Refine
Year of publication
Document Type
- Master's Thesis (24)
- Bachelor Thesis (16)
- Study Thesis (1)
Language
- English (41) (remove)
Has Fulltext
- yes (41)
Is part of the Bibliography
- no (41) (remove)
Keywords
- IT-Sicherheit (4)
- security (3)
- Analysis (2)
- Deep learning (2)
- Identitätsverwaltung (2)
- Maschinelles Lernen (2)
- Modellieren (2)
- 6LoWPAN (1)
- AUTOSAR (1)
- Access Management (1)
Institute
- Fakultät Medien (M) (ab 22.04.2021) (16)
- Fakultät Maschinenbau und Verfahrenstechnik (M+V) (11)
- Fakultät Elektrotechnik und Informationstechnik (E+I) (bis 03/2019) (5)
- Fakultät Elektrotechnik, Medizintechnik und Informatik (EMI) (ab 04/2019) (5)
- Fakultät Medien und Informationswesen (M+I) (bis 21.04.2021) (3)
- Fakultät Wirtschaft (W) (2)
- ivESK - Institut für verlässliche Embedded Systems und Kommunikationselektronik (2)
- INES - Institut für nachhaltige Energiesysteme (1)
- IfTI - Institute for Trade and Innovation (1)
Open Access
- Closed Access (41) (remove)
This thesis focuses on the development and implementation of a Datagram Transport Layer Security (DTLS) communication framework within the ns-3 network simulator, specifically targeting the LoRaWAN model network. The primary aim is to analyse the behaviour and performance of DTLS protocols across different network conditions within a LoRaWAN context. The key aspects of this work include the following.
Utilization of ns-3: This thesis leverages ns-3’s capabilities as a powerful discrete event network simulator. This platform enables the emulation of diverse network environments, characterized by varying levels of latency, packet loss, and bandwidth constraints.
Emulation of Network Challenges: The framework specifically addresses unique challenges posed by certain network configurations, such as duty cycle limitations. These constraints, which limit the time allocated for data transmission by each device, are crucial in understanding the real-world performance of DTLS protocols.
Testing in Multi-client-server Scenarios: A significant feature of this framework is its ability to test DTLS performance in complex scenarios involving multiple clients and servers. This is vital for assessing the behaviour of a protocol under realistic network conditions.
Realistic Environment Simulation: By simulating challenging network conditions, such as congestion, limited bandwidth, and resource constraints, the framework provides a realistic environment for thorough evaluation. This allows for a comprehensive analysis of DTLS in terms of security, performance, and scalability.
Overall, this thesis contributes to a deeper understanding of DTLS protocols by providing a robust tool for their evaluation under various and challenging network conditions.
Implementation and Evaluation of an Assisting Fuzzer Harness Generation Tool for AUTOSAR Code
(2024)
The digitalization in vehicles tends to add more connectivity such as over-the-air (OTA) updates. To achieve this digitization, each ECU (Electronic Control Unit) becomes smarter and needs to support more and more different externally available protocols such as TLS, which increases the attack surface for attackers. To ensure the security of a vehicle, fuzzing has proven to be an effective method to discover memory-related security vulnerabilities. Fuzzing the software run- ning on a ECU is not an easy task and requires a harness written by a human. The author needs a deep understanding of the specific service and protocol, which is time consuming. To reduce the time needed by a harness author, this thesis aims to develop FuzzAUTO, the first assistant harness generation tool targeting the AUTOSAR (AUTomotive Open System ARchitecture) BSW (Basic Software) to support manual harness generation.
Privacy is the capacity to keep some things private despite their social repercussions. It relates to a person’s capacity to control the amount, time, and circumstances under which they disclose sensitive personal information, such as a person’s physiology, psychology, or intelligence. In the age of data exploitation, privacy has become even more crucial. Our privacy is now more threatened than it was 20 years ago, outside of science and technology, due to the way data and technology highly used. Both the kinds and amounts of information about us and the methods for tracking and identifying us have grown a lot in recent years. It is a known security concern that human and machine systems face privacy threats. There are various disagreements over privacy and security; every person and group has a unique perspective on how the two are related. Even though 79% of the study’s results showed that legal or compliance issues were more important, 53% of the survey team thought that privacy and security were two separate things. Data security and privacy are interconnected, despite their distinctions. Data security and data privacy are linked with each other; both are necessary for the other to exist. Data may be physically kept anywhere, on our computers or in the cloud, but only humans have authority over it. Machine learning has been used to solve the problem for our easy solution. We are linked to our data. Protect against attackers by protecting data, which also protects privacy. Attackers commonly utilize both mechanical systems and social engineering techniques to enter a target network. The vulnerability of this form of attack rests not only in the technology but also in the human users, making it extremely difficult to fight against. The best option to secure privacy is to combine humans and machines in the form of a Human Firewall and a Machine Firewall. A cryptographic route like Tor is a superior choice for discouraging attackers from trying to access our system and protecting the privacy of our data There is a case study of privacy and security issues in this thesis. The problems and different kinds of attacks on people and machines will then be briefly talked about. We will explain how Human Firewalls and machine learning on the Tor network protect our privacy from attacks such as social engineering and attacks on mechanical systems. As a real-world test, we will use genomic data to try out a privacy attack called the Membership Inference Attack (MIA). We’ll show Machine Firewall as a way to protect ourselves, and then we’ll use Differential Privacy (DP), which has already been done. We applied the method of Lasso and convolutional neural networks (CNN), which are both popular machine learning models, as the target models. Our findings demonstrate a logarithmic link between the desired model accuracy and the privacy budget.
