Ingeniería Solidaria <p><span class="tlid-translation translation" lang="en"><span class="" title="">is an international scientific journal whose objective is to disseminate the results of applied and sustainable research with social impact and commitment.</span> <span title="">It seeks to create networks within the scientific and academic community that promote the contributions of engineering to society.</span></span></p> en-US <p><a href="/_files/ingenieria_solidaria/CESSION_OF_RIG.doc" target="_blank" rel="noopener"><span lang="EN-US">Cession of rights and ethical commitment</span></a></p> <p><span lang="EN-US">As the author of the article, I declare that is an original unpublished work exclusively created by me, that it has not been submitted for simultaneous evaluation by another publication and that there is no impediment of any kind for concession of the rights provided for in this contract. </span></p> <p><span lang="EN-US">In this sense, I am committed to await the result of the evaluation by the journal <em>Ingeniería Solidaría </em>before considering its submission to another medium; in case the response by that publication is positive, additionally, I am committed to respond for any action involving claims, plagiarism or any other kind of claim that could be made by third parties.</span></p> <p><span lang="EN-US">At the same time, as the author or co-author, I declare that I am completely in agreement with the conditions presented in this work and that I cede all patrimonial rights, in other words, regarding reproduction, public communication, distribution, dissemination, transformation, making it available and all forms of exploitation of the work using any medium or procedure, during the term of the legal protection of the work and in every country in the world, to the Universidad Cooperativa de Colombia Press.</span></p> (Jeanette Rincón) (Adriana Silva) Wed, 15 May 2019 00:00:00 -0400 OJS 60 A Differential Cooperative Positioning Approach for Multi-Device Positioning Improvement <p>Introduction: This publication is the product of research developed within the research lines of the Advanced and Large-scale Computing (Cage) research group throughout 2018, which supports the work of a master’s degree in Systems Engineering at the Industrial University of Santander. Objetive: An approach to a cooperative positioning algorithm is described in this paper, where a set of devices exchange GPS satellite observables and distance estimations with nearby devices in order to increase their positioning accuracy. Methodology: Different scenarios are established where GPS receivers exchange satellite information, using different ionospheric correction models, with the purpose of evaluating which conditions potentially improve the position accuracy. Conclusions: The results show our approach yields increased accuracy when all receivers use the same ionospheric correction model. Moreover, it was observed that the noise levels and uncertainty usually due to factors related to distance from remote devices to the main receiver did not influence positioning improvement when the separation between receiver pairs was large. Originality: The proposed algorithm allows for exploitation of the nature of the problem without increasing complexity at the hardware and software level, and to offer a low-cost cooperative positioning solution alternative. Restrictions: The results presented in the document are based on the execution of the cooperative algorithm using Rinex files of gnss reference stations. So, for scenarios in which the separation distances between reference stations are very high, the error levels in cooperative positioning can be very large.</p> William Javier Trigos Guevara, Gabriel Pedraza Ferreira, Raúl Ramos Pollan Copyright (c) Mon, 27 May 2019 00:00:00 -0400 Using Reverse Engineering to Handle Malware <p>This paper is a product of the research Project “Cyber Security Architecture for Incident Management” developed in the Colombian School of Engineering Julio Garavito in the year 2018. Introduction: Reverse engineering involves deconstructing and extracting knowledge about objects. The use of reverse engineering in malware analysis is extremely useful in understanding the functionalities and purposes of a suspicious sample. Methods: This paper makes use of Radare which is one of the most popular open source tools for reverse engineering, with the aim of dealing with malware. Results: A use case related to hacking of anti-sandbox malware is presented, in such a way that it is possible to analyze the behavior of the sample using a sandbox. Additionally, another use case is presented, where an in-depth analysis of a malicious Android application aimed to the audience of a popular event (FIFA World Cup 2018) is developed, making it possible to demonstrate the relevance of reverse engineering techniques in end-user protection strategies. Conclusions: This paper shows how the results of a reverse engineering process can be integrated with Yara rules, allowing for the detection of malware on the fly, and it also shows an alternative to automatically generating Yara rules through the yarGen generator. Originality: Use of Open Source reversing solutions by Colombian Law Enforcement Agencies has not been discussed previously, making this paper a notable element toward the modernization of the Army. Limitation: Different approaches and perspectives about the limitations in the use of reverse engineering by Law Enforcement Agencies are also shared.