The newsletter of Engineers Australia's College of Information
Telecommunications & Electronics Engineers
| October-November 2010
In this issue
by Peter Hitchiner
hope you were aware that Engineers Australia sponsored the Asia Pacific
Software Engineering Conference (APSEC). This continues EA’s long
standing association with software engineering conferences in particular
the Australian Software Engineering Conference (ASWEC) which takes a
break in 2011. The College has made opportunities available to students
to attend a session to allow them to meet software industry leaders and
to network in an activity associated with software engineering
conferences, which has become known as “Smart Minds”.
EA is not readily associated with software and indeed neither with ICT:
changing that perception will require persistence and a proactive
approach by volunteers and staff. We should be concerned that an
engineering organisation such as ourselves is not associated with
software engineering because it’s the engineering skills applied to
software that can deliver optimum outcomes in ICT projects.
hear all too often about the software projects which do not meet
requirements (in various ways) and we rarely hear of successful ones.
Why not submit an article to eMonitor describing successful
software and ICT projects you have been involved in and the important
role of engineering for that project?
It has been interesting to
hear our Eminent Speaker for 2010 Dr Terry Stevenson, CTO of Raytheon
Australia, on the topic of “Engineering leadership required in the
development of complex systems”. While Terry has completed most of his
tour, it is hoped that a video of this presentation will be available on
the EA website soon. This should be of interest to all engineers,
especially software engineers. Watch the website for details of further
The website should be the ITEE College’s
window to the College membership and the wider ICT community. When
people seem unaware of the software engineering activity of EA and
cannot locate the information on the website I become increasingly
concerned that the website is not doing what it should. It’s something
the ITEE College should excel with, however, it needs someone to take
ownership and drive the content: anyone interested please let me know.
on software I am hoping sufficient interest in Sydney Division around
APSEC 2010 might enable the launch of a software engineering forum
similar to a very successful initiative started in Perth and more
recently in Adelaide. The forum becomes a regular opportunity for
leaders and other proactive engineers to share issues, solutions and
network with other software engineers. If you are interested in such an
initiative in your Division please let me know.
This column also appears in the ITEE College Board Chair blog http://engineersaustralia.typepad.com/itee_college_chair/. Please post your feedback.
Peter Hitchiner is the ITEE College Chair 2010
back to top
|Web encryption needed
only effective fix for “sidejacking” is full end-to-end encryption,
according to freelance web application and software developer Eric
Butler and security consultant Ian “craSH”
Gallagher presented their talk, Hey Web 2.0: Start protecting user
privacy instead of pretending to, at the hacker conference ToorCon 12 in
San Diego earlier this month. It served to remind companies of their
responsibilities to protect users.
While most people in the IT
and telecommunications industries are aware of the dangers of sending
sensitive information over open wireless networks, Butler considers that
many popular websites should be doing more to protect their users from
sidejacking – the act of stealing a user’s HTTP session once
authentication has taken place.
Butler openly criticised social media outlets Facebook and Twitter on his website: “Facebook is constantly rolling out new ‘privacy’
features in an endless attempt to quell the screams of unhappy users,
but what's the point when someone can just take over an account
entirely? Twitter forced all third party developers to use OAuth then
immediately released (and promoted) a new version of their insecure
It could be argued that one of the main reasons
sidejacking fails to be considered a significant security issue is that
the technical knowledge required to perform such an attack is outside of
the grasp of the average user.
To address this belief, Butler
has released an open source extension to Firefox called Firesheep, which
easily allows users to hijack other users’ accounts over open wireless
networks without needing any knowledge of the inner workings of
The extension provides a “buddy list” of people’s
accounts that are being used nearby and by simply double-clicking,
hijacks the account.
