The document discusses attacks on cyber-physical systems and sensor spoofing. It begins with an introduction of the author, Jason Larsen, and his work studying attacks on critical infrastructures. It then discusses past demonstrations of attacks on control systems and the potential to hide attacks in physical sensors. The document explores techniques for spoofing sensor readings, including simulating sensor noise and extracting disturbances from real sensor data. It proposes using triangles to model sensor readings and extract state information. The goal is to insert this spoofing code into sensor firmware while reusing existing code to minimize the attack payload.
To write programs for executing statements repeatedly using a while loop (§4.2).
To develop a program for GuessNumber and SubtractionQuizLoop (§4.2.1).
To follow the loop design strategy to develop loops (§4.2.2).
To develop a program for SubtractionQuizLoop (§4.2.3).
To control a loop with a sentinel value (§4.2.3).
To obtain large input from a file using input redirection rather than typing from the keyboard (§4.2.4).
To write loops using do-while statements (§4.3).
To write loops using for statements (§4.4).
To discover the similarities and differences of three types of loop statements (§4.5).
To write nested loops (§4.6).
To learn the techniques for minimizing numerical errors (§4.7).
To learn loops from a variety of examples (GCD, FutureTuition, MonteCarloSimulation) (§4.8).
To implement program control with break and continue (§4.9).
(GUI) To control a loop with a confirmation dialog (§4.10).
[CLASS 2014] Palestra Técnica - Cesar OliveiraTI Safe
Este documento apresenta o conceito e desenho de um programa integrado de segurança da informação para sistemas de automação da Vale. Inicialmente, descreve o cenário atual de ameaças e riscos à segurança destes sistemas. Em seguida, detalha a avaliação de riscos realizada e o planejamento de ações de segurança para cada área operacional priorizada. Por fim, estabelece um programa completo de segurança cibernética para os sistemas de automação da empresa baseado em padrões internacionais.
Understanding Latency Response Time and BehaviorzuluJDK
Understanding Latency Response Time and Behavior by Matt Schuetze, Director of Product Management at Azul Systems
Find him on Twitter at @schuetzematt
For all of your openJDK™, Java, and Azul Systems information, please find us on the web at:
http://www.zuluJDK.org
http://www.azulsystems.com
@zuluJDK.org
@azulsystems
Intelligent Trading Summit NY 2014: Understanding Latency: Key Lessons and ToolsAzul Systems Inc.
The document discusses latency and response time behavior in systems. It notes that latency distributions are often not normal and can have long-tailed outliers far from the average. It emphasizes measuring latency at percentiles rather than just averages to characterize behavior. Tools like HdrHistogram and jHiccup are presented to help visualize latency distributions and detect intermittent problems. The document also stresses properly defining requirements in terms of percentiles and maximum response times rather than averages alone.
Bypassing Secure Boot using Fault InjectionRiscure
The Fault Injection attack surface of Secure Boot implementations is determined by the specifics of their design and implementation. Using a generic Secure Boot design we detail multiple vulnerabilities (~10) using examples in source code, disassembly and hardware. We will determine what the impact is of the target's design on its Fault Injection attack surface: from high-level architecture to low-level implementation details. Research originally presented in November 2016 at BlackHat Europe.
The 7th SENSE Brain Gate System allows control of electronic devices through brain activity detected by sensors. It works by converting brain activity detected by an EEG sensor into computer commands. These commands can then operate and control devices like a computer or TV. The system undergoes training where the user learns to control simple operations. It has advantages like speed and potential applications for helping paralysis patients control devices with their brain.
Story points considered harmful - or why the future of estimation is really i...Vasco Duarte
Story points are commonly used for estimating software projects, but this document argues they are flawed and an alternative approach using number of items completed provides a better measure of progress. The document analyzes several claims made to justify using story points and finds them lacking. Data from nine real projects shows a very high correlation between story points and number of items, indicating they measure the same underlying information. Additionally, the number of items metric more accurately predicted the actual project outcomes over multiple sprints in one example project. Overall, the document argues the number of items approach provides equivalent information to story points but with less overhead and greater accuracy.
Quantum Computing algorithm and new business applicationsQCB-Conference
Quantum Computing algorithm and new business applications
Christopher SAVOIE - CEO, Zapata Computing, USA
Zapata Computing develops quantum computing software and algorithms to solve industry-critical problems: environment, human health, energy, food security, defense and security… It offers a platform providing enterprise scientists exploring quantum solutions with a unified access to all leading hardware and algorithms.
To write programs for executing statements repeatedly using a while loop (§4.2).
To develop a program for GuessNumber and SubtractionQuizLoop (§4.2.1).
To follow the loop design strategy to develop loops (§4.2.2).
To develop a program for SubtractionQuizLoop (§4.2.3).
To control a loop with a sentinel value (§4.2.3).
To obtain large input from a file using input redirection rather than typing from the keyboard (§4.2.4).
To write loops using do-while statements (§4.3).
To write loops using for statements (§4.4).
To discover the similarities and differences of three types of loop statements (§4.5).
To write nested loops (§4.6).
To learn the techniques for minimizing numerical errors (§4.7).
To learn loops from a variety of examples (GCD, FutureTuition, MonteCarloSimulation) (§4.8).
To implement program control with break and continue (§4.9).
(GUI) To control a loop with a confirmation dialog (§4.10).