As the population grows, so does the amount of biowaste. As demand for energy grows, biogas is a promising solution to the problem. Lignocellulosic materials are challenged of slow degradability due to the presence of polymers such as cellulose, lignin and hemicellulose. There are several pretreatment methods available to enhance the degradability of such materials, including enzymatic pretreatment. In this pretreatment, there are few parameters that can influence the results, the most important being the enzyme to solid ratio and the solid to liquid ratio. During this project, experiments were conducted to determine the optimal conditions for those two factors. It was discovered that a solid to liquid ratio of 31 g of buffer per 1 gram of organic dry matter produced the highest reducing sugar release in flasks when combined with 34 mg of protein per 1 gram of organic dry mass. Additionally, another experiment was carried out to investigate the impact of enzymatic pretreatment on biogas production using artificial biowaste as a substrate. Artificial biowaste produced 577,9 NL/kg oDM, while enzymatically pretreated biowaste produced 639,3 NL/kg oDM. This resulted in a 10,6% rise in cumulative biogas production compared to its use without enzymatic pretreatment. By the conclusion of the investigation, specific cumulative dry methane yields of 364,7 NL/kg oDM and 426,3 NL/kg oDM were obtained from artificial biowaste without and with enzymatic pretreatment, respectively. This resulted in a methane production boost of 16,9%. Additionally in case of the reactors with enzymatically pretreated substrate kinetic constant was lower more than double, where maximum volume of biogas increased, comparing to the reactors without enzymatic pretreatment.
One of the main problematics of the seals tests is the time and money consuming they are. Up to now, there are few tries to do a digitalisation of a test where the seals behaviour can be known.
This work aims to digitally reproduce a seal test to extract their behaviour when working under different operation conditions to see their impact on the pimp’s efficiency. In this thesis, due to the Lomaking effect, the leakage and the forces applied on the stator will be the base of analysis.
First of all, among all the literature available for very different kind of seals and inner patterns, it has been chosen the most appropriate and precise data. The data chosen is “Test results for liquid Damper Seals using a Round-Hole Roughness Pattern for the Stator” from Fayolle, P. and “Static and Rotordynamic Characteristics of Liquid Annular Seals with Circumferentially/Grooved Stator and Smooth Rotor using three levels of circumferential Inlet-Fluid” from Torres J.M.
From the literature, dimensions of the test rig and the seals will be extracted to model them into a 3D CAD software. With the 3D CAD digitalisation, the fluid volumes for a rotor-centred position, meaning without eccentricity, will be extracted, and used. The following components have been modelled:
- Smooth Annular Liquid Seal (Grooved Rotor)
- Grooved Annular Liquid Seal (Smooth Rotor)
- Round-Hole Pattern Annular Liquid Seal (𝐻𝑑=2 𝑚𝑚) (Smooth Rotor)
- Straight Honeycomb Annular Liquid Seal (Smooth Rotor)
- Convergent Honeycomb Annular Liquid Seal (Smooth Rotor)
- Smooth Rotor / Smooth Annular Liquid Seal (Smooth Rotor)
As there is just one test rig, all the components have been adapted to the different dimensions of the seals by referencing some measures. This allows to test any seal with the same test rig.
Afterwards a CFD simulation that will be used to obtain leakage and stator forces. The parameters that will be changed are the rotational velocity of the fluid (2000 rpm, 4000 rpm, and 6000 rpm) and the pressure drop (2,068 bar, 4,137 bar, 6,205 bar, and 8,274 bar).
Those results will be compared to the literature ones, and they will determine if digitalisation can be validated or not. Even though the relative error is higher than 5% but the tendency is the same and it is thought that by changing some parameters the test results can be even closer to the literature ones.
To date, many experiments have been performed to study how the internal geometrical shapes of the annular liquid seal can reduce internal leakage and increase pump efficiency. These can be time-consuming and expensive as all rotordynamic coefficients must be determined in each case.
Nowadays, accurate simulation methods to calculate rotordynamic coefficients of annular seals are still rare. Therefore, new numerical methods must be designed and validated for annular seals.
The present study aims to contribute to this labour by providing a summary of the available test rig and seals dimensions and experimental results obtained in the following experiments:
− Kaneko, S et al., Experimental Study on Static and Dynamic Characteristics of Liquid Annular Convergent-Tapered Seals with Honeycomb Roughness Pattern (2003) [1] − J. Alex Moreland, Influence of pre-swirl and eccentricity in smooth stator/grooved rotor liquid annular seals, static and rotordynamic characteristics (2016) [2]
A 3D CAD simulation with Siemens NX Software of the test rig used in J. Alex Moreland’s experiment has been made. The following annular liquid seals have also been 3D modelled, as well as their fluid volume:
− Smooth Annular Liquid Seal (SS/GR) (J. Alex Moreland experiment)
− Grooved Annular Liquid Seal (GS/SR)
− Round-Hole Pattern Annular Liquid Seal (𝐻𝑑=2 mm) (GS/SR)
− Straight Honeycomb Annular Liquid Seal (GS/SR)
− Convergent Honeycomb Annular Liquid Seal (No. 3) (GS/SR)
− Smooth Annular Liquid Seal (SS/SR) (S. Kaneko experiment)
In the case of the seals used in S. Kaneko’s experiments, the test rig has been adapted to each seal, defining interpart expressions which can be easily modified.
Afterwards, it has been done a CFD simulation of the Smooth Annular Liquid Seal using Ansys CFX Software. To do so, the fluid volume geometry has been simplified to do a first approximation. Results have been compared for an eccentricity 𝜀0=0.00 for the following ranges of rotor speeds and differential of pressure:
− Δ𝑃= 2.07, 4.14, 6.21, and 8.27 bar,
− 𝜔= 2, 4, 6 and 8 krpm.
Even results obtained have the same trend as the one proportionated by the literature, they cannot be validated as the error is above 5%. It is also observed that as the pressure drop increases, the relative error decreases considerably.
Much of the research in the field of audio-based machine learning has focused on recreating human speech via feature extraction and imitation, known as deepfakes. The current state of affairs has prompted a look into other areas, such as the recognition of recording devices, and potentially speakers, by only analysing sound files. Segregation and feature extraction are at the core of this approach.
This research focuses on determining whether a recorded sound can reveal the recording device with which it was captured. Each specific microphone manufacturer and model, among other characteristics and imperfections, can have subtle but compounding effects on the results, whether it be differences in noise, or the recording tempo and sensitivity of the microphone while recording. By studying these slight perturbations, it was found to be possible to distinguish between microphones based on the sounds they recorded.
After the recording, pre-processing, and feature extraction phases we completed, the prepared data was fed into several different machine learning algorithms, with results ranging from 70% to 100% accuracy, showing Multi-Layer Perceptron and Logistic Regression to be the most effective for this type of task.
