Operations Research, Systems Engineering and Industrial Engineering Commons^™

Reinforcing Digital Trust For Cloud Manufacturing Through Data Provenance Using Ethereum Smart Contracts, Trupti Narayan Rane

Engineering Management & Systems Engineering Theses & Dissertations

Cloud Manufacturing(CMfg) is an advanced manufacturing model that caters to fast-paced agile requirements (Putnik, 2012). For manufacturing complex products that require extensive resources, manufacturers explore advanced manufacturing techniques like CMfg as it becomes infeasible to achieve high standards through complete ownership of manufacturing artifacts (Kuan et al., 2011). CMfg, with other names such as Manufacturing as a Service (MaaS) and Cyber Manufacturing (NSF, 2020), addresses the shortcoming of traditional manufacturing by building a virtual cyber enterprise of geographically distributed entities that manufacture custom products through collaboration.

With manufacturing venturing into cyberspace, Digital Trust issues concerning product quality, data, and intellectual …

Rattus Norvegicus As A Biological Detector Of Clandestine Remains And The Use Of Ultrasonic Vocalizations As A Locating Mechanism, Gabrielle M. Johnston

Master's Theses

In investigations, locating missing persons and clandestine remains are imperative. One way that first responder and police agencies can search for the remains is by using cadaver dogs as biological detectors. Cadaver dogs are typically used due to their olfactory sensitivity and ability to detect low concentrations of volatile organic compounds produced by biological remains. Cadaver dogs are typically chosen for their stamina, agility, and olfactory sensitivity. However, what is not taken into account often is the size of the animal and the expense of maintaining and training the animal. Cadaver dogs are typically large breeds that cannot fit in …

Trace Dna Detection Using Diamond Dye: A Recovery Technique To Yield More Dna, Leah Davis

Master's Theses

This study aspires to find a new screening approach to trace DNA recovery techniques to yield a higher quantity of trace DNA from larger items of evidence. It takes the path of visualizing trace DNA on items of evidence with potential DNA so analysts can swab a more localized area rather than attempting to recover trace DNA through the general swabbing technique currently used for trace DNA recovery. The first and second parts consisted of observing trace DNA interaction with Diamond Dye on porous and non-porous surfaces.

The third part involved applying the Diamond Dye solution by spraying it onto …

Cybersecurity And Digital Privacy Aspects Of V2x In The Ev Charging Structure, Umit Cali, Murat Kuzlu, Onur Elma, Osman Gazi Gucluturk, Ahmet Kilic, Ferhat Ozgur Catak

Engineering Technology Faculty Publications

With the advancement of green energy technology and rising public and political acceptance, electric vehicles (EVs) have grown in popularity. Electric motors, batteries, and charging systems are considered major components of EVs. The electric power infrastructure has been designed to accommodate the needs of EVs, with an emphasis on bidirectional power flow to facilitate power exchange. Furthermore, the communication infrastructure has been enhanced to enable cars to communicate and exchange information with one another, also known as Vehicle-to-Everything (V2X) technology. V2X is positioned to become a bigger and smarter system in the future of transportation, thanks to upcoming digital technologies …

Supporting The Discovery, Reuse, And Validation Of Cybersecurity Requirements At The Early Stages Of The Software Development Lifecycle, Jessica Antonia Steinmann

Doctoral Dissertations and Master's Theses

The focus of this research is to develop an approach that enhances the elicitation and specification of reusable cybersecurity requirements. Cybersecurity has become a global concern as cyber-attacks are projected to cost damages totaling more than $10.5 trillion dollars by 2025. Cybersecurity requirements are more challenging to elicit than other requirements because they are nonfunctional requirements that requires cybersecurity expertise and knowledge of the proposed system. The goal of this research is to generate cybersecurity requirements based on knowledge acquired from requirements elicitation and analysis activities, to provide cybersecurity specifications without requiring the specialized knowledge of a cybersecurity expert, and …

