Computer Science AS Level

Advanced Theory
CHAPTER 1

User-defined data types

Non-composite user-defined data types:
A non-composite data type has a definition which does not involve a reference to another type. The
simple built-in types such as integer or real are obvious examples. When a programmer uses a simple
built-in type the only requirement is for an identifier to be named with a defined type. A user-defined
type has to be explicitly defined before an identifier can be created.

1) Enumerated data type: An enumerated data type defines a list of possible values. Examples:
a) TYPE

TDirections = (North, East, South, West)

TDay s = (Monday, Tuesday, Wednesday, Thurs day, Friday, Saturday, Sunday)

b) DECLARE Direction1: TDirections

DECLARE StartDay: TDays

Direction1 North

StartDay Wednesday

2) Pointer data type: A pointer data type is used to reference a memory location. It may be
used to construct dynamically varying data structures. A special use of a pointer variable is to
access the value stored at the address pointed to
Composite user-defined data types:
A composite user-defined data type has a definition with reference to at least one other type. Two
examples are considered here.

1) Record data type: a data type that contains a fixed number of components, which can be of different
types. As an example, a record could be used for a program using employee data. Pseudocode for
defining the type could be:

TYPE

TEmployeeRecord

DECLARE EmployeeFirstName: STRING

DECLARE EmployeeFamilyName: STRING

DECLARE DateEmployed: DATE

DECLARE Salary: CURRENCY

ENDTYPE

An individual data item can then be accessed using a dot notation:

Employee1.DateEmployed  #16/05/ 2017#

2) A set data type allows a program to create sets and to apply the mathematical operations defined in
set theory.

Why are user-defined data types necessary?

Their use will make a program more understandable and less error-prone. However, there cannot be a
built-in record type because each different problem will need an individual definition of a record.

File organization
A file is either a text file or a binary file. A text file contains data stored according to a defined character
code while a binary file stores data in its internal representation, for example an integer value might be
stored in two bytes in two's complement representation.

Serial files
A serial file contains records which have no defined order. A typical use of a serial file would be for a
bank to record transactions involving customer accounts. A program would be running. Each time there
was a withdrawal or a deposit the program would receive the details as data input and would record
these in a transaction file. The records would enter the file in chronological order but otherwise the file
would have no ordering of the records. If an individual data item is to be read then the access method
for a serial file is to successively read record by record until the required data is found.

Sequential files
A sequential file has records that are ordered. It is the type of file suited to long-term storage of data. In
order to allow the sequential file to be ordered there has to be a key field for which the values are
unique and sequential but not necessarily consecutive. It is worth emphasizing the difference between
key fields and primary keys in a database table, where the values are required to be unique but not to
be sequential. In a sequential file, a particular record is found by sequentially reading the value of the
key field until the required value is found. If the data is stored in a sequential file the process is similar to
that of a serial file but only the value in the key field has to be read.

Direct-access files
Direct-access files are sometimes referred to as 'random-access' files. For large files, direct access is
attractive because of the time that would be taken to search through a sequential file. In an ideal
scenario, data in a direct-access file would be stored in an identifiable record which could be located
immediately when required. Unfortunately, this is not possible. Instead, data is stored in an identifiable
record but finding it may involve an initial direct access to a nearby record followed by a limited serial
search. The choice of the position chosen for a record must be calculated using data in the record so
that the same calculation can be carried out when subsequently there is a search for the data. The
normal method is to use a hashing algorithm. This takes as input the value for the key field and outputs
a value for the position of the record relative to the start of the file. The hashing algorithm must take
into account the potential maxi mum length of the file, that is, the number of records the fi le will store.
A simple example of a hashing algorithm, if the key field has a numeric value, is to divide the value by a
suitably large number and use the remainder from the division to define the position. This method will
not create unique positions. If a hash position is calculated that duplicates one already calculated by a
different key, the next position in the file is used. This is why a search will involve a direct access possibly
followed by a limited serial search. For a direct-access file, the value in the key field is submitted to the
hashing algorithm which then provides the same value for the position in the file that was provided
when the algorithm was used at the time of data input.
Floating-point representation
Floating-point representation: a representation of real numbers that stores a value for the
mantissa and a value for the exponent.

Disadvantages:
• Floating point operations are usually slightly slower than integer operations.
• We can lose precision in floating point applications since it involves approximation which can
cause rounding errors and these errors can become significant if calculations are repeated
enough times.

Advantages:
• They can represent values between integers.
• Because of scaling factor, they can represent a much greater range of values.
• The other potential problem relates to the range of numbers that can be stored. A calculation can
easily produce a value higher than that can be stored. This produces an overflow error condition.
However, floating-point values there is also a possibility that if a very small number is divided by a
number greater than 1 the result is a value smaller than the smallest that can be stored. This is an
underflow error condition.

Relationship between numbers of bits associated with mantissa and exponent:

• Increasing the number of bits for mantissa increases precision.
• Increasing the number of bits for exponent increases the range of numbers that can be
represented.
Solved examples for floating point representation:
1) a) Calculate the denary value of the following floating-point number. (The
mantissa and exponent are both in two’s complement form.)

Mantissa Exponent

0 0 1 1 1 0 0 0 0 1 1 1

Since exponent= 7, therefore moving decimal 7 numbers right. 0.0111000 becomes 00111000.0
which is equal to 8 + 16 + 32 = 56

b) State how you know the floating-point number in (1) is not normalised.
In mantissa, 2nd bit is not the inverse of 1st bit. For normalised form the most significant (most left) and
second most significant (second most left) bits must be different.

c) Normalise the floating-point number in part (1)

To normalize it, move all the bits 1 bit to right and reduce 1 from exponent. Therefore exponent
becomes 6. For a positive normalised floating point, the most significant bit is always 0 and for
a negative it is always 1.

Mantissa Exponent

0 1 1 1 0 0 0 0 0 1 1 0

2) Calculate the denary value of the following floating-point number. It is not in

normalised form. (The mantissa and exponent are both in two’s complement form.)
Mantissa Exponent

0 0 1 0 1 0 1 0 0 0 0 0 0 1 0 1

Since exponent= 5, moving decimal 5 numbers right. 0.0101010 becomes 001010.10. Part
before the decimal corresponds to 10 while part after the decimal corresponds to 0.5.
Therefore the answer becomes 10 + 0.5 = 10.5
3) a) Convert the denary number +7.5 into a normalised floating-point number.
(The mantissa and exponent are both in two’s complement form.)
Binary representation for +7.5 is 111.1. For normalised form, the 2 top left bits must be
different and for positive denary number, the most left must 0. Thus, moving decimal three
places to the right makes mantissa 0.1111000 and exponent is 0011(3).

Mantissa Exponent

0 1 1 1 1 0 0 0 0 0 0 0 0 0 1 1

b) Convert the denary number −7.5 into a normalised floating-point number.

To find negative normalised floating point, first find the positive mantissa of respective negative
number and then apply two complement to the mantissa of positive number. The exponent
remains the same. Applying two’s complement to 01111000. Therefore, the mantissa becomes
10001000 and exponent is the same i.e. 00000011. As proved from below example, the most
left bit of mantissa of negative number is equal to 1.

