Category Archives: Engineering
Women deserve better health care. Engineers can help. – The Source – Washington University in St. Louis
Pressure. Contraction. Pushing. Rupture. For many, these words point to the experience of labor and childbirth. For Michelle Oyen, something else also comes to mind.
These are all very clearly engineering words that have to do with physical forces, says Oyen, associate professor of biomedical engineering in the McKelvey School of Engineering. Weve been treating womens health as solely a biology problem, but its also the realm of engineering and physics.
As director of WashUs Center for Womens Health Engineering, Oyen seeks to bring medical practitioners and engineers together to improve womens health care. Such collaborations have long proved successful in fields like orthopedics, but technological advances in womens health have lagged contributing to some startling statistics. One in 10 babies in the U.S. is born prematurely, for example. And maternal mortality is on the rise, especially among women of color.
Theres a false idea in peoples minds that theres no more to know about pregnancy. Of course, any woman who has experienced a miscarriage or stillbirth, or has ended up being induced early because of preeclampsia, will disagree, Oyen says. We dont talk very often about how poorly we understand all this.
Im not personally going to solve all maternal health problems. Im part of a generation pushing the next generation forward toward solutions.
Oyen points to a few root causes of the problem. For good reasons, medical experiments arent typically performed during pregnancy. Animal models dont provide much helpful information, either. And, for decades, biomedical research was designed, performed and funded exclusively by men. This historical lack of gender diversity has likely also hampered the study of diseases that disproportionately affect women, like autoimmune disorders, as well as various conditions that lead hundreds of thousands of women each year to undergo hysterectomies.
The Center for Womens Health Engineering is already making strides in overcoming these challenges. In one ongoing project, Oyen studies the placenta with Anthony Odibo, the Virginia S. Lang Endowed Chair in Obstetrics and Gynecology at the School of Medicine, and Ulugbek Kamilov, associate professor of computer science and engineering at the McKelvey School. Using machine learning and advanced imaging techniques, the researchers create computational models of placenta function. Such models provide insights into issues with the placenta that can occur early in pregnancy and cause long-term cardiovascular problems for both pregnant women and newborns.
Everyone is born with a placenta, Oyen says. I think in the grand scheme of womens health, this is what hasnt been appreciated. Were talking about things that affect all humans.
Students, particularly women training to be physicians and engineers, are taking note. Alongside research and entrepreneurship, Oyen cites education and training as an essential pillar of the center.
Its exciting to see enthusiastic young women wanting to use their engineering skills in this field, Oyen says. Im not personally going to solve all maternal health problems. Im part of a generation pushing the next generation forward toward solutions.
Read this article:
Graduating Engineer Took These Steps to a Career in Greener Energy – UVA Engineering
Like many students, University of Virginia civil and environmental engineering student Reese Hertel wasnt sure when he arrived at the University of Virginia which path his career should take.
He thought he might want to use his Spanish skills. He considered working close to the Earth somehow. But one thing he was sure about.
One of my core beliefs is that it is my generations responsibility to fight climate change and to mitigate its impacts, he said.
Heres how Hertel, a fourth-year student, found his way to a job at Equinor, an international company focused on producing cleaner, greener energy.
During the spring of his first year, Hertel signed up for a coffee chat through the Center for Engineering Career Development.
Little did I know that this meeting at the Oakhurst Inn Cafe would end up being one of the most influential moments in my UVA career-development journey, he said.
Hertel met with Julia Lapan, director of the center. They discussed not just potential paths, but more importantly, our lives and our values.
Since that initial conversation, he has met with Lapan numerous times to discuss career goals, review resumes, conduct mock interviews, and evaluate internships and job offers.
Hertel likes to travel and explore, so he spent two of his college summers abroad.
He worked one summer for the environmental nonprofit Wellkind Guatemala doing reforestation work. The conservation internship allowed him to contribute to the 75,000 new trees the organization has planted since 2019.
Hertel also spent a semester in Valencia, Spain, where he completed his Spanish minor.
I knew that UVA had the potential to provide me with international opportunities, and I tried to take advantage of as many of these as possible, he said. These experiences were extremely rewarding and reaffirmed my desire to eventually work internationally.
Last summer, Hertel split his time away from coursework between a pair of internships.
The first was assisting professor James A. Smiths research in South Africa. Smith is the inventor of the MadiDrop+, a silver-embedded porous ceramic tablet for purification of household drinking water. About a fourth of the world does not have access to safe, clean water.
The second internship was as a project engineer for renewable energy firm East Point Energy in Charlottesville.
These experiences represented two directions, Hertel said. While I enjoyed some aspects of research, I preferred the work in clean energy and chose to continue on this career path.
In the fall, Hertel took professor Andrs Clarens Introduction to Green Engineering course. It was good timing. The professor was named an assistant director of the White Houses Office of Science Technology Policy earlier this year.
The introductory course on renewable energy covered a variety of topics, which exposed him to diverse careers within the field, he said.
We had opportunities to apply engineering knowledge and business principles to real-world situations, Hertel added. The course further increased my enthusiasm to work in renewable energy.
Part of the capstone process for completing the engineering program is refining ones personal mission statement.