A Qualitative Look Into Repair Practices, Jumana Labib

Undergraduate Student Research Internships Conference

This research poster is based on a working research paper which moves beyond the traditional scope of repair and examines the Right to Repair movement from a smaller, more personal lens by detailing the 6 categorical impediments as dubbed by Dr. Alissa Centivany (design, law, economic/business strategy, material asymmetry, informational asymmetry, and social impediments) have continuously inhibited repair and affected repair practices, which has consequently had larger implications (environmental, economic, social, etc.) on ourselves, our objects, and our world. The poster builds upon my research from last year (see "The Right to Repair: (Re)building a better future"), this time pulling …

Predictors Of Email Response: Determinants Of The Intention Of Not Following Security Recommendations, Miguel Angel Toro-Jarrin

Engineering Management & Systems Engineering Theses & Dissertations

Organizations and government leaders are concerned about cyber incidents. For some time, researchers have studied what motivates people to act in ways that put the confidentiality, integrity, and availability of information in organizations at risk. Still, several areas remained unexplored, including the role of employees’ evaluation of the organizational systems and the role of value orientation at work as precursors of secure and insecure actions in relation to information technologies (information security [IS] action). The objective of this research project was to examine how the evaluations of formal and informal security norms are associated with the intention to follow them …

Precursors Of Email Response To Cybersecurity Scenarios: Factor Exploration And Scale Development, Miguel A. Toro-Jarrin, Pilar Pazos-Lago, Miguel Padilla

Engineering Management & Systems Engineering Faculty Publications

In the last decade, information security research has further expanded to include human factors as key elements of the organization's cybersecurity infrastructure. Numerous factors from several theories have been explored to explain and predict the multitude of information security-related behaviors in organizations. Lately, there has been a call for the study of specific cybersecurity behaviors in contextualized scenarios that reflect specific and realistic situations of a potential cyber-attack. This paper focuses on precursors of email response in situations that can be the origin of cybersecurity incidents in organizations (i.e., phishing attacks, ransomware, etc.). This study explores participants' intentions to follow …

Integration Of Blockchain Technology Into Automobiles To Prevent And Study The Causes Of Accidents, John Kim

Electronic Theses, Projects, and Dissertations

Automobile collisions occur daily. We now live in an information-driven world, one where technology is quickly evolving. Blockchain technology can change the automotive industry, the safety of the motoring public and its surrounding environment by incorporating this vast array of information. It can place safety and efficiency at the forefront to pedestrians, public establishments, and provide public agencies with pertinent information securely and efficiently. Other industries where Blockchain technology has been effective in are as follows: supply chain management, logistics, and banking. This paper reviews some statistical information regarding automobile collisions, Blockchain technology, Smart Contracts, Smart Cities; assesses the feasibility …

The Maritime Domain Awareness Center– A Human-Centered Design Approach, Gary Gomez

Political Science & Geography Faculty Publications

This paper contends that Maritime Domain Awareness Center (MDAC) design should be a holistic approach integrating established knowledge about human factors, decision making, cognitive tasks, complexity science, and human information interaction. The design effort should not be primarily a technology effort that focuses on computer screens, information feeds, display technologies, or user interfaces. The existence of a room with access to vast amounts of information and wall-to-wall video screens of ships, aircraft, weather data, and other regional information does not necessarily correlate to possessing situation awareness. Fundamental principles of human-centered information design should guide MDAC design and technology selection, and …

Enterprise Resource Allocation For Intruder Detection And Interception, Adam B. Haywood

Theses and Dissertations

This research considers the problem of an intruder attempting to traverse a defender's territory in which the defender locates and employs disparate sets of resources to lower the probability of a successful intrusion. The research is conducted in the form of three related research components. The first component examines the problem in which the defender subdivides their territory into spatial stages and knows the plan of intrusion. Alternative resource-probability modeling techniques as well as variable bounding techniques are examined to improve the convergence of global solvers for this nonlinear, nonconvex optimization problem. The second component studies a similar problem but …

Cybersecurity Risk Assessment Using Graph Theoretical Anomaly Detection And Machine Learning, Goksel Kucukkaya

