World's most popular travel blog for travel bloggers.

IoT devices are diverse in their architecture and its use cases can scale from single device deployment to massive cross-platform deployment. There are various types of communication protocols that allow communication between these devices. Some of the protocols are given below.

IPv4

Internet Protocol is a network layer protocol version 4 used to provide addresses to hosts in a
network. It is a widely used communication protocol for different kinds of networks. It is a
connectionless protocol that makes use of packet switching technology. It is used to give a 32 bit
address to a host. It is divided into five classes – A, B, C, D, and E. It can provide upto 4.3
billion addresses only which is not sufficient for an IoT device. It allows data to be encrypted but
does not limit access to data hosted on the network.

IPV6

As the total number of addresses provided by IPv4 are not sufficient specially for IoT devices,
Internet protocol version 6 or IPv6 is introduced. It is an upgraded version of IPv4. It uses 128
bits to address a host hence anticipates future growth and provides relief from shortage of
network addresses. It gives better performance than IPv4. It also ensures privacy and data
integrity. It is automatically configured and has built-in support for authentication.

MQTT

Message queuing telemetry transport (MQTT) is a widely used light-weight messaging protocol
based on subscription. It is used in conjunction with TCP/IP protocol. It is designed for battery
powered devices. Its model is based on Subscriber, Publisher and Broker. Publishers are light
weight sensors and subscribers are applications which will receive data from publishers.
Subscribers need to subscribe to a topic. Messages updated in a topic are distributed by brokers.
Publisher collects the data and sends it to the subscriber through a broker. Broker after receiving
messages, filtering and making decisions, sends messages to the subscribers. Brokers also ensure
security by authorizing subscribers and publishers.

CoAP

Constrained Application Protocol (CoAP) is a web transfer protocol used to translate the HTTP
model so as to be used with restrictive devices and network environments. It is used for low
powered devices. It allows low power sensors to interact with RESTful services. It makes use of
UDP for establishing communication between endpoints. It allows data to be transmitted to
multiple hosts using low bandwidth.

XMPP

Extensible messaging and presence protocol (XMPP) enables real time exchange of extensible
data between network entities. It is a communication protocol based on XML i.e. extensible
markup language. It is an open standard hence anyone can implement these services. It also
supports M2M communication across a variety of networks. It can be used for instant
messaging, multi-party chat, video calls, etc.

AMQP

Advanced message queuing protocol i.e AMQP is an application layer message oriented
protocol. It is open standard, efficient, multi-channel, portable and secure. This is fast and also
guarantees delivery along with acknowledgement of received messages. It can be used for both
point-to-point and publish-subscribe messaging. It is used for messaging in client-server
environments. It also supports a multi-client environment and helps servers to handle requests
faster

Dynamic diagrams or behavioral diagrams depict the dynamic and moving parts of the system. The main behavioral elements depicted in the dynamic UML diagram are object state, control flow, interaction, state machines and

such. The main dynamic UML diagrams are sequence diagram, activity diagram, state chart diagram, use case and collaboration diagram.

The sequence diagram models the behavior of a single use case or a single scenario. The sequence diagram visually depicts how each objects interact with each other. In the sequence diagram we have a time ordered messages
where vertical dimension represents the time axis and horizontal dimension represents the roles.

The activity diagram describes the business logic the business process and work flows. The activity diagram models the use case.

The state diagrams describe the systems behavior through state transitions. The state diagram depicts all possible states of an object when an event occurs.

Definition: vertex colouring of a graph G is an assignment of colours to vertices of G in such a way that no two adjacent vertices have the same colour. A graph is called k-vertex colourable if it has a vertex colouring of k colours. The minimum number of colours required to colour a graph G is called the vertex chromatic number of G, usually denoted as X (G).

A cycle C in a graph G is called a Hamiltonian cycle if it contains all the vertices of G. A graph is called Hamiltonian if it contains a Hamiltonian cycle. A graph is called non-Hamiltonian if it is not Hamiltonian.

 A graph G is called planar if it can be drawn on a plane in such a way that no two edges cross each other at any point except possibly at a common end vertex. Such a drawing is called a plane drawing

Definition: A k-edge colouring of a graph G is an assignment of k colours to the edges of G in such a way that no two edges incident with the same vertex have the same colour. A graph is k-edge colourable if it has a k-edge colouring. The minimum number of colours required to colour the edges of a graph is called the edge chromatic number of G, usually denoted by χ'(G).

  You might lose some data.

 You might lose some data.

 PCA fails when the mean and covariance are not enough to describe a dataset.

 We don't know how many major parts we need to keep track of, but in practice, we
follow some rules.

 Feature selection: During this approach, a subset of the complete set of variables is selected; as a result, the number of conditions that can be utilised to illustrate the issue is narrowed down. It's normally done in one of three ways:

o Filter method
o Wrapper method
o Embedded method

 Feature extraction: It takes data from a space with many dimensions and transforms it
into another environment with fewer dimensions.

  1. Feature selection: It is the process of selecting some attributes from a given collection of prospective features, and then discarding the rest of the attributes that were considered. The use of feature selection can be done for one of two reasons: either to get a limited number of characteristics in order to prevent overfitting or to avoid having features that are redundant or irrelevant. For data scientists, the ability to pick features is a vital asset. It is essential to the success of the machine learning algorithm that you have a solid understanding of how to choose the most relevant features to analyze. Features that are irrelevant, redundant, or noisy can contaminate an algorithm, which can have a detrimental impact on the learning performance, accuracy, and computing cost. The importance of feature selection is only going to increase as the size and complexity of the typical dataset continues to balloon at an exponential rate.

2. Feature Selection Methods: Feature selection methods can be divided into two categories: supervised, which are appropriate for use with labelled data, and unsupervised, which are appropriate for use with unlabeled data. Filter methods, wrapper methods, embedding methods, and hybrid methods are the four categories that unsupervised approaches fall under.

● Filter methods: Filter methods choose features based on statistics instead of how well they perform in feature selection cross-validation. Using a chosen metric, irrelevant attributes are found and recursive feature selection is done. Filter methods can be either univariate, in which an ordered ranking list of features is made to help choose the final subset of features, or multivariate, in which the relevance of all the features as a whole is evaluated to find features that are redundant or not important.

 Wrapper methods: Wrapper feature selection methods look at the choice of a set of features as a search problem. Their quality is judged by preparing, evaluating, and comparing a set of features to other sets of features. This method makes it easier to find possible interactions between variables. Wrapper methods focus on subsets of features that will help improve the quality of the results from the clustering algorithm used for the selection. Popular examples are Boruta feature selection and Forward feature selection.

● Embedded methods: Embedded feature selection approaches incorporate the feature selection machine learning algorithm as an integral component of the learning process. This allows for simultaneous classification and feature selection to take place within the method. Careful consideration is given to the extraction of the characteristics that will make the greatest contribution to each iteration of the process of training the model. A few examples of common embedded approaches are the LASSO feature selection algorithm, the random forest feature selection algorithm, and the decision tree feature selection algorithm.