I defined my philosophy as work that contributes to sustainable progress, improves the resilience of society and the environment, and leads to financial independence without sacrificing happiness or well-being, the civil and environmental engineer said.
Hes now headed to work for Equinor, East Points parent company, which is based in Norway but has locations worldwide. The company prides itself on its low-carbon energy portfolio and its push for net zero carbon emissions by 2050.
Hertel will work in multiple departments, including internationally, as part of the companys graduate rotational program.
The opportunities for continuous learning, contributing to fight climate change and working abroad attracted me to this position, and I could not be more excited, he said. One of the biggest lessons that I learned during my time at UVA is that you do not need to know exactly what job you want to do, but it is incredibly important to understand and apply your core values to decisions about your future.
Read this article:
Graduating Engineer Took These Steps to a Career in Greener Energy - UVA Engineering
SDSU research recognized at construction engineering and management conference – SDSU Athletics
Selecting a project delivery method for construction projects is one of the most important decisions of the planning phase. However, very little research exists on the decision-making process for selecting a delivery method. SDSU assistant professor Phuong Nguyen's research explores how probability theory can better inform these decisions in an award-winning paper.
How can probability theory help improve the planning process for highway construction projects?
This is the basis for South Dakota State University assistant professor Phuong Nguyen's research, which was recognized as "Best Paper" for the "Contract, Delivery and Legal Issues" track at the American Society of Civil Engineers' 2024 Construction Research Congress.
"Selecting an appropriate project delivery method for highway construction projects is a complex decision that typically involves assessing many variables and the relationships between them," Nguyen said. "One of the main challenges is to accommodate changes in the relationships among variables as the project moves forward. The objective of this paper was to develop a Bayesian decision support-support model for project delivery method selection."
During the planning phase of construction projects, decision-makers must select one of three project delivery methods: design-bid-build, design-build or construction manager/general contractor. Each method has pros and cons and are optimized for different types of projects that are dependent on budget size and scale, among other factors.
"Past research has shown the selection of an appropriate delivery method as one of the most important decisions in the project planning stage," Nguyen said.
Despite its importance, there is very little research on the decision-making process behind selecting a project delivery method. To fill in the literature gap, Nguyen proposed using a type of probability model Bayesian networks to help better inform these decisions for more effective projects.
For his proposed model, Nguyen collected data from 177 completed highways projects across the United States. He extracted various data points from each project, which were inputted into a decision-making model. The outcomes of the model returned true or false probability values for each delivery method.
"The proposed data-driven Bayesian model can construct a causal network to visualize the probabilistic relationships between variables in project delivery method selection and update the probabilities of the selection outcomes when more information becomes available," Nguyen said.
The key to the Bayesian model, as Nguyen notes, is its ability to consistently reflect the most up-to-date information. This allows for better decision-making throughout the planning phase.
The applications of Nguyen's work will assist transportation agencies in selecting appropriate project delivery methods for future highway construction projects. With historical data and new information for the given project, Nguyen's model will lead to effective decision-making in the planning phase of large-scale construction projects.
Here is the original post:
SDSU research recognized at construction engineering and management conference - SDSU Athletics
More social engineering attacks on open source projects observed – ComputerWeekly.com
The Open Source Security Foundation (OpenSSF) and the OpenJS Foundation, which backs multiple JavaScript-based open source software (OSS) projects, have warned that the attempted social engineering observed earlier in April 2024 against the XZ Utils data compression library may not be an isolated incident.
The XX Utils attack saw a threat actor known as JiaTan infiltrate the XZ Utils project over a multiple-year period, becoming trusted by the project maintainers and contributing legitimate updates to the software before trying to sneak in a backdoor vulnerability, CVE-2024-3094, which could have caused carnage had it not been for the swift actions of an eagle-eyed researcher.
Now, OpenSSF and OpenJS are calling for all open source maintainers to be alert for similar takeover attempts after the OpenJS Cross Project Council received multiple suspicious emails imploring them to update one of its projects to address critical vulnerabilities without citing any specific details.
Robin Bender Ginn, OpenJS Foundation executive director, and Omkhar Arasaratnam, OpenSSF general manager, said that the authors of the emails, which bore different names but came from overlapping GitHub-associated accounts, wanted to be designated as project maintainers despite having little prior involvement, similar to how JiaTan was able to weasel their way into the XZ Utils project.
They added that OpenJS team also became aware of a similar pattern at two other widely-used JavaScript projects that it doesnt host itself, and has flagged the potential security risk to respective OpenJS leaders, as well as the US cyber security authorities.
None of these individuals have been given privileged access to the OpenJS-hosted project. The project has security policies in place, including those outlined by the Foundations security working group, wrote Bender Ginn and Arasaratnam in a joint blog post detailing the attack.
Open source projects always welcome contributions from anyone, anywhere, yet granting someone administrative access to the source code as a maintainer requires a higher level of earned trust, and it is not given away as a quick fix to any problem.
Together with the Linux Foundation, we want to raise awareness of this ongoing threat to all open source maintainers, and offer practical guidance and resources from our broad community of experts in security and open source, they said.
Among other things, OSS project members should be alert to friendly, yet aggressive and persistent pursuit of maintainer status by any new or relatively unknown community members, new requests to be elevated, and endorsement from other unknown community members, which may potentially be sockpuppet accounts.
