Search results for: static application security testing
14201 Static Application Security Testing Approach for Non-Standard Smart Contracts
Authors: Antonio Horta, Renato Marinho, Raimir Holanda
Abstract:
Considered as an evolution of the Blockchain, the Ethereum platform, besides allowing transactions of its cryptocurrency named Ether, it allows the programming of decentralised applications (DApps) and smart contracts. However, this functionality into blockchains has raised other types of threats, and the exploitation of smart contracts vulnerabilities has taken companies to experience big losses. This research intends to figure out the number of contracts that are under risk of being drained. Through a deep investigation, more than two hundred thousand smart contracts currently available in the Ethereum platform were scanned and estimated how much money is at risk. The experiment was based in a query run on Google Big Query in July 2022 and returned 50,707,133 contracts published on the Ethereum platform. After applying the filtering criteria, the experimentgot 430,584 smart contracts to download and analyse. The filtering criteria consisted of filtering out: ERC20 and ERC721 contracts, contracts without transactions, and contracts without balance. From this amount of 430,584 smart contracts selected, only 268,103 had source codes published on Etherscan, however, we discovered, using a hashing process, that there were contracts duplication. Removing the duplicated contracts, the process ended up with 20,417 source codes, which were analysed using the open source SAST tool smartbugswith oyente and securify algorithms. In the end, there was nearly $100,000 at risk of being drained from the potentially vulnerable smart contracts. It is important to note that the tools used in this study may generate false positives, which may interfere with the number of vulnerable contracts. To address this point, our next step in this research is to develop an application to test the contract in a parallel environment to verify the vulnerability. Finally, this study aims to alert users and companies about the risk on not properly creating and analysing their smart contracts before publishing them into the platform. As any other application, smart contracts are at risk of having vulnerabilities which, in this case, may result in direct financial losses.Keywords: blockchain, reentrancy, static application security testing, smart contracts
Procedia PDF Downloads 8814200 Development of a New Device for Bending Fatigue Testing
Authors: B. Mokhtarnia, M. Layeghi
Abstract:
This work presented an original bending fatigue-testing setup for fatigue characterization of composite materials. A three-point quasi-static setup was introduced that was capable of applying stress control load in different loading waveforms, frequencies, and stress ratios. This setup was equipped with computerized measuring instruments to evaluate fatigue damage mechanisms. A detailed description of its different parts and working features was given, and dynamic analysis was done to verify the functional accuracy of the device. Feasibility was validated successfully by conducting experimental fatigue tests.Keywords: bending fatigue, quasi-static testing setup, experimental fatigue testing, composites
Procedia PDF Downloads 13214199 Mobile Application Testing Matrix and Challenges
Authors: Bakhtiar Amen, Sardasht Mahmood, Joan Lu
Abstract:
The adoption of smartphones and the usages of mobile applications are increasing rapidly. Consequently, within limited time-range, mobile Internet usages have managed to take over the desktop usages particularly since the first smartphone-touched application released by iPhone in 2007. This paper is proposed to provide solution and answer the most demandable questions related to mobile application automated and manual testing limitations. Moreover, Mobile application testing requires agility and physically testing. Agile testing is to detect bugs through automated tools, whereas the compatibility testing is more to ensure that the apps operates on mobile OS (Operation Systems) as well as on the different real devices. Moreover, we have managed to answer automated or manual questions through two mobile application case studies MES (Mobile Exam System) and MLM (Mobile Lab Mate) by creating test scripts for both case studies and our experiment results have been discussed and evaluated on whether to adopt test on real devices or on emulators? In addition to this, we have introduced new mobile application testing matrix for the testers and some enterprises to obtain knowledge from.Keywords: mobile app testing, testing matrix, automated, manual testing
Procedia PDF Downloads 47814198 Runtime Monitoring Using Policy-Based Approach to Control Information Flow for Mobile Apps
Authors: Mohamed Sarrab, Hadj Bourdoucen
Abstract:
Mobile applications are verified to check the correctness or evaluated to check the performance with respect to specific security properties such as availability, integrity, and confidentiality. Where they are made available to the end users of the mobile application is achievable only to a limited degree using software engineering static verification techniques. The more sensitive the information, such as credit card data, personal medical information or personal emails being processed by mobile application, the more important it is to ensure the confidentiality of this information. Monitoring non-trusted mobile application during execution in an environment where sensitive information is present is difficult and unnerving. The paper addresses the issue of monitoring and controlling the flow of confidential information during non-trusted mobile application execution. The approach concentrates on providing a dynamic and usable information security solution by interacting with the mobile users during the run-time of mobile application in response to information flow events.Keywords: mobile application, run-time verification, usable security, direct information flow
Procedia PDF Downloads 38114197 End To End Process to Automate Batch Application
Authors: Nagmani Lnu
Abstract:
Often, Quality Engineering refers to testing the applications that either have a User Interface (UI) or an Application Programming Interface (API). We often find mature test practices, standards, and automation regarding UI or API testing. However, another kind is present in almost all types of industries that deal with data in bulk and often get handled through something called a Batch Application. This is primarily an offline application companies develop to process large data sets that often deal with multiple business rules. The challenge gets more prominent when we try to automate batch testing. This paper describes the approaches taken to test a Batch application from a Financial Industry to test the payment settlement process (a critical use case in all kinds of FinTech companies), resulting in 100% test automation in Test Creation and Test execution. One can follow this approach for any other batch use cases to achieve a higher efficiency in their testing process.Keywords: batch testing, batch test automation, batch test strategy, payments testing, payments settlement testing
Procedia PDF Downloads 6014196 Loan Repayment Prediction Using Machine Learning: Model Development, Django Web Integration and Cloud Deployment
Authors: Seun Mayowa Sunday
Abstract:
Loan prediction is one of the most significant and recognised fields of research in the banking, insurance, and the financial security industries. Some prediction systems on the market include the construction of static software. However, due to the fact that static software only operates with strictly regulated rules, they cannot aid customers beyond these limitations. Application of many machine learning (ML) techniques are required for loan prediction. Four separate machine learning models, random forest (RF), decision tree (DT), k-nearest neighbour (KNN), and logistic regression, are used to create the loan prediction model. Using the anaconda navigator and the required machine learning (ML) libraries, models are created and evaluated using the appropriate measuring metrics. From the finding, the random forest performs with the highest accuracy of 80.17% which was later implemented into the Django framework. For real-time testing, the web application is deployed on the Alibabacloud which is among the top 4 biggest cloud computing provider. Hence, to the best of our knowledge, this research will serve as the first academic paper which combines the model development and the Django framework, with the deployment into the Alibaba cloud computing application.Keywords: k-nearest neighbor, random forest, logistic regression, decision tree, django, cloud computing, alibaba cloud
Procedia PDF Downloads 13514195 Kinematic Behavior of Geogrid Reinforcements during Earthquakes
Authors: Ahmed Hosny Abdel-Rahman, Mohamed Abdel-Moneim
Abstract:
Reinforced earth structures are generally subjected to cyclic loading generated from earthquakes. This paper presents a summary of the results and analyses of a testing program carried out in a large-scale multi-function geosynthetic testing apparatus that accommodates soil samples up to 1.0 m3. This apparatus performs different shear and pullout tests under both static and cyclic loading. The testing program was carried out to investigate the controlling factors affecting soil/geogrid interaction under cyclic loading. The extensibility of the geogrids, the applied normal stresses, the characteristics of the cyclic loading (frequency, and amplitude), and initial static load within the geogrid sheet were considered in the testing program. Based on the findings of the testing program, the effect of these parameters on the pullout resistance of geogrids, as well as the displacement mobility under cyclic loading were evaluated. Conclusions and recommendations for the design of reinforced earth walls under cyclic loading are presented.Keywords: geogrid, soil, interface, cyclic loading, pullout, large scale testing