 

  • Efficient than Apriori algorithm
  • No candidate itemset generation
  • Only two passes over the transaction set
  •  

  • Create Frequent Pattern Tree, or FP-tree by compressing the transaction database. Along with
    preserving the information about the itemset, the tree structure also retains the association
    among the itemset.
  • Divide the transaction database into a set of conditional databases. where each associated with
    one frequent item or “pattern fragment,” and examines each database separately.
  • For each “pattern fragment,” examine its associated itemset only. Therefore, this approach
    may substantially reduce the size of the itemset to be searched, along with examining the
    “growth
  • In machine learning, association rules are one of the important concepts that is widely applied in problems like market basket analysis. Consider a supermarket, where all the related items such as grocery items, dairy items, cosmetics, stationary items etc are kept together in same aisle. This helps the customers to find their required items timely. This further helps them to remember the items to purchase they might have forgotten or to they may like to purchase if suggested. Association rules thus enable one to corelate among various products from a huge set of available items. Analysing the items customer buy together also helps the retailers to identify the items they can offer on discount. For example, retailer selling baby lotion and baby shampoo on MRP, but offering a discount on their combination. Customer who wished to buy only shampoo or only lotion, may now think of buying the combination. Other factors too can contribute to the purchase of combination of products. Another strategy can keep related products on the opposite ends of the shelf to prompt the customer to scan through the entire shelf hoping that he might add a few more items to his cart.

    It is important to note that the association rules do not extract the customer’s preference about the
    items but find the relations among the items that are generally bought together by them. The rules
    only identify the frequent associations between the items. The rules work with an antecedent (if)
    and a consequent (then), both connecting to the set of items. For example, if a person buys pizza,
    then he may buy a cold drink too. This is because there is a strong relation between pizza and cold
    drink. Association rules help to find the dependency of one item on other by consider the history
    of customer’s transaction patterns.

    Basic Concepts

    There are few terms that one should understand before understanding the algorithm.

    a. k-Itemset: It is a set of kitems. For example, 2-itemset can be {pencil, eraser} or {bread, butter}
    etc., 3-itemset can be {bread, butter, milk}.

    b. Support: Frequency of appearance of an item appears in all the considered transactions is called
    as the support of an item. Mathematically, support of an item x is defined as:

    𝑠𝑢𝑝𝑝𝑜𝑟𝑡(𝑥) = 𝑁𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑡𝑟𝑎𝑛𝑠𝑎𝑐𝑡𝑖𝑜𝑛𝑠 𝑐𝑜𝑛𝑡𝑎𝑖𝑛𝑖𝑛𝑔 𝑥 / 𝑇𝑜𝑡𝑎𝑙 𝑛𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑐𝑜𝑛𝑠𝑖𝑑𝑒𝑟𝑒𝑑 𝑡𝑟𝑎𝑛𝑠𝑐𝑡𝑖𝑜𝑛

    c. Confidence: Confidence is defined as the likelihood of obtaining item y along with an item x.
    Mathematically, it is defined as the ratio of frequency of transactions containing items x and y to
    the frequency of transactions that contained item x.
    𝑐𝑜𝑛𝑓𝑖𝑑𝑒𝑛𝑐𝑒(𝑦) = 𝑁𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑡𝑟𝑎𝑛𝑠𝑎𝑐𝑡𝑖𝑜𝑛𝑠 𝑐𝑜𝑛𝑡𝑎𝑖𝑛𝑖𝑛𝑔 𝑥 𝑎𝑛𝑑 𝑦 / 𝑁𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑐𝑜𝑛𝑠𝑖𝑑𝑒𝑟𝑒𝑑 𝑐𝑜𝑛𝑡𝑎𝑖𝑛𝑖𝑛𝑔

    Confidence can also be defined as probability of occurrence of y, given probability of
    occurrence of x.
    𝑐𝑜𝑛𝑓𝑖𝑑𝑒𝑛𝑐𝑒(𝑥 => 𝑦) = 𝑃(𝑦/𝑥)

    where x is antecedent, and y is a consequent. In terms of support, confidence can be described
    as:
    𝑐𝑜𝑛𝑓𝑖𝑑𝑒𝑛𝑐𝑒(𝑦) = 𝑠𝑢𝑝𝑝𝑜𝑟𝑡 (𝑥 ∪ 𝑦) / 𝑠𝑢𝑝𝑝𝑜𝑟𝑡(𝑥)

    d. Frequent Itemset: An item whose support is at least the minimum support threshold is known
    as a frequent itemset. For example, let minimum support threshold is 10, then an item set with
    support score 11 is a frequent itemset but an item set with support score 9 is not.

    Treasury risk management may be best defined as overseeing a company’s working capital, which includes making strategic plans on the best ways to keep the enterprise solvent. This involves monitoring funds to maintain liquidity, and lowering the organization’s financial and operational risks. A few of the main focus areas of treasury operations are as follows:

    1) Cash Flow-Receipts and Disbursements: Accelerating the collection of cash receipts and mobilization/consolidation of cash, improving effectiveness of lockboxes; cheque clearing, credit card payments, wire transfer systems, and electronic commerce initiatives to optimize cash utilization. Design and operate effective and control oriented payment and disbursement systems.

    2) Bank and Financial Institution Relations: Assess global banking and financial institutions relationships among themselves as well as with domestic ones and identify ways to maximize the value of these relationships. Enhance the value received from banking and financial products and implement more efficient processes and account structures to strengthen global cash and treasury risk management. Review capital structure and financing arrangements to maximize the utilization of financial resources and minimize their cost.

    3) Cash Management Controls: Assess and improve controls to minimize exposure to fraud and other such risks. This also strengthens and supports internal control initiatives.

    4) Cash Forecasting and Information Reporting: Improve the reliability, accuracy and timeliness of data from domestic and international cash forecasting models and processes; and improve the effectives of treasury information reporting.

    5) International Cash Management: Optimize global cash and treasury risk Management by improving Foreign Exchange (FX) management system.

    6) FX and Interest Rate Management: Evaluate foreign exchange and interest rate practices and strategy to identify measure, manage and monitor these activities. Also, assess opportunities for improvement.

    The two main focus areas of treasury operations are:

    (i) Fund management, and
    (ii) Financial risk management. The former includes cash management and asset liability mix. Financial risk management includes forex and interest rate management apart from managing equity and commodity prices and mitigating risks associated with them.

    Once the cash budget has been prepared and appropriate net cash flows established the finance manager should ensure that there does not exist a significant deviation between projected and actual cash flows. The finance manager should expedite cash collection and control cash disbursement. There are two types of floats, which would require the attention of finance managers.

    1) Collection Float: Collection float refers to the gap between the times, payment is made by the customer/debtor and the time when funds are available for use in the company’s bank account. In simple words it is the amount tied up in cheques and drafts that have been sent by the customers, but has not yet been converted into cash. The reasons for this type of collection float are:

    The time taken in postal transmission
     The time taken to process cheques and drafts by the company, and
     The time taken by banks to clear the cheques.