</p> Carlos Andrés Sánchez Venegas, Camilo Aguado Bedoya, Daniel Orlando Díaz López, Juan Carlos Camilo García Ruíz Copyright (c) Mon, 27 May 2019 00:00:00 -0400 Design and Implementation of A Visible Light-Based Communications System <p>Introduction: The publication is the product of the research “Prototipo de un sistema de telecomunicaciones basado en luz visible”, carried out at Universidad del Valle in 2018. Objective: The objective of this work was to build a functional prototype of a telecommunications system based on visible light through which the study of the most relevant characteristics, elements and behaviors in relation to this technology could be made. Methodology: To study the behavior of the developed prototype, different tests were performed varying some of the variables present in this type of telecommunications system. In addition, the developed prototype was tested in simplex and halfduplex modes. Conclusions: The results obtained when developing this work demonstrated the main characteristics of the prototype, its limitations, as well as the elements and variables that govern the most important aspects of its design. Originality: The presented design proposes the development of a low cost prototype, capable of obtaining the data to be sent through the connection to other devices through different communication peripherals or using the ADC present in the processing device used. Restrictions: Due to the reception elements used in the prototype there is a significant limitation on the maximum achievable transmission rate. In addition, it is important to mention that the conditions in which the prototype is deployed can affect its behavior, for example, elements that impede the line of sight between the telecommunications modules can stop the transmission.</p> Sebastian Caballero Barragan, Fabio G. Guerrero Copyright (c) Mon, 27 May 2019 00:00:00 -0400 Software to build network frames, with GUI, CLI and programming library <p><strong>Introduction: </strong>This publication is the product of a research project named “Design and implementation of a software to build network frames with CLI, GUI interface and programming library” of the Corporación Politécnico de la Costa Atlántica in Barranquilla, Colombia between the year 2016 and 2018. A piece of software with multiplatform capability, GUI, CLI and programming library was developed. The software allows for the intuitive construction of network frames, speeding up construction times, thus facilitating practical learning of the concept of encapsulation networking.</p> <p><strong>Objective:</strong> The research aims to build a multiplatform computing solution, with a GUI, CLI and programming library, in order to build network frames intuitively.</p> <p><strong>Methodology:</strong> The scope of the project is descriptive, since the development includes the analysis and implementation of the software and its components; as well as functional tests.</p> <p><strong>Results:</strong> The software was built according to the phases proposed in the methodology. A high percentage of students obtained average scores in the evaluation carried out on frames, packages and segments.</p> <p><strong>Conclusion:</strong> The results demonstrate the need to apply a new teaching methodology based on the elaboration of frames, to improve the learning process in computer networks.</p> <p><strong>Originality:</strong> A software solution that complements existing limitations in portability, versatility and ease of use is proposed. This solution is applicable both in the workplace and in the educational field.</p> <p><strong>Limitations:</strong> The processes of sending and capturing frames are separated in the software, meaning that TCP communication cannot be maintained. It is necessary to build a GUI application to capture network frames and not depend on a tool like Wireshark for visualizing the frames.</p> Marta López Muñoz, José Luis Alejandro Carrillo Valderrama Copyright (c) Mon, 27 May 2019 00:00:00 -0400 A hybrid methodology based on engineering tools for process standardization in accounting <p><em>Introduction: </em>This article is the final product for the investigation developed on the case study entitled “Standardization of the accounting process for the “Liga Colombiana Contra el Cáncer”. This was performed between 2017 and 2018 at the faculty of Engineering of the “Universidad Libre”, Bogotá, Colombia.