Procedia PDF Downloads 62214194 Validating the Contract between Microservices
Authors: Parveen Banu Ansari, Venkatraman Chinnappan, Paramasivam Shankar
Abstract:
Contract testing plays a pivotal role in the current landscape of microservices architecture. Testing microservices at the initial stages of development helps to identify and rectify issues before they escalate to higher levels, such as UI testing. By validating microservices through contract testing, you ensure the integration quality of APIs, enhancing the overall reliability and performance of the application. Contract testing, being a collaborative effort between testers and developers, ensures that the microservices adhere to the specified contracts or agreements. This proactive approach significantly reduces defects, streamlines the development process, and contributes to the overall efficiency and robustness of the application. In the dynamic and fast-paced world of digital applications, where microservices are the building blocks, embracing contract testing is indeed a strategic move for ensuring the quality and reliability of the entire system.Keywords: validation, testing, contract, agreement, microservices
Procedia PDF Downloads 5714193 Threat Analysis: A Technical Review on Risk Assessment and Management of National Testing Service (NTS)
Authors: Beenish Urooj, Ubaid Ullah, Sidra Riasat
Abstract:
National Testing Service-Pakistan (NTS) is an agency in Pakistan that conducts student success appraisal examinations. In this research paper, we must present a security model for the NTS organization. The security model will depict certain security countermeasures for a better defense against certain types of breaches and system malware. We will provide a security roadmap, which will help the company to execute its further goals to maintain security standards and policies. We also covered multiple aspects in securing the environment of the organization. We introduced the processes, architecture, data classification, auditing approaches, survey responses, data handling, and also training and awareness of risk for the company. The primary contribution is the Risk Survey, based on the maturity model meant to assess and examine employee training and knowledge of risks in the company's activities.Keywords: NTS, risk assessment, threat factors, security, services
Procedia PDF Downloads 7014192 The Application of the Security Audit Method on the Selected Objects of Critical Infrastructure
Authors: Michaela Vašková
Abstract:
The paper is focused on the application of the security audit method on the selected objects of the critical infrastructure. The emphasis is put on security audit method to find gaps in the critical infrastructure security. The theoretical part describes objects of the critical infrastructure. The practical part describes using the security audit method. The main emphasis was put on the protection of the critical infrastructure in the Czech Republic.Keywords: crisis management, critical infrastructure, object of critical infrastructure, security audit, extraordinary event
Procedia PDF Downloads 43114191 Adaptive Auth - Adaptive Authentication Based on User Attributes for Web Application
Authors: Senthuran Manoharan, Rathesan Sivagananalingam
Abstract:
One of the main issues in system security is Authentication. Authentication can be defined as the process of recognizing the user's identity and it is the most important step in the access control process to safeguard data/resources from being accessed by unauthorized users. The static method of authentication cannot ensure the genuineness of the user. Due to this reason, more innovative authentication mechanisms came into play. At first two factor authentication was introduced and later, multi-factor authentication was introduced to enhance the security of the system. It also had some issues and later, adaptive authentication was introduced. In this research paper, the design of an adaptive authentication engine was put forward. The user risk profile was calculated based on the user parameters and then the user was challenged with a suitable authentication method.Keywords: authentication, adaptive authentication, machine learning, security
Procedia PDF Downloads 24814190 Resource Allocation Modeling and Simulation in Border Security Application
Authors: Kai Jin, Hua Li, Qing Song
Abstract:
Homeland security and border safety is an issue for any country. This paper takes the border security of US as an example to discuss the usage and efficiency of simulation tools in the homeland security application. In this study, available resources and different illegal infiltration parameters are defined, including their individual behavior and objective, in order to develop a model that describes border patrol system. A simulation model is created in Arena. This simulation model is used to study the dynamic activities in the border security. Possible factors that may affect the effectiveness of the border patrol system are proposed. Individual and factorial analysis of these factors is conducted and some suggestions are made.Keywords: resource optimization, simulation, modeling, border security
Procedia PDF Downloads 51614189 DLtrace: Toward Understanding and Testing Deep Learning Information Flow in Deep Learning-Based Android Apps
Authors: Jie Zhang, Qianyu Guo, Tieyi Zhang, Zhiyong Feng, Xiaohong Li
Abstract:
With the widespread popularity of mobile devices and the development of artificial intelligence (AI), deep learning (DL) has been extensively applied in Android apps. Compared with traditional Android apps (traditional apps), deep learning based Android apps (DL-based apps) need to use more third-party application programming interfaces (APIs) to complete complex DL inference tasks. However, existing methods (e.g., FlowDroid) for detecting sensitive information leakage in Android apps cannot be directly used to detect DL-based apps as they are difficult to detect third-party APIs. To solve this problem, we design DLtrace; a new static information flow analysis tool that can effectively recognize third-party APIs. With our proposed trace and detection algorithms, DLtrace can also efficiently detect privacy leaks caused by sensitive APIs in DL-based apps. Moreover, using DLtrace, we summarize the non-sequential characteristics of DL inference tasks in DL-based apps and the specific functionalities provided by DL models for such apps. We propose two formal definitions to deal with the common polymorphism and anonymous inner-class problems in the Android static analyzer. We conducted an empirical assessment with DLtrace on 208 popular DL-based apps in the wild and found that 26.0% of the apps suffered from sensitive information leakage. Furthermore, DLtrace has a more robust performance than FlowDroid in detecting and identifying third-party APIs. The experimental results demonstrate that DLtrace expands FlowDroid in understanding DL-based apps and detecting security issues therein.Keywords: mobile computing, deep learning apps, sensitive information, static analysis
Procedia PDF Downloads 17714188 Scalable Performance Testing: Facilitating The Assessment Of Application Performance Under Substantial Loads And Mitigating The Risk Of System Failures
Authors: Solanki Ravirajsinh
Abstract:
In the software testing life cycle, failing to conduct thorough performance testing can result in significant losses for an organization due to application crashes and improper behavior under high user loads in production. Simulating large volumes of requests, such as 5 million within 5-10 minutes, is challenging without a scalable performance testing framework. Leveraging cloud services to implement a performance testing framework makes it feasible to handle 5-10 million requests in just 5-10 minutes, helping organizations ensure their applications perform reliably under peak conditions. Implementing a scalable performance testing framework using cloud services and tools like JMeter, EC2 instances (Virtual machine), cloud logs (Monitor errors and logs), EFS (File storage system), and security groups offers several key benefits for organizations. Creating performance test framework using this approach helps optimize resource utilization, effective benchmarking, increased reliability, cost savings by resolving performance issues before the application is released. In performance testing, a master-slave framework facilitates distributed testing across multiple EC2 instances to emulate many concurrent users and efficiently handle high loads. The master node orchestrates the test execution by coordinating with multiple slave nodes to distribute the workload. Slave nodes execute the test scripts provided by the master node, with each node handling a portion of the overall user load and generating requests to the target application or service. By leveraging JMeter's master-slave framework in conjunction with cloud services like EC2 instances, EFS, CloudWatch logs, security groups, and command-line tools, organizations can achieve superior scalability and flexibility in their performance testing efforts. In this master-slave framework, JMeter must be installed on both the master and each slave EC2 instance. The master EC2 instance functions as the "brain," while the slave instances operate as the "body parts." The master directs each slave to execute a specified number of requests. Upon completion of the execution, the slave instances transmit their results back to the master. The master then consolidates these results into a comprehensive report detailing metrics such as the number of requests sent, encountered errors, network latency, response times, server capacity, throughput, and bandwidth. Leveraging cloud services, the framework benefits from automatic scaling based on the volume of requests. Notably, integrating cloud services allows organizations to handle more than 5-10 million requests within 5 minutes, depending on the server capacity of the hosted website or application.Keywords: identify crashes of application under heavy load, JMeter with cloud Services, Scalable performance testing, JMeter master and slave using cloud Services