    To reduce this float companies can use various techniques, which are as follows:

    a) Concentration Banking: When the customers of the company are spread over wide geographical areas then instead of a single collection center the company opens collection centers at the regional level. The customers are instructed to
    remit payments to their specific regional centers. These regional centers will open bank accounts with the branches of banks where it has collection potential. These branches will telegraphically or electronically transfer the collected amount to the Head Office bank account. This system accelerates cash inflows.

    b) Lock Box System: In this system, the customers are advised to mail their payments to a post office box hired by the firm for collection purposes near their area. The payments are collected by local banks who are authorized to do so. They credit the payments quickly and report the transaction to the head office.

    c) Zero Balance Account: In this type of account any excess cash is used to buy marketable securities. Excess cash is the balance remaining after the cheques presented against this account are cleared. In case of shortage of cash
    marketable securities are sold to replenish cash.

    d) Electronic Fund Transfer: Through electronic fund transfer the collection float can be completely eliminated the other benefit of electronic fund transfer is instant updation of accounts and reporting of balances as and when required without any delay.

    2) Payment Float: Cheques issued but not paid by the bank at any particular time is called payment float. Companies can make use of payment float, by issuing cheques, even if it means as per books of account an overdraft beyond permissible bank limits. The company should be very careful in playing this float in view of stringent provisions regarding the dishonoring of cheques, loss of reputation etc.

    The demand for working capital fluctuates as per the level of production, inventory, debtor’s, creditors etc. The working capital requirements are not uniform throughout the year due to the seasonality of the product being manufactured and business cycles. Apart from this, the working capital requirement would also depend upon the demand of the product and demand-supply situation of the raw material. Interplay of all these variables would determine the need for working capital at any point of time.

    In situations where the working capital requirement is reduced, it results in excess cash. This excess cash may be needed when the demand picks up. The firms may hold this excess cash as buffer to meet unpredictable financial needs. Since this excess cash does not earn any return the firms may invest this cash balance in marketable securities and other investment avenues.

    Since this excess cash balance is available only for a short period of time, it should be invested in highly safe and liquid securities. The three basic features - safety, maturity and marketability should be kept in mind while making investment decisions regarding temporary surplus cash. Here safety implies that the default risk (viz., payment of interest and principal amount on maturity) should be minimum. Since the prices of long-term securities are more sensitive to interest rate changes as compared to short-term securities the firms should invest in securities of short-term maturity.
    Marketability refers to convenience, speed and transaction cost with which a security or an investment can be converted into cash.

    Types of Short Term Investment Opportunities

    The following short-term investment opportunities are available to companies in India
    to invest their temporary surplus cash.

    a) Treasury Bills: Treasury Bills are short-term government securities, they are sold at a discount to their face value and redeemed at par on maturity. They are highly liquid instruments and the default risk is negligible.

    b) Commercial Papers: Commercial papers are short term, unsecured securities issued by highly creditworthy and large companies. The maturity of these instruments ranges from 15 days to one year. These instruments are marketable
    hence they are liquid instruments.

    c) Certificate of Deposits: Certificate of Deposits are papers issued by banks acknowledging fixed deposits for a specified period of time, they are negotiable instruments, this makes them liquid.

    d) Bank Deposits: Firms can deposit excess/surplus cash in a bank for a period of time. The interest rate will depend upon the maturity period. This is also a liquid instrument in the sense that, in case of premature withdrawal only a part of interest earned has to be foregone.

    e) Inter-corporate Deposit: Companies having surplus cash can deposit its funds in a sister or associate company or to other companies with high credit standing.

    f) Money Market Mutual Funds: Money market mutual funds invest in short term marketable securities. These instruments have a minimum lock in period of 30 days and returns are usually two percent above that of bank deposits with the same maturity.

     The Motives for Holding Cash is simple, the cash inflows and outflows are not well synchronized, and i.e. sometimes the cash inflows are more than the cash outflows while at other times the cash outflows could be more. Hence, the cash is held by the firms to meet the certain as well as uncertain situations. The firm’s need to hold cash may be attributed to the three motives. Let us discuss these motives in details:

     The transaction motive
     The precautionary motive
     The speculative motive.

    Transaction Motive: The transaction motive requires a firm to hold cash to conduct its business in the ordinary course and pay for operating activities like purchases, wages and salaries, other operating expenses, taxes, dividends, payments for utilities etc. The basic reason for holding cash is non-synchronization between cash inflows and cash outflows. Firms usually do not hold large amounts of cash, instead the cash is invested in market securities whose maturity corresponds with some anticipated payments. Transaction motive mainly refers to holding cash to meet anticipated payments whose timing is not perfectly matched with cash inflows.

    Precautionary Motive: The precautionary motive is the need to hold cash to meet uncertainties and emergencies. The quantum of cash held for precautionary objective is influenced by the degree of predictability of cash flows. In case cash flows can be accurately estimated the cash held for precautionary motive would be fairly low. Another factor which influences the quantum of cash to be maintained for this motive is, the firm’s ability to borrow at short notice. Precautionary balances are usually kept in the form of cash and marketable securities. The cash kept for precautionary motive does not earn any return, therefore, the firms should invest this cash in highly liquid and low risk marketable securities in order to earn some returns.

    Speculative Motive: The speculative motive refers to holding of cash for investing in profit making opportunities as and when they arise. These kinds of opportunities are usually prevalent in businesses where the prices are volatile and sensitive to changes in the demand and supply conditions.

    The twin objectives of inventory management are operational and financial. The operational objective means that the materials and spares would be available in sufficient quantity on time so that work is not disrupted for want of inventory. The financial objective means that investment in inventories should not remain idle and minimum amount of capital should be locked in inventories. The objectives of inventory management are summarized as follows:

    Operating Objectives

    1) to ensure continuous supply of materials
    2) to ensure uninterrupted production
    3)
    to minimize risks and losses
    4)
    to ensure better customer service
    5)
    to avoiding stock out danger.