[CLASS 2014] Palestra Técnica - Cesar OliveiraTI Safe
Este documento apresenta o conceito e desenho de um programa integrado de segurança da informação para sistemas de automação da Vale. Inicialmente, descreve o cenário atual de ameaças e riscos à segurança destes sistemas. Em seguida, detalha a avaliação de riscos realizada e o planejamento de ações de segurança para cada área operacional priorizada. Por fim, estabelece um programa completo de segurança cibernética para os sistemas de automação da empresa baseado em padrões internacionais.
Understanding Latency Response Time and BehaviorzuluJDK
Understanding Latency Response Time and Behavior by Matt Schuetze, Director of Product Management at Azul Systems
Find him on Twitter at @schuetzematt
For all of your openJDK™, Java, and Azul Systems information, please find us on the web at:
http://www.zuluJDK.org
http://www.azulsystems.com
@zuluJDK.org
@azulsystems
Intelligent Trading Summit NY 2014: Understanding Latency: Key Lessons and ToolsAzul Systems Inc.
The document discusses latency and response time behavior in systems. It notes that latency distributions are often not normal and can have long-tailed outliers far from the average. It emphasizes measuring latency at percentiles rather than just averages to characterize behavior. Tools like HdrHistogram and jHiccup are presented to help visualize latency distributions and detect intermittent problems. The document also stresses properly defining requirements in terms of percentiles and maximum response times rather than averages alone.
Bypassing Secure Boot using Fault InjectionRiscure
The Fault Injection attack surface of Secure Boot implementations is determined by the specifics of their design and implementation. Using a generic Secure Boot design we detail multiple vulnerabilities (~10) using examples in source code, disassembly and hardware. We will determine what the impact is of the target's design on its Fault Injection attack surface: from high-level architecture to low-level implementation details. Research originally presented in November 2016 at BlackHat Europe.
The 7th SENSE Brain Gate System allows control of electronic devices through brain activity detected by sensors. It works by converting brain activity detected by an EEG sensor into computer commands. These commands can then operate and control devices like a computer or TV. The system undergoes training where the user learns to control simple operations. It has advantages like speed and potential applications for helping paralysis patients control devices with their brain.
Story points considered harmful - or why the future of estimation is really i...Vasco Duarte
Story points are commonly used for estimating software projects, but this document argues they are flawed and an alternative approach using number of items completed provides a better measure of progress. The document analyzes several claims made to justify using story points and finds them lacking. Data from nine real projects shows a very high correlation between story points and number of items, indicating they measure the same underlying information. Additionally, the number of items metric more accurately predicted the actual project outcomes over multiple sprints in one example project. Overall, the document argues the number of items approach provides equivalent information to story points but with less overhead and greater accuracy.
Quantum Computing algorithm and new business applicationsQCB-Conference
Quantum Computing algorithm and new business applications
Christopher SAVOIE - CEO, Zapata Computing, USA
Zapata Computing develops quantum computing software and algorithms to solve industry-critical problems: environment, human health, energy, food security, defense and security… It offers a platform providing enterprise scientists exploring quantum solutions with a unified access to all leading hardware and algorithms.
How NOT to Measure Latency, Gil Tene, London, Oct. 2013Azul Systems Inc.
Time is money. Understanding application responsiveness and latency is critical not only for delivering good application behavior but also for maintaining profitability and containing risk. But good characterization of bad data is useless. When measurements of response time present false or misleading latency information, even the best analysis can lead to wrong operational decisions and poor application experience.
This presentation discusses common pitfalls encountered in measuring and characterizing latency. It demonstrates and discusses some false assumptions and measurement techniques that lead to dramatically incorrect reporting and covers ways to do a sanity check and correct such situations.
Artificial Neural Network Tutorial | Deep Learning With Neural Networks | Edu...Edureka!
This Edureka "Neural Network Tutorial" tutorial will help you to understand the basics of Neural Networks and how to use it for deep learning. It explains Single layer and Multi layer Perceptron in detail.
Below are the topics covered in this tutorial:
1. Why Neural Networks?
2. Motivation Behind Neural Networks
3. What is Neural Network?
4. Single Layer Percpetron
5. Multi Layer Perceptron
6. Use-Case
7. Applications of Neural Networks
Unum Computing: An Energy Efficient and Massively Parallel Approach to Valid ...inside-BigData.com
In this deck, John Gustafson presents: An Energy Efficient and Massively Parallel Approach to Valid Numerics.
"Written by one of the foremost experts in high-performance computing and the inventor of Gustafson’s Law, The End of Error: Unum Computing explains a new approach to computer arithmetic: the universal number (unum). The unum encompasses all IEEE floating-point formats as well as fixed-point and exact integer arithmetic. This new number type obtains more accurate answers than floating-point arithmetic yet uses fewer bits in many cases, saving memory, bandwidth, energy, and power."
Watch the video presentation: http://wp.me/p3RLHQ-dTk
Sign up for our insideHPC Newsletter: http://insidehpc.com/newsletter
Automated Analysis of Behavioral Data – Examples from Fear Conditioning StudiesInsideScientific
Gerry Herrera, PhD discusses key aspects of designing behavioral studies using examples from fear conditioning paradigms in rodents where automated "freeze" scoring video technology is used.
