Submit a Paper

Propose a Workshop

The Fifth International Conference on Dependability

DEPEND 2012

August 19 - 24, 2012 - Rome, Italy


Tutorials

T1. Digital and Intelligent Sensors and Sensor Systems: Practical Design
by Prof. Dr. Serghei Yurish, IFSA, Spain

T2. Surface Enhanced Raman Scattering
by Dr. Victor Ovchinnikov, Helsinki University of Technology, Finland

T3. Secure Coding Practices for Middleware
by Prof. Dr. Barton P. Miller, University of Wisconsin, USA
by Prof. Dr. Elisa Heymann, Autonomous University of Barcelona, Spain

 

DETAILS

 

T1. Digital and Intelligent Sensors and Sensor Systems: Practical Design
by Prof. Dr. Serghei Yurish, IFSA, Spain

This tutorial describes modern developments and trends in the field of digital sensors and intelligent sensor and sensor systems design. Its background is based on programmable parameter-tofrequency (time) converters as a core microelectronic component and structuralalgorithmic methods for data extraction in order to move from a traditional analog-to-digital conversion to alternative frequency (period, duty-cycle, time interval)-to-digital conversion. Working in the frequency-time signal domain simplifies design, and obviates some technical and technological problems, due to the properties of frequency as informative parameter of sensors and transducers.

Digital sensor integration are heavily driven by technology scaling. The main reason for scaling is increased system performance at reduced manufacturing cost. In most systems digital circuits dominate with respect to die area and functional complexity. Digital blocks take full advantage of reduced device geometries in terms of area, power per functionality, and switching speed. On the other hand, analog circuits rely not on the fast transition speed between a few discrete states but mainly on the actual shape of the transistor characteristic. Technology scaling continuously degrades these characteristics with respect to analog performance parameters, such as output resistance or intrinsic gain. Below the 100 nm technology, the design of analog and mixed-signal circuits becomes perceptibly more difficult. This is particularly true for low supply voltage near 1 V or below. The result is not only an increased design effort, long development time, high risk, cost, and the need for very high volumes, but also growing power consumption. There are many reasons that analog doesn’t scale as readily. However, digital circuits scale very well with scaling CMOS technologies. So, the promised trend is the transition of traditional analog functions to the quasidigital domain, for example, to use a frequency (time)-to-digital conversion instead of analog-todigital conversion, and implement as many system components as possible in the digital or quasidigital domain. It lets get over technological limitation at scaling.

After a general overview of modern smart, digital and quasi-digital (with frequency, period, dutycycle, pulse-width modulated (PWM), phase-shift, pulse number, etc., output) sensors and transducers, intelligent sensor systems details will be discussed including: sensors, FDC (frequencyto- digital conversion based on advanced methods for frequency-time parameters measurements with adaptive possibilities), communication and interfacing. A systematic approach towards the practical design of low-cost, high-performance intelligent sensors and sensor systems with self-adaptation and self-identification possibilities is presented. The proposed design approach and technological platform for integration compatible with MEMS, system-on-chip (SoC) and system-in-package (SiP) implementations. It is based on the novel integrated circuits such as the Series of Universal Frequency-to-Digital Converters, Universal Sensors and Transducers Interface, and can overcome current hurdles to truly widespread deployment of smart sensors and systems. Different examples of sensors systems will be given and discussed in details. This tutorial is suitable for engineers and researchers who design and investigate various digital and intelligent sensors, data acquisition, and measurement systems. It should be also useful for sensors manufacturers, graduate and post graduate students.

 

T2. Surface Enhanced Raman Scattering
by Dr. Victor Ovchinnikov, Helsinki University of Technology, Finland

Surface Enhanced Raman Scattering (SERS) gave start for broad practical application of normally weak Raman scattering (bulk-phase Raman) in real world. Raman scattering is inelastic process, during which photons may lose or gain energy in vibrational excitations. The vibrational fingerprints (frequency shifts between excitation and scattered light) contain unique information about composition and structure of sample. However, cross-section of bulk-phase Raman scattering is ten orders of magnitude lower than of standard spectroscopic techniques based on absorption or fluorescence transitions. Thirty years ago it was found that Raman signal from monolayer of analyte on roughened silver surface is unexpectedly strong. Since that SERS became a powerful spectroscopy technique that allows for highly sensitive structural detection of low concentration analytes through the amplification of Raman scattering on nanostructured metal surfaces.

