Automotive security refers to the branch of computer security focused on the cyber risks related to the automotive context. The increasingly high number of ECUs in vehicles and, alongside, the implementation of multiple different means of communication from and towards the vehicle in a remote and wireless manner led to the necessity of a branch of cybersecurity dedicated to the threats associated with vehicles. Not to be confused with automotive safety. == Causes == The implementation of multiple ECUs (Electronic Control Units) inside vehicles began in the early '70s thanks to the development of integrated circuits and microprocessors that made it economically feasible to produce the ECUs on a large scale. Since then the number of ECUs has increased to up to 100 per vehicle. These units nowadays control almost everything in the vehicle, from simple tasks such as activating the wipers to more safety-related ones like brake-by-wire or ABS (Anti-lock Braking System). Autonomous driving is also strongly reliant on the implementation of new, complex ECUs such as the ADAS, alongside sensors (lidars and radars) and their control units. Inside the vehicle, the ECUs are connected with each other through cabled or wireless communication networks, such as CAN bus (controller area network), MOST bus (Media Oriented System Transport), FlexRay (Automotive Network Communications Protocol) or RF (radio frequency) as in many implementations of TPMSs (tire-pressure monitoring systems). Many of these ECUs require data received through these networks that arrive from various sensors to operate and use such data to modify the behavior of the vehicle (e.g., the cruise control modifies the vehicle's speed depending on signals arriving from a button usually located on the steering wheel). Since the development of cheap wireless communication technologies such as Bluetooth, LTE, Wi-Fi, RFID and similar, automotive producers and OEMs have designed ECUs that implement such technologies with the goal of improving the experience of the driver and passengers. Safety-related systems such as the OnStar from General Motors, telematic units, communication between smartphones and the vehicle's speakers through Bluetooth, Android Auto and Apple CarPlay. == Threat model == Threat models of the automotive world are based on both real-world and theoretically possible attacks. Most real-world attacks aim at the safety of the people in and around the car, by modifying the cyber-physical capabilities of the vehicle (e.g., steering, braking, accelerating without requiring actions from the driver), while theoretical attacks have been supposed to focus also on privacy-related goals, such as obtaining GPS data on the vehicle, or capturing microphone signals and similar. Regarding the attack surfaces of the vehicle, they are usually divided in long-range, short-range, and local attack surfaces: LTE and DSRC can be considered long-range ones, while Bluetooth and Wi-Fi are usually considered short-range although still wireless. Finally, USB, OBD-II and all the attack surfaces that require physical access to the car are defined as local. An attacker that is able to implement the attack through a long-range surface is considered stronger and more dangerous than the one that requires physical access to the vehicle. In 2015 the possibility of attacks on vehicles already on the market has been proven possible by Miller and Valasek, that managed to disrupt the driving of a Jeep Cherokee while remotely connecting to it through remote wireless communication. === Controller area network attacks === The most common network used in vehicles and the one that is mainly used for safety-related communication is CAN, due to its real-time properties, simplicity, and cheapness. For this reason the majority of real-world attacks have been implemented against ECUs connected through this type of network. The majority of attacks demonstrated either against actual vehicles or in testbeds fall in one or more of the following categories: ==== Sniffing ==== Sniffing in the computer security field generally refers to the possibility of intercepting and logging packets or more generally data from a network. In the case of CAN, since it is a bus network, every node listens to all communication on the network. It is useful for the attacker to read data to learn the behavior of the other nodes of the network before implementing the actual attack. Usually, the final goal of the attacker is not to simply sniff the data on CAN, since the packets passing on this type of network are not usually valuable just to read. ==== Denial of service ==== Denial of service (DoS) in information security is usually described as an attack that has the objective of making a machine or a network unavailable. DoS attacks against ECUs connected to CAN buses can be done both against the network, by abusing the arbitration protocol used by CAN to always win the arbitration, and targeting the single ECU, by abusing the error handling protocol of CAN. In this second case the attacker flags the messages of the victim as faulty to convince the victim of being broken and therefore shut itself off the network. ==== Spoofing ==== Spoofing attacks comprise all cases in which an attacker, by falsifying data, sends messages pretending to be another node of the network. In automotive security usually