This webinar deals with the hot topic of automated analysis of behavioral data. Don’t fall victim to the approach of “set it and forget it” that is all too common in this field. It is important to understand the underlying behavior that is being measured. The test system used for automated analysis should provide a way for the user to take control of and validate the settings used for analysis. Only after careful validation can the research results be trusted and relied upon.
During this educational webinar Dr. Gerry Herrera, Vice President of Med Associates Inc., reviews hardware and system configuration strategy as it relates to the popular Video Freeze® System for automated fear conditioning studies in laboratory rodents. In addition, he discusses key principles behind fear conditioning paradigms, correct protocol design, and the importance of both methods and equipment validation.
The document discusses prototyping using Arduino and Processing. It provides an introduction to the workshop which aims to get people started with prototyping and experiencing the joy of making things together. The structure involves idea generation, prototyping schematics, and building projects. It also gives overviews of Processing and its capabilities, examples of fiducial-based projects, physical computing, and basics of Arduino like pins, analog/digital write, and how to write a sketch.
Need for Async: Hot pursuit for scalable applicationsKonrad Malawski
This document discusses asynchronous processing and how it relates to scalability and performance. It begins with an introduction on why asynchronous processing is important for highly parallel systems. It then covers topics like asynchronous I/O, scheduling, latency measurement, concurrent data structures, and techniques for distributed systems like backup requests and combined requests. The overall message is that asynchronous programming allows more efficient use of resources through approaches like non-blocking I/O, and that understanding these principles is key to building scalable applications.
This document describes a robot project that uses a VU meter to track sound intensity levels in real-time. The robot uses a microcontroller, electret microphone, amplifier circuit, and LCD display to traverse an area on a virtual grid and find the highest sound intensity. It measures sound values at grid points and stores them in an array. The robot follows algorithms to navigate the grid, return to origin, and navigate to points of highest/lowest sound. Potential extensions using MATLAB graphical interface and other sensors are proposed.
SensorThings API Webinar - #2 of 4 - IoT Data Modeling with Open StandardsSensorUp
OGC SensorThings API Get Started Webinar Series #2 of 4. (Dec 3 2015)
Title: IoT Data Modeling with Open Standards
Watch recording here: https://www.youtube.com/watch?v=3bAqa20q8XU
More to come:
#3: Connect and Manage Your Sensors with OGC SensorThings API (Dec 10th 2015)
#4: Query and Analytics with SensorThings API (Dec 17th 2015)
Register our webinar here: http://sensorup.com/#signup
Incident Management in the Age of DevOps and SRE Rundeck
Damon Edwards, co-founder of Rundeck, presents at Salt Lake City DevOps Meetup, November 13, 2019.
There is no doubt that DevOps has changed how we deliver software. But what about after deployment? Whether you are in a traditional operations organization or a “you build it, you run it” team, how do you mobilize, resolve, and learn from incidents? This talk will look at how high performing organizations have applied DevOps and SRE practices to shorten incidents and reduce escalations. Less frustration for the engineers. Lower costs for the business. Everybody wins.
See a Demo of Rundeck Enterprise :
https://www.rundeck.com/see-demo
--or--
Download Rundeck Open Source here:
https://rundeck.com/open-source
Connect:
Stack Overflow community: https://stackoverflow.com/questions/tagged/rundeck
Github: https://github.com/rundeck/rundeck/issues
Twitter: https://twitter.com/Rundeck
Facebook: https://www.facebook.com/RundeckInc/
LinkedIn: www.linkedin.com › company › rundeck-inc
There are many modern techniques for identifying anomalies in datasets. There are fewer that work as online algorithms suitable for application to real-time streaming data. What’s worse? Most of these methodologies require a deep understanding of the data itself. In this talk, we tour what the options are for identifying anomalies in real-time data and discuss how much we really need to know before hand to guess at the ever-useful question: is this normal?
BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...Big Data Week
The Internet of Things is the biggest challenge Big Data has ever faced. For the first time in history, inexpensive connected devices with sensors are available that generate vast amounts of data in seconds. What does it mean for data science that my cat generates gigabytes of data every few hours? Clearly the emergence of IoT technologies will change Big Data as we know it, quite possibly beyond recognition. I will outline three ways in which the IoT explosion will change how we work, three assumptions about data it has irrevocably challenged and three ways we can not merely cope but thrive within this unprecedented expansion of data volumes, velocity and variety (and cats).
Sense Your Smart City: Connect Environmental Sensors to SensorThings APISensorUp
This webinar is a hands-on tutorial showing you the steps connecting environmental sensors for your smart city application using the OGC SensorThings API standard specifications.
Source code available here: https://gist.github.com/liangsteve/16ec7e024d2eff0c266e9c5e8495dbaa
Youtube video available here: https://www.youtube.com/watch?v=GMrnerjOqYs
Hardware fails, applications fail, our code... well, it fails too (at least mine). To prevent software failure we test. Hardware failures are inevitable, so we write code that tolerates them, then we test. From tests we gather metrics and act upon them by improving parts that perform inadequately. Measuring right things at right places in an application is as much about good engineering practices and maintaining SLAs as it is about end user experience and may differentiate successful product from a failure.
In order to act on performance metrics such as max latency and consistent response times we need to know their accurate value. The problem with such metrics is that when using popular tools we get results that are not only inaccurate but also too optimistic.
