Search
Filters
total: 347
Search results for: SECURITY MONITORING
-
Lab security improvement using RFID technologies
PublicationTechnologia RFID stanowi nie tylko technologię bliźniaczą w stosunku do kodów paskowych, ale posiada również dodatkowe cechy takie jak zdalna identyfikacja przy użyciu fal radiowych. Technologia ta staje się coraz bardziej dostępna i koszty jej wdrożenia są coraz mniejsze. W artykule przedstawiono wykorzystanie technologii RFID do ochrony sprzętu laboratoryjengo przed kradzieżą. Zawarto opis laboratorium wyposażonego w urządzenia...
-
Analizy ilości i jakości odpływu wód deszczowych i roztopowych z kontrolowanej zlewni zurbanizowanej
PublicationIstotnym problemem Gdańska staje się bezpieczeństwo ekologiczne związane ze spływami miejskimi odprowadzanymi bezpośrednio do wód powierzchniowych, często akwenów użyteczności publicznej. W latach 2011÷2013, Katedra Hydrotechniki Wydziału Inżynierii Lądowej i Środowiska Politechniki Gdańskiej, we współpracy z Wojewódzkim Funduszem Ochrony Środowiska i Gospodarki Wodnej w Gdańsku oraz Gdańskimi Melioracjami, podjęła się wdrożenia...
-
Calibration of acoustic vector sensor based on MEMS microphones for DOA estimation
PublicationA procedure of calibration of a custom 3D acoustic vector sensor (AVS) for the purpose of direction of arrival (DoA) estimation, is presented and validated in the paper. AVS devices working on a p-p principle may be constructed from standard pressure sensors and a signal processing system. However, in order to ensure accurate DoA estimation, each sensor needs to be calibrated. The proposed algorithm divides the calibration process...
-
Automated Valuation Model based on fuzzy and rough set theory for real estate market with insufficient source data
PublicationObjective monitoring of the real estate value is a requirement to maintain balance, increase security and minimize the risk of a crisis in the financial and economic sector of every country. The valuation of real estate is usually considered from two points of view, i.e. individual valuation and mass appraisal. It is commonly believed that Automated Valuation Models (AVM) should be devoted to mass appraisal, which requires a large...
-
Oxygen vacancy-enriched V2O5·nH2O nanofibers ink for universal substrates-tolerant and multi means-integratable NH3 sensing
PublicationUniversal substrates-tolerant and multi means-integratable ammonia (NH3) sensing is highly desired in future Internet of Things in environmental monitoring, food security and early diagnosis of human diseases, however, is still less than satisfactory. Here, an oxygen vacancy-governed NH3 sensing has been developed with V2O5·nH2O nanofibers (NFs) ink, via combined thermal decomposition of ammonium metavanadate and dilution. As-obtained...
-
Zarządzanie zaufaniem w bezprzewodowych sieciach czujników - studium przypadku
PublicationW artykule przedstawiono studium przypadku dotyczące zastosowania bezprzewodowej sieci czujników do wspomagania pacjenta z nadwagą w jego środowisku domowym. Przyjęto, że sieć wykorzystuje metodę rozproszonego zarządzania zaufaniem i pokazano, że metoda ta umożliwia wykrycie i izolację czujników realizujących działania sprzeczne z polityką sieci. Ilościowe oszacowanie czasu niezbędnego do wykrycia takich...
-
Audio content analysis in the urban area telemonitoring system
PublicationArtykuł przedstawia możliwości rozwinięcie monitoringu miejskiego o automatyczną analizę dźwięku. Przedstawiono metody parametryzacji dźwięku, które możliwe są do zastosowania w takim systemie oraz omówiono aspekty techniczne implementacji. W kolejnej części przedstawiono system decyzyjny oparty na drzewach zastosowany w systemie. System ten rozpoznaje dźwięki niebezpieczne (strzał, rozbita szyba, krzyk) wśród dźwięków zarejestrowanych...