Mantissa Exponent

1 0 0 0 1 0 0 0 0 0 0 0 0 0 1 1

4) Write the floating point for largest positive number in normalised form. (The
mantissa and exponent are both in two’s complement form.)

For largest positive number, the left most bit (most significant bit) must be equal to 0 and
exponent must be at its largest number.

Mantissa Exponent

0 1 1 1 1 1 1 1 0 1 1 1 1 1 1 1
5) Find the denary value for the following binary floating-point number. (The
mantissa and exponent are both in two’s complement form.)

Mantissa Exponent

1 0 1 1 1 0 0 1 1 0 1 0 0 1 0 1

Since the most left bit is one therefore the number is negative. For this type of question, take
the two’s complement of the mantissa and attach a negative sign with final answer. Thus, the
mantissa becomes -010001100110. Exponent is 5, so moving decimal 5 numbers (bits) to the
right. The binary number obtained is -010001.100110. The part before the decimal corresponds
to 17 while part after the decimal corresponds to 19/32. Therefore, the answer is 17 + 19/32 =
17.19/32.

5) Calculate the normalized floating-point representation of 5.25.

The denary number is positive therefore the most left bit must be equal to zero. Binary for 5.25
is equal to 101.01. Moving decimal 3 places left gives exponent equal to 3 while mantissa is
0.10101000000.

Mantissa Exponent

0 1 0 1 0 1 0 0 0 0 0 0 0 0 1 1
 CHAPTER 2

Isolated network topologies

Network topology is the schematic description of a network arrangement, connecting various
nodes (sender and receiver) through lines of connection.

BUS Topology
Bus topology is a network type in which every computer and network device is connected to
single cable.

Features of Bus Topology

• It transmits data only in one direction.
• Every device is connected to a single cable

Advantages of Bus Topology

• It is cost effective.
• Cable required is least compared to other network topology.
• Used in small networks.
• It is easy to understand.
• Easy to expand joining two cables together.

Disadvantages of Bus Topology

• Cables fails then whole network fails.
• If network traffic is heavy or nodes are more the performance of the network decreases.
• Cable has a limited length.
• It is slower than the ring topology.

RING Topology
It is called ring topology because it forms a ring as each computer is connected to another
computer, with the last one connected to the first. Exactly two neighbors for each device.

Features of Ring Topology

• The transmission is unidirectional, but it can be made bidirectional by having 2 connections
between each Network Node, it is called Dual Ring Topology.
• In Dual Ring Topology, two ring networks are formed, and data flow is in opposite direction in
them. Also, if one ring fails, the second ring can act as a backup, to keep the network up.
• Data is transferred in a sequential manner that is bit by bit. Data transmitted, has to pass
through each node of the network, till the destination node.

Advantages of Ring Topology

• Transmitting network is not affected by high traffic or by adding more nodes, as only the
nodes having tokens can transmit data.
• Cheap to install and expand
Disadvantages of Ring Topology
• Troubleshooting is difficult in ring topology.
• Adding or deleting the computers disturbs the network activity.
• Failure of one computer disturbs the whole network.

STAR Topology
In this type of topology all the computers are connected to a single hub through a cable.
This hub is the central node and all others nodes are connected to the central node.

Features of Star Topology

• Every node has its own dedicated connection to the hub.
• Hub acts as a repeater for data flow.
• Can be used with twisted pair, Optical Fibre or coaxial cable.

Advantages of Star Topology

• Fast performance with few nodes and low network traffic.
• Hub can be upgraded easily.
• Easy to troubleshoot.
• Easy to setup and modify.
• Only that node is affected which has failed, rest of the nodes can work smoothly.

Disadvantages of Star Topology

• Cost of installation is high.
• Expensive to use.
• If the hub fails then the whole network is stopped because all the nodes depend on the hub.
• Performance is based on the hub that is it depends on its capacity

Communication and transmission concepts

Data flow modes:
The data flow along an individual link is simplex, half duplex or full duplex. In simplex mode the
flow is one-way. In a duplex mode flow is both ways but only occurs simultaneously in full-
duplex mode.

Message types:
When a message is sent it can be as a broadcast, a multicast or a unicast. Broadcasting is a one-
to-all communication (as used traditionally for radio and television). Multicasting is from one
source to many destinations. Unicasting is a one-to-one communication.

Transmission modes:
For communication over an internetwork there are two possible approaches: circuit switching
or packet switching.

1) Circuit-switching
Circuit-switched is a type of network in which a physical path is obtained for and dedicated to a single
connection between two end-points in the network for the duration of the connection. Ordinary voice
phone service is circuit-switched. The telephone company reserves a specific physical path to the
number you are calling for the duration of your call. During that time, no one else can use the physical
lines involved i.e. full bandwidth is allocated to the connection (an advantage). For data transfer to take
place, the following has to happen:

1) The sender provides the identity of the intended receiver.

2) The system checks whether or not the receiver is ready to accept data.

3) If the receiver is available, a sequence of links is established across the network.

4) The data is transferred.

5) The links are removed.

The links that are provided between the nodes are dedicated channels in shared transmission media
that guarantee unimpeded transmission. (Advantage of circuit switching)

2) Packet-switching:
Packet switching is a digital network transmission process in which data is broken into suitably-sized
pieces or blocks for fast and efficient transfer via different network devices. When a computer attempts
to send a file to another computer, the file is broken into packets so that it can be sent across the
network in the most efficient way. These packets are then routed by network devices to the destination.
When packet switching is used there are two ways that the network can provide a service:
connectionless service or connection-oriented service.

If a connectionless service is provided, a packet is dispatched with no knowledge of whether or not the
receiver is ready to accept it. In a connection-oriented service the first packet sent includes a request for
an acknowledgement. If this is received, the sender transmits further packets. If no acknowledgement is
received the sender tries again with the first packet.

The TCP/IP protocol suite

TCP/IP is suite of communication protocols used to interconnect network devices on the
internet. TCP/IP can also be used as a communication protocol in a private network.
Protocol: a set of rules for data transmission which are agreed by sender and receiver.

Advantages of TCP/IP:
• TCP/IP is not controlled by a single company therefore it can be modified easily.
• It is compatible with all operating systems, so it can communicate with any other system.

TCP/IP model and layers:

The TCP/IP suite comprises a number of protocols, including the following:
• Application layer: HTTP, SMTP, DNS, FTP, POP3
• Transport layer: TCP, UDP, SCTP
• Network layer: IP, IGMP, ICMP, ARP

Application layer:
It is used to communicate data between the transport layer and application layer.

