Uzbekistan Institute of Standards(UIS),founded in 1969,is the national standardization body of Uzbekistan.There are over 32,000 national standards in Uzbekistan.Last year,UIS revised the working regulations of all tec...Uzbekistan Institute of Standards(UIS),founded in 1969,is the national standardization body of Uzbekistan.There are over 32,000 national standards in Uzbekistan.Last year,UIS revised the working regulations of all technical committees,which were established in accordance with the organizational structure of ISO.At present,UIS has standardization training courses covering 54 directions,and more than 1,700 experts have received relevant training.UIS ranks the 95th in terms of the Quality Infrastructure for Sustainable Development(QI4SD)and 80th in terms of the Global Quality Infrastructure Index(GQII).It is a member of ISO and an associate member of IEC.In the UIS,40 experts have participated in the activities of various ISO technical committees,and 251 experts have participated in the discussion of IEC projects as observer members.展开更多
Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniq...Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.展开更多
Hosted by China Automotive Technology and Research Center Co.,Ltd.(CATARC),the World Automobile Standards and Innovation Conference(WASIC)was jointly held by China Automotive Standardization Research Institute and CAT...Hosted by China Automotive Technology and Research Center Co.,Ltd.(CATARC),the World Automobile Standards and Innovation Conference(WASIC)was jointly held by China Automotive Standardization Research Institute and CATARC Technology Co.,Ltd.on October 27-29 in Shenzhen City,South China’s Guangdong Province.展开更多
The China National Institute of Standardization(CNIS)held the Academic Meeting on 20th Anniversary of China Energy Label in Beijing on June 27.The event took place during the 35th National Energy Conservation Publicit...The China National Institute of Standardization(CNIS)held the Academic Meeting on 20th Anniversary of China Energy Label in Beijing on June 27.The event took place during the 35th National Energy Conservation Publicity Week,which ran from June 23 to 29.展开更多
Due to their resource constraints,Internet of Things(IoT)devices require authentication mechanisms that are both secure and efficient.Elliptic curve cryptography(ECC)meets these needs by providing strong security with...Due to their resource constraints,Internet of Things(IoT)devices require authentication mechanisms that are both secure and efficient.Elliptic curve cryptography(ECC)meets these needs by providing strong security with shorter key lengths,which significantly reduces the computational overhead required for authentication algorithms.This paper introduces a novel ECC-based IoT authentication system utilizing our previously proposed efficient mapping and reverse mapping operations on elliptic curves over prime fields.By reducing reliance on costly point multiplication,the proposed algorithm significantly improves execution time,storage requirements,and communication cost across varying security levels.The proposed authentication protocol demonstrates superior performance when benchmarked against relevant ECC-based schemes,achieving reductions of up to 35.83%in communication overhead,62.51%in device-side storage consumption,and 71.96%in computational cost.The security robustness of the scheme is substantiated through formal analysis using the Automated Validation of Internet Security Protocols and Applications(AVISPA)tool and Burrows-Abadir-Needham(BAN)logic,complemented by a comprehensive informal analysis that confirms its resilience against various attack models,including impersonation,replay,and man-in-the-middle attacks.Empirical evaluation under simulated conditions demonstrates notable gains in efficiency and security.While these results indicate the protocol’s strong potential for scalable IoT deployments,further validation on real-world embedded platforms is required to confirm its applicability and robustness at scale.展开更多
Affiliated with the General Administration of Quality Supervision and Inspection and Quarantine of the People's Republic of China (AQSIQ), China National Institute of Standardization (CNIS) is a nonprofit nationa...Affiliated with the General Administration of Quality Supervision and Inspection and Quarantine of the People's Republic of China (AQSIQ), China National Institute of Standardization (CNIS) is a nonprofit national research body engaging in standardization research. The main responsibilities of CNIS are to conduct all-round, strategic, and comprehensive research of standardization during the development process of economy and society,展开更多
In this technical paper,we will discuss polyurethane linings and coatings to ductile iron pipe for transporting corrosive and abrasive fluids in a sub soil,that is extremely corrosive in nature.The capabilities of ECL...In this technical paper,we will discuss polyurethane linings and coatings to ductile iron pipe for transporting corrosive and abrasive fluids in a sub soil,that is extremely corrosive in nature.The capabilities of ECL(Electrosteel Castings Limited)in this regard will be discussed.展开更多
