Search results for: cybersecurity compliance.

Authors: Shaila Rana, Wasim Alhamdani

Abstract:

Effective cybersecurity learning relies on an engaging, interactive, and entertaining activity that fosters positive learning outcomes. VR cybersecurity training may provide a training format that is engaging, interactive, and entertaining. A methodological approach and framework are needed to allow trainers and educators to employ VR cybersecurity training methods to promote positive learning outcomes. Thus, this paper aims to create an approach that cybersecurity trainers can follow to create a VR cybersecurity training module. This methodology utilizes concepts from other cybersecurity training frameworks, such as NICE and CyTrONE. Other cybersecurity training frameworks do not incorporate the use of VR. VR training proposes unique challenges that cannot be addressed in current cybersecurity training frameworks. Subsequently, this ontology utilizes concepts to develop VR training to create a relevant methodology for creating VR cybersecurity training modules.

Keywords: Virtual reality cybersecurity training, VR cybersecurity training, traditional cybersecurity training, ontology.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 490

Authors: Nikolina Kasunic, Sanja Bracun

Abstract:

After graduation, student population of applied sciences will become the population of employees on IT experts’ positions or "just" business users of certain IT technologies for which the level of awareness of existing cybersecurity risks is extremely important. This research results define the current cybersecurity awareness level of students at Zagreb University of Applied Sciences (TVZ), what can be useful not only for teaching staff to form a curriculum related to cybersecurity more accurately but also to employers to know what to expect from their future employees regarding cybersecurity awareness level. There is also a connection determined between the student’s behaviour and their level of cybersecurity awareness.

Keywords: Applied sciences students’ population, cybersecurity, cybersecurity awareness, student population cybersecurity awareness.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 482

Authors: Michael Amberg, Dipl. Kfm. Johannes C. Panitz

Abstract:

Compliance requires an effective communication within an enterprise as well as towards a company-s external environment. This requirement commences with the implementation of compliance within large scale compliance projects and still persists in the compliance reporting within standard operations. On the one hand the understanding of compliance necessities within the organization is promoted. On the other hand reduction of asymmetric information with compliance stakeholders is achieved. To reach this goal, a central reporting must provide a consolidated view of different compliance efforts- statuses. A concept which could be adapted for this purpose is the balanced scorecard by Kaplan / Norton. This concept has not been analyzed in detail concerning its adequacy for a holistic compliance reporting starting in compliance projects until later usage in regularly compliance operations. At first, this paper evaluates if a holistic compliance reporting can be designed by using the balanced scorecard concept. The current status of compliance reporting clearly shows that scorecards are generally accepted as a compliance reporting tool and are already used for corporate governance reporting. Additional specialized compliance IT - solutions exist in the market. After the scorecard-s adequacy is thoroughly examined and proofed, an example strategy map as the basis to derive a compliance balanced scorecard is defined. This definition answers the question on proceeding in designing a compliance reporting tool.

Keywords: Balanced Scorecard, Compliance, ComplianceReporting, Compliance Scorecard.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3308

Authors: Shaila Rana, Wasim Alhamdani

Abstract:

Effective cybersecurity training is of the utmost importance, given the plethora of attacks that continue to increase in complexity and ubiquity. VR cybersecurity training remains a starkly understudied discipline. Studies that evaluated the effectiveness of VR cybersecurity training over traditional methods are required. An engaging and interactive platform can support knowledge retention of the training material. Consequently, an effective form of cybersecurity training is required to support a culture of cybersecurity awareness. Measurements of effectiveness varied throughout the studies, with surveys and observations being the two most utilized forms of evaluating effectiveness. Further research is needed to evaluate the effectiveness of VR cybersecurity training and traditional training. Additionally, research for evaluating if VR cybersecurity training is more effective than traditional methods is vital. This paper proposes a methodology to compare the two cybersecurity training methods and their effectiveness. The proposed framework includes developing both VR and traditional cybersecurity training methods and delivering them to at least 100 users. A quiz along with a survey will be administered and statistically analyzed to determine if there is a difference in knowledge retention and user satisfaction. The aim of this paper is to bring attention to the need to study VR cybersecurity training and its effectiveness compared to traditional training methods. This paper hopes to contribute to the cybersecurity training field by providing an effective way to train users for security awareness. If VR training is deemed more effective, this could create a new direction for cybersecurity training practices.

