PraxIS April 2006

_______________________________________________________

Welcome to PraxIS

I'm pleased to announce a new project starting this month, part of a research effort on novel applications for the EU Galileo global positioning system.

Patrick O'Beirne

_______________________________________________________ _______________________________________________________

1)  IT Risk and Security

BCS Position on the Computer Misuse Act 1990 / Police and Justice Bill 2006

Will Roebuck, the director of the E-business Regulatory Alliance (www.e-ra.org.uk), forwarded the British Computer Society's paper on the Amendments to the Computer Misuse Act 1990 as proposed in the Police and Justice Bill 2006. Clause 35 is the area of concern and the E-business Regulatory Alliance supports the British Computer Society's view on this issue.

"BCS is pleased to take this opportunity to comment on the issues raised by the Amendments to the Computer Misuse Act 1990. However, there are some concerns regarding the possible problems introduced by the broadening of section 3 and the consequent uncertainty surrounding ‘impairment’ and the position regarding software tools that can be used for legitimate as well as criminal purposes.

Clause 35 of the Bill inserts a new section 3A into the CMA. This section introduces an offence of making, supplying or offering to supply articles for computer misuse offences for use in computer misuse offences, or obtaining such tools with the intention to use them to facilitate the commission of such an offence. It is also unclear where the liability in the supply chain of such potentially legitimate tools used for computer misuse offences will lie. The BCS would like clarification as to the position regarding legitimate software testing tools."

Peter Sommer, a senior research fellow in the London School of Economics' Information Systems department, pointed out to the e-com-sec yahoogroup: "This still leaves the "possession" charge under s 160 CJA 1988 which is strict liability offence, meaning that the prosecution have only to show the actus reus (the physical act) and not the mens rea (guilty mind, or intention). There are some defences which include "legitimate purpose" but it is for the defendant to demonstrate to the court on the balance of probabilities that he is entitled to the benefit of those defences. Conclusion: if you haven't already worked out a proper policy for handling this type of incident - now is very good time to do so."

.eu domain landrush fiasco

The .eu domain was open to all from April 7th to a chorus of complaints about EUrid's inability to manage it.

http://www.bobparsons.com/EULandrushFiasco.html Bob Parsons, the founder of GoDaddy, led the charge.

http://blog.whoisireland.com/index.php?p=88 John McCormac of said "I'd estimate that somewhere upwards of 40% of registrations are bad faith/fraudulent/speculative. The recent addition of a pile of PPC parasites as registrars, mostly based in the US and Canada, confirmed that .eu is not properly administered by people who know about the domain industry."

Even the domain name traders are unhappy, as reported on http://www.eudomaindesaster.org. It was pointed out that many of the 'registrars' with LLC in their name based in New York shared the same phone number!

____________________________________________________________
____________________________________________________________   

2) Software testing

SoftTest Ireland - on SOX and Skills

http://www.softtest.ie/events/ 29.03.2006 SoftTest Half Day Testing Seminar

Guest Speaker was Andy Redwood, Group Business Manager for Testing at the Portman Building Society. His paper "Test your SOX off" is now available for download. It contains this observation about auditors:

Q – “If we put this type and process in place and deliver evidence through the testing that satisfy the act, will this be okay?”

A – “…I can’t say exactly, but maybe if you were to do something like this, it might be satisfactory…” - PWC

Certification of Software Testers

Stuart Reid also spoke on the Personal Test Maturity Matrix. His paper is not available, but here is information on a Workshop on Open Certification of Software Testers (WOC) in Indianapolis, June 8-10, 2006.
It follows the Conference of the Association for Software Testing, see http://www.associationforsoftwaretesting.org/conference/

Hosts: Cem Kaner and Michael Kelly This call and all subsequent updates to this call are available online
at www.FreeTestingCertification.com. The objectives are to create courses and readings available
free on the web and an exam available free to anyone at anytime.  For now, they are planning to create multiple-choice type tests. Skill-based testing requires a paid expert evaluator, and are often expensive. 

____________________________________________________________
____________________________________________________________

3) Satellite Research Interest

http://www.InformaticsDevelopmentInstitute.net The Informatics Development Institute (IDI) is constituted as a not-for-profit company with a charter to carry out research and development and to encourage innovation in Information Technology and the science of Informatics and cognate sciences and technologies, together with their applications both in Ireland and abroad with special reference to developing countries.

The IDI, of which I am one of the directors, is participating in the Galileo Joint Undertaking (GJU) programme for research involving SMEs (Small/Medium Enterprises).  Our involvement is to design a local wireless network as part of a project to detect small and slow landslide precursor movements.

