A descriptive approach for power system stability and security assessment

Power system dynamic analysis and security assessment are becoming more significant today due to increases in size and complexity from restructuring, emerging new uncertainties, integration of renewable energy sources, distributed generation, and micro grids. Precise modelling of all contributed elements/devices, understanding interactions in detail, and observing hidden dynamics using existing analysis tools/theorems are difficult, and even impossible. In this chapter, the power system is considered as a continuum and the propagated electomechanical waves initiated by faults and other random events are studied to provide a new scheme for stability investigation of a large dimensional system. For this purpose, the measured electrical indices (such as rotor angle and bus voltage) following a fault in different points among the network are used, and the behaviour of the propagated waves through the lines, nodes, and buses is analyzed. The impact of weak transmission links on a progressive electromechanical wave using energy function concept is addressed. It is also emphasized that determining severity of a disturbance/contingency accurately, without considering the related electromechanical waves, hidden dynamics, and their properties is not secure enough. Considering these phenomena takes heavy and time consuming calculation, which is not suitable for online stability assessment problems. However, using a continuum model for a power system reduces the burden of complex calculations

On the robustness and security of digital image watermarking

In most of the digital image watermarking schemes, it becomes a common practice to address security in terms of robustness, which is basically a norm in cryptography. Such consideration in developing and evaluation of a watermarking scheme may severely affect the performance and render the scheme ultimately unusable. This paper provides an explicit theoretical analysis towards watermarking security and robustness in figuring out the exact problem status from the literature. With the necessary hypotheses and analyses from technical perspective, we demonstrate the fundamental realization of the problem. Finally, some necessary recommendations are made for complete assessment of watermarking security and robustness.

Enabling sustainable property practices by ensuring security of tenure

Sustainable property practices will be essential for Australia’s future. The various levels of government offer incentives aimed at encouraging residents to participate in sustainable practices. Many of these programmes however are only accessible by owner occupiers, or landlords and tenants with long term tenancies. Improving security of tenure for tenants, to enable longer term tenancies, would positively impact upon property practices. This article explains what security of tenure is and identifies how a lack of security of tenure adversely impacts property practices. By comparison with Genevan property practices, it concludes by making suggestions as to how security of tenure can be reinforced.

Introduction to special issue on what criminology can say about the war on terror

On 20 September 2001, the former US President, George W. Bush, declared what is now widely, and arguably infamously, known as a ‘war on terror’. In response to the fatal 9/11 attacks in New York and Washington, DC, President Bush identified the US military response as having far-reaching and long-lasting consequences. It was, he argued, ‘our war on terror’ that began ‘with al Qaeda, but … it will not end until every terrorist group of global reach has been found, stopped and defeated’ (CNN 2001). This was to be a war that would, in the words of former British Prime Minister, Tony Blair, seek to eliminate a threat that was ‘aimed at the whole democratic world’ (Blair 2001). Blair claimed that this threat is of such magnitude that unprecedented measures would need to be taken to uphold freedom and security. Blair would later admit that it was a war that ‘divided the country’ and was based on evidence ‘about Saddam having actual biological and chemical weapons, as opposed to the capability to develop them, has turned out to be wrong’ (Blair 2004). The failures of intelligence ushered in new political rhetoric in the form of ‘trust me’ because ‘instinct is no science’ (Blair 2004). The war on terror has been one of the most significant international events in the past three decades, alongside the collapse of the former Soviet Union, the end of apartheid in South Africa, the unification of Europe and the marketization of the People's Republic of China. Yet, unlike the other events, it will not be remembered for advancing democracy or sovereignty, but for the conviction politics of particular politicians who chose to dispense with international law and custom in pursuit of personal instincts that proved fatal. Since the invasions of Afghanistan in October 2001 and …

The perils and politics of criminological research and the threat to academic freedom

This article focuses on government acts of intimidation or the "policing of knowledge". It is more concerned with the suppression of academic freedom, the contractual ambiguities of contemporary criminological research and the ways in which independent scholarship is controlled or influenced by funding bodies than with the specifics of the original crime prevention research which forms the basis of the case study.

