Refine
Year of publication
Document Type
- Master's Thesis (66)
- Bachelor Thesis (29)
- Study Thesis (13)
- Conference Proceeding (8)
- Article (reviewed) (6)
- Book (1)
- Other (1)
Conference Type
- Konferenzartikel (4)
- Konferenzband (4)
Language
- English (124) (remove)
Is part of the Bibliography
- no (124) (remove)
Keywords
- COVID-19 (13)
- Government Measures (13)
- Corona (9)
- Crisis (8)
- IT-Sicherheit (8)
- Export (7)
- Maschinelles Lernen (5)
- Deep learning (4)
- Communication Systems (3)
- Computersicherheit (3)
Institute
- Fakultät Medien (M) (ab 22.04.2021) (31)
- Fakultät Maschinenbau und Verfahrenstechnik (M+V) (28)
- Fakultät Wirtschaft (W) (24)
- Fakultät Elektrotechnik, Medizintechnik und Informatik (EMI) (ab 04/2019) (16)
- Fakultät Elektrotechnik und Informationstechnik (E+I) (bis 03/2019) (15)
- IfTI - Institute for Trade and Innovation (13)
- Fakultät Medien und Informationswesen (M+I) (bis 21.04.2021) (11)
- ivESK - Institut für verlässliche Embedded Systems und Kommunikationselektronik (4)
- INES - Institut für nachhaltige Energiesysteme (2)
- IUAS - Institute for Unmanned Aerial Systems (1)
Open Access
- Closed (52)
- Closed Access (41)
- Open Access (31)
- Diamond (5)
- Gold (1)
Steroid hormones (SHs) are a rising concern due to their high bioactivity, ubiquitous nature, and prolonged existence as a micropollutants in water, they pose a potential risk to both human health and the environment, even at low concentrations. Estrogens, progesterone, and testosterone are the three important types of steroids essential for human development and maintaining multiorgan balance, are focus to this concern. These steroid hormones originate
from various sources, including human and livestock excretions, veterinary medications, agricultural runoff, and pharmaceuticals, contributing to their presence in the environment. According to the recommendation of WHO, the guidance value for estradiol (E2) is 1 ng/L. There are several methods been attempted to remove the SH micropollutant by conventional water and wastewater technologies which are still under research. Among the various methods, electrochemical membrane reactor (EMR) is one of the emerging technologies that can address the challenge of insufficient SHs removal from the aquatic environment by conventional treatment. The degradation of SHs can be significantly influenced by various factors when treated with EMR.
In this project, the removal of SH and the important mechanism for the removal using carbon nanotube CNT-EMR is studied and the efficiency of CNT-EMR in treating the SH micropollutant is identified. By varying different parameters this experiment is carried out with the (PES-CNTs) ultrafiltration membrane. The study is carried out depending upon the SH removal based on the limiting factor such as cell voltage, flux, temperature, concentration, and type of the SH.
This thesis focuses on the development and implementation of a Datagram Transport Layer Security (DTLS) communication framework within the ns-3 network simulator, specifically targeting the LoRaWAN model network. The primary aim is to analyse the behaviour and performance of DTLS protocols across different network conditions within a LoRaWAN context. The key aspects of this work include the following.
Utilization of ns-3: This thesis leverages ns-3’s capabilities as a powerful discrete event network simulator. This platform enables the emulation of diverse network environments, characterized by varying levels of latency, packet loss, and bandwidth constraints.
Emulation of Network Challenges: The framework specifically addresses unique challenges posed by certain network configurations, such as duty cycle limitations. These constraints, which limit the time allocated for data transmission by each device, are crucial in understanding the real-world performance of DTLS protocols.
Testing in Multi-client-server Scenarios: A significant feature of this framework is its ability to test DTLS performance in complex scenarios involving multiple clients and servers. This is vital for assessing the behaviour of a protocol under realistic network conditions.
Realistic Environment Simulation: By simulating challenging network conditions, such as congestion, limited bandwidth, and resource constraints, the framework provides a realistic environment for thorough evaluation. This allows for a comprehensive analysis of DTLS in terms of security, performance, and scalability.
Overall, this thesis contributes to a deeper understanding of DTLS protocols by providing a robust tool for their evaluation under various and challenging network conditions.
Global energy demand is still on an increase during the last decade, with a lot of impact on the climate change due to the intensive use of conventional fossil-based fuels power plants to cover this demand. Most recently, leaders of the globe met in 2015 to come out with the Paris Agreement, stating that the countries will start to take a more responsible and effective behaviour toward the global warming and climate change issues. Many studies have discussed how the future energy system will look like with respecting the countries’ targets and limits of greenhouse gases and their CO2 emissions. However, these studies rarely discussed the industry sector in detail even though it is one of the major role players in the energy sector. Moreover, many studies have simulated and modelled the energy system with huge jumps of intervals in terms of years and environmental goals. In the first part of this study, a model will be developed for the German electrical grid with high spatial and temporal resolutions and different scenarios of it will be analysed meticulously on shorter periods (annual optimization), with different flexibilities and used technologies and degrees of innovations within each scenario. Moreover, the challenge in this research is to adequately map the diverse and different characteristics of the medium-sized industrial sector. In order to be able to take a first step in assessing the relevance of the industrial sector in Germany for climate protection goals, the industrial sector will be mapped in PyPSA-Eur (an open-source model data set of the European energy system at the level of the transmission network) by detailing the demand for different types of industry and assigning flexibilities to the industrial types. Synthetically generated load profiles of various industrial types are available. Flexibilities in the industrial sector are described by the project partner Fraunhofer IPA in the GaIN project and can be used. Using a scenario analysis, the development of the industrial sector and the use of flexibilities are then to be assessed quantitatively.
Linux and Linux-based operating systems have been gaining more popularity among the general users and among developers. Many big enterprises and large companies are using Linux for servers that host their websites, some even require their developers to have knowledge about Linux OS. Even in embedded systems one can find many Linux-based OS that run them. With its increasing popularity, one can deduce the need to secure such a system that many personnel rely on, be it to protect the data that it stores or to protect the integrity of the system itself, or even to protect the availability of the services it offers. Many researchers and Linux enthusiasts have been coming up with various ways to secure Linux OS, however new vulnerabilities and new bugs are always found, by malicious attackers, with every update or change, which calls for the need of more ways to secure these systems.
This Thesis explores the possibility and feasibility of another way to secure Linux OS, specifically securing the terminal of such OS, by altering the commands of the terminal, getting in the way of attackers that have gained terminal access and delaying, giving more time for the response teams and for forensics to stop the attack, minimize the damage, restore operations, and to identify collect and store evidence of the cyber-attack. This research will discuss the advantages and disadvantages of various security measures and compare and contrast with the method suggested in this research.
This research is significant because it paints a better picture of what the state of the art of Linux and Linux-based operating systems security looks like, and it addresses the concerns of security enthusiasts, while exploring new uncharted area of security that have been looked at as a not so significant part of protecting the OSes out of concern of the various limitations and problems it entails. This research will address these concerns while exploring few ways to solve them, as well as addressing the ideal areas and situations in which the proposed method can be used, and when would such method be more of a burden than help if used.
AI-based Ground Penetrating Radar Signal Processing for Thickness Estimation of Subsurface Layers
(2023)
This thesis focuses on the estimation of subsurface layer thickness using Ground Penetrating Radar (GPR) A-scan and B-scan data through the application of neural networks. The objective is to develop accurate models capable of estimating the thickness of up to two subsurface layers.
Two different approaches are explored for processing the A-scan data. In the first approach, A-scans are compressed using Principal Component Analysis (PCA), and a regression feedforward neural network is employed to estimate the layers’ thicknesses. The second approach utilizes a regression one-dimensional Convolutional Neural Network (1-D CNN) for the same purpose. Comparative analysis reveals that the second approach yields superior results in terms of accuracy.
Subsequently, the proposed 1-D CNN architecture is adapted and evaluated for Step Frequency Continuous Wave (SFCW) radar, expanding its applicability to this type of radar system. The effectiveness of the proposed network in estimating subsurface layer thickness for SFCW radar is demonstrated.
Furthermore, the thesis investigates the utilization of GPR B-scan images as input data for subsurface layer thickness estimation. A regression CNN is employed for this purpose, although the results achieved are not as promising as those obtained with the 1-D CNN using A-scan data. This disparity is attributed to the limited availability of B-scan data, as B-scan generation is a resource-intensive process.
One of the main problematics of the seals tests is the time and money consuming they are. Up to now, there are few tries to do a digitalisation of a test where the seals behaviour can be known.
This work aims to digitally reproduce a seal test to extract their behaviour when working under different operation conditions to see their impact on the pimp’s efficiency. In this thesis, due to the Lomaking effect, the leakage and the forces applied on the stator will be the base of analysis.
First of all, among all the literature available for very different kind of seals and inner patterns, it has been chosen the most appropriate and precise data. The data chosen is “Test results for liquid Damper Seals using a Round-Hole Roughness Pattern for the Stator” from Fayolle, P. and “Static and Rotordynamic Characteristics of Liquid Annular Seals with Circumferentially/Grooved Stator and Smooth Rotor using three levels of circumferential Inlet-Fluid” from Torres J.M.
From the literature, dimensions of the test rig and the seals will be extracted to model them into a 3D CAD software. With the 3D CAD digitalisation, the fluid volumes for a rotor-centred position, meaning without eccentricity, will be extracted, and used. The following components have been modelled:
- Smooth Annular Liquid Seal (Grooved Rotor)
- Grooved Annular Liquid Seal (Smooth Rotor)
- Round-Hole Pattern Annular Liquid Seal (𝐻𝑑=2 𝑚𝑚) (Smooth Rotor)
- Straight Honeycomb Annular Liquid Seal (Smooth Rotor)
- Convergent Honeycomb Annular Liquid Seal (Smooth Rotor)
- Smooth Rotor / Smooth Annular Liquid Seal (Smooth Rotor)
As there is just one test rig, all the components have been adapted to the different dimensions of the seals by referencing some measures. This allows to test any seal with the same test rig.
Afterwards a CFD simulation that will be used to obtain leakage and stator forces. The parameters that will be changed are the rotational velocity of the fluid (2000 rpm, 4000 rpm, and 6000 rpm) and the pressure drop (2,068 bar, 4,137 bar, 6,205 bar, and 8,274 bar).
Those results will be compared to the literature ones, and they will determine if digitalisation can be validated or not. Even though the relative error is higher than 5% but the tendency is the same and it is thought that by changing some parameters the test results can be even closer to the literature ones.
On a regular basis, we hear of well-known online services that have been abused or compromised as a result of data theft. Because insecure applications jeopardize users' privacy as well as the reputation of corporations and organizations, they must be effectively secured from the outset of the development process. The limited expertise and experience of involved parties, such as web developers, is frequently cited as a cause of risky programs. Consequently, they rarely have a full picture of the security-related decisions that must be made, nor do they understand how these decisions affect implementation accurately.
The selection of tools and procedures that can best assist a certain situation in order to protect an application against vulnerabilities is a critical decision. Regardless of the level of security that results from adhering to security standards, these factors inadvertently result in web applications that are insufficiently secured. JavaScript is a language that is heavily relied on as a mainstream programming language for web applications with several new JavaScript frameworks being released every year.
JavaScript is used on both the server-side in web applications development and the client-side in web browsers as well.
However, JavaScript web programming is based on a programming style in which the application developer can, and frequently must, automatically integrate various bits of code from third parties. This potent combination has resulted in a situation today where security issues are frequently exploited. These vulnerabilities can compromise an entire server if left unchecked. Even though there are numerous ad hoc security solutions for web browsers, client-side attacks are also popular. The issue is significantly worse on the server side because the security technologies available for server-side JavaScript application frameworks are nearly non-existent.
Consequently, this thesis focuses on the server-side aspect of JavaScript; the development and evaluation of robust server-side security technologies for JavaScript web applications. There is a clear need for robust security technologies and security best practices in server-side JavaScript that allow fine-grained security.
However, more than ever, there is this requirement of reducing the associated risks without hindering the web application in its functionality.
This is the problem that will be tackled in this thesis: the development of secure security practices and robust security technologies for JavaScript web applications, specifically, on the server-side, that offer adequate security guarantees without putting too many constraints on their functionality.
Though the basic concept of a ledger that anyone can view and verify has been around for quite some time, today’s blockchains bring much more to the table including a way to incentivize users. The coins given to the miner or validator were the first source of such incentive to make sure they fulfilled their duties. This thesis draws inspiration from other peer efforts and uses this same incentive to achieve certain goals. Primarily one where users are incentivised to discuss their opinions and find scientific or logical backing for their standpoint. While traditional chains form a consensus on a version of financial "truth", the same can be applied to ideological truths too. To achieve this, creating a modified or scaled proof of stake consensus mechanism is explored in this work. This new consensus mechanism is a Reputation Scaled - Proof of Stake. This reputation can be built over time by voting for the winning side consistently or by sticking to one’s beliefs strongly. The thesis hopes to bridge the gap in current consensus algorithms and incentivize critical reasoning.