Keywords: Virtual reality cybersecurity training, VR cybersecurity training, traditional cybersecurity training, evaluating efficacy.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1006

Authors: Pema Choejey, David Murray, Chun Che Fung

Abstract:

Bhutan is becoming increasingly dependent on Information and Communications Technologies (ICTs), especially the Internet for performing the daily activities of governments, businesses, and individuals. Consequently, information systems and networks are becoming more exposed and vulnerable to cybersecurity threats. This paper highlights the findings of the survey study carried out to understand the perceptions of cybersecurity implementation among government organizations in Bhutan. About 280 ICT personnel were surveyed about the effectiveness of cybersecurity implementation in their organizations. A questionnaire based on a 5 point Likert scale was used to assess the perceptions of respondents. The questions were asked on cybersecurity practices such as cybersecurity policies, awareness and training, and risk management. The survey results show that less than 50% of respondents believe that the cybersecurity implementation is effective: cybersecurity policy (40%), risk management (23%), training and awareness (28%), system development life cycle (34%); incident management (26%), and communications and operational management (40%). The findings suggest that many of the cybersecurity practices are inadequately implemented and therefore, there exist a gap in achieving a required cybersecurity posture. This study recommends government organizations to establish a comprehensive cybersecurity program with emphasis on cybersecurity policy, risk management, and awareness and training. In addition, the research study has practical implications to both government and private organizations for implementing and managing cybersecurity.

Keywords: Awareness and training, cybersecurity, cybersecurity policy, risk management, security risks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1498

Authors: B. Ferdousi, J. Bari

Abstract:

With advancement of mobile computing, employees are increasingly doing their job-related works using personally owned mobile devices or organization owned devices. The Bring Your Own Device (BYOD) model allows employees to use their own mobile devices for job-related works, while Corporate Owned, Personally Enabled (COPE) model allows both organizations and employees to install applications onto organization-owned mobile devices used for job-related works. While there are many benefits of using mobile computing for job-related works, there are also serious concerns of different levels of threats to the organizational data security. Consequently, it is crucial to know the level of threat to the organizational data security in the BOYD and COPE models. It is also important to ensure that employees comply with the organizational data security policy. This paper discusses the organizational data security issues in perspective of ownership of mobile devices used by employees, especially in BYOD and COPE models. It appears that while the BYOD model has many benefits, there are relatively more data security risks in this model than in the COPE model. The findings also showed that in both BYOD and COPE environments, a more practical approach towards achieving secure mobile computing in organizational setting is through the development of comprehensive cybersecurity policies balancing employees’ need for convenience with organizational data security. The study helps to figure out the compliance and the risks of security breach in BYOD and COPE models.

Keywords: Data security, mobile computing, BYOD, COPE, cybersecurity policy, cybersecurity compliance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 269

Authors: Kaznah Alshammari, Thomas Beach, Yacine Rezgui

Abstract:

Technological advances in the construction sector are helping to make smart cities a reality by means of Cyber-Physical Systems (CPS). CPS integrate information and the physical world through the use of Information Communication Technologies (ICT). An increasingly common goal in the built environment is to integrate Building Information Models (BIM) with Internet of Things (IoT) and sensor technologies using CPS. Future advances could see the adoption of digital twins, creating new opportunities for CPS using monitoring, simulation and optimisation technologies. However, researchers often fail to fully consider the security implications. To date, it is not widely possible to assimilate BIM data and cybersecurity concepts and, therefore, security has thus far been overlooked. This paper reviews the empirical literature concerning IoT applications in the built environment and discusses real-world applications of the IoT intended to enhance construction practices, people’s lives and bolster cybersecurity. Specifically, this research addresses two research questions: (a) How suitable are the current IoT and CPS security stacks to address the cybersecurity threats facing digital twins in the context of smart buildings and districts? and (b) What are the current obstacles to tackling cybersecurity threats to the built environment CPS? To answer these questions, this paper reviews the current state-of-the-art research concerning digital twins in the built environment, the IoT, BIM, urban cities and cybersecurity. The results of the findings of this study confirmed the importance of using digital twins in both IoT and BIM. Also, eight reference zones across Europe have gained special recognition for their contributions to the advancement of IoT science. Therefore, this paper evaluates the use of digital twins in CPS to arrive at recommendations for expanding BIM specifications to facilitate IoT compliance, bolster cybersecurity and integrate digital twin and city standards in the smart cities of the future.