    Financial Objectives

    1) to minimize investment
    2) to minimize inventory related costs and
    3) to ensure economy in purchasing

    Factors Affecting Level of Inventory

    As stated in the previous sections the firm should maintain its inventory at reasonable
    level. The quantum of inventory depends upon several factors, some of the important
    factors are mentioned below:

     Nature of Business
     Inventory Turnover
     Nature and Type of Product
     Market Structure
     Economies of Production
     Inventory Costs
     Financial Position
     Period of Operating Cycle
     Attitude of Management

    The HttpServletRequest interface captures the functionality for a request object that is passed to a HTTP servlet. It provides access to an input stream and allows the servlet to read data from the client. The HttpServletRequest interface extends the ServletRequest interface.

    public interface HttpServletRequest extends ServletRequest

    The servlet container creates an HttpServletRequest object and passes it as an
    argument to the servlet's service methods (doGet, doPost etc). The HttpServletRequest
    interface has many methods. Some of the commonly used methods of HttpServletRequest are:

    1. getParameter()
      It returns the value associated with a parameter sent to the servlet as a part of a
      GET or POST request. The name argument represents the parameter name.
      public String getParameter(String name)
    1. getQueryString()
      It returns the query string that is contained in the request URL if any. This
      method returns null if the URL does not have a query string. A query string is
      defined as any information following a ? character in the URL.

    public String getQueryString()

    1. getCookies()
      The getCookies() method returns an array of Cookie objects found in the client request. This method does not take any parameters and throws no exceptions. Cookies are used to uniquely identify clients to servlet. In case of no cookies in the request, an empty array is returned.

    public Cookie[] getCookies()

    1. getHeader()
      It returns the value of the specified request header as a String. In case if the request did not include a header of the specified name, this method will return null. If there are multiple headers with the same name, this method returns the
      first header in the request. The header name is case insensitive.
      public String getHeader(String name)

    5. getMethod
    It returns the name of the HTTP method used to make the request. Typical return
    values are ‘GET’, ‘POST’, or ‘PUT’
    public String getMethod()

    1. getSession()
      It returns the current session associated with the request or if the request does not
      have a session, creates one.

    public HttpSession getSession(boolean create)
    public HttpSession getSession()

    The javax.servlet.http package contains a number of classes and interfaces that are used to create HTTP protocol-specific Servlets. The abstract class HttpServlet is a base class for user defined HTTP Servlets which provide methods. The basic methods such as doGet and doPost are for handling HTTP-specific services. When you are developing your own servlets then you can use HttpServlet class which is extended from GenericServlet.

    public abstract class HttpServlet

    Unlike with GenericServlet, when you extend HttpServlet, you can skip implement
    ing the service() method. The HttpServlet class has already implemented the service()
    method. The following are the prototype of the service() method:

    protected void service(HttpServletRequest req, HttpServletResponse res)
    throws ServletException, IOException

    When the HttpServlet.service() method is invoked, it first reads the method type
    stored in the request, and on that basis it determines the method to be invoked. For
    example if the method type is GET, it will call doGet() method, and if the method
    type is POST, it will call doPost() method. These methods have the same parameter as
    the service() method.

    There are many interfaces in javax.servlet.http package but the three important
    interfaces HttpServletRequest, HttpServletResponse and HttpSession are described
    below:

    The Java Serializable interface (java.io.Serializable) is a marker interface. It means that it contains no methods. Therefore, a class implementing Serializable does not have to implement any specific methods.

    An object of ServletConfig is created by the servlet container for each servlet. This object is used to pass configuration related information to a servlet during start up. The getServletConfig() method is used to return the object of ServletConfig. It contains name/value pairs of initialization parameters for the servlet. It defines four methods such as getServletContext(), getServletName(), getInitParameter() and getInitParameterNames() for accessing this information.

    All servlets must implement the Servlet interface either directly or indirectly. Java servlets class does not have a main() method, so all servlets must implement the javax.servlet.Servlet interface. It defines five methods, including three life-cycle methods. You may read the life-cycle methods such as init(), service() and destroy() in the subsequent section 2.5 and other two methods are getServletConfig() and getServletInfo().

     Structure of a state space:

    The structures of state space are trees and graphs. A tree has one and only one path from any
    point to any other point. Graph consists of a set of nodes (vertices) and a set of edges (arcs). Arcs
    establish relationship (connections) between the nodes, i.e., a graph has several paths to a given
    node. Operators are directed arcs between nodes.

    The method of solving problem through AI involves the process of defining the search space,
    deciding start and goal states and then finding the path from start state to goal state through
    search space.

    Search process explores the state space. In the worst case, the search explores all possible paths
    between the initial state and the goal state.

    Problem Solution:

    In a state space, a solution is a path from the initial state to a goal state or sometime just a goal
    state. A numeric cost is assigned to each path. It also gives the cost of applying the operators to
    the states. A path cost function is used to measure the quality of solution and out of all possible
    solutions, an optimal solution has the lowest path cost. The importance of cost depends on the
    problem and the type of solution asked.

    Problem formulation:

    Many problems can be represented as state space. The state space of a problem includes: an
    initial state, one or more goal state, set of state transition operator (or a set of production rules),
    used to change the current state to another state. This is also known as actions. A control
    strategy is used that specifies the order in which the rules will be applied. For example, Depthfirst search (DFS), Breath-first search (BFS) etc. It helps to find the goal state or a path to the
    goal state.

    In general, a state space is represented by 4 tuples as follows:𝑺𝒔
    : [𝑺, 𝒔𝟎, 𝑶,𝑮]

    Where S: Set of all possible states.
    𝒔𝟎: start state (initial configuration) of the problem, 𝑠଴ ∈ 𝑆 .
    O: Set of production rules (or set of state transition operator)
    used to change the state from one state to another. It is the set
    of arcs (or links) between nodes.

    The production rule is represented in the form of a pair. Each pair consists of a left side that
    determines the applicability of the rule and a right side that describes the action to be performed,
    if the rule is applied.

    G: Set of Goal state, 𝐺 ∈ 𝑆.

     Step 1: (α_1-> (α_2 ∨α_3)) (Premise)

    Step 2: α_1(Assumed Premise)

    Step 3: α_2 ∨α_3 (Modus Ponens, Step 1, 2)

    Step 4: α_2 -> ~α_1 (Premise)

    Step 5: ~α_2 (Modus Tollens, Step 2, step 4)

    Step 6: α_3 (Disjunctive Syllogism, Step 1, 2, 4)

    Step 7: α_4-> ~α_3 (Premise)

    Step 8: ~α_4 (Modus Tollens, Step 1, 2, 4, 7)

    Step 9: α_1 -> ~α_4 (Step 2, 4)

    Hence proved

     1 - Modus Ponens (MP)

    It states that if the propositions A → B and A are true, then B is also true.
    Modus Ponens is also referred to as the implication elimination because it
    eliminates the implication A → B and results in only the proposition B. It also
    affirms the truthfulness of antecedent. It is written as:

    α_1 → α_2, α_1 =>α_2

    2 - Modus Tollens (MT)
    It states that if A → B and ¬ B are true then ¬ A is also true. Modus Tollens is
    also referred to as denying the consequent as it denies the truthfulness of the
    consequent. The rule is expressed as:

    α_1 → α_2, ~α_2 =>~α_1

    3 - Disjunctive Syllogism (DS)
    Disjunctive Syllogism affirms the truthfulness of the other proposition if one of
    the propositions in a disjunction is false.

    Rule 1:α_1 ∨α_2, ~α_1=>α_2
    Rule 2:α_1 ∨α_2, ~α_2 =>α_1

    4 - Addition
    The rule states that if a proposition is true, then its disjunction with any other
    proposition is also true.


    Rule 1:α_1=>α_1∨α_2
    Rule 2:α_2=>α_1 ∨α_2

    5 - Simplification
    Simplification means that if we have a conjunction, then both the constituent
    propositions are also true.