The present document is aimed to propose a suitable thermal model for the cooling down process of a one piston air cooled reciprocating compressor. In order to achieve this, a thermographic camera is used to record the temperature of different measuring points throughout different operating conditions. This data is later analyzed, with statistical tools and graphical visualization. The thermal phenomena present in the thermal process is characterized according to the compressors' geometry. Finally, using the analysis and taking into consideration the thermal phenomena the optimal thermal model is selected. This paper belongs to a bigger project and the last step is to simulate the compressor and the accuracy of the proposed model.
The progress in machine learning has led to advanced deep neural networks. These networks are widely used in computer vision tasks and safety-critical applications. The automotive industry, in particular, has experienced a significant transformation with the integration of deep learning techniques and neural networks. This integration contributes to the realization of autonomous driving systems. Object detection is a crucial element in autonomous driving. It contributes to vehicular safety and operational efficiency. This technology allows vehicles to perceive and identify their surroundings. It detects objects like pedestrians, vehicles, road signs, and obstacles. Object detection has evolved from being a conceptual necessity to an integral part of advanced driver assistance systems (ADAS) and the foundation of autonomous driving technologies. These advancements enable vehicles to make real-time decisions based on their understanding of the environment, improving safety and driving experiences. However, the increasing reliance on deep neural networks for object detection and autonomous driving has brought attention to potential vulnerabilities within these systems. Recent research has highlighted the susceptibility of these systems to adversarial attacks. Adversarial attacks are well-designed inputs that exploit weaknesses in the deep learning models underlying object detection. Successful attacks can cause misclassifications and critical errors, posing a significant threat to the functionality and safety of autonomous vehicles. With the rapid development of object detection systems, the vulnerability to adversarial attacks has become a major concern. These attacks manipulate inputs to deceive the target system, significantly compromising the reliability and safety of autonomous vehicles. In this study, we focus on analyzing adversarial attacks on state-of-the-art object detection models. We create adversarial examples to test the models’ robustness. We also check if the attacks work on a different object detection model meant for similar tasks. Additionally, we extensively evaluate recent defense mechanisms to see how effective they are in protecting deep neural networks (DNNs) from adversarial attacks and provide a comprehensive overview of the most commonly used defense strategies against adversarial attacks, highlighting how they can be implemented practically in real-world situations.
Much of the research in the field of audio-based machine learning has focused on recreating human speech via feature extraction and imitation, known as deepfakes. The current state of affairs has prompted a look into other areas, such as the recognition of recording devices, and potentially speakers, by only analysing sound files. Segregation and feature extraction are at the core of this approach.
This research focuses on determining whether a recorded sound can reveal the recording device with which it was captured. Each specific microphone manufacturer and model, among other characteristics and imperfections, can have subtle but compounding effects on the results, whether it be differences in noise, or the recording tempo and sensitivity of the microphone while recording. By studying these slight perturbations, it was found to be possible to distinguish between microphones based on the sounds they recorded.
After the recording, pre-processing, and feature extraction phases we completed, the prepared data was fed into several different machine learning algorithms, with results ranging from 70% to 100% accuracy, showing Multi-Layer Perceptron and Logistic Regression to be the most effective for this type of task.
This was further extended to be able to tell the difference between two microphones of the same make and model. Achieving the identification of identical models of a microphone suggests that the small deviations in their manufacturing process are enough of a factor to uniquely distinguish them and potentially target individuals using them. This however does not take into account any form of compression applied to the sound files, as that may alter or degrade some or most of the distinguishing features that are necessary for this experiment.
Building on top of prior research in the area, such as by Das et al. in in which different acoustic features were explored and assessed on their ability to be used to uniquely fingerprint smartphones, more concrete results along with the methodology by which they were achieved are published in this project’s publicly accessible code repository.
Total Cost of Ownership (TCO) is a key tool to have a complete understanding of the costs associated with an investment, as it allows to analyze not only the initial acquisition costs, but also the long-term costs related to operation, maintenance, depreciation, and other factors. In the context of the cement industry, TCO is especially important due to the complexity of the production processes and the wide variety of components and machinery involved in the process.
For this reason, a TCO analysis for the cement industry has been conducted in this study, with the objective of showing the different components of the cost of production. This analysis will allow the reader to gain knowledge about these costs, in the industrial model will be to make informed decisions on the adoption of technologies and practices that will allow them to reduce costs in the long run and improve their operational efficiency.
In particular, this study pursues to give visibility to technologies and practices that enable the reduction of carbon emissions in cement production, thus contributing to the sustainability of industry and the protection of the environment. By being at the forefront of sustainability issues, the cement industry can contribute to the achievement of environmentally friendly technologies and enable the development of people and industry.
The Oxyfuel technology has been selected as a carbon capture solution for the cement industry due to its practical application, low costs, and practical adaptation to non-capture processes. The adoption of this technology allows for a significant reduction in CO2 emissions, which is a crucial factor in achieving sustainability in the cement manufacturing process.
Carbon capture storage technologies represent a high investment, although these technologies increase the cost of production, the application of Oxyfuel technology is one of the most economically viable as the cheapest technology per capture according to the comparison. However, this price increase is a technical advantage as the carbon capture efficiency of this technology reaches 90%. This level of efficiency leads to a decrease in taxes for the generation of CO2 emissions, making the cement manufacturing process sustainable.
Schluckspecht project
(2022)
The objective of this thesis is the conceptual design of a battery management system for the first prototype of the UWC (University of the Western Cape) Modular Battery System. The battery system is a lithium-ion battery that aims to be used in renewable energy systems and for niche electric vehicles such as golf carts.
The concept that is introduced in this thesis comprises the parameter monitoring, the safety management and has its main focus on an accurate state of charge estimation.
Another battery system that was already implemented is used as base for the parameter monitoring and the safety management for the new battery management system. In contrast to that, the concept for the state of charge estimation must be developed completely.
Different methods for the state of charge estimation which are based on the measured voltage, current and temperature are discussed, evaluated and the chosen method is conceived in this thesis. The method used for the state of charge estimation is different for the time when the battery is active than when it is inactive. During charge and discharge Coulomb counting is used and when the cell is inactive voltage versus state of charge lookup tables are used to update the estimation.
To have an accurate estimation when the cell is inactive only for a short time, a model of the voltage relaxation is used to predict the voltage when the cells are in equilibrium. This allows the algorithm to reset the state of charge that is estimated by Coulomb counting – which tends to have a growing error over time – frequently.
To evaluate the accuracy of the voltage prediction, cell tests were executed where the voltage relaxation was sampled. The recursive least square method to predict the end voltage was tested with a MATLAB programme. With the help of voltage versus state of charge lookup tables it was possible to determine the state of charge accuracy with the accuracy of the voltage prediction.
To date, many experiments have been performed to study how the internal geometrical shapes of the annular liquid seal can reduce internal leakage and increase pump efficiency. These can be time-consuming and expensive as all rotordynamic coefficients must be determined in each case.
Nowadays, accurate simulation methods to calculate rotordynamic coefficients of annular seals are still rare. Therefore, new numerical methods must be designed and validated for annular seals.
The present study aims to contribute to this labour by providing a summary of the available test rig and seals dimensions and experimental results obtained in the following experiments:
− Kaneko, S et al., Experimental Study on Static and Dynamic Characteristics of Liquid Annular Convergent-Tapered Seals with Honeycomb Roughness Pattern (2003) [1] − J. Alex Moreland, Influence of pre-swirl and eccentricity in smooth stator/grooved rotor liquid annular seals, static and rotordynamic characteristics (2016) [2]
A 3D CAD simulation with Siemens NX Software of the test rig used in J. Alex Moreland’s experiment has been made. The following annular liquid seals have also been 3D modelled, as well as their fluid volume:
− Smooth Annular Liquid Seal (SS/GR) (J. Alex Moreland experiment)
− Grooved Annular Liquid Seal (GS/SR)
− Round-Hole Pattern Annular Liquid Seal (𝐻𝑑=2 mm) (GS/SR)
− Straight Honeycomb Annular Liquid Seal (GS/SR)
− Convergent Honeycomb Annular Liquid Seal (No. 3) (GS/SR)
− Smooth Annular Liquid Seal (SS/SR) (S. Kaneko experiment)
In the case of the seals used in S. Kaneko’s experiments, the test rig has been adapted to each seal, defining interpart expressions which can be easily modified.
Afterwards, it has been done a CFD simulation of the Smooth Annular Liquid Seal using Ansys CFX Software. To do so, the fluid volume geometry has been simplified to do a first approximation. Results have been compared for an eccentricity 𝜀0=0.00 for the following ranges of rotor speeds and differential of pressure:
− Δ𝑃= 2.07, 4.14, 6.21, and 8.27 bar,
− 𝜔= 2, 4, 6 and 8 krpm.
Even results obtained have the same trend as the one proportionated by the literature, they cannot be validated as the error is above 5%. It is also observed that as the pressure drop increases, the relative error decreases considerably.
The COVID-19 pandemic has led to an economic downturn in the Slovak Republic. To bridge corporate liquidity problems the Slovakian Government has introduced several support measures. The investigation discusses the effectiveness of the measures imposed. Based on theoretical foundations, the research question is empirically examined by using a qualitative expert survey. As the automotive industry plays a leading role in Slovakia, the research conducted is oriented towards the financing phases, a typical automotive exporter is undergoing. As a result of the research, bridging loans and government grants were identified as the most important measures. Additionally, tendencies towards political recommendations for action were identified. The research explored, that the Slovakian Government should focus on meeting the short-term liquidity needs, boosting exports and promoting innovation as well as considering a support package for the automotive industry.
How can manufacturers or service companies provide better services with connected products, without having acquired a powerful IT infrastructure nor the competences for software development?
Today companies can appeal to a relocated-IT-infrastructure provider, which is called Cloud.
Consequently, they do not have to manage and take care of the safety/security aspect, the updates and the breakdown of the infrastructure internally, as those are all managed by the provider.
It is possible to outsource the development of the software of the connected product to an external company. However, the question now is how fast this company can juggle from one Cloud to another in order to fulfil their clients wishes?
neverMind offers a solution based on a multi-protocols-platform linking the different connected products to a multitude of Clouds without having to redesign the whole communication stack/building block for each change in the Cloud-solution. This is the object of my thesis.
The development follows the V-Model, the first steps to understand the complexity of the project were the realisation of the product technical and architectural specifications. The last step before the Implementation was to design in details the progress and the process of every parts of the platform.
The outcome of the requirements analysis led me to divide the project in two parts:
• a “General Interface” acting as a gateway between the Client-application and “Cloud-modules”
• the “Cloud-modules” themselves.
So far, the specifications are drown up; the General Interface and a client example are coded, as well as a first Cloud-module template.
The objective of this thesis is the quantification and qualification of neonicotinoid insecticides using thin-layer chromatography (TLC). Neonicotinoids are a relatively new form of pesticides, which have been proven to be extremely lethal to the honey bee, Apis mellifera. In this paper six forms of neonicotinoid insecticides (i.e. Acetamiprid, Thiacloprid, Imidacloprid, Clothianidin, Thaimethoxam, and Nitenpyram) are analysed. The initial steps are to first find a suitable mobile phase eluent, followed by the search for a reagent causing a luminescence effect of the neonicotinoids on a TLC plate. Subsequently, a calibration method is then used to find the detection limit of this TLC experiment. The aim is, therefore, to achieve a standard method of quantifying and qualifying neonicotinoids via TLC. Whilst a suitable mobile phase has been established, an optimal fluorescent reagent has yet to be found and more research on the subject must be carried out.
In the field of network security, the detection of intrusions is an important task to prevent and analyse attacks.
In recent years, an increasing number of works have been published on this subject, which perform this detection based on machine learning techniques.
Thereby not only the well-studied detection of intrusions, but also the real-time capability must be considered.
This thesis addresses the real-time functionality of machine learning based network intrusion detection.
For this purpose we introduce the network feature generator library PyNetFlowGen, which is designed to allow real-time processing of network data.
This library generates 83 statistical features based on reassembled data flows.
The introduced performant Cython implementation allows processing individual packets within 4.58 microseconds.
Based on the generated features, machine learning models were examined with regard to their runtime and real-time capabilities.
The selected Decision-Tree-Classifier model created in Python was further optimised by transpiling it into C-Code, what reduced the prediction time of a single sample to 3.96 microseconds on average.
Based on the feature generator and the machine learning model, an basic IDS system was implemented, which allows a data throughput between 63.7 Mbit/s and 2.5 Gbit/s.
The identification of vulnerabilities is an important element of the software development process to ensure the security of software. Vulnerability identification based on the source code is a well studied field. To find vulnerabilities on the basis of a binary executable without the corresponding source code is more challenging. Recent research has shown how such detection can be performed statically and thus runtime efficiently by using deep learning methods for certain types of vulnerabilities.