Keywords: BIM, cybersecurity, digital twins, IoT, urban cities.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 798

Authors: Haydar Teymourlouei

Abstract:

Cybersecurity is one of the greatest challenges society faces in an age revolving around technological development. With cyber-attacks on the continuous rise, the nation needs to understand and learn ways that can prevent such attacks. A major contribution that can change the education system is to implement laboratories and competitions into academia. This method can improve and educate students with more hands-on exercises in a highly motivating setting. Considering the fact that students are the next generation of the nation’s workforce, it is important for students to understand concepts not only through books, but also through actual hands-on experiences in order for them to be prepared for the workforce. An effective cybersecurity education system is critical for creating a strong cyber secure workforce today and for the future. This paper emphasizes the need for awareness and the need for competitions and cybersecurity laboratories to be implemented into the education system.

Keywords: Awareness, competition, cybersecurity, laboratories, workforce.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1449

Authors: Anders Thorsèn, Behrooz Sangchoolie, Peter Folkesson, Ted Strandberg

Abstract:

As more parts of the power grid become connected to the internet, the risk of cyberattacks increases. To identify the cybersecurity threats and subsequently reduce vulnerabilities, the common practice is to carry out a cybersecurity risk assessment. For safety classified systems and products, there is also a need for safety risk assessments in addition to the cybersecurity risk assessment to identify and reduce safety risks. These two risk assessments are usually done separately, but since cybersecurity and functional safety are often related, a more comprehensive method covering both aspects is needed. Some work addressing this has been done for specific domains like the automotive domain, but more general methods suitable for, e.g., Intelligent Distributed Grids, are still missing. One such method from the automotive domain is the Security-Aware Hazard Analysis and Risk Assessment (SAHARA) method that combines safety and cybersecurity risk assessments. This paper presents an approach where the SAHARA method has been modified to be more suitable for larger distributed systems. The adapted SAHARA method has a more general risk assessment approach than the original SAHARA. The proposed method has been successfully applied on two use cases of an intelligent distributed grid.

Keywords: Intelligent distribution grids, threat analysis, risk assessment, safety, cybersecurity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 670

Authors: K. Hołda, D. Śliwa, K. Daniec

Abstract:

This article was created as part of the developed master's thesis. It attempts to present a developed device, which will support the work of specialists dealing with broadly understood cybersecurity terms. The device is contrived to automate security tests. In addition, it simulates potential cyberattacks in the most realistic way possible, without causing permanent damage to the network, in order to maximize the quality of the subsequent corrections to the tested network systems. The proposed solution is a fully operational prototype created from commonly available electronic components and a single board computer. The focus of the article is not only put on the hardware part of the device but also on the theoretical and applicatory way in which implemented cybersecurity tests operate and examples of their results.

Keywords: Raspberry Pi, ethernet, automated cybersecurity tests, ARP, DNS, backdoor, TCP, password sniffing.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 699

Authors: N. N. Mosola, K. F. Moeketsi, R. Sehobai, N. Pule

Abstract:

The Internet brings increasing use of Information and Communications Technology (ICT) services and facilities. Consequently, new computing paradigms emerge to provide services over the Internet. Although there are several benefits stemming from these services, they pose several risks inherited from the Internet. For example, cybercrime, identity theft, malware etc. To thwart these risks, this paper proposes a holistic approach. This approach involves multidisciplinary interactions. The paper proposes a top-down and bottom-up approach to deal with cyber security concerns in developing countries. These concerns range from regulatory and legislative areas, cyber awareness, research and development, technical dimensions etc. The main focus areas are highlighted and a cybersecurity model solution is proposed. The paper concludes by combining all relevant solutions into a proposed cybersecurity model to assist developing countries in enhancing a cyber-safe environment to instill and promote a culture of cybersecurity.