TCP (Transmission Control Protocol):

 Data Integrity: Using checksums, the data integrity across all the delivery layers can be
ensured. These checksums guarantee that the data transmitted is the same as the data
received through repeated attempts made by other layers to have missing data resent.
 The TCP protocol operating in the transport layer has the responsibility for ensuring the safe
delivery of the 'message' to the receiver. To do this it creates sufficient packets to hold all of the
data. Each packet consists of a header plus the user data. Message is reassembled correctly
upon arrival at the destination and replaces packets which were lost in transmission.
 Flow control: It is the responsibility of transport layer to make sure that the rate of transmission
of data with which sender is transmitting must be less than or equal to the rate of data receiver
can support.
 The TCP protocol is connection -oriented. Initially just one packet of a sequence is sent to the
network layer. Once the connection has been established, TCP sends the other packets and
receives response packets containing acknowledgements. This al lows missing packets to be
identified and re-sent.
Network layer:
• The function of the network layer, and in particular of the IP protocol, is to ensure correct routing
over the Internet. To do this it takes the packet received from the transport layer and adds a further
header. This header contains the IP addresses of both the sender and the receiver.

• It is responsible for encapsulating data into datagrams.

Data link layer:

• It accepts IP packets from the network layer and encapsulates them into frames. It synchronizes the
transmission of the frames as well as the bits making up the frames, between the sender and receiver.

• It states the transmission mode and the topology of network

• It defines how bits are to be encoded into optical or electrical pulses.

As the above figure shows, the frame sent by the data-link layer will arrive at a router during
transmission (more likely at several routers!). At this stage, the datagram content of the frame is given
back to IP. It is now the function of the router software re to choose the next target host in the
transmission. The software has access to a routing table appropriate to that router (A routing table
contains IP address of destination, routing metric and interface). The size and complexity of the Internet
prohibits a router from having a global routing table. IP then passes the datagram back to the data-link
layer at the router.
Working of TCP/IP suite:
At the first layer (application layer), request is forwarded to Transport layer using “http”
protocol. At the transport layer, TCP protocol assigns some information to the data packets
(sequence number, port number, destination port number, checksum etc.). At the next level, IP
adds IP address to the data packets which would help data to travel over the network. Finally,
the data link layer makes sure that the data transfer to and from the physical media (typically
Ethernet) is done properly. This information (data packets) travel on the physical media and
reach the target machine (server) and vice versa for data received to web browser.

Application-layer protocols associated with TCP/IP

HTTP (Hypertext Transfer Protocol)
Because HTTP (Hypertext Transfer Protocol) underpins the World Wide Web it has to be
considered to be the most important application-layer protocol. It allows for users on the web
to exchange information found on web pages (text, pictures, videos etc.)HTTP works on port 80.

Sequence of events that occur when a browser accesses a web page are presented as a
sequence of protocol actions. The following is an abbreviated version:

1) HTTP transmits a request message to TCP.

2) TCP creates one or more packets and sends the first one to IP using port 80 for the
destination port and a temporary port number for the sending port.

3) IP uses the URL in the message to get an IP address using DNS and sends a datagram.

4) At the server, IP forwards the datagram to TCP.

5) The server TCP sends an acknowledgement.

6) When a connection has been established, TCP sends the remaining packets, if any, to IP
which then forwards them through the server IP and TCP to the server application layer.

7) HTTP transmits a response message which is transmitted via TCP, IP, IP and TCP to the
Email protocols
SMTP (Simple Mail Transfer Protocol) is a 'push' protocol for sending emails across networks. POP3 (Post
Office Protocol version 3) is a 'pull' protocol used to receive emails There is a more recent alternative to
POP3, which is IMAP (Internet Message Access Protocol). SMTP uses port 25 while POP3 uses port 110.

FTP (File Transfer Protocol)

FTP is a standard network protocol used to copy a file from one host to another over a TCP/IP network.
File transfer can be less than straightforward if the end-systems have different operating systems with
different file systems. FTP handles this by separating the control process from the data-transfer process.
FTP works on port 21.

Ethernet protocol
Ethernet is the traditional technology for connecting wired local area networks, enabling
devices to communicate with each other via a protocol. Ethernet transmits data in frames. Each
frame contains a source address and a destination address. The address is the physical or MAC address,
which uniquely defines one NIC (One device or computer). Because of the broadcast transmission, there
was a need for the access to the shared medium by end-systems to be controlled. If there were no
control, two messages sent at the same time would 'collide' and each message would be corrupted. The
method adopted was CSMA/CD (carrier sense multiple access with collision detection). This relied on the
fact that if a frame was being transmitted there was a voltage level on the Ethernet cable which could be
detected by an end-system. If this was the case, the protocol defined a time that the end-system had to
wait before it tried again. However, because two end-systems could have waited then both decided to
transmit at the same time collisions could still happen. Thus there was also a need to incorporate a
means for an end-system to detect a collision and to discontinue transmission if a collision occurred.
Ethernet is the most likely protocol to be operating in the data-link layer defined in the TCP/IP protocol
stack. The disadvantages are as follows:

• Since in CSMA/CD only a single device can transmit at a given time, there are practical limits to the
number of devices that can coexist in a single network.

• Electrical signals propagate along a cable very quickly, but weaken as they travel, and electrical signals
from neighboring devices can scramble the data.

Peer-to-peer (P2P) file sharing

In a P2P network, the "peers" are computer systems which are connected to each other via the
Internet. Files can be shared directly between systems on the network without the need of a
central server. In other words, each computer on a P2P network becomes a file server as well as
a client. The only requirements for a computer to join a peer-to-peer network are an Internet
connection and P2P software. Once connected to the network, P2P software allows you to
search for files on other people's computers. Meanwhile, other users on the network can
search for files on your computer, but typically only within a single folder that you have
designated to share. While P2P networking makes file sharing easy and convenient, is also has
led to a lot of software piracy and illegal music downloads. Therefore, it is best to be on the
safe side and only download software and music from legitimate websites. Bit torrent is the
most common P2P network application used.

How P2P works?

Suppose you want to download a file, you simply get yourself connected to the P2P network via a client
and will be called as a “leech”. The client will then search for other computers on the network called
“seeds” which might be hosting your desired file using some link, you can name it as “magnet link” if are
using a Bit Torrent. After the client successfully found and connected you to the relevant seed, the file
sharing process begins. There is one catch in the process – the files hosted by a seed are fragmented or
in laymen terms, divided into small parts of around 1 MB size. A particular seed may not have all the
fragments at its disposal. To overcome this issue, the P2P client searches for different seeds for every
different fragment it has to download from the network or one seed may be able to provide multiple
fragments. There are chances the client will connect you to a large number of seeds, say a thousand
count, just to download a single file. Bit torrent uses a computer called ‘tracker’ that helps you find
other computers called peers. The tracker keeps track of the computers which are downloading or
already have the whole file and introduces your computer to them.

Above is an example of P2P vs. Client/server architecture.

Advantages of Peer-to-peer networking over Client server network:

1) It is easy to install and so is the configuration of computers on this network,

2) All the resources and contents are shared by all the peers, unlike server-client architecture where
Server shares all the contents and resources.
3) P2P is more reliable as central dependency is eliminated. Failure of one peer doesn’t affect the
functioning of other peers. In case of Client –Server network, if server goes down whole network gets
affected.

4) There is no need for full-time System Administrator. Every user is the administrator of his machine.
User can control their shared resources.

5) The over-all cost of building and maintaining this type of network is comparatively very less.

Disadvantages (drawbacks) of Peer to peer architecture over client server:

1) In this network, the whole system is decentralized thus it is difficult to administer. That is one person
cannot determine the whole accessibility setting of whole network.