Members should also be aware of pull requests (PRs) that contain blobs as artifacts the XX backdoor was a file that wasnt human readable, not source code; intentionally obfuscated or hard to understand source code; security issues that seem to escalate slowly the XZ attack started with a relatively innocuous test amendment; deviation from typical project compile, build and deployment procedures; and a false sense of urgency, particularly if someone appears to be trying to convince a maintainer to bypass a control or speed up a review.
These social engineering attacks are exploiting the sense of duty that maintainers have with their project and community in order to manipulate them, wrote Bender Ginn and Arasaratnam. Pay attention to how interactions make you feel. Interactions that create self-doubt, feelings of inadequacy, of not doing enough for the project, etcetera, might be part of a social engineering attack.
Social engineering attacks can be difficult to detect or protect against via programmatic means as they prey on human emotions and trust, so in the short term, it is also important to share as much information about possible suspicious activity as possible, without shame or judgment, so that community members can learn protective strategies.
Chris Hughes, Endor Labs chief security officer and a cyber innovation fellow at the Cybersecurity and Infrastructure Security Agency (CISA), said he was unsurprised to hear about more widespread social engineering attacks against the open source world moreover given the XZ attack received significant publicity, it is likely that other malicious actors will try similar tactics going forward.
We can likely suspect that many of these are already underway and may have already been successful but havent been exposed or identified yet. Most open source projects are incredibly underfunded and run by a single or small group of maintainers, so utilising social engineering attacks on them isnt surprising and given how vulnerable the ecosystem is and the pressures maintainers are under, they will likely welcome the help in many cases, he said.
If done well by the attackers, it may be difficult for the maintainers to determine which involvement is from those interested in collaborating and contributing to projects versus those with malicious intent.
More generally, warned Hughes, this poses a massive risk to the open source community in general, with around a quarter of all open source projects having just one maintainer, and 94% less than 10. This risk then carries forward into organisations that use open source software components in their software.
This raises awareness of the larger issue of how opaque the OSS ecosystem is. Components and projects that run the entire modern digital infrastructure are often maintained by unknown aliases and individuals scattered around the globe. Furthermore, many OSS projects are maintained by a single individual or small group of individuals often in their spare time as a hobby or passion project and typically without any sort of compensation.
This makes the entire ecosystem vulnerable to malicious actors preying on these realities and taking advantage of overwhelmed maintainers with a community making demands of them with no actual compensation in exchange for their hard work and commitment to maintaining code the world depends on, he said.
Originally posted here:
More social engineering attacks on open source projects observed - ComputerWeekly.com
Six Hankinson students selected for International Science and Engineering Fair – Wahpeton Daily News
State Alabama Alaska Arizona Arkansas California Colorado Connecticut Delaware Florida Georgia Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nebraska Nevada New Hampshire New Jersey New Mexico New York North Carolina North Dakota Ohio Oklahoma Oregon Pennsylvania Rhode Island South Carolina South Dakota Tennessee Texas Utah Vermont Virginia Washington Washington D.C. West Virginia Wisconsin Wyoming Puerto Rico US Virgin Islands Armed Forces Americas Armed Forces Pacific Armed Forces Europe Northern Mariana Islands Marshall Islands American Samoa Federated States of Micronesia Guam Palau Alberta, Canada British Columbia, Canada Manitoba, Canada New Brunswick, Canada Newfoundland, Canada Nova Scotia, Canada Northwest Territories, Canada Nunavut, Canada Ontario, Canada Prince Edward Island, Canada Quebec, Canada Saskatchewan, Canada Yukon Territory, Canada
Zip Code
Country United States of America US Virgin Islands United States Minor Outlying Islands Canada Mexico, United Mexican States Bahamas, Commonwealth of the Cuba, Republic of Dominican Republic Haiti, Republic of Jamaica Afghanistan Albania, People's Socialist Republic of Algeria, People's Democratic Republic of American Samoa Andorra, Principality of Angola, Republic of Anguilla Antarctica (the territory South of 60 deg S) Antigua and Barbuda Argentina, Argentine Republic Armenia Aruba Australia, Commonwealth of Austria, Republic of Azerbaijan, Republic of Bahrain, Kingdom of Bangladesh, People's Republic of Barbados Belarus Belgium, Kingdom of Belize Benin, People's Republic of Bermuda Bhutan, Kingdom of Bolivia, Republic of Bosnia and Herzegovina Botswana, Republic of Bouvet Island (Bouvetoya) Brazil, Federative Republic of British Indian Ocean Territory (Chagos