Characterization of weld seam properties of extruded magnesium hollow profiles

Extrusions of hollow profiles with weld seams were conducted using the magnesium alloy ME21 applying various extrusion ratios. Subsequent analysis of the profiles’ microstructure was performed comparing weld free with weld seam containing material using (polarized) light optical microscopy (LOM). Additionally, the local texture and microstructure in the weld-free material as well as in the weld seam region has been examined with a scanning electron microscope coupled with electron backscatter diffraction technique (SEM-EBSD). The weld-free material and the weld seam are characterized by recrystallized microstructures, whereas few residual cast grains were identified. The local texture distinctively changes from the weld-free material to the weld seam. The texture of the weld-free material is comparable with the typical ME21 sheet texture. In the weld seam area, a pole density is found, which is distributed towards the transverse direction (TD) combined with a split and broadening of the pole density in the extrusion direction (ED). This texture influences the mechanical anisotropy due to the dependence of the activation of basal 〈a〉-slip and \( \{ 10\bar{1}2\} \;\langle 10\bar{1}1\rangle \)-extension twinning on the loading direction in favorably oriented grains.     

Socio-technical IS design science research: developing design theory for IS integration management

Design science research is an essential part of IS research since the field should not only try to understand how the world is, but also how to change it. We argue that the aim of IS design science research should be to develop practical knowledge not only for the design of novel information technology (IT), but also for IS governance and management. Whereas at least some methodological support exists for researchers engaged in IT-centric design science research, limited support is available for researchers who want to develop design knowledge and theory for IS governance and management. To overcome this shortcoming, we suggest a socio-technical IS design science research approach. The approach has four main activities: (1) identifying problem situations and desired outcomes, (2) reviewing extant theories, knowledge and data, (3) proposing/refining design theory and knowledge, and (4) testing design theory and knowledge. The applicability and usefulness of the proposed approach is shown by means of a design science research project concerning IS integration management in the context of mergers and acquisitions.     

Filter-resistant code injection on ARM

Code injection attacks are one of the most powerful and important classes of attacks on software. In these attacks, the attacker sends malicious input to a software application, where it is stored in memory. The malicious input is chosen in such a way that its representation in memory is also a valid representation of a machine code program that performs actions chosen by the attacker. The attacker then triggers a bug in the application to divert the control flow to this injected machine code. A typical action of the injected code is to launch a command interpreter shell, and hence the malicious input is often called shellcode. Attacks are usually performed against network facing applications, and such applications often perform validations or encodings on input. Hence, a typical hurdle for attackers, is that the shellcode has to pass one or more filtering methods before it is stored in the vulnerable application??s memory space. Clearly, for a code injection attack to succeed, the malicious input must survive such validations and transformations. Alphanumeric input (consisting only of letters and digits) is typically very robust for this purpose: it passes most filters and is untouched by most transformations. This paper studies the power of alphanumeric shellcode on the ARM architecture. It shows that the subset of ARM machine code programs that (when interpreted as data) consist only of alphanumerical characters is a Turing complete subset. This is a non-trivial result, as the number of instructions that consist only of alphanumeric characters is very limited. To craft useful exploit code (and to achieve Turing completeness), several tricks are needed, including the use of self-modifying code.     

An algebraic foundation for automatic feature-based program synthesis

Feature-Oriented Software Development provides a multitude of formalisms, methods, languages, and tools for building variable, customizable, and extensible software. Along different lines of research, different notions of a feature have been developed. Although these notions have similar goals, no common basis for evaluation, comparison, and integration exists. We present a feature algebra that captures the key ideas of feature orientation and that provides a common ground for current and future research in this field, on which also alternative options can be explored. Furthermore, our algebraic framework is meant to serve as a basis for the development of the technology of automatic feature-based program synthesis and architectural metaprogramming.     

Process and learning outcomes from remotely-operated,simulated, and hands-on student laboratories

A large-scale, multi-year, randomized study compared learning activities and outcomes for hands-on, remotely-operated, and simulation-based educational laboratories in an undergraduate engineering course. Students (N = 458) worked in small-group lab teams to perform two experiments involving stress on a cantilever beam. Each team conducted the experiments in one of three lab formats (hands-on, remotely-operated, or simulation-based), collecting data either individually or as a team. Lab format and data-collection mode showed an interaction, such that for the hands-on lab format learning outcomes were higher when the lab team collected data sets working as a group rather than individually collecting data sets to be combined later, while for remotely-operated labs individual data collection was best. The pattern of time spent on various lab-related activities suggests that working with real instead of simulated data may induce higher levels of motivation. The results also suggest that learning with computer-mediated technologies can be improved by careful design and coordination of group and individual activities.     

Optimizing the execution of XSLT stylesheets for querying transformed XML data

We have to deal with different data formats whenever data formats evolve or data must be integrated from heterogeneous systems. These data when implemented in XML for data exchange cannot be shared freely among applications without data transformation. A common approach to solve this problem is to convert the entire XML data from their source format to the applications’ target formats using the transformations rules specified in XSLT stylesheets. However, in many cases, not all XML data are required to be transformed except for a smaller part described by a user’s query (application). In this paper, we present an approach that optimizes the execution time of an XSLT stylesheet for answering a given XPath query by modifying the XSLT stylesheet in such a way that it would (a) capture only the parts in the XML data that are relevant to the query and (b) process only those XSLT instructions that are relevant to the query. We prove the correctness of our optimization approach, analyze its complexity and present experimental results. The experimental results show that our approach performs the best in terms of execution time, especially when many cost-intensive XSLT instructions can be excluded in the XSLT stylesheet.     

Structural sensitivity analysis of flexible multibody systems modeled with the floating frame of reference approach using the adjoint variable method

For the efficient analysis and optimization of flexible multibody systems, gradient information is often required. Next to simple and easy-to-implement finite difference approaches, analytical methods, such as the adjoint variable method, have been developed and are now well established for the sensitivity analysis in multibody dynamics. They allow the computation of exact gradients and require normally less computational effort for large-scale problems. In the current work, we apply the adjoint variable method to flexible multibody systems with kinematic loops, which are modeled using the floating frame of reference formulation. Thereby, in order to solve ordinary differential equations only, the equations of motion are brought into minimal form using coordinate partitioning, and the constraint equations at position and velocity level are incorporated in the adjoint dynamics. For testing and illustrative purposes, the procedure is applied to compute the structural gradient for a flexible piston rod of a slider–crank mechanism.     

Detecting zero-day attacks using context-aware anomaly detection at the application-layer

Anomaly detection allows for the identification of unknown and novel attacks in network traffic. However, current approaches for anomaly detection of network packet payloads are limited to the analysis of plain byte sequences. Experiments have shown that application-layer attacks become difficult to detect in the presence of attack obfuscation using payload customization. The ability to incorporate syntactic context into anomaly detection provides valuable information and increases detection accuracy. In this contribution, we address the issue of incorporating protocol context into payload-based anomaly detection. We present a new data representation, called \({c}_n\)-grams, that allows to integrate syntactic and sequential features of payloads in an unified feature space and provides the basis for context-aware detection of network intrusions. We conduct experiments on both text-based and binary application-layer protocols which demonstrate superior accuracy on the detection of various types of attacks over regular anomaly detection methods. Furthermore, we show how \({c}_n\)-grams can be used to interpret detected anomalies and thus, provide explainable decisions in practice.