Communication Architecture Design for Real-Time Networked Control Systems

Networked control over data networks has received increasing attention in recent years. Among many problems in networked control systems (NCSs) is the need to reduce control latency and jitter and to deal with packet dropouts. This paper introduces our recent progress on a queuing communication architecture for real-time NCS applications, and simple strategies for dealing with packet dropouts. Case studies for a middle-scale process or multiple small-scale processes are presented for TCP/IP based real-time NCSs. Variations of network architecture design are modelled, simulated, and analysed for evaluation of control latency and jitter performance. It is shown that a simple bandwidth upgrade or adding hierarchy does not necessarily bring benefits for performance improvement of control latency and jitter. A co-design of network and control is necessary to maximise the real-time control performance of NCSs

Robust Controller Design of Networked Control Systems with Nonlinear Uncertainties

We address robust stabilization problem for networked control systems with nonlinear uncertainties and packet losses by modelling such systems as a class of uncertain switched systems. Based on theories on switched Lyapunov functions, we derive the robustly stabilizing conditions for state feedback stabilization and design packet-loss dependent controllers by solving some matrix inequalities. A numerical example and some simulations are worked out to demonstrate the effectiveness of the proposed design method.

Characterising anomalous events using change point correlation on unsolicited network traffic

Monitoring unused or dark IP addresses offers opportunities to extract useful information about both on-going and new attack patterns. In recent years, different techniques have been used to analyze such traffic including sequential analysis where a change in traffic behavior, for example change in mean, is used as an indication of malicious activity. Change points themselves say little about detected change; further data processing is necessary for the extraction of useful information and to identify the exact cause of the detected change which is limited due to the size and nature of observed traffic. In this paper, we address the problem of analyzing a large volume of such traffic by correlating change points identified in different traffic parameters. The significance of the proposed technique is two-fold. Firstly, automatic extraction of information related to change points by correlating change points detected across multiple traffic parameters. Secondly, validation of the detected change point by the simultaneous presence of another change point in a different parameter. Using a real network trace collected from unused IP addresses, we demonstrate that the proposed technique enables us to not only validate the change point but also extract useful information about the causes of change points.

Identifying with an avatar : a multidisciplinary perspective

Avatars perform a complex range of inter-related functions. They not only allow us to express a digital identity, they facilitate the expression of physical motility and, through non-verbal expression, help to mediate social interaction in networked environments. When well designed, they can contribute to a sense of “presence” (a sense of being there) and a sense of “co-presence” (a sense of being there with others) in digital space. Because of this complexity, the study of avatars can be enriched by theoretical insights from a range of disciplines. This paper considers avatars from the perspectives of critical theory, visual communication, and art theory (on portraiture) to help elucidate the role of avatars as an expression of identity. It goes on to argue that identification with an avatar is also produced through their expression of motility and discusses the benefits of film theory for explaining this process. Conceding the limits of this approach, the paper draws on philosophies of body image, Human Computer Interaction (HCI) theory on embodied interaction, and fields as diverse as dance to explain the sense of identification, immersion, presence and co-presence that avatars can produce.

Searching the self in Seoul : trans-youth and urban social networking in Korea

This paper presents a brief analysis of Seoul trans-youth’s search for identity through urban social networking, arguing that technological, socio-cultural and environmental (urban) contexts frame how mobility and ubiquity are (re)created in Seoul. The paper is empirically based on fieldwork conducted in Seoul, South Korea, from 2007 to 2008 as part of a research project on the mobile play culture of Seoul trans-youth(a term that will be explained in detail in the following section). Shared Visual Ethnography (SVE) was used as the research method which involved sharing of visual ethnographic data that were created by the participants. More specifically, the participants were asked to take photos, which were then shared and discussed with other participants and the researcher on the photo-sharing service Flickr. The research also involved a questionnaire and daily activity diaries, as well as interviews. A total of 44 Korean transyouths – including 23 females and 21 males – participated in interviews and photo-sharing. The paper draws specifically on the qualitative data from individual and/or group interviews, the total duration of which was 2–2.5 hours for each participant.