2) Security in this system is very less viruses, spywares, Trojans, etc. malwares can easily transmitted
over this P-2-P architecture.

3) Data recovery or backup is very difficult. Each computer should have its own back-up system

4) Lot of movies, music and other copyrighted files are transferred using this type of file transfer. P2P is
the technology used in torrents.

Router
A router is networking device that forwards data packets between computer networks. Routers
perform the traffic directing functions on the internet. Data sent through the internet is in the
form of data packets. A router is connected to two or more data lines from different networks.
When a data packet arrives in one of the lines, the router reads the network address (IP
address) information in the packet to determine the ultimate destination. Then using
information in its routing table, it directs the packet to the next network on its journey.

Switch
A network switch is a computer networking device that connects devices on a computer
network by using packet switching to receive, process and forward data to the destination
device. A switch prevents collision by providing a circuit between the source and destination
ports. This circuit provides a dedicated channel over which the hosts connected to the various
ports on the switch can communicate. Each port is allocated with a separate bandwidth; these
circuits allow many conversations to take place at the same time without collisions happening
unlike in Ethernet.

Server
A server is a computer designed to process requests and deliver data to another computer over
the internet or a local network. In the client/server model, a server program awaits and fulfills
requests from client programs, which may be running in the same or other computers. Servers
 are often categorized in terms of their purpose. A few examples of the types of servers
available are:
• A Web server is a computer program that serves requested HTML pages or files. In this case, a
Web browser acts as the client.
• An application server is a program in a computer in a distributed network that provides the
business logic for an application program.
• A proxy server is software that acts as an intermediary between an endpoint device, such as a
computer, and another server from which a user or client is requesting a service.
• A mail server is an application that receives incoming e-mails from local users (people within
the same domain) and remote senders and forwards outgoing e-mails for delivery.
• A file server is a computer responsible for the central storage and management of data files
so that other computers on the same network can access them.

Differences between Router and Switch

Points of Difference Routers Switches

Mode of transmission of data It Transmits data in the form of packets. It Transmits data in the form of frames.

Address used for the purpose It makes use of IP address for the It makes use of MAC address for the
of data transmission. purpose of data transmission. purpose of data transmission.

Table It makes use of the Routing Table for It makes use of CAM (Content
routes to get to the destination IP. addressable Memory) table for MAC
address.

Function Router in networking is used to It is used to connect End devices such as

connect two different Networks computers, printers, scanners etc.

Used for It is used for both WAN/LAN networks. It is only used for the LAN networks.
 CHAPTER 3

Boolean algebra basics

Boolean algebra provides a simplified way of writing a logic expression and a set of rules for
manipulating an expression.

Identity/Law AND form OR form

Identity 1.A=A O+A=A

Null O.A=O 1+A= 1

Idempotent A.A=A A+A=A

Inverse A.A’=O A+A’= 1

Commutative A.B= B.A A+B = B+A

Associative (A.B).C = A. (B.C) (A+B) +C = A+ (B+C)

Distributive A+B.C = (A+B). (A+C) A. (B+C) = A.B+A.C

Absorption A.(A+B) =A A+A.B=A

De Morgan's (A.B)’=A’+B’ (A+B)’= A’.B’

Double Complement A’’= A

Example:
A+A.B can be simplified to A+B
In order to simplify the expression we have to first make it more complicated! This is where the
lateral thinking comes in. The OR form of the absorption identity is A+A.B = A as above in the
table. This can be used in reverse to replace A by A+A.B to produce the following:
A+A.B+A.B
Applying the AND form of the commutative law and the OR form of the distributive law in reverse we
can see that:

A.B+A.B is the same as B.A+B.A which converts to B. (A+A)

This allows us to use the OR form of the inverse identity which converts A+A to 1. As a result the
expression has become:

A+B.1
When the OR form of the commutative law and the AND form of the identity law are applied to the B.1
term, it then becomes A+B.

Logic circuits
1) The half adder
A fundamental operation in computing is binary addition. The result of adding two bits is either 1 or 0.
However, when 1 is added to 1 the result is O but there is a carry bit equal to 1. The simplest circuit that
can be used for binary addition is the half adder. Below is the example of a half adder.
2) The full adder
If two numbers expressed in binary with several bits are to be added, the addition must start with the
two least significant bits and then proceed to the most significant bits. At each stage the carry from the
previous addition has to be incorporated into the current addition. If a half adder is used each time,
there has to be separate circuitry to handle the carry bit because the half adder only takes two inputs.
The full adder is a circuit that has three inputs including the previous carry bit. Below are its respective
circuit and truth table. Circuit is made up of two half adders and one OR gate.
3) The SR flip-flop
Combinational circuit: a circuit in which the output is dependent only on the input values
Sequential circuit: a circuit in which the output depends on the input values and the previous
output
The SR flip-flop or 'latch' is a simple example of a sequential circuit. It can be constructed with two
NAND gates or two NOR gates. (Remember both are in syllabus)

Below is the NOR circuit with truth table.

Input signals Initial state Final state

S R Q Q’ Q Q’
0 0 1 0 1 0
1 0 1 0 1 0
0 1 1 0 0 1
0 0 0 1 0 1
1 0 0 1 1 0
0 1 0 1 0 1
Note: A combination of 1 and 1 produces invalid response.

Below is the NAND circuit with truth table.

 S R Q Q’
0 1 1 0
1 1 1 0
1 0 0 1
1 1 0 1
0 0 1 1
(Undefined)
Note: A combination of 0 and 0 produces invalid response.
Problems with SR flip flop:
• The circuit must be protected from receiving input on Rand S simultaneously because this leads to an
invalid state with both Q and Q' set to 0.

• The potential for a circuit to arrive in an uncertain state if inputs do not arrive quite at the same time.
In order to prevent this, a circuit may include a clock pulse input to give a better chance of synchronizing
inputs. (In JK flip flop)

Therefore to counter these problems, JK flip flop was introduces.

4) The JK flip-flop

J K
0 0
1 0
0 1
1 1
Clock Q
1 unchanged
1 1
1 0
1 Q toggles

NOTE: Just memorize the truth tables for each logic circuit as working
(concept) behind them is not in syllabus.
Boolean algebra applications
1) The Boolean algebra representation of a truth table
One approach to creating a Boolean algebra expression for a particular problem is to start with the truth
table and apply the sum of products method. This establishes a minterm for each row of the table that
results in a 1 for the output.

This can be illustrated using the truth table for the half adder circuit shown above. The only row
of the table creating a 1 output for C has a 1 input for A and for B. The product becomes A.B
and the sum has only this one term so we have:

C=A.B
For the S output, there are two rows that produce a 1 output so there is a sum of two
minterms:

S =A’.B + A.B’

Note that the 0 in a row for a symbol is represented by the inverse of

the input symbol.
Example:
INPUT
A B
0 0
0 0
0 1
0 1
1 0
1 0
1 1
1 1
OUTPUT
C X
0 0
1 0
0 0
1 1
0 0
1 1
0 1
1 1

Solution: Only rows with output X=1 are to be considered. 4 rows have output
X=1, Row 4, Row 6, Row 7 and Row 8.
Row 4= A’.B.C
Row 6= A.B’.C
Row 7= A.B.C’
Row 8= A.B.C
The answer is the sum of these miniterms; X= A’.B.C + A.B’.C + A.B.C’ + A.B.C

2) The Boolean algebra representation of a logic circuit

This approach can also be used as part of the process of creating a Boolean algebra logic expression
from a circuit diagram. The truth tables for the individual logic gates are used and then some algebraic
simplification is applied.