    Rule 1:α_1 ∧α_2 =>α_1
    Rule 2:α_1 ∧α_2 =>α_2

    6 - Conjunction
    Conjunction states if two propositions are true, then their conjunction is also
    true. It is written as:

    α_1, α_2 =>α_1 ∧α_2

    7 - Hypothetical Syllogism (HS)
    The rule says that the conclusion α_1 → α_3 is true, whenever conditional
    statements α_1 → α_2 and α_2 → α_3hold the truth values. This rules also
    shows the transitive nature of implication operator.

    α_1 → α_2, α_2 → α_3 =>α_1 → α_3

    8 - Absorption
    The rule states that if the literal α_1 conditionally implies another literal α_2
    i.e.,α_1 → α_2 is true, then α_1 → (α_1 ∧α_2) also holds.

    α_1 → α_2 =>α_1 → (α_1 ∧α_2)

    9 - Constructive Dilemma (CD)
    According to the rule, if proposition (α_1 ∨α_3) and proposition ((α_1 → α_2)
    ∧ (α_3 → α_4))have true values, then the well-formed formula (α_2 ∨α_4) also
    holds true value.


    (α_1 ∨α_3 ), (α_1 → α_2) ∧ (α_3 → α_4) =>α_2 ∨α_4

     Logical connectives are the operators used to join two or more atomic propositions (operands). The joining should be done in a way that the logic and truth value of the obtained compound proposition is dependent on the input atomic propositions and the connective used.

    1. Conjunction
      A proposition “A ∧ B” with connective ∧ is known as conjunction of A and B. It
      is a proposition (or operation) which is true only when both the constituent
      propositions are true. Even if one of the input propositions is false then the
      output is also false. It is also referred to as AND-ing the propositions. Example:
      Ram is a playful boy and he loves to play football. It can be written as:

    A = Ram is a playful boy.
    B = Ram loves to play football.
    A ∧ B = Ram is a playful boy and he loves to play football.

    2. Disjunction
    A proposition “A ∨ B”with connective ∨ is known as disjunction of A and B. It
    is a proposition (or operation) which is true when at least one of the constituent
    propositions are true. The output is false only when both the input propositions
    are false. It is also referred to as OR-ing the propositions. Example:
    I will go to her house or she will come to my house. It can be written as:

    A = I will go to her house.
    B = She will come to my house.
    A ∨ B = I will go to her house or she will come to my house.

    3. Negation
    The proposition ¬ A (or ~A) with ¬ (or ~) connective is known as negation of
    A. The purpose of negation is to negate the logic of given proposition. If A is
    true, its negation will be false, and if A is false, its negation will be true.


    Example:
    University is closed. It can be written as:
    A = University is closed.
    ¬ A = University is not closed.

    4. Implication
    The proposition A → B with → connective is known as A implies B. It is also
    called if-then proposition. Here, the second proposition is a logical consequence
    of the first proposition. For example, “If Mary scores good in examinations, I
    will buy a mobile phone for her”. In this case, it means that if Mary scores
    good, she will definitely get the mobile phone but it doesn’t mean that if she
    performs bad, she won’t get the mobile phone. In set notation, we can also say
    that A ⊆ B i.e., if something exists in the set A, then it necessarily exists in the
    set B. Another example:

    If you score above 90%, you will get a mobile phone.
    A = You score above 90%.
    B = You will get a mobile phone.
    A → B = If you score above 90%, you will get a mobile phone.

    5. Bi-conditional
    A proposition A ⟷ B with connective ⟷ is known as a biconditional or if-andonly-if proposition. It is true when both the atomic propositions are true or both
    are false. A classic example of biconditional is “A triangle is equivalent if and
    only if all its angles are60° each”. This statement means that if a triangle is an
    equivalent triangle, then all of its angles are 60° each. There is one more
    associated meaning with this statement which means that if all the interior
    angles of a triangle are of 60° each then it's an equivalent triangle. Example:
    You will succeed in life if and only if you work hard.

    A = You will succeed in life.
    B = You work hard.
    A ⟷ B = You will succeed in life if and only if you work hard.

     Ans : There are six principles of security management:-

    1. Availability- The continuous accessibility of systems tends to procedures, policies and controls which are used to ensure prompt access to data for authorized customers. This purpose secures against deliberate or inadvertent endeavours to refute legitimate costumers’ access to data.
    1. Integrity of data or systems- System and data integrity is linked to the procedures, policies and controls which are used to guarantee that data has not been modified in an unconstitutional way and that systems are liberated from illicit manipulation that would compromise precision, comprehensiveness and consistency.
    1. Confidentiality of data or systems- Confidentiality covers the procedures, policies and controls which are utilized to secure data of customers and the organization against illicit access or use.

    4. Accountability- Accountability incorporates the procedures, policies and controls essential to follow activities to their source. Accountability specifically underpins nonrepudiation, anticipation, infringement, deterrence, security checking, recuperation and legitimate tolerability of records.

    1. Assurance- Assurance addresses the procedures, strategies and controls which are used to create certainty that specialized and equipped security measures are working as anticipated.

    6. Privacy- It centers on the constitutional rights of people, the motivation behind data assortment and processing, security predilection and the manner in which organizations administer individual’s data. It focuses on how to gather, process, offer, document and erase the information/data as per the law.

      Access security- By restricting access of users who have been granted access to information, thereby results in monitoring who all have access to a particular data. Therefore, in cases of data theft, sifting through the timelines of access granted to users can be easier to track down the culprit.

     Data encryption- Data when kept unencrypted leads to misuse of personal data by cybercriminals. Therefore, data has to be encrypted by usage of unique encryption codes, so as to avoid leakage of vital information stored in databases. When data has been encrypted and only the user has access to such a data has the decryption code, results in prevention of data theft.

     Email security-It is a form of procedure to protect an email account and the contents on an email account from unauthorized access. Therefore, measures like strong email passwords, end-to-end encryption of emails or messages that are sent from one person to another result in prevention of misuse of data, as emails are a popular forum for hackers to spread malware, spam and phishing attacks. For example- end-to-end encryption used
    by WhatsApp.

     Risk-assessment analysis- Organizations have to take a proactive approach while dealing with information security concerns. The main of conducting a risk assessment is to identify the risks pertaining to information stored in an organizations system. By conducting risk assessment analysis, an organization can understand and assess internal and external risks to their security, confidentiality and personal information stored in various storage media like laptops and portable devices.

     Monitor effectiveness- It is critical for an organization to verify security programs established and to establish if such security programs manage cyber security measures implemented for safeguarding an organization’s information or data. This is done through regular tests and monitoring of information security programs annually or
    quarterly helps to assess the number of attacks made to an organizations data.

     Third party issues- Website’s play a major role while showcasing an organization’s success. Therefore, they implement third party tools to make their websites’ more interactive and user-friendly and offer smooth connectivity for user interaction. These third-party tools help in generating revenue for an organization’s website. Therefore, an
    organization has to undertake to ensure that all reasonable steps have been taken prior to giving access to third party service providers and that such third-party service providers apply the stringiest security measures.

