Refine
Year of publication
- 2019 (3) (remove)
Document Type
- Bachelor Thesis (3) (remove)
Language
- English (3) (remove)
Has Fulltext
- yes (3)
Is part of the Bibliography
- no (3) (remove)
Keywords
- Bedrohungsanalyse (1)
- Event Tracing for Windows (1)
- Logging (1)
- Material Flow (1)
- STRIDE (1)
- Software Architecture (1)
- Telemetry (1)
- Threat Modeling (1)
- Verteiltes System (1)
- Web Development (1)
- Web-Entwicklung (1)
- Windows (1)
Institute
Open Access
- Closed Access (2)
- Open Access (1)
This paper describes a project absolved to increase the material flow through the LTCC production of the Bosch Anderson Plant in South Carolina, USA. To archive this goal the regarded value stream is introduced first. The bottleneck, which is limiting the material flow is found and eliminated in order to increase the output of the machine and consequently improve the material flow through the whole value stream. The completed projects made for this purpose result in a 13% increase. To control the material flow the inventory sizes are determined. The inventories, from which the size is desired to be determined, include climatization processes to dry the pastes that are applied in the previous process steps. Therefore, a separation of the parts in the production process climatization and the buffer is necessary first. After that the buffer can be eliminated and the inventory areas minimized. The results are smaller and controlled buffer sizes that make part of the floor space unnecessary. A welcomed side effect is the solution to a production problem of warped parts because of too long climatization times. Observations over time show that the results of the buffer limitations are just right to improve the material flow through the LTCC production.
The core logging and tracing facility in Windows operating system is called Event Tracing for Windows (ETW).
Data sources providing events for ETW are instrumented all over the operating system.
That means most hard- and software assets in a Windows system are instrumented with ETW and so are able to contribute low-level information.
ETW can be used by developers and administrators to get low-level information about operating system's activity.
We describe existing tools to interact with the ETW faciltity and evaluate them based on defined criteria.
Based on relevant application scenarios, we show the richness of informational content for debugging or detecting security incidents with ETW.
The widely used instrumentation of ETW in the operating system and its application results also in security risks according to confidentiality.
Based on common ETW providers we show the impact to confidentiality what ETW offers an adversary.
At the end we evaluate solutions and approaches for a customizable telemetry infrastructure using ETW in large-scale environments.
The development of secure software systems is of ever-increasing importance. While software companies often invest large amounts of resources into the upkeeping and general security properties of large-scale applications when in production, they appear to neglect utilizing threat modeling in the earlier stages of the software development lifecycle. When applied during the design phase of development, and continuously during development iterations, threat modeling can help in following a “Security by Design” approach. This approach allows issues relating to IT security to be found early during development, reducing the need for later improvement – and thus saving resources in the long term. In this thesis the current state of threat modeling is investigated. Based on this analysis, requirements for a new tool are derived. These requirements are then used to develop a new tool, called OVVL, which utilizes all main components of current threat modeling methodologies, as well as functionality not available in existing solutions. After documenting the development process and OVVL in general, this newly developed tool is used to conduct two case studies in the field of e-commerce and IoT.