Procedia PDF Downloads 2714187 The Effect of Program Type on Mutation Testing: Comparative Study
Authors: B. Falah, N. E. Abakouy
Abstract:
Due to its high computational cost, mutation testing has been neglected by researchers. Recently, many cost and mutants’ reduction techniques have been developed, improved, and experimented, but few of them has relied the possibility of reducing the cost of mutation testing on the program type of the application under test. This paper is a comparative study between four operators’ selection techniques (mutants sampling, class level operators, method level operators, and all operators’ selection) based on the program code type of each application under test. It aims at finding an alternative approach to reveal the effect of code type on mutation testing score. The result of our experiment shows that the program code type can affect the mutation score and that the programs using polymorphism are best suited to be tested with mutation testing.Keywords: equivalent mutant, killed mutant, mutation score, mutation testing, program code type, software testing
Procedia PDF Downloads 55414186 Security Risks Assessment: A Conceptualization and Extension of NFC Touch-And-Go Application
Authors: Ku Aina Afiqah Ku Adzman, Manmeet Mahinderjit Singh, Zarul Fitri Zaaba
Abstract:
NFC operates on low-range 13.56 MHz frequency within a distance from 4cm to 10cm, and the applications can be categorized as touch and go, touch and confirm, touch and connect, and touch and explore. NFC applications are vulnerable to various security and privacy attacks such due to its physical nature; unprotected data stored in NFC tag and insecure communication between its applications. This paper aims to determine the likelihood of security risks happening in an NFC technology and application. We present an NFC technology taxonomy covering NFC standards, types of application and various security and privacy attack. Based on observations and the survey presented to evaluate the risk assessment within the touch and go application demonstrates two security attacks that are high risks namely data corruption and DOS attacks. After the risks are determined, risk countermeasures by using AHP is adopted. The guideline and solutions to these two high risks, attacks are later applied to a secure NFC-enabled Smartphone Attendance System.Keywords: Near Field Communication (NFC), risk assessment, multi-criteria decision making, Analytical Hierarchy Process (AHP)
Procedia PDF Downloads 30214185 Research on Malware Application Patterns of Using Permission Monitoring System
Authors: Seung-Hwan Ju, Yo-Han Choi, Hee-Suk Seo, Tae-Kyung Kim
Abstract:
This study investigates the permissions requested by Android applications, and the possibility of identifying suspicious applications based only on information presented to the user before an application is downloaded. The pattern analysis is based on a smaller data set consisting of confirmed malicious applications. The method is evaluated based on its ability to recognize malicious potential in the analyzed applications. In this study, we develop a system to monitor that mobile application permission at application update. This study is a service-based malware analysis. It will be based on the mobile security study.Keywords: malware patterns, application permission, application analysis, security
Procedia PDF Downloads 52314184 Transient Signal Generator For Fault Indicator Testing
Authors: Mohamed Shaban, Ali Alfallah
Abstract:
This paper describes an application for testing of a fault indicator but it could be used for other network protection testing. The application is created in the LabVIEW environment and consists of three parts. The first part of the application is determined for transient phenomenon generation and imitates voltage and current transient signal at ground fault originate. The second part allows to set sequences of trend for each current and voltage output signal, up to six trends for each phase. The last part of the application generates harmonic signal with continuously controllable amplitude of current or voltage output signal and phase shift of each signal can be changed there. Further any sub-harmonics and upper harmonics can be added to selected current output signalKeywords: signal generator-fault indicator, harmonic signal generator, voltage output