     Strong firewall- Firewall of a system is part of such system’s cyber security measure. A firewall enables to protect a system from internet traffic and services it is exposed to. These services are accessed by everyone who uses an internet. Therefore, firewalls enable to control who gains access to an organization’s system like insider attacks which may originate from within a network used by an organization. Antiviruses are for files and firewalls are needed to protect from unauthorized access or usage of network. A firewall simply helps to control Internet traffic that is generated by using a network for work.

     Antivirus protection- An antivirus protection can be gained in the form of antivirus software. This software is a program designed to avoid, detect and deal with cyber security threats that an organization may face. The process of an antivirus is to run background scans on a system to detect and restrict unauthorized access in the forms of malware and to protect a system from vulnerabilities it may face. These solutions are extremely important for data security and must be installed on computer systems. These antivirus protections are available not only for laptops and computers but also for mobile devices and help to fight unwanted threats to files and data.

     Back-up regularly- A data security is meant for protecting information stored on a system from unauthorized access, destruction of such information and includes network security. Therefore, to avoid loss of data, data should be regularly be stored and kept somewhere safe where it cannot be accessed or violated by anyone. Further, the securing
    of such data helps in preventing accidental modification to data, theft of data, breach of confidentiality agreements and avoid release of data prior to its verification and authentication.

    In today’s day and age there is a host of new and evolving cyber security threats that has the information security industry on high alert. There is an increasingly more sophisticated cyber-attacks involving malware, phishing, cryptocurrency. Therefore, the data and assets of the corporations, governments and individuals are at constant risk.

    The information technology industry suffers from a severe shortage of cyber security
    professionals and due to the ever-evolving new technology being introduced periodically,
    there has been an exponential rise in cybercrime.

    The following cyber security threats are constantly growing and creating issues related to
    data privacy:

    i) Phishing attacks- These are carefully targeted digital messages transmitted to fool
    people into clicking on a link that can then install malware or expose sensitive data.
    Nowadays everyone is aware of the risks of email phishing or of clicking on
    suspicious-looking links, leading to hackers upping their ante by distributing fake
    messages with the hope that the recipients will unwittingly compromise their
    network system. Such attacks enable hackers to steal user logins, credit card
    credentials and other types of personal financial information, as well as gain access
    to private databases.

    ii) Ransomware attacks- Hackers deploy technologies that enable them to literally
    kidnap an individual or organization’s databases and hold all of the information for
    ransom. These types of attacks are believed to cost victims billions of dollars every
    year.

    iii) Cyber-physical attacks- The technology that has enabled to modernize and
    computerize critical infrastructure also brings risk. There is an ongoing threat of
    hacks targeting electrical grids, transportation systems, etc., which represent a
    major vulnerability.

    iv) State-sponsored attacks- Hackers look to make profit through stealing individual
    and corporate data. Now even nation states use cyber skills to infiltrate other
    governments and perform attacks on critical infrastructure. Cyber crime today is a
    major threat not only to the private sector and individuals but also towards the
    governments and nations as a whole.
    Many such attacks target government-run systems and infrastructure, but private
    sector organizations are also at risk.

     Database security is necessary in the following situations:

     Theft and fraud
     Loss of availability of data
     Loss of confidentiality
     Loss of data privacy
     Loss of data integrity

    The situations given above are the most likely to be exposed to date security threats and are
    required to be protected so that the chances of losses in this regard can be significantly
    reduced

    It is noteworthy that these situations often cause cumulative losses due to inter dependencies
    and hence a loss due to one situation can affect multiple areas in the same organization.

    The purpose of data protection (also known as information privacy and data privacy) is to
    define when and under what circumstances data can be safely put to use

    Data management
    The main aim of data management helps people and organizations for data to be used within
    the boundaries of policies and regulations for the maximum benefit of these organizations
    and businesses and therefore is very valuable as an intangible asset. Data management can be
    achieved by the practice of collection, keeping and usage of data in a secure, efficient and
    cost-efficient manner.

    Therefore, efficient ways and means are sought by various organizations for data
    management. The management of data is done through various platforms and include
    databases, data analysis and more such tools like Microsoft SQL server, Google cloud,
    Amazon web services, etc.

    1. Data management is the responsible stewardship of data throughout its lifecycle. There
      are five components to data management:
       Acquisition
       Utilization
       Maintenance
       Access

     Protection
    Effective data management requires appropriate acquisition, utilization, maintenance,
    access, and protection of data. Data management depends on
    information confidentiality and criticality.

     Digital security is a broader term which encompasses within itself protection of online identity data assets Technology with the use of various tools like software, Web Services, biometrics, firewalls, proxies, vulnerability scanner, instant message or telephone encryption tools etc. Digital security provides protection against cyber-attacks unauthorized access, online malicious activities etc.

    The 3 pillars of digital security are

    1. Confidentiality
    2. Integrity
    3. Availability

    The basic essence of these principles is that the information which is private should be shared
    with the least amount of people to keep it more secure, the information provided should not
    be modified or corrupted and lastly, that the information provided should work effectively
    and efficiently at all times.

    The OECD Recommendation and its companion documents were published in 2015 which
    provides guidance for all stakeholders on cyber security aspects. The Organization for
    Economic Cooperation and Development (OECD) helps in facilitating information, data and
    is progressing to eradicate poverty and inequality by bringing forefront solutions for the
    benefit of the world. The OECD Working Party on Security and Privacy in the Digital
    Economy (SPDE) develops public policy analysis and high-level recommendations to help
    governments and other stakeholders to ensure that digital security and privacy protection
    foster the development of the digital economy

    Digital Security: Pros

     It helps in protecting personal information stored in devices.

     Suspicious or unauthorized access to devices can be blocked through digital security
    and thus preventing possible harm.

     Security based on biometrics is capable of providing a higher degree of protection
    against attacks as it’s difficult to steal biometric information.

     Digital security enables oneself to fearlessly communicate, transact, work etc. in
    online mode.

     Protects the computer from crashing or slowing down and thus protects business,
    transactions, communication etc. happening over computer, network or system

     Digital security thus may help in fostering the economy of the State as it cuts down on
    many costs.

    Digital Security Cons

     Availing services or procuring tools for digital security can be a costly affair.
     Web services or tools may or may not be compatible with the device of the user.
     Digital security services or tools may be difficult to configure at times and needs to be
    updated regularly
     Services or tools may slow down functioning of user’s device or at times may
    intervene even normal functioning of another programmed

     Once the cash budget has been prepared and appropriate net cash flows established the

    finance manager should ensure that there does not exist a significant deviation
    between projected and actual cash flows. The finance manager should expedite cash
    collection and control cash disbursement. There are two types of floats, which would
    require the attention of finance managers.