Archipelago) British Virgin Islands Brunei Darussalam Bulgaria, People's Republic of Burkina Faso Burundi, Republic of Cambodia, Kingdom of Cameroon, United Republic of Cape Verde, Republic of Cayman Islands Central African Republic Chad, Republic of Chile, Republic of China, People's Republic of Christmas Island Cocos (Keeling) Islands Colombia, Republic of Comoros, Union of the Congo, Democratic Republic of Congo, People's Republic of Cook Islands Costa Rica, Republic of Cote D'Ivoire, Ivory Coast, Republic of the Cyprus, Republic of Czech Republic Denmark, Kingdom of Djibouti, Republic of Dominica, Commonwealth of Ecuador, Republic of Egypt, Arab Republic of El Salvador, Republic of Equatorial Guinea, Republic of Eritrea Estonia Ethiopia Faeroe Islands Falkland Islands (Malvinas) Fiji, Republic of the Fiji Islands Finland, Republic of France, French Republic French Guiana French Polynesia French Southern Territories Gabon, Gabonese Republic Gambia, Republic of the Georgia Germany Ghana, Republic of Gibraltar Greece, Hellenic Republic Greenland Grenada Guadaloupe Guam Guatemala, Republic of Guinea, Revolutionary People's Rep'c of Guinea-Bissau, Republic of Guyana, Republic of Heard and McDonald Islands Holy See (Vatican City State) Honduras, Republic of Hong Kong, Special Administrative Region of China Hrvatska (Croatia) Hungary, Hungarian People's Republic Iceland, Republic of India, Republic of Indonesia, Republic of Iran, Islamic Republic of Iraq, Republic of Ireland Israel, State of Italy, Italian Republic Japan Jordan, Hashemite Kingdom of Kazakhstan, Republic of Kenya, Republic of Kiribati, Republic of Korea, Democratic People's Republic of Korea, Republic of Kuwait, State of Kyrgyz Republic Lao People's Democratic Republic Latvia Lebanon, Lebanese Republic Lesotho, Kingdom of Liberia, Republic of Libyan Arab Jamahiriya Liechtenstein, Principality of Lithuania Luxembourg, Grand Duchy of Macao, Special Administrative Region of China Macedonia, the former Yugoslav Republic of Madagascar, Republic of Malawi, Republic of Malaysia Maldives, Republic of Mali, Republic of Malta, Republic of Marshall Islands Martinique Mauritania, Islamic Republic of Mauritius Mayotte Micronesia, Federated States of Moldova, Republic of Monaco, Principality of Mongolia, Mongolian People's Republic Montserrat Morocco, Kingdom of Mozambique, People's Republic of Myanmar Namibia Nauru, Republic of Nepal, Kingdom of Netherlands Antilles Netherlands, Kingdom of the New Caledonia New Zealand Nicaragua, Republic of Niger, Republic of the Nigeria, Federal Republic of Niue, Republic of Norfolk Island Northern Mariana Islands Norway, Kingdom of Oman, Sultanate of Pakistan, Islamic Republic of Palau Palestinian Territory, Occupied Panama, Republic of Papua New Guinea Paraguay, Republic of Peru, Republic of Philippines, Republic of the Pitcairn Island Poland, Polish People's Republic Portugal, Portuguese Republic Puerto Rico Qatar, State of Reunion Romania, Socialist Republic of Russian Federation Rwanda, Rwandese Republic Samoa, Independent State of San Marino, Republic of Sao Tome and Principe, Democratic Republic of Saudi Arabia, Kingdom of Senegal, Republic of Serbia and Montenegro Seychelles, Republic of Sierra Leone, Republic of Singapore, Republic of Slovakia (Slovak Republic) Slovenia Solomon Islands Somalia, Somali Republic South Africa, Republic of South Georgia and the South Sandwich Islands Spain, Spanish State Sri Lanka, Democratic Socialist Republic of St. Helena St. Kitts and Nevis St. Lucia St. Pierre and Miquelon St. Vincent and the Grenadines Sudan, Democratic Republic of the Suriname, Republic of Svalbard & Jan Mayen Islands Swaziland, Kingdom of Sweden, Kingdom of Switzerland, Swiss Confederation Syrian Arab Republic Taiwan, Province of China Tajikistan Tanzania, United Republic of Thailand, Kingdom of Timor-Leste, Democratic Republic of Togo, Togolese Republic Tokelau (Tokelau Islands) Tonga, Kingdom of Trinidad and Tobago, Republic of Tunisia, Republic of Turkey, Republic of Turkmenistan Turks and Caicos Islands Tuvalu Uganda, Republic of Ukraine United Arab Emirates United Kingdom of Great Britain & N. Ireland Uruguay, Eastern Republic of Uzbekistan Vanuatu Venezuela, Bolivarian Republic of Viet Nam, Socialist Republic of Wallis and Futuna Islands Western Sahara Yemen Zambia, Republic of Zimbabwe
Read more from the original source:
Six Hankinson students selected for International Science and Engineering Fair - Wahpeton Daily News
MVU participates in the 2024 Vermont Science, Technology, Engineering & Math Fair – St. Albans Messenger
SWANTON Six students from Missisquoi Valley Union competed in the Vermont State Science, Technology, Engineering & Math Fair March 30 at Norwich University.
The students who attended were finalists in the local MVU STEM Fair held on Feb. 8. They spent Saturday presenting to multiple judges and visitors. MVU students performed admirably by winning a gold medal (top 10 percent among participants) and claiming one of the $3,000 scholarships to the New Hampshire Academy of Science, a three-week prestigious summer program, along with other prizes.
Attending the fair were Kelsey Paradee, Avery Guyette, Surelle Casperson and Rowan Gregory in grade 10 and Briana Fremeau and Emma Flanders in grade 9, along with MVU STEM Fair coordinator Rich Ballard.