This was further extended to be able to tell the difference between two microphones of the same make and model. Achieving the identification of identical models of a microphone suggests that the small deviations in their manufacturing process are enough of a factor to uniquely distinguish them and potentially target individuals using them. This however does not take into account any form of compression applied to the sound files, as that may alter or degrade some or most of the distinguishing features that are necessary for this experiment.
Building on top of prior research in the area, such as by Das et al. in in which different acoustic features were explored and assessed on their ability to be used to uniquely fingerprint smartphones, more concrete results along with the methodology by which they were achieved are published in this project’s publicly accessible code repository.
Estimation and projecting total steel industry production costs from 2019 to 2030 for Germany
(2023)
This thesis analyses the total production cost of the German steel industry from 2019 to 2022, as well as a projection of the German steel industry's total production cost until 2030. The research separates the costs of steel production into their primary components, such as raw materials, energy, CO2 cost, capital expenses and operating expenses. The cost of steel production is determined separately for primary steelmaking with the blast furnace and basic oxygen furnace (BF-BOF) and secondary steelmaking with the electric arc furnace (EAF).
The analysis indicates that, following the COVID-19 disaster and the fuel crisis, the overall cost of producing steel in Germany has progressively risen over the previous few years, reaching its peak in the first half of 2022. In addition, there are considerable disparities between the production costs of primary and secondary steelmaking processes, with primary steelmaking generally being more expensive.
In this analysis, the total cost of production for the German steel industry in the year 2030 has been estimated by taking into account historical trends as well as other predictions that are currently available.
This thesis provides overall insights on the economics of the German steel sector. By giving thorough information on production costs and changes over time, this research can assist guide crucial future investment decisions in this essential industry. To ensure long-term success, our findings emphasize the significance of investing in more sustainable and ecologically friendly steel production processes.
Cloud computing is a combination of technologies, including grid computing and distributed computing, that use the Internet as a network for service delivery. Organizations can select the price and service models that best accommodate their demands and financial restrictions. Cloud service providers choose the pricing model for their cloud services, taking the size, usage, user, infrastructure, and service size into account. Thus, cloud computing’s economic and business advantages are driving firms to shift more applications to the cloud, boosting future development. It enlarges the possibilities of current IT systems.
Over the past several years, the ”cloud computing” industry has exploded in popularity, going from a promising business concept to one of the fastest expanding areas of the IT sector. Most enterprises are hosting or installing web services in a cloud architecture for management simplicity and improved availability. Virtual environments are applied to accomplish multi-tenancy in the cloud. A vulnerability in a cloud computing environment poses a direct threat to the users’ privacy and security. In our digital age, the user has many identities. At all levels, access rights and digital identities must be regulated and controlled.
Identity and access management(IAM) are the process of managing identities and regulating access privileges. It is considered as a front-line soldier of IT security. It is the goal of identity and access management systems to protect an organization’s assets by limiting access to just those who need it and in the appropriate cases. It is required for all businesses with thousands of users and is the best practice for ensuring user access control. It identifies, authenticates, and authorizes people to access an organization’s resources. This, in turn, enhances access management efficiency. Authentication, authorization, data protection, and accountability are just a few of the areas in which cloud-based web services have security issues. These features come under identity and access management.
The implementation of identity and access management(IAM) is essential for any business. It’s becoming more and more business-centric, so we need more than technical know-how to succeed. Organizations may save money on identity management and, more crucially, become much nimbler in their support of new business initiatives if they have developed sophisticated IAM capabilities. We used these features of identity and access management to validate the robustness of the cloud computing environment with a comparison of traditional identity and access management.
The current thesis conducts the study on the integration of digitalization techniques aimed at improving energy supply efficiency in off-grid energy systems. The primary objective is to fortify the security of energy supply in remote areas, particularly in instances of adverse weather conditions, unanticipated changes in load and fluctuations in the performance of renewable energy systems. This objective is to be achieved through the implementation of a smart load management strategy in stand-alone photovoltaic systems (SAPVS). This strategy involves deployment of forecasting algorithms on an edge device that operates with limited processing resources in an environment characterized for the lack of internet connection. The edge device is designed to interact with a smart home gateway that prioritizes, and schedules smart appliances based on the forecasted state of charge (SOC) in the 36-hours ahead of the SAPVS operation (the implementation of the loads schedule deployed on the Home Assistant device is out of the scope of the tasks implemented for this project).
The edge device, developed using a Raspberry Pi 3B+, was specifically intended for being implemented along with a SAPVS, in remote areas such as health stations in Africa and tropical islands, providing communities with a reliable source of electrical energy. The deployment of the strategy was carried out in four phases. The first phase involved the implementation of an Extraction-Transformation-Load (ETL) pipeline, where data was gathered from various heterogeneous hardware sources of an implemented test system that served as the enabler and testbench of this research, this test stand is composed of power electronics components such as an inverter, a MPPT solar charge controller, a smart meter, and a BOS LiFePo4 battery prototype. In the transformation stage, a data model was developed to identify the most critical parameters of the energy system, and to eliminate outliers and null values. In the load stage, a local SQL database was established for saving and structuring the data gathered and to ensure high-quality data with defined units and casting.
The second phase involved data analysis to identify the relevant features and potential exogenous variables for the forecasting model to implement. In the third phase, an Auto Regressive Moving Average (ARMA) model with two selected exogenous variables was implemented to forecast the AC load consumption profile for the 36- hours ahead of the off-grid system operation. The final phase involved the information exchange with the Home Assistant device, by transferring to it from the edge device the battery SOC present value and the predicted 36-hour ahead AC load profile information for prioritization and scheduling of loads; this through an MQTT interface.
The outcome of the experiment was a successful deployment of a data engineering and data forecasting approach that enabled data quality strategy implementation, local database storage, and forecasting algorithms on a processing and internet-constrained edge device. The interface with a home assistant implementation resulted in the successful execution of smart load management endeavors in an off-grid system, thereby enhancing the energy security of supply and contributing to the advancement of data-driven strategies in the rural electrification sector.
This thesis emphasizes the significance of digitalization strategies in smart SAPVS and highlights the potential of edge computing solutions in achieving seamless energy management in smart homes.