    1) Collection Float: Collection float refers to the gap between the times, payment is
    made by the customer/debtor and the time when funds are available for use in the
    company’s bank account. In simple words it is the amount tied up in cheques and
    drafts that have been sent by the customers, but has not yet been converted into cash.
    The reasons for this type of collection float are:

     The time taken in postal transmission
     The time taken to process cheques and drafts by the company, and
     The time taken by banks to clear the cheques.

    a) Concentration Banking: When the customers of the company are spread over
    wide geographical areas then instead of a single collection center the company
    opens collection centers at the regional level. The customers are instructed to
    remit payments to their specific regional centers. These regional centers will
    open bank accounts with the branches of banks where it has collection potential.
    These branches will telegraphically or electronically transfer the collected
    amount to the Head Office bank account. This system accelerates cash inflows.

    b) Lock Box System: In this system, the customers are advised to mail their
    payments to a post office box hired by the firm for collection purposes near
    their area. The payments are collected by local banks who are authorised to do
    so. They credit the payments quickly and report the transaction to the head
    office.

    c) Zero Balance Account: In this type of account any excess cash is used to buy
    marketable securities. Excess cash is the balance remaining after the cheques
    presented against this account are cleared. In case of shortage of cash
    marketable securities are sold to replenish cash.

    d) Electronic Fund Transfer: Through electronic fund transfer the collection
    float can be completely eliminated the other benefit of electronic fund transfer is
    instant updation of accounts and reporting of balances as and when required
    without any delay.

    2) Payment Float: Cheques issued but not paid by the bank at any particular time is
    called payment float. Companies can make use of payment float, by issuing cheques,
    even if it means as per books of account an overdraft beyond permissible bank limits.
    The company should be very careful in playing this float in view of stringent
    provisions regarding the dishonoring of cheques, loss of reputation etc.

    The advent of management accounting was the next logical step in the developmental process. The practice of using accounting information as a direct aid to management is a phenomenon of the 20th century, particularly the last 30-40 years. The genesis of modern management, with its emphasis on detailed information on decision-making, provided a tremendous impetus to the development of management accounting.

    Management accounting is concerned with the preparation and presentation of
    accounting and controlling information in a form which assists management in the
    formulation of policies, and in decision-making on various matters connected with
    routine and/or non-routine operations of business enterprise. It is through the
    techniques of management accounting that managers are supplied with information
    that they need for achieving objectives for which they are accountable. Management
    accounting has, thus, shifted the focus of accounting from recording and analysing
    financial transactions, to using information for decisions affecting the future. In this
    sense, management accounting has a vital role to play in extending the horizons of
    modern business. While the reports emanating from financial accounting, specially for
    outsiders, are subject to the conceptual and legal framework of accounting, internal
    reportsroutine or non-routineare free from such constraints.

    Financial accounting dates from the development of large-scale business and the advent of the Joint Stock Company. This form of business which enables the public to participate in providing capital in return for shares in the assets and the profits of the company. This form of business organisation permits a limit to the liability of their members to the nominal values of their shares. This means that the liability of a shareholder for the financial debts of the company is limited to the amount he had agreed to pay on the shares he bought. He is not liable to make any further contribution in the event of company’s failure or liquidation. As a matter of fact, the law governing the operations (or functioning) of a company in any country (for instance, the Companies Act in India) gives a legal form to the doctrine of stewardship which requires that information be disclosed to the shareholders in the form of annual income statement and balance sheet such statements are generally known as annual financial statements.

    Briefly speaking, the income statement is a statement of profit and loss made during
    the year of the report; and the balance sheet indicates balances of the assets held by
    the firm and the monetary claims against the firm as on a particular date. The general
    unwillingness of the company directors to disclose more than the minimum
    information required by the law, and the growing public awareness have forced the
    governments in various countries of the world to extend the disclosure (of
    information) requirements.

    The importance attached to financial accounting statements can be traced to the need
    of the society to mobilise savings, and channel them with profitable investments.
    Investors, whether they are large or small, must be provided with reliable and
    sufficient information in order to be able to make sound investment decisions. This is
    the most significant social purpose of financial accounting.

    Carbon accounting is the practice of making scientifically robust and verifiable measurements of GHG emissions. Forests play an important role in the global carbon balance. Accounting for the carbon within forest ecosystems and changes in carbon stocks resulting from human activities is a necessary step towards the better representation of forests in climate change policy at regional, national and global scales. The main objective of carbon accounting is to identify the carbon-density of areas, providing information for low carbon impact land use planning. It prepares territories for accounting and reporting of emissions from the forestry sector. It allows comparison of the climate change impact of the forestry sector relative to other sectors, as well as allowing comparison between territories. Finally, it enables trade of project emission reductions on carbon markets and for emission reductions to be included in policy targets.

     Forensic Accounting is an art of investigation over accounting records, financial

    statements, and other related financial records. The result of the investigation is
    mostly used for legal support and resolving conflict. This job requires technical skills
    in accounting, investigation, and legal. These are what drive forensic accounting to
    become more attractive and highly paid. The investigation covers certain areas,
    including Fraud, crime, insurance claims, and disputes among shareholders. Forensic
    Accounting involves the following steps:

    i) Investigation: Forensic accountants typically begin an investigation and collect
    evidence when fraud suspicions already exist. Because of this, the data they
    look for when conducting an investigation include red flags and discrepancies
    that might indicate fraud has taken place. They may interview staff at an
    organization to gain more information and attempt to find the individual
    behind the fraud. Using the gathered information they begin to form a
    hypothesis as to what happened and create follow-up plans to continue to
    assess the business. Once this step reaches completion, the forensic accountant
    determines the next necessary action and relays this information to the
    company.

    ii) Reporting: Once forensic accounting professionals gather information/data and
    develop a case, they present a summary of their findings to necessary
    personnel. Using this information, these workers determine how the fraud
    occurred and who played a role. Then, the accountant determines how to
    handle the case and suggests steps the company should take next. In addition,
    they may recommend ways to prevent these incidents in the future by
    increasing/strengthening internal security and pointing out red flags.

    iii) Litigation: The final step of a forensic accountant’s process involves participation
    as an expert witness in the incident’s court case. The professional presents
    their findings as evidence in court and testifies against the offenders. They
    explain any evidence and interpret financial documents in understandable
    terms, presenting how they identified the subject. This means that the
    accountant must not only find evidence but also use rhetoric that makes sense
    to the court. Once this step reaches completion, the court determines the final
    decision for the situation. The forensic accountant plays an important role
    throughout this process.

     Dynamic Host Configuration Protocol (DHCP) is a network management protocol. For a network with large number of IP based systems (Systems assigned an IP address) it is almost impractical to assign IP addresses manually. To automate this process Dynamic Host Configuration protocol was designed. DHCP server dynamically assigns an IP address and other network configuration parameters (like: default gateway, subnet mask, DNS server IP etc) to each device on a network.

     Internet control message protocol (ICMP) is a network layer protocol. Since Internet Protocol(IP) does not have a built-in mechanism for sending error and control messages, a separate protocol namely: ICMP is used to support error control. It is responsible to report errors and management queries. ICMP is a implemented in the networks devices like routers for sending the error messages and operations information. e.g. host is unreachable. Another use of the ICMP is in congestion control in the network and flow control between sender and receiver by sending a request to decrease traffic rate. ICMP packet is also used in defining the TTL value of a path.