Example:
The circuit is:

Our first step in simplification must be to write a Boolean expression for this circuit. This task is
easily performed step by step if we start by writing sub-expressions at the output of each gate,
corresponding to the respective input signals for each gate. Remember that OR gates are
equivalent to Boolean addition, while AND gates are equivalent to Boolean multiplication.
Therefore, sub-expressions at the outputs of the first three gates are:

Since the both outputs combine at OR gate to give Q, the expression becomes AB + BC (B+C).
Now that we have a Boolean expression to work with, we need to apply the rules of Boolean
algebra to reduce the expression to its simplest form.
AB + BC (B+C)
AB + BBC + BCC (Applying identity AA=A to second and third terms)
AB + BC + BC (Since A + A = A)
AB + BC (taking B common)

B (A+C)  Final Answer

Note: For the very first logic gates encountered from left to right, create sub-
expressions such that they give output of 1 as in above example.

3) Karnaugh maps (K-maps)

A Karnaugh map is a method of creating a Boolean algebra expression from a truth table. It can
make the process much easier than if you use sum-of-products to create minterms.

Rules for karnaugh mapping:

• Groups cannot include any cell containing a zero.
• Groups may be horizontal, vertical but not diagonal.
• Groups must contain 2, 4, 8 and so on cells. (2^n)
• Each group should be as large as possible.
• Groups can overlap. See below in the figure example.
• Groups may wrap around the table. The leftmost cell in a row may be grouped with the rightmost cell
and the top cell may be grouped with the bottom cell. See below in Figure:
Example:
INPUT OUTPUT
A B C X
0 0 0 0
0 0 1 0
0 1 0 0
0 1 1 1
1 0 0 0
1 0 1 1
1 1 0 1
1 1 1 1

Solution:
AB
00 01 11 10
0 0 0 1 0
C
1 0 1 1 1

AB
00 01 11 10
0 0 0 1 0
C
1 0 1 1 1

Now make miniterms for groups of cells ( In this case there are 3 group cells as
can be seen from above; 3 ovals represent 3 group cells) and add them to make
Boolean expression. Note: Complement of one symbol cancels its original form.
Miniterm 1: ABC
ABC’
=A.B
Since there is C’ and C, they multiply to cancel each other. Therefore first
miniterm becomes A.B.

Miniterm 2: ABC
A’BC
=B.C
Since there is A’ and A, they multiply to cancel each other. Therefore first
miniterm becomes B.C

Miniterm 3: ABC
AB’C
=A.C
Since there is B’ and B, they multiply to cancel each other. Therefore first
miniterm becomes A.C
Since the Boolean expression is the sum of all miniterms, therefore the answer
becomes A.B + B.C + A.C. As no further simplification can be done, do this is
the final answer.
 CHAPTER 4

The control unit

While a program is being executed, the CPU is receiving a sequence of machine-code instructions. It is
the responsibility of the control unit within the CPU to ensure that each machine instruction is handled
correctly. There are two ways that a control unit can be designed to allow it to perform its function.

One method is for the control unit to be constructed as a logic circuit. This is called the hardwired
solution. The machine-code instructions are handled directly by hardware.

The other method is for the control unit to use microprogramming. In this approach, the control unit
contains a ROM component in which is stored the microinstructions or microcode for
microprogramming.

CISC and RISC processors

RISC (Reduced instruction set computer) is a microprocessor that is designed to perform a smaller
number of types of computer instructions.

Difference between CISC and RISC:

RISC CISC
It has fewer instructions It has more instructions
Simple instructions Complex instructions

Smaller number of instruction formats Many instruction formats

Fixed length instructions Variable length instructions

Fewer addressing modes More addressing modes

Multiple registers Fewer registers

Hard wired control unit Microprogrammed control unit

Pipelining easier Pipelining difficult
Advantages of RISC:
• The simplicity of the instructions allows data to be stored in registers and manipulated in them with
no resource to memory access other than that necessary for initial loading and possible final storing.

• Performance is better due to simplified instruction set.

• Can be easily designed compared to CISC due to less complexity.

Disadvantages of RISC:
• Performance of the processor will vary according to the code being executed. Subsequent instructions
might be relying on previous instructions for their execution.

• RISC processors require very fast memory systems to feed various instructions. Therefore a large
memory cache is generally required

Advantages of CISC:
• The compiler writing becomes much easier for a CISC processor because they more closely match
high-level language constructs due to their increased complexity of instructions.

• It can handle complex instructions which RISC might not be able to handle.

Disadvantages of CISC:
• The specialized instructions that can be part of a CISC architecture often require repeated memory
access.

• The complexity of some of the instructions makes hard-wiring extremely difficult so

microprogramming is the norm. A general comparison between hard wired and micrprogrammed
control unit (Not in syllabus but it is always better to know more for better concepts) is below:
Pipelining
Pipelining is instruction level parallelism where multiple instructions are overlapped during
execution. Pipeline is divided into stages and these stages are connected with one another to
form a pipe like structure. Instructions enter from one end and exit from another end.
Pipelining increases the overall instruction throughput.
In pipeline system, each segment consists of an input register followed by a combinational
circuit. The register is used to hold data and combinational circuit performs operations on it.
The output of combinational circuit is applied to the input register of the next segment.
Note: The more pipelining stages there are the faster is the pipeline because each stage is
then shorter than before.

Interrupts in pipelining:
• One option for handling the interrupt is to erase the pipeline contents for the latest four instructions
to have entered. Then the normal interrupt-handling routine can be applied to the remaining
instruction.

• The other option is to construct the individual units in the processor with individual program counter
registers. This allows current data to be stored for all of the instructions in the pipeline while the
interrupt is handled.

Disadvantages of pipelining:
Data dependency: A data dependency occurs when an instruction depends on the results of a
previous instruction. A particular instruction might require data that has not been processed
yet since it is the responsibility of a preceding instruction that has not yet completed through
the pipeline. Thus, processor might stall as a result of data dependency.
Branch instructions: A branch is an instruction in a computer program that can cause a
computer to begin executing a different instruction sequence (typically jump instructions in
assembly language) and therefore deviate from its default behavior of executing instructions in
order. Branch instructions can be troublesome in a pipeline if a branch is conditional on the
results of an instruction which has not been completely processed yet.

Parallel processing
Parallel processing is a method of simultaneously breaking up and running program tasks on
multiple microprocessors, thereby reducing processing time. Parallel processing may be
accomplished via a computer with two or more processors. In other words, parallel processing
is the simultaneous use of more than one CPU to execute a program. It makes a program run
faster because there are more resources (CPU’s) running it.
Parallel: phenomenon where a number of computations are performed simultaneously.