The Internet of Things is spreading significantly in every sector, including the household, a variety of industries, healthcare, and emergency services, with the goal of assisting all of those infrastructures by providing intelligent means of service delivery. An Internet of Vulnerabilities (IoV) has emerged as a result of the pervasiveness of the Internet of Things (IoT), which has led to a rise in the use of applications and devices connected to the IoT in our day-to-day lives. The manufacture of IoT devices are growing at a rapid pace, but security and privacy concerns are not being taken into consideration. These intelligent Internet of Things devices are especially vulnerable to a variety of attacks, both on the hardware and software levels, which leaves them exposed to the possibility of use cases. This master’s thesis provides a comprehensive overview of the Internet of Things (IoT) with regard to security and privacy in the area of applications, security architecture frameworks, a taxonomy of various cyberattacks based on various architecture models, such as three-layer, four-layer, and five-layer. The fundamental purpose of this thesis is to provide recommendations for alternate mitigation strategies and corrective actions by using a holistic rather than a layer-by-layer approach. We discussed the most effective solutions to the problems of privacy and safety that are associated with the Internet of Things (IoT) and presented them in the form of research questions. In addition to that, we investigated a number of further possible directions for the development of this research.
As cyber threats continue to evolve, it is becoming increasingly important for organizations to have a Security Operations Center (SOC) in place to effectively defend against them. However, building and maintaining a SOC can be a daunting task without clear guidelines, policies, and procedures in place. Additionally, most current SOC solutions used by organizations are outdated, lack key features and integrations, and are expensive to maintain and upgrade. Moreover, proprietary solutions can lead to vendor lock-in, making it difficult to switch to a different solution in the future.
To address these challenges, this thesis proposes a comprehensive SOC framework and an open-source SOC solution that provides organizations with a flexible and cost-effective way to defend against modern cyber threats. The research methodology involved conducting a thorough literature review of existing literature and research on building and maintaining a SOC, including using SOC as a service. The data collected from the literature review was analyzed to identify common themes, challenges, and best practices for building and maintaining a SOC.
Based on the data collected, a comprehensive framework for building and maintaining a SOC was developed. The framework addresses essential areas such as the scope and purpose of the SOC, governance and leadership, staffing and skills, technologies and tools, processes and procedures, service level agreements (SLAs), and evaluation and measurement. This framework provides organizations with the necessary guidance and resources to establish and effectively operate a SOC, as well as a reference for evaluating the service provided by SOC service providers.
In addition to the SOC framework, a modern open-source SOC solution was developed, which emphasizes several key measures to help organizations defend against modern cyber threats. These measures include real-time, actionable threat intelligence, rapid and effective incident response, continuous security monitoring and alerting, automation, integration, and customization. The use of open-source technologies and a modular architecture makes the solution cost-effective, allowing organizations to scale it up or down as needed.
Overall, the proposed SOC framework and open-source SOC solution provide organizations with a comprehensive and systematic approach for building and maintaining a SOC that is aligned with the needs and objectives of the organization. The open-source SOC solution provides a flexible and cost-effective way to defend against modern cyber threats, helping organizations to effectively operate their SOC and reduce their risk of security incidents and breaches.
Organizations striving to achieve success in the long term must have a positive brand image which will have direct implications on the business. In the face of the rising cyber threats and intense competition, maintaining a threat-free domain is an important aspect of preserving that image in today's internet world. Domain names are often near-synonyms for brand names for numerous companies. There are likely thousands of domains that try to impersonate the big companies in a bid to trap unsuspecting users, usually falling prey to attacks such as phishing or watering hole. Because domain names are important for organizations for running their business online, they are also particularly vulnerable to misuse by malicious actors. So, how can you ensure that your domain name is protected while still protecting your brand identity? Brand Monitoring, for example, may assist. The term "Brand Monitoring" applies only to keep tabs on an organization's brand performance, reception, and overall online presence through various online channels and platforms [1]. There has been a rise in the need of maintaining one's domain clear of any linkages to malicious activities as the threat environment has expanded. Since attackers are targeting domain names of organizations and luring unsuspecting users to visit malicious websites, domain monitoring becomes an important aspect. Another important aspect of brand abuse is how attackers leverage brand logos in creating fake and phishing web pages. In this Master Thesis, we try to solve the problem of classification of impersonated domains using rule-based and machine learning algorithms and automation of domain monitoring. We first use a rule-based classifier and Machine Learning algorithms to classify the domains gathered into two buckets – "Parked" and "Non-Parked". In the project's second phase, we will deploy object detection models (Scale Invariant Feature Transform - SIFT and Multi-Template Matching – MTM) to detect brand logos from the domains of interest.
Even though the internet has only been there for a short period, it has grown tremendously. To- day, a significant portion of commerce is conducted entirely online because of increased inter- net users and technological advancements in web construction. Additionally, cyberattacks and threats have expanded significantly, leading to financial losses, privacy breaches, identity theft, a decrease in customers’ confidence in online banking and e-commerce, and a decrease in brand reputation and trust. When an attacker pretends to be a genuine and trustworthy institution, they can steal private and confidential information from a victim. Aside from that, phishing has been an ongoing issue for a long time. Billions of dollars have been shed on the global economy. In recent years, there has been significant progress in the development of phishing detection and identification systems to protect against phishing attacks. Phishing detection technologies frequently produce binary results, i.e., whether a phishing attempt was made or not, with no explanation. On the other hand, phishing identification methodologies identify phishing web- pages by visually comparing webpages with predetermined authentic references and reporting phishing together with its target brand, resulting in findings that are understandable. However, technical difficulties in the field of visual analysis limit the applicability of currently available solutions, preventing them from being both effective (with high accuracy) and efficient (with little runtime overhead). Here, we evaluate existed framework called Phishpedia. This hybrid deep learning system can recognize identity logos from webpage screenshots and match logo variants of the same brand with high precision. Phishpedia provides high accuracy with low run- time. Lastly, unlike other methods, Phishpedia does not require training on any phishing sam- ples whatsoever. Phishpedia exceeds baseline identification techniques (EMD, PhishZoo, and LogoSENSE), inaccurately detecting phishing pages in lengthy testing using accurate phishing data. The effectiveness of Phishpedia was tested and compared against other standard machine learning algorithms and some state-of-the-art algorithms. The given solutions performed better than different algorithms in the given dataset, which is impressive.
