ENG2575 Technical Writing, Section OL70, Fall 2020

TO: Professor Ellis

FROM: Mamadou Bah

DATE: Sept 23, 2020

SUBJECT: 500-Word Summary Draft

This memo is a 500-Word summary of the article, “Comparative Analysis of Electrochemical Energy Storage Technologies for Smart Grid” by Reddy Salkuti.

The Various techniques used to store energy are the future for Renewable Energy and the Smart Grid system. Salkut argues, “storage techniques are the basis of the future of SG. Without adequate storage techniques, there will be no way to reliably meet the energy demands of the future” (Salkut, 2020, p. 2118). Those techniques play an important role in reducing the disadvantages Renewable energy faces today such as cost, popularity, production and sustainability. As the demand and supply of electricity vary all the times, Energy Storage is used to store energy when there is excess of production and use that energy when the demand is higher than the production. Renewable Energy can use super capacitors for a short-term storage and batteries for long term storage.

The types of battery technologies Salkuti writes about are the rechargeable that use chemical reactions to produce electricity. Energy storage technologies use rechargeable batteries following the process of reduction-oxidation for its charging and discharging process. They are classified into electrical, mechanical, electromechanical, and thermal. The different rechargeable Battery technologies described in this article are lithium-ion, sodium-sulfur, flow, lead acid and many other types of technologies that play a fundamental role in the Renewable energy sector and in the Smart Grid system.

The first battery technology Salkuti writes about in this article is the Lithium-ion battery. Made of graphite and lithium metal amalgams, Lithium-ion battery has high performance, but it has its disadvantages such as cost and sensitivity to high temperatures. It can be found in cars, phones and many other devices. The second is the Lithium iron phosphate. It is safe, and waste free. The third one is the Lithium-air batteries, found in electronics, electric car and Grid System, has high specific energy that can be compared to liquid fuels. The fourth one is the Sodium based battery which operates in room temperature. It has negative potential and specific capacity. The fifth one is Sodium-sulfur batteries that operates at 300 degrees Celsius with efficient charging process and can be found in vehicles and stationary applications. The sixth one is Sodium nickel chloride battery also called ZEBRA. It has a low internal resistance and high specific energy which makes it expensive, and it operates at high temperatures. Seventh one are Flow batteries that are built with two separates sides that is composed with chemical energy and it is very reliable. The following technology is Vanadium redox flow battery. It is a combination of ion metals, and it is unpopular. Next are Zinc-bromine batteries that use zinc metal for their anode plates and bromine for the cathode plates, and the energy is stored by the zinc metal. The last three technologies Salkuti lists are the Nickel-based batteries, Lead acids, and the Metal air. They are used in electronics and telecommunication, and they have good performances. 

Reference

Salkuti, S. R. (2020). Comparative analysis of electrochemical energy storage technologies for smart grid. Telkomnika, 18(4), 2118–2124. https://doi.org /10.12928/TELKOMNIKA.v18i4.14039

TO: Professor Ellis
FROM: Albert Chan
DATE: Sept. 22, 2020
SUBJECT: 500-Word Summary

The purpose of this 500-Word Summary is to condense the contents of “A First Look at Zoombombing”, by Ling C., Balci U. et al., with the purpose of the article analyzing why and how zoombombing (henceforth known as zbing) occurs, then suggesting a simple solution to the issue of zbing.

It starts out by identifying various virtual conferencing tools before mentioning the recent series of attacks of zbing. Then, there is a discussion of best practices to prevent zbing but not enough insider information on how the attacks are done (e.g. whether it is via brute force, insider, etc). There is also a cursory introduction to a later analysis on 2 social media platforms (Twitter, 4chan) and research on how to identify which postings of meeting credentials are “asking” attackers to zoombomb(henceforth known as zb) a meeting room. Research shows that most (above 50%) postings on both social media platforms are indeed “asking” attackers to zb their meeting room. Something to note is that nothing in the article is censored because everything is available online.

According to the Ling C., Balci U. et al, zbing is “composed of four phases…empirical evidence reported by previous research that studied coordinated online aggression, trolling, and harassment on other social media platforms”(p. 2). The four steps of the threat model are as follows: Call for attack, Coordination, Delivery, Harm. It is quite self-explanatory.

