Analysis of Automotive Cybersecurity - Attack surfaces and users’ privacy concerns

Modern automobiles are no longer just mechanical tools. The electronics and computing services they are shipping with are making them not less than a computer. They are massive kinetic devices with sophisticated computing power. Most of the modern vehicles are made with the added connectivity in mind which may be vulnerable to outside attack. Researchers have shown that it is possible to infiltrate into a vehicle’s internal system remotely and control the physical entities such as steering and brakes. It is quite possible to experience such attacks on a moving vehicle and unable to use the controls. These massive connected computers can be life threatening as they are related to everyday lifestyle. First part of this research studied the attack surfaces in the automotive cybersecurity domain. It also illustrated the attack methods and capabilities of the damages. Online survey has been deployed as data collection tool to learn about the consumers’ usage of such vulnerable automotive services. The second part of the research portrayed the consumers’ privacy in automotive world. It has been found that almost hundred percent of modern vehicles has the capabilities to send vehicle diagnostic data as well as user generated data to their manufacturers, and almost thirty five percent automotive companies are collecting them already. Internet privacy has been studies before in many related domain but no privacy scale were matched for automotive consumers. It created the research gap and motivation for this thesis. A study has been performed to use well established consumers privacy scale – IUIPC to match with the automotive consumers’ privacy situation. Hypotheses were developed based on the IUIPC model for internet consumers’ privacy and they were studied by the finding from the data collection methods. Based on the key findings of the research, all the hypotheses were accepted and hence it is found that automotive consumers’ privacy did follow the IUIPC model under certain conditions. It is also found that a majority of automotive consumers use the services and devices that are vulnerable and prone to cyber-attacks. It is also established that there is a market for automotive cybersecurity services and consumers are willing to pay certain fees to avail that.

Analysis of Automotive Cybersecurity - Attack surfaces and users’ privacy concerns

Modern automobiles are no longer just mechanical tools. The electronics and computing services they are shipping with are making them not less than a computer. They are massive kinetic devices with sophisticated computing power. Most of the modern vehicles are made with the added connectivity in mind which may be vulnerable to outside attack. Researchers have shown that it is possible to infiltrate into a vehicle’s internal system remotely and control the physical entities such as steering and brakes. It is quite possible to experience such attacks on a moving vehicle and unable to use the controls. These massive connected computers can be life threatening as they are related to everyday lifestyle. First part of this research studied the attack surfaces in the automotive cybersecurity domain. It also illustrated the attack methods and capabilities of the damages. Online survey has been deployed as data collection tool to learn about the consumers’ usage of such vulnerable automotive services. The second part of the research portrayed the consumers’ privacy in automotive world. It has been found that almost hundred percent of modern vehicles has the capabilities to send vehicle diagnostic data as well as user generated data to their manufacturers, and almost thirty five percent automotive companies are collecting them already. Internet privacy has been studies before in many related domain but no privacy scale were matched for automotive consumers. It created the research gap and motivation for this thesis. A study has been performed to use well established consumers privacy scale – IUIPC to match with the automotive consumers’ privacy situation. Hypotheses were developed based on the IUIPC model for internet consumers’ privacy and they were studied by the finding from the data collection methods. Based on the key findings of the research, all the hypotheses were accepted and hence it is found that automotive consumers’ privacy did follow the IUIPC model under certain conditions. It is also found that a majority of automotive consumers use the services and devices that are vulnerable and prone to cyber-attacks. It is also established that there is a market for automotive cybersecurity services and consumers are willing to pay certain fees to avail that.

Magazine publishers and their online strategies

It seems as if magazine publishers have only haphazardly listed multiple goals for their websites, and have not carefully reflectedon how to achieve them. We present a framework for defining a magazine's onlinestrategy based on previous studies and on secondary data from the industry. We identify three steps in the strategy process. The first is to determine whether the magazine would actually benefit from online presence: although most magazines will never make money from their websites, a web presence may still be justified. The second step is to choose an optimal online strategy that matches the magazine's competitive strategy. Finally, we argue that magazine publishers should carefully consider to what extent they should allow their readers to be involvedin the web pages. This interactivity could be seen as a key factor in exploiting the unique nature of the Internet. It is our understanding that virtual communities could, at best, be a way of creating more value for a magazine's readers, advertisers and editors, alike. We formulate a typology of five different onlinebusiness concepts for magazines based on these three strategic steps.