     Under some circumstances many of the times packets got stuck in loops in the network and consumes the bandwidth of the network unnecessarily. The size of this field is 8 bit. This field restricts packets to enter to live infinitely long time in the Internet. This value is in seconds, but time intervals less than 1 second are rounded up to 1. The value of this field is set to a number (known as maximum hop count limit). When the packet arrives at a router, the TTL field value is decrement by one. The packet is dropped by the router if it encounters TTL field value to be 0 (zero).

     As discussed on 3.3 which deal with security requirements, it has been stated that the concept

    of CIA is very important. Further, security threats are inventive according to the new
    information technology launched. These security threats constantly evolve and are harmful to
    an organization as they steal, harm or corrupt information stored in an organization’s system.
    An organization should arm themselves with resources to safeguard themselves from the
    ever-growing security threats. Therefore, the CIA triad though being a security model and
    guide for organizations to protect their sensitive data there are a few other data security
    considerations that one should be aware of:

     Access security- By restricting access of users who have been granted access to
    information, thereby results in monitoring who all have access to a particular data.
    Therefore, in cases of data theft, sifting through the timelines of access granted to users
    can be easier to track down the culprit.

    Data encryption- Data when kept unencrypted leads to misuse of personal data by
    cybercriminals. Therefore, data has to be encrypted by usage of unique encryption codes,
    so as to avoid leakage of vital information stored in databases. When data has been
    encrypted and only the user has access to such a data has the decryption code, results in
    prevention of data theft.

     Email security-It is a form of procedure to protect an email account and the contents on
    an email account from unauthorised access. Therefore, measures like strong email
    passwords, end-to-end encryption of emails or messages that are sent from one person to
    another result in prevention of misuse of data, as emails are a popular forum for hackers
    to spread malware, spam and phishing attacks. For example- end-to-end encryption used
    by WhatsApp.

     Risk-assessment analysis- Organizations have to take a proactive approach while
    dealing with information security concerns. The main of conducting a risk assessment is
    to identify the risks pertaining to information stored in an organizations system. By
    conducting risk assessment analysis, an organization can understand and assess internal
    and external risks to their security, confidentiality and personal information stored in
    various storage media like laptops and portable devices.

     Monitor effectiveness- It is critical for an organization to verify security programs
    established and to establish if such security programs manage cyber security measures
    implemented for safeguarding an organization’s information or data. This is done
    through regular tests and monitoring of information security programs annually or
    quarterly helps to assess the number of attacks made to an organizations data.

     Third party issues- Website’s play a major role while showcasing an organization’s
    success. Therefore, they implement third party tools to make their websites’ more
    interactive and user-friendly and offer smooth connectivity for user interaction. These
    third-party tools help in generating revenue for an organization’s website. Therefore, an
    organization has to undertake to ensure that all reasonable steps have been taken prior to
    giving access to third party service providers and that such third-party service providers
    apply the stringiest security measures.

     Strong firewall- Firewall of a system is part of such system’s cyber security measure. A
    firewall enables to protect a system from internet traffic and services it is exposed to.
    These services are accessed by everyone who uses an internet. Therefore, firewalls
    enable to control who gains access to an organization’s system like insider attacks which
    may originate from within a network used by an organization. Antiviruses are for files
    and firewalls are needed to protect from unauthorised access or usage of network. A
    firewall simply helps to control Internet traffic that is generated by using a network for
    work.

    Antivirus protection- An antivirus protection can be gained in the form of antivirus
    software. This software is a program designed to avoid, detect and deal with cyber security threats that an organization may face. The process of an antivirus is to run background scans on a system to detect and restrict unauthorized access in the forms of malware and to protect a system from vulnerabilities it may face. These solutions are extremely important for data security and must be installed on computer systems. These antivirus protections are available not only for laptops and computers but also for mobile devices and help to fight unwanted threats to files and data.

    Back-up regularly- A data security is meant for protecting information stored on a
    system from unauthorised access, destruction of such information and includes network
    security. Therefore, to avoid loss of data, data should be regularly be stored and kept
    somewhere safe where it cannot be accessed or violated by anyone. Further, the securing
    of such data helps in preventing accidental modification to data, theft of data, breach of
    confidentiality agreements and avoid release of data prior to its verification and
    authentication.

     Measurement is fundamental to any engineering discipline and software engineering

    is no exception. Software metric is a quantitative measure derived from the attribute
    of software development life cycle [Fanton and Kaposi, 1987]. It behaves as software
    measures.

    A software measure is a mapping from a set of objects in the software engineering
    world into a set of mathematical constructs such as numbers or vectors of numbers.
    Using the software metrics, software engineer measures software processes, and the
    requirements for that process. The software measures are done according to the
    following parameters:

     The objective of software and problems associated with current activities,
     The cost of software required for relevant planning relative to future projects,
     Testability and maintainability of various processes and products,
     Quality of software attributes like reliability, portability and maintainability,

     Utility of software product,
     User friendliness of a product.

    Various characteristics of software measures identified by Basili (1989) are given
    below:

     Objects of measurement: They indicate the products and processes to be
    measured.

     Source of measurement: It indicates who will measure the software. For
    example, software designer, software tester and software managers.

     Property of measurement: It indicates the attribute to be measured like cost of
    software, reliability, maintainability, size and portability.

    Context of measurement: It indicates the environments in which context the
    software measurements are applied.


    Common software measures

    There are significant numbers of software measures. The following are a few
    common software measures:

    Size : It indicates the magnitude of software system. It is most commonly used
    software measure. It is indicative measure of memory requirement, maintenance
    effort, and development time.

    LOC : It represents the number of lines of code (LOC). It is indicative measure of
    size oriented software measure. There is some standardisation on the methodology of
    counting of lines. In this, the blank lines and comments are excluded. The multiple
    statements present in a single line are considered as a single LOC. The lines
    containing program header and declarations are counted.

     The requirements gathering is an art. The person who gathers requirements should

    have knowledge of what and when to gather information and by what resources. The
    requirements are gathered regarding organization, which include information
    regarding its policies, objectives, and organization structure, regarding user staff. It
    includes the information regarding job function and their personal details, regarding
    the functions of the organization including information about work flow, work
    schedules and working procedure.

    The following four tools are primarily used for information gathering:

    1. Record review: A review of recorded documents of the organization is
      performed. Procedures, manuals, forms and books are reviewed to see format and
      functions of present system. The search time in this technique is more.

    1. On site observation: In case of real life systems, the actual site visit is performed
      to get a close look of system. It helps the analyst to detect the problems of existing
      system
    1. Interview: A personal interaction with staff is performed to identify their
      requirements. It requires experience of arranging the interview, setting the stage,
      avoiding arguments and evaluating the outcome.

    1. Questionnaire: It is an effective tool which requires less effort and produces a
      written document about requirements. It examines a large number of respondents
      simultaneously and gets customized answers. It gives person sufficient time to
      answer the queries and give correct answers.