spoofing attacks are divided into masquerade and replay attacks. Replay attacks are defined as all those where the attacker pretends to be the victim and sends sniffed data that the victim sent in a previous iteration of authentication. Masquerade attacks are, on the contrary, spoofing attacks where the data payload has been created by the attacker. == Real life automotive threat example == Security researchers Charlie Miller and Chris Valasek have successfully demonstrated remote access to a wide variety of vehicle controls using a Jeep Cherokee as the target. They were able to control the radio, environmental controls, windshield wipers, and certain engine and brake functions. The method used to hack the system was implementation of pre-programmed chip into the controller area network (CAN) bus. By inserting this chip into the CAN bus, he was able to send arbitrary message to CAN bus. One other thing that Miller has pointed out is the danger of the CAN bus, as it broadcasts the signal which the message can be caught by the hackers throughout the network. The control of the vehicle was all done remotely, manipulating the system without any physical interaction. Miller states that he could control any of some 1.4 million vehicles in the United States regardless of the location or distance, the only thing needed is for someone to turn on the vehicle to gain access. The work by Miller and Valasek replicated earlier work completed and published by academics in 2010 and 2011 on a different vehicle. The earlier work demonstrated the ability to compromise a vehicle remotely, over multiple wireless channels (including cellular), and the ability to remotely control critical components on the vehicle post-compromise, including the telematics unit and the car's brakes. While the earlier academic work was publicly visible, both in peer-reviewed scholarly publications and in the press, the Miller and Valesek work received even greater public visibility. == Security measures == The increasing complexity of devices and networks in the automotive context requires the application of security measures to limit the capabilities of a potential attacker. Since the early 2000 many different countermeasures have been proposed and, in some cases, applied. Following, a list of the most common security measures: Sub-networks: to limit the attacker capabilities even if he/she manages to access the vehicle from remote through a remotely connected ECU, the networks of the vehicle are divided in multiple sub-networks, and the most critical ECUs are not placed in the same sub-networks of the ECUs that can be accessed from remote. Gateways: the sub-networks are divided by secure gateways or firewalls that block messages from crossing from a sub-network to the other if they were not intended to. Intrusion Detection Systems (IDS): on each critical sub-network, one of the nodes (ECUs) connected to it has the goal of reading all data passing on the sub-network and detect messages that, given some rules, are considered malicious (made by an attacker). The arbitrary messages can be caught by the passenger by using IDS which will notify the owner regarding with unexpected message. Authentication protocols: in order to implement authentication on networks where it is not already implemented (such as CAN), it is possible to design an authentication protocol that works on the higher layers of the ISO OSI model, by using part of the data payload of a message to authenticate the message itself. Hardware Security Modules: since many ECUs are not powerful enough to keep real-time delays whi
ShowDocument
ShowDocument is an online web application that allows multiple users to conduct web meetings, upload, share and review documents from remote locations. The service was developed by the HBR Labs company, established in 2007. == Features == Users can collaborate on and review documents in real time, with annotations and text being visible to all users and accessible for co-editing. The idea of every user being able to annotate can cause conflicts within the sessions, and so main navigation options are under the "presenter"'s control - which can be given to a different user as well. An earlier version of the application, by contrast, had allowed all users to navigate and edit at once, causing the system to drop all incomplete edits. It is possible to draw and write on a virtual whiteboard, and to stream a YouTube video to a group in full synchronization. A feature also exists for co-browsing of Google Maps. Entering an open session in the application can be done with a given code number, or by receiving a link through an Email message. Different file formats can be uploaded and saved either online or offline, such as PDF. A PDF file's text cannot be edited - text is edited through the separate text editor. Although the platform contains a text chat, it is not intended to replace instant messaging software, as there are no extensive messaging features. The application has a paid and free version, with the free version having a few limitations: audio and video options are disabled, number of participants is limited and sessions are time-limited. == Development == ShowDocument was first developed in 2007. On September 8, 2009, HBR labs released a new update which included features such as secure online document storage and mobile device support.