This thesis aims to examine to what extent this identification can be applied sufficiently for a variety of vulnerabilities. Therefore, a supervised deep learning approach using recurrent neural networks for the application of vulnerability detection based on binary executables is used. For this purpose, a dataset with 50,651 samples of 23 different vulnerabilities in the form of a standardised LLVM Intermediate Representation was prepared. The vectorised features of a Word2Vec model were then used to train different variations of three basic architectures of recurrent neural networks (GRU, LSTM, SRNN). For this purpose, a binary classification was trained for the presence of an arbitrary vulnerability, and a multi-class model was trained for the identification of the exact vulnerability, which achieved an out-of-sample accuracy of 88% and 77%, respectively. Differences in the detection of different vulnerabilities were also observed, with non-vulnerable samples being detected with a particularly high precision of over 98%. Thus, the methodology presented allows an accurate detection of vulnerabilities, as well as a strong limitation of the analysis scope for further analysis steps.
Cloud computing is a combination of technologies, including grid computing and distributed computing, that use the Internet as a network for service delivery. Organizations can select the price and service models that best accommodate their demands and financial restrictions. Cloud service providers choose the pricing model for their cloud services, taking the size, usage, user, infrastructure, and service size into account. Thus, cloud computing’s economic and business advantages are driving firms to shift more applications to the cloud, boosting future development. It enlarges the possibilities of current IT systems.
Over the past several years, the ”cloud computing” industry has exploded in popularity, going from a promising business concept to one of the fastest expanding areas of the IT sector. Most enterprises are hosting or installing web services in a cloud architecture for management simplicity and improved availability. Virtual environments are applied to accomplish multi-tenancy in the cloud. A vulnerability in a cloud computing environment poses a direct threat to the users’ privacy and security. In our digital age, the user has many identities. At all levels, access rights and digital identities must be regulated and controlled.
Identity and access management(IAM) are the process of managing identities and regulating access privileges. It is considered as a front-line soldier of IT security. It is the goal of identity and access management systems to protect an organization’s assets by limiting access to just those who need it and in the appropriate cases. It is required for all businesses with thousands of users and is the best practice for ensuring user access control. It identifies, authenticates, and authorizes people to access an organization’s resources. This, in turn, enhances access management efficiency. Authentication, authorization, data protection, and accountability are just a few of the areas in which cloud-based web services have security issues. These features come under identity and access management.
The implementation of identity and access management(IAM) is essential for any business. It’s becoming more and more business-centric, so we need more than technical know-how to succeed. Organizations may save money on identity management and, more crucially, become much nimbler in their support of new business initiatives if they have developed sophisticated IAM capabilities. We used these features of identity and access management to validate the robustness of the cloud computing environment with a comparison of traditional identity and access management.
In this work, an implementation of the somewhat homomorphic BV encryption scheme is presented. During the implementation, care was taken to ensure that the resulting program will be as efficient as possible i.e. fast and resource-saving. The basis for this is the work of Arndt Bieberstein, who implemented the BV scheme with respect to functionality. The presented implementation supports the basics of the BV scheme, namely (symmetric and asymmetric) encryption, decryption and evaluation of addition as well as multiplication. Additionally, it supports the encoding of positive and negative numbers, various gaussian sampling methods, basically infinitely large polynomial coefficients, the generation of suitable parameters for a use case, threading and relinearization to reduce the size of a ciphertext after multiplications. After presenting the techniques used in the implementation, it’s actual efficiency is determined by measuring the timings of the operations for various parameters.
Annotated training data is essential for supervised learning methods. Human annotation is costly and laborsome especially if a dataset consists of hundreds of thousands of samples and annotators need to be hired. Crowdsourcing emerged as a solution that makes it easier to get access to large amounts of human annotators. Introducing paid external annotators however introduces malevolent annotations, both intentional and unintentional. Both forms of malevolent annotations have negative effects on further usage of the data and can be summarized as spam. This work explores different approaches to post-hoc detection of spamming users and which kinds of spam can be detected by them. A manual annotation checking process resulted in the creation of a small user spam dataset which is used in this thesis. Finally an outlook for future improvements of these approaches will be made.
When a patient with hearing aids needs to partake in audiometry procedures they need to visit a specialist which costs both time and money. Ideally, the patient should be able to conduct these tests alone, during their own time, and without additional costs. With this idea comes the question of if whether this is possible or not, and, if it is, how.
This thesis explores the throughput of Bluetooth Low Energy and if it is configurable to have a high enough data rate to send high quality audio data with a lossless audio codec while communicating with a low end device. Additionally, this thesis will show that using Rust to develop embedded software is possible and how using it can make the process of doing so easier.
The status quo of PROFINET, a commonly used industrial Ethernet standard, provides no inherent security in its communication protocols. In this thesis an approach for protecting real-time PROFINET RTC messages against spoofing, tampering and optionally information disclosure is specified and implemented into a real-world prototype setup. Therefor authenticated encryption is used, which relies on symmetric cipher schemes. In addition a procedure to update the used symmetric encryption key in a bumpless manner, e.g. without interrupting the real-time communication, is introduced and realized.
The concept for protecting the PROFINET RTC messages was developed in collaboration with a task group within the security working group of PROFINET International. The author of this thesis has also been part of that task group. This thesis contributes by proofing the practicability of the concept in a real-world prototype setup, which consists of three FPGA-based development boards that communicate with each other to showcase bumpless key updates.
To enable a bumpless key update without disturbing the deterministic real-time traffic by dedicated messages, the key update annunciation and status is embedded into the header. By provisioning two key slots, of which only one is in used, while the other is being prepared, a well-synchronized coordinated switch between the receiver and the sender performs the key update.
The developed prototype setup allows to test the concept and builds the foundation for further research and implementation activities, e.g. the impact of cryptographic operations onto the processing time.
It is generally agreed that the development and deployment of an important amount of IoT devices throughout the world has revolutionized our lives in a way that we can rely on these devices to complete certain tasks that may have not been possible just years ago which also brought a new level of convenience and value to our lives.
This technology is allowing us in a smart home environment to remotely control doors, windows, and fridges, purchase online, stream music easily with the use of voice assistants such as Amazon Echo Alexa, also close a garage door from anywhere in the world to cite some examples as this technology has added value to several domains ranging from household environments, cites, industries by exchanging and transferring data between these devices and customers. Many of these devices’ sensors, collect and share information in real-time which enables us to make important business decisions.
However, these devices pose some risks and also some security and privacy challenges that need to be addressed to reach their full potential or be considered to be secure. That is why, comprehensive risk analysis techniques are essential to enhance the security posture of IoT devices as they can help evaluate the robustness and reliability towards potential susceptibility to risks, and vulnerabilities that IoT devices in a smart home setting might possess.
This approach relies on the basis of ISO/IEC 27005 methodology and risk matrix method to highlight the level of risks, impact, and likelihood that an IoT device in smart home settings can have, map the related vulnerability, threats and risks and propose the necessary mitigation strategies or countermeasures that can be taken to secure a device and therefore satisfying some security principles. Around 30 risks were identified on Amazon Echo and the related IoT system using the methodology. A detailed list of countermeasures is proposed as a result of the risk analysis. These results, in turn, can be used to elevate the security posture of the device.
It is demonstrated that microwave structures incorporating dielectric resonators (DR) are accurately characterised by means of a 3-dimensional finite-difference CAD package. All major assumptions made so far have been dropped, offering the possibility of a rigorous analysis of the embedding of dielectric resonators into microwave structures. In particular, a finite thickness for the microstrip conductor has been taken into account. The coupling of the DR to a microstrip placed in a metallic housing has been theoretically and experimentally investigated. Theoretical and experimental results are in good agreement and give new insight into DR coupling to microstrip circuits.
The embedding of microwave devices is treated by applying the finite-difference method to three-dimensional shielded structures. A program package was developed to evaluate electromagnetic fields inside arbitrary transmission-line connecting structures and to compute the scattering matrix. The air bridge, the transition through a wall, and the bond wire are examined as interconnecting structures. Detailed results are given and discussed regarding the fundamental behavior of embedding.
Structures for interconnecting active microwave semiconductor-devices, e.g. FET's and MIC's, with the electrical surrounding or with each other have to be designed more and more carefully when increasing the desired upper frequency limit. Therefore, several connecting structures for device embedding have been examined. Mainly, their applicability for the frequency range from 10 GHz to 100 GHz was considered. Additionally, different equivalent circuits were developed to approximately describe their behaviour for CAD-applications.
The advantages of the coupled-mode (COM) formalism and the transmission-matrix approach are combined in order to create exact and computationally efficient analysis and synthesis tools for the design of coupled surface acoustic wave resonator filters. The models for the filter components, in particular gratings, interdigital transducers (IDTs) and multistrip couplers (MSCs), are based on the COM approach that delivers closed-form expressions. To determine the pertinent COM parameters, the COM differential equations are solved and the solution is compared with analytically derived expressions from the transmission-matrix approach and the Green's function method. The most important second-order effects, such as energy storage, propagation loss, and mechanical and electrical loading, are fully taken into account. As an example, a two-pole, acoustically coupled resonator filter at 914.5 MHz on AT quartz is investigated. Excellent agreement between theory and measurement is found.
As the population grows, so does the amount of biowaste. As demand for energy grows, biogas is a promising solution to the problem. Lignocellulosic materials are challenged of slow degradability due to the presence of polymers such as cellulose, lignin and hemicellulose. There are several pretreatment methods available to enhance the degradability of such materials, including enzymatic pretreatment. In this pretreatment, there are few parameters that can influence the results, the most important being the enzyme to solid ratio and the solid to liquid ratio. During this project, experiments were conducted to determine the optimal conditions for those two factors. It was discovered that a solid to liquid ratio of 31 g of buffer per 1 gram of organic dry matter produced the highest reducing sugar release in flasks when combined with 34 mg of protein per 1 gram of organic dry mass. Additionally, another experiment was carried out to investigate the impact of enzymatic pretreatment on biogas production using artificial biowaste as a substrate. Artificial biowaste produced 577,9 NL/kg oDM, while enzymatically pretreated biowaste produced 639,3 NL/kg oDM. This resulted in a 10,6% rise in cumulative biogas production compared to its use without enzymatic pretreatment. By the conclusion of the investigation, specific cumulative dry methane yields of 364,7 NL/kg oDM and 426,3 NL/kg oDM were obtained from artificial biowaste without and with enzymatic pretreatment, respectively. This resulted in a methane production boost of 16,9%. Additionally in case of the reactors with enzymatically pretreated substrate kinetic constant was lower more than double, where maximum volume of biogas increased, comparing to the reactors without enzymatic pretreatment.
One of the most critical areas of research and expansion has been exploiting new technologies in supply chain risk management. One example of this is the use of Digital Twins. The performance of physical systems can be analyzed and simulated using digital twins, virtual versions of these systems that use real-time data, and sophisticated algorithms. Inside the supply chain risk management field, digital twins present a one-of-a-kind opportunity to improve an organization's ability to anticipate, address, and react to the possibility of problems within the supply chain.
The objective of this study is to identify and assess the advantages that accrue to supply chain risk management as a result of Digital Twins' adoption into the system, as well as to identify the challenges associated with achieving those benefits. In the context of supply chain risk management, a thorough literature study is conducted to analyze the essential traits and capabilities of digital twins and how these qualities lead to enhanced risk management methods. This study investigates the essential properties and capacities of digital twins. In addition, the state of digital twin technology and its applications in supply chain risk management are evaluated, and prospective areas for further study and development are highlighted.
The primary purpose of this investigation is to provide a comprehensive and in-depth analysis of the digital twins' role in supply chain risk management through the utilization of digital twins, as well as to highlight the potential benefits and challenges associated with the implementation of digital twins. The research was carried out based on the existing body of written material and the replies of 27 individuals who had previous experience making use of digital twins and took part in an online questionnaire.
The results of this study will be relevant to a diverse group of stakeholders, including specialists in risk management and researchers, amongst others.
The research paper provides important findings about the development, difficulties and perception of the support measures for exporters introduced by the Austrian government in times of COVID-19 crisis. Based on a literature review using secondary data, eight qualitative interviews were conducted with experts from the Austrian economy and government, among them the Austrian ECA ‘Oesterreichische Kontrollbank AG’. To balance the effects of the COVID-19 pandemic on the Austrian economy, a broad coverage with financing instruments for a wide range of target groups was established. Although the support measures have been well received by companies, insolvencies cannot completely be prevented. Nevertheless, the actual effects are not yet predictable and need to be assessed in further research at a later point in time.
As society continues to age, the implementation of hip stems increases every year. However, there are a variety of different hip stem designs.
The aim of this project is to analyze which hip stem design implemented in a femur is most effective under different static loading conditions such as gait and sideways falling. In addition, a four-point-bending test was carried out. Therefore, the tech-niques were simulated in silico by FEA with Abaqus/CAE 2019.
A short stem, a straight stem and an anatomical stem were tested. All prosthesis are cementless press-fit stems. Each hip stem was examined in physiological and osteoporotic bone applying all three tests. To compare the stems the tests were also applied on a native bone model as a reference. Boundary conditions were used in order to simulate the tests.
The average von Mises stress, tension, compression and the risk of fracture were extracted and compared.
Biomechanical results show that the straight stem induces higher von Mises stresses compared to the anatomical stem. The risk of fracture is higher for osteo-porotic bone than for physiological bone. However, there is no risk of fracture as all the results are below the risk of value.