Keywords: Cybercrime, cybersecurity, computer emergency response team, computer security incident response team.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1964

Authors: J. T. Manhire

Abstract:

A tax authority wants to take actions it knows will foster the greatest degree of voluntary taxpayer compliance to reduce the “tax gap.” This paper suggests that even if a tax authority could attain a state of complete knowledge, there are constraints on whether and to what extent such actions would result in reducing the macro-level tax gap. These limits are not merely a consequence of finite agency resources. They are inherent in the system itself. To show that this is one possible interpretation of the tax gap data, the paper formulates known results in a different way by analyzing tax compliance as a population with a single covariate. This leads to a standard use of the logistic map to analyze the dynamics of non-compliance growth or decay over a sequence of periods. This formulation gives the same results as the tax gap studies performed over the past fifty years in the U.S. given the published margins of error. Limitations and recommendations for future work are discussed, along with some implications for tax policy.

Keywords: Tax law, tax compliance, tax gap, income tax.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 681

Authors: Rajoo Balaji, Omar Yaakob

Abstract:

The Ballast Water Convention requires less than 5% of the world tonnage for ratification. Consequently, ships will have to comply with the requirements. Compliance evaluation and enforcement will become mandatory. Ship owners have to invest in treatment systems and shipboard personnel have to operate them and ensure compliance. The monitoring and enforcement will be the responsibilities of the Administrations. Herein, a review of the current status of the Ballast Water Management and the issues faced by these are projected. Issues range from efficacy and economics of the treatment systems to sampling and testing. Health issues of chemical systems, paucity of data for decision support etc., are other issues. It is emphasized that management of ballast water must be extended to ashore and sustainable solutions must be researched upon. An exemplar treatment system based on ship’s waste heat is also suggested.

Keywords: Ballast water management, Compliance evaluation, Compliance enforcement, Sustainability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2145

Authors: Tim Nedyalkov

Abstract:

A business decision to move to the cloud brings fundamental changes in how an organization develops and delivers its Information Technology solutions. The accelerated pace of digital transformation across businesses and government agencies increases the reliance on cloud-based services. Collecting, managing, and retaining large amounts of data in cloud environments make information security and data privacy protection essential. It becomes even more important to understand what key factors drive successful cloud adoption following the commencement of the Privacy Amendment Notifiable Data Breaches (NDB) Act 2017 in Australia as the regulatory changes impact many organizations and industries. This quantitative correlational research investigated the governance, risk management, and compliance factors contributing to cloud security success. The factors influence the adoption of cloud computing within an organizational context after the commencement of the NDB scheme. The results and findings demonstrated that corporate information security policies, data storage location, management understanding of data governance responsibilities, and regular compliance assessments are the factors influencing cloud computing adoption. The research has implications for organizations, future researchers, practitioners, policymakers, and cloud computing providers to meet the rapidly changing regulatory and compliance requirements.

Keywords: Cloud compliance, cloud security, cloud security governance, data governance, privacy protection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 833

Authors: Phillip Garrad, Saritha Unnikrishnan

Abstract:

The increase in connected and autonomous vehicles (CAV) creates more opportunities for cyber-attacks. Cyber-attacks can be performed with malicious intent or for research and testing purposes. As connected vehicles approach full autonomy, the possible impact of these cyber-attacks also grows. This review analyses the challenges faced in CAV cybersecurity testing. This includes access and cost of the representative test setup and lack of experts in the field A review of potential solutions to overcome these challenges is presented. Studies have demonstrated Artificial Intelligence (AI) as a promising technique to reduce runtime, enhance effectiveness and comprehensively cover all the standard test aspects in penetration testing in other industries. However, this review has identified a significant gap in the systematic implementation of AI for penetration testing in the CAV cybersecurity domain. The expectation from this review is to investigate potential AI algorithms, which can demonstrate similar improvements in runtime and efficiency for a CAV model. If proven to be an effective means of penetration test for CAV, this methodology may be used on a full CAV test network.