MIDI Show Control
MIDI Show Control (MSC), is a real-time System Exclusive extension of the international Musical Instrument Digital Interface (MIDI) standard. MSC enables all types of entertainment equipment to communicate with each other through the process of show control. The MIDI Show Control protocol is a technical standard ratified by the MIDI Manufacturers Association in 1991, which allows entertainment control devices to talk with each other and with computers to perform show control functions in live and prerecorded entertainment applications. Just like musical MIDI, MSC does not transmit the actual show media - it simply transmits digital information about a multimedia performance. == How MSC works == When any cue is called by a user (typically a stage manager) and/or preprogrammed timeline in a show control software application, the show controller transmits one or more MSC messages from its 'MIDI Out' port. A typical MSC message sequence is: the user has just called a cue the cue is for lighting device 3 the cue is number 45.8 the cue is in cue list 7 MSC messages are serially transmitted in the same way as musical messages and are fully compatible with all conventional MIDI hardware; however, many modern MSC devices now use Ethernet communications for higher bandwidth and the flexibility afforded by networks. Other performance parameters are also transmitted, such as lighting desk submaster settings using MSC SET messages. All cues that a media control device is capable of playing are assigned MSC messages within the Show Controller's cue list and they are transmitted from its MIDI Out port at the appropriate show time, depending on the actions of the user and the show controller's internally timed sequences. All MSC-compatible instruments follow the MSC specification and thus transmit identical MSC messages for identical MSC events, such as the playing of a certain cue on the media controller. Since they follow a published standard, all MSC devices can communicate with and understand each other, as well as with computers that have been programmed to understand MSC messages using the MSC Command Set. All MSC compatible instruments have a built-in MIDI interface and many now follow one of the various MIDI-over-Ethernet protocols. == History == To create the MSC spec, Charlie Richmond headed the USITT MIDI Forum on their Callboard Network in 1990, which included developers and designers from the theatre sound and lighting industry from around the world. It is believed that this was the first international standard to be developed without a single physical meeting of the participants. This Forum created the MSC standard between January and September 1990. This was ratified by the MIDI Manufacturers Association (MMA) in January 1991, and the Japan MIDI Standards Committee (JMSC) later that year, becoming a part of the standard MIDI specification in August 1991. The first show to fully use the MSC specification was the Magic Kingdom Parade at Walt Disney World's Magic Kingdom in September 1991. == MIDI Show Control software ==
Feature detection (web development)
Feature detection (also feature testing) is a technique used in web development for handling differences between runtime environments (typically web browsers or user agents), by programmatically testing for clues that the environment may or may not offer certain functionality. This information is then used to make the application adapt in some way to suit the environment: to make use of certain APIs, or tailor for a better user experience. Its proponents claim it is more reliable and future-proof than other techniques like user agent sniffing and browser-specific CSS hacks. == Techniques == A feature test can take many forms. It is essentially any snippet of code which gives some level of confidence that a required feature is indeed supported. However, in contrast to other techniques, feature detection usually focuses on performing actions which directly relate to the feature to be detected, rather than heuristics. === JavaScript === JavaScript feature detection can inspect the DOM and the local JavaScript environment to test whether browser features or APIs are supported. The simplest technique is to check for the existence of a relevant object or property. For example, the Geolocation API (used for accessing the device's knowledge of its geographical location, possibly obtained from a GPS navigation device) exposes a geolocation property on the navigator object in the DOM; the presence of which implies the Geolocation API is supported: if ('geolocation' in navigator) { // Geolocation API is supported } For a higher level of confidence, some feature tests will attempt to invoke the feature then look for clues that it behaved properly. For example, a test for support for cookies might attempt to set a value as a cookie and then verify it can be read back. === CSS === In CSS, the at-rule @supports introduced in 2015 allows to test if a given feature is supported. For instance the following code activates the declarations only if the user agent supports display: flex: == Undetectables == Some browser features are considered undetectable, because no clues are known to give sufficient confidence that a feature is supported. These are often because of limited information available to the JavaScript environment in the browser; generally features must be exposed via the DOM in some way in order to be detectable using JavaScript. When undetectables are encountered, it is common to turn to user agent sniffing as an alternative mechanism, or to employ defensive coding to minimise the impact if the feature turns out not to be supported. The Modernizr project maintains a record of known undetectables on their wiki.