Decarbonisation Strategies in Energy Systems Modelling: Biochar as a Carbon Capture Technology
(2022)
The energy system is changing since some years in order to achieve the climate goals from the Paris Agreement which wants to prevent an increase of the global temperature above 2 °C. Decarbonisation of the energy system has become for governments a big challenge and different strategies are being stablished. Germany has set greenhouse gas reduction limits for different years and keeps track of the improvement made yearly. The expansion of renewable energy systems (RES) together with decarbonisation technologies are a key factor to accomplish this objective.
This research is done to analyse the effect of introducing biochar, a decarbonisation technology, and study how it will affect the energy system. Pyrolysis is the process from which biochar is obtained and it is modelled in an open-source energy system model. A sensibility analysis is made in order to assess the effect of changing the biomass potential and the costs for pyrolysis.
The role of pyrolysis is analysed in the form of different future scenarios to evaluate the impact. The CO2 emission limits from the years 2030 and 2045 are considered to create the scenarios, as well as the integration of flexibility technologies. Four scenarios in total are assessed and the result from the sensibility analysis considering pyrolysis are always compared to the reference scenario, where pyrolysis is not considered.
Results show that pyrolysis has a bigger impact in the energy system when the CO2 limit is low. Biochar can be used to compensate the emissions from other conventional power plant and achieve an energy transition with lower costs. Furthermore, it was also found that pyrolysis can also reduce the need of flexibility. This study also shows that the biomass potential and the pyrolysis costs can affect a lot the behaviour of pyrolysis in the energy system.
The COVID-19 pandemic has been spreading rapidly across the globe and has seriously affected global trade. In order to reduce the pandemic’s impact on their economy, the French government released a support plan referring to the COVID-19 crisis. Since mid-tier companies play a leading role in France’s export, this paper deals with the measures taken by the French government to support especially French mid-tier export companies. Based on empirical literature and recent publications, the research question is analyzed by conducting interviews with experts, such as market participants, governmental institutions and an expert for trade and innovation. As a result of the research, the emergency measures taken by the French government, such as the CAP Francexport reinsurance scheme, the extension of cover for export guarantees, additional information and assistance, and the deferral of tax and social security contributions have mitigated the effects at first instance.
The Timed-Up-and-Go (TUG) test aims to assess mobility, balance, walking ability, and fall risk during walking. The instrumentalization of the TUG is already described in the literature and is beginning to be implemented in the industry. The products proposed by Zhortech and Digitsole, namely connected insoles, as well as additional sensors placed on the sternum and the right and eventually left femur allow the instrumentalization of the test.
An algorithm of detection and evaluation of the TUG has been developed in two versions. The first one (V1) aiming simply to calculate the total duration of the test. A second version is an improvement of V1, allowing to segment the TUG in three sub-phases: Sit-Stand, walking, Stand-Sit. These algorithms have been declined in a variant with the five sensors mentioned, and one without the sensor of the left femur.
The performance of the algorithms was compared to manual labeling performed on video. The comparison includes a bland-Altman plot and a correlation for the total test duration, but also for the sub-phase’s duration according to the two variants.
The TUG duration shows very good results regarding the limits of agreements (lLoA = -0.33 s and uLoA+0.6 s). The bias of 0.13 s indicated that the algorithm overrates the duration of the TUG. The results of the TUG subphases are less accurate. Although the correlation coefficient is between 0.76 and 0.96 for the different subphases, the limits of agreements are still very high, between -0.71 s and -0.5 s for the lLoA and +0.39 s and +0.58 s for the uLoA. These limits of agreements indicated that the Sit-Stand and Stand-Sit transition are not accurate enough yet. The dispersion is high for a transition that could last between about one and six seconds. The two variants, with and without a sensor on the left femur, present similar results.
Among the billions of smartphone users in the world, Android still holds more than 80% of the market share. The applications which the users install have a specific set of features that need access to some device functionalities and sensors that may hold sensitive information about the user. Therefore, Android releases have set permission standards to let the user know what information is being disclosed to the application. Along with other security and privacy improvements, significant changes to the permission scheme are introduced with the Android 6.0 version (API level 23). In this master thesis, the Android permission scheme is tested on two devices from different eras. The evolution of Android over the years is examined in terms of confidentiality. For each device, two applications are built; one focused on extracting every piece of information within the confidentiality scope with every permission declared and/or requested, and the other app focused on getting this type of information without user notification. The resulting analysis illustrates whether how and in what way the Android permission scheme declined or improved over time.
Even though the internet has only been there for a short period, it has grown tremendously. To- day, a significant portion of commerce is conducted entirely online because of increased inter- net users and technological advancements in web construction. Additionally, cyberattacks and threats have expanded significantly, leading to financial losses, privacy breaches, identity theft, a decrease in customers’ confidence in online banking and e-commerce, and a decrease in brand reputation and trust. When an attacker pretends to be a genuine and trustworthy institution, they can steal private and confidential information from a victim. Aside from that, phishing has been an ongoing issue for a long time. Billions of dollars have been shed on the global economy. In recent years, there has been significant progress in the development of phishing detection and identification systems to protect against phishing attacks. Phishing detection technologies frequently produce binary results, i.e., whether a phishing attempt was made or not, with no explanation. On the other hand, phishing identification methodologies identify phishing web- pages by visually comparing webpages with predetermined authentic references and reporting phishing together with its target brand, resulting in findings that are understandable. However, technical difficulties in the field of visual analysis limit the applicability of currently available solutions, preventing them from being both effective (with high accuracy) and efficient (with little runtime overhead). Here, we evaluate existed framework called Phishpedia. This hybrid deep learning system can recognize identity logos from webpage screenshots and match logo variants of the same brand with high precision. Phishpedia provides high accuracy with low run- time. Lastly, unlike other methods, Phishpedia does not require training on any phishing sam- ples whatsoever. Phishpedia exceeds baseline identification techniques (EMD, PhishZoo, and LogoSENSE), inaccurately detecting phishing pages in lengthy testing using accurate phishing data. The effectiveness of Phishpedia was tested and compared against other standard machine learning algorithms and some state-of-the-art algorithms. The given solutions performed better than different algorithms in the given dataset, which is impressive.
The COVID-19 pandemic has the global economy under control. This paper deals with the economic consequences in Germany and shows the measures taken by the German government to support especially small and medium-sized export companies. The structure of the German economy and foreign trade promotion are explained as a basis. After considering the government's support measures, an evaluation of country comparisons shows that there is still potential for further measures, especially in direct lending and debt moratorium. The analysis is based on quantitative data from surveys and qualitative results from interviews with relevant ministries and market participants as well as recent publications.
Privacy is the capacity to keep some things private despite their social repercussions. It relates to a person’s capacity to control the amount, time, and circumstances under which they disclose sensitive personal information, such as a person’s physiology, psychology, or intelligence. In the age of data exploitation, privacy has become even more crucial. Our privacy is now more threatened than it was 20 years ago, outside of science and technology, due to the way data and technology highly used. Both the kinds and amounts of information about us and the methods for tracking and identifying us have grown a lot in recent years. It is a known security concern that human and machine systems face privacy threats. There are various disagreements over privacy and security; every person and group has a unique perspective on how the two are related. Even though 79% of the study’s results showed that legal or compliance issues were more important, 53% of the survey team thought that privacy and security were two separate things. Data security and privacy are interconnected, despite their distinctions. Data security and data privacy are linked with each other; both are necessary for the other to exist. Data may be physically kept anywhere, on our computers or in the cloud, but only humans have authority over it. Machine learning has been used to solve the problem for our easy solution. We are linked to our data. Protect against attackers by protecting data, which also protects privacy. Attackers commonly utilize both mechanical systems and social engineering techniques to enter a target network. The vulnerability of this form of attack rests not only in the technology but also in the human users, making it extremely difficult to fight against. The best option to secure privacy is to combine humans and machines in the form of a Human Firewall and a Machine Firewall. A cryptographic route like Tor is a superior choice for discouraging attackers from trying to access our system and protecting the privacy of our data There is a case study of privacy and security issues in this thesis. The problems and different kinds of attacks on people and machines will then be briefly talked about. We will explain how Human Firewalls and machine learning on the Tor network protect our privacy from attacks such as social engineering and attacks on mechanical systems. As a real-world test, we will use genomic data to try out a privacy attack called the Membership Inference Attack (MIA). We’ll show Machine Firewall as a way to protect ourselves, and then we’ll use Differential Privacy (DP), which has already been done. We applied the method of Lasso and convolutional neural networks (CNN), which are both popular machine learning models, as the target models. Our findings demonstrate a logarithmic link between the desired model accuracy and the privacy budget.
This thesis deals with the creation of a cross-platform application using Xamarin.Forms. The cross-platform application will cover three different platforms android, iOS, and UWP.
The application is the first concept of a possible feature for a companion application for LS telcom. There, the user can identify cell antennas using a map-view and a camera-view making the application an augmented reality application. Thus, the user can search for a specific cell and access various information that he would not be able to see with his eyes like for example the frequency of the transmitting cells.
The cell data is generated from three different sources, Cartoradio, OpenCelliD, and the LS telcom databrowser. Eventually, the decision was taken, that the main source should be the LS telcom databrowser which has multiple advantages over the other cell sources.
The cells on the map-view are placed using the extracted coordinates from the source data. However, the cells on the camera-view are placed with complex calculations using different formulas like the Haversine formula to calculate the distance between the cell and the user and the bearing to calculate the angle between the cell and the user. Various settings will allow the user to personalize the application according to his wishes.
The Project "Schluckspecht" of the University of Offenburg consists of participating in the European marathon called "Shell Eco-Marathon"(SEM) which consists of designing and building from the beginning a vehicle with the greatest possible energy efficiency. The University of Offenburg has participated in this project since 1998.
The team that forms the Schluckspecht project is made up of around 30 students from the faculties of mechanical engineering, process engineering, electrical engineering, medical technology and computer science, as well as the degree in Audiovisual Communication. The team was founded in 1998 and since then students have been developing and building high efficiency vehicles to participate in the European marathon Shell Eco.
In this project, students can put into practice all the theoretical knowledge obtained during their studies. Also can be learned how to work interdisciplinarity as a team, a skill that for now, many companies or require or seek.
The following topics are discussed in the Schluckspecht project, which are also ideal for the work of students:
-Conception construction and production of high efficiency vehicles.
-Computational design and manufacture of lightweight components and sets.
-Development of lightweight components and sets from renewable raw materials.
-Construction and development of special test benches, for example: motor test bench.
-Implementation and optimization of control strategies for autonomous driving
-Mechanical and electrical integration of sensors for autonomous driving
-Ergonomic studies and optimization of the driver's cabin.
The objective of the project is to develop and manufacture research vehicles that make individual mobility as efficient as possible from an energy point of view. To achieve this, current and future issues of the industry are discussed. In this project, both the theoretical and practical part of the light construction of vehicles and the reduction of friction, the variety of propulsion concepts (electric thrusters, fuel cells, diesel/petrol engines, Stirling engines) and autonomous driving are investigated. The services of the University of Offenburg together with some external partners are grouped together to make this wonderful project work.
The Projekt-Sweaty is a project of the University of Applied Sciences of Offenburg, an autonomous robot is being developed that competes against a set of several international colleges and universities in the RoboCup.
"Sweaty" is a soccer-playing humanoid robot who participated in the RoboCup World Cup in Brazil for the first time in 2014.
RoboCup is a competition aimed at developing a robot soccer team that surpasses the human world champion team. The competition started in 1997 the first official RoboCup games and conferences were held with great success. More than 40 teams took part and more than 5,000 spectators attended. RoboCup’s rules change to promote advances in robot science and technology and to bring the league’s challenges closer to the real world.
Building a robot that plays football will not in itself generate a significant social and economic impact, but the realization will certainly be considered an important success for the field of robotics.
Thanks to the interaction of all the faculties, the team consists of professors and students from the fields of mechanical and process engineering, electrical engineering, information technology, and information and media technology. Students can use the project during their studies and use the knowledge acquired in practice to implement and through their own creative ideas complement.
Decarbonisation Strategies in Energy Systems Modelling: APV and e-tractors as Flexibility Assets
(2023)
This work presents an analysis of the impact of introducing Agrophotovoltaic technologies and electric tractors into Germany’s energy system. Agrophotovoltaics involves installing photovoltaic systems in agricultural areas, allowing for dual usage of the land for both energy generation and food production. Electric tractors, which are agricultural machinery powered by electric motors, can also function as energy storage units, providing flexibility to the grid. The analysis includes a sensitivity study to understand how the availability of agricultural land influences Agrophotovoltaic investments, followed by the examination of various scenarios that involve converting diesel tractors to electric tractors. These scenarios are based on the current CO2 emission reduction targets set by the German Government, aiming for a 65% reduction below 1990 levels by 2030 and achieving zero emissions by 2045. The results indicate that approximately 3% of available agricultural land is necessary to establish a viable energy mix in Germany. Furthermore, the expansion of electric tractors tends to reduce the overall system costs and enhances the energy-cost-efficiency of Agrophotovoltaic investments.