During my presentation I will simulate services that require monitoring and show how gathered metrics differ from real numbers. All this while using what currently seems to be most popular metric pipeline - Graphite together with metrics.dropwizard.io library - and get completely false results. We will learn to tune it and get much better accuracy. We will use JMeter to measure latency and observe how falsely reassuring the results are. Finally I will show how HdrHistogram helps in gathering reliable metrics. We will also run tests measuring performance of different metric classes.
Observability: Beyond the Three Pillars with SpringVMware Tanzu
In this presentation, we’ll explore the basics of the three pillars and what Spring has to offer to implement them for logging (SLF4J), metrics (Micrometer), and distributed tracing (Spring Cloud Sleuth, Zipkin/Brave, OpenTelemetry).
I’ll also talk about how to take your system to the next level, and what else you can find in Spring and related technologies to look under the hood of your running system (Spring Boot Actuator, Logbook, Eureka, Spring Boot Admin, Swagger, Spring HATEOAS) and what our future plans are.
Damon Edwards, co-founder of Rundeck, presentation at Nexus Conf 2018 on how Security teams can help Operations and, in turn, help themselves.
See a Demo of Rundeck Enterprise :
https://www.rundeck.com/see-demo
--or--
Download Rundeck Open Source here:
https://rundeck.com/open-source
Connect:
Stack Overflow community: https://stackoverflow.com/questions/tagged/rundeck
Github: https://github.com/rundeck/rundeck/issues
Twitter: https://twitter.com/Rundeck
Facebook: https://www.facebook.com/RundeckInc/
LinkedIn: www.linkedin.com › company › rundeck-inc
The experiment measured the firing rate of neurons in the ventral nerve cord of an anesthetized cockroach when exposed to different sound frequencies, including 200Hz, 400Hz, 600Hz, and an ultrasonic pest repellent of 25,000Hz. Eight trials were conducted for each frequency, and the average firing rate was calculated and statistically analyzed to determine the effect of different sound frequencies on neural activity. Electrodes were used to record extracellular action potentials from neurons and an oscilloscope and statistical tests analyzed the results.
Brain Waves Surfing - (In)security in EEG (Electroencephalography) TechnologiesAlejandro Hernández
Electroencephalography (EEG) is a non-invasive method for the recording and the study of electrical activity of the brain taken from the scalp. The source of these brain signals is mostly the synapic activity between brain cells (neurons). EEG activity is represented by different waveforms per second (frequencies) that can be used to diagnose or monitor different health conditions such as epilepsy, sleeping disorders, seizures, Alzheimer disease, among other clinical uses. On the other hand, brain signals are used for many other research and entertainment purposes, such as neurofeedback, arts and neurogaming. Nowadays, this technology is being adopted more and more in different industries.
A brief introduction of BCIs (Brain-Computer Interfaces) and EEG will be given in order to understand the risks involved in our brain signals processing, storage and transmission.
Live demos include the visualization of live brain activity, the sniffing of brain signals over TCP/IP as well as flaws in well-known EEG applications when dealing with some corrupted samples of the most widely used EEG file formats (e.g. EDF). These demos are a first approach to demonstrate that many EEG technologies are prone to common network and application attacks.
Finally, best practices and regulatory compliance on digital EEG will be discussed.
HeapStats: Troubleshooting with Serviceability and the New Runtime Monitoring...Yuji Kubota
The document discusses a new runtime monitoring tool called HeapStats that provides a lightweight Java agent for collecting troubleshooting information from a Java application. It summarizes problems with current troubleshooting approaches like insufficient logging and complicated settings. HeapStats aims to collect required information continuously with low overhead, and provide easy-to-use visualization of the collected data to help with troubleshooting memory and performance issues. The document demonstrates how HeapStats hooks into garbage collection to gather heap statistics without extra stop-the-world pauses.
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...TI Safe
O documento discute ataques cibernéticos em ambientes industriais, descrevendo técnicas como engenharia social, reverse shell, keylogger, fork bomb, phishing e ransomware. Ele também explica como o framework MITRE ATT&CK documenta táticas, técnicas e procedimentos comuns usados em ataques avançados.
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...TI Safe
O documento discute os desafios do saneamento em cidades inteligentes. Ele explica que as cidades só podem se tornar verdadeiramente inteligentes quando as utilities de saneamento também se tornam inteligentes e compartilham dados de forma segura. Finalmente, destaca grandes desafios como conectividade, cibersegurança, integração de sistemas e soluções ponta a ponta para infraestruturas inteligentes.
More Related Content
Similar to [CLASS 2014] Palestra Técnica - Jason Larsen
How NOT to Measure Latency, Gil Tene, London, Oct. 2013Azul Systems Inc.
Time is money. Understanding application responsiveness and latency is critical not only for delivering good application behavior but also for maintaining profitability and containing risk. But good characterization of bad data is useless. When measurements of response time present false or misleading latency information, even the best analysis can lead to wrong operational decisions and poor application experience.
This presentation discusses common pitfalls encountered in measuring and characterizing latency. It demonstrates and discusses some false assumptions and measurement techniques that lead to dramatically incorrect reporting and covers ways to do a sanity check and correct such situations.
Artificial Neural Network Tutorial | Deep Learning With Neural Networks | Edu...Edureka!
