A formal method for attack modelling and detection

This paper presents a formal methodology for attack modeling and detection for networks. Our approach has three phases. First, we extend the basic attack tree approach 1 to capture (i) the temporal dependencies between components, and (ii) the expiration of an attack. Second, using the enhanced attack trees (EAT) we build a tree automaton that accepts a sequence of actions from input stream if there is a traverse of an attack tree from leaves to the root node. Finally, we show how to construct an enhanced parallel automaton (EPA) that has each tree automaton as a subroutine and can process the input stream by considering multiple trees simultaneously. As a case study, we show how to represent the attacks in IEEE 802.11 and construct an EPA for it.

Formal analysis of card-based payment systems in mobile devices

To provide card holder authentication while they are conducting an electronic transaction using mobile devices, VISA and MasterCard independently proposed two electronic payment protocols: Visa 3D Secure and MasterCard Secure Code. The protocols use pre-registered passwords to provide card holder authentication and Secure Socket Layer/ Transport Layer Security (SSL/TLS) for data confidentiality over wired networks and Wireless Transport Layer Security (WTLS) between a wireless device and a Wireless Application Protocol (WAP) gateway. The paper presents our analysis of security properties in the proposed protocols using formal method tools: Casper and FDR2. We also highlight issues concerning payment security in the proposed protocols.

Modeling and Verification of Privacy Enhancing Protocols

Privacy enhancing protocols (PEPs) are a family of protocols that allow secure exchange and management of sensitive user information. They are important in preserving users’ privacy in today’s open environment. Proof of the correctness of PEPs is necessary before they can be deployed. However, the traditional provable security approach, though well established for verifying cryptographic primitives, is not applicable to PEPs. We apply the formal method of Coloured Petri Nets (CPNs) to construct an executable specification of a representative PEP, namely the Private Information Escrow Bound to Multiple Conditions Protocol (PIEMCP). Formal semantics of the CPN specification allow us to reason about various security properties of PIEMCP using state space analysis techniques. This investigation provides us with preliminary insights for modeling and verification of PEPs in general, demonstrating the benefit of applying the CPN-based formal approach to proving the correctness of PEPs.

Resilience of water supply systems in meeting the challenges posed by climate change and population growth

This research project provides a scientifically robust approach for assessing the resilience of water supply systems, which are critical infrastructure, to impacts of climate change and population growth. An approach for the identification of trigger points that allows timely and appropriate management actions to be taken to avoid catastrophic system failure is an important outcome of this project. In the current absence of a formal method to evaluate the resilience of a water supply system, the approach developed in this study was based on the characterisation of resilience of a water supply system to a range of surrogate measures. Accordingly, a set of indicators are proposed to evaluate system behaviour and logistic regression analysis was used to assess system behaviour under predicted rainfall, storage and demand conditions.

An enriched radial point interpolation method (e-RPIM) for analysis of crack tip fields

In this paper, an enriched radial point interpolation method (e-RPIM) is developed the for the determination of crack tip fields. In e-RPIM, the conventional RBF interpolation is novelly augmented by the suitable trigonometric basis functions to reflect the properties of stresses for the crack tip fields. The performance of the enriched RBF meshfree shape functions is firstly investigated to fit different surfaces. The surface fitting results have proven that, comparing with the conventional RBF shape function, the enriched RBF shape function has: (1) a similar accuracy to fit a polynomial surface; (2) a much better accuracy to fit a trigonometric surface; and (3) a similar interpolation stability without increase of the condition number of the RBF interpolation matrix. Therefore, it has proven that the enriched RBF shape function will not only possess all advantages of the conventional RBF shape function, but also can accurately reflect the properties of stresses for the crack tip fields. The system of equations for the crack analysis is then derived based on the enriched RBF meshfree shape function and the meshfree weak-form. Several problems of linear fracture mechanics are simulated using this newlydeveloped e-RPIM method. It has demonstrated that the present e-RPIM is very accurate and stable, and it has a good potential to develop a practical simulation tool for fracture mechanics problems.