If the current situation could be described in one word, it would be ‘uncertainty’. In times of global crisis, it is important to support the economy to keep businesses alive. Therefore, this paper shows the Finnish government measures and how exporters can benefit from them. Looking in particular at the maritime sector, the research pointed out that there were not that many specific measures for exporters and shipbuilders. This essay detected that the provided measures are suitable for the needs of the affected companies and are an effective instrument by the government to stabilise the industry. This is proved by the number of companies taking advantage of these loans, grants and guarantees. Due to the already mentioned uncertainty, it remains unclear how measures have to be adjusted in the future.
The aim of this essay is to analyse and evaluate the Italian government measures for exporters in response to COVID-19. The unexpected, rapid and hardly predictable consequences of the pandemic paralyzed the entire globe. For a long time, Italy was the epicentre of the virus, which caused severe damage in the Italian export economy dropping temporarily more than 40%. The Italian government reacted exemplary fast and took multiple countermeasures of high extent especially through the Italian export credit agency SACE. On the one hand, the internationally compared broad structure of SACE was a huge advantage, which allowed to release quickly numerous measures. On the other hand, there is room for improvement regarding the accessibility of measure-related information, which has been partially only available in Italian. Furthermore, there is a remarkable risk resulting from the combination of the high monetary effort to enable the numerous measures, the difficult financial situation of the Italian government and the unpredictability of the COVID-19 consequences.
Cloud computing has revolutionized the way businesses operate by providing them with access to scalable, cost-effective, and flexible IT resources. This technology has enabled businesses to store, manage, and process data more efficiently, leading to improved competitiveness and increased revenue. The purpose of this thesis is to explore the impacts of using cloud computing from a business perspective. The research employs both primary and secondary sources of data, including a literature review, interviews with employees who have more than 5 years of experience, a questionnaire, and observations from Billwerk+ company.
The findings of this research indicate that cloud computing has had a significant impact on businesses, providing them with cost savings, improved agility and flexibility, and enhanced access to data and applications. However, it has been revealed that the benefits of cloud computing for companies may vary according to the departments of the employees. The results of this research contribute to the existing body of knowledge on the topic of cloud computing and its impact on businesses. The findings of this thesis can be used by business owners, managers, technology professionals, and students to make informed decisions about the adoption and use of cloud computing technology.
In conclusion, this thesis provides a comprehensive understanding of the impacts of using cloud computing from a business perspective, highlighting the factors that companies consider when deciding to use cloud environments and the views from different departments. The results of this research will be valuable to a wide range of individuals interested in exploring the implications of cloud computing for businesses.
Conceptualization and implementation of automated optimization methods for private 5G networks
(2023)
Today’s companies are adjusting to the new connectivity realities. New applications require more bandwidth, lower latency, and higher reliability as industries become more distributed and autonomous. Private 5th Generation (5G) networks known as 5G Non-Public Networks (5G-NPN), is a novel 3rd Generation Partnership Project (3GPP)- based 5G network that can deliver seamless and dedicated wireless access for a particular industrial use case by providing the mentioned application’s requirements. To meet these requirements, several radio-related aspects and network parameters should be considered. In many cases, the behavior of the link connection may vary based on wireless conditions, available network resources, and User Equipment (UE) requirements. Furthermore, Optimizing these networks can be a complex task due to the large number of network parameters and KPIs that need to be considered. For these reasons, traditional solutions and static network configuration are not affordable or simply impossible. Despite the existence of papers in the literature that address several optimization methods for cellular networks in industrial scenarios, more insight into these existing but complex or unknown methods is needed.
In this thesis, a series of optimization methods were implemented to deliver an optimal configuration solution for a 5G private network. To facilitate this implementation, a testing system was implemented. This system enables remote control over the UE and 5G network, establishment of a test environment, extraction of relevant KPI reports from both UE and network sides, assessment of test results and KPIs, and effective utilization of the optimization and sampling techniques.
The research highlights the advantageous aspects of automated testing by using OFAT, Simulated Annealing, and Random Forest Regressor methods. With OFAT, as a common sampling method, a sensitivity analysis and an impact of each single parameter variation on the performance of the network were revealed. With Simulated Annealing, an optimal solution with MSE of roughly 10 was revealed. And, in the Random Forest Regressor, it was seen that this method presented a significant advantage over the simulated annealing method by providing substantial benefits in time efficiency due to its machine- learning capability. Additionally, it was seen that by providing a larger dataset or using some other machine-learning techniques, the solution might be more accurate.
This seminar paper examines government measures to support export-oriented companies in Belgium. After a short overview of the Belgian economy and the impact of the Covid-19 crisis, the paper introduces the available government measures for exporters. In particular, the role of Credendo as a Belgian export-credit insurance company will be discussed, and its measures will be examined in more detail. In addition, federal measures of the Belgian government will be identified, and a summary of the most important regional measures will be provided. The entirety of government measures available to export-oriented companies will be reviewed and options for the future activities of export-oriented companies will be pointed out.
Android is the most popular mobile operating system. Its omnipresence leads to the fact that it is also the most popular target amongst malware developers and other computer criminals. Hence, this thesis shows the security-relevant structures of Android’s system and application architecture. Furthermore, it provides laboratory exercises on various security-related issues to understand them not only theoretically but also deal with them in a practical way. In order to provide infrastructure-independent education, the exercises are based on Android Virtual Devices (AVDs).
In this work, the authors have dealt with the question of what measures have been taken by the Danish government to support exporters during the time of COVID-19. The analysis first looks at Denmark's general economic situation. In the following, Denmark's governmental and financial measures to support exporters are briefly explained. In addition to the economic and financial effects, the issue of green energy has also become a major focus of political attention in times of crisis. Denmark is a pioneer in the wind energy sector and accounts for a large share of exports. For this reason, the impact and possible future developments for the wind sector in connection with the pandemic are also being investigated.
Quarz crystal microbalances allow the monitoring of the adsorption process of mass from a liquid to their surface. The adsorbed mass can be analysed regarding to its protein content using mass spectromety. To ensure the protein identification the results of several measurements can be combined. A high content QCM-D array was developed to allow up to ten measurements parallel. The samples can be routed inside the array distributing one sample to several chips. The fluidic parts were prototyped using 3D printing. The assembled array was tight and the sample routing function could be demonstrated. A temperature controller was developed and implemented. The parameters for the PID controller were determined and the controller was shown to be able to keep the temperature constant over long time with high accuracy.
Server Side Rendering (SSR), Single Page Application (SPA), and Static Site Generation (SSG) are the three most popular ways of making modern Web applications today. If we go deep into these processes, this can be helpful for the developers and clients. Developers benefit since they do not need to learn other programming languages and can instead utilize their own experience to build different kinds of Web applications; for example, a developer can use only JavaScript in the three approaches. On the other hand, clients can give their users a better experience.
This Master Thesis’s purpose was to compare these processes with a demo application for each and give users a solid understanding of which process they should follow. We discussed the step-by-step process of making three applications in the above mentioned categories. Then we compared those based on criteria such as performance, security, Search Engine Optimization, developer preference, learning curve, content and purpose of the Web, user interface, and user experience. It also talked about the technologies such as JavaScript, React, Node.js, and Next.js, and why and where to use them. The goals we specified before the program creation were fulfilled and can be validated by comparing the solutions we gave for user problems, which was the application’s primary purpose.
The coronavirus affects the strongly export-oriented Swiss economy in a situation where political and economic developments are already making the cross-border exchange of goods and services difficult. For this reason, the question arises of how Switzerland can maintain or strengthen its position in global competition in the export business during an unprecedented period of crisis such as the current one.
In order to find an answer to this question, this paper critically examines the existing government support measures for Swiss exporters in times of COVID-19. The fact that Switzerland has so far not taken any specific support measures for exporters raises the actual research question of whether there is a specific necessity and demand for a special export promotion. To answer this research question, various expert opinions are compared and overall conclusions are drawn. By rapidly introducing and adapting the already existing instruments – liquidity assistance and an expansion of short-time work benefits – the federal government was able to ensure the survival of many companies. According to the authors of this paper, this focus of government support in times of crisis is just right for a small national economy in the short term and therefore preferable to a specific support of exporters. Nevertheless, given the high relative importance of foreign trade for Switzerland’s overall economic performance, there can be no recovery of national economy without a recovery of foreign trade.
Automation research has become one of the most important tools for future thinking organizations. It includes studying the economic and social aspects to determine how accountants were affected by automating the accounting profession. Moreover, this research studied the social aspect of automation, including the accountants' satisfaction and agreement towards the shift from manual-based accounting to automated accounting. Additionally, the purpose of the research was to comprehend the aspects that affect the variance of the satisfaction and agreement levels before and after automation and whether there is a relationship between those satisfaction and agreement levels and the demographic profile of accountants.
A quantitative method was used to answer the research questions. The findings and results were gathered through an online survey. The respondents in the study represent forty-three accountants who are located and working in Germany. The implications and conclusions of the research were observed from the accountants' perspective.
The research results presented that the automation of accounting significantly impacted the accountants' profession. It indicated that accountants are satisfied with automated accounting and agree with its effects and impacts on their profession. Accountants agreed that automated accounting tasks made the accounting process more effective and valuable. The findings also showed that educational level and length of experience in automated accounting are correlated with the satisfaction of accountants towards automated accounting. It presented that the more experience in automation and higher education accountants have, the more satisfied they are with automated accounting. Due to this phenomenon, higher qualifications and more basic IT knowledge are required in comparison with previous times.
British Government long-term Measures for Exporters in the Manufacturing Sector in Times of COVID-19
(2020)
The authors of this paper have addressed the question of what measures have been taken by the British government to support exporters in the manufacturing sector in the era of COVID-19. A classification of the manufacturing export industry in the British economy as a whole and the impending economic impact of COVID-19 were also examined. It should be noted that the United Kingdom is facing major structural changes as a result of the Corona pandemic and its withdrawal from the European Union, which are examined more in detail in this paper. The UKEF, in cooperation with other institutions, provides a number of finance facilities for exporters already before Corona crisis. The access to get this support has been facilitated for the COVID-19 affected exporters, but no additional measures were made available.
This research presents a comprehensive exploration of hydroponic systems and their practical applications, with a focus on innovative solutions for managing environmental and analytical sensors in hydroponic setups. Hydroponic systems, which enable soilless cultivation, have gained increasing importance in modern agriculture due to their resource-efficient and high-yield nature.
The study delves into the development and deployment of the SensVert system, an adaptable solution tailored for hydroponic environments. SensVert offers adaptability and accessibility to farmers across various agricultural domains, addressing contemporary challenges in supervising and managing environmental and analytical sensors within hydroponic setups. Leveraging LoRa technology for seamless wireless data transmission, SensVert empowers users with a feature-rich dashboard for real-time monitoring and control. The study showcases the practical implementation of SensVert through a single sensor node, seamlessly integrating temperature, humidity, pressure, light, and pH sensors. The system automates pH regulation, employing the Henderson-Hasselbalch equation, and precisely controls liquid dosing using a PID controller. At the core of SensVert lies an architecture comprising The Things Stack as the network server, Node-Red as the application server, and Grafana as the user interface. These components synergize within a local network hosted on a Raspberry Pi; effectively mitigating challenges associated with data packet transmission in areas with limited internet connectivity.
As part of ongoing research, this work also paves the way for future advancements. These include the establishment of a wireless sensor network (WSN) utilizing LoRa technology, enabling seamless over-the-air sensor node updates for maintenance or replacement scenarios. These enhancements promise to further elevate the system's reliability and functionality within hydroponic cultivation, fostering sustainable agricultural practices.
The current thesis conducts the study on the integration of digitalization techniques aimed at improving energy supply efficiency in off-grid energy systems. The primary objective is to fortify the security of energy supply in remote areas, particularly in instances of adverse weather conditions, unanticipated changes in load and fluctuations in the performance of renewable energy systems. This objective is to be achieved through the implementation of a smart load management strategy in stand-alone photovoltaic systems (SAPVS). This strategy involves deployment of forecasting algorithms on an edge device that operates with limited processing resources in an environment characterized for the lack of internet connection. The edge device is designed to interact with a smart home gateway that prioritizes, and schedules smart appliances based on the forecasted state of charge (SOC) in the 36-hours ahead of the SAPVS operation (the implementation of the loads schedule deployed on the Home Assistant device is out of the scope of the tasks implemented for this project).
The edge device, developed using a Raspberry Pi 3B+, was specifically intended for being implemented along with a SAPVS, in remote areas such as health stations in Africa and tropical islands, providing communities with a reliable source of electrical energy. The deployment of the strategy was carried out in four phases. The first phase involved the implementation of an Extraction-Transformation-Load (ETL) pipeline, where data was gathered from various heterogeneous hardware sources of an implemented test system that served as the enabler and testbench of this research, this test stand is composed of power electronics components such as an inverter, a MPPT solar charge controller, a smart meter, and a BOS LiFePo4 battery prototype. In the transformation stage, a data model was developed to identify the most critical parameters of the energy system, and to eliminate outliers and null values. In the load stage, a local SQL database was established for saving and structuring the data gathered and to ensure high-quality data with defined units and casting.