Keywords: Cybersecurity, connected vehicles, software simulation, artificial intelligence, penetration testing.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 420

Authors: Achim Washington, Reece Clothier, Jose Silva

Abstract:

System Safety Regulations (SSR) are a central component to the airworthiness certification of Unmanned Aircraft Systems (UAS). There is significant debate on the setting of appropriate SSR for UAS. Putting this debate aside, the challenge lies in how to apply the system safety process to UAS, which lacks the data and operational heritage of conventionally piloted aircraft. The limited knowledge and lack of operational data result in uncertainty in the system safety assessment of UAS. This uncertainty can lead to incorrect compliance findings and the potential certification and operation of UAS that do not meet minimum safety performance requirements. The existing system safety assessment and compliance processes, as used for conventional piloted aviation, do not adequately account for the uncertainty, limiting the suitability of its application to UAS. This paper discusses the challenges of undertaking system safety assessments for UAS and presents current and envisaged research towards addressing these challenges. It aims to highlight the main advantages associated with adopting a risk based framework to the System Safety Performance Requirement (SSPR) compliance process that is capable of taking the uncertainty associated with each of the outputs of the system safety assessment process into consideration. Based on this study, it is made clear that developing a framework tailored to UAS, would allow for a more rational, transparent and systematic approach to decision making. This would reduce the need for conservative assumptions and take the risk posed by each UAS into consideration while determining its state of compliance to the SSR.

Keywords: Part 1309 regulations, unmanned aircraft systems, system safety, uncertainty.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1063

Authors: Shinji Oouchi, Hajime Nomura, Kung-Da Wu, Yong-Run Chen, Jui-Pin Hung

Abstract:

This paper presents the variation of the dynamic characteristics of a spindle with the change of bearing preload. The correlations between the variation of bearing preload and fundamental modal parameters were first examined by conducting vibration tests on physical spindle units. Experimental measurements show that the dynamic compliance and damping ratio associated with the dominating modes were affected to vary with variation of the bearing preload. When the bearing preload was slightly deviated from a standard value, the modal frequency and damping ability also vary to different extent, which further enable the spindle to perform with different compliance. For the spindle used in this study, a standard preload value set on bearings would enable the spindle to behave a higher stiffness as compared with others with a preload variation. This characteristic can be served as a reference to examine the variation of bearing preload of spindle in assemblage or operation.

Keywords: Dynamic compliance, Bearing preload, Modal damping.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2358

Authors: Benjamin Osei-Tutu

Abstract:

Food contaminated with biological, chemical and physical hazards usually leads to foodborne illnesses which in turn increase the disease burden of developing and developed economies. Restaurants play a key role in the food service industry and violations in application of standardized food safety management systems in these establishments have been associated with foodborne disease outbreaks. This study was undertaken to assess the level of compliance to the Code of practice that was developed and implemented after conducting needs assessment of the food safety management systems employed by the Food Service Establishments in Ghana. Data on pre-licence inspections were reviewed to assess the compliance of the Food Service Establishments. During the period under review (2012-2016), 74.52% of the food service facilities in the hospitality industry were in compliance with the FDA’s code of practice. Main violations observed during the study bordered on facility layout and fabrication (61.8%) and this is because these facilities may not have been built for use as a food service establishment. Another fact that came to the fore was that the redesigning of the facilities to bring them into compliance required capital intensive investments, which some establishments are not prepared for. Other challenges faced by the industry regarded issues on records and documentations, personnel facilities and hygiene, raw materials acquisition, storage and control, and cold storage.