Awards:
Avery Guyette - with her project: Does Perceived Attractiveness Influence Judicial Decisions In Respective Court Cases?
Gold Medalist (Top 10% in Vermont)
Vermont Academy of Arts and Sciences Top Project showing good research techniques. ($200 prize)
American Psychological Association - Achievement in research in physiological science
Emma Flanders - with her project - How Luminol Reacts When Mixed with Other Chemicals
Many thanks to the MVU science teachers for challenging their students to do some great projects. Thanks to the many local businesses and community organizations that supported the effort, including Viatris, for supporting the MVU STEM Fair with a generous grant.
Thanks also goes to the non-profit STEM Challenge Initiative organization, which promotes STEM education in the region and also provided a grant to the MVU STEM Fair, as well as MVU STEM Fair coordinator Rich Ballard for organizing and supporting the student participation in the 2024 event.
See more here:
Manhasset Students Traveling To International Science And Engineering Fair – Anton Media Group
Three Manhasset High School students will be making the trip to Los Angeles this May to participate in the prestigious International Science and Engineering Fair (ISEF). Senior Dylan Yoon and junior Alena Tsai are Long Island Science and Engineering Fair (LISEF) Finalists and will be representing Long Island at the fair. Dylans project The Enhancement of a Novel 3D-Printed Electrodialysis Device through the Implementation and Optimization of Spacer Designs, and Alenas project Integrated In-silico and In-vitro Experimental Strategies for the Application of Carbon Quantum Dots in Alzheimers Research, were both top finishers in the local competition. Additionally, junior Emily Zhao is a New York State Science and Engineering Fair (NYSSEF) ISEF finalist and will be representing New York State at ISEF. Her project Novel Eutrophication Remediation Turbine For Piezocatalytic Inactivation Of Anabaena In Optimized Turbulent Flow was a top finisher in the state competition. All three students will have the opportunity to compete in the annual national science fair, which is owned and administered by the Society for Science, a 501 non-profit organization based in Washington, D.C. Submitted by Manhasset Public Schools
Read more here:
Manhasset Students Traveling To International Science And Engineering Fair - Anton Media Group
Digital textbooks expand learning for engineering students – South African study – The Conversation Indonesia
In the past four years its become increasingly common for part or all of a university students learning to happen online. This transition to digital learning platforms has highlighted the digital divide within educational contexts.
In poorer, less resourced and connected countries like South Africa, this divide is not merely a matter of who has access to digital devices and who doesnt. Its also about whether students are digitally literate. This is about more than merely navigating digital devices and platforms. Its also about being able to think and evaluate information critically and to creatively use technology in problem-solving.
Universities and other educational institutions need to urgently integrate digital literacy training into their curricula. Students need to become familiar with the technical aspects of digital tools and develop the mindset to use these tools for learning, research and innovation.
So, how can this be done? My PhD in engineering education research centred on how novice engineering students at a South African university of technology use e-textbooks to develop digital literacy skills. My findings suggest that e-textbooks could make engineering education more inclusive and engaging. Students found the e-textbooks features helpful for grasping complex engineering concepts. This, in turn, enhanced their conceptual understanding.
This suggests its a good idea to integrate e-textbooks into engineering education in South Africa. Its not enough to focus on the technological aspects, though. There must also be a concerted effort to address the socio-economic and educational barriers that students face.
E-textbooks are becoming an increasingly integral part of university education around the world. These digital resources conveniently give students access to learning materials from any location at any time. They are also cheaper than paper textbooks.
E-textbooks are interactive, with embedded multimedia elements and quizzes. This caters to diverse learning styles, making study sessions more engaging and effective. The ease of updating digital content also ensures that students have the latest information. Thats a big advantage in rapidly evolving fields such as engineering.
Unlike traditional textbooks, e-textbooks can include interactive elements that encourage students to work with their peers.
Features such as shared annotations, discussion forums and interactive exercises can make them a dynamic platform for collaborative learning. This enriches the learning experience and fosters a sense of community among students, a critical factor in educational success.
I invited first-year students at a South African university to participate in my study. A total of 73 students from two engineering departments Chemical Engineering and Maritime Studies responded to the survey.
I then selected 14 participants for a qualitative in-depth investigation. They engaged in individual and group reading activities. These sessions were followed by interviews. The students offered insights into their understanding and previous practices with digital texts. They also told me how they used the prescribed e-textbook.
It became evident that students were not mere passive consumers of information. Some adopted emerging digital literacy practices. They navigated the e-textbooks easily, using hyperlinks for quick access to previous chapters and revision. They watched embedded videos to grasp complex concepts. They used emojis to annotate and personalise their readings and the highlighting feature to emphasise crucial points.
Others engaged more superficially with the content. In these instances, students simply read the text and viewed the illustrations, much as theyd use paper books. This can likely be explained by the fact that many students, especially those coming from rural areas or under-resourced schools in South Africa, might have limited exposure to digital devices and technology before entering university. Students not accustomed to using digital devices would take time to adjust.
I also found that many students werent using the e-textbooks collaborative functions even though they told me during discussions that they recognised collaborating could be valuable. One student suggested:
The e-textbook should include interactive features for collaboration [online], such as studying in groups where everyone sees each others highlights in different colours.