Later on, there is an identification of the top 10 most used online conferencing tools. There is a chart of data on these tools (e.g. free or not, how much to upgrade, year of release). Zoom was established in 2011, but has risen to prominence and gained infamy during the pandemic, thus coining the term zbing. Eight of the ten popular online meeting services are free to use. All services have a “you know meeting ID, you know the way in.” Less than half of the services provide security.

Twitter and 4chan are selected as social media platforms to analyze data(e.g. creating an API to collect posts [Twitter]), live threads with meeting ID on Zoom (4chan) or posts with meeting ID (Twitter). 

An introduction on how researchers separated zbing posts from non-zbing posts by organizing a codebook. Most likely still some false positives and false negatives in the end. On 4chan, Zoom and Google Meet have ~50% accuracy of zbing; ~50% of the posted links and messages are people asking to be zb-ed. On Twitter, much less % of people ask for attackers. It should be noted that the majority if not all Google Hangouts and Skype links are posted with good intentions. Identification of each post asking to be attacked, time, insider/not insider, others via codebook. Identification as well as separation of terms, themes, identity, contact. 

The solution to zbing is creating unique meeting links for each participant.

References

Ling, C., Balci, U., Blackburn, J., Stringhini, G. (2020). A First Look at Zoombombing. Computers and Society, 1(1), 1-14. https://arxiv.org/pdf/2009.03822.pdf 

TO: Professor Jason Ellis

FROM: Gladielle Z. Cifuentes

DATE: September 9, 2020

SUBJECT: 500-word summary

This is a 500-word summary of the article “Security Flaws in 802.11 Data Link Protocols” by Nancy Cam-Winget (Cisco Systems), Russ Housley (Vigil Security), David A. Wagner (University of CA at Berkeley) and Jesse Walker (Intel Corp.).It discusses the vulnerabilities that a WLAN experiences by a person who can potentially eavesdrop through radio receivers due to weak security protocols.

Wireless Equivalent Privacy (WEP) is the mechanism that the IEEE 802.11 protocol uses as its standard for data confidentiality. WEP had an array of flaws and would leave Wireless Local Area Networks (WLANs) with security vulnerabilities. This article will describe the flaws of WEP and how researchers went about on finding ways to improve the security or replace WEP. 

WEP has many vulnerabilities and reasons as to why it is not a trustworthy security protocol. Since using WEP is optional, it causes a huge threat to security. This results in encryption of data to never be used. Another defect of WEP is the shared key standard it uses for all devices. According to this article, the most serious security breach that WEP has is how attackers can use cryptanalysis to recover the encryption keys that the WEP uses on its devices. “Once the WEP key is discovered, all security is lost.” (Cam-Winget, Housley, Wagner & Walker, 2003, p. 36). Due to the flaws of WEP, the conclusion is that this security protocol was poorly designed. Experienced security protocol designers and cryptographers are needed for the creation of such difficult security protocol designs. 

A short-term solution to WEP is the creation of Temporal Key Integrity Protocol (TKIP). TKIP are sets of algorithms that “adapt the WEP protocol to address the known flaws while meeting these constraints” (Cam-Winget, Housley, Wagner & Walker, 2003, p. 37). Packet sequencing and Per-Packet key mixing are the functions that TKIP help with the security flaws of WEP for short term purposes. 

A long-term solution that researchers found for WEP security flaws is using the Counter-Mode-CBC-MAC Protocol. For the algorithm of this protocol, the Advanced Encryption system was used. This system contains features that improve the operation of the WEP and its security capabilities which include: single key usage, using integrity protection for packet header/packet payload, reducing latency by allowing precomputation, pipelining and more. In order to meet the criteria for this security protocol, the CCM mode was designed. 

CCM works by merging two techniques such as a counter mode for encryption and the Cipher Block Chaining Message Authentication Code (CBC-MAC). CCM is seen as a vulnerability due to it using the same key for both “confidentiality and integrity” (Cam-Winget, Housley, Wagner & Walker, 2003, p. 39)., It guarantees to never overlap the counter mode with the CBC-MAC vector. 

This article reviewed WEP and the security flaws found. The authors described short-term and long-term alternative protocols that can replace WEP and how they can be implemented for securing a WLAN. 