-
Sensors for Rapid Detection of Environmental Toxicity in Blood of Poisoned People
PublicationRecently, the diagnosis and treatment of poisoned person can be done only in specialized centers. Furthermore, currently used clinical methods of intoxication diagnosis are not sufficient for early detection. Conventional laboratory tests based on urine and blood require professional, high skilled staff, high cost equipment as well as they are arduous and lasting analytical procedures. There is a need to elaborate relatively cheap...
-
A Set of Experience-Based Smart Synergy Security Mechanism in Internet of Vehicles
PublicationIn this article, we introduce a novel security mechanism, the Smart Synergy Security (3S). The mechanism uses the Set of Experience Knowledge Structure (SOEKS) and the synergy of security methods in different domains to provide the global optimal security strategy. The proposed strategy is taking into account the characteristics of information security (i.e. confidentiality, integrity, availability, controllability, and reviewability)...
-
Approaching Secure Industrial Control Systems
PublicationThis study presents a systematic approach to secure industrial control systems based on establishing a business case followed by the development of a security programme. To support these two fundamental activities the authors propose a new method for security cost estimation and a security assessment scheme. In this study they explain the cost evaluation technique and illustrate with a case study concerning the assessment of the...
-
Determining and verifying the safety integrity level with security aspects
PublicationSafety and security aspects consist of two different group of functional requirements for the control and protection systems. It is the reason why the analyses of safety and security shouldnt be integrated directly. The paper proposes extension of the currently used methods of functional safety analyses. It can be done with inclusion of the level of information security assigned to the technical system. The article addresses some...
-
External Security Strategies of Belarus
PublicationUnder President Lukashenko, three Belarusian national security strategies have been announced: the first in 1995, the second in 2001 and the third in 2011. The first proposal, formulated after Lukashenko’s victory in the presidential elections in 1994, outlined Belarus as a neutral state, unbound to any military block in the absence of external enemies. The direction of the foreign policy pursued by the president of Belarus was...
-
Influence of Thermal Imagery Resolution on Accuracy of Deep Learning based Face Recognition
PublicationHuman-system interactions frequently require a retrieval of the key context information about the user and the environment. Image processing techniques have been widely applied in this area, providing details about recognized objects, people and actions. Considering remote diagnostics solutions, e.g. non-contact vital signs estimation and smart home monitoring systems that utilize person’s identity, security is a very important factor....
-
Adapting Agile Practices to Security Context – Practitioners’ Perspective
PublicationIn this paper we explore the problem of introducing agile practices to projects dealing with systems with high security requirements. We also propose an approach based on AgileSafe method and OWASP ASVS guidelines, that could support such introduction. What is more, we present the results of two surveys aimed at analyzing IT practitioners’ views on applying agile methods to security reliant systems as well as evaluating the set...
-
Energy Security of Polish Consumers in 2004-2021
PublicationTheoretical background: Energy security is one of the most important components of economic security. It is influenced not only by access to energy sources and the economic situation of the state and the individual consumer. The authors adopted the definition of energy security of an individual consumer as included in the UN report. It states that energy security of an individual consumer is guaranteed when the average consumer...
-
Is Artificial Intelligence Ready to Assess an Enterprise’s Financial Security?
PublicationThis study contributes to the literature on financial security by highlighting the relevance of the perceptions and resulting professional judgment of stakeholders. Assessing a company’s financial security using only economic indicators—as suggested in the existing literature—would be inaccurate when undertaking a comprehensive study of financial security. Specifically, indices and indicators based on financial or managerial reporting...
-
Ukraine’s Energy Security in Strategies
PublicationDuring the independence period, the Ukrainian government has published two energy security strategies. The first strategy was adopted in 2006 and the second one in 2016. Both documents provided a similar definition of energy security. The aims of the first strategy, covering the period 2006–2030, were the restructuring of the fuel and energy complex using new technologies, increase of energy efficiency and ensuring market prices...
-
SDN testbed for validation of cross-layer data-centric security policies
PublicationSoftware-defined networks offer a promising framework for the implementation of cross-layer data-centric security policies in military systems. An important aspect of the design process for such advanced security solutions is the thorough experimental assessment and validation of proposed technical concepts prior to their deployment in operational military systems. In this paper, we describe an OpenFlow-based testbed, which was...