This paper presents a fast pseudorandom generation algorithm,which is based on the BLAKE hash function and can pass the random test of the NIST(National Institute of Standards and Technology)Statistical Test Suite.Thr...This paper presents a fast pseudorandom generation algorithm,which is based on the BLAKE hash function and can pass the random test of the NIST(National Institute of Standards and Technology)Statistical Test Suite.Through theoretical analysis and experimental imitation,our new algorithm is proven to be more secure and efficient than G-SHA1.Simultaneously,we introduce and discuss the BLAKE in detail.Its security shows that can be utilized to generate pseudorandom bit sequences,which the experimental results show the BLAKE hash function has excellent pseudorandomness.Therefore,we believe the BLAKE is one of the most potential candidate algorithms of SHA-3 program.展开更多
This summary paper will discuss the concept of forensic evidence and evidence collection methods. Emphasis will be placed on the techniques used to collect forensically sound digital evidence for the purpose of introd...This summary paper will discuss the concept of forensic evidence and evidence collection methods. Emphasis will be placed on the techniques used to collect forensically sound digital evidence for the purpose of introduction to digital forensics. This discussion will thereafter result in identifying and categorizing the different types of digital forensics evidence and a clear procedure for how to collect forensically sound digital evidence. This paper will further discuss the creation of awareness and promote the idea that competent practice of computer forensics collection is important for admissibility in court.展开更多
Standards are the basis for production enterprises to organize production, ex-factory inspection, trade (delivery) and technical exchanges, product certification, quality arbitration and supervision. It is important f...Standards are the basis for production enterprises to organize production, ex-factory inspection, trade (delivery) and technical exchanges, product certification, quality arbitration and supervision. It is important for certification institutions to explore methods for updating and transferring present standards, to accelerate the transfer of standard information and ensure present standards are implemented in a timely manner.展开更多
Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global infor...Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat.展开更多
Automotive Standardization Research Institute ’is, specialized in the standardization and technical regulation research for automobiles and motorcycles. Its main activities include: Nationwide Auto Standardization Te...Automotive Standardization Research Institute ’is, specialized in the standardization and technical regulation research for automobiles and motorcycles. Its main activities include: Nationwide Auto Standardization Technology Comprehensive展开更多
Traditional computing structures are blocked by the von Neumann bottleneck,and neuromorphic computing devices inspired by the human brain which integrate storage and computation have received more and more attention.H...Traditional computing structures are blocked by the von Neumann bottleneck,and neuromorphic computing devices inspired by the human brain which integrate storage and computation have received more and more attention.Here,a flexible organic device with 2,7-dioctyl[1]benzothieno[3,2-b][1]benzothiophene(C8-BTBT)and 2,9-didecyldinaphtho[2,3-b:2′,3′-f]thieno[3,2-b]thiophene(C10-DNTT)heterostructural channel having excellent synaptic behaviors was fabricated on muscovite(MICA)substrate,which has a memory window greater than 20 V.This device shows better electrical characteristics than organic field effect transistors with single organic semiconductor channel.Furthermore,the device simulates organism synaptic behaviors successfully,such as paired-pulse facilitation(PPF),long-term potentiation/depression(LTP/LTD)process,and transition from short-term memory(STM)to long-term memory(LTM)by optical and electrical modulations.Importantly,the neuromorphic computing function was verified using the Modified National Institute of Standards and Technology(MNIST)pattern recognition,with a recognition rate nearly 100%without noise.This research proposes a flexible organic heterojunction with the ultra-high recognition rate in MNIST pattern recognition and provides the possibility for future flexible wearable neuromorphic computing devices.展开更多
文摘Uzbekistan Institute of Standards(UIS),founded in 1969,is the national standardization body of Uzbekistan.There are over 32,000 national standards in Uzbekistan.Last year,UIS revised the working regulations of all technical committees,which were established in accordance with the organizational structure of ISO.At present,UIS has standardization training courses covering 54 directions,and more than 1,700 experts have received relevant training.UIS ranks the 95th in terms of the Quality Infrastructure for Sustainable Development(QI4SD)and 80th in terms of the Global Quality Infrastructure Index(GQII).It is a member of ISO and an associate member of IEC.In the UIS,40 experts have participated in the activities of various ISO technical committees,and 251 experts have participated in the discussion of IEC projects as observer members.
文摘Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.
文摘Hosted by China Automotive Technology and Research Center Co.,Ltd.(CATARC),the World Automobile Standards and Innovation Conference(WASIC)was jointly held by China Automotive Standardization Research Institute and CATARC Technology Co.,Ltd.on October 27-29 in Shenzhen City,South China’s Guangdong Province.
文摘The China National Institute of Standardization(CNIS)held the Academic Meeting on 20th Anniversary of China Energy Label in Beijing on June 27.The event took place during the 35th National Energy Conservation Publicity Week,which ran from June 23 to 29.