</p> <p><em>Problem: </em>Lack of methodologies based on engineering tools for the standardization of accounting processes or similar fields.</p> <p><em>Objective: </em>Propose a methodology based on engineering tools for the standardization of accounting processes.</p> <p><em>Methodology: </em>This proposal is based on different engineering tools coupling that allowed to establish the following steps: Characterization, modeling, documentation, time study, indicators and impact evaluation.</p> <p><em>Results:</em> Hybrid methodology that allowed to standardize the Accounting process on “Liga Colombiana Contra el Cáncer”.</p> <p><em>Conclusion:</em> Standardization and coupling of the accounting process to the “Liga Colombiana Contra el Cáncer” management system.</p> <p><em>Originality:</em> This methodology is applicable to processes with variable characteristics that are not couplers to traditional standardization tools.</p> <p><em>Originality: </em>This methodology is applicable to processes with variable characteristics that are not coupled to traditional standardization tools.</p> <p><em>Limitations</em>: There currently exists very little literature and research related to standardization methodologies and engineering tools applied to accounting or similar processes.</p> Diana Carolina Benito Baene, Juan Sebastián Samacá Zamora, Ever Ángel Fuentes Rojas Copyright (c) Mon, 27 May 2019 00:00:00 -0400 DC ELECTRIC PUMP MODIFIED AS AN INTELLIGENT ACTUATOR <p><strong>Introduction:</strong> This paper describes the research – developed in 2007 by ORCA and SciBas – that modifies an actuator device (AD) – DC electric pump – making it Smart.&nbsp;</p> <p><strong>Problem:</strong> There are currently no intelligent ADs of open architecture with the possibility of being easily manipulated in didactic plants.</p> <p><strong>Objective: To </strong>identify and implement circuits to control an AD with signals.</p> <p><strong>Methodology:</strong> The AD is developed following the family-standard IEEE 1452: implementing communication interfaces that characterize intelligent transducers connected to systems based on microprocessors, instruments and networks. The integration is made in a configuration platform that displays, records and manipulates AD information through a PC.</p> <p><strong>Results:</strong> Obtaining a low-cost system based on Raspberry Pi - as an intelligent core - where the following are integrated: a PSOC 4 microcontroller to interact with the signals of the actuator, a circuit to manage the energy between the pump and the microcontroller, and an integrated signal that goes to a processor</p> <p><strong>Originality: </strong>Modify a DC electric pump -as part of a didactic plant system- to have an intelligent AD architecture. The checking of filling and flow rates indicate advantages over traditional instrumentation: noise immunity, effective isolation of circuits from sources, work sequences, effective storage of actuator information, simple calibration, ease of signal transmission and remote control, and the possibility of intelligent presentations.</p> <p><strong>Limitations: </strong>In non-didactic plants it is necessary to extend the research to the industrial sector and increase the quality of the elements.</p> Alex Esteban Barbosa Torres Copyright (c) Mon, 27 May 2019 00:00:00 -0400 A technological analysis of Colombia’s cybersecurity capacity: a systemic perspective from an organizational point of view <p><strong>Introduction: &nbsp;</strong>This paper is a product of the research Project “A technological analysis of Colombia’s cybersecurity capacity: a systemic perspective from an organizational point of view” developed at the Universidad Pontificia Bolivariana in the year 2018.</p> <p><strong>Objective: </strong>Starting from the dynamics system paradigm, this study considers the technological dimension with respect to cybersecurity for incident response and critical infrastructure protection, making reference to the Cybersecurity Capability Maturity Model and the best practices defined by the National Institute of Standards and Technology - NIST.</p> <p><strong>Methodology: </strong>The research starts from the dynamics hypothesis and using the representation of a formal simulation model as its input so as to analyze different scenarios and the development of future policy in this field.