/Server Business Information Systems Using ActiveX Components

程裕繁, Cheng,Bill Yu-Fan

Unknown Date

小型化革命已經造成了企業資訊系統的典範轉移，不久之前以大型主機為基礎的集中架構仍然是企業之重要資訊系統的唯一選擇，時至今日為數眾多的重要企業資訊系統採用了以個人運算裝置為基礎的主從架構。另外一方面，視窗主從企業資訊系統是目前最常見的主從架構企業資訊系統類型，此類企業資訊系統必需將每一支客戶端程式都安裝到每一位使用者的電腦上，這種客戶端程式的人工部署作業一直是資訊管理從業人員的沈重負擔，亦是資訊管理產學界持續戮力解決的重要研究課題。其實ActiveX元件技術的妥善應用將可以有效解決這個部署問題，並且這種解決方案將遠比其它解決方案更具成本效益。研究以此發現為基礎，目的在於克服ActiveX元件技術在企業資訊系統應用上一直無法解決的三項缺點：能力強大所衍生的不安全、技術龐雜所衍生的學習與使用困難，以及元件體積龐大所衍生的網路應用瓶頸，並提出一個以ActiveX元件為基礎的解決方案來自動化暨有之視窗主從企業資訊系統的客戶端程式部署作業。報告的重點內容有四：(一)ActiveX元件技術的缺點克服之道；(二) 所提解決方案的第一個部份，也就是下載架構，採用下載架構開發的企業資訊系統將具備自動化部署客戶端程式的特性；(三)所提解決方案的第二個部份，也就是架構轉換程序，藉由這個程序的指引，暨有的視窗主從企業資訊系統將可以輕鬆轉換成為下載架構，有效解決其客戶端程式的部署問題；(四)兩個研究個案，用來示範下載架構與架構轉換程序的使用，並提供證據來支持下載架構與架構轉換程序的可行性。 / The downsizing revolution has created a deep paradigmatic shift in business information systems (BISs). Not very long ago, large-scale mission-critical BISs were the exclusive province of massive mainframe computers. That is changing rapidly. Today, increasingly large and complex BISs are being built as client/server (C/S) applications. Unfortunately, for the most common C/S BISs, that is, the Windows-based C/S BISs (WinBISs), client programs must be manually deployed to each end-user machine bringing about a heavy BIS maintenance load. ActiveX component technology, if used properly, is more cost-effective than other alternatives in improving the deployment of existing WinBISs. Nevertheless, ActiveX component technology is no magic solution, and thus still has three shortcomings, namely insecurity, complexity, and bulkiness. The purpose of the study presented in this paper is to overcome the shortcomings of ActiveX component technology, and then develop an ActiveX component-based solution to automate the deployment of existing WinBISs. This paper has four main parts: (a) the answers to the shortcomings of ActiveX component technology; (b) the downloadable architecture, which supports the development of automatically-deployed BISs; (c) the architecture transformation process, which transforms existing WinBISs into the downloadable architecture; and (d) two examples of how to use the downloadable architecture and the architecture transformation process. The examples also provide evidence to support the feasibility of such architecture and process.

ActiveX元件

遺產資訊系統

資訊系統現代化

資訊系統部署

資訊系統架構轉換

ActiveX Component

Legacy Information System

Information System Modernization

Information System Deployment