IDI at the Galileo conference

I heard about ideas for the satellite navigation products of the future that will transform European citizens’ lives at a conference in Brussels on 5 & 6 April 2006. Thirty-two SMEs and researchers unveiled details of projects that aim to exploit the unique qualities of Galileo – Europe’s next generation satellite navigation system - particularly its ability to provide pinpoint accuracy of positioning. Examples of applications include devices that will give positioning accuracy of 20-30 cm, a low-cost and effective early warning system to predict landslides, an apparatus that will be able to track endangered species in the wildlife and a high accuracy positioning array that will enable helicopters to work in much more difficult circumstances, than currently is the case. The project website is http://www.galileoju.com 

Galileo, the European Satellite Navigation System

http://europa.eu.int/comm/dgs/energy_transport/galileo/index_en.htm

The GALILEO satellite radio navigation system is a €3.8 billion initiative of the European Union and the European Space Agency complementary to the current US GPS system.

GALILEO is based on a constellation of 30 satellites and ground stations that emit signals indicating the time extremely precisely. The GIOVE-A, built by Surrey Satellite Technology Ltd (SSTL), blasted off from the Baikonur Cosmodrome in Kazakhstan on a Russian Soyuz rocket on Dec 28, 2005 and has successfully transmitted back test signals. In late 2006 a second test satellite will go into space, GIOVE-B, including a hydrogen maser clock for even greater accuracy. This will be followed by four working satellites in 2008 and the first commercial use of the system in 2010.

http://news.bbc.co.uk/2/hi/science/nature/4792792.stm

Sat-nav has countless applications in the daily lives of consumers, from car guidance systems to feature-packed mobile phones. It has been estimated that the market potential for products based on Galileo and other satellite navigation systems could reach €10bn by 2015 and that Galileo will generate more than 140,000 new jobs in Europe and many more on a global scale. Rescue services will be able to pinpoint the exact location of a car driver's accident. People will be able to find their way in an unfamiliar city using their mobile phone.

Galileo is expected to be even more accurate than the US Global Positioning System (GPS) in that it offers publicly available resolution of five metres and commercial systems can offer 1 metre. In fact, researchers can use more advanced systems to detect centimetre-level differences over time.

Along with the University of Nottingham (UK), we are part of the GGPhi project led by the UK Civil Aviation Authority's (CAA) Institute of Satellite Navigation at the University of Leeds, UK. The project has just started the research stage, so it may be the end of 2006 before we have any useful findings. The University of Leeds have been pioneers in this field for a long time, as this tribute from the National Air and Space Museum of the Smithsonian Institute shows:

http://www.nasm.si.edu/research/aero/trophy/laureate/1988.htm  1988 Electronics Laurels mentions Peter Daly, professor of electrical and electronic engineering, University of Leeds, U.K., and graduate student S.A. Dale for pioneering work in deciphering the signal format of the USSR's Global Navigation Satellite System (Glonass) at a time when the Soviets were following a policy of secrecy.

The US GPS is run by the US military, meaning that the Pentagon can switch off or interfere with the system without warning civilian users around the world. The original intention was that Galileo will stay under civilian control, increasing the EU's strategic independence from the US. However, at the EU-US summit in Ireland in June 2004, an agreement was signed.

http://news.bbc.co.uk/2/hi/science/nature/3839809.stm The BBC reports "The agreement determines how Galileo's frequencies should be structured which, crucially, will allow signals to be jammed in war zones if necessary. US Secretary of State Colin Powell signed the pact with Loyola de Palacio, EU Transport Commissioner, at the EU-US summit at Dromoland Castle, Ireland.  The new accord between the EU and US sees Europe shift its frequency choices to a standard known as Binary Offset Carrier 1.1. The change will allow either side to effectively jam the other's signal in a small area, such as a battlefield, without shutting down the entire system. More importantly from the civilian perspective, the agreement allows the systems to be meshed seamlessly, greatly benefiting manufacturers, service providers and consumers."

____________________________________________________________
____________________________________________________________

4) Spreadsheets

There is still a seat available at my Spreadsheet Auditing Training course for April 20th, if you book this week!
http://sysmod.buy.ie/catalog/product_info.php?products_id=189

The US 2006 East Coast Excel User Conference is on April 19/21st, 2006, Holiday Inn, Boardwalk, Atlantic City, New Jersey http://www.exceluserconference.com/2006ECEUC.html

http://www.uwic.ac.uk/eusprig/2006/CfP.htm  European Spreadsheet Risks Interest Group, Cambridge July 6-7

The 7th EuSpRIG Annual Conference is on the theme ‘Managing Spreadsheets: Improving corporate performance, compliance and governance’  The programme will concentrate on all aspects of the management of spreadsheets including: - assessing current spreadsheet use - risk and other classification systems - proving effectiveness - available controls techniques - planning which kind of techniques fit which risks - maintaining integrity and compliance - discovering and promoting training resources and good practice

