HW7: Reflections


In the article “The Magical Number 7, Plus or Minus 2”, the authors discuss the limits of human short term memory. They assert that there is no way to quantify how much people can recall with short term memory, as the way we remember things is dependent on our knowledge and past experience. An example given is the way we recall language. A speaker of a particular language might recall words whereas a person who doesn’t speak that particular language might recall individual letters or sounds rather than whole words.   
The 2010 case study by Rouf et al. the tire pressure monitoring system, (TPMS), of a vehicle are tested to find any vulnerabilities. The TPMS monitors the pressure in a vehicle’s tires and alerts the driver if one of them has their air pressure fall below an acceptable pound per square inch (PSI). The authors discovered in the vehicle they were testing that if a signal was sent with the correct tire ID, then the vehicle’s dashboard would reflect a change in tire pressure. If a tire’s PSI does fall, then the driver will most likely be inclined to pull over whenever possible to inspect the tire. Although tampering with the PSI of a vehicle’s tires seems minimally impactful to a driver, the fact that a hacker can accomplish it with relative ease leaves to wonder what other vehicle management systems are vulnerable to attack. One would hope that significant improvements to the security of vehicle tire pressure monitoring systems have been made since 2010.
The SPY Car Act of 2015 specifies that manufactures of any vehicle in the United States must ensure that the vehicles they are producing are “equipped with reasonable measures to protect against hacking attacks.” However, the act does not list what Congress deems as “reasonable.” What is considered reasonable protection against hacking by a consumer might not be the same as a manufacturer. A consumer might be willing to pay whatever cost necessary to have a vehicle that is resilient against all forms of cyber attacks, TPMS related or otherwise, while a manufacture might consider “reasonable” as preventing any kind of cyber attack so long as it doesn’t make the production of the vehicle exceed current manufacturing costs or reduce company profits. The need for regulations to require manufacturers to produce save vehicles for consumers is viable, however, it needs to contain a clear definition of what “reasonable” are to be taken to prevent hacking.
In the article “Introduction to Test Driven Development”, the central idea presented is that test driven development (TDD) is used to “write clean code that works” by creating test code before producing product code to make the code error/bug free by testing it during development. The programmer won’t be able to code anything until the test fails. If the test fails, then the programmer will add only enough code to make the test pass again. This process will ensure that a programmer or company is thoroughly testing the software they are producing.
Considering the TPMS was easily hackable, one might question whether TDD is a good approach to securing this system. On the one hand, TDD requires programmers to continually test their code as they develop it, and only allows them to improve upon their code if the test fails. This approach could prove useful to securing vehicle TPMS and other forms of software, however, the tests conducted will be limited to what the programmer can produce. TDD could help improve the security of software, however, since it’s testing is limited to those that work on the code, there is a possibility that an outside party could create a solution that would hack the code that the producers wouldn’t have thought of and thus wouldn’t have tested for.

Comments

Post a Comment

Popular posts from this blog

HW6: Chapter 4

1.       4.5.  Using the technique suggested here, where natural language descriptions are presented in a standard format, write plausible user requirements for the following functions: o     An unattended petrol (gas) pump system that includes a credit card reader. The customer swipes the card through the reader, then specifies the amount of fuel required. The fuel is delivered and the customer’s account debited. Function: Accept customer input for the amount of gas they want and charge them for it Description: The system will accept a customer’s credit card, allow the customer to specify the amount of gas they want, dispense the gas, and charge the customer for the gas Inputs: Customer credit card information, amount of gas that the customer specified Source: The card reader Outputs: The amount of gas that the customer specified Destination: The customer’s car’s gas tank. Action: The customer will swipe their card through ...
Read more

HW24: Chapter 23

Image
23.6.  Figure  23.14  shows the task durations for software project activities. Assume that a serious, unanticipated setback occurs, and instead of taking 10 days, task T5 takes 40 days. Draw up new bar charts showing how the project might be reorganized.
Read more

HW11: Chapter 6

Image
6.4.  Draw diagrams showing a conceptual view and a process view of the architectures of the following systems: ·          A ticket machine used by passengers at a railway station. Conceptual view: Process view: ·          A computer-controlled video conferencing system that allows video, audio, and computer data to be visible to several participants at the same time. Conceptual view: Process view: ·          A robot floor-cleaner that is intended to clean relatively clear spaces such as corridors. The cleaner must be able to sense walls and other obstructions. Conceptual view: Process view:
Read more