How does a security countermeasure failure impact a system?

In the context of safety-critical systems, such as transportation systems, it is important to verify if such systems meet/do not meet safety requirements. ISO26262 expresses these requirements as a maximum number of failures per hour of operation. It is generally of a very small magnitude for the most critical components of a system, i.e., 10^-9 failures per hour of operation at most.

As there is a trend towards inter-connected safety-critical systems, there are higher risks that such systems become the target of remote attackers. In this context, remote attackers can eventually control the system remotely (e.g., CarShark attack or Jeep Cherokee remote control). Therefore, there are cyber-attacks that can impact the safety of the system (i.e., endanger the environment of the system).

Therefore, more and more works are dedicated to integrate security and safety such that the addition of security countermeasures inside a system can increase the system overall safety. In existing works, to the best of my knowledge, nobody takes into account the fact that security mechanisms can fail, just as any other components.

My question to you guys is the following: do you have any information about what could be the consequences of a security countermeasure failure on a component or system safety? Is it possible for example that, if an encryption mechanism fails, it flips a bit in a message which could provoke (eventually) a DoS (or anything else), that could lead to a catastrophic event (again, think of it as a worst case)? Is there any discussion/document about this?

Production availability impact of adding column to existing Cassandra table?

It appears that adding a column to an existing table in a production Cassandra cluster is pretty common. Under what conditions is it considered acceptable/safe to do so, in terms of availability and performance?

If it’s difficult or impossible to provide a definitive or clear-cut answer, then how would the expected impact be characterized? Impact might be expressed in terms of e.g. simply “no expected availability impact;” Big-O notation; or empirical measurements like duration of add operation, change in request latencies for impacted Cassandra cluster or (end to end for) client service, change in CPU or memory utilization of impacted cluster. Citations of a good resource(s) on the topic would be helpful.

virsh edit has no impact on domain

I am using virsh edit to edit a domain. After edit it says

Domain ubuntu18.04 XML configuration edited. 

However, reopening the domain with virsh edit shows old file.

The domain is also turned off.

$  virsh list --all --persistent  Id    Name                           State ----------------------------------------------------  -     ubuntu18.04                    shut off 

I have also tried running virsh define to set new configuration.

$  virsh define ubuntu18.04.xml Domain ubuntu18.04 defined from ubuntu18.04.xml 

However, it also did not change the file. How can I edit the domain config file?

cPanel Price increase, How it will impact on freelancers and small industry?

A couple of weeks ago cpanel announced that a per server pricing to a per account model. So a $ 11 per cPanel license for each server and running 1,000 websites, now have to pay $ 122. That’s approximately 1000% price rise!. How it will impact on new freelancers and small industry ? it's a monopolies is happening in hosting industry .what are the alternatives or create a self control panel ?

Magento 2 remove version number impact

I noticed if we type /magento_version along with site url then it displays our magento version. So anyone with bad intention can check my version and exploit it.

to prevent this I can disable the magento_version module from command line but not sure disabling this module will impact on any other feature. In code I noticed they are only using controller to display the info. But i am not sure it’s used elsewhere or not. Also, possible magento use it for API or something or for composer based upgrades?

Will there be any negative impact if we disable? Should i hide my version number publicly? Is it good to hide it?

Any help would be appreciated.

Experimental design, ” how chatbots can impact on a user’s experience”, is better to use Within subjects or between subjects?

I have to do an experimental design “about how chatbots can impact on a user’s experience when using public transport websites to book journeys”. I am not really sure what type of experimental design to choose, would go for Within subjects or between subjects ?

thank

m-

What would be the impact of ignoring material components with a price?


Problem

Whenever I play a spellcaster, and I level up and it’s time to pick/prepare new spells, I almost always avoid those with material components that have a price, since you can’t just substitute them out for your spellcasting focus (i.e. ignore them like you can pretty much all other material components).

The idea that you have to keep an eye out for these very specific and very expensive items (Imprisonment seems like a particularly good example of how obscure and expensive some of these materials can get, although it is an extreme, what with it being a 9th level spell, Clairvoyance is a less extreme lower-level example) and I find this quite annoying and I just end up changing my decision of spells instead of dealing with that restriction, thereby effectively taking that spell out of the game. I’ll point out that I’ve never asked my DM how likely I am to find the item; I just change my decision.

D&D is about being heroes and killing dragons and such, not about shopping around for extremely obscure items just so you can do something once (if it’s one of those spells that consumes it, which are the worse type of spells-with-a-material-component-with-a-price), then it’s back to hoping you find this obscure item again… or just pick a different spell in the first place that just works all the time.

Solution

So, since I know some of my players have similar views on being put off certain spells because of certain material restrictions, I was planning on simply doing away with that rule in an upcoming game I’ll be DMing (i.e. houseruling that all material components can be substituted out for your focus, including those with a cost, even if it says they are consumed, which obviously won’t consume the focus if a focus is used; alternatively, Component Pouches just always happen to have those items in them, like the mere desire to cast that spell forces those items to spawn into existence inside the pouch).

Question

My question is: What impact on gameplay balance would this have? I mean, obviously PCs (and NPCs) would have easier access to more powerful spells that otherwise have a sort of “cap” on them, so I might have to adjust the difficulty of encounters and such, but otherwise would it be so bad to effectively re-include the spells into the game that would otherwise exclude themselves by having unattractive material component restrictions?


PS: My home universe doesn’t have resurrection spells, so concern about everyone just getting up all the time like everyone’s a Zealot Barbarian all of a sudden is not all that relevant to this question; I mean, you can include it in your answer if you like, but I’d rather you not make it your main point.