-
Some Security Features of Selected IoT Platforms
PublicationIoT (Internet of Things) is certainly one of the leading current and future trends for processing in the current distributed world. It is changing our life and society. IoT allows new ubiquitous applications and processing, but, on the other hand, it introduces potentially serious security threats. Nowadays researchers in IoT areas should, without a doubt, consider and focus on security aspects. This paper is aimed at a high-level...
-
Practical Evaluation of Internet Systems' Security Mechanisms
PublicationA proposed Internet systems security layer with context-oriented security mechanisms reduces the risk associated with possible vulnerabilities. A metric of the system trust level is proposed, and then evaluated according to a university Internet system.
-
Clustering Context Items into User Trust Levels
PublicationAn innovative trust-based security model for Internet systems is proposed. The TCoRBAC model operates on user profiles built on the history of user with system interaction in conjunction with multi-dimensional context information. There is proposed a method of transforming the high number of possible context value variants into several user trust levels. The transformation implements Hierarchical Agglomerative Clustering strategy....
-
Integrated functional safety and cyber security analysis
PublicationThe chapter is devoted some important issues of the functional safety analysis, in particular the safety integrity level (SIL) verification of safety functions to be implemented within the distributed control and protection systems with regard to security aspects. A method based on quantitative and qualitative information is proposed for the SIL (IEC 61508, 61511) verification with regard of the evaluation assurance levels (EAL)...
-
An integrated framework for security protocol analysis
PublicationAssurance of security protocols needs particular attention. Flaws in a protocol can devastate security of the applications that rely on it. Analysis of the protocols is difficult and it is recommended that formal methods are employed to provide for higher levels of assurance. However, the formal methods can cover only a part of the scope of the problem. It is important that the formal models are valid representations of the protocol...
-
Cost assessment of computer security activities
PublicationComprehensive cost-benefit analysis plays a crucial role in the decision-making process when it comes to investments in information security solutions. The cost of breaches needs to be analysed in the context of spending on protection measures. However, no methods exist that facilitate the quick and rough prediction of true expenditures on security protection systems. Rafal Leszczyna of Gdansk University of Technology presents...
-
Managing the security vulnerabilities of critical systems and hazardous plants
PublicationRozdział poświęcono aktualnym problemom zarządzania ochroną obiektów podwyższonego ryzyka jako ważnych systemów infrastruktury krytycznej. Zarządzanie odpornością na ataki takich obiektów jest oparte na ocenach ryzyka. Podkreśla się, że występują ważne instalacje i systemy wymagające specjalnej uwagi i zabezpieczeń, szczególnie systemy kontroli dostępu do sterowni i urządzeń komunikacji. Opisuje się przykładowe technologie ochrony....
-
Security-oriented agile approach with AgileSafe and OWASP ASVS
PublicationIn this paper we demonstrate a security enhancing approach based on a method called AgileSafe that can be adapted to support the introduction of OWASP ASVS compliant practices focused on improving security level to the agile software development process. We also present results of the survey evaluating selected agile inspired security practices that can be incorporated into an agile process. Based on the survey’s results, these...
-
Security Evaluation of IT Systems Underlying Critical Networked Infrastructures
PublicationCritical infrastructures have become highly dependent on information and communication technology (ICT). The drawback of this situation is that the consequences of disturbances of the underlying ICT networks may be serious as cascading effects can occur. This raises a high demand for security assurance, with a high importance assigned to security evaluations. In this paper we present an experiment-centric approach for the characterisation...
-
Integrated safety and security analysis of hazardous plants and systems of critical infrastructure
PublicationThis article addresses an integrated safety and security analysis approach of hazardous industrial plants and systems of critical infrastructure. Nowadays due to new hazards that emerge there are opinions among experts that these issues require an integrated approach in life cycle, from the design concept, through the design and operation of the plant, to its decommissioning. It is proposed to start from an interesting methodology...
-
Approach to security assessment of critical infrastructures' information systems
PublicationThis study presents an approach to the security assessment of the information systems of critical infrastructures. The approach is based on the faithful reconstruction of the evaluated information system in a computer security laboratory followed by simulations of possible threats against the system. The evidence collected during the experiments, stored and organised using a proprietary system InSAW, may later be used for the creation...