The second phase involved data analysis to identify the relevant features and potential exogenous variables for the forecasting model to implement. In the third phase, an Auto Regressive Moving Average (ARMA) model with two selected exogenous variables was implemented to forecast the AC load consumption profile for the 36- hours ahead of the off-grid system operation. The final phase involved the information exchange with the Home Assistant device, by transferring to it from the edge device the battery SOC present value and the predicted 36-hour ahead AC load profile information for prioritization and scheduling of loads; this through an MQTT interface.
The outcome of the experiment was a successful deployment of a data engineering and data forecasting approach that enabled data quality strategy implementation, local database storage, and forecasting algorithms on a processing and internet-constrained edge device. The interface with a home assistant implementation resulted in the successful execution of smart load management endeavors in an off-grid system, thereby enhancing the energy security of supply and contributing to the advancement of data-driven strategies in the rural electrification sector.
This thesis emphasizes the significance of digitalization strategies in smart SAPVS and highlights the potential of edge computing solutions in achieving seamless energy management in smart homes.
An organized strategy to ensure the security of an organization is an information security management system. During various security crises, hazards, and breaches, this strategy aids an organization in maintaining the confidentiality, integrity, and accessibility of information. Organizations are getting ready to comply with information security management system criteria. Despite this, security concerns continue to plague ineffective controls, have poor connectivity, or cause a silo effect, which is a common cause. One of the causes is a low maturity model that is not synchronized with the organization’s business processes. For a higher level of maturity, it is best to evaluate the practices.
Different maturity models on information security and cyber security capacity, management processes, security controls, implementation level, and many more have already been developed by numerous international organizations, experts, and scholars. The present models, however, do not assess a particular organization's particular practices. The evaluation of the business process is frequently neglected because measurement requirements for models are typically more concentrated on examining specific elements. For this reason, it caused the maturity assessment to not be executed explicitly and broadly.
We developed an organizational information security maturity model, a combination of work of different maturity models currently existing. While making this model, we considered that any size or type of organization could use this model. The model considers the success elements of the information security management system when assessing the implementation's effectiveness. We employed a mixed-method strategy that included both qualitative and quantitative research. With the help of a questionnaire survey, we evaluated the previous research using a qualitative methodology. In the quantitative method, we'll figure out how mature the information security management system is now. The proposed model could be used to reduce security incidents by improving implementation gaps.
As cyber threats continue to evolve, it is becoming increasingly important for organizations to have a Security Operations Center (SOC) in place to effectively defend against them. However, building and maintaining a SOC can be a daunting task without clear guidelines, policies, and procedures in place. Additionally, most current SOC solutions used by organizations are outdated, lack key features and integrations, and are expensive to maintain and upgrade. Moreover, proprietary solutions can lead to vendor lock-in, making it difficult to switch to a different solution in the future.
To address these challenges, this thesis proposes a comprehensive SOC framework and an open-source SOC solution that provides organizations with a flexible and cost-effective way to defend against modern cyber threats. The research methodology involved conducting a thorough literature review of existing literature and research on building and maintaining a SOC, including using SOC as a service. The data collected from the literature review was analyzed to identify common themes, challenges, and best practices for building and maintaining a SOC.
Based on the data collected, a comprehensive framework for building and maintaining a SOC was developed. The framework addresses essential areas such as the scope and purpose of the SOC, governance and leadership, staffing and skills, technologies and tools, processes and procedures, service level agreements (SLAs), and evaluation and measurement. This framework provides organizations with the necessary guidance and resources to establish and effectively operate a SOC, as well as a reference for evaluating the service provided by SOC service providers.
In addition to the SOC framework, a modern open-source SOC solution was developed, which emphasizes several key measures to help organizations defend against modern cyber threats. These measures include real-time, actionable threat intelligence, rapid and effective incident response, continuous security monitoring and alerting, automation, integration, and customization. The use of open-source technologies and a modular architecture makes the solution cost-effective, allowing organizations to scale it up or down as needed.
Overall, the proposed SOC framework and open-source SOC solution provide organizations with a comprehensive and systematic approach for building and maintaining a SOC that is aligned with the needs and objectives of the organization. The open-source SOC solution provides a flexible and cost-effective way to defend against modern cyber threats, helping organizations to effectively operate their SOC and reduce their risk of security incidents and breaches.
The purpose of this master's thesis was to set up a test bed for the absorption of chemical compounds by carbon-based sorbents and polymers and to develop a method for the detection of these substances applied by liquid chromatography.
The study made it possible to demonstrate the effectiveness of both polymers and biochars sorbents for the adosorption of specific substances. The results obtained open new paths on the study of biochar for the treatment of contaminated water. Some biochars made from plant-based materials have been shown to be almost as effective as commercial products used in plants. The developed chromatography method allows efficient separation of substances and their detection.
The Internet of Things is spreading significantly in every sector, including the household, a variety of industries, healthcare, and emergency services, with the goal of assisting all of those infrastructures by providing intelligent means of service delivery. An Internet of Vulnerabilities (IoV) has emerged as a result of the pervasiveness of the Internet of Things (IoT), which has led to a rise in the use of applications and devices connected to the IoT in our day-to-day lives. The manufacture of IoT devices are growing at a rapid pace, but security and privacy concerns are not being taken into consideration. These intelligent Internet of Things devices are especially vulnerable to a variety of attacks, both on the hardware and software levels, which leaves them exposed to the possibility of use cases. This master’s thesis provides a comprehensive overview of the Internet of Things (IoT) with regard to security and privacy in the area of applications, security architecture frameworks, a taxonomy of various cyberattacks based on various architecture models, such as three-layer, four-layer, and five-layer. The fundamental purpose of this thesis is to provide recommendations for alternate mitigation strategies and corrective actions by using a holistic rather than a layer-by-layer approach. We discussed the most effective solutions to the problems of privacy and safety that are associated with the Internet of Things (IoT) and presented them in the form of research questions. In addition to that, we investigated a number of further possible directions for the development of this research.
Technology advancement has played a vital role in business development; however, it has opened a broad attack surface. Passwords are one of the essential concepts used in applications for authentication. Companies manage many corporate applications, so the employees must meet the password criteria, which leads to password fatigue. This thesis addressed this issue and how we can overcome this problem by theoretically implementing an IAM solution. In this, we disused MFA, SSO, biometrics, strong password policies and access control. We introduced the IAM framework that should be considered while implementing the IAM solution. Implementing an IAM solution adds an extra layer of security.
The interest of scientists to study motion sequences exists in the fields of sports science, clinical analysis and computer animation for quite some time. While in the last decades mainly markerbased motion capture systems have been used to evaluate movements, the interest in markerless systems is growing more and more. Nevertheless, in the field of clinical analysis, markerless methods have not yet proven their value, partly due to a lack of studies evaluating the quality of the obtained data. Therefore, this study aims to validate two markerless motion capture softwares from Simi Reality Motion Systems. The software Simi Shape, which is a mixture of traditional image-based tracking supported by an artificial intelligence net (AI net), and the software Crush, that uses a completely AI-based method. For this purpose, all motion data was recorded with two in-house motion capture systems. One system for recording the movements for a markerbased evaluation as gold standard and one system for markerless tracking. Within a laboratory environment, eight cameras per system were mounted around the area of motion. By placing two cameras in the same position and using the same calibration, deviations in the image data between those for markerbased and markerless tracking were extremely minimal. Based on this data, markerbased tracking was performed using the Simi Motion program, markerless tracking was performed using the Simi Shape software system and the latest software from Simi Reality Motion Systems, Crush. When comparing the markerless data with the markerbased data, an average root mean square error of 0,038 m was calculated for Simi Shape and a deviation of 0,037 m for Crush. In a direct comparison of the two markerless systems, a root mean square error of 0,019 m was scored. Based on these data, conclusions could be drawn about the accuracies of the two markerless systems. The obtained kinematic data of the tracking are in the range of high accuracy, which is limited to a deviation of less than 0,05 m according to the literature.
Estimation and projecting total steel industry production costs from 2019 to 2030 for Germany
(2023)
This thesis analyses the total production cost of the German steel industry from 2019 to 2022, as well as a projection of the German steel industry's total production cost until 2030. The research separates the costs of steel production into their primary components, such as raw materials, energy, CO2 cost, capital expenses and operating expenses. The cost of steel production is determined separately for primary steelmaking with the blast furnace and basic oxygen furnace (BF-BOF) and secondary steelmaking with the electric arc furnace (EAF).
The analysis indicates that, following the COVID-19 disaster and the fuel crisis, the overall cost of producing steel in Germany has progressively risen over the previous few years, reaching its peak in the first half of 2022. In addition, there are considerable disparities between the production costs of primary and secondary steelmaking processes, with primary steelmaking generally being more expensive.
In this analysis, the total cost of production for the German steel industry in the year 2030 has been estimated by taking into account historical trends as well as other predictions that are currently available.
This thesis provides overall insights on the economics of the German steel sector. By giving thorough information on production costs and changes over time, this research can assist guide crucial future investment decisions in this essential industry. To ensure long-term success, our findings emphasize the significance of investing in more sustainable and ecologically friendly steel production processes.
This essay deals with the Spanish economy and especially with the Spanish governmental measures for SME exporters in times of COVID-19. The focus was set on SMEs, as they are an essential part of trade for the government and are particularly affected by the pandemic. Since the financial crisis, the Spanish economy has become highly diversified, with a greater focus on exports. Competitiveness, productivity and efficiency have increased significantly. The Spanish government measures largely affect the areas liquidity and financing, taxes and protection of the employment. One of the most important measures is the 100-billion-euro credit line and the policies on unemployment. The Spanish government is dependent on further aid packages and is criticized for the measures.
The tenth edition of the successful report "Project Management Software Systems" provided the complete guide to a successful project management software selection program. It includes an extensive overview of the leading products on the market. If you are seeking to purchase project (portfolio) management software for your organization, this report from BARC and GPM puts the facts at your fingertips to help you select the best tool to match your requirements.
Among the many highlights of this comprehensive report, you will discover
- the critical success factors in software selection processes,
- the phases of a systematic software selection process,
- basics on software architecture regarding modern PM software, and
- descriptions of all the functions you can except from today's PM software tools.
The second section contains a detailed analysis of market-leading products based on over 300 criteria. Each product reviewed in this report is assessed based on the same criteria so that product comparisons can be made easily.
Die Arbeit beschäftigt sich mit dem Thema der Progressive Web App, dabei wird auf die Entwicklung und das Wirtschaftliche Potential eingegangen. Die Arbeit kann als Hilfestellung bei der Entscheidung, ob eine Progressive Web App in einem Unternehmen eingesetzt werden soll, dienen.
Organizations striving to achieve success in the long term must have a positive brand image which will have direct implications on the business. In the face of the rising cyber threats and intense competition, maintaining a threat-free domain is an important aspect of preserving that image in today's internet world. Domain names are often near-synonyms for brand names for numerous companies. There are likely thousands of domains that try to impersonate the big companies in a bid to trap unsuspecting users, usually falling prey to attacks such as phishing or watering hole. Because domain names are important for organizations for running their business online, they are also particularly vulnerable to misuse by malicious actors. So, how can you ensure that your domain name is protected while still protecting your brand identity? Brand Monitoring, for example, may assist. The term "Brand Monitoring" applies only to keep tabs on an organization's brand performance, reception, and overall online presence through various online channels and platforms [1]. There has been a rise in the need of maintaining one's domain clear of any linkages to malicious activities as the threat environment has expanded. Since attackers are targeting domain names of organizations and luring unsuspecting users to visit malicious websites, domain monitoring becomes an important aspect. Another important aspect of brand abuse is how attackers leverage brand logos in creating fake and phishing web pages. In this Master Thesis, we try to solve the problem of classification of impersonated domains using rule-based and machine learning algorithms and automation of domain monitoring. We first use a rule-based classifier and Machine Learning algorithms to classify the domains gathered into two buckets – "Parked" and "Non-Parked". In the project's second phase, we will deploy object detection models (Scale Invariant Feature Transform - SIFT and Multi-Template Matching – MTM) to detect brand logos from the domains of interest.
Implementation and Evaluation of an Assisting Fuzzer Harness Generation Tool for AUTOSAR Code
(2024)
The digitalization in vehicles tends to add more connectivity such as over-the-air (OTA) updates. To achieve this digitization, each ECU (Electronic Control Unit) becomes smarter and needs to support more and more different externally available protocols such as TLS, which increases the attack surface for attackers. To ensure the security of a vehicle, fuzzing has proven to be an effective method to discover memory-related security vulnerabilities. Fuzzing the software run- ning on a ECU is not an easy task and requires a harness written by a human. The author needs a deep understanding of the specific service and protocol, which is time consuming. To reduce the time needed by a harness author, this thesis aims to develop FuzzAUTO, the first assistant harness generation tool targeting the AUTOSAR (AUTomotive Open System ARchitecture) BSW (Basic Software) to support manual harness generation.