Engineering Management & Systems Engineering Theses & Dissertations

The cyber domain is a great business enabler providing many types of enterprises new opportunities such as scaling up services, obtaining customer insights, identifying end-user profiles, sharing data, and expanding to new communities. However, the cyber domain also comes with its own set of risks. Cybersecurity risk assessment helps enterprises explore these new opportunities and, at the same time, proportionately manage the risks by establishing cyber situational awareness and identifying potential consequences. Anomaly detection is a mechanism to enable situational awareness in the cyber domain. However, anomaly detection also requires one of the most extensive sets of data and features …

Integrated Cyberattack Detection And Handling For Nonlinear Systems With Evolving Process Dynamics Under Lyapunov-Based Economic Model Predictive Control, Keshav Kasturi Rangan, Henrique Oyama, Helen Durand

Chemical Engineering and Materials Science Faculty Research Publications

Safety-critical processes are becoming increasingly automated and connected. While automation can increase effciency, it brings new challenges associated with guaranteeing safety in the presence of uncertainty especially in the presence of control system cyberattacks. One of the challenges for developing control strategies with guaranteed safety and cybersecurity properties under suffcient conditions is the development of appropriate detection strategies that work with control laws to prevent undetected attacks that have immediate closed-loop stability consequences. Achieving this, in the presence of uncertainty brought about by plant/model mismatch and process dynamics that can change with time, requires a fundamental understanding of the characteristics …

Enhancing Cyberweapon Effectiveness Methodology With Se Modeling Techniques: Both For Offense And Defense, C. Ariel Pinto, Matthew Zurasky, Fatine Elakramine, Safae El Amrani, Raed M. Jaradat, Chad Kerr, Vidanelage L. Dayarathna

Engineering Management & Systems Engineering Faculty Publications

A recent cyberweapons effectiveness methodology clearly provides a parallel but distinct process from that of kinetic weapons – both for defense and offense purposes. This methodology promotes consistency and improves cyberweapon system evaluation accuracy – for both offensive and defensive postures. However, integrating this cyberweapons effectiveness methodology into the design phase and operations phase of weapons systems development is still a challenge. The paper explores several systems engineering modeling techniques (e.g., SysML) and how they can be leveraged towards an enhanced effectiveness methodology. It highlights how failure mode analyses (e.g., FMEA) can facilitate cyber damage determination and target assessment, how …

Cyber-Assets At Risk (Car): Monetary Impact Of Personally Identifiable Information Data Breaches On Companies, Omer Ilker Poyraz

Engineering Management & Systems Engineering Theses & Dissertations

Cyber-systems provide convenience, ubiquity, economic advantage, and higher efficiency to both individuals and organizations. However, vulnerabilities of the cyber domain also offer malicious actors with the opportunities to compromise the most sensitive information. Recent cybersecurity incidents show that a group of hackers can cause a massive data breach, resulting in companies losing competitive advantage, reputation, and money. Governments have since taken some actions in protecting individuals and companies from such crime by authorizing federal agencies and developing regulations. To protect the public from losing their most sensitive records, governments have also been compelling companies to follow cybersecurity regulations. If companies …

Evaluating The Resiliency Of Industrial Internet Of Things Process Control Using Protocol Agnostic Attacks, Hector L. Roldan

Theses and Dissertations

Improving and defending our nation's critical infrastructure has been a challenge for quite some time. A malfunctioning or stoppage of any one of these systems could result in hazardous conditions on its supporting populace leading to widespread damage, injury, and even death. The protection of such systems has been mandated by the Office of the President of the United States of America in Presidential Policy Directive Order 21. Current research now focuses on securing and improving the management and efficiency of Industrial Control Systems (ICS). IIoT promises a solution in enhancement of efficiency in ICS. However, the presence of IIoT …

”Cyberworld” As A Theme For A University-Wide First-Year Common Course, Kristen Przyborski, Frank Breitinger, Lauren Beck, Ronald S. Harichandran