-
Procedure based functional safety and information security management of industrial automation and control systems on example of the oil port installations
PublicationThe approach addresses selected technical and organization aspects of risk mitigation in the oil port installations with regard to functional safety and security requirements specified in standards IEC 61508, IEC 61511 and IEC 62443. The procedure for functional safety management includes the hazard identification, risk analysis and assessment, specification of overall safety requirements and definition of...
-
Security information sharing for smart grids: Developing the right data model
PublicationThe smart grid raises new security concerns which require novel solutions. It is commonly agreed that to protect the grid the effective collaboration and information sharing between the relevant stakeholders is prerequisite. Developing a security information sharing platform for the smart grid is a new research direction which poses several challenges related to the highly distributed and heterogeneous character of the grid. In...
-
Data Model Development for Security Information Sharing in Smart Grids
PublicationThe smart grid raises new security concerns which require novel solutions. It is commonly agreed that to protect the grid, the effective collaboration and information sharing between the relevant stakeholders is prerequisite. Developing a security information sharing platform for the smart grid is a new research direction which poses several challenges related to the highly distributed and heterogeneous character of the grid. In...
-
Mobile Security: Threats and Best Practices
PublicationCommunicating mobile security threats and best practices has become a central objective due to the ongoing discovery of new vulnerabilities of mobile devices. To cope with this overarching issue, the goal of this paper is to identify and analyze existing threats and best practices in the domain of mobile security. To this extent, we conducted a literature review based on a set of keywords. The obtained results concern recognizable...
-
Security Mechanisms in the Comcute System
PublicationThe aim of this paper is pointing out the basic security problems and mechanisms in the Comcute system - maintenance system of large computing power in the face of critical crisis. Moreover security mechanism and tools useful to apply in laboratory model as well as target version of the Comcute system are presented.
-
Standards on Cyber Security Assessment of Smart Grid
PublicationSecurity evaluation of communication systems in smart grid poses a great challenge to the developers and operators. In recent years many new smart grid standards were proposed, which paradoxically results in the difficulty in finding a relevant publication in this plethora of literature. This paper presents the results of a systematic analysis which aimed at addressing this issue by identifying standards that present sound security...
-
Integrated approach for functional safety and cyber security management in maritime critical infrastructures
PublicationThe work is devoted important issues of the management in maritime critical infrastructure of functional safety analysis, in particular the safety integrity level (SIL) verification of safety functions to be implemented within the distributed control and protection systems with regard to cyber security aspects. A method based on quantitative and qualitative information is proposed for the SIL (IEC 61508, 61511) verification with...
-
The effect of environmental turbulence on cyber security risk management and organizational resilience
PublicationEven though there is a plethora of research on the role of environmental turbulence in organizational performance in general, little attention has been paid to the effect of environmental turbulence on cyber security risk management and further - organizational resilience. Drawing on the resource-based view and contingency theory, this study investigates how technological and market turbulence influence organizational cyber security...
-
The methods of secure data transmission in the KNX system
PublicationThe article presents the demands concerning data security in distributed building automation systems and shows the need for providing mechanisms of secure communication in the KNX system. Three different methods developed for KNX data protection are discussed: EIBsec, KNX Data Security and the author's method. Their properties are compared and potential areas of application are presented.
-
Functional safety and security assessment of the control and protection systems
PublicationW artykule zostały poruszone kluczowe aspekty integracji podejścia bezpieczeństwa funkcjonalnego ''safety'' i ochrony informacji ''security'' w rozproszonych systemach sterowania i zabezpieczeniowych. Próba integracji zagadnień ''safety'' @ ''security'' została zilustrowana na przykładzie systemu monitoringu i zabezpieczeń pracującego w obiekcie podwyższonego ryzyka.
-
On Software Unit Testing For Security and Performance Gain At Unit Level
PublicationPerformance and security are software (SW) application attributes situated on the opposite corners of system design. In the most drastic example the most secure component is the one totally isolated from the outside world, with communication performance reduced to zero level (e.g. disconnected physically from the network, placed inside a Faraday cage to eliminate possible wireless accessibility). On the other hand the most performance-optimized...