文摘Due to their resource constraints,Internet of Things(IoT)devices require authentication mechanisms that are both secure and efficient.Elliptic curve cryptography(ECC)meets these needs by providing strong security with shorter key lengths,which significantly reduces the computational overhead required for authentication algorithms.This paper introduces a novel ECC-based IoT authentication system utilizing our previously proposed efficient mapping and reverse mapping operations on elliptic curves over prime fields.By reducing reliance on costly point multiplication,the proposed algorithm significantly improves execution time,storage requirements,and communication cost across varying security levels.The proposed authentication protocol demonstrates superior performance when benchmarked against relevant ECC-based schemes,achieving reductions of up to 35.83%in communication overhead,62.51%in device-side storage consumption,and 71.96%in computational cost.The security robustness of the scheme is substantiated through formal analysis using the Automated Validation of Internet Security Protocols and Applications(AVISPA)tool and Burrows-Abadir-Needham(BAN)logic,complemented by a comprehensive informal analysis that confirms its resilience against various attack models,including impersonation,replay,and man-in-the-middle attacks.Empirical evaluation under simulated conditions demonstrates notable gains in efficiency and security.While these results indicate the protocol’s strong potential for scalable IoT deployments,further validation on real-world embedded platforms is required to confirm its applicability and robustness at scale.
文摘Affiliated with the General Administration of Quality Supervision and Inspection and Quarantine of the People's Republic of China (AQSIQ), China National Institute of Standardization (CNIS) is a nonprofit national research body engaging in standardization research. The main responsibilities of CNIS are to conduct all-round, strategic, and comprehensive research of standardization during the development process of economy and society,
文摘In this technical paper,we will discuss polyurethane linings and coatings to ductile iron pipe for transporting corrosive and abrasive fluids in a sub soil,that is extremely corrosive in nature.The capabilities of ECL(Electrosteel Castings Limited)in this regard will be discussed.
基金Supported by the National High Technology Research and Development Program of China (863 Program) ( 2007AA01Z411)the National Natural Science Foundation of China ( 60673071, 60970115 )
文摘This paper presents a fast pseudorandom generation algorithm,which is based on the BLAKE hash function and can pass the random test of the NIST(National Institute of Standards and Technology)Statistical Test Suite.Through theoretical analysis and experimental imitation,our new algorithm is proven to be more secure and efficient than G-SHA1.Simultaneously,we introduce and discuss the BLAKE in detail.Its security shows that can be utilized to generate pseudorandom bit sequences,which the experimental results show the BLAKE hash function has excellent pseudorandomness.Therefore,we believe the BLAKE is one of the most potential candidate algorithms of SHA-3 program.
文摘This summary paper will discuss the concept of forensic evidence and evidence collection methods. Emphasis will be placed on the techniques used to collect forensically sound digital evidence for the purpose of introduction to digital forensics. This discussion will thereafter result in identifying and categorizing the different types of digital forensics evidence and a clear procedure for how to collect forensically sound digital evidence. This paper will further discuss the creation of awareness and promote the idea that competent practice of computer forensics collection is important for admissibility in court.
文摘Standards are the basis for production enterprises to organize production, ex-factory inspection, trade (delivery) and technical exchanges, product certification, quality arbitration and supervision. It is important for certification institutions to explore methods for updating and transferring present standards, to accelerate the transfer of standard information and ensure present standards are implemented in a timely manner.
文摘Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat.
文摘Automotive Standardization Research Institute ’is, specialized in the standardization and technical regulation research for automobiles and motorcycles. Its main activities include: Nationwide Auto Standardization Technology Comprehensive
基金the National Key Research and Development Program of China(No.2021YFA1202600)the National Natural Science Foundation of China(Nos.92064009 and 22175042)+3 种基金the Science and Technology Commission of Shanghai Municipality(No.22501100900)the China Postdoctoral Science Foundation(Nos.2022TQ0068 and 2023M740644)the Shanghai Sailing Program(Nos.23YF1402200 and 23YF1402400)Jiashan Fudan Institute.
文摘Traditional computing structures are blocked by the von Neumann bottleneck,and neuromorphic computing devices inspired by the human brain which integrate storage and computation have received more and more attention.Here,a flexible organic device with 2,7-dioctyl[1]benzothieno[3,2-b][1]benzothiophene(C8-BTBT)and 2,9-didecyldinaphtho[2,3-b:2′,3′-f]thieno[3,2-b]thiophene(C10-DNTT)heterostructural channel having excellent synaptic behaviors was fabricated on muscovite(MICA)substrate,which has a memory window greater than 20 V.This device shows better electrical characteristics than organic field effect transistors with single organic semiconductor channel.Furthermore,the device simulates organism synaptic behaviors successfully,such as paired-pulse facilitation(PPF),long-term potentiation/depression(LTP/LTD)process,and transition from short-term memory(STM)to long-term memory(LTM)by optical and electrical modulations.Importantly,the neuromorphic computing function was verified using the Modified National Institute of Standards and Technology(MNIST)pattern recognition,with a recognition rate nearly 100%without noise.This research proposes a flexible organic heterojunction with the ultra-high recognition rate in MNIST pattern recognition and provides the possibility for future flexible wearable neuromorphic computing devices.