Keywords: Assessment, Accra, food safety management systems, restaurants, hotel.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1742

Authors: L. Wang, Y. Chen, T. Wu, S. Hu

Abstract:

In order to enhance the security of critical financial infrastructure, this study carries out a transformation of the architecture of a financial trading terminal to a zero trust architecture (ZTA), constructs an active defense system for the cybersecurity, improves the security level of trading services in the Internet environment, enhances the ability to prevent network attacks and unknown risks, and reduces the industry and security risks brought about by cybersecurity risks. This study introduces Software Defined Perimeter (SDP) technology of ZTA, adapts and applies it to a financial trading terminal to achieve security optimization and fine-grained business grading control. The upgraded architecture of the trading terminal moves security protection forward to the user access layer, replaces VPN to optimize remote access and significantly improves the security protection capability of Internet transactions. The study achieves: 1. deep integration with the access control architecture of the transaction system; 2. no impact on the performance of terminals and gateways, and no perception of application system upgrades; 3. customized checklist and policy configuration; 4. introduction of industry-leading security technology such as single-packet authorization (SPA) and secondary authentication. This study carries out a successful application of ZTA in the field of financial trading, and provides transformation ideas for other similar systems while improving the security level of financial transaction services in the Internet environment.

Keywords: Zero trust, trading terminal, architecture, network security, cybersecurity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 122

Authors: Wafa Ghonaim

Abstract:

Though quite fast on growth, Islamic financing at large, and its diverse instruments, is a controversial matter among scholars. This is evident from the ongoing debates on its Shariah compliance. Arguments, however, are inciting doubts and concerns among clients about its credibility, which is harming this lucrative sector. The work here investigates, particularly, some issues related to the Tawarruq instrument. The work examines the issues of linking Murabaha and Wakala contracts, the reselling of commodities to same traders, and the transfer of ownerships. The work affirms that a multi-agent smart electronic market design would facilitate Shariah compliance. The smart market exploits the rational decision-making capabilities of autonomous proxy agents that enable the clients, traders, brokers, and the bank buy and sell commodities, and manage transactions and cash flow. The smart electronic market design delivers desirable qualities that terminate the need for Wakala contracts and the reselling of commodities to the same traders. It also resolves the ownership transfer issues by allowing stakeholders to trade independently. The bank administers the smart electronic market and assures reliability of trades, transactions and cash flow. A multi-agent simulation is presented to validate the concept and processes. We anticipate that the multi-agent smart electronic market design would deliver Shariah compliance of personal financing to the aspiration of scholars, banks, traders and potential clients.

Keywords: Islamic finance, Shariah compliance, smart electronic markets design, multi-agent systems.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 945

Authors: Mahshid Talebian Kiakalayeh

Abstract:

As artificial intelligence (AI) technologies can be used by both civilians and soldiers; it is vital to consider the consequences emanating from AI military as well as civilian use. Indeed, many of the same technologies can have a dual-use. This paper will explore the military uses of AI and assess their compliance with international legal norms. AI developments not only have changed the capacity of the military to conduct complex operations but have also increased legal concerns. The existence of a potential legal vacuum in legal principles on the military use of AI indicates the necessity of more study on compliance with International Humanitarian Law (IHL), the branch of international law which governs the conduct of hostilities. While capabilities of new means of military AI continue to advance at incredible rates, this body of law is seeking to limit the methods of warfare protecting civilian persons who are not participating in an armed conflict. Implementing AI in the military realm would result in potential issues including ethical and legal challenges. For instance, when intelligence can perform any warfare task without any human involvement, a range of humanitarian debates will be raised as to whether this technology might distinguish between military and civilian targets or not. This is mainly because AI in fully military systems would not seem to carry legal and ethical judgment which can interfere with IHL principles. The paper will take, as a case study, Canada’s compliance with IHL in the area of AI and the related legal issues that are likely to arise as this country continues to develop military uses of AI.

Keywords: Artificial intelligence, military use, International Humanitarian Law, the Canadian perspective.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1125

Authors: Bruno Vilić Belina, Ivan Župan

Abstract:

Smart industry concepts and digital transformation are very popular in many industries. They develop their own digital platforms, which have an important role in innovations and transactions. The main idea of smart industry digital platforms is central data collection, industrial data integration and data usage for smart applications and services. This paper presents the development of a digital platform for building critical infrastructure protection systems in smart industries. Different service contraction modalities in Service Level Agreements (SLAs), Customer Relationship Management (CRM) relations, trends and changes in business architectures (especially process business architecture) for the purpose of developing infrastructural production and distribution networks, information infrastructure meta-models and generic processes by critical infrastructure owner demanded by critical infrastructure law, satisfying cybersecurity requirements and taking into account hybrid threats are researched.