Improved design method for biosecurity surveillance and early detection of non-indigenous rats

A recent advance in biosecurity surveillance design aims to benefit island conservation through early and improved detection of incursions by non-indigenous species. The novel aspects of the design are that it achieves a specified power of detection in a cost-managed system, while acknowledging heterogeneity of risk in the study area and stratifying the area to target surveillance deployment. The design also utilises a variety of surveillance system components, such as formal scientific surveys, trapping methods, and incidental sightings by non-biologist observers. These advances in design were applied to black rats (Rattus rattus) representing the group of invasive rats including R. norvegicus, and R. exulans, which are potential threats to Barrow Island, Australia, a high value conservation nature reserve where a proposed liquefied natural gas development is a potential source of incursions. Rats are important to consider as they are prevalent invaders worldwide, difficult to detect early when present in low numbers, and able to spread and establish relatively quickly after arrival. The ‘exemplar’ design for the black rat is then applied in a manner that enables the detection of a range of non-indigenous species of rat that could potentially be introduced. Many of the design decisions were based on expert opinion as data gaps exist in empirical data. The surveillance system was able to take into account factors such as collateral effects on native species, the availability of limited resources on an offshore island, financial costs, demands on expertise and other logistical constraints. We demonstrate the flexibility and robustness of the surveillance system and discuss how it could be updated as empirical data are collected to supplement expert opinion and provide a basis for adaptive management. Overall, the surveillance system promotes an efficient use of resources while providing defined power to detect early rat incursions, translating to reduced environmental, resourcing and financial costs.

A novel method for the synthesis of monodisperse gold-coated silica nanoparticles

Monodisperse silica nanoparticles were synthesised by the well-known Stober protocol, then dispersed in acetonitrile (ACN) and subsequently added to a bisacetonitrile gold(I) coordination complex ([Au(MeCN)2]?) in ACN. The silica hydroxyl groups were deprotonated in the presence of ACN, generating a formal negative charge on the siloxy groups. This allowed the [Au(MeCN)2]? complex to undergo ligand exchange with the silica nanoparticles and form a surface coordination complex with reduction to metallic gold (Au0) proceeding by an inner sphere mechanism. The residual [Au(MeCN)2]? complex was allowed to react with water, disproportionating into Au0 and Au(III), respectively, with the Au0 adding to the reduced gold already bound on the silica surface. The so-formed metallic gold seed surface was found to be suitable for the conventional reduction of Au(III) to Au0 by ascorbic acid (ASC). This process generated a thin and uniform gold coating on the silica nanoparticles. The silica NPs batches synthesised were in a size range from 45 to 460 nm. Of these silica NP batches, the size range from 400 to 480 nm were used for the gold-coating experiments.