UK Excel User Conference - July 19-21, 2006

http://www.exceluserconference.com/2006UKEUC.html 

The UK conference has a great list of presenters: Martin Green, Nick Hodge, Simon Murphy, Patrick O'Beirne, Bob Phillips, Andy Pope and Charles Williams. The event will be held close to the heart of London at the University of Westminster - Marylebone Campus. July 19th will be directed towards the intermediate users and July 20th will have topics for the advanced users. Add-on classes will be available for an additional fee.

http://www.exceluserconference.com/2006UKEUC_Classes.html

Beyond the Basics - Wednesday, July 19th:

* Intermediate VBA by Bob Phillips
* Calculation / Optimization by Charles Williams
* Building Custom Functions by Martin Green
* Intermediate Charting by Andy Pope
* Spreadsheet Design by Simon Murphy
* Preventing Spreadsheet Errors by Patrick O'Beirne

Advance to the Next Level - Thursday, July 20th:

* Advanced Counting And Summing by Bob Phillips
* Building an Excel Add-In by Martin Green
* Converting xla add-ins to COM add-ins in VB6 by Simon Murphy
* Advanced Charting by Andy Pope
* Writing efficient and trouble-free VBA UDFs by Charles Williams
* Pivot Tables by Nick Hodge

Spreadsheet Check and Control book

47 best practices to detect and prevent errors

http://www.sysmod.com/az.php?a=190540400X&b=Spreadsheet+Check+Control Available worldwide from Amazon.

http://sysmod.buy.ie/catalog/product_info.php?products_id=188  Our offer - free shipping to EU in April 2006.

__________________________________________________
_______________________________________________________

FEEDBACK

Simply send your comments to FEEDBACK (at) SYSMOD (dot) COM

Thank you! Patrick O'Beirne, Editor

_______________________________________________________ _______________________________________________________

5) Off Topic

http://catless.ncl.ac.uk/Risks/24.22.html#subj4 This appeared in the Risks Digest for April 1, 2006:

Cartography dream realized

Cambridge, UK. An old dream of cartographers has finally been realized through flat-panel displays and small, portable computational devices. For centuries, cartographers have dreamed of full-scale maps, that is, a map with a scale of 1:1, so that 1 Km. of the map would represent 1 Km. of the world. Implementation difficulties made such a map impractical. But now, scientists at Cambridge University have been able to display the full-scale map on a flat-panel screen, scrolling the map as necessary to cover the territory.

_______________________________________________________
_______________________________________________________

Copyright 2006 Systems Modelling Limited, http://www.sysmod.com . Reproduction allowed provided the newsletter is copied in its entirety and with this copyright notice.

We appreciate any feedback or suggestions for improvement. If you have received this newsletter from anybody else, we urge you to sign up for your personal copy by sending a blank email to   EuroIS-subscribe (at) yahoogroups (dot) com - it's free!

For those who would like to do more than receive the monthly newsletter, the EuroIS list makes it easy for you to discuss issues raised, to share experiences with the rest of the group, and to contribute files to a common user community pool independent of the sysmod.com web site. I will be moderating posts to the EuroIS list, to screen out inappropriate material.

Patrick O'Beirne, Editor
_______________________________________________________
ABOUT THIS NEWSLETTER
"Praxis" means model or example, from the Greek verb "to do". The name is chosen to reflect our focus on practical solutions to IS problems, avoiding hype. If you like acronyms, think of it as "Patrick's reports and analysis across Information Systems".
Please tell a friend about this newsletter.
We especially appreciate a link to www.sysmod.com from your web site!
______________________________________________________
ARCHIVES
To read previous issues of this newsletter please visit our web site at http://www.sysmod.com/praxis.htm

DISCLAIMER
This newsletter is prepared in good faith and the information has been taken from observation and other sources believed to be reliable. Systems Modelling Ltd. (SML) does not represent expressly or by implication the accuracy, truthfulness or reliability of any information provided. It is a condition of use that users accept that SML has no liability for any errors, inaccuracies or omissions. The information is not intended to constitute legal or professional advice. You should consult a professional at Systems Modelling Ltd. directly for advice that is specifically tailored to your particular circumstances.
_______________________________________________________
PRIVACY POLICY:
We guarantee not to sell, trade or give your e-mail address to anyone.
To subscribe to this Newsletter send an email to
EuroIS-subscribe (at) yahoogroups (dot) com
To unsubscribe from this Newsletter send an email to
EuroIS-unsubscribe (at) yahoogroups (dot) com
EuroIS is the distribution list server of the PraxIS newsletter. It also offers a moderated discussion list for readers and a free shared storage area for user-contributed files. The archives of this group are on YahooGroups website http://finance.groups.yahoo.com/group/EuroIS/
_______________________________________________________