Keywords: Cybersecurity, critical infrastructure, smart industries, digital platform.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 154

Authors: Chinnaiah Madduri, Raghu V. Prakash

Abstract:

This paper presents the results of corrosion fatigue crack growth behaviour of a Ni-Cr-Mn steel commonly used in marine applications. The effect of mechanical variables such as frequency and load ratio on fatigue crack growth rate at various stages has been studied using compact tension (C(T)) specimens along the rolling direction of steel plate under 3.5% saturated NaCl aqueous environment. The significance of crack closure on corrosion fatigue, and the validity of Elber-s empirical linear crack closure model with the ASTM compliance offset method have been examined. Fatigue crack growth rate is higher and threshold stress intensities are lower in aqueous environment compared to the lab air conditions. It is also observed that the crack growth rate increases at lower frequencies. The higher stress ratio promotes the crack growth. The effect of oxidization and corrosion pit formation is very less as the stress ratio is increased. It is observed that as stress ratios are increased, the Elber-s crack closure model agrees well with the crack closure estimated by the ASTM compliance offset method for tests conducted at 5Hz frequency compared to tests conducted at 1Hz in corrosive environment.

Keywords: Corrosion fatigue, oxide induced crack closure, Elber's crack closure, ASTM compliance offset method.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2109

Authors: Matjaž Divjak, Simon Zelič, Aleš Holobar

Abstract:

We present a dedicated video-based monitoring system for quantification of patient’s attention to visual feedback during robot assisted gait rehabilitation. Two different approaches for eye gaze and head pose tracking are tested and compared. Several metrics for assessment of patient’s attention are also presented. Experimental results with healthy volunteers demonstrate that unobtrusive video-based gaze tracking during the robot-assisted gait rehabilitation is possible and is sufficiently robust for quantification of patient’s attention and assessment of compliance with the rehabilitation therapy.

Keywords: Video-based attention monitoring, gaze estimation, stroke rehabilitation, user compliance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1734

Authors: J. Sliseris, K. Rocens

Abstract:

The new optimization method for fiber orientation angle optimization of symmetrical multilayer plates like plywood is proposed. Optimization method consists of seeking for minimal compliance by choosing appropriate fiber orientation angle in outer layers of flexural plate. The discrete values of fiber orientation angles are used in method. Optimization results of simply supported plate and multispan plate with uniformly distributed load are provided. Results show that stiffness could be increased up to 20% by changing wood fiber orientation angle in one or two outer layers.

Keywords: Minimal compliance, flexural plate, plywood, discrete fiber angle optimization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1924

Authors: M. S. Razana, Z. W. Shafiuddin

Abstract:

Internal auditing is one of the most important activities for organizations that implement information security management systems (ISMS). The purpose of internal audits is to ensure the ISMS implementation is in accordance to the ISO/IEC 27001 standard and the organization’s own requirements for its ISMS. Competent internal auditors are the main element that contributes to the effectiveness of internal auditing activities. To realize this need, CyberSecurity Malaysia is now in the process of becoming a certification body that certifies ISMS internal auditors. The certification scheme will assess the competence of internal auditors in generic knowledge and skills in management systems, and also in ISMS-specific knowledge and skills. The certification assessment is based on the ISO/IEC 19011 Guidelines for auditing management systems, ISO/IEC 27007 Guidelines for information security management systems auditing and ISO/IEC 27001 Information security management systems requirements. The certification scheme complies with the ISO/IEC 17024 General requirements for bodies operating certification systems of persons. Candidates who pass the exam will be certified as an ISMS Internal Auditor, whose competency will be evaluated every three years.