Technology advancement has played a vital role in business development; however, it has opened a broad attack surface. Passwords are one of the essential concepts used in applications for authentication. Companies manage many corporate applications, so the employees must meet the password criteria, which leads to password fatigue. This thesis addressed this issue and how we can overcome this problem by theoretically implementing an IAM solution. In this, we disused MFA, SSO, biometrics, strong password policies and access control. We introduced the IAM framework that should be considered while implementing the IAM solution. Implementing an IAM solution adds an extra layer of security.
Global energy demand is still on an increase during the last decade, with a lot of impact on the climate change due to the intensive use of conventional fossil-based fuels power plants to cover this demand. Most recently, leaders of the globe met in 2015 to come out with the Paris Agreement, stating that the countries will start to take a more responsible and effective behaviour toward the global warming and climate change issues. Many studies have discussed how the future energy system will look like with respecting the countries’ targets and limits of greenhouse gases and their CO2 emissions. However, these studies rarely discussed the industry sector in detail even though it is one of the major role players in the energy sector. Moreover, many studies have simulated and modelled the energy system with huge jumps of intervals in terms of years and environmental goals. In the first part of this study, a model will be developed for the German electrical grid with high spatial and temporal resolutions and different scenarios of it will be analysed meticulously on shorter periods (annual optimization), with different flexibilities and used technologies and degrees of innovations within each scenario. Moreover, the challenge in this research is to adequately map the diverse and different characteristics of the medium-sized industrial sector. In order to be able to take a first step in assessing the relevance of the industrial sector in Germany for climate protection goals, the industrial sector will be mapped in PyPSA-Eur (an open-source model data set of the European energy system at the level of the transmission network) by detailing the demand for different types of industry and assigning flexibilities to the industrial types. Synthetically generated load profiles of various industrial types are available. Flexibilities in the industrial sector are described by the project partner Fraunhofer IPA in the GaIN project and can be used. Using a scenario analysis, the development of the industrial sector and the use of flexibilities are then to be assessed quantitatively.
This thesis deals with the creation of a cross-platform application using Xamarin.Forms. The cross-platform application will cover three different platforms android, iOS, and UWP.
The application is the first concept of a possible feature for a companion application for LS telcom. There, the user can identify cell antennas using a map-view and a camera-view making the application an augmented reality application. Thus, the user can search for a specific cell and access various information that he would not be able to see with his eyes like for example the frequency of the transmitting cells.
The cell data is generated from three different sources, Cartoradio, OpenCelliD, and the LS telcom databrowser. Eventually, the decision was taken, that the main source should be the LS telcom databrowser which has multiple advantages over the other cell sources.
The cells on the map-view are placed using the extracted coordinates from the source data. However, the cells on the camera-view are placed with complex calculations using different formulas like the Haversine formula to calculate the distance between the cell and the user and the bearing to calculate the angle between the cell and the user. Various settings will allow the user to personalize the application according to his wishes.
On a regular basis, we hear of well-known online services that have been abused or compromised as a result of data theft. Because insecure applications jeopardize users' privacy as well as the reputation of corporations and organizations, they must be effectively secured from the outset of the development process. The limited expertise and experience of involved parties, such as web developers, is frequently cited as a cause of risky programs. Consequently, they rarely have a full picture of the security-related decisions that must be made, nor do they understand how these decisions affect implementation accurately.
The selection of tools and procedures that can best assist a certain situation in order to protect an application against vulnerabilities is a critical decision. Regardless of the level of security that results from adhering to security standards, these factors inadvertently result in web applications that are insufficiently secured. JavaScript is a language that is heavily relied on as a mainstream programming language for web applications with several new JavaScript frameworks being released every year.
JavaScript is used on both the server-side in web applications development and the client-side in web browsers as well.
However, JavaScript web programming is based on a programming style in which the application developer can, and frequently must, automatically integrate various bits of code from third parties. This potent combination has resulted in a situation today where security issues are frequently exploited. These vulnerabilities can compromise an entire server if left unchecked. Even though there are numerous ad hoc security solutions for web browsers, client-side attacks are also popular. The issue is significantly worse on the server side because the security technologies available for server-side JavaScript application frameworks are nearly non-existent.
Consequently, this thesis focuses on the server-side aspect of JavaScript; the development and evaluation of robust server-side security technologies for JavaScript web applications. There is a clear need for robust security technologies and security best practices in server-side JavaScript that allow fine-grained security.
However, more than ever, there is this requirement of reducing the associated risks without hindering the web application in its functionality.
This is the problem that will be tackled in this thesis: the development of secure security practices and robust security technologies for JavaScript web applications, specifically, on the server-side, that offer adequate security guarantees without putting too many constraints on their functionality.
As information technology continues to advance at a rapid speed around the world, new difficulties emerge. The growing number of organizational vulnerabilities is among the most important issues. Finding and mitigating vulnerabilities is critical in order to protect an organization’s environment from multiple attack vectors.
The study investigates and comprehends the complete vulnerability management process from the standpoint of the security officer job role, as well as potential improvements. Few strategies are used to achieve efficient mitigation and the de- velopment of a process for tracking and mitigating vulnerabilities. As a result, a qualitative study is conducted in which the objective is to create a proposed vulner- ability and risk management process, as well as to develop a system for analyzing and tracking vulnerabilities and presenting the vulnerabilities in a graphical dash- board format. This thesis’s data was gathered through an organized literature study as well as through the use of various web resources. We explored numerous ap- proaches to analyze the data, such as categorizing the vulnerabilities every 30, 60, and 90 days to see whether the vulnerabilities were reoccurring or new. According to our findings, tracking vulnerabilities can be advantageous for a security officer.
We come to the conclusion that if an organization has a proper vulnerability tracking system and vulnerability management process, it can aid security officers in having a better understanding of and making plans for reducing vulnerabilities. In terms of system patching and vulnerability remediation, it will also assist the security officer in identifying areas of weakness in the process. As a result, the suggested ways provide an alternate approach to managing and tracking vulnerabilities in an effective manner, although there is still a small area that needs additional analysis and research to make it even better.
Die Arbeit beschäftigt sich mit dem Thema der Progressive Web App, dabei wird auf die Entwicklung und das Wirtschaftliche Potential eingegangen. Die Arbeit kann als Hilfestellung bei der Entscheidung, ob eine Progressive Web App in einem Unternehmen eingesetzt werden soll, dienen.