This Edureka "Neural Network Tutorial" tutorial will help you to understand the basics of Neural Networks and how to use it for deep learning. It explains Single layer and Multi layer Perceptron in detail.
Below are the topics covered in this tutorial:
1. Why Neural Networks?
2. Motivation Behind Neural Networks
3. What is Neural Network?
4. Single Layer Percpetron
5. Multi Layer Perceptron
6. Use-Case
7. Applications of Neural Networks
Unum Computing: An Energy Efficient and Massively Parallel Approach to Valid ...inside-BigData.com
In this deck, John Gustafson presents: An Energy Efficient and Massively Parallel Approach to Valid Numerics.
"Written by one of the foremost experts in high-performance computing and the inventor of Gustafson’s Law, The End of Error: Unum Computing explains a new approach to computer arithmetic: the universal number (unum). The unum encompasses all IEEE floating-point formats as well as fixed-point and exact integer arithmetic. This new number type obtains more accurate answers than floating-point arithmetic yet uses fewer bits in many cases, saving memory, bandwidth, energy, and power."
Watch the video presentation: http://wp.me/p3RLHQ-dTk
Sign up for our insideHPC Newsletter: http://insidehpc.com/newsletter
Automated Analysis of Behavioral Data – Examples from Fear Conditioning StudiesInsideScientific
Gerry Herrera, PhD discusses key aspects of designing behavioral studies using examples from fear conditioning paradigms in rodents where automated "freeze" scoring video technology is used.
This webinar deals with the hot topic of automated analysis of behavioral data. Don’t fall victim to the approach of “set it and forget it” that is all too common in this field. It is important to understand the underlying behavior that is being measured. The test system used for automated analysis should provide a way for the user to take control of and validate the settings used for analysis. Only after careful validation can the research results be trusted and relied upon.
During this educational webinar Dr. Gerry Herrera, Vice President of Med Associates Inc., reviews hardware and system configuration strategy as it relates to the popular Video Freeze® System for automated fear conditioning studies in laboratory rodents. In addition, he discusses key principles behind fear conditioning paradigms, correct protocol design, and the importance of both methods and equipment validation.
The document discusses prototyping using Arduino and Processing. It provides an introduction to the workshop which aims to get people started with prototyping and experiencing the joy of making things together. The structure involves idea generation, prototyping schematics, and building projects. It also gives overviews of Processing and its capabilities, examples of fiducial-based projects, physical computing, and basics of Arduino like pins, analog/digital write, and how to write a sketch.
Need for Async: Hot pursuit for scalable applicationsKonrad Malawski
This document discusses asynchronous processing and how it relates to scalability and performance. It begins with an introduction on why asynchronous processing is important for highly parallel systems. It then covers topics like asynchronous I/O, scheduling, latency measurement, concurrent data structures, and techniques for distributed systems like backup requests and combined requests. The overall message is that asynchronous programming allows more efficient use of resources through approaches like non-blocking I/O, and that understanding these principles is key to building scalable applications.
This document describes a robot project that uses a VU meter to track sound intensity levels in real-time. The robot uses a microcontroller, electret microphone, amplifier circuit, and LCD display to traverse an area on a virtual grid and find the highest sound intensity. It measures sound values at grid points and stores them in an array. The robot follows algorithms to navigate the grid, return to origin, and navigate to points of highest/lowest sound. Potential extensions using MATLAB graphical interface and other sensors are proposed.
SensorThings API Webinar - #2 of 4 - IoT Data Modeling with Open StandardsSensorUp
OGC SensorThings API Get Started Webinar Series #2 of 4. (Dec 3 2015)
Title: IoT Data Modeling with Open Standards
Watch recording here: https://www.youtube.com/watch?v=3bAqa20q8XU
More to come:
#3: Connect and Manage Your Sensors with OGC SensorThings API (Dec 10th 2015)
#4: Query and Analytics with SensorThings API (Dec 17th 2015)
Register our webinar here: http://sensorup.com/#signup
Incident Management in the Age of DevOps and SRE Rundeck
Damon Edwards, co-founder of Rundeck, presents at Salt Lake City DevOps Meetup, November 13, 2019.
There is no doubt that DevOps has changed how we deliver software. But what about after deployment? Whether you are in a traditional operations organization or a “you build it, you run it” team, how do you mobilize, resolve, and learn from incidents? This talk will look at how high performing organizations have applied DevOps and SRE practices to shorten incidents and reduce escalations. Less frustration for the engineers. Lower costs for the business. Everybody wins.
See a Demo of Rundeck Enterprise :
https://www.rundeck.com/see-demo
--or--
Download Rundeck Open Source here:
https://rundeck.com/open-source
Connect:
Stack Overflow community: https://stackoverflow.com/questions/tagged/rundeck
Github: https://github.com/rundeck/rundeck/issues
Twitter: https://twitter.com/Rundeck
Facebook: https://www.facebook.com/RundeckInc/
LinkedIn: www.linkedin.com › company › rundeck-inc
There are many modern techniques for identifying anomalies in datasets. There are fewer that work as online algorithms suitable for application to real-time streaming data. What’s worse? Most of these methodologies require a deep understanding of the data itself. In this talk, we tour what the options are for identifying anomalies in real-time data and discuss how much we really need to know before hand to guess at the ever-useful question: is this normal?
BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...Big Data Week
The Internet of Things is the biggest challenge Big Data has ever faced. For the first time in history, inexpensive connected devices with sensors are available that generate vast amounts of data in seconds. What does it mean for data science that my cat generates gigabytes of data every few hours? Clearly the emergence of IoT technologies will change Big Data as we know it, quite possibly beyond recognition. I will outline three ways in which the IoT explosion will change how we work, three assumptions about data it has irrevocably challenged and three ways we can not merely cope but thrive within this unprecedented expansion of data volumes, velocity and variety (and cats).
Sense Your Smart City: Connect Environmental Sensors to SensorThings APISensorUp
This webinar is a hands-on tutorial showing you the steps connecting environmental sensors for your smart city application using the OGC SensorThings API standard specifications.
Source code available here: https://gist.github.com/liangsteve/16ec7e024d2eff0c266e9c5e8495dbaa
Youtube video available here: https://www.youtube.com/watch?v=GMrnerjOqYs
Hardware fails, applications fail, our code... well, it fails too (at least mine). To prevent software failure we test. Hardware failures are inevitable, so we write code that tolerates them, then we test. From tests we gather metrics and act upon them by improving parts that perform inadequately. Measuring right things at right places in an application is as much about good engineering practices and maintaining SLAs as it is about end user experience and may differentiate successful product from a failure.
In order to act on performance metrics such as max latency and consistent response times we need to know their accurate value. The problem with such metrics is that when using popular tools we get results that are not only inaccurate but also too optimistic.
During my presentation I will simulate services that require monitoring and show how gathered metrics differ from real numbers. All this while using what currently seems to be most popular metric pipeline - Graphite together with metrics.dropwizard.io library - and get completely false results. We will learn to tune it and get much better accuracy. We will use JMeter to measure latency and observe how falsely reassuring the results are. Finally I will show how HdrHistogram helps in gathering reliable metrics. We will also run tests measuring performance of different metric classes.
Observability: Beyond the Three Pillars with SpringVMware Tanzu
In this presentation, we’ll explore the basics of the three pillars and what Spring has to offer to implement them for logging (SLF4J), metrics (Micrometer), and distributed tracing (Spring Cloud Sleuth, Zipkin/Brave, OpenTelemetry).
I’ll also talk about how to take your system to the next level, and what else you can find in Spring and related technologies to look under the hood of your running system (Spring Boot Actuator, Logbook, Eureka, Spring Boot Admin, Swagger, Spring HATEOAS) and what our future plans are.
Damon Edwards, co-founder of Rundeck, presentation at Nexus Conf 2018 on how Security teams can help Operations and, in turn, help themselves.
See a Demo of Rundeck Enterprise :
https://www.rundeck.com/see-demo
--or--
Download Rundeck Open Source here:
https://rundeck.com/open-source
Connect:
Stack Overflow community: https://stackoverflow.com/questions/tagged/rundeck
Github: https://github.com/rundeck/rundeck/issues
Twitter: https://twitter.com/Rundeck
Facebook: https://www.facebook.com/RundeckInc/
LinkedIn: www.linkedin.com › company › rundeck-inc
The experiment measured the firing rate of neurons in the ventral nerve cord of an anesthetized cockroach when exposed to different sound frequencies, including 200Hz, 400Hz, 600Hz, and an ultrasonic pest repellent of 25,000Hz. Eight trials were conducted for each frequency, and the average firing rate was calculated and statistically analyzed to determine the effect of different sound frequencies on neural activity. Electrodes were used to record extracellular action potentials from neurons and an oscilloscope and statistical tests analyzed the results.
Brain Waves Surfing - (In)security in EEG (Electroencephalography) TechnologiesAlejandro Hernández
Electroencephalography (EEG) is a non-invasive method for the recording and the study of electrical activity of the brain taken from the scalp. The source of these brain signals is mostly the synapic activity between brain cells (neurons). EEG activity is represented by different waveforms per second (frequencies) that can be used to diagnose or monitor different health conditions such as epilepsy, sleeping disorders, seizures, Alzheimer disease, among other clinical uses. On the other hand, brain signals are used for many other research and entertainment purposes, such as neurofeedback, arts and neurogaming. Nowadays, this technology is being adopted more and more in different industries.
A brief introduction of BCIs (Brain-Computer Interfaces) and EEG will be given in order to understand the risks involved in our brain signals processing, storage and transmission.
Live demos include the visualization of live brain activity, the sniffing of brain signals over TCP/IP as well as flaws in well-known EEG applications when dealing with some corrupted samples of the most widely used EEG file formats (e.g. EDF). These demos are a first approach to demonstrate that many EEG technologies are prone to common network and application attacks.
Finally, best practices and regulatory compliance on digital EEG will be discussed.
HeapStats: Troubleshooting with Serviceability and the New Runtime Monitoring...Yuji Kubota
The document discusses a new runtime monitoring tool called HeapStats that provides a lightweight Java agent for collecting troubleshooting information from a Java application. It summarizes problems with current troubleshooting approaches like insufficient logging and complicated settings. HeapStats aims to collect required information continuously with low overhead, and provide easy-to-use visualization of the collected data to help with troubleshooting memory and performance issues. The document demonstrates how HeapStats hooks into garbage collection to gather heap statistics without extra stop-the-world pauses.