Procedia PDF Downloads 49414183 Developing the Methods for the Study of Static and Dynamic Balance
Authors: K. Abuzayan, H. Alabed, J. Ezarrugh, M. Agila
Abstract:
Static and dynamic balance are essential in daily and sports life. Many factors have been identified as influencing static balance control. Therefore, the aim of this study was to apply the (XCoM) method and other relevant variables (CoP, CoM, Fh, KE, P, Q, and, AI) to investigate sport related activities such as hopping and jumping. Many studies have represented the CoP data without mentioning its accuracy, so several experiments were done to establish the agreement between the CoP and the projected CoM in a static condition. Five male healthy (Mean ± SD:- age 24.6 years ±4.5, height 177 cm ± 6.3, body mass 72.8 kg ± 6.6) participated in this study. Results found that The implementation of the XCoM method was found to be practical for evaluating both static and dynamic balance. The general findings were that the CoP, the CoM, the XCoM, Fh, and Q were more informative than the other variables (e.g. KE, P, and AI) during static and dynamic balance. The XCoM method was found to be applicable to dynamic balance as well as static balance.Keywords: centre of mass, static balance, dynamic balance, extrapolated centre of mass
Procedia PDF Downloads 42014182 On the Resilience of Operational Technology Devices in Penetration Tests
Authors: Marko Schuba, Florian Kessels, Niklas Reitz
Abstract:
Operational technology (OT) controls physical processes in critical infrastructures and economically important industries. With the convergence of OT with classical information technology (IT), rising cybercrime worldwide and the increasingly difficult geopolitical situation, the risks of OT infrastructures being attacked are growing. Classical penetration testing, in which testers take on the role of an attacker, has so far found little acceptance in the OT sector - the risk that a penetration test could do more harm than good seems too great. This paper examines the resilience of various OT systems using typical penetration test tools. It is shown that such a test certainly involves risks, but is also feasible in OT if a cautious approach is taken. Therefore, OT penetration testing should be considered as a tool to improve the cyber security of critical infrastructures.Keywords: penetration testing, OT, ICS, OT security
Procedia PDF Downloads 1414181 Measurement of Thermal Protrusion Profile in Magnetic Recording Heads via Wyko Interferometry
Authors: Joseph Christopher R. Ragasa, Paolo Gabriel P. Casas, Nemesio S. Mangila, Maria Emma C. Villamin, Myra G. Bungag
Abstract:
A procedure in measuring the thermal protrusion profiles of magnetic recording heads was developed using a Wyko HD-8100 optical interference-based instrument. The protrusions in the heads were made by the application of a constant power through the thermal flying height controller pads. It was found that the thermally-induced bubble is confined to form in the same head locations, primarily in the reader and writer regions, regardless of the direction of approach of temperature. An application of power to the thermal flying height control pads ranging from 0 to 50 milliWatts showed that the protrusions demonstrate a linear dependence with the supplied power. The efficiencies calculated using this method were compared to that obtained through Guzik and found to be 19.57% greater due to the static testing environment used in the testing.Keywords: thermal protrusion profile, magnetic recording heads, wyko interferometry, thermal flying height control
Procedia PDF Downloads 46914180 A Framework for Secure Information Flow Analysis in Web Applications
Authors: Ralph Adaimy, Wassim El-Hajj, Ghassen Ben Brahim, Hazem Hajj, Haidar Safa
Abstract:
Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company’s financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data’s confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.Keywords: web applications security, secure information flow, program dependence graph, database annotation
Procedia PDF Downloads 47114179 Acute Effects of Active Dynamic, Static Stretching and Passive Static Stretching Exercise on Hamstrings Flexibility and Muscle Strength
Authors: Yi Tse Wang, Che Hsiu Chen, Zih Jian Huang, Hon Wen Cheng
Abstract:
Stretching treatments enhanced flexibility. On the other hand, decreases in hamstrings strength have been reported after stretching, especially with static stretching or passive stretching. Stretching has been shown to be more effective than static stretching to improve muscle performance, but a clear consensus for the effect of dynamic stretching on muscle performance has not been achieved. The purpose of this study was to compare the acute effect of a dynamic stretching, static stretching and eccentric exercise protocol on hamstrings stiffness, flexibility and muscle strength. Forty-five healthy active men (height 179.9 cm; weight 71.5 kg; age 22.5 years) were participated in 3 randomly ordered testing sessions: dynamic stretching (DS), active static stretching (ASS), and passive static stretching (PSS). All the stretch were performed 30 seconds and repeated 6 times. There was a 30-second interval between repetitions. The outcome measures were isokinetic concentric contraction (60°/s), eccentric contraction (30°/s) peak torque, muscle flexibility after stretching. The results showed that the muscle flexibility (3.6%, 3.9% and 1.59%, respectively) increased significantly after DS, PSS and ASS. Hamstring isokinetic concentric peak torque (-6.4%, -8.0% and -5.8%, respectively) and eccentric peak torque (-5.8%, -4.5% and -5.4%, respectively) decreased significantly after DS, PSS and ASS. Hence, although the stretching protocols improve hamstrings flexibility immediately, reduced hamstring muscle eccentric and concentric peak torque.Keywords: hamstrings injury, warm-up, muscle performance, muscle stretching
Procedia PDF Downloads 38314178 Influence of Displacement Amplitude and Vertical Load on the Horizontal Dynamic and Static Behavior of Helical Wire Rope Isolators
Authors: Nicolò Vaiana, Mariacristina Spizzuoco, Giorgio Serino
Abstract:
In this paper, the results of experimental tests performed on a Helical Wire Rope Isolator (HWRI) are presented in order to describe the dynamic and static behavior of the selected metal device in three different displacements ranges, namely small, relatively large, and large displacements ranges, without and under the effect of a vertical load. A testing machine, allowing to apply horizontal displacement or load histories to the tested bearing with a constant vertical load, has been adopted to perform the dynamic and static tests. According to the experimental results, the dynamic behavior of the tested device depends on the applied displacement amplitude. Indeed, the HWRI displays a softening and a hardening stiffness at small and relatively large displacements, respectively, and a stronger nonlinear stiffening behavior at large displacements. Furthermore, the experimental tests reveal that the application of a vertical load allows to have a more flexible device with higher damping properties and that the applied vertical load affects much less the dynamic response of the metal device at large displacements. Finally, a decrease in the static to dynamic effective stiffness ratio with increasing displacement amplitude has been observed.Keywords: base isolation, earthquake engineering, experimental hysteresis loops, wire rope isolators
Procedia PDF Downloads 43314177 Characterization of Filled HNBR Elastomers for Sealing Application in Cold Climate Areas
Authors: Anton G. Akulichev, Avinash Tiwari, Ben Alcock, Andreas Echtermeyer
Abstract:
Low temperatures are known to pose a major threat for polymers; many are prone to excessive stiffness or even brittleness. There is a technology gap between the properties of existing elastomeric sealing materials and the properties needed for service in extremely cold regions. Moreover, some aspects of low temperature behaviour of rubber are not thoroughly studied and understood. The paper presents results of laboratory testing of a conventional oilfield HNBR (hydrogenated nitrile butadiene rubber) elastomer at low climatic temperatures above and below its glass transition point, as well as the performance of some filled HNBR formulations. Particular emphasis in the experiments is put on rubber viscoelastic characteristics studied by Dynamic Mechanical Analysis (DMA) and quasi-static mechanical testing results at low temperatures. As demonstrated by the stress relaxation and DMA experiments the transition region near Tg of the studied compound has the most striking features, like rapid stress relaxation, as compared to the glassy and rubbery plateau. In addition the quasi-static experiments show that molecular movement below Tg is not completely frozen, but rather evident and manifested in a certain stress decay as well. The effect of temperature and filler additions on typical mechanical and other properties of the materials is also discussed.Keywords: characterization, filled elastomers, HNBR, low temperature
Procedia PDF Downloads 31314176 The Implementation of Information Security Audits in Public Sector: Perspective from Indonesia
Authors: Nur Imroatun Sholihat, Gresika Bunga Sylvana
Abstract:
Currently, cyber attack became an incredibly serious problem due to its increasing trend all over the world. Therefore, information security becomes prominent for every organization including public sector organization. In Indonesia, unfortunately, Ministry of Finance (MoF) is the only public sector organization that has already formally established procedure to assess its information security adequacy by performing information security audits (November 2017). We assess the implementation of information security audits in the MoF using qualitative data obtained by interviewing IT auditors and by analysis of related documents. For this reason, information security audit practice in the MoF could become the acceptable benchmark for all other public sector organizations in Indonesia. This study is important because, to the best of the author’s knowledge, our research into information security audits practice in Indonesia’s public sector have not been found yet. Results showed that information security audits performed mostly by doing pentest (penetration testing) to MoF’s critical applications.Keywords: information security audit, information technology, Ministry of Finance of Indonesia, public sector organization
Procedia PDF Downloads 23714175 Automated Java Testing: JUnit versus AspectJ
Authors: Manish Jain, Dinesh Gopalani
Abstract:
Growing dependency of mankind on software technology increases the need for thorough testing of the software applications and automated testing techniques that support testing activities. We have outlined our testing strategy for performing various types of automated testing of Java applications using AspectJ which has become the de-facto standard for Aspect Oriented Programming (AOP). Likewise JUnit, a unit testing framework is the most popular Java testing tool. In this paper, we have evaluated our proposed AOP approach for automated testing and JUnit on various parameters. First we have provided the similarity between the two approaches and then we have done a detailed comparison of the two testing techniques on factors like lines of testing code, learning curve, testing of private members etc. We established that our AOP testing approach using AspectJ has got several advantages and is thus particularly more effective than JUnit.Keywords: aspect oriented programming, AspectJ, aspects, JU-nit, software testing
Procedia PDF Downloads 33114174 Open Jet Testing for Buoyant and Hybrid Buoyant Aerial Vehicles
Authors: A. U. Haque, W. Asrar, A. A. Omar, E. Sulaeman, J. S Mohamed Ali
Abstract:
Open jet testing is a valuable testing technique which provides the desired results with reasonable accuracy. It has been used in past for the airships and now has recently been applied for the hybrid ones, having more non-buoyant force coming from the wings, empennage and the fuselage. In the present review work, an effort has been done to review the challenges involved in open jet testing. In order to shed light on the application of this technique, the experimental results of two different configurations are presented. Although, the aerodynamic results of such vehicles are unique to its own design; however, it will provide a starting point for planning any future testing. Few important testing areas which need more attention are also highlighted. Most of the hybrid buoyant aerial vehicles are unconventional in shape and there experimental data is generated, which is unique to its own design.Keywords: open jet testing, aerodynamics, hybrid buoyant aerial vehicles, airships
Procedia PDF Downloads 57214173 An Experimental Study of Dynamic Compressive Strength of Bushveld Complex Brittle Rocks under Impact Loadingsa Chemicals and Fibre Corporation, Changhua Branch
Authors: A. Mudau, T. R. Stacey, R. A. Govender
Abstract:
This paper reports for the first time the findings on the dynamic compressive strength data of Bushveld Complex brittle rock materials. These rocks were subjected to both quasi-static and impact loading tests to help understand their behaviour both under quasi-static and dynamic loading conditions. Unlike quasi-static tests, characterization of dynamic behaviour of materials is challenging, in particularly brittle rock materials. The split Hopkinson pressure bar (SHPB) results reported for anorthosite and norite showed relatively low values for dynamic compressive strength compared to the quasi-static uniaxial compressive strength data. It was noticed that the dynamic stress conditions were not fully attained during testing, as well as constant strain rate.Keywords: Bushveld Complex, dynamic comperession, rock brittleness, stress equilibrium
Procedia PDF Downloads 49814172 Static Study of Piezoelectric Bimorph Beams with Delamination Zone
Authors: Zemirline Adel, Ouali Mohammed, Mahieddine Ali
Abstract:
The FOSDT (First Order Shear Deformation Theory) is taking into consideration to study the static behavior of a bimorph beam, with a delamination zone between the upper and the lower layer. The effect of limit conditions and lengths of the delamination zone are presented in this paper, with a PVDF piezoelectric material application. A FEM “Finite Element Method” is used to discretize the beam. In the axial displacement, a displacement field appears in the debonded zone with inverse effect between the upper and the lower layer was observed.Keywords: static, piezoelectricity, beam, delamination
Procedia PDF Downloads 418