-
On Software Unit Testing For Improving Security And Performance Of Distributed Applications
PublicationPerformance and security are software (SW) application attributes situated on the opposite corners of system design. In the most drastic example the most secure component is the one totally isolated from the outside world, with communication performance reduced to zero level (e.g. disconnected physically from the network, placed inside a Faraday cage to eliminate possible wireless accessibility). On the other hand the most performance-optimized...
-
Agents in Simulation of Cyberattacks to Evaluate Security of Critical Infrastructures
PublicationIn the last years critical infrastructures have become highly dependent on the information technologies and exposed to cyberattacks. Because the effects of the attacks can be detrimental, it is crucial to comprehensively asses the security of the infrastructures' information systems. This chapter describes MAlSim - the simulator of malicious software based on software agents, developed for the needs of a testbed for critical infrastructures...
-
Organizational culture as prerequisite of proactive safety and security management in critical infrastructure systems including hazardous plants and ports
PublicationThis article addresses selected aspects of organizational culture to be considered in the context of knowledge based proactive safety and security management of plants, ports and systems of critical infrastructure. It has been often emphasized in the domain literature that business effectiveness of such plants and their resilience against hazards and threats to avoid major accidents depends substantially on human and organizational...
-
The impact of security aspects on functional safety analysis = Wpływ aspectów ochrony informacji na wyniki analiz bezpieczeństwa funkcjonalnego
PublicationIt can be said that a distributed control and protection system’s security level may have a significant impact on functional safety analyses and their results. However the issue of integrating those both aspects are difficult and usually is neglected during functional safety analyses. Known methods of functional safety analyses don’t take into consideration this kind of concept also. This paper discusses an attempt to integrate...
-
Validation of a virtual test environment for C2X communication under radio jamming conditions
PublicationIn this paper, we propose a novel car-2-x communication security testing methodology in the physical layer of wireless systems. The approach is dedicated to automated testing of autonomous vehicles and it is essential for such complex systems operation, especially with regard to safety and security issues. It is based on scenario-driven testing in virtual and real test environments created from collected or simulated data. The...
-
Theory and implementation of a virtualisation level Future Internet defence in depth architecture
PublicationAn EU Future Internet Engineering project currently underway in Poland defines three parallel internets (PIs). The emerging IIP system (IIPS, abbreviating the project’s Polish name), has a four-level architecture, with level 2 responsible for creation of virtual resources of the PIs. This paper proposes a three-tier security architecture to address level 2 threats of unauthorised traffic injection and IIPS traffic manipulation...
-
Knowledge-based functional safety and security management in hazardous industrial plants with emphasis on human factors
PublicationExisting and emerging new hazards have significant potential to impact destructively operation of technical systems, hazardous plants, and systems / networks of critical infrastructure. The programmable control and protection systems play nowadays an important role in reducing and controlling risk in the process of hazardous plant operation. It is outlined how to deal with security related hazards concerning such systems to be...
-
Operating system security by integrity checking and recovery using write-protected storage
PublicationThe paper presents an Integrity Checking and Recovery (ICAR) system which protects file system integrity and automatically restores modified files. The system enables files cryptographic hashes generation and verification, as well as configuration of security constraints. All of the crucial data, including ICAR system binaries, file backups and hashes database are stored in a physically write protected storage to eliminate the...
-
Security aspects in functional safety analysis
PublicationA security level of distributed control and protection system may have a significant impact on the results of functional safety analysis. However, the issue of integrating the safety and security aspects is difficult and usually is neglected during the functional safety analysis. This article presents a method of functional safety analysis which takes into consideration a concept of integrating these two aspects. It is based on...
-
Determining and verifying the safety integrity level of the safety instrumented systems with the uncertainty and security aspects
PublicationSafety and security aspects consist of two different group of functional requirements for the control and protection systems. In the paper it is proposed that the security analysis results can be used as a factor increasing or decreasing the risk level. It concerns a process of determining required safety integrity level of given safety functions. The authors propose a new approach for functional safety risk analysis. In this case...