Crossing the cultural divide : a contemporary holistic framework for conceptualising design studio education

While the studio is widely accepted as the learning environment where architecture students most effectively learn how to design (Mahgoub, 2007:195), there are surprisingly few studies that attempt to identify in a qualitative way the interrelated factors that contribute to and support design studio learning (Bose, 2007:131). Such a situation seems problematic given the changes and challenges facing education including design education. Overall, there is growing support for re-examining (perhaps redefining) the design studio particularly in response to the impact of new technologies but as this paper argues this should not occur independently of the other elements and qualities comprising the design studio. In this respect, this paper describes a framework developed for a doctoral project concerned with capturing and more holistically understanding the complexity and potential of the design studio to operate within an increasingly and largely unpredictable global context. Integral to this is a comparative analysis of selected cases underpinned by grounded theory methodology of the traditional design studio and the virtual design studio informed by emerging pedagogical theory and the experiences of those most intimately involved – students and lecturers. In addition to providing a conceptual model for future research, the framework is of value to educators currently interested in developing as well as evaluating learning environments for design.

Detection and prevention of distributed denial of services attacks by collaborative effort of software agents, first prototype implementation

Distributed Denial of Services DDoS, attacks has become one of the biggest threats for resources over Internet. Purpose of these attacks is to make servers deny from providing services to legitimate users. These attacks are also used for occupying media bandwidth. Currently intrusion detection systems can just detect the attacks but cannot prevent / track the location of intruders. Some schemes also prevent the attacks by simply discarding attack packets, which saves victim from attack, but still network bandwidth is wasted. In our opinion, DDoS requires a distributed solution to save wastage of resources. The paper, presents a system that helps us not only in detecting such attacks but also helps in tracing and blocking (to save the bandwidth as well) the multiple intruders using Intelligent Software Agents. The system gives dynamic response and can be integrated with the existing network defense systems without disturbing existing Internet model. We have implemented an agent based networking monitoring system in this regard.

Evaluation of distributed control signaling protocols in GMPLS

GMPLS is a generalized form of MPLS (MultiProtocol Label Switching). MPLS is IP packet based and it uses MPLS-TE for Packet Traffic Engineering. GMPLS is extension to MPLS capabilities. It provides separation between transmission, control and management plane and network management. Control plane allows various applications like traffic engineering, service provisioning, and differentiated services. GMPLS control plane architecture includes signaling (RSVP-TE, CR-LDP) and routing (OSPF-TE, ISIS-TE) protocols. This paper provides an overview of the signaling protocols, describes their main functionalities, and provides a general evaluation of both the protocols.

Use of IP addresses for high rate flooding attack detection

High-rate flooding attacks (aka Distributed Denial of Service or DDoS attacks) continue to constitute a pernicious threat within the Internet domain. In this work we demonstrate how using packet source IP addresses coupled with a change-point analysis of the rate of arrival of new IP addresses may be sufficient to detect the onset of a high-rate flooding attack. Importantly, minimizing the number of features to be examined, directly addresses the issue of scalability of the detection process to higher network speeds. Using a proof of concept implementation we have shown how pre-onset IP addresses can be efficiently represented using a bit vector and used to modify a “white list” filter in a firewall as part of the mitigation strategy.

Reinforcing bad behaviour : the misuse of security indicators on popular websites

Before making a security or privacy decision, Internet users should evaluate several security indicators in their browser, such as the use of HTTPS (indicated via the lock icon), the domain name of the site, and information from extended validation certificates. However, studies have shown that human subjects infrequently employ these indicators, relying on other indicators that can be spoofed and convey no cryptographic assurances. We identify four simple security indicators that accurately represent security properties of the connection and then examine 125 popular websites to determine if the sites' designs result in correctly displayed security indicators during login. In the vast majority of cases, at least some security indicators are absent or suboptimal. This suggests users are becoming habituated to ignoring recommended security indicators.

Centrally supported online surveys for research at QUT

We describe the introduction, service growth, benefits and holistic support approach of a centrally supported universitywide online survey tool for researchers at QUT. The online survey service employs the Key Survey software, and has grown into a significant service for QUT researchers since being introduced in 2009. Key benefits of the approach include the ability of QUT to handle important issues relating to data such as security, privacy, integrity, archiving & disposal. The service also incorporates a workflow process that enhances the institution’s ability to ensure survey quality control through controlled approval and pilot testing before any survey is widely released. An important issue is that a tool like this can make it very easy to do very poor research very quickly while creating lots of data, due to the absence of a rigorous methodology designed to reduce errors and collect accurate, comprehensive, timely data. With this in mind, a holistic approach to service provision and support has been taken, which has included the introduction of an integrated system of seminars, tools and workshops to get researchers thinking about the quality of their research while becoming operational quickly. The system of seminars, workshops, checks and approvals we have put in place at QUT is designed to ensure better quality outcomes for QUT’s research and the individual researchers concerned.