At the time eMonitor was published,
vulnerable sites included Amazon, Basecamp, bit.ly, Cisco, CNET,
Evernote, Facebook, Flickr, Foursquare, Google, Tumblr, Twitter, Windows
Live, Wordpress, and Yahoo!. The open-source nature of the extension
essentially puts any site that does not route its cookies through the
HTTPS protocol at risk as anyone can write scripts to target additional
“Websites have a responsibility to protect the people who
depend on their services. They've been ignoring this responsibility for
too long, and it's time for everyone to demand a more secure web.”
back to top
Personal data security unknown
New South Wales’ policy on securing its residents’ private details has
not been properly implemented, according to a recent report released by
the NSW Auditor-General.
The report Electronic Information Security
is the result of a performance audit performed to determine whether NSW
government agencies had properly established and maintained Information
Security Management Systems as required under its Security of
Electronic Information policy.
According to the report, the
government is unable to say with certainty whether its agencies had
implemented its policy as it does not know how well agencies are
securing sensitive personal information.
The report found that
there has been a clear absence of direction and strong leadership to
ensure that all government agencies comply with its policy and a
fundamental re-think about electronic information security is required.
with twelve recommendations, relating to establishing minimum
standards, strengthening accountability, and enhancing scrutiny, the
report urged the government to publish a new Information and
Communication Technology Strategy and establish new electronic
information security arrangements by June 2011.
back to top
Building a data centre
centre services provider Equinix has awarded a $72 million contract to
John Holland to deliver the first stage of construction for its
Alexandria Data Centre.
The contract will be delivered under a
managing contractor arrangement and includes the delivery of the design
phase and construction of the first stage of the facility.
The project is Equinix’s third data centre in Australia and will involve the refurbishment of an existing 18,000m2
warehouse in Alexandria, in Sydney. Called SY3, the centre’s first
phase will add 1000 cabinet equivalents and is expected to be completed
mid-2011. The completed centre will have a total capacity for more than
3000 cabinet equivalents.
Design work for the project is close to being finalised with construction to commence immediately.
back to top
SCADA systems at high risk
risk of unauthorised access to water and transport infrastructure
systems in Victoria is high and could affect the stable delivery of
these services to the community, according to a report released by the
The report Security of Infrastructure Control Systems for Water and Transport
is the result of an audit examining the security of the control and
management systems, such as computerised Supervisory Control and Data
Acquisition (SCADA), of selected water and transport operators.
found that operators do not have the physical and electronic controls
to detect and prevent inappropriate access to their infrastructure
control systems, nor do they have the appropriate governance
arrangements such as business continuity planning, policies and
procedures required to assure management their infrastructure control
systems are secure.
The report also stated that the Department of
Sustainability and Environment (DSE), Department of Transport (DOT),
and the Victorian Police were not fully aware of the extent of the
weaknesses in infrastructure control systems. It said these oversight
agencies are not actively monitoring and guiding operators in the
management of these systems and that there is a lack of clarity as to
who is responsible for the security of these systems.
None of the operators audited were fully compliant with the Terrorism (Community Protection) Act 2003.
report recommended that operators review their approach to control
systems security against the relevant state and international standards,
DSE should increase its monitoring and provide advice to operators, and
DOT should establish an ICT security team.
back to top
Wireless pest control
technology company Procept is developing automated biophony sensor
technology with the ability to detect and differentiate between sounds
of insects, birds and other organisms, for use by farmers.
wireless technology will help farmers monitor and combat plague pests
such as locusts. It will also provide a less invasive method of
diagnosing the health of farms and orchards, potentially contributing to
the environmental data that is available.
The technology will
use sensor stations, connected via a wireless network, to record audio
as well as temperature, humidity and other environmental data, which is
then transmitted to a central computer and analysed.
The Brumby government has provided $1.5 million in funding via its Smart SMEs Market Validation Program.
back to top
Jens and Lars Rasmussen of Google Australia have been awarded the 2010 NSW ICT Entrepreneur of the Year award.
pair were responsible for founding Google Maps and Google Wave. The
event was held at NSW Parliament in conjunction with National ICT
Australia’s NICTA @ NSW Parliament research showcase.
was originally a product of the pair’s Where 2 Technologies company,
which was then sold to Google, where it continued to build upon its
The ICT Entrepreneur of the Year award includes a cash
grant, and was supported by Industry and Investment NSW and NICTA
(National ICT Australia).