Advantages of parallel processing:

• It is faster when handling large amounts of with each requiring same type of processing.
• It is not affected by the bus transfer rate.

Disadvantages of parallel processing:

• Only certain types of data are suitable for parallel processing. Data that is dependent on
results of previous instructions (data dependency) cannot be processed in parallel computing
systems.
• It involves adding more hardware chips, therefore it is costly in terms of hardware.

Hardware and software requirements for parallel processing:

Hardware: Processors need to be able to communicate with each other so that processed data
can be passed from one processor to another
Software: there must appropriate software which allows data to be processed simultaneously
by several processors.

Types of parallel processing

SISD (Single Instruction Single Data):
SISD have one processor that handles one algorithm using one source of data at a time. They
are not capable of performing parallel processing on their own.

SIMD (Single Instruction Multiple Data):

SIMD computers have several processors that follow the same set of instructions. SIMD
computers run different data through the same algorithm and is useful analyzing large amount
of data based on same criteria. An array processor is an example of SIMD. With an array
processor, a single instruction is issued by the control unit and that instruction is applied to a
number data sets at the same time. An array processor has a number of ALU’s that allow all the
elements of an array to be processed at the same time.
However, this type of parallel processing is dependent on the fact that a single instruction is
applied to a number of data sets. Therefore, if these data sets depend on each other in some
way, parallel processing cannot be applied.
MIMD (Multiple instruction Multiple Data):
A MIMD has multiple processors, each capable of accepting its own instruction stream and pull
data from a separate data stream. A MIMD system can execute several different processes at
once. However, this type of parallel processing is dependent on a problem or process (program)
being broken down into smaller segments so that each segment can be dealt with a separate
processor. Since, every process (or program) cannot be modularized into smaller segments or
parts thus it may not be compatible with MIMD computer. Moreover, a software is needed to
ensure correct coordination between processors for transfer of segments which is quite a
difficult task. An example of this system is super computers such as those used in NASA or high
speed servers.

MISD (Multiple Instruction Single Data):

A MISD computer has multiple processors where each processor uses a different algorithm but
uses the same shared input data. These type of computers can analyze the same set of data
using several different operations at the same time. However, these computers are not
commonly used.
 CHAPTER 5

The purposes of an operating system (OS)

Resource management
The three fundamental resources in a computer system are:
• The CPU
• The memory
• The I/0 (input/output) system.
Resource management relating to the CPU concerns scheduling to ensure efficient usage (this is
discussed later in this chapter). Resource management relating to the memory concerns optimum
usage of main memory. To understand the issues associated with I/0 management, some discussion of
timescales is required. It must be understood that one second is a very long time for a computer system.
A CPU typically operates at GHz frequencies. One second sees more than one trillion clock cycles.
Therefore, the slow speed of I/0 compared to a typical CPU clock cycle shows that management of CPU
usage is vital to ensure that the CPU does not remain idle while 1/0 is taking place.

Operating system facilities provided for the user

• When a program involves use of a device, the operating system provides the device driver: the user
just expects the device to work

• The operating system will provide a file system for a user to store data and programs. The user has to
choose filenames and organize a directory (folder) structure but the user does not have to organize the
physical data storage on a disk.

• If the user is a programmer, the operating system supports the provision of a programming
environment. This allows a program to be created and run without the programmer being famil iar with
how the processor functions.

Kernel:
The logical structure of the operating system provides two modes of operation. User mode is the one
available for the user or an application program. The alternative has a number of different names of
which the most often used are 'privileged mode' or 'kernel mode'. The difference between the two is
that kernel mode has sole access to part of the memory and to certain system functions that user mode
cannot access.
The kernel is the central module of an operating system. It is the part of the operating system that loads
first and it remains in main memory. Because it stays in the memory, it is important for the kernel to be
as small as possible while still providing all the essential services required by other parts of the operating
system and applications. The kernel code is usually loaded into a protected area of memory to prevent it
from being overwritten by programs or other parts of the operating system. Typically, the kernel is
responsible for memory management, process and task management, and disk management. The kernel
connects the system hardware to the application software. Every OS has a kernel.

Process scheduling
Schedulers:
• A long-term or high-level scheduler program controls the selection of a program stored on disk to be
moved into main memory.

• A medium-term scheduler controls selection of programs that are to be moved back to the disk due to
memory being overcrowded.

• A short-term or low-level scheduler controls when the program installed in memory has access to the
CPU.

Disk Memory CPU

Process states
Process: a program in memory that has an associated process control block i.e. it is executing.
Process control block (PCB): a complex data structure containing all data relevant to the running
of a process.
The transitions between the states can be described as follows:
• A new process arrives in memory and a PCB is created; it changes to the ready state.
• A process in the ready state is given access to the CPU by the dispatcher; it changes to the
running state.
• A process in the running state is halted by an interrupt; it returns to the ready state.
• A process in the running state cannot progress until some event has occurred (I/0 perhaps); it
changes to the waiting state (sometimes called the 'suspended' or 'blocked' state).
• A process in the waiting state is notified that an event is completed; it returns to the ready state.
• A process in the running state completes execution; it changes to the terminated state.

The objectives of scheduling are to:

• Maximize the use of the whole computer system
• Be fair to all the users
• Provide a reasonable response time to all the users, whether they are on-line users or a batch
processing user.
• Prevent the system failing if it has become overloaded.
Why process cannot be moved from blocked state to running state:
When I/O operation is completed for a process in blocked state, it is put in ready state. The OS
then decides which process to allocate to processor from ready state based on priority.

Why process cannot move from ready to blocked state:

To be in blocked state, process must initiate some I/O operation. To initiate I/O operation,
process must be executing. If process is in ready state, it cannot be executing.

Scheduling algorithms
A scheduling algorithm can be preemptive or non-preemptive. A preemptive algorithm can halt a
process that would otherwise continue running undisturbed. If an algorithm is preemptive it may involve
prioritizing processes. A non-pre-emptive scheme allows each job to run until it no longer requires the
processor. This may be because it has finished or it needs an I/O device.

1) The simplest possible algorithm is first come first served (FCFS). This is a non-preemptive algorithm
and can be implemented by placing the processes in a first-in first-out (FI FO) queue. It will be very
inefficient if it is the only algorithm employed but it can be used as part of a more complex algorithm.

2) A round-rob in algorithm allocates a time slice to each process and is therefore preemptive, because a
process will be halted when its time slice has run out.

3) A priority-based scheduling algorithm is more complicated. One reason for this is that every time a
new process enters the ready queue or when a running process is halted, the priorities for the processes
may have to be re-evaluated. The other reason is that whatever scheme is used to judge priority level it
will require some computation. Possible criteria are:

• Estimated time of process execution

• estimated remaining time for execution

• Length of time already spent in the ready queue

• Whether the process is 1/0 bound or CPU bound.

Memory management
The term memory management embraces a number of aspects:
• One aspect concerns the provision of protected memory space for the OS kernel.