Deluxe Media
Deluxe Media Inc., also known simply as Deluxe and formerly Deluxe Entertainment Services Group, Inc., is an American multinational multimedia and entertainment service provisions company owned by Platinum Equity, founded in 1915 by Hungarian-born American film producer William Fox and headquartered in Burbank, California. The company services multiple clients in the film, television, digital content and advertising industries across the globe, and has been recognized with 10 Academy Awards for scientific and technical achievements, including developments in CinemaScope pictures (as part of 20th Century Fox) and more recently for a process of creating archival separations from digital image data. == History == Deluxe began as a film processing laboratory established in 1915 by William Fox under the name De Luxe as part of his eponymous film conglomerate corporation in Fort Lee, New Jersey. In 1916, Fox Film Corporation opened its studio in Hollywood on 13 acres at Sunset and Western. The first Deluxe film laboratory on the west coast was built on the south side of the lot (Fernwood and Serrano), and the laboratory was moved to the new Fox studios building on Manhattan's west side in 1919, where it remained for over 40 years. The "business manager" (later president) of the laboratory was Alan E. Freedman, who guided the company into the 1960s. In 1927, Fox (Deluxe) received a patent for sound-on-film, the Fox Movietone system. In 1927, "Sunrise: A Song of Two Humans," an early Movietone film, opened. Fox Movietone News, ran weekly in theaters until 1963. During the Great Depression, Fox Film Corporation encountered financial difficulties. Among the actions taken to maintain liquidity, Fox sold the laboratories in 1932 to Freedman, who renamed the operation Deluxe. Under Freedman's leadership, Deluxe added two more plants in Chicago and Toronto. In January 1934, Fox was granted an option to rebuy DeLuxe before December 31, 1938. On 31 May 1935, under Sidney Kent, Fox merged his film company with Twentieth Century Pictures to form The Twentieth Century-Fox Film Corporation following a bank-infused reorganisation. The merged company then exercised this option in July 1936, with Freedman remaining as president. In 1953, Deluxe developed the widescreen format CinemaScope. Titles included "There's No Business Like Show Business" (1954) and "The Seven Year Itch" (1955). Other innovations included the processing and sound striping of CinemaScope, and were patented and/or received Academy awards. In 1962 Freedman retired. In the 1960s, Deluxe closed its New York plant, followed by its plants in Chicago and Toronto, as motion picture production declined on the East Coast. In 1972, Deluxe began large volume videocassette production, with a billion by 1996. In 1990, The Rank Organisation acquired Deluxe from Fox. In 2000, Deluxe began large volume DVD production. In 2006, The Rank Organisation sold Deluxe Film Group to MacAndrews & Forbes, renamed Deluxe Entertainment Services Group. On 9 February 2012, Deluxe acquired Hong Kong–based visual effects and post-production company, Centro Digital Pictures, with its founder John Chu remaining as president while reporting to Alaric McAusland, managing director for Deluxe in Australia. In May 2014, Deluxe shut down its Los Angeles plant at Sunset & Western Studios complex, where other studios themselves were demolished way back in 1971. Also that same year, Deluxe closed the Hollywood film labs, and they gave thousands of orphaned film elements to the Academy Film Archive. The Deluxe Laboratories Collection at the Academy Film Archive consists of over 7,500 35mm and 16mm film elements of various motion pictures dating back to the early 1960s. On 22 April 2015, Deluxe and its longtime competitor, Technicolor S.A., announced that they had entered into a binding agreement to create a new joint venture known as Deluxe Technicolor Digital Cinema which will specialize in cinema mastering, distribution and management services. Deluxe got acquired on 4 September 2019 by creditors in a debt-for-equity swap to avoid bankruptcy. On 3 October 2019, Deluxe filed for bankruptcy, pending in the Southern District of New York. The same month on the 24th, the company received court approval to emerge from bankruptcy with a comprehensive restructuring plan. On July 1, 2020, Platinum Equity agreed to acquire the distribution division of Deluxe and re-unite with former CEO Cyril Drabinsky who would merge CineVizion, a film distribution company he founded after leaving Deluxe in 2016, into it. The companies Company 3 and Method Studios which formed the creative divisions of Deluxe were sold to Framestore in November 2020.