This tutorial starts from the origin of the infrared and Raman spectra. After that absorption and scattering of light by silver and gold nanoparticles, supporting surface plasmons is discussed. Isolated nanopartilces give rise to resonance oscillations in visible and near infrared regions with strong amplification of local electric field. Aggregates of nanoparticles, additionally, can sustain highly localized modes (hot spots) allowing for huge concentration of electromagnetic energy in small parts of the system: gaps, crevices or sharp features. Then, some fundamental processes are summarized for the metal nanoparticle–molecule interaction that provide SERS amplification and selection rules. There are two components in Raman enhancement on the metal surface – chemical and electromagnetic. It is now generally agreed that the dominant contributor to most SERS processes is the electromagnetic. The enhancement results from strong local electric fields at the location of analyte, due to interaction of light and metal nanostructures. This interaction includes excitation of localized surface plasmon resonances (SPR) and it is most effective when frequency of Raman scattering, excitation and SPR are close to each other. Efficiency of field amplification (enhancement factor) is proportional to the fourth power of the magnitude of the localized electromagnetic field and can reach 1010. Chemical enhancement involves metal-molecule charge transfer mechanisms, theoretically can reach 103 and is highly molecule specific. The total SERS enhancement factor is the product of both mentioned enhancements and may approach 1011. Then, the SERS setup for experiments is considered. The development of novel uses for SERS is accelerated by achievements in Raman instrumentation. Due to application of Raman microscopes and portable Raman spectrometers SERS transitioned from a pure laboratory technique to a valuable practical method. Finally, applications in the context of resonant SERS (SERRS), tip-enhanced Raman scattering (TERS), single molecule spectroscopy and real-world SERS applications are described.

Thousands of publications and expanding analytical applications of SERS require basic introduce on methods, tools and interpretation of spectra. I believe that SERS is really important subject and this presentation is useful for chemists, physicists, biologists, pharmacists and material scientists. It assumes that audience has already acquired an introductory understanding of solid state physics, optics and electromagnetism.

 

T3. Secure Coding Practices for Middleware
by Prof. Dr. Barton P. Miller, University of Wisconsin, USA
by Prof. Dr. Elisa Heymann, Autonomous University of Barcelona, Spain

Security is crucial in the software that we develop and use. This tutorial is relevant to anyone wanting to learn about minimizing security flaws in software they develop. We share our experiences gained from performing vulnerability assessments of critical middleware. You will learn skills critical for software developers and analysts concerned about software security.

This tutorial examines coding practices to prevent vulnerabilities by describing more than many types of vulnerabilities with examples of how they commonly arise, and techniques to prevent them. Most examples are in Java, C, C++, Perl and Python. All the examples come from real code belonging to Cloud and Grid systems we have assessed.

The security of software is becoming increasingly important to anyone who uses or develops it. This tutorial is an outgrowth of our experience in performing vulnerability assessment of critical middleware, which includes Google Chrome, Wireshark, Condor from the University of Wisconsin, the Storage Resource Broker from the San Diego Supercomputer Center, MyProxy from the National Center for Supercomputer Applications, VOMS Admin and Core from INFN, and many others. The tutorial will teach the processes and skills that we developed and used in these activities. We have taught similar tutorials at various conferences, meetings, government labs, and companies.

This tutorial does not assume any prior knowledge of security assessment or vulnerabilities. Our tutorial will focus on vulnerabilities. It will feature several interactive secure coding quizzes where the audience will be challenged to find as many vulnerabilities as they can in short code fragments. What the audience finds (and does not find) will then be discussed.

This section will also contain a discussion of the most common vulnerabilities and will be valuable to both developers and security assessors. Descriptions of each vulnerability will be presented with examples. It will be shown how the vulnerability typically occurs within code, pointing out API or techniques that commonly result in the vulnerability, and also how the vulnerability can be mitigated or eliminated through the use of other techniques or APIs. The causes and types of vulnerabilities covered will include:

* Lack of data validation
* Error Handling
* Buffer overflows
* Numeric errors
* Integer vulnerabilities
* Race conditions
* Injection attacks
- Format string attacks
- Command injection
- SQL injection
- Cross-site scripting (XSS)
* Web attacks
* Directory traversals
* Memory management attacks
* Race conditions
* Denial of service
* Insecure permissions
* Not dropping privileges
* Information leaks

------------------------------------------------------------------------------
Intended Audience
------------------------------------------------------------------------------

This tutorial is relevant to developers wishing to minimize security flaws in software that they develop. It covers the defensive side of security -- how to prevent problems by showing many types of vulnerabilities that occur in code and what techniques can be used to prevent them.

The target audience for this tutorial is anyone involved with the development, deployment, or management of critical software. To gain maximum benefit from this tutorial, attendees should be familiar with the process of developing software and at least one of the C, C++ Java or scripting programming languages. A basic knowledge of the standard C library and the POSIX API will aid the participant.

 
 

Copyright (c) 2006-2012, IARIA