Similar to [CLASS 2014] Palestra Técnica - Jason Larsen (20)
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...TI Safe
O documento discute ataques cibernéticos em ambientes industriais, descrevendo técnicas como engenharia social, reverse shell, keylogger, fork bomb, phishing e ransomware. Ele também explica como o framework MITRE ATT&CK documenta táticas, técnicas e procedimentos comuns usados em ataques avançados.
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...TI Safe
O documento discute os desafios do saneamento em cidades inteligentes. Ele explica que as cidades só podem se tornar verdadeiramente inteligentes quando as utilities de saneamento também se tornam inteligentes e compartilham dados de forma segura. Finalmente, destaca grandes desafios como conectividade, cibersegurança, integração de sistemas e soluções ponta a ponta para infraestruturas inteligentes.
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...TI Safe
O documento discute a importância de um laboratório de segurança cibernética industrial para infraestruturas críticas. Ele destaca exemplos de laboratórios em Israel e Portugal e requisitos para um laboratório no setor elétrico brasileiro. O documento também descreve os serviços e desafios de um laboratório como o Energy Cybersecurity Lab, uma parceria entre LACTEC e TI Safe para pesquisa, desenvolvimento e treinamento em segurança cibernética para redes de automação de energia elétrica.
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...TI Safe
O documento discute a certificação do ICS-SOC da TI Safe segundo a norma IEC 62443-2-4. Apresenta os requisitos da norma, o processo de certificação e os desafios de manter a conformidade no futuro, como remediar desvios, revisar documentação e elevar a maturidade dos processos.
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...TI Safe
This document discusses cybersecurity in electrical networks. It provides an overview of the evolving cyber threat landscape, and outlines a holistic approach to cybersecurity involving technology, processes, and people. The document discusses key cybersecurity standards like ISO/IEC 27001, IEC 62443, and IEC 62351. It also outlines Siemens' cybersecurity offerings, including secure products, certified solutions, and support services.
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...TI Safe
O documento descreve a jornada de 10 anos de cibersegurança da Ternium, começando com os desafios iniciais de proteger processos industriais críticos e sistemas de informação. Foi realizada uma análise de riscos com base em normas internacionais e implantada uma defesa em camadas com segmentação de rede, firewalls e monitoramento. O projeto evoluiu para um modelo multinacional com centralização e proteção dedicada para linhas críticas. Próximos passos incluem a adição de soluções de OT e aperfei
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...TI Safe
This document discusses best practices for operational technology (OT) security in a hyperconnected world. It outlines the current cybersecurity challenges faced by industries due to expanding attack surfaces and evolving threats. It recommends establishing pillars like segmentation, zero trust, and access control policies based on users to protect OT environments. The document also describes implementing a next-generation firewall, multi-factor authentication, endpoint security, event correlation and response workflows to enhance industrial cybersecurity.
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...TI Safe
1) Thales provides data encryption and security solutions for critical infrastructure sectors like utilities and energy. It has the number 1 market share for payment hardware security modules, general purpose HSMs, and cloud HSMs.
2) Cyber attacks on critical infrastructure are increasing, with ransomware attacks hitting 649 entities in 2021. Operational technology systems are also vulnerable, suffering 83% of breaches.
3) Thales provides end-to-end encryption solutions for critical infrastructure clients to securely transmit sensitive data. Case studies outline deployments for a global energy company and major UK energy operator to encrypt data across hybrid IT and protect critical communications.
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...TI Safe
O documento discute a importância de uma plataforma avançada de detecção e resposta a incidentes em ambientes OT/IOT. Apresenta dados sobre os setores mais atacados em 2021, com a manufatura em primeiro lugar. Também analisa as principais ameaças, vetores de ataque e regiões impactadas para os setores de manufatura, energia e transporte.
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...TI Safe
O documento discute a convergência entre Operational Technology (OT) e Information Technology (IT) e como proteger sistemas cibernéticos conectados à internet. Ele aborda a evolução dos sistemas de controle industrial, padrões como a ISA/IEC 62443 para segurança cibernética e desafios como ataques crescentes a sistemas industriais de controle.
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...TI Safe
Este documento discute a segurança cibernética no ambiente industrial da Gerdau, uma das principais produtoras de aço das Américas. O documento descreve a estrutura do projeto de segurança de redes industriais da Gerdau, incluindo as etapas de levantamento de campo, suprimentos, operação assistida, projeto e planejamento, e preparação e implantação. O projeto teve resultados positivos como nenhuma indisponibilidade causada e forte engajamento entre as equipes.
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...TI Safe
Critical infrastructure is increasingly being targeted by ransomware attacks and hacking, which have evolved from purely financially motivated crimes to acts of terrorism in some cases. A holistic approach is needed to address cybersecurity across both information technology and operational technology systems. Recent high-profile ransomware attacks have caused widespread disruptions by targeting critical infrastructure providers like the Colonial Pipeline and meat processor JBS. These attacks highlight the growing dangers posed by ransomware to critical industries and underscore the importance of proper cybersecurity policies, monitoring, and backups.