Keywords: ISMS internal audit, ISMS internal auditor, ISO/IEC 17024, Competence, Certification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1775

Authors: Milton Pavezzi Netto, Gustavo D'Almeida Scarpinella, Ricardo Siloto da Silva

Abstract:

The springs located in urban areas are the outpouring of surface water, which can serve as water supply, effluent receptors and important local macro-drainage elements. With unplanned occupation, non-compliance with environmental legislation and the importance of these water bodies, it is vital to analyze the springs within urban areas, considering the Brazilian forest code. This paper submits an analysis and discussion methodology proposal of environmental compliance functions of urban springs, by means of G.I.S. - Geographic Information System analysis - and in situ analysis. The case study included two springs which exhibit a history of occupation along its length, with different degrees of impact. The proposed method is effective and easy to apply, representing a powerful tool for analyzing the environmental conditions of springs in urban areas.

Keywords: Springs, urban area, Brazilian forest code.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1546

Authors: Atul Khurana, Rajul Rastogi, Hans-Joachim Gamperl

Abstract:

The pharmaceutical companies are getting more inclined towards patient support programs (PSPs) which assist patients and/or healthcare professionals (HCPs) in more desirable disease management and cost-effective treatment. The utmost objective of these programs is patient care. The PSPs may include financial assistance to patients, medicine compliance programs, access to HCPs via phone or online chat centers, etc. The PSP has a crucial role in terms of customer acquisition and retention strategies. During the conduct of these programs, Marketing Authorisation Holder (MAH) may receive information related to concerned medicinal products, which is usually reported by patients or involved HCPs. This information may include suspected adverse reaction(s) during/after administration of medicinal products. Hence, the MAH should design PSP to comply with regulatory reporting requirements and avoid non-compliance during PV inspection. The emergence of wireless health devices is lowering the burden on patients to manually incorporate safety data, and building a significant option for patients to observe major swings in reference to drug safety. Therefore, to enhance the adoption of these programs, MAH not only needs to aware patients about advantages of the program, but also recognizes the importance of time of patients and commitments made in a constructive manner. It is indispensable that strengthening the public health is considered as the topmost priority in such programs, and the MAH is compliant to Pharmacovigilance (PV) requirements along with regulatory obligations.

Keywords: Drug safety, good pharmacovigilance practice, patient support program, pharmacovigilance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2537

Authors: Cristina Sá, Carlos Gomes, António Martins

Abstract:

The reasons that explain different behaviors towards tax obligations in similar countries are not completely understood yet. The main purpose of this paper is to identify and compare the factors that influence tax morale levels in Portugal and Spain. We use data from European Values Study (EVS). Using a sample of 2,652 individuals, a factor analysis was used to extract the underlying dimensions of tax morale of Portuguese and Spanish taxpayers. Based on a factor analysis, the results of this paper show that sociological and behavioral factors, psychological factors and political factors are important for a good understanding of taxpayers’ behavior in Iberian Peninsula. This paper added value relies on the analyses of a wide range of variables and on the comparison between Portugal and Spain. Our conclusions provided insights that tax authorities and politicians can use to better focus their strategies and actions in order to increase compliance, reduce tax evasion, fight underground economy and increase country´s competitiveness.

Keywords: Compliance, tax morale, Portugal, Spain.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 954

Authors: M. Bruzza, M. Tupia, F. Rodríguez

Abstract:

As part of the regulatory compliance process and the streamlining of public administration, the Peruvian government has implemented the National E-Government Plan in all state institutions with the aim of providing citizens with solid services based on the use of Information and Communications Technologies (ICT). As part of the regulations, the requisites to be met by public institutions have been submitted. However, the lack of an implementation model was detected, one that can serve as a guide to such institutions in order to materialize the organizational and technological structures needed, which allow them to provide the required digital services. This paper develops an implementation model of electronic government (e-government) for Peru’s state institutions, in compliance with current regulations based on a COBIT 5.0 framework. Furthermore, the paper introduces phase 1 of this model: business and IT goals, the goals cascade and the future model of processes.

Keywords: E-government, implementation, model, COBIT 5.0, digital services, u-government, m-government.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1347