Test and evaluation system for multi-protocol sampled value protection schemes

Proposed transmission smart grids will use a digital platform for the automation of substations operating at voltage levels of 110 kV and above. The IEC 61850 series of standards, released in parts over the last ten years, provide a specification for substation communications networks and systems. These standards, along with IEEE Std 1588-2008 Precision Time Protocol version 2 (PTPv2) for precision timing, are recommended by the both IEC Smart Grid Strategy Group and the NIST Framework and Roadmap for Smart Grid Interoperability Standards for substation automation. IEC 61850-8-1 and IEC 61850-9-2 provide an inter-operable solution to support multi-vendor digital process bus solutions, allowing for the removal of potentially lethal voltages and damaging currents from substation control rooms, a reduction in the amount of cabling required in substations, and facilitates the adoption of non-conventional instrument transformers (NCITs). IEC 61850, PTPv2 and Ethernet are three complementary protocol families that together define the future of sampled value digital process connections for smart substation automation. This paper describes a specific test and evaluation system that uses real time simulation, protection relays, PTPv2 time clocks and artificial network impairment that is being used to investigate technical impediments to the adoption of SV process bus systems by transmission utilities. Knowing the limits of a digital process bus, especially when sampled values and NCITs are included, will enable utilities to make informed decisions regarding the adoption of this technology.

Pseudoseeds : investigating long-distance, ocean seed dispersal with wireless sensors

Recent theoretical research has shown that ocean currents and wind interact to disperse seeds over long distances among isolated landmasses. Dispersal of seeds among isolated oceanic islands, by birds, oceans and man, is a well-known phenomenon, and many widespread island plants have traits that facilitate this process. Crucially, however, there have been no mechanistic vector-based models of long-distance dispersal for seeds among isolated oceanic islands based on empirical data. Here, we propose a plan to develop seed analogues, or pseudoseeds, fitted with wireless sensor technology that will enable high-fidelity tracking as they disperse across the ocean. The pseudoseeds will be precisely designed to mimic actual seed buoyancy and morphology enabling realistic and accurate, vector-based dispersal models of ocean seed dispersal over vast geographic scales.

Use of precision time protocol to synchronize sampled value process buses

Transmission smart grids will use a digital platform for the automation of high voltage substations. The IEC 61850 series of standards, released in parts over the last ten years, provide a specification for substation communications networks and systems. These standards, along with IEEE Std 1588-2008 Precision Time Protocol version 2 (PTPv2) for precision timing, are recommended by the both IEC Smart Grid Strategy Group and the NIST Framework and Roadmap for Smart Grid Interoperability Standards for substation automation. IEC 61850, PTPv2 and Ethernet are three complementary protocol families that together define the future of sampled value digital process connections for smart substation automation. A time synchronisation system is required for a sampled value process bus, however the details are not defined in IEC 61850-9-2. PTPv2 provides the greatest accuracy of network based time transfer systems, with timing errors of less than 100 ns achievable. The suitability of PTPv2 to synchronise sampling in a digital process bus is evaluated, with preliminary results indicating that steady state performance of low cost clocks is an acceptable ±300 ns, but that corrections issued by grandmaster clocks can introduce significant transients. Extremely stable grandmaster oscillators are required to ensure any corrections are sufficiently small that time synchronising performance is not degraded.

Performance and scalability assessment for non-certificate-based public key management in VANETS

Current research in secure messaging for Vehicular Ad hoc Networks (VANETs) appears to focus on employing a digital certificate-based Public Key Cryptosystem (PKC) to support security. The security overhead of such a scheme, however, creates a transmission delay and introduces a time-consuming verification process to VANET communications. This paper proposes a non-certificate-based public key management for VANETs. A comprehensive evaluation of performance and scalability of the proposed public key management regime is presented, which is compared to a certificate-based PKC by employing a number of quantified analyses and simulations. Not only does this paper demonstrate that the proposal can maintain security, but it also asserts that it can improve overall performance and scalability at a lower cost, compared to the certificate-based PKC. It is believed that the proposed scheme will add a new dimension to the key management and verification services for VANETs.