Quality metrics for assessing security-critical computer programs

Existing secure software development principles tend to focus on coding vulnerabilities, such as buffer or integer overflows, that apply to individual program statements, or issues associated with the run-time environment, such as component isolation. Here we instead consider software security from the perspective of potential information flow through a program’s object-oriented module structure. In particular, we define a set of quantifiable "security metrics" which allow programmers to quickly and easily assess the overall security of a given source code program or object-oriented design. Although measuring quality attributes of object-oriented programs for properties such as maintainability and performance has been well-covered in the literature, metrics which measure the quality of information security have received little attention. Moreover, existing securityrelevant metrics assess a system either at a very high level, i.e., the whole system, or at a fine level of granularity, i.e., with respect to individual statements. These approaches make it hard and expensive to recognise a secure system from an early stage of development. Instead, our security metrics are based on well-established compositional properties of object-oriented programs (i.e., data encapsulation, cohesion, coupling, composition, extensibility, inheritance and design size), combined with data flow analysis principles that trace potential information flow between high- and low-security system variables. We first define a set of metrics to assess the security quality of a given object-oriented system based on its design artifacts, allowing defects to be detected at an early stage of development. We then extend these metrics to produce a second set applicable to object-oriented program source code. The resulting metrics make it easy to compare the relative security of functionallyequivalent system designs or source code programs so that, for instance, the security of two different revisions of the same system can be compared directly. This capability is further used to study the impact of specific refactoring rules on system security more generally, at both the design and code levels. By measuring the relative security of various programs refactored using different rules, we thus provide guidelines for the safe application of refactoring steps to security-critical programs. Finally, to make it easy and efficient to measure a system design or program’s security, we have also developed a stand-alone software tool which automatically analyses and measures the security of UML designs and Java program code. The tool’s capabilities are demonstrated by applying it to a number of security-critical system designs and Java programs. Notably, the validity of the metrics is demonstrated empirically through measurements that confirm our expectation that program security typically improves as bugs are fixed, but worsens as new functionality is added.

Enterprise information security policy assessment : an extended framework for metrics development utilising the goal-question-metric approach

Effective enterprise information security policy management requires review and assessment activities to ensure information security policies are aligned with business goals and objectives. As security policy management involves the elements of policy development process and the security policy as output, the context for security policy assessment requires goal-based metrics for these two elements. However, the current security management assessment methods only provide checklist types of assessment that are predefined by industry best practices and do not allow for developing specific goal-based metrics. Utilizing theories drawn from literature, this paper proposes the Enterprise Information Security Policy Assessment approach that expands on the Goal-Question-Metric (GQM) approach. The proposed assessment approach is then applied in a case scenario example to illustrate a practical application. It is shown that the proposed framework addresses the requirement for developing assessment metrics and allows for the concurrent undertaking of process-based and product-based assessment. Recommendations for further research activities include the conduct of empirical research to validate the propositions and the practical application of the proposed assessment approach in case studies to provide opportunities to introduce further enhancements to the approach.

A risk simulation framework for information infrastructure protection

Information communication and technology (ICT) systems are almost ubiquitous in the modern world. It is hard to identify any industry, or for that matter any part of society, that is not in some way dependent on these systems and their continued secure operation. Therefore the security of information infrastructures, both on an organisational and societal level, is of critical importance. Information security risk assessment is an essential part of ensuring that these systems are appropriately protected and positioned to deal with a rapidly changing threat environment. The complexity of these systems and their inter-dependencies however, introduces a similar complexity to the information security risk assessment task. This complexity suggests that information security risk assessment cannot, optimally, be undertaken manually. Information security risk assessment for individual components of the information infrastructure can be aided by the use of a software tool, a type of simulation, which concentrates on modelling failure rather than normal operational simulation. Avoiding the modelling of the operational system will once again reduce the level of complexity of the assessment task. The use of such a tool provides the opportunity to reuse information in many different ways by developing a repository of relevant information to aid in both risk assessment and management and governance and compliance activities. Widespread use of such a tool allows the opportunity for the risk models developed for individual information infrastructure components to be connected in order to develop a model of information security exposures across the entire information infrastructure. In this thesis conceptual and practical aspects of risk and its underlying epistemology are analysed to produce a model suitable for application to information security risk assessment. Based on this work prototype software has been developed to explore these concepts for information security risk assessment. Initial work has been carried out to investigate the use of this software for information security compliance and governance activities. Finally, an initial concept for extending the use of this approach across an information infrastructure is presented.