My findings suggest that e-textbooks could make engineering education more inclusive. These digital resources can help create an environment where students from diverse backgrounds, with varying abilities and learning preferences, can learn effectively.
For example, a student with dyslexia might find traditional textbooks challenging. The different modes that an e-textbook uses to provide content, such as video explanations, offer alternative pathways to understanding complex engineering concepts.
Traditional paper books often overlook the unique needs of learners and students with special educational needs.
However, while e-textbooks present a promising tool for enhancing learning experiences, their impact on educational inequalities cannot be overlooked. The mere availability of digital resources does not ensure equitable access. Financial barriers, lack of infrastructure, and inadequate digital literacy are hurdles that many South African students face.
The adoption of e-textbooks must be accompanied by targeted interventions designed to address these challenges. For example, universities could provide free or heavily subsidised access to e-textbooks to assist poorer students. Partnerships between institutions and publishers may also be fruitful.
See the rest here:
Is Platform Engineering Really Just API Governance? – The New Stack
LONDON — “If API governance and platform engineering had a Venn diagram, they’d be a circle,” contended Mark Boyd, director of Platformable, during his keynote at the API Conference April 10.
He doesn’t distinguish between your API governance toolkit and your platform engineering strategy. And maybe you shouldn’t either. After all, both prioritize the same ideal customer profile: your internal developer colleague.
Indeed, APIs have emerged as the preferred way that developers want to access and build on top of any internal developer portals and golden paths to production. And a focus on API and data standardization and cross-organizational service reusability is at the foundation of any platform strategy.
“The API is the tail wagging the dog,” Boyd argued, “as so often APIs can fundamentally change the business.”
Externally available APIs create an ecosystem around the business, he said, opening up new routes to market. APIs become a cross-functional language that allows both technical and business stakeholders to communicate. And, he said, building an API ecosystem with different business units allows for cross-organization collaboration — like via an internal developer platform — instead of fostering internal competition for time and teams.
This is especially relevant today, at a time when everyone is trying to do more with less, to increase developer productivity right when developer burnout is running high.
So what does a lightweight API governance strategy look like? How do you overcome API complexity? asked the APICon audience. Here’s how to streamline that complexity now.
How does an API life cycle start? Usually in isolation. An API user, Boyd reflected, needs something and the solution architect looks to either extend an existing API or, more often, create a new API. A product manager may be involved but only at the beginning stages, for gathering requirements.
There’s very little checking what’s already out there — likely because there usually aren’t simple ways to do that. And there’s rarely standardization around APIs to boot.
Only about half the APICon audience raised their hands when asked if they use API specification formats like OpenAPI, AsyncAPI and AWS RAM. Use of these formats can cultivate uniformity across an organization and potentially save time, as at least this activity means there’s a definition of an API written out in an understandable and consistent format.
In addition, only a few members of the audience said they created or reused data object schemas: meaning each API could potentially use a different data model to describe the same sorts of things.
Boyd gave the example of a user account: each API may create a user account data model slightly differently: some may use FirstName, LastName, title, organization, and email, others may make one field name for first and last name, and then just ask for an email address, while others may have even more fields.
To apply API governance when creating a new API, Boyd recommended you begin by mapping out the developer’s journey. Ask: What are the pain points? What programming languages do they use? What architectural patterns do they rely on?
Write down your use case description for the API at the start — not just the API name, he emphasized. This practice helps the API architect verbalize what their API is intended to achieve. This description can then be included at the start of your documentation, which increases discoverability, which in turn increases reusability. And, if you’re planning to expose your API and documentation externally, it increases your human and machine-readable searchability.
“That sort of little user story templating helps stop developers [from] leaving their flow and thinking: OK, what model should I use?” Boyd said.
It also helps with API discovery and reusability across the organization. Everything becomes more easily searchable through an internal developer portal or API catalog, so this API will be more likely found and reused, which is much cheaper than building from scratch.
Finally, as we move into the generative AI developer productivity space, this quick exercise of jotting down what an API is intended for also makes it more machine-readable, which increases the possibility for it to be suggested by a GenAI coding assistant. These steps help decrease interruptions to developer flow and eventually save time and money, as developers focus on new, differential work.
To help foster even more design thinking, Boyd also recommended writing a press release, even if it is likely never to be shared.
“Imagine it’s the end of the project. You’re releasing that API, or the new features of an API. And you’re describing it externally, what’s it going to do? What value is it going to create for others? How will people use it?”
He said this public relations practice “will help clarify your thinking about all of the things that you need in that API as well.”
Platform engineering is a sociotechnical practice that looks to reduce the complexity and cognitive load that comes from disparate tooling, by creating a single pane of glass view of shared services to better serve the internal developer. API governance via a platform or internal developer portal enables service and API reusability, instead of teams building everything from scratch.
A key pillar of platform engineering is the laying down of golden paths, which Boyd called “agreed upon architecture.” These are typically the simplest way to accomplish a repeated activity. By clarifying these paved routes, organizations typically see a reduction of complexity and developer cognitive load, which in turn speeds up the delivery of value to the end user.