This essay is about Estonia’s measures to help its exporters responding to COVID-19. The purpose is to analyse the companies’ need for help measures and the governmental objectives behind the measures and finally to analyse the possible effects. We used the two latest surveys dealing with the entrepreneurship situation and conducted two inter-views with governmental representatives exposing their objectives. The outcomes show that more than half of Estonian companies are asking for governmental help mainly as a consequence of a drop of demand. Limiting the increase of unemployment and bankrupt-cies as well as strengthening the economic recovery were identified as the main govern-mental objectives while restraining fiscal costs is a subordinated objective but becomes more important the more money will be spent. The help measures offered by KredEx are in line with these objectives. After the crisis the implications of the established measures should be analysed so that others can learn from the Estonian Government’s approach.
The research employed HPTLC Pro System and other HPTLC instruments from CAMAG® to conduct various laboratory tests, aiming to compile a database for subsequent analyses. Utilizing MATLAB, distinct codes were developed to reveal patterns within analyzed biomasses and pyrolysis oils (sewage sludge, fermentation residue, paper sludge, and wood). Through meticulous visual and numerical analysis, shared characteristics among different biomasses and their respective pyrolysis oils were revealed, showcasing close similarities within each category. Notably, minimal disparity was observed in fermentation residue and wood biomasses with a similarity coefficient of 0.22. Similarly, for pyrolysis oils, the minimal disparity was found in fermentation residues 1 and 3, with a disparity coefficient of 1.41. Despite higher disparity coefficients in certain results, specific biomasses and pyrolysis oils, such as fermentation residue and sewage sludge, exhibited close similarities, with disparity coefficients of 0.18 and 0.55, respectively. The database, derived from triplicate experimentation, now serves as a valuable resource for rapid analysis of newly acquired raw materials. Additionally, the utility of HPTLC PRO as an investigation tool, enabling simultaneous analysis of up to five samples, was emphasized, although areas for improvement in derivatization methods were identified.
Threat Modeling is a vital approach to implementing ”Security by Design” because it enables the discovery of vulnerabilities and mitigation of threats during the early stage of the Software Development Life Cycle as opposed to later on when they will be more expensive to fix. This thesis makes a review of the current threat Modeling approaches, methods, and tools. It then creates a meta-model adaptation of a fictitious cloud-based shop application which is tested using STRIDE and PASTA to check for vulnerabilities, weaknesses, and impact risk. The Analysis is done using Microsoft Threat Modeling Tool and IriusRisk. Finally, an evaluation of the results is made to ascertain the effectiveness of the processes involved with highlights of the challenges in threat modeling and recommendations on how security developers can make improvements.
"Ad fontes!"
Francesco Petrarca (1301–1374)
In the beginning, there was an idea: the reconstruction of the first "Iron Hand" of the Franconian imperial knight Götz von Berlichingen (1480–1562). We found that with this historical prosthesis, simple actions for daily use, such as holding a wine glass, a mobile phone, a bicycle handlebar grip, a horse’s reins, or some grapes, are possible without effort. Controlling this passive artificial hand, however, is based on the help of a healthy second hand.
Researchers are developing new GNSS receivers and antennas based on an innovative signal-processing scheme to significantly improve GNSS tracking reliability and accuracy under degraded signal conditions. It is based on the principles of synthetic-aperture radar. Like in a multi-antenna phased array receiver, GNSS signals from different spatial locations are combined coherently forming an optimized synthetic antenna-gain pattern. The method is implemented in a real-time PC-based software receiver and works with GPS, GLONASS, and Galileo signals. Multiple frequencies are generally supported. The idea of synthetic-aperture processing is realized as a coherent summation of correlation values of each satellite over the so-called beamforming interval. Each correlation value is multiplied with a phase factor. For example, the phase factor can be chosen to compensate for the relative antenna motion over the beam-forming interval and the resulting sum of the scaled correlation values represents a coherent correlation value maximizing the line of sight signal power.
As information technology continues to advance at a rapid speed around the world, new difficulties emerge. The growing number of organizational vulnerabilities is among the most important issues. Finding and mitigating vulnerabilities is critical in order to protect an organization’s environment from multiple attack vectors.
The study investigates and comprehends the complete vulnerability management process from the standpoint of the security officer job role, as well as potential improvements. Few strategies are used to achieve efficient mitigation and the de- velopment of a process for tracking and mitigating vulnerabilities. As a result, a qualitative study is conducted in which the objective is to create a proposed vulner- ability and risk management process, as well as to develop a system for analyzing and tracking vulnerabilities and presenting the vulnerabilities in a graphical dash- board format. This thesis’s data was gathered through an organized literature study as well as through the use of various web resources. We explored numerous ap- proaches to analyze the data, such as categorizing the vulnerabilities every 30, 60, and 90 days to see whether the vulnerabilities were reoccurring or new. According to our findings, tracking vulnerabilities can be advantageous for a security officer.
We come to the conclusion that if an organization has a proper vulnerability tracking system and vulnerability management process, it can aid security officers in having a better understanding of and making plans for reducing vulnerabilities. In terms of system patching and vulnerability remediation, it will also assist the security officer in identifying areas of weakness in the process. As a result, the suggested ways provide an alternate approach to managing and tracking vulnerabilities in an effective manner, although there is still a small area that needs additional analysis and research to make it even better.
The goal of this thesis is to thoroughly investigate the concepts of stand-alone and decarbonization of optical fiber networks. Because of their dependability, fast speed, and capacity, optical fiber networks are vital inmodern telecommunications. Their considerable energy consumption and carbon emissions, on the other hand, constitute a danger to global sustainability objectives and must be addressed.
The first section of the thesis presents a summary of the current state of optical fiber networks, their
components, and the energy consumption connected with them. This part also goes over the difficulties of lowering energy usage and carbon emissions while preserving network performance and dependability.
The second section of the thesis focuses on the stand-alone idea, which entails powering the optical fiber network with renewable energy sources and energy-efficient technology. This section investigates and explores the possibilities of renewable energy sources like solar and wind power to power the network. It also investigates energy-efficient technologies like virtualization and cloud computing, as well as their potential to minimize network energy usage.
The third section of the thesis focuses on the notion of decarbonization, which entails lowering carbon emissions linked with the optical fiber network. This section looks at various carbon-reduction measures, such as employing low-carbon energy sources and improving energy efficiency. It also covers the relevance of carbon offsets and the difficulties associated with adopting decarbonization measures in the context of optical fiber networks.
The fourth section of the thesis compares the ideas of stand-alone and decarbonization. It investigates the advantages and disadvantages of each strategy, as well as their potential to minimize energy consumption and carbon emissions in optical fiber networks. It also explores the difficulties in applying these notions as well as potential hurdles to their wider adoption.
Finally, the need of addressing the energy consumption and carbon emissions connected with optical fiber networks is emphasized in this thesis.
It outlines important obstacles and potential impediments to adopting these initiatives and gives insights into potential ways for decreasing them.
It also makes suggestions for further study in this area.
Self-sufficient enzymes belong to the cytochrome P450 (CYP) group and are known for their superior hydroxylation catalytic activity. In the pursuit of identifying new pesticides to combat antimicrobial-resistant pathogens, we employed BM3 wild type (BM3-WT), the fastest monohydroxylating CYP, along with its seven homologs, to investigate the production of potential hydroxylated derivatives from the established pesticide, 4-oxocrotonic acid using high-pressure liquid chromatography (HPLC) method. Following the recombinant production of BM3-WT and three other homologs in E. coli, and their subsequent purification using Immobilized Metal Affinity Chromatography (IMAC), a novel enzyme assay approach was developed as a substitute for the carbon monoxide (CO) assay. This new method relied on the measurement of NADPH consumption at 340 nm by BM3-WT for palmitic acid. Leveraging this established technique, we explored the substrate specificity of BM3-WT and its homologs not only on palmitic acid but also on other structurally similar compounds, including 4-oxocrotonic acid. The results obtained from the established NADPH assay indicate that all tested enzymes displayed greater catalytic activity on 4-oxocrotonic acid in comparison to other substrates with similar structures. However, the impact of BM3-WT and its homologs on 4-oxocrotonic acid varied in terms of product specificity. Enzymes such as Poh, Trr and Bas-CYP D exhibited specificity in producing solely monohydroxylated products, while others tended to yield dehydroxylated and ketol metabolites.
This thesis deals with the implementation of the SUBSCALE algorithm in the Python programming language. First, the current state of research and the needs of the target group are considered. Then, the choice of language is decided based on the findings. On the basis of self-generated requirements, the implementation is carried out.
Finally, the code is evaluated for accuracy, consistency, and execution time, as well as its applicability in practice.
Since the implementation of the current work proved to be unconvincing, an approach is tested in which Python is used only as a front-end.
This study investigates the impact of global payroll outsourcing on organizational efficiency and cost reduction based on the analysis of diverse implications stemming from thirty one (31) survey results. The findings reveal multifaceted challenges and benefitsassociated with outsourcing global payroll processing.
The research also unveils the most benefits of global payroll outsourcing. Notably, there's a consensus on the reduction in time-to-process payroll, cost per payroll processed, and improved payroll accuracy rate. Outsourcing streamlines processes, enhances operational efficiency, and contributes to faster, more accurate financial reporting.
Despite these benefits and challenges, statistical analysis reveals weak correlations between outsourcing global payroll and cost reduction or improved efficiency in various parameters, indicating a lack of a significant relationship. Consequently, the results, suggest no substantial correlation between global payroll outsourcing and enhanced efficiency or cost reduction based on this study's data.
In the past ten years, applications of artificial neural networks have changed dramatically. outperforming earlier predictions in domains like robotics, computer vision, natural language processing, healthcare, and finance. Future research and advancements in CNN architectures, Algorithms and applications are expected to revolutionize various industries and daily life further. Our task is to find current products that resemble the given product image and description. Deep learning-based automatic product identification is a multi-step process that starts with data collection and continues with model training, deployment, and continuous improvement. The caliber and variety of the dataset, the design selected, and ongoing testing and improvement all affect the model's effectiveness. We achieved 81.47% training accuracy and 72.43% validation accuracy for our combined text and image classification model. Additionally, we have discussed the outcomes from the other dataset and numerous methods for creating an appropriate model.
The development of secure software systems is of ever-increasing importance. While software companies often invest large amounts of resources into the upkeeping and general security properties of large-scale applications when in production, they appear to neglect utilizing threat modeling in the earlier stages of the software development lifecycle. When applied during the design phase of development, and continuously during development iterations, threat modeling can help in following a “Security by Design” approach. This approach allows issues relating to IT security to be found early during development, reducing the need for later improvement – and thus saving resources in the long term. In this thesis the current state of threat modeling is investigated. Based on this analysis, requirements for a new tool are derived. These requirements are then used to develop a new tool, called OVVL, which utilizes all main components of current threat modeling methodologies, as well as functionality not available in existing solutions. After documenting the development process and OVVL in general, this newly developed tool is used to conduct two case studies in the field of e-commerce and IoT.
This Master's Thesis discusses intelligent sensor networks considering autonomous sensor placement strategies and system health management. Sensor networks for an intelligent system design process have been researched recently. These networks consist of a distributed collective of sensing units, each with the abilities of individual sensing and computation. Such systems can be capable of self-deployment and must be scalable, long-lived and robust. With distributed sensor networks, intelligent sensor placement for system design and online system health management are attractive areas of research. Distributed sensor networks also cause optimization problems, such as decentralized control, system robustness and maximization of coverage in a distributed system. This also includes the discovery and analysis of points of interest within an environment. The purpose of this study was to investigate a method to control sensor placement in a world with several sources and multiple types of information autonomously. This includes both controlling the movement of sensor units and filtering of the gathered information depending on individual properties to increase system performance, defined as a good coverage. Additionally, online system health management was examined in this study regarding the case of agent failures and autonomous policy reconfiguration if sensors are added to or removed from the system. Two different solution strategies were devised, one where the environment was fully observable, and one with only partial observability. Both strategies use evolutionary algorithms based on artificial neural networks for developing control policies. For performance measurement and policy evaluation, different multiagent objective functions were investigated. The results of the study show that in the case of a world with multiple types of information, individual control strategies performed best because of their abilities to control the movement of a sensor entity and to filter the sensed information. This also includes system robustness in case of sensor failures where other sensing units must recover system performance. Additionally, autonomous policy reconfiguration after adding or removing of sensor agents was successful. This highlights that intelligent sensor agents are able to adapt their individual control policies considering new circumstances.
The rapid pace of innovation and technological advancements has led to the emergence of start-up companies in various sectors. To remain competitive and sustainable, start-ups need to make informed business decisions that can enhance their operations and profitability. Business Intelligence (BI) has become an essential tool for businesses of all sizes in managing their operations and gaining a competitive edge.
This master thesis explores the role of Business Intelligence in start-up companies. The study aims to investigate the use of BI in start-up companies, the drivers and the inhibitors for its adoption and their relationship with price. The research conducted for this thesis involves a review of relevant literature on Business Intelligence, start-up companies, and related topics. The study also includes structured survey with entrepreneurs, start-up company executives, and BI experts to gain data for a quantitative analysis of the topic.
The thesis aims to contribute to the existing body of knowledge on Business Intelligence and its role in start-up companies. The research conducted for this thesis can be of value to start-up entrepreneurs, investors, and other stakeholders who seek to improve their understanding of the benefits and challenges of implementing BI in start-up companies.
