My reflection and knowledge gained towards this module

After reading all the materials, I have realised how Software developers, Software Architects and Engineers have huge responsibilities to develop a safe software environment, to protect all the company’s sensitive data and the end-user (against himself and others). One mistake can trigger massive repercussions and negative consequences on the condition of the company. That is the reason why many organisations deal with standards, rules, and security of software e.g., OWASP, W3C, ISOC, OMG, …

OWASP provides some tools whose purposes are to try to prevent attacks, unauthorised access, and data damages. One of those tools is the OWASP Top10 security list. They release a list of the top 10 of the most critical security risks to web applications. One of them is the Broken authentications. It happens when the system allows a user to get into the web application without proper credentials. This attack is positioned number 2 in that list. One of the tools to avoid it is multi-factor authentication i.e., while login in, the system will ask you to enter an extra token sent to third-party software or another device.

It is impossible to be fully protected against all the threats around us. As more and more people are using the Internet, it is more likely to increase the risk of attacks. It is important to spread the knowledge among users to know how to protect themselves in an online environment.

Throughout this module, I have discovered a wide range of new materials regarding cybersecurity. e.g., broken authentication, Cross-Site Scripting, SQL injection, … More than ever, the security of individuals, as well as all connected devices, is paramount. Now, I Have a better understanding of all the threats around us. It made me realise how vital cybersecurity is and how it will become even more in the future.

Cybersecurity is a growing field that many companies must reconsider as everything is moving online at a tremendous speed. All the data, archives, personal information, industry information system are in great danger. The digital transformation drastically increased the risk of sensitive data exposure and data integrity to potential hackers.

Let's define it: "Cybersecurity is the practice of protecting computer systems, networks, devices, and programs from any type of cyber-attack." (Abi Tyas Tunggal, 2021) Nowadays, a company must have a cybersecurity program. If not, the organisation would not have enough protection against all the threats coming from the inside and/or outside the online world. Most of the protection focused on external threats, forgetting that might come from inside the organisation. According to a study conducted by Cybersecurity Insiders, Ninety per cent of organisations feel vulnerable to insider attacks, with 53 per cent of respondents saying they have experienced an insider attack within the last 12 months. (Cybersecurity Insiders, 2019)

Companies deploy many different strategies to prevent insiders attacks:

  • Organisations need to educate their employees to build security awareness with constant training, security updates and best practices.
  • Data encryption is another strategy that adds an extra protection layer when sharing data across networks.
  • Monitoring misbehaviours and misuses from partners, employees, vendors can be beneficial in a long term as the company can prevent and/or detect any possible attacks.
  • An organisation can also invest in tools that limit information loss and continuously scan for data leaks.
  • All software and devices should be fully cleaned, well maintained, and updated

The impact of cybercrime can be catastrophic for an organisation. The economic and reputational cost will affect the health and wealth of that organisation if it's not dealt with thoroughly.

Regarding the project we work on for this module, globally, the team spirit was dynamic and proactive. We all come from different backgrounds and have different levels of knowledge. We all contribute at our own pace to the realisation of the project. Every week, we scheduled an online meeting using the Zoom platform. We discussed what we are going to do, how we are planning to do it and who will do it. We also often debate if we didn't all agree. We all got along quickly. That helped us to work in a nice atmosphere. At the end of every meeting, we planned what needed to be ready for the next meeting. That way, we kept a good rhythm and workflow among the team.

It is important to keep my knowledge up to date to contribute in the most effective way to the realisation of a project. It motivates me to study even more. I would also be more transparent when I don’t understand a topic. Also, I would not be afraid to be judged by other team members. I found it beneficial to work as a group. We can learn from others’ experiences. This is what I have noticed from working in a team.

Activity Diagram for the ISS project

For my part of the project, I had to focus on the exercise features breakdown for the Astronauts. I have made some research about what kind of workouts the Astronauts perform while on ISS. Astronauts must exercise to maintain the body shape and the earth- condition level of their muscles. No gravity can reduce their overall body performance.

Astronauts on the station work out six out of seven days a week for 2.5 hours each day. The International Space Station is equipped with three machines designed to give astronauts that full-body workout: a bicycle, a treadmill, and a weightlifting machine called ARED, for Advanced Resistive Exercise Device.

Classes

  • Astronauts
  • Ground Staff
  • Exercises
  • Exercise_astronauts
  • Resources

Each astronaut will have a unique ID to keep track and record their performance on board while working out. There are 3 treadmills on ISS and a few other customised ISS equipment for body workout and weight workout. All the equipment has a built-in computer that is registered and connected to the main system. The ground staff has an overview of all the astronaut’s performance metrics. Accordingly, the system selects a suitable regime for the astronaut. (Every day, 3x a week, 2x a week) All the data is registered in the system and shared with the ground staff. Exercise_astronaut class represents all the data of the astronaut and his/her performance metrics. (shared with ground staff).

The system will also provide more oxygen and more water to the astronaut while is working out. The system controls the resources on the ISS. The diet of the astronaut is also monitored by the system/the ground staff and is directly influenced by his/her performance. At the end of the workout session, the astronaut enters how he/she feels (good,average,tired). Accordingly, the system will adapt to the next workout session.

States

There are 3 different regimes for astronauts (according to their metrics and body shape):

  • Everyday
  • 4x a week
  • 2x a week

There are 4 different levels of exercise complexity:

  • Challenging
  • Middle
  • Soft

After workout feelings:

  • Good
  • Average
  • Tired

Code Sample from the Astronaut's interface

class WorkState:
    """Workout interface for the astronaut"""
    def __init__(self, email):
        self.email = email

    def countdown(self, t):
        while t:
            mins, secs = divmod(t, 60)
            timer = '{:02d}:{:02d}'.format(mins, secs)
            print( '\r', timer, end='')
            sleep(1)
            t -= 1
        print('\nExercise completed!!')

    def run(self):
        print("--Physical Workout--")
        typeSelected = None
        height = input('What is your height (optional):\n-->' )
        weight = input('What is your weight (optional): \n-->')
        time = datetime.now()

        while typeSelected != True:
            cmd = input('Please select\n1. manuel workout selection\n2. automatic assigned workout\n--> ')
            if cmd == "back":
                return None

            if cmd == "1":
                while True:
                    optionEx = input("Select the workout for today ('bike', 'run' or 'ared' or type 'back' to end):   ")
                    if optionEx == "bike":
                        print(ex1["title"] + ":" + str(ex1["time"]) + " minutes")
                        print("Timer: ")
                        self.countdown(ex1["time"]//10)
                    elif optionEx == "run":
                        print(ex2["title"] + ":" + str(ex2["time"]) + " minutes")
                        print("Timer: ")
                        self.countdown(ex2["time"] // 10)
                    elif optionEx == "ared":
                        print(ex3["title"] + ":" + str(ex3["time"]) + " minutes")
                        print("Timer: ")
                        self.countdown(ex3["time"] // 10)
                    elif optionEx == "back":
                        #ServerAPI.createWorkout(height, weight, str(time), self.email)
                        break

            if cmd == "2":
                print("Your work out is going to be: " + currentWorkout)
                input("Press Enter to get started.")

                for ex in exs:
                    # ex = wk.exs
                    print(ex["title"] + ":" + str(ex["time"]) + " minutes")
                    print("Timer: ")
                    self.countdown(ex["time"] // 10)
                    # for e in ex:
                    #     print(e) #Implement a count down here
                    print("======")
                print("Well done!!!")
                #ServerAPI.createWorkout(height, weight, str(time), self.email)

            typeSelected = True