A discourse on the non-method

In spite of the activism of professional bodies and researchers, empirical evidence shows that project management still does not deliver the expected benefits and promises. Hence, many have questioned the validity of the hegemonic rationalist paradigm anchored in the Enlightenment and Natural Sciences tradition supporting project management research and practice for the last 60 years and the lack of relevance to practice of the current conceptual base of project management. In order to address these limitations many authors, taking a post-modernist stance in social sciences, build on ‘pre-modern’ philosophies such as the Aristotelian one, specially emphasizing the role of praxis (activity), and phronesis (practical wisdom, prudence). Indeed, ‘Praxis … is the central category of the philosophy which is not merely an interpretation of the world, but is also a guide to its transformation …’ (Vazquez, 1977:. 149). Therefore, praxis offers an important focus for practitioners and researchers in social sciences, one in which theory is integrated with practice at the point of intervention. Simply stated, praxis can serve as a common ground for those interested in basic and applied research by providing knowledge of the reality in which action, informed by theory, takes place. Consequently, I suggest a ‘praxeological’ style of reasoning (praxeology being defined as study or science of human actions and conduct, including praxis, practices and phronesis) and to go beyond the ‘Theory-Practice’ divide. Moreover, I argue that we need to move away from the current dichotomy between the two classes ‘scholars experts-researchers’ and ‘managers/workers-practitioners-participants’. Considering one single class of ‘PraXitioner’, becoming a phronimos, may contribute to create new perspectives and open up new ways of thinking and acting in project situations. Thus, I call for a Perestroika in researching and acting in project management situations. My intent is to suggest a balanced praxeological view of the apparent opposition between social and natural science approaches. I explore, in this chapter, three key questions, covering the ontological, epistemological and praxeological dimensions of project management in action. 1. Are the research approaches being currently used appropriate for generating contributions that matter to both theory and practice with regards to what a ‘project’ is or to what we do when we call a specific situation ‘a project’? 2. On the basis of which intellectual virtues is the knowledge generated and what is the impact for theory and practice? 3. Are the modes of action of the practitioners ‘prudent’ and are they differentiating or reconciling formal and abstract rationality from substantive rationality and situated reasoning with regards to the mode of action they adopt in particular project situations? The investigation of the above questions leads me to debate about ‘Project Management-as-Praxis’, and to suggest ‘A’ (not ‘THE’) ‘praxeological’ style of reasoning and mode of inquiry – acknowledging a non-paradigmatic, subjective and kaleidoscopic perspective – for ‘Knowing-as-Practicing’ in project management. In short, this is about making a ‘Projects Science’ that matters.

Formal analysis of security properties in trusted computing protocols

This research introduces a general methodology in order to create a Coloured Petri Net (CPN) model of a security protocol. Then standard or user-defined security properties of the created CPN model are identified. After adding an attacker model to the protocol model, the security property is verified using state space method. This approach is applied to analyse a number of trusted computing protocols. The results show the applicability of proposed method to analyse both standard and user-defined properties.

Let’s talk about lex: Narrative analysis as both research method and teaching technique in law

Law is narration: it is narrative, narrator and the narrated. As a narrative, the law is constituted by a constellation of texts – from official sources such as statutes, treaties and cases, to private arrangements such as commercial contracts, deeds and parenting plans. All are a collection of stories: cases are narrative contests of facts and rights; statutes are recitations of the substantive and procedural bases for social, economic and political interactions; private agreements are plots for future relationships, whether personal or professional. As a narrator, law speaks in the language of modern liberalism. It describes its world in abstractions rather than in concrete experience, universal principles rather than individual subjectivity. It casts people into ‘parties’ to legal relationships; structures human interactions into ‘issues’ or ‘problems’; and tells individual stories within larger narrative arcs such as ‘the rule of law’ and ‘the interests of justice’. As the narrated, the law is a character in its own story. The scholarship of law, for example, is a type of story-telling with law as its central character. For positivists, still the dominant group in the legal genre, law is a closed system of formal rules with an “immanent rationality” and its own “structure, substantive content, procedure and tradition,” dedicated to finality of judgment. For scholars inspired by the interpretative tradition in the humanities, law is a more ambivalent character, susceptible to influences from outside its realm and masking a hidden ideological agenda under its cloak of universality and neutrality. For social scientists, law is a protagonist on a wider social stage, impacting on society, the economy and the polity is often surprising ways.

An approximate method for the solution of an influence function foil rolling model

Fleck and Johnson (Int. J. Mech. Sci. 29 (1987) 507) and Fleck et al. (Proc. Inst. Mech. Eng. 206 (1992) 119) have developed foil rolling models which allow for large deformations in the roll profile, including the possibility that the rolls flatten completely. However, these models require computationally expensive iterative solution techniques. A new approach to the approximate solution of the Fleck et al. (1992) Influence Function Model has been developed using both analytic and approximation techniques. The numerical difficulties arising from solving an integral equation in the flattened region have been reduced by applying an Inverse Hilbert Transform to get an analytic expression for the pressure. The method described in this paper is applicable to cases where there is or there is not a flat region.