References:

Cam-Winget, N., Housley, R., Wagner, D., & Walker, J. (2003). Security Flaws in 802.11 Data Link Protocols. Communications of the ACM, 46(5), 35-39. https://doi.org/10.1145/769800.769823 

TO: Professor Ellis

FROM: Teodor Barbu

DATE: September 23, 2020

SUBJECT: 500-Word Summary

This memo is a 500-word summary of the article, “The Role of Openness in Open Collaboration: A Focus on Open‐Source Software Development Projects,” by Saerom Lee, Hyunmi Baek, and Sehwan Oh, professors at the University in Deagu and Seoul, Republic of Korea.

Easy access to information facilitated groups of people working on open projects over the internet and innovative companies learned how to exploit this as an important tool. GitHub and SourceForge are two platforms where people can open projects and developers work together to achieve a common goal. Open-source software development (OSSD) became an alternative to getting knowledge from the outside of the organization in a way to benefit both the organizations and developers. In this article the authors conduct an experiment to determine how exploration and exploitation, concepts of organizational learning, impact the development of a project. To effectively tackle the problems of OSSD, developers were separated in categories that either explore the internal resources or exploit the outside knowledge. For this research data was gathered from 17,691 repositories from GitHub. A team of developers, called an organization, can work on one or more projects, and can collaborate with other organizations to complete a project. GitHub encourages collaboration from the outside of an organization as a way of bringing new ideas and solutions and they consider it vital for the survival of an organization. The conductors of his experiment try to establish whichever exploration or exploitation is better for the overall progress of projects. In gathering and analyzing the data was used a web crawler powered by Python focused on GitHub projects bigger than 300 days and with at least five people. The number of commits was considered relevant for developers’ performance.

The results of the experiment show that successful repositories have more external developers but also a dedicated internal team that uses efficiently inside resources in their external interactions. In the cases followed with release software they also notice an increased external collaboration. As the researchers conclude, “we determined that the impact of exploration increases with an increase in exploitation, that is, ambidextrous research has a positive impact on the project performance of an open collaboration over the Internet.” (Lee, Baek, & Oh, 2020, p. 202). Three models reveal that a repository is successful if the number of external collaborations is higher and the performance drops if the number of internal members is higher. As Model 4 monitors software release cases, they found that performance is affected after the release just because all the development is switched to maintenance done by the internal team and external interaction is not mandatory anymore. This experiment demonstrates the importance of free unlimited interaction in OSSD. Exchange of ideas with collaborators outside the team proved to be beneficial for the success of the projects and for the future consistency of the teams.

References

TO: Professor Ellis 

FROM: Lia Barbu

DATE: September 23, 2020

SUBJECT: 500-Word Summary

This memo is a 500-word summary of the article, “Cyber Security in the Quantum Era,” by Petros Alden and Elham Kashefi, both professors in the School of Informatics at the University of Edinburg. 

Cybersecurity is essential to protect our systems, and it should be ready for a new computational model as quantum technologies. Quantum theory was by far one of the significant technological developments of the 20th century. A breakthrough will be possible soon due to the research in the field. Quantum computers will be the most valuable quantum technology due to their computational power. Quantum technologies’ achievements already exist Google’s processor “Bristlecone” and satellite quantum communication.

Quantum computers are no longer a myth, and cybersecurity must prepare for this new era. Alden and Kashefi inform us, “Quantum technologies may have a negative effect to cybersecurity, when viewed as a resource for adversaries, but can also have a positive effect, when honest parties use these technologies to their advantage.” (Alden & Kashefi, 2019, p. 121). There are three scenarios: one everything is secure, and the other two explore what new challenges quantum technologies can create. In the first scenario, the honest party has classic technologies, and the adversary has a large quantum computer. In the second scenario, the honest party has limited access to quantum technologies, and the adversary can use any quantum technologies. The third scenario looks in the future: quantum computation devices and the parts implicated in the process would protect their data and be secure. The focus will be on quantum technology’s effects on cryptographic attacks and attacks on the new quantum hardware. 