Among the billions of smartphone users in the world, Android still holds more than 80% of the market share. The applications which the users install have a specific set of features that need access to some device functionalities and sensors that may hold sensitive information about the user. Therefore, Android releases have set permission standards to let the user know what information is being disclosed to the application. Along with other security and privacy improvements, significant changes to the permission scheme are introduced with the Android 6.0 version (API level 23). In this master thesis, the Android permission scheme is tested on two devices from different eras. The evolution of Android over the years is examined in terms of confidentiality. For each device, two applications are built; one focused on extracting every piece of information within the confidentiality scope with every permission declared and/or requested, and the other app focused on getting this type of information without user notification. The resulting analysis illustrates whether how and in what way the Android permission scheme declined or improved over time.
Threat Modeling is a vital approach to implementing ”Security by Design” because it enables the discovery of vulnerabilities and mitigation of threats during the early stage of the Software Development Life Cycle as opposed to later on when they will be more expensive to fix. This thesis makes a review of the current threat Modeling approaches, methods, and tools. It then creates a meta-model adaptation of a fictitious cloud-based shop application which is tested using STRIDE and PASTA to check for vulnerabilities, weaknesses, and impact risk. The Analysis is done using Microsoft Threat Modeling Tool and IriusRisk. Finally, an evaluation of the results is made to ascertain the effectiveness of the processes involved with highlights of the challenges in threat modeling and recommendations on how security developers can make improvements.
The identification of vulnerabilities is an important element of the software development process to ensure the security of software. Vulnerability identification based on the source code is a well studied field. To find vulnerabilities on the basis of a binary executable without the corresponding source code is more challenging. Recent research has shown how such detection can be performed statically and thus runtime efficiently by using deep learning methods for certain types of vulnerabilities.
This thesis aims to examine to what extent this identification can be applied sufficiently for a variety of vulnerabilities. Therefore, a supervised deep learning approach using recurrent neural networks for the application of vulnerability detection based on binary executables is used. For this purpose, a dataset with 50,651 samples of 23 different vulnerabilities in the form of a standardised LLVM Intermediate Representation was prepared. The vectorised features of a Word2Vec model were then used to train different variations of three basic architectures of recurrent neural networks (GRU, LSTM, SRNN). For this purpose, a binary classification was trained for the presence of an arbitrary vulnerability, and a multi-class model was trained for the identification of the exact vulnerability, which achieved an out-of-sample accuracy of 88% and 77%, respectively. Differences in the detection of different vulnerabilities were also observed, with non-vulnerable samples being detected with a particularly high precision of over 98%. Thus, the methodology presented allows an accurate detection of vulnerabilities, as well as a strong limitation of the analysis scope for further analysis steps.
In this work, an implementation of the somewhat homomorphic BV encryption scheme is presented. During the implementation, care was taken to ensure that the resulting program will be as efficient as possible i.e. fast and resource-saving. The basis for this is the work of Arndt Bieberstein, who implemented the BV scheme with respect to functionality. The presented implementation supports the basics of the BV scheme, namely (symmetric and asymmetric) encryption, decryption and evaluation of addition as well as multiplication. Additionally, it supports the encoding of positive and negative numbers, various gaussian sampling methods, basically infinitely large polynomial coefficients, the generation of suitable parameters for a use case, threading and relinearization to reduce the size of a ciphertext after multiplications. After presenting the techniques used in the implementation, it’s actual efficiency is determined by measuring the timings of the operations for various parameters.
The Project "Schluckspecht" of the University of Offenburg consists of participating in the European marathon called "Shell Eco-Marathon"(SEM) which consists of designing and building from the beginning a vehicle with the greatest possible energy efficiency. The University of Offenburg has participated in this project since 1998.
The team that forms the Schluckspecht project is made up of around 30 students from the faculties of mechanical engineering, process engineering, electrical engineering, medical technology and computer science, as well as the degree in Audiovisual Communication. The team was founded in 1998 and since then students have been developing and building high efficiency vehicles to participate in the European marathon Shell Eco.
In this project, students can put into practice all the theoretical knowledge obtained during their studies. Also can be learned how to work interdisciplinarity as a team, a skill that for now, many companies or require or seek.
The following topics are discussed in the Schluckspecht project, which are also ideal for the work of students:
-Conception construction and production of high efficiency vehicles.
-Computational design and manufacture of lightweight components and sets.
-Development of lightweight components and sets from renewable raw materials.
-Construction and development of special test benches, for example: motor test bench.
-Implementation and optimization of control strategies for autonomous driving
-Mechanical and electrical integration of sensors for autonomous driving
-Ergonomic studies and optimization of the driver's cabin.
The objective of the project is to develop and manufacture research vehicles that make individual mobility as efficient as possible from an energy point of view. To achieve this, current and future issues of the industry are discussed. In this project, both the theoretical and practical part of the light construction of vehicles and the reduction of friction, the variety of propulsion concepts (electric thrusters, fuel cells, diesel/petrol engines, Stirling engines) and autonomous driving are investigated. The services of the University of Offenburg together with some external partners are grouped together to make this wonderful project work.
The Projekt-Sweaty is a project of the University of Applied Sciences of Offenburg, an autonomous robot is being developed that competes against a set of several international colleges and universities in the RoboCup.
"Sweaty" is a soccer-playing humanoid robot who participated in the RoboCup World Cup in Brazil for the first time in 2014.
RoboCup is a competition aimed at developing a robot soccer team that surpasses the human world champion team. The competition started in 1997 the first official RoboCup games and conferences were held with great success. More than 40 teams took part and more than 5,000 spectators attended. RoboCup’s rules change to promote advances in robot science and technology and to bring the league’s challenges closer to the real world.
Building a robot that plays football will not in itself generate a significant social and economic impact, but the realization will certainly be considered an important success for the field of robotics.
Thanks to the interaction of all the faculties, the team consists of professors and students from the fields of mechanical and process engineering, electrical engineering, information technology, and information and media technology. Students can use the project during their studies and use the knowledge acquired in practice to implement and through their own creative ideas complement.