Distributed Flow Control and Intelligent Data Transfer in High Performance Computing Networks
(2015)
This document contains my master thesis report, including problem definition, requirements, problem analysis, review of current state of the art, proposed solution,
designed prototype, discussions and conclusion.
During this work we propose a collaborative solution to run different types of operations in a broker-less network without relying on a central orchestrator.
Based on our requirements, we define and analyze a number of scenarios. Then we design a solution to address those scenarios using a distributed workflow management approach. We explain how we break a complicated operation into simpler parts and how we manage it in a non-blocking and distributed way. Then we show how we asynchronously launch them on the network and how we collect and aggregate results. Later on we introduce our prototype which demonstrates the proposed design.
Encryption techniques allow storing and transferring of sensitive information securely by using encryption at rest and encryption in transit, respectively. However, when computation is performed on these sensitive data, the data needs to be decrypted first and encrypted again after performing the computations. During the computations, the sensitive data becomes vulnerable to attackers as it's in decrypted form. Homomorphic encryption, a special type of encryption technique that allows computation on encrypted data can be used to solve the above-mentioned problem. The best way to achieve maximum security with homomorphic encryption is to perform at least the homomorphic encryption and decryption on the client side (browser) of a web application by not trusting the server. At present time there are many libraries with different homomorphic schemes available for homomorphic encryption. However, there are very few to no JavaScript libraries available to perform homomorphic encryption on the client side of any web application. This thesis mainly focuses on the JavaScript implementation of client-side homomorphic encryption. The fully homomorphic encryption scheme BFV is selected for the implementation. After implementing the fully homomorphic encryption scheme based on the “py-fhe” library, tests are also carried out in order to determine the applicability (in terms of time consumption, security and correctness) of this implementation in a web application by comparing the performance and security for different test cases and different settings.
In each company Top Managers have the responsibility to take major decisions that supports the success of their company, Adopting TQM is one of these decisions, the decision to carry out companies’ operations and procedures within TQM frameworks. (ASQ , n.d.). Applying TQM, involves implementing practices that needs putting extra efforts, otherwise there will be no use of the practices and the execution. (Nicca Jirah F Campos1, 2022).
Specifically in service sector, where the key to success and increased profit, comes directly through a satisfied customer. Therefor there is a need for both management and staff to have big tolerance and willingness to achieve the needed satisfaction, in order to attain the results that every company wants. (Charantimath, 2013)
In Germany in terms of customer care practices there is a famous stereotype ‘Customer is not the king’ A reputation That after DW investigated it, DW expressed it as a phenomenon where both expats and Germans tend to believe that service companies in Germany should do a better job of treating their consumers. (DW, 2016)
New concepts of business have emerged in the late century, for example strategy, leadership, marketing, entrepreneurship and others, these concepts spread internationally among most of the companies around the world. Many studies have been done reviewing these new business structures, some of them addressed the cultural differences within countries upon the applying them. But not many studies concentrated on taking into consideration how cultural differences affects the Implementation of TQM. (Lagrosen, 2002). It was concluded in general that although the comprehensive fundamentals of quality management are applicable and similar worldwide in all nations, but when coming to real practice accurate tunning must be made, it must be taken into account aligning different standards, due to different work cultures and traditions in Europe. (Krueger, 1999)
Truth is the first causality of war”, is a very often used statement. What rather intrigues the mind is what causes the causality of truth. If one dives deeper, one may also wonder why is this so-called truth the first target in a war. Who all see the truth before it dies. These questions rarely get answered as the media and general public tends to focus more on the human and economic losses in a war or war like situation. What many fail to realize is that these truthful pieces of information are critical to how a situation further develops. One correct information may change the course of the whole war saving millions and one mis-information may do the opposite.
Since its inception, some studies have been conducted to propose and develop new applications for OSINT in various fields. In addition to OSINT, Artificial Intelligence is a worldwide trend that is being used in conjunction witThe question here is, what is this information. Who transmits this and how? What is the source. Although, there has been an extensive use of the information provided by the secret services of any nation, which have come handy to many, another kind of information system is using the one that is publicly available, but in different pieces. This kind of information may come from people posting on social media, some publicly available records and much more. The key part in this publicly available information is that these are just pieces of information available across the globe from various different sources. This could be seen as small pieces of a puzzle that need to be put together to see the bigger picture. This is where OSINT comes in place.
h other areas (AI). AI is the branch of computer science that is in charge of developing intelligent systems. In terms of contribution, this work presents a 9-step systematic literature review as well as consolidated data to support future OSINT studies. It was possible to understand where the greatest concentration of publications was, which countries and continents developed the most research, and the characteristics of these publications using this information. What are the trends for the next OSINT with AI studies? What AI subfields are used with OSINT? What are the most popular keywords, and how do they relate to others over time?A timeline describing the application of OSINT is also provided. It was also clear how OSINT was used in conjunction with AI to solve problems in various areas with varying objectives. Private investigators and journalists are no longer the primary users of open-source intelligence gathering and analysis (OSINT) techniques. Approximately 80-90 percent of data analysed by intelligence agencies is now derived from publicly available sources. Furthermore, the massive expansion of the internet, particularly social media platforms, has made OSINT more accessible to civilians who simply want to trawl the Web for information on a specific individual, organisation, or product. The General Data Protection Regulation (GDPR) of the European Union was implemented in the United Kingdom in May 2018 through the new Data Protection Act, with the goal of protecting personal data from unauthorised collection, storage, and exploitation. This document presents a preliminary review of the literature on GDPR-related work.
The reviewed literature is divided into six sections: ’What is OSINT?’, ’What are the risks?’ and benefits of OSINT?’, ’What is the rationale for data protection legislation?’, ’What are the current legislative frameworks in the UK and Europe?’, ’What is the potential impact of the GDPR on OSINT?’, and ’Have the views of civilian and commercial stakeholders been sought and why is this important?’. Because OSINT tools and techniques are available to anyone, they have the unique ability to be used to hold power accountable. As a result, it is critical that new data protection legislation does not impede civilian OSINT capabilities.
In this paper we see how OSINT has played an important role in the wars across the globe in the past. We also see how OSINT is used in our everyday life. We also gain insights on how OSINT is playing a role in the current war going on between Russia and Ukraine. Furthermore, we look into some of these OSINT tools and how they work. We also consider a use case where OSINT is used as an anti terrorism tool. At the end, we also see how OSINT has evolved over the years, and what we can expect in the future as to what OSINT may look like.
As the Industry 4.0 is evolving, the previously separated Operational Technology (OT) and Information Technology (IT) is converging. Connecting devices in the industrial setting to the Internet exposes these systems to a broader spectrum of cyber-attacks. The reason is that since OT does not have much security measures as much as IT, it is more vulnerable from the attacker's perspective. Another factor contributing to the vulnerability of OT is that, when it comes to cybersecurity, industries have focused on protecting information technology and less prioritizing the control systems. The consequences of a security breach in an OT system can be more adverse as it can lead to physical damage, industrial accidents and physical harm to human beings. Hence, for the OT networks, certificate-based authentication is implemented. This involves stages of managing credentials in their communication endpoints. In the previous works of ivESK, a solution was developed for managing credentials. This involves a CANopen-based physical demonstrator where the certificate management processes were developed. The extended feature set involving certificate management will be based on the existing solution. The thesis aims to significantly improve such a solution by addressing two key areas that is enhancing functionality and optimizing real-time performance. Regarding the first goal, firstly, an analysis of the existing feature set shall be carried out, where the correct functionality shall be guaranteed. The limitations from the previously implemented system will be addressed and to make sure it can be applied to real world scenarios, it will be implemented and tested in the physical demonstrator. This will lay a concrete foundation that these certificate management processes can be used in the industries in large-scale networks. Implementation of features like revocation mechanism for certificates, automated renewal of the credentials and authorization attribute checks for the certificate management will be implemented. Regarding the second goal, the impact of credential management processes on the ongoing CANopen real-time traffic shall be a studied. Since in real life scenarios, mission-critical applications like Industrial control systems, medical devices, and transportation networks rely on real-time communication for reliable operation, delays or disruptions caused by credential management processes can have severe consequences. Optimizing these processes is crucial for maintaining system integrity and safety. The effect to minimize the disturbance of the credential management processes on the normal operation of the CANopen network shall be characterized. This shall comprise testing real-time parameters in the network such as CPU load, network load and average delay. Results obtained from each of these tests will be studied.
Strong security measures are required to protect sensitive data and provide ongoing service as a result of the rising reliance on online applications for a range of purposes, including e-commerce, social networking, and commercial activities. This has brought to light the necessity of strengthening security measures. There have been multiple incidents of attackers acquiring access to information, holding providers hostage with distributed denial of service attacks, or accessing the company’s network by compromising the application.
The Bundesamt für Sicherheit in der Informationstechnik (BSI) has published a comprehensive set of information security principles and standards that can be utilized as a solid basis for the development of a web application that is secure.
The purpose of this thesis is to build and construct a secure web application that adheres to the requirements established in the BSI guideline. This will be done in order to answer the growing concerns regarding the security of web applications. We will also evaluate the efficacy of the recommendations by conducting security tests on the prototype application and determining whether or not the vulnerabilities that are connected with a web application that is not secure have been mitigated.
The core logging and tracing facility in Windows operating system is called Event Tracing for Windows (ETW).
Data sources providing events for ETW are instrumented all over the operating system.
That means most hard- and software assets in a Windows system are instrumented with ETW and so are able to contribute low-level information.
ETW can be used by developers and administrators to get low-level information about operating system's activity.
We describe existing tools to interact with the ETW faciltity and evaluate them based on defined criteria.
Based on relevant application scenarios, we show the richness of informational content for debugging or detecting security incidents with ETW.
The widely used instrumentation of ETW in the operating system and its application results also in security risks according to confidentiality.
Based on common ETW providers we show the impact to confidentiality what ETW offers an adversary.
At the end we evaluate solutions and approaches for a customizable telemetry infrastructure using ETW in large-scale environments.
This work addresses the conceptualization, design, and implementation of an Application Programming Interface (API) for the Common Security Advisory Framework (CSAF) 2.0, introducing another method for distributing CSAF documents in addition to two already existing methods. These don't allow the use of flexible queries as well as filtering, which makes it difficult for operators of software and hardware to use CSAF. An API is intended to simplify this process and thus advance the automation goal of CSAF.
First, it is evaluated whether the current standard allows the implementation of an API. Any conflicts are highlighted and suggestions for standard adaptations are made. Based on these results, the API is designed to meet the previously defined requirements. Subsequently, a proof of concept is successfully developed according to the design and extensively tested with specially prepared test data. Finally, the results and the necessary standard adjustments are summarized and justified.
The conceptual design and the implementation were successfully completed. However, during the implementation of the proof of concept, some routes could not be fully implemented.
The advantages of the coupling-of-modes (COM) formalism and the transmission-matrix approach are combined to create exact and computationally efficient analysis and synthesis CAD tools for the design of SAW-resonator filters. The models for the filter components, especially gratings, interdigital transducers (IDTs). and multistrip couplers (MSCs), are based on the COM approach, which delivers closed-form expressions. In order to determine the relevant COM parameters, the integrated COM differential equations are compared with analytically derived expressions from the transmission-matrix approach. The most important second-order effects such as energy storage, propagation loss and mechanical and electrical loading are fully taken into account. As an example, the authors investigate a two-pole, acoustically coupled resonator filter at 914.5 MHz on AT quartz. Excellent agreement between theory and measurement is found.
Garbage in, Garbage out: How does ambiguity in data affect state-of-the-art pedestrian detection?
(2024)
This thesis investigates the critical role of data quality in computer vision, particularly in the realm of pedestrian detection. The proliferation of deep learning methods has emphasised the importance of large datasets for model training, while the quality of these datasets is equally crucial. Ambiguity in annotations, arising from factors like mislabelling, inaccurate bounding box geometry and annotator disagreements, poses significant challenges to the reliability and robustness of the pedestrian detection models and their evaluation. This work aims to explore the effects of ambiguous data on model performance with a focus on identifying and separating ambiguous instances, employing an ambiguity measure utilizing annotator estimations of object visibility and identity. Through accurate experimentation and analysis, trade-offs between data cleanliness and representativeness, noise removal and retention of valuable data emerged, elucidating their impact on performance metrics like the log average miss-rate, recall and precision. Furthermore, a strong correlation between ambiguity and occlusion was discovered with higher ambiguity corresponding to greater occlusion prevalence. The EuroCity Persons dataset served as the primary dataset, revealing a significant proportion of ambiguous instances with approximately 8.6% ambiguity in the training dataset and 7.3% in the validation set. Results demonstrated that removing ambiguous data improves the log average miss-rate, particularly by reducing the false positive detections. Augmentation of the training data with samples from neighbouring classes enhanced the recall but diminished precision. Error correction of wrong false positives and false negatives significantly impacts model evaluation results, as evidenced by shifts in the ECP leaderboard rankings. By systematically addressing ambiguity, this thesis lays the foundation for enhancing the reliability of computer vision systems in real-world applications, motivating the prioritisation of developing robust strategies to identify, quantify and address ambiguity.