Since Conway’s Law reigns supreme, communication structure and technology are intrinsically linked. Boyd offered up another platform favorite, Team Topologies, an engineering management system that can help organize teams around a new way of shared API governance.
Introducing a Team Topologies approach requires organizational restructuring and reallocation of resources from stream/line of business teams to a centralized platform team, and giving them the authority to support line-of-business teams to use common tooling across the organization.
“Often, APIs have gone out to lines-of-business where each line of business has their own API teams building their own APIs independently,” Boyd said.
Much of the tech industry is moving slowly toward a platform team that offers centralized services to what Team Topologies refer to as stream-aligned teams. It doesn’t enforce API governance on these teams but rather a Platform as a Product mindset compels these stream-aligned teams to adopt golden paths because it’s just easier. You might have to persuade teams that this is indeed the path of least resistance.
Teams may push back, Boyd warned, claiming, “Our line of business is very unique and very special.” Not every team has to follow your golden paths, but the platform team must persevere in its attempts to centralize resources common to the whole or the majority of business lines.”
This can include the API catalog and an API management solution.“Even the developer personas could be owned by that sort of central team,” Boyd said, “because those developer personas might be matching for multiple lines of business.”
Just remember to start small. He emphasized the importance of API documentation and cross-organizational API discoverability as the first steps to the thinnest viable platform. Because, judging by the reaction of the APICon audience, very few platform teams have big budgets, so you’ll have to work with what you’ve got.
We are constantly in a state of bundling and unbundling in the tech industry, Boyd said. The popularity of platform engineering and Team Topologies is just that pendulum swinging back from the recent extremes of developer autonomy toward re-bundling common services. In a time of trying to do more with less, this is sensible, but also it helps address tool overload and cognitive load.
Often In the API development stage, “I see the product manager being released from their duties too early,” Boyd said. And then they aren’t often brought in until the API is ready for deployment.
“We need more product managers in the room,” he said to an audience of mostly AI architects and API engineers — and only one API product owner.
This is a mistake, he argued, especially when your API catalog and developer platform need to be “sold” to your internal customers. Plus, it’s unnecessary to exclude them since, when using something like the OpenAPI specification, you are able to communicate in a human-readable way that allows business and tech to communicate more easily.
“You can walk through it and talk about what some of the functionalities you’re exposing are and just double-check that [it] matches those functional requirements that they’ve helped identify in the first place,” Boyd advised.
While the product doesn’t stick around long enough, security often isn’t brought in until the end of API creation, which risks not just code security and stability, but all that work being for naught if security doesn’t clear it. It’s especially important to bring security in early, he said, if the API is going to expose any data or services externally, “so that you don’t have to remake those decisions.”
Security guidelines are an excellent way to address security early, he said. When his team at the data and tooling startup Platformable works with clients to write an OpenAPI specification, each item of data in a model that’s being exposed is given a risk factor — low, medium or high — considering an organization’s data sensitivity, compliance risk, and brand risk. The higher the risk, the earlier in the API development life cycle you bring security in.
An API style guide contributes to that consistency that drives reusability, but it isn’t something you need to create from scratch. The API Stylebook is a collection of guidelines and resources for API designers. Boyd touted Zalando’s RESTful API Guidelines and the Adidas API design guidelines as exemplary.
Since APIs expose data, API governance is really about data governance too, he contended. “What I see in a lot of businesses is API governance and data governance are seen as completely different.”
Since APIs are usually scattered across organizations, API architects can make the lives of the data teams easier by creating an agreed-upon taxonomy of functionalities. This can include setting field standards, like trying to influence whether to use “user” or “account,” and whether you use “first, last” in a single field or in separate fields.
When moving to an API governance model, you don’t have to go back and update all your APIs, he said. But you can follow those outlined steps when designing new APIs and when updating older ones.
Follow API architecture influencer Mike Amundsen’s advice on guide implementations with the EASE rubric, Boyd said, which helps you assess whether to go back and refactor existing legacy technologies to meet new governance guidelines. The EASE rubric considers four identifiable qualities:
“A key thing to keep in mind is that not all solutions need to excel at all four qualities. If the API is only used internally by a single team, then it is likely that it will have only minimal scalability and efficiency,” Amundsen wrote. “And might only need a bit of extra work in order to meet availability needs.”
But if an API is to be exposed or have a cross-organizational functionality, it needs to score high on all four, which means it is more likely that the new API governance framework you are introducing (such as style guides) should be imposed.
API sprawl is something the industry has been grappling with for over a decade now triggering a huge discoverability problem. For too long, siloed teams have been using APIs as a way to connect both internal and external services and data with both internally and externally created APIs.
No organization really knows how many APIs are connecting which services and exposing what data. This makes both API standardization and security more challenging.
Fortunately, Boyd argues that the industry’s scaled adoption of internal developer portals is really just another — perhaps more efficient — way of approaching API portfolio management. Specifically, since a great early win of any platform engineering initiative is service discoverability, anything that can facilitate the creation of an internal API catalog is welcome.
“With internal catalogs, at least all of the APIs could be listed in one place so people can see. You can actually have in an internal developer portal the data models as well, so people can [also] reuse those.”