Explanation-based learning
Explanation-based learning (EBL) is a form of machine learning that exploits a very strong, or even perfect, domain theory (i.e. a formal theory of an application domain akin to a domain model in ontology engineering, not to be confused with Scott's domain theory) in order to make generalizations or form concepts from training examples. It is also linked with Encoding (memory) to help with Learning. == Details == An example of EBL using a perfect domain theory is a program that learns to play chess through example. A specific chess position that contains an important feature such as "Forced loss of black queen in two moves" includes many irrelevant features, such as the specific scattering of pawns on the board. EBL can take a single training example and determine what are the relevant features in order to form a generalization. A domain theory is perfect or complete if it contains, in principle, all information needed to decide any question about the domain. For example, the domain theory for chess is simply the rules of chess. Knowing the rules, in principle, it is possible to deduce the best move in any situation. However, actually making such a deduction is impossible in practice due to combinatoric explosion. EBL uses training examples to make searching for deductive consequences of a domain theory efficient in practice. In essence, an EBL system works by finding a way to deduce each training example from the system's existing database of domain theory. Having a short proof of the training example extends the domain-theory database, enabling the EBL system to find and classify future examples that are similar to the training example very quickly. The main drawback of the method—the cost of applying the learned proof macros, as these become numerous—was analyzed by Minton. === Basic formulation === EBL software takes four inputs: a hypothesis space (the set of all possible conclusions) a domain theory (axioms about a domain of interest) training examples (specific facts that rule out some possible hypothesis) operationality criteria (criteria for determining which features in the domain are efficiently recognizable, e.g. which features are directly detectable using sensors) == Application == An especially good application domain for an EBL is natural language processing (NLP). Here a rich domain theory, i.e., a natural language grammar—although neither perfect nor complete, is tuned to a particular application or particular language usage, using a treebank (training examples). Rayner pioneered this work. The first successful industrial application was to a commercial NL interface to relational databases. The method has been successfully applied to several large-scale natural language parsing systems, where the utility problem was solved by omitting the original grammar (domain theory) and using specialized LR-parsing techniques, resulting in huge speed-ups, at a cost in coverage, but with a gain in disambiguation. EBL-like techniques have also been applied to surface generation, the converse of parsing. When applying EBL to NLP, the operationality criteria can be hand-crafted, or can be inferred from the treebank using either the entropy of its or-nodes or a target coverage/disambiguation trade-off (= recall/precision trade-off = f-score). EBL can also be used to compile grammar-based language models for speech recognition, from general unification grammars. Note how the utility problem, first exposed by Minton, was solved by discarding the original grammar/domain theory, and that the quoted articles tend to contain the phrase grammar specialization—quite the opposite of the original term explanation-based generalization. Perhaps the best name for this technique would be data-driven search space reduction. Other people who worked on EBL for NLP include Guenther Neumann, Aravind Joshi, Srinivas Bangalore, and Khalil Sima'an.
Giditraffic
GidiTraffic (or GIDITRAFFIC) is an online social service started on 23 September 2011. Based primarily on social media, the service employs crowdsourcing as its primary means of providing real-time traffic updates to subscribers on its platform. The service, delivered free of charge, affords its users access to various types of information. Though its broadest category of users is road users and motorists, GIDITRAFFIC lends itself as a platform for answering inquiries from anyone who requires information on any subject of interest. GIDITRAFFIC's core competence is in vehicular traffic reports, however, the service also handles all other forms of traffic (going by the fact that the word traffic also means "the mutual exchange of information"). == Operation == Users of the service log on to its Twitter feed to get up-to-date traffic information or to post a general inquiry, which GIDITRAFFIC then publishes to all subscribers. Through crowdsourced replies, a requester receives numerous responses from other subscribers who have seen the question and can provide a relevant answer. In addition, updates are provided by subscribers to the platform via their mobile devices, thereby making the service effective in delivering traffic updates as they occur, and providing timely answers to other user inquiries. This informs GIDITRAFFIC's motto of "Lending each other an eye", alluding to the collaboration and cooperation between the platform's users in making the service indispensable to its users. == Reception == On Twitter, which is its primary platform, the service caters to over 1,800,000 subscribers, with the number increasing daily. The popularity of the platform stems from the fact that it not only keeps its subscribers abreast of the traffic situation in Lagos, the commercial capital city of Nigeria (well known for its many traffic jams), but users in other parts of the world. For a regular user of the platform, knowing where to avoid getting to a set destination in good time is well worth the two or three minutes it takes to access and scroll through the GIDITRAFFIC feed for updates. Another interesting aspect of this platform is the identity of the person behind it. The sustained anonymity of this individual has sparked many discussions centering on his or her possible identity. Online, GIDITRAFFIC continuously publishes traffic updates and user questions, while keeping up witty interactions with the platform's followers round the clock – adding to the mystery and persona of the GIDITRAFFIC owner. == Awards and recognition == In early 2012, GIDITRAFFIC received a nomination for a Shorty Award in the Life-Saving Hero category. Although this did not translate into a win, it brought recognition and wider exposure for the service from international news outlets such as the BBC, Washington Post. and New York Times. Back home in Nigeria, also in 2012, GIDITRAFFIC was honored with a Future Award for Best Use of New Media in recognition of the huge impact the service has had in terms of helping Lagos residents better manage time spent in traffic. == Mobile Applications == In 2012, GIDITRAFFIC partnered with telecommunications company Nokia to produce a downloadable mobile traffic application (the GIDITRAFFIC application, available for Nokia Asha phones on Nokia's online store). There are plans to extend the application to a wider range of mobile phone platforms. On 4 September 2013, the GIDITRAFFIC application for Nokia Lumia phones using Windows Phone 8 was launched on the Windows App Store.