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...TI Safe
O documento discute a aplicação dos conceitos de cibersegurança e defesa em profundidade em subestações digitais na era da IEC 61850. Ele descreve um projeto de P&D de uma subestação digital que aplicou esses conceitos por meio de segmentação de redes, proteção de pontos finais, firewalls diversificados, autenticação, criptografia e hardening do sistema de acordo com padrões como a IEC 62351 e IEC 62443. O projeto gerou conhecimento para melhorar aplicações futuras de subestações digitais en
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...TI Safe
O documento discute a análise de riscos de cibersegurança, planejamento e implantação de contramedidas para conformidade com as novas regras do ONS para o Complexo de Belo Monte. Apresenta o histórico de cibersegurança da Norte Energia, a necessidade de conformidade regulatória e o planejamento de segurança. Também descreve a contratação da TI Safe para fornecer a solução ONS Ready e o progresso do projeto, com a Fase 1 concluída e a Fase 2 parcialmente implementada.
O documento discute conceitos como resiliência cibernética, antifragilidade cibernética, efeito Lindy, via negativa, pele no jogo e mercados impulsionando mudanças. Reforça a importância de visibilidade, inventário, segmentação e controle de anomalias para segurança cibernética bem feita.
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...TI Safe
O documento discute o desafio de implementar controle de acesso e autenticação multifator (MFA) no Grupo Energisa. O Grupo Energisa implementou uma solução tecnológica de MFA para melhorar a segurança, cumprir normas regulatórias e restringir acessos não autorizados. A implantação enfrentou desafios como a falta de base centralizada de usuários e mudança de cultura. A solução é gerenciada por meio de um SOC interno que monitora tentativas inválidas de login e aprova novos
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...TI Safe
O documento apresenta as principais ameaças cibernéticas a redes industriais, focando no cenário brasileiro. Apresenta os fatores de risco como ataques poderosos e o mundo em colapso, as ameaças reais como a profissionalização do cibercrime, e os resultados da 4a pesquisa TI Safe sobre a cibersegurança industrial no Brasil.
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...TI Safe
Este documento discute por que não se deve contratar SOCs de TI/híbridos para proteger redes industriais. Primeiramente, devido às diferenças no viés operacional entre TI e automação industrial, com a disponibilidade sendo o principal pilar de segurança para sistemas industriais. Além disso, pessoas, tecnologias e serviços de um SOC de TI podem não ser adequados para redes industriais e colocar a operação em risco. Um SOC dedicado à automação industrial deve ter especialistas qualificados, tecnologias apropriadas e procedimentos volt
Em 2020 o mundo experimentou uma situação inédita para a maioria dos seres humanos: uma pandemia global, provocada por um vírus desconhecido, que gerou mudanças significativas na vida de todos. No universo das empresas, foi observado um movimento de intensa digitalização de processos e adequação ao distanciamento social. Muitas delas, inclusive as indústrias, adotaram o trabalho remoto para seus colaboradores. Conforme as empresas adaptaram as suas operações, os criminosos também estabeleceram mudanças. São facilmente encontradas notícias relativas a golpes por email, WhatsApp e telefone. E com “chave de ouro”, 2021 foi aberto com o mega (ou seriaTera?) vazamento de dados de brasileiros, o que fornece mais combustível para esses golpes. O ICS-SOC (Centro de Operações de Segurança Cibernética Industrial, localizado no Rio de Janeiro) da TI Safe protege seus clientes contra ataques cibernéticos que possam afetar suas operações, fundamentais para a população e a cadeia de suprimentos do Brasil.Os dados de (milhões de) ataques de 2020, relativos a projetos desenvolvidos pela empresa, foram analisados para entender o aumento dos ataques em relação a 2019. Por uma questão de privacidade dos dados dos clientes, as informações serão apresentadas em percentuais.
O documento discute os novos procedimentos de segurança cibernética para adequação à rede do Operador Nacional do Sistema Elétrico (ONS), incluindo a implementação de controles de segurança em três ondas ao longo de três anos. A TI Safe propõe sua solução "ONS Ready" para ajudar as empresas de energia a cumprir os novos requisitos de segurança cibernética.
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillLizaNolte
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...Fwdays
Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless.
As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency.
We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
High performance Serverless Java on AWS- GoTo Amsterdam 2024Vadym Kazulkin
Java is for many years one of the most popular programming languages, but it used to have hard times in the Serverless community. Java is known for its high cold start times and high memory footprint, comparing to other programming languages like Node.js and Python. In this talk I'll look at the general best practices and techniques we can use to decrease memory consumption, cold start times for Java Serverless development on AWS including GraalVM (Native Image) and AWS own offering SnapStart based on Firecracker microVM snapshot and restore and CRaC (Coordinated Restore at Checkpoint) runtime hooks. I'll also provide a lot of benchmarking on Lambda functions trying out various deployment package sizes, Lambda memory settings, Java compilation options and HTTP (a)synchronous clients and measure their impact on cold and warm start times.
64. Finally!!
Inserting the rootkit into the firmware!
For each function in the rootkit, I have found a best
match function in the target firmware
o If mine has a CRC-16 and the target has a CRC-16, they will
have a small edit distance and get merged together
o Any orphans that simply don’t match will need to be
uint16_t crc16_update(uint16_t crc, uint8_t a){
int i;
crc ^= a;
for (i = 0; i 8; ++i){
if (crc 1)
crc = (crc 1) ^ 0xA001;
else
crc = (crc 1);
}
return crc;
}
added to the end
I can even merge two functions in the
target together to gain even more space
Now simply reverse the process from
BNF back to the target assembly
Instant firmware rootkit!