The enterprise information security policy as a strategic business policy within the corporate strategic plan (extended abstract)

Information security has been recognized as a core requirement for corporate governance that is expected to facilitate not only the management of risks, but also as a corporate enabler that supports and contributes to the sustainability of organizational operations. In implementing information security, the enterprise information security policy is the set of principles and strategies that guide the course of action for the security activities and may be represented as a brief statement that defines program goals and sets information security and risk requirements. The enterprise information security policy (alternatively referred to as security policy in this paper) that represents the meta-policy of information security is an element of corporate ICT governance and is derived from the strategic requirements for risk management and corporate governance. Consistent alignment between the security policy and the other corporate business policies and strategies has to be maintained if information security is to be implemented according to evolving business objectives. This alignment may be facilitated by managing security policy alongside other corporate business policies within the strategic management cycle. There are however limitations in current approaches for developing and managing the security policy to facilitate consistent strategic alignment. This paper proposes a conceptual framework for security policy management by presenting propositions to positively affect security policy alignment with business policies and prescribing a security policy management approach that expounds on the propositions.

Threat appraisal for harm from falls: Insights for development of education-based intervention

Objective: This study aims to describe how patients perceive the threat of falls in hospitals, to identify patient characteristics that are associated with greater or lesser perceptions of the threat of falls, and to examine whether there is a discord between the risk that patients perceive in general and the risk that they perceive for themselves personally. Method: A cross-sectional survey amongst geriatric rehabilitation inpatients in Brisbane, Australia, was implemented. The first component of the survey dealt with the ‘general’ nature of in-hospital falls and falls related risks while the second component of the survey was directed at identifying whether the patient held the same belief for themselves. Results: A total of 21 out of 125 participants (17%) indicated that they felt that they were at risk of falling during their hospitalisation and 28 (22%) felt that they would injure themselves if they were to fall. Self-perceived risk of falls was associated with decreasing age and lower cognitive function (Functional Independence Measure Cognitive score). A majority of patients felt that falls most commonly occur in the bathroom [n=67 (54%)] and that if they were to fall, they would fall in the bathroom [n=56 (45%)]. Discussion: Patients generally do not think they are at risk of falling while in hospital and this may contribute to poor adherence to falls prevention strategies. It is possible that raising patient perception of the risk of falls and injury from falls in hospitals may help improve adherence to falls prevention strategies in this setting.

A security architecture for cloud storage combining proofs of retrievability and fairness

We investigate existing cloud storage schemes and identify limitations in each one based on the security services that they provide. We then propose a new cloud storage architecture that extends CloudProof of Popa et al. to provide availability assurance. This is accomplished by incorporating a proof of storage protocol. As a result, we obtain the first secure storage cloud computing scheme that furnishes all three properties of availability, fairness and freshness.

A comparison of security of tenure in Queensland and in Western Europe

Queensland residential tenancies are usually granted for up to 12 months with no guarantee of renewal. On expiration of the term, the landlord, without need to provide an explanation, can require the tenant to leave. Europeans find this unusual. As Hammar observes, to ‘never be sure whether ... you will be allowed to stay for another year ... is ok for a student, or for someone working ... but not for households’. This article informs Queensland policy makers and industry about European practices and concludes by proposing legislative amendments to realise the tenant’s security of tenure.

Security constrained economic dispatch considering wind energy conversion systems

The available wind power is stochastic and requires appropriate tools in the OPF model for economic and reliable power system operation. This paper exhibit the OPF formulation with factors involved in the intermittency of wind power. Weibull distribution is adopted to find the stochastic wind speed and power distribution. The reserve requirement is evaluated based on the wind distribution and risk of under/over estimation of the wind power. In addition, the Wind Energy Conversion System (WECS) is represented by Doubly Fed Induction Generator (DFIG) based wind farms. The reactive power capability for DFIG based wind farm is also analyzed. The study is performed on IEEE-30 bus system with wind farm located at different buses and with different wind profiles. Also the reactive power capacity to be installed in the wind farm to maintain a satisfactory voltage profile under the various wind flow scenario is demonstrated.