• Another aspect the loading of a program into memory requires defining the memory addresses for the
program itself, for associated procedures and for the data required by the program. In a
multiprogramming system, this might not be straightforward.
• The storage of processes in main memory can get fragmented in the same way as happens for files
stored on a hard disk. There may be a need for the medium-term scheduler to move a process out of
main memory to ease the problem.

• The most important memory management technique is to partition memory with the aim of loading
the whole of a process into one partition. Dynamic partitioning allows the partition size to match the
process size. An extension of this idea is to divide larger processes into segments, with each segment
loaded into a dynamic partition. Alternatively, a paging method can be used. The process is divided into
equal-sized pages and memory is divided into frames of the same size. All of the pages are loaded into
memory at the same time.

Virtual memory:
Virtual memory: a paging mechanism that allows a program to use more memory addresses
than are available in main memory
The most flexible approach to memory management is to use virtual memory based on paging but with
no requirement for all pages to be in memory at the same time. In a virtual memory system, the address
space that the CPU uses is larger than the physical main memory space. It works by the following
mechanism:
The starting situation is that the set of pages comprising the process are stored on disk. One or more of
these pages is loaded into memory when the process is changing to the ready state. When the process is
dispatched to the running state, the process starts executing. At some stage, it will need access to pages
still stored on disk which means that a page needs to be taken out of memory first. This is when a page
replacement algorithm is needed. A simple algorithm would use a first-in first-out method. A more
sensible method would be the least recently-used page but this requires statistics of page use to be
recorded.

Advantages of virtual memory:

• One of the advantages of the virtual memory approach is that a very large program can be run when
an equally large amount of memory is unavailable.

• Another advantage is that only part of a program needs to be in memory at any one time.

Disadvantages of virtual memory:

• The system overhead in running virtual memory can be a disadvantage.

• The worst problem is 'disk thrashing', when part of a process on one page requires another page which
is on disk. When that page is loaded it almost immediately requires the original page again. This can lead
to almost perpetual loading and unloading of pages.
Virtual machine
A virtual machine (VM) is a software program or operating system that not only exhibits the
behavior of a separate computer, but is also capable of performing tasks such as running
applications and programs like a separate computer. Multiple virtual machines can exist within
a single host at one time. A virtual machine is also known as a guest.

Some of the advantages of a virtual machine include:

• Allows multiple operating system environments on a single physical computer without any
intervention.

• Virtual machines are sandboxed from rest of the system which means that the software within virtual
machine cannot tamper with the rest of system and other virtual machines installed.

• It is a good way to test any software program or modules developed as you can avoid any instability
during testing if any problem arises.

Some of the disadvantages of a virtual machine include:

• Their performance is generally slow since they access the hardware indirectly and therefore cannot be
used to measure real time performance.

• They may not be able to emulate some hardware. (Some features of the hardware may not be utilized
as with the native machine.)

• Multiple VMs running on a single physical machine can deliver unstable performance

The below figure shows the structure of a virtual machine implementation:

1) Processes or application programs for virtual machine
2) OS kernel for virtual machine
3) Virtual machine
4) Virtual machine manager or implementation software
5) Hardware
Translation software
A compiler takes a program written in high-level languages and translates into an equivalent program in
machine code. A compiler can be described as having a 'front end' and a 'back end'. The front-end
program performs analysis of the source code and produces an intermediate code that expresses
completely the semantics (the meaning) of the source code. The back-end program then takes this
intermediate code as input and performs synthesis of object code

Front end analysis

The four stages of front-end analysis are as follows:

• Lexical analysis

• Syntax analysis

• Semantic analysis

• Intermediate code generation.

Lexical analysis
• In lexical analysis each line of source code is separated into tokens. It requires the analyzer to have
knowledge of the components that can be found in a program written in the particular programming
language. For example, the assignment statement:

PercentMark [Count). - Score * 10

Would be recognized as containing eight tokens:

PercentMark [ Count J : = Score * 10

• Secondly, all identifiers must be recognized as such and an entry for each must be made in the symbol
table (which could have been called the identifier table). The symbol table contains identifier attributes
such as the data type, where it is declared and where it is assigned a value. The symbol table is an
important data structure for a compiler.

• The lexical analyzer also removes redundant characters such as white spaces (tabs, spaces, etc… which
we may find useful to make code more readable, but the computer does not want).

• Moreover, it removes any comments in program source code

Syntax analysis
Syntax analysis, which is also known as parsing, involves analysis of the program constructs. The results
of the analysis are recorded as a syntax or parse tree. It checks grammar rules, type checks and whether
a variable is declared. Moreover, it produces an error report at the end of analysis if any errors occurred.
Semantic analysis
Semantic analysis is about establishing the full meaning of the code. An annotated abstract syntax tree is
constructed to record this information.

Back-end synthesis stages

If the front-end analysis has established that there are syntax errors, the only backend process is the
presentation of a list of these errors. For each error, there will be an explanation and the location within
the program source code. In the absence of errors, the main back-end stage is machine code generation
from the intermediate code. This may involve optimization of the code. The aim of optimization is to
create an efficient program; the methods that can be used are diverse. One type of optimization focuses
on features that were inherent in the original source code and have been propagated into the
intermediate code. Another example is when a statement inside a loop, which is therefore executed for
each repetition of the loop, does the same thing each time. Optimization would place the statement
immediately before the loop.

Evaluation of expressions
An assignment statement often has an algebraic expression defining a new value for an identifier. The
expression can be evaluated by firstly converting the infix representation in the code to Reverse Polish
Notation (RPN). Reverse Polish notation (RPN) is a mathematical notation wherein every operator
follows all of its operands.

Examples:
1) Manually converting an expression between RPN and infix.
a+b*c

The conversion to RPN has to take into account operator precedence so the first step is to
convert b * c to get the intermediate form:
a+bc*
We then convert the two terms to give the final RPN form:
abc*+

2) x2*y3*+6/

(x * 2) y 3 * + 6 /

(x * 2) (y * 3) + 6 /

(x * 2) + (y * 3) 6 /

((x * 2) + (y * 3)) / 6
3) Evaluating an RPN expression using a stack. A stack can be used to evaluate an RPN expression. Let's
consider the execution of the following RPN expression when x has the value 3 and y has the value 4.
The expression is as follows: x 2 * y 3 * + 6 / .The rules followed here are that the values are added to
the stack in turn. The process is interrupted if the next item in the RPN expression is an operator. This
causes the top two items to be popped from the stack. Then the operator is used to create a new value
from these two and the new value is added to the stack. The process then continues. See below in the
figure.

3
2 4 12 6
3 3 6 6 6 18 18 3

Benefits of RPN expression:

• Does not require brackets: the user simply performs calculations in the order that is required

• There is no requirement for the precedent rules required in infix notation.

 CHAPTER 6

Encryption fundamentals
Encryption is the process of encoding a message or information in such a way that only
authorized parties can access it.
There are two types of encryptions:
• Symmetric encryption

• Asymmetric encryption

Plaintext: data before encryption

Cipher text: the result of applying an encryption algorithm to data
In symmetric key encryption there is just one key which is used to encrypt and then to decrypt. This key
is a secret shared by the sender and the receiver of a message. In asymmetric key encryption two
different keys are used (public and private key), one for encryption and a different one for decryption.
Only one of these is a secret which is the private key.