Jen and Lars Rasmussen will
be finalists in a new Pearcey National Entrepreneurs Award sponsored by
CSIRO. The winner of this new award, to be presented for the first time
in 2011, will be drawn from each of the 2010 Pearcey State Award
The NSW ICT Entrepreneur award is presented annually to
the most outstanding ICT and digital media individuals, through an open
process of peer recognition. The Pearcey foundation itself was founded
in memory of Trevor Pearcey, who built Australia’s first and the world’s
fourth programmable digital computer, CSIRAC, in Sydney in 1949. Its
objective is to reinforce the recognition, knowledge and appreciation of
Australia’s ongoing contribution to the development and growth of the
ICT professions, research and industry.
Lars has since left Google Australia and according to an interview by the Sydney Morning Herald, was made an offer by Facebook CEO Mark Zuckerberg to join the social media company in San Francisco.
back to top
Sharing wireless broadband
CSIRO has made a breakthrough in wireless technology, circumventing one
of the largest obstacles for the use of wireless as a medium for
broadband communications: sharing bandwidth with other wireless users.
first half of CSIRO’s Ngara technolgy will enable multiple users to
upload information at the same time, without reducing their individual
systems’ data transfer rate of 12Mb/s.
“Someone who doesn’t live
near the fibre network could get to it using our new wireless system,”
CSIRO ICT centre director Dr Ian Oppermann said.
“They’d be able
to upload a clip to YouTube in real-time and their data rate wouldn’t
change even if five of their neighbours also started uploading videos.
“But the really impressive part is the spectral efficiency our team has achieved.”
spectral efficiency is three times that of the closest comparable
technology and the data rate is more than 10 times the industry’s
recently declared minimum standard.
CSIRO is achieving spectral
efficiency of 20b/s/Hz. Its 12Mb/s, six-user system works in the space
of one television channel, which is 7MHz wide.
director for Gartner, Robin Simpson, said the most promising aspect of
CSIRO’s Ngara technology is that it aims to re-use old analog TV
channels – the resulting spectrum from the Digital Dividend.
means any rural property or business that can currently receive TV
signals could in future connect to high-speed internet just by using a
new set-top box,” Simpson said.
CSIRO is currently completing the
research and testing of the downlink part of the system, which will
also run at 12Mb/s per user.
Ngara is a word of the Darug people
meaning to listen, hear and think. The Darug people are the traditional
owners of the land on which the ICT Centre’s Sydney lab sits. This project is supported by the Science and Industry Endowment Fund.
CSIRO's Ngara technology will re-use old analog TV channels.
back to top
Google Security Team has issued an open challenge to anyone that can
demonstrate new vulnerabilities in its sites that display or manage
sensitive authenticated user data.
Anyone who discovers a new
vulnerability and reports it will be rewarded US$500. Severe or
unusually clever vulnerabilities can attract up to US$3133.70.
challenge is a way to reward those who contribute back to Google, but
also a way to stem Google’s exposure to zero-day attacks where attackers
gain knowledge of vulnerabilities and exploit them before the developer
can issue a fix.
Offering a financial incentive to
confidentially report vulnerabilities may reduce the risk that a
vulnerability becomes public and open to exploitation.
More information about Google’s challenge is available online.
back to top
The image published as part of the story “Trial completed for infrared warning system” in the December 2009 issue of Monitor included an image of test firing that occurred at the Commonwealth’s
Proof and Experimental Establishment, Graytown Vic, not at the Thales
Facility in Lithgow, NSW and the photo was provided by the Defence
Science and Technology Organisation, not Thales.
back to top
|Outdoor access point
Solutions has developed an outdoor high performance, multi-radio
802.11n mesh access point that delivers broadband network capacity and
The Motorola AP 7181 has adopted technology such as
Motorola’s ADEPT (Advanced Element Panel Technology) antenna system to
achieve maximum data rates by enabling dual-datastream communication
using dual polarisation antennas.