Engineering and Applied Science Education Faculty Publications

Nowadays we all live in a cyber world and use the internet for emailing, banking, streaming video, shopping, reading news, or other activities. Given all the time people spend online, it is important that all students (regardless of their major) learn some basics about living in a cyber world, e.g., strategies for online safety, impact of artificial intelligence, digital forensics or ancestry.com. To facilitate students from many majors to learn about important issues related to the internet, eight faculty from a variety of disciplines at the University of New Haven integrated the theme of Cyber World into our team-taught, first-year …

Quantifying Impact Of Cyber Actions On Missions Or Business Processes: A Multilayer Propagative Approach, Unal Tatar

Engineering Management & Systems Engineering Theses & Dissertations

Ensuring the security of cyberspace is one of the most significant challenges of the modern world because of its complexity. As the cyber environment is getting more integrated with the real world, the direct impact of cybersecurity problems on actual business frequently occur. Therefore, operational and strategic decision makers in particular need to understand the cyber environment and its potential impact on business. Cyber risk has become a top agenda item for businesses all over the world and is listed as one of the most serious global risks with significant financial implications for businesses.

Risk analysis is one of the …

A Study Of Perceptions On Incident Response Exercises, Information Sharing, Situational Awareness, And Incident Response Planning In Power Grid Utilities, Joseph Garmon

Electronic Theses and Dissertations

The power grid is facing increasing risks from a cybersecurity attack. Attacks that shut off electricity in Ukraine have already occurred, and successful compromises of the power grid that did not shut off electricity to customers have been privately disclosed in North America. The objective of this study is to identify how perceptions of various factors emphasized in the electric sector affect incident response planning. Methods used include a survey of 229 power grid personnel and the use of partial least squares structural equation modeling to identify causal relationships. This study reveals the relationships between perceptions by personnel responsible for …

Developing A Cyberterrorism Policy: Incorporating Individual Values, Osama Bassam J. Rabie

Theses and Dissertations

Preventing cyberterrorism is becoming a necessity for individuals, organizations, and governments. However, current policies focus on technical and managerial aspects without asking for experts and non-experts values and preferences for preventing cyberterrorism. This study employs value focused thinking and public value forum to bare strategic measures and alternatives for complex policy decisions for preventing cyberterrorism. The strategic measures and alternatives are per socio-technical process.

Pedagogical Resources For Industrial Control Systems Security: Design, Implementation, Conveyance, And Evaluation, Guillermo A. Francia Iii, Greg Randall, Jay Snellen

Journal of Cybersecurity Education, Research and Practice

Industrial Control Systems (ICS), which are pervasive in our nation’s critical infrastructures, are becoming increasingly at risk and vulnerable to internal and external threats. It is imperative that the future workforce be educated and trained on the security of such systems. However, it is equally important that careful and deliberate considerations must be exercised in designing and implementing the educational and training activities that pertain to ICS. To that end, we designed and implemented pedagogical materials and tools to facilitate the teaching and learning processes in the area of ICS security. In this paper, we describe those resources, the professional …

Toward Automating Web Protocol Configuration For A Programmable Logic Controller Emulator, Deanna R. Fink

Theses and Dissertations

Industrial Control Systems (ICS) remain vulnerable through attack vectors that exist within programmable logic controllers (PLC). PLC emulators used as honeypots can provide insight into these vulnerabilities. Honeypots can sometimes deter attackers from real devices and log activity. A variety of PLC emulators exist, but require manual figuration to change their PLC pro le. This limits their flexibility for deployment. An automated process for configuring PLC emulators can open the door for emulation of many types of PLCs. This study investigates the feasibility of creating such a process. The research creates an automated process for figuring the web protocols of …

Anonymous Authentication Of Visitors For Mobile Crowd Sensing At Amusement Parks, Divyan Konidala, Robert H. Deng, Yingjiu Li, Hoong Chuin Lau, Stephen Fienberg

Research Collection School Of Computing and Information Systems

In this paper we focus on authentication and privacy aspects of an application scenario that utilizes mobile crowd sensing for the benefit of amusement park operators and their visitors. The scenario involves a mobile app that gathers visitors’ demographic details, preferences, and current location coordinates, and sends them to the park’s sever for various analyses. These analyses assist the park operators to efficiently deploy their resources, estimate waiting times and queue lengths, and understand the behavior of individual visitors and groups. The app server also offers visitors optimal recommendations on routes and attractions for an improved dynamic experience and minimized …