The Timed-Up-and-Go (TUG) test aims to assess mobility, balance, walking ability, and fall risk during walking. The instrumentalization of the TUG is already described in the literature and is beginning to be implemented in the industry. The products proposed by Zhortech and Digitsole, namely connected insoles, as well as additional sensors placed on the sternum and the right and eventually left femur allow the instrumentalization of the test.
An algorithm of detection and evaluation of the TUG has been developed in two versions. The first one (V1) aiming simply to calculate the total duration of the test. A second version is an improvement of V1, allowing to segment the TUG in three sub-phases: Sit-Stand, walking, Stand-Sit. These algorithms have been declined in a variant with the five sensors mentioned, and one without the sensor of the left femur.
The performance of the algorithms was compared to manual labeling performed on video. The comparison includes a bland-Altman plot and a correlation for the total test duration, but also for the sub-phase’s duration according to the two variants.
The TUG duration shows very good results regarding the limits of agreements (lLoA = -0.33 s and uLoA+0.6 s). The bias of 0.13 s indicated that the algorithm overrates the duration of the TUG. The results of the TUG subphases are less accurate. Although the correlation coefficient is between 0.76 and 0.96 for the different subphases, the limits of agreements are still very high, between -0.71 s and -0.5 s for the lLoA and +0.39 s and +0.58 s for the uLoA. These limits of agreements indicated that the Sit-Stand and Stand-Sit transition are not accurate enough yet. The dispersion is high for a transition that could last between about one and six seconds. The two variants, with and without a sensor on the left femur, present similar results.
The Lattice Boltzmann Method is a useful tool to calculate fluid flow and acoustic effects at the same time. Although the acoustic perturbation is much smaller than normal pressure differences in fluid flow, this direct calculation is a great advantage of the Lattice Boltzmann Method (LBM). But each border used in calculation produces a multitude of reflections with the acoustic waves, which lead to an unusable result. Therefore, it is worked on different absorbing techniques.
In this thesis three absorbing layer techniques are described, explained and reviewed with different simulations. The absorbing layers are implemented in a basic LBM code in C++, and with this umpteen simulations within a box were performed to compare the different absorbing layers. The Doppler effect and a cylinder flow are also examined to compare the damping efficiencies.
The three studied absorbing techniques are the sponge layer, the perfectly matched layer and a force based Term II absorbing layer. The sponge layer is easy to implement but gives worse results than a calculation without any absorbing layer. The perfectly matched layer and a force based absorbing term provide very good results but the perfectly matched layer has problems with instability. The force based absorbing layer represents the best compromise between the additional computation time due the absorbing layer and the achieved damping efficiency.
This thesis deals with the implementation of the SUBSCALE algorithm in the Python programming language. First, the current state of research and the needs of the target group are considered. Then, the choice of language is decided based on the findings. On the basis of self-generated requirements, the implementation is carried out.
Finally, the code is evaluated for accuracy, consistency, and execution time, as well as its applicability in practice.
Since the implementation of the current work proved to be unconvincing, an approach is tested in which Python is used only as a front-end.
Annotated training data is essential for supervised learning methods. Human annotation is costly and laborsome especially if a dataset consists of hundreds of thousands of samples and annotators need to be hired. Crowdsourcing emerged as a solution that makes it easier to get access to large amounts of human annotators. Introducing paid external annotators however introduces malevolent annotations, both intentional and unintentional. Both forms of malevolent annotations have negative effects on further usage of the data and can be summarized as spam. This work explores different approaches to post-hoc detection of spamming users and which kinds of spam can be detected by them. A manual annotation checking process resulted in the creation of a small user spam dataset which is used in this thesis. Finally an outlook for future improvements of these approaches will be made.
The status quo of PROFINET, a commonly used industrial Ethernet standard, provides no inherent security in its communication protocols. In this thesis an approach for protecting real-time PROFINET RTC messages against spoofing, tampering and optionally information disclosure is specified and implemented into a real-world prototype setup. Therefor authenticated encryption is used, which relies on symmetric cipher schemes. In addition a procedure to update the used symmetric encryption key in a bumpless manner, e.g. without interrupting the real-time communication, is introduced and realized.
The concept for protecting the PROFINET RTC messages was developed in collaboration with a task group within the security working group of PROFINET International. The author of this thesis has also been part of that task group. This thesis contributes by proofing the practicability of the concept in a real-world prototype setup, which consists of three FPGA-based development boards that communicate with each other to showcase bumpless key updates.
To enable a bumpless key update without disturbing the deterministic real-time traffic by dedicated messages, the key update annunciation and status is embedded into the header. By provisioning two key slots, of which only one is in used, while the other is being prepared, a well-synchronized coordinated switch between the receiver and the sender performs the key update.
The developed prototype setup allows to test the concept and builds the foundation for further research and implementation activities, e.g. the impact of cryptographic operations onto the processing time.
In the field of network security, the detection of intrusions is an important task to prevent and analyse attacks.
In recent years, an increasing number of works have been published on this subject, which perform this detection based on machine learning techniques.
Thereby not only the well-studied detection of intrusions, but also the real-time capability must be considered.
This thesis addresses the real-time functionality of machine learning based network intrusion detection.
For this purpose we introduce the network feature generator library PyNetFlowGen, which is designed to allow real-time processing of network data.
This library generates 83 statistical features based on reassembled data flows.
The introduced performant Cython implementation allows processing individual packets within 4.58 microseconds.
Based on the generated features, machine learning models were examined with regard to their runtime and real-time capabilities.
The selected Decision-Tree-Classifier model created in Python was further optimised by transpiling it into C-Code, what reduced the prediction time of a single sample to 3.96 microseconds on average.
Based on the feature generator and the machine learning model, an basic IDS system was implemented, which allows a data throughput between 63.7 Mbit/s and 2.5 Gbit/s.
This paper gives an overview of the impact that the corona pandemic has on the export industry in Canada and analyzes the different Canadian government measures for exporters. In addition, the measures are subsequently evaluated in order to identify if the support measures can help Canadian exporters to overcome the crisis. The basis of this paper are semi-structured expert interviews with experts from the financial sector, scientific literature and studies. The results have shown that the COVID-19 pandemic has a major impact on Canada’s export economy and it’s GDP. Trade is only possible to a limited extent, as many borders are closed. The Canadian government reacted with an economic response plan to support Canadian individuals and businesses. This paper depicts and assesses the most eligible measures for export companies.