Even though quantum attacks seem far away; there are three essential rationales why we must address it now: security can hit retroactively, to create secure cryptographic solutions, and to be ready to implement the new technology. Cybersecurity research in post-quantum cryptography is divided into three classes considering adversary use of quantum technology: classic technology with access to an oracle/quantum computer, modification of security definition, and changes required to the new protocol. There are cryptosystems considered secure to a quantum computer attack, and the article considers three issues: confidence, usability, and efficiency. Next is explained what can happen when the adversary can make changes to security notions and what steps should be taken to prevent and stop this action. Quantum rewinding is a technique that adds a mechanism that enforces malicious adversaries to behave as a weak one.

As quantum technologies develop, quantumly protocols should become a reality. Practicality includes research that includes quantum technologies presently achievable. Quantum gadgets open a door for new attacks like side-channels attacks. The security for this is the device-independence that comes with high resources cost. Standardization and protocols should be created for quantum technology. Quantum technology will become a significant part of the computing and communication environment. 

Reference

WALLDEN, P., & KASHEFI, E. (2019). Cyber security in the quantum era. Communications of the ACM, 62(4), 120–129. https://doi.org/10.1145/3241037

TO: Professor Ellis

FROM: Enmanuel Arias

DATE: September 16, 2020

SUBJECT: 500-Word Summary

This memo is a 500-word summary of the article, “Explore Modern Responsive Web Design Techniques” by Elena Parvanova, a member of the National Organizing Committee for the IEEE International Conference on Information Technologies.

29 years ago, Tim Berners-Lee created the first website that consisted of left-aligned text with blue hyperlinks on a white background. The first websites were created and managed by the IT departments of large companies. Nowadays, anyone with basic computer skills can create a website.  With the web design industry continually growing, it is important for companies to have well designed websites, as it can play a role in their success.

Web design began in 1993 with the introduction of images accompanied with text. In 1994, The World Wide Web Consortium was formed and established Hypertext Markup Language (HTML) as the standard for web design. HTML has its limitations, but the use of JavaScript resolves them. The following year, Flash and Cascading Style Sheets (CSS) were introduced. Flash became a popular tool to create more elaborate websites, but it was not search-friendly. Eventually, the combination of JavaScript and jQuery replaced the use of Flash. CSS provides a structure for designing multiple webpages. It allows websites to be created with a tableless design using percentages, known as fluid design.

With the increase of mobile devices with internet access, the layout of websites needed to adapt to the variety of screen sizes, while also keeping the design consistent across all devices. In 2007, column grid systems began to see widespread use by web designers. The most used system was the 960-grid system, with 12-column division. The system lays the content out on a 960px-wide browser window. Eventually, the fixed-width grid was replaced with percentages to align with fluid design.

Web designers had separate layouts for computers and mobile devices. Elena states that Ethan Marcotte is responsible for the birth of Responsive Web Design (RWD), who in 2010, “proposed that the same content could be used, but in different layouts and designed depending on screen size” (Parvanova, 2018, p. 3). RWD uses the viewport meta tag, grid system, and media queries to determine which layout to use when displaying content. RWD also led to the creation of responsive frameworks like Bootstrap. These frameworks standardized commonly used elements and introduced layout models like the CSS Flexbox and CSS Grid Layout.

Modern web design focuses on the organization of elements, positioning of blocks and the order of content. Flexboxes are optimized for interface design and the positioning of elements. The parent element will contain the child elements and “flex” accordingly to either fill unused space or shrink to prevent overflowing. Flexboxes were popularized because it allowed web designers to finally align elements properly. Unlike the grid layout, flexboxes are not intended to design the layout of an entire webpage. Since the grid layout is not as supported as flexboxes, a combination of the two is frequently used in RWD.

Reference

Parvanova, E. (2018). Explore Modern Responsive Web Design Techniques. Proceedings of the International Conference on Information Technologies, 43–48. Retrieved from http://infotech-bg.com/

TO: Prof. Ellis

From: Kevin Andiappen

DATE: Sept. 20, 2020

Subject: 500-word Summary

This is a 500-word summary of the article “THE DANGER OF USING ARTIFICIAL INTELLIGENCE IN DEVELOPMENT OF AUTONOMOUS VEHICLES,” by Gabor Kiss, which discusses the risks that come from having Artificial intelligence in automobiles.

Although self-driven cars have recently become popular, the idea has been around for years. A car that would one day be fully autonomous eliminating the need for a driver. Technology could succeed where humans fail. According to Kiss, “The expectation of spreading self-driven cars lies in the hope of significantly decreasing the 1,3 million death toll accidents world-wide, which are caused by human factor 90 % of the time” (Kiss, 2019, p. 717). In other words, the goal of self-driving cars is to decrease the number of car accidents caused by human error. This is because artificial intelligence can process data quicker than humans, which will decrease the reaction time in a situation.

