Position error bound for UWB localization in dense cluttered environments

For most outdoor applications, systems such as global positioning system (GPS) provide users with accurate location estimates. However, similar range-only localization techniques in dense cluttered environments typically lack accuracy and reliability due, notably, to dense multipath, line-of-sight (LOS) blockage and excess propagation delays through materials. In particular, range measurements between a receiver and a transmitter are often positively biased. Furthermore, the quality of the range measurement degrades with distance, and the geometric configuration of the beacons also affects the localization accuracy. In this paper we derive a fundamental limit of localization accuracy for an ultrawide bandwidth (UWB) system operating in such environments, which we call the position error bound (PEB). The impact of different ranging estimation errors due to beacons distance and biases on the best positioning accuracy is investigated. The statistical characterization of biases coming from measurement campaigns can easily be incorporated into this analysis. We show that the relative importance of information coming from different beacons varies depending on the propagation conditions, such as whether the beacon is LOS or non-line-of-sight (NLOS). We show, in particular, that any a priori information knowledge on NLOS beacons can significantly improve the localization accuracy, especially in dense cluttered environments. Finally we put forth the concept of localization outage probability and epsi-localization accuracy outage, and use them to characterize the quality of localization throughout the area.     

Securing large applications against command injections

The ability to produce more secure software or to improve the security of existing software is a growing concern and a real challenge for the field of software engineering. Among the various existing types of software vulnerabilities, command injections are particularly common. It is a difficult problem to address, having seemingly endless variations. We present a unified, formal definition of command injections that, is not based on a particular technology and captures not only the existing variations but also the future instances of the problem. We then propose a Simple, yet effective, strategy to deal with the problem in existing large applications, focusing on the cost-effectiveness of the method. We also report on successful experiments applying our solution to large commercial applications.