The synchronization of personal information between mobile devices and online services by using SyncML

Monet henkilökohtaiset mobiililaitteet tarjoavat mahdollisuuden tallentaa henkilötietoja ja mahdollisuuden lyhyen kantaman radiotekniikoiden hyödyntämiseen. Vastaavasti henkilötietoja käyttävien tai vaativien verkkopalveluiden määrä on kasvussa. Mobiililaitteisiin tallennetut henkilötiedot tarjoavat potentiaalisen keinon välttää samojen henkilötietojen toistuva käsinsyöttö erilaisiin verkkopalveluihin ja keskitettyyn ajantasallapitoon. Tässä työssä käydään läpi ratkaisumalli henkilökohtaisen mobiililaitteen ja verkkopalveluiden välillä tapahtuvaan henkilötietojen siirtoon ja synkronointiin. Malli pohjautuu selainlaajennukseen, joka voi pyytää sekä selaimessa auki olevalta verkkopalvelun sivulta että mobiililta päätelaitteelta senhetkiset henkilötiedot ja synkronoida ne. Jo olemassaolevia henkilötietojen hallintaa helpottavia ratkaisuja käydään läpi arvioiden käyttökelpoisuutta tämänkaltaisiin tarpeisiin. Ratkaisumallin kannalta olennaiset tekniikat ja standardit, erityisesti Bluetooth ja SyncML, esitellään. Ratkaisumallin arkkitehtuuri käydään korkealla tasolla läpi ja esitellään toteutuksen yksityiskohtia. Tuloksena on periaatteeltaan kelvollinen henkilökohtaisten tietojen synkronointijärjestelmä, jonka toteutusta nykyisten mobiilien päätelaitteiden toiminnallisuus jossain määrin hankaloittaa.

Ilmakehan hiukkasmaisten ioniyhdisteiden online-mittaus

Ilmakehän hiukkaset aiheuttavat merkittäviä ympäristö- ja terveyshaittoja, joihin vaikuttaa hiukkasten kemiallinen koostumus. Hiukkasten kemiallisesta koostumuksesta voidaan hankkia tietoa hiukkasmittauksilla. Työn tavoitteena oli rakentaa jatkuvatoiminen mittausjärjestelmä, jolla voidaan mitata ilmakehän aerosolihiukkasten ionipitoisuuksia. Mittausjärjestelmä koostuu virtuaali-impaktorista, denuderputkista, PILS-laitteesta ja ionikromatografista. Näyteilmavirtaus kulkee ensin esierottimena toimivan virtuaali-impaktorm lävitse, joka poistaa aerodynaamiselta halkaisijaltaan 1,3 um:a suuremmat hiukkaset ilmavirtauksesta. Näyte, joka sisältää 1,3 um:a pienemmät hiukkaset kulkee virtuaali-impaktorin jälkeen kahden 1 % KOH-liuoksella käsitellyn denuderputken lävitse, joilla poistetaan hiukkasmääritystä häiritsevät happamat kaasut näytevirtauksesta. Denuderputkien jälkeen ilmavirtaus saapuu PILS-laitteeseen, jossa hiukkaset kasvatetaan vesihöyryn avulla aerosolipisaroiksi, törmäytetään keräyslevyyn ja sekoitetaan sen jälkeen sisäistä standardiainetta (NaBr) sisältavään kuljetusliuokseen. Kuljetusliuoksen ja aerosolipisaroiden seoksesta koostuva näyteliuos johdetaan PILS-laitteesta ionikromatografille analysoitavaksi. Mittausjärjestelmään liitetyllä ionikromatografilla voidaan analysoida neljä näytetta tunnissa. Näytteistä määritettävät anionit olivat sulfaatti, nitraatti ja kloridi. PILS-mittausjärjestelmää testattiin keräämällä hiukkasnäytteitä samanaikaisesti PILS-laitteella sekä virtuaali-impaktorilla tai suodatinkeräimellä ja vertaamalla saatuja aerosolihiukkasten sulfaattipitoisuuksia keskenään. Testeissa kerättiin joko VOAG-laitteella tuotettuja ammoniumsulfaattihiukkasia tai laboratorion huoneilmaa. PILS-mittausjärjestelmällä mitatut sulfaattipitoisuudet olivat 2-20 % pienempia kuin suodatinkeraimella mitatut, kun kerättiin keinotekoisesti tuotettuja ammoniumsulfaattihiukkasia. Huoneilmaa kerättäessä PILS-mittausjärjestelmällä saadut pitoisuudet olivat noin 10 % pienempiä kuin suodatinkeräystulokset. Koetulokset osoittivat, että mittausjärjestelmällä saadaan analysoiduksi luotettavasti hiukkasten sulfaattipitoisuudet.