At the end of November 2018, Tesla cars traveled a total of one billion miles in autonomous mode. Statistics show one accident occurs every 3 million miles. The department of transportation says there is an accident every 492,000 miles in America making self-driving cars seven times safer. The society of automotive engineers created a scale for determining the intelligence and capabilities of a vehicle. It goes from 0 to 5.

NVIDA is a company that incorporates deep learning for AI. With this technology, cars can create a lifelike, detailed interactive world to do fast calculations within seconds. There is no 100% safe solution for self-driving cars. However, using AI will come close to achieving this because it will be able to respond to traffic situations much faster than humans will. However, drivers may abuse it by cutting in front of cars intentionally forcing it to brake or going in front of them at highway entrances.

If you were to change a road closed sign to speed limit is 50 mph sign, the AI may not be able to tell which sign is legitimate which can cause an accident. This can happen to a human driver and an AI. Digital light technology works like a projector. It can shine on the road to project symbols and/or lanes. This can be used to deceive a self-driving car to follow the fake lane and cause it to crash or go to another location.

In conclusion, Artificial intelligence is a challenge for developers because it requires them to prepare for every possible scenario. The safety precautions used in self-driving cars to prevent accidents could be reprogrammed to cause accidents. All of the scenarios mentioned are one of many possible dangers that can come from self-driving cars. Developers need to be aware of these situations so that they can properly educate the AI.

References

Kiss, G. (2019). The Danger of Using Artificial Intelligence in Development of Autonomous Vehicles. Interdisciplinary Description of Complex Systems, 17(4), 716–722. https://dx.doi.org/10.7906/indecs.17.4.3

TO: Professor Ellis

FROM: Michael Lin

DATE: 09/20/2020

SUBJECT: 500-word summary

This article will talk about how to protect electrician from the electric arc’s thermal hazard. The first Part of the article will talk about the different type of electric arc. Talks about their behavior and methods of thermal energy dissipation. The second Part 2 talks about how statistical are used for future improvement. The company will use the information to improve their PPE equipment but information on electric arc incident is hard to find in government statistical review. The last will talk about different way protecting from electric arc.  

During the past 15 year, the availability of different fabric and other material used in PPE help to protect electrical worker from electric arc. But the most important is studying and analysis experience, so understanding the electric arc incident data will help us improve. Then they will test the PPE equipment to make sure it will happen to protect worker from electric arc. The range that the heat generated by the electric arc are very wide, so some use of PPE alone will not provide absolute protection, and there are many factors can affect the amount of thermal energy, like the distance ,type of arc, and the equipment that the worker is wearing at the time 

Several organizations are involved in standards development and maintenance related to the electric arc safely and PPE. What is electric arc, some states that eclectic arc is a discharge of electricity from voltage, etc. Not all electric arcs in electrical equipment used in industry are the same, there are five different type of electric arcs and it is classification is based on several differentiating factors.   

The first type of electric arc is Open air electric arc, it is median or high voltage that burn in open air without any thing that cover the arc. It could be cause by bushing flashover at high and medium voltage transformer (power and instrument) or breaker.  Second type of electric are Arc in a box, and it is a low-voltage electric arc in an enclosure. It can happen in panels, motor control centers (MCC), or electrical meters. The third type of electric are Moving arc, is a medium or high-voltage arc in open air, and it is between two parallel conductors. The fourth type of electric are Ejected Arc, ejected arc is a medium- or high-voltage arc formed at the tips of parallel conductors or electrodes. This type of arc was not common but it it’s the most dangerous because it can cause large scale of burn on human skin. The last type of electric arc is Tracking arc, Tracking arc is very different from the other electric arc, it can happen on a person’s skin under their cloth when they have a direct or indirect contact with the energized part. Knowing the different type of electric are very important for electrician, and to create a safe environment for those who work in that environment. 

References 

Golovkov, M., Schau, H., & Burdge, G. (2017). Protecting Against Thermal Effect: Part 1: Types of Electric Arc. Professional Safety, 62(7), 49–54.