The core logging and tracing facility in Windows operating system is called Event Tracing for Windows (ETW).
Data sources providing events for ETW are instrumented all over the operating system.
That means most hard- and software assets in a Windows system are instrumented with ETW and so are able to contribute low-level information.
ETW can be used by developers and administrators to get low-level information about operating system's activity.
We describe existing tools to interact with the ETW faciltity and evaluate them based on defined criteria.
Based on relevant application scenarios, we show the richness of informational content for debugging or detecting security incidents with ETW.
The widely used instrumentation of ETW in the operating system and its application results also in security risks according to confidentiality.
Based on common ETW providers we show the impact to confidentiality what ETW offers an adversary.
At the end we evaluate solutions and approaches for a customizable telemetry infrastructure using ETW in large-scale environments.
Webassembly is a new technology to create application in a new way. Webassembly is being developed since 2017 by the worldwide web consortium (w3c). The primary task of webassembly is to improve web applications.
Today, more and more applications are being created as web applications. Web applications have some advantages - they are platform independent and even mobile platforms can run them, and no installation is needed apart from a modern web browser.
Currently, web applications are being developed in JavaScript (JS), hypertext mark-up language 5 (HTML 5), and cascading style sheets (CSS).
These technologies are not made for huge web applications, but they should not be replaced by webassembly; rather, webassembly is an extension to the currently existing technology.
The purpose of webassembly is to fix or improve the problems in web application development.
This master’s thesis reviews all of the aspects and checks whether the promises of webassembly are kept and where problems still exist.
This paper describes a project absolved to increase the material flow through the LTCC production of the Bosch Anderson Plant in South Carolina, USA. To archive this goal the regarded value stream is introduced first. The bottleneck, which is limiting the material flow is found and eliminated in order to increase the output of the machine and consequently improve the material flow through the whole value stream. The completed projects made for this purpose result in a 13% increase. To control the material flow the inventory sizes are determined. The inventories, from which the size is desired to be determined, include climatization processes to dry the pastes that are applied in the previous process steps. Therefore, a separation of the parts in the production process climatization and the buffer is necessary first. After that the buffer can be eliminated and the inventory areas minimized. The results are smaller and controlled buffer sizes that make part of the floor space unnecessary. A welcomed side effect is the solution to a production problem of warped parts because of too long climatization times. Observations over time show that the results of the buffer limitations are just right to improve the material flow through the LTCC production.
How can manufacturers or service companies provide better services with connected products, without having acquired a powerful IT infrastructure nor the competences for software development?
Today companies can appeal to a relocated-IT-infrastructure provider, which is called Cloud.
Consequently, they do not have to manage and take care of the safety/security aspect, the updates and the breakdown of the infrastructure internally, as those are all managed by the provider.
It is possible to outsource the development of the software of the connected product to an external company. However, the question now is how fast this company can juggle from one Cloud to another in order to fulfil their clients wishes?
neverMind offers a solution based on a multi-protocols-platform linking the different connected products to a multitude of Clouds without having to redesign the whole communication stack/building block for each change in the Cloud-solution. This is the object of my thesis.
The development follows the V-Model, the first steps to understand the complexity of the project were the realisation of the product technical and architectural specifications. The last step before the Implementation was to design in details the progress and the process of every parts of the platform.
The outcome of the requirements analysis led me to divide the project in two parts:
• a “General Interface” acting as a gateway between the Client-application and “Cloud-modules”
• the “Cloud-modules” themselves.
So far, the specifications are drown up; the General Interface and a client example are coded, as well as a first Cloud-module template.
Die Vision vom "Internet der Dinge" prägt seit Jahren Forschung und Entwicklung, wenn es um smarte Technologien und die Vernetzung von Geräten geht. In der Zukunft wird die reale Welt zunehmend mit dem Internet verknüpft, wodurch zahlreiche Gegenstände (Dinge) des normalen Alltags dazu befähigt werden, zu interagieren und sowohl online als auch autark zu kommunizieren. Viele Branchen wie Medizin, Automobilbau, Energieversorgung und Unterhaltungselektronik sind gleichermaßen betroffen, wodurch trotz Risiken auch neues wirtschaftliches Potential entsteht. Im Bereich "Connected Home" sind bereits Lösungen vorhanden, mittels intelligenter Vernetzung von Haushaltsgeräten und Sensoren, die Lebensqualität in den eigenen vier Wänden zu erhöhen. Diese Arbeit beschäftigt sich mit dem Thread Protokoll; einer neuen Technologie zur Integration mehrerer Kommunikationsschnittstellen innerhalb eines Netzwerks. Darüber hinaus wird die Implementierung auf Netzwerkebene (Network Layer) vorgestellt, sowie aufbereitete Informationen bezüglich verwendeter Technologien dargestellt.
The objective of this thesis is the conceptual design of a battery management system for the first prototype of the UWC (University of the Western Cape) Modular Battery System. The battery system is a lithium-ion battery that aims to be used in renewable energy systems and for niche electric vehicles such as golf carts.
The concept that is introduced in this thesis comprises the parameter monitoring, the safety management and has its main focus on an accurate state of charge estimation.
Another battery system that was already implemented is used as base for the parameter monitoring and the safety management for the new battery management system. In contrast to that, the concept for the state of charge estimation must be developed completely.
Different methods for the state of charge estimation which are based on the measured voltage, current and temperature are discussed, evaluated and the chosen method is conceived in this thesis. The method used for the state of charge estimation is different for the time when the battery is active than when it is inactive. During charge and discharge Coulomb counting is used and when the cell is inactive voltage versus state of charge lookup tables are used to update the estimation.
To have an accurate estimation when the cell is inactive only for a short time, a model of the voltage relaxation is used to predict the voltage when the cells are in equilibrium. This allows the algorithm to reset the state of charge that is estimated by Coulomb counting – which tends to have a growing error over time – frequently.
To evaluate the accuracy of the voltage prediction, cell tests were executed where the voltage relaxation was sampled. The recursive least square method to predict the end voltage was tested with a MATLAB programme. With the help of voltage versus state of charge lookup tables it was possible to determine the state of charge accuracy with the accuracy of the voltage prediction.