Security and Privacy in a Ubiquitous Information Screen

We expose the ubiquitous interaction between an information screen and its’ viewers mobile devices, highlights the communication vulnerabilities, suggest mitigation strategies and finally implement these strategies to secure the communication. The screen infers information preferences’ of viewers within its vicinity transparently from their mobile devices over Bluetooth. Backend processing then retrieves up-to-date versions of preferred information from content providers. Retrieved content such as sporting news, weather forecasts, advertisements, stock markets and aviation schedules, are systematically displayed on the screen. To maximise users’ benefit, experience and acceptance, the service is provided with no user interaction at the screen and securely upholding preferences privacy and viewers anonymity. Compelled by the personal nature of mobile devices, their contents privacy, preferences confidentiality, and vulnerabilities imposed by screen, the service’s security is fortified. Fortification is predominantly through efficient cryptographic algorithms inspired by elliptic curves cryptosystems, access control and anonymity mechanisms. These mechanisms are demonstrated to attain set objectives within reasonable performance.

Validation of plant dynamic model by online and laboratory measurements – a tool to predict online COD loads out of production of mechanical printing papers

COD discharges out of processes have increased in line with elevating brightness demands for mechanical pulp and papers. The share of lignin-like substances in COD discharges is on average 75%. In this thesis, a plant dynamic model was created and validated as a means to predict COD loading and discharges out of a mill. The assays were carried out in one paper mill integrate producing mechanical printing papers. The objective in the modeling of plant dynamics was to predict day averages of COD load and discharges out of mills. This means that online data, like 1) the level of large storage towers of pulp and white water 2) pulp dosages, 3) production rates and 4) internal white water flows and discharges were used to create transients into the balances of solids and white water, referred to as “plant dynamics”. A conversion coefficient was verified between TOC and COD. The conversion coefficient was used for predicting the flows from TOC to COD to the waste water treatment plant. The COD load was modeled with similar uncertainty as in reference TOC sampling. The water balance of waste water treatment was validated by the reference concentration of COD. The difference of COD predictions against references was within the same deviation of TOC-predictions. The modeled yield losses and retention values of TOC in pulping and bleaching processes and the modeled fixing of colloidal TOC to solids between the pulping plant and the aeration basin in the waste water treatment plant were similar to references presented in literature. The valid water balances of the waste water treatment plant and the reduction model of lignin-like substances produced a valid prediction of COD discharges out of the mill. A 30% increase in the release of lignin-like substances in the form of production problems was observed in pulping and bleaching processes. The same increase was observed in COD discharges out of waste water treatment. In the prediction of annual COD discharge, it was noticed that the reduction of lignin has a wide deviation from year to year and from one mill to another. This made it difficult to compare the parameters of COD discharges validated in plant dynamic simulation with another mill producing mechanical printing papers. However, a trend of moving from unbleached towards high-brightness TMP in COD discharges was valid.

The Finnish Online University of Applied Sciences - from National to International

Julkaistu CD-ROM-levyllä

Online Community System Development, Case PROFCOM

The purpose of this bachelor's thesis is the development of online community. Nowadays Internet lets user to collaborate and share information online. Internet is also full of communities and the number of community users is continuously rising. Companies have also noticed this and want to make use of it. The result of the work was an online community for the use of PROFCOM research project. At the same time information was gathered about what kind of platforms are available as a backbone for an online community. Designing and developing of the online community provided experience about Drupal-environment. It also gave pros and cons of Drupal’s features. Drupal is a multifunctional software, which can handle big online communities, but its installation and maintenance is, however, reasonably simple.

Kalman Filtering in Online Paper Quality Assessment

Controlling the quality variables (such as basis weight, moisture etc.) is a vital part of making top quality paper or board. In this thesis, an advanced data assimilation tool is applied to the quality control system (QCS) of a paper or board machine. The functionality of the QCS is based on quality observations that are measured with a traversing scanner making a zigzag path. The basic idea is the following: The measured quality variable has to be separated into its machine direction (MD) and cross direction (CD) variations due to the fact that the QCS works separately in MD and CD. Traditionally this is done simply by assuming one scan of the zigzag path to be the CD profile and its mean value to be one point of the MD trend. In this thesis, a more advanced method is introduced. The fundamental idea is to use the signals’ frequency components to represent the variation in both CD and MD. To be able to get to the frequency domain, the Fourier transform is utilized. The frequency domain, that is, the Fourier components are then used as a state vector in a Kalman filter. The Kalman filter is a widely used data assimilation tool to combine noisy observations with a model. The observations here refer to the quality measurements and the model to the Fourier frequency components. By implementing the two dimensional Fourier transform into the Kalman filter, we get an advanced tool for the separation of CD and MD components in total variation or, to be more general, for data assimilation. A piece of a paper roll is analyzed and this tool is applied to model the dataset. As a result, it is clear that the Kalman filter algorithm is able to reconstruct the main features of the dataset from a zigzag path. Although the results are made with a very short sample of paper roll, it seems that this method has great potential to be used later on as a part of the quality control system.