Leveraging multiple transmit
and receive RF chains, dual polarised antennas and software configurable
down tilt, the AP 7181 achieves excellent coverage without the
self-shadowing caused by multiple dipole antennas.
the AP 7181 features 2.4 GHz and 5.x GHz radios that support 3x3 MIMO
(Multiple Input Multiple Output) technology, reaching a maximum data
rate of 300Mb/s. This results in additional capacity, which delivers
improvements at both the client and backhaul level.
technology is combined with high performance radios designed by Motorola
to maintain high power transmissions at some of the highest data rates.
Its ability to use 40MHz channel widths allows engineering firms to use
the added capacity of the AP 7181 for applications such as remote
The AP 7181 has a maximum data rate of 300Mb/s.
Data cable for railways
Belden has created a flexible Ethernet data cable for mission critical railway and mass transit applications.
Belden BE43769 cable is a halogen-free Cat 5e Ethernet cable that meets
railway industry standards. This highly specialised data cable reliably
delivers real time information for operators and passengers, on-board
as well as in terminals and control rooms.
The new data cables
have excellent mechanical resistance and a small bending radius for
installation within limited spaces. They can be operated in temperatures
ranging between -40°C and +90°C.
Signal integrity is assured
through high screen coverage in combination with Belden's Beldfoil
technology. The cables are fully compatible with M12 connectors for
field installable or pre-moulded cable assemblies.
BE43769 cable, is ideal for a wide range of applications including
passenger information and entertainment; security and surveillance;
operational train controls; fare collection and ticket validation;
location-based services; and/or any required combination of data, voice,
video-streaming, conferencing and monitoring, tracking, intercom and
system control on one single network.
The Belden BE43769 meets railway industry standards.
Tiny GPS module
Round Solutions has created a tiny GPS module based on the SiRF IV chipset.
ORG4472 GPS module provides higher sensitivity and consumes less power
than previous GPS systems, extending battery life for small handhold
devices due to its passive GPS antennas, which can be used without
It measures 7 x 7 x 1.4 mm the smallest GPS
module of the world and is mounted via surface mount technology. There
are no costs for RF connectors or cable and no manual work is required
Its integrated interface for accelerometers,
gyrometers or other sensors makes “dead reckoning” (estimating its
position based on last known fix and known travel factors) easy. Using
“dead reckoning” tracking can be achieved even without sight to
satellites, for example in tunnels.
The ORG4472 on a SIM card.
back to top
|Engineering Education Australia
Fear free presentations (1 day) Brisbane 25 Nov.
For further information on these and other events organised by Engineering Education Australia go to www.eeaust.com.au.
Engineers Australia conferences
The 19th Australian Institute of Physics Congress incorporating the 35th Australian Conference on Optical Fibre Technology (AIP/ACOFT 2010) will be held in Melbourne on 5-9 December. Inquiries: www.aip2010.org.au.
The 15th International conference for women engineers and scientists will
be hosted by Engineers Australia's National Committee for Women in
Engineering and the International Network for Women Engineers and
Scientists in Adelaide 19-22 Jul 2011. Inquiries: www.icwes15.org. The deadline for submission of abstracts is 1 December 2010.
For a more comprehensive list of Engineers Australia's conferences, visit www.engineersaustralia.org.au/conferences.
The 2011 World Engineers’ Convention will be held on 4-9 Sep 2011 in Geneva, Switzerland. Titled “Engineers power the world – Facing the global energy challenge”,
the convention seeks to encourage innovative engineering aimed at
solving the problem of globally sustainable use of energy. For more
information go to www.wec2011.org or contact firstname.lastname@example.org.
back to top