</p> <p><strong>Conclusions: </strong>The risk at the organizational level represents a fundamental element for management of incidents and the protection of critical infrastructures, since it allows defining the necessary strategies, in terms of policies, guidelines, business rules, technology and other elements that allow the country to face the threats derived from interconnectivity. It is therefore necessary to develop policies aimed at organizational sensitivity in terms of cybersecurity risks.</p> <p><strong>Originality: </strong>The scenarios that we propose should assist decision makers in making investments in favor of the development and evolution of Cybersecurity in Colombia and, therefore, of the organizations that contribute to the development of the country.</p> <p><strong>&nbsp;</strong><strong>Restrictions: </strong>The data we used to conclude this study, was obtained from an organization that is classified as critical to infrastructure, so it is important to obtain access to the information of the main organization in Colombia in charge of cybersecurity and other companies.</p> Alexis Mauricio Serna Patiño, Diana Patricia Giraldo Ramírez Copyright (c) Mon, 27 May 2019 00:00:00 -0400 CONCEPTUAL FOUNDATION FOR AN AUTOMATED PENTESTER BASED ON A SINGLE BOARD COMPUTER <p><strong>Introduction: </strong>This article is the product of the research entitled "Automated Concept Tests on Web Applications Based on OWASP", carried out during 2017 and 2018 in the city of Popayan, capital of the Department of Cauca.</p> <p><strong>Problem: </strong>Establish and identify a theoretical support for the research topic that will help to solve the problem question of the research work. Is it necessary to develop scripts that automate the concept testing process for the detection of vulnerabilities corresponding to the Top 10 of OWASP 2017.</p> <p><strong>Objective: </strong>Propose a conceptual and background component, through the study of primary and secondary sources along with inclusion and exclusion factors, which helps determine the relevance to the proposed problem which in turn will assist in the construction of a solution.</p> <p><strong>Methodology: </strong>The methodology used was documentary, so several sources of databases were consulted, in order to determine the conceptual, theoretical and relevant background information that will support this research work.</p> <p><strong>Results: </strong>As a result, a very significant analysis was obtained, given that it was possible to obtain relevant conceptual bases that contributed to the solution of the problem.</p> <p><strong>Conclusion: </strong>Despite the existence of tools designed to perform web pentesting, none solve the problems posed in this article, however, the articles did contribute towards the solution of the objective.</p> <p><strong>Originality: </strong>Automation of the pentesting process, under the OWASP methodology, in an SBC, using free software, to reduce costs to entrepreneurs when testing the security of web applications.</p> <p><strong>Limitations: </strong>Access to databases in the institution, time and money used to perform tests on other SBC devices.</p> Geraldín Vergara Fajardo, Diana Marcela Montaño, Siler Amado Donado, Katerine Márceles Villalba Copyright (c) Mon, 27 May 2019 00:00:00 -0400 Revision of Smart Street Lighting LED <p><strong>Introduction: </strong>This Literature Review article is the result of a research on the current situation of smart public lighting systems with light-emitting diode (LED) technology in cities around the world.</p> <p><strong>Problem: </strong>How convenient is it to use smart public lighting system with LED luminaires?</p> <p><strong>Objective: </strong>To review the context of smart public lighting with LED technology.</p> <p><strong>Methodology: </strong>Within this project, a lit review was conducted with more than 50 academic articles found in different databases such as: IEEE Xplore, Scopus, ScienceDirect etc. The selection criteria of the information followed the revision of articles from 2006 to 2018, and also, took into account their installation and performance in different cities and places of the world. Furthermore, articles on polluting and inefficient technologies were excluded.</p> <p><strong>Conclusion:</strong> Considering the current context in which LED smart public lighting is, it is more likely to be implemented in the future.</p> <p><strong>Results: </strong>Smart LED street lighting systems are more efficient in energy use, leads to savings in costs in medium terms, and finally, present a lower environmental impact compared to conventional lighting systems.</p> <p><strong>Limitations: </strong>The review focuses on energy efficiency and economic aspects, not on social aspects.</p> <p><strong>Originality: </strong>Smart LED public lighting systems have been researched within the economic and energy efficiency context.</p> Diego Julián Rodríguez Patarroyo, Iván Felipe Cely Garzón, Cristhian Alexander Letrado Forero Copyright (c) Fri, 10 May 2019 00:00:00 -0400