Locating And Protecting Facilities Subject To Random Disruptions And Attacks, Hugh Medal

Graduate Theses and Dissertations

Recent events such as the 2011 Tohoku earthquake and tsunami in Japan have revealed the vulnerability of networks such as supply chains to disruptive events. In particular, it has become apparent that the failure of a few elements of an infrastructure system can cause a system-wide disruption. Thus, it is important to learn more about which elements of infrastructure systems are most critical and how to protect an infrastructure system from the effects of a disruption. This dissertation seeks to enhance the understanding of how to design and protect networked infrastructure systems from disruptions by developing new mathematical models and …

Measuring The Utility Of A Cyber Incident Mission Impact Assessment (Cimia) Process For Mission Assurance, Christy L. Peterson

Theses and Dissertations

Information is a critical asset on which virtually all modern organizations depend upon to meet their operational mission objectives. Military organizations, in particular, have embedded Information and Communications Technologies (ICT) into their core mission processes as a means to increase their operational efficiency, exploit automation, improve decision quality, and shorten the kill chain. However, the extreme dependence upon ICT results in an environment where a cyber incident can result in severe mission degradation, or possibly failure, with catastrophic consequences to life, limb, and property. These consequences can be minimized by maintaining real-time situational awareness of mission critical resources so appropriate …

Host-Based Multivariate Statistical Computer Operating Process Anomaly Intrusion Detection System (Paids), Glen R. Shilland

Theses and Dissertations

No abstract provided.

Internet Protocol Geolocation: Development Of A Delay-Based Hybrid Methodology For Locating The Geographic Location Of A Network Node, John M. Roehl

Theses and Dissertations

Internet Protocol Geolocation (IP Geolocation), the process of determining the approximate geographic location of an IP addressable node, has proven useful in a wide variety of commercial applications. Commercial applications of IP Geolocation include market research, redirection for performance enhancement, restricting content, and combating fraud. The potential for military applications include securing remote access via geographic authentication, intelligence collection, and cyber attack attribution. IP Geolocation methods can be divided into three basic categories based upon what information is used to determine the geographic location of the given IP address: 1) Information contained in databases, 2) information that is leaked during …

Beyond Passswords: Usage And Policy Transformation, Alan S. Alsop

Theses and Dissertations

The purpose of this research is to determine whether the transition to a two-factor authentication system is more secure than a system that relied only on what users “know” for authentication. While we found that factors that made passwords inherently vulnerable did not transfer to the PIN portion of a two-factor authentication system, we did find significant problems relating to usability, worker productivity, and the loss and theft of smart cards. The new authentication method has disrupted our ability to stay connected to ongoing mission issues, forced some installations to cut off remote access for their users and in one …

Recommendations For A Standardized Program Management Office (Pmo) Time Compliance Network Order (Tcno) Patching Process, Michael Czumak Iii

Theses and Dissertations

Network security is a paramount concern for organizations utilizing computer technology, and the Air Force is no exception. Network software vulnerability patching is a critical determinant of network security. The Air Force deploys these patches as Time Compliance Network Orders (TCNOs), which together with associated processes and enforced timelines ensure network compliance. While the majority of the network assets affected by this process are Air Force owned and operated, a large number are maintained by external entities known as Program Management Offices (PMOs). Although these externally controlled systems provide a service to the Air Force and reside on its network, …

Passwords: A Survey On Usage And Policy, Kurt W. Martinson

Theses and Dissertations

Computer password use is on the rise. Passwords have become one of the primary authentication methods used today. It is because of their high use that organizations have started to place parameters on passwords. Are password restrictions a nuisance? What are some of the consequences that result as organizations place the burden of their computer security on passwords? This thesis analyzes the results of a survey instrument that was used to determine if individuals are using similar techniques or patterns when choosing or remembering their passwords. It also looks at how individuals feel about using passwords. In addition, the authors …