His team is trying to cultivate a developer’s reflex, he added, so that “whenever you have to build something new for your API, you should be thinking, ‘Hang on a second. Let me check the internal catalog to see whether or not we’ve already got one of those’” data models or APIs.
Boyd mentioned four different internal developer portal tools:
He also suggested looking at Stoplight, recently acquired by SmartBear, as an API design tool. “What I love about this is you can actually define your style guide in it,” Boyd said. “And then, as you’re building your OpenAPI specification, it’s telling you whether or not you’re out of bounds from your own style guide.”
If you have an external API ecosystem, you can even publicly release your style guide. Stoplight also maintains Spectral, an open source linter, which can check your API design against your style guide, industry standards or more widely accepted API design best practices.
He also recommended running all your APIs through 42crunch, an API security platform that can take an OpenAPI description and assess its robustness. He also pointed to new open source tools that perform similar assessments, such as the recently released open source OWASP Ruleset.
But, as he said, the immense API Landscape is continuously expanding — particularly if you follow Boyd’s overlap of API governance and platform engineering. To date, it features 2,159 API tools.
No matter what you choose — and whatever you call this strategy of service and API standardization and reusability — Boyd urges that you remember your internal developers are your customers. You should be publishing your roadmap and sharing it with them to get feedback. This also enables inner sourcing where you can leverage the work of developers organization-wide, which is especially important in these tighter times.
And of course, measure the results of your program. Some metrics you could track include:
“Your metrics may vary,” Boyd emphasized, noting many of these ideas were presented by John Musser in his work on Ford’s platform engineering program. One key metric his team uses is developer days saved per project and overall, calculated as a monetary value of dollars saved by the organization by introducing standardized approaches.
Kick-off any API governance or platform engineering initiative by asking your developers what their pain points are, and craft your strategy from there. And keep track of data like the four golden signals — latency, traffic, errors and saturation.
When in doubt, creating an ideal developer flow, Boyd said, should look to continuously answering three questions:
Just remember, he said, as you face this complexity: “You’ve got to start small and show the benefits to your team and to all decision makers involved.”
YOUTUBE.COM/THENEWSTACK
Tech moves fast, don't miss an episode. Subscribe to our YouTube channel to stream all our podcasts, interviews, demos, and more.
SUBSCRIBE
Read the rest here:
Is Platform Engineering Really Just API Governance? - The New Stack
Criminals ramp up social engineering and AI tactics to steal consumer details – Yahoo News UK
Criminals are finding new ways to target consumers using social media and deepfake technology, with cost-of-living pressures also having an impact, according to a fraud prevention body.
Cifas said that over the past year, members had reported being increasingly concerned about the potential growth in fraud generated by AI or artificial intelligence.
It is seeing an increase in AI-enabled identity fraud, such as sophisticated phishing scams, deepfake images, videos and audio.
In total, according to its Fraudscape report, more than 374,000 fraud cases generally were reported to the Cifas National Fraud Database (NFD) last year.
Cifas said that members prevented 1.8 billion worth of fraud losses.
Identity theft remained the most dominant type of fraud, accounting for nearly two-thirds (64%) of incidents. More than 237,000 cases were recorded in 2023.
Criminals sharpened their social engineering tactics and continued to exploit cost-of-living pressures, Cifas found.
An increased use of AI and data harvesting techniques to fraudulently open and abuse accounts, steal identities and take over customer accounts was also highlighted.
Personal bank accounts are a particular target for identity fraudsters, Cifas said.
Account takeover attempts may also use spoof voices to answer security questions.
Cifas has more than 700 members from industries including banking and finance, insurance, telecommunications, retail and the public sector.
Facility takeover fraud when an account is taken over by a fraudster is also an increasing issue. Cifas said the telecommunications sector was particularly affected.
This increase partly reflects a shift in fraudulent methods, with criminals increasingly targeting existing accounts to obtain new products or upgrades, it said.
Misuse of facility when a product is obtained with the intent of misusing it was also found to have increased. There was a notable rise regarding loan products, Cifas said.
Story continues
Cifas said the overall misuse of facility data covered several industries, highlighting the impact of the cost-of-living pressures and people attempting to avoid payments or financially gain from stealing assets.
Stephen Dalton, director of intelligence for Cifas, said: As our latest data shows, the impact of fraud and financial crime on people, companies and the public sector continues at epidemic levels.
Ongoing economic uncertainty and cost-of-living pressures provide a rich source of opportunity for criminals to exploit people at their most vulnerable. These circumstances may also be the catalyst for some individuals to commit fraud and supplement their income during difficult times.
Mike Haley, chief executive of Cifas, added: Criminals are finding new and sophisticated ways to target consumers, such as through social media and AI and deepfake technology. We are committed to driving down these cases through the sharing of data and intelligence and building effective defences to prevent fraud.
To achieve our goal takes a huge multi-sector, collaborative effort. That means having effective cross-government leadership in response to fraud, enhancing victim support, providing critical counter-fraud insight to social media and big tech companies, and educating young people about the serious consequences of financial crime.
We continue to work closely with the fraud prevention industry and multiple sectors to stem the rising tide of fraud and financial crime.
Excerpt from:
Criminals ramp up social engineering and AI tactics to steal consumer details - Yahoo News UK