Symmetric encryption
Symmetric key encryption is also known as shared-key, single-key, secret-key, and private-key
or one-key encryption. In this type of message encryption, both sender and receiver share the
same key which is used to both encrypt and decrypt messages. Sender and receiver only have
to specify the shared key in the beginning and then they can begin to encrypt and decrypt
messages between them using that key.

Advantages
• Simple: This type of encryption is easy to carry out. All users have to do is specify and share the secret
key and then begin to encrypt and decrypt messages.

• Encrypt and decrypt your own files: If you use encryption for messages or files which you alone intend
to access, there is no need to create different keys. Single-key encryption is best for this.

• Fast: Symmetric key encryption is much faster than asymmetric key encryption.

• Uses less computer resources: Single-key encryption does not require a lot of computer resources
when compared to public key encryption.

• Prevents widespread message security compromise: A different secret key is used for communication
with every different party. If a key is compromised, only the messages between a particular pair of
sender and receiver are affected. Communications with other people are still secure.

Disadvantages
• Need for secure channel for secret key exchange: Sharing the secret key in the beginning is a problem
in symmetric key encryption. It has to be exchanged in a way that ensures it remains secret.

• Too many keys: A new shared key has to be generated for communication with every different party.
This creates a problem with managing and ensuring the security of all these keys.

• Origin and authenticity of message cannot be guaranteed: Since both sender and receiver use the
same key, messages cannot be verified to have come from a particular user. This may be a problem if
there is a dispute.

Asymmetric encryption
Also known as public key encryption, this method of encrypting messages makes use of two
keys: a public key and a private key. The public key is made publicly available and is used to
encrypt messages by anyone who wishes to send a message to the person that the key belongs
to. The private key is kept secret and is used to decrypt received messages. Using asymmetric
key encryption, the process actually starts with the receiver. The receiver must be in possession
of two keys. One is a public key which is not secret. The other is a private key which is secret
and known only to the receiver. The receiver can send the public key to a sender, who uses the
public key for encryption and sends the cipher text to the receiver. The receiver is the only
person who can decrypt the message because the private and public keys are a matched pair.
The public key can be provided to any number of different people allowing the receiver to
receive a private message from any of them. Note, however, that if two individuals require two-
way communication, both communicators need a private key and must send the matching
public key to the other person.

Advantages
• Convenience: It solves the problem of distributing the key for encryption. Everyone publishes
their public keys and private keys are kept secret.
• Provides for message authentication: Public key encryption allows the use of digital signatures
which enables the recipient of a message to verify that the message is truly from a particular
sender.
• Detection of tampering: The use of digital signatures in public key encryption allows the receiver
to detect if the message was altered in transit. A digitally signed message cannot be modified
without invalidating the signature.
• Provide for non-repudiation: Digitally signing a message is akin to physically signing a document.
It is an acknowledgement of the message and thus, the sender cannot deny it.

Disadvantages
• Public keys should/must be authenticated: No one can be absolutely sure that a public key
belongs to the person it specifies and so everyone must verify that their public keys belong to
them.
• Slow: Public key encryption is slow compared to symmetric encryption. Not feasible for use in
decrypting bulk messages.
• Uses up more computer resources: It requires a lot more computer supplies compared to single-
key encryption.
• Widespread security compromise is possible: If an attacker determines a person's private key, his
or her entire messages can be read.
• Loss of private key may be irreparable: The loss of a private key means that all received messages
cannot be decrypted.

Digital signatures and digital certificates

Digital certificate
In cryptography, a digital certificate is an electronic document used to prove the ownership of a
public key. It is issued by a certificate Authority (CA) to verify the identity of the certificate
holder (A certificate authority (CA) is an entity that issues digital certificates). The CA issues an
encrypted digital certificate containing the applicant’s public key and a variety of other
identification information. Digital certificate contains:
• Name of certificate holder.

• Serial number which is used to uniquely identify a certificate.

• Expiration dates
• Copy of certificate holder’s public key (used for encrypting messages and digital signatures.)

The steps taken by the would-be receiver to obtain a digital certificate to allow safe public key delivery
are as follows:

• An individual (person A) who is a would-be Certification receiver and has a public-private key pair
contacts a local CA.

• The CA confirms the identity of person.

• Person A's public key is given to the CA.

• The CA creates a public-key certificate (a digital certificate) and writes person A's public key into this
document.

• The CA uses encryption with the CA's private key to add a digital signature to this document.

• The digital certificate is given to person A.

• Person A posts the digital certificate on a website.

Person A places the digital certificate on that person's website but another option is to post it on a
website designed specifically for keeping digital certificate data. Once a signed digital certificate has
been posted on a website, any other person wishing to use person A's public key down loads the signed
digital certificate from the website and uses the CA's public key to extract person A's public key from the
digital certificate.

Digital signature
Digital signature is a process that guarantees that the contents of a message have not been
altered in transit.

Why message digest and Digital certificates were introduced?

Using asymmetric encryption, the decryption- encryption works if the keys are used the other way
round. An individual can encrypt a message with a private key and send this to many recipients who
have the corresponding public key and can therefore decrypt the message. This approach would not be
used if the content of a message was confidential. However, it could be used if it was important to verify
who the sender was. Only the sender has the private key and the public keys only work with that one
specific private key. Therefore, used this way, the message has a digital signature identifying the sender.
There is a disadvantage in using this method of applying a digital signature in that it is associated with an
encryption of the whole Message. An alternative is to use a cryptographic one-way hash function which
creates from the message a number, uniquely defined for the particular message, called a 'digest'. A
public one-way hash function is used in this process. Here is an example below:

We will assume that the message is transmitted as plaintext together with the digital signature as a
separate file. The same public hash key function is used that was used by the sender so the same digest
is produced if the message has been transmitted without alteration. The decryption of the digital
signature produces an identical digest if the message was genuinely sent by the original owner of the
public key that the receiver has used. This approach has allowed the receiver to be confident that the
message is both authentic and unaltered. This sounds good but unfortunately it does not consider the
fact that someone might forge a public key and pretend to be someone else. Therefore, there is a need
for a more rigorous means of ensuring authentication. This can be provided by Certification Authority
(CA).

Digital certificate vs. digital signature:

Digital signature is used to verify authencity, integrity, non-repudiation i.e. it is assuring that the
message is sent by the known user and not modified, while digital certificate is used to verify the
identity of the user (sender or receiver).

SSL and TLS

Secure Socket Layer (SSL) and Transport Layer Security (TLS) are two closely related protocols providing
security in using the Internet. TLS is a slightly modified version of SSL. SSL is the standard security
technology for establishing an encrypted link between a web server and a web browser. This link
ensures that all data passed between web server and web browsers remain private and integral.

How SSL Certificates Work

• A browser or server attempts to connect to a website (i.e. a web server) secured with SSL. The
browser/server requests that the web server identify itself.
• The web server sends the browser/server a copy of its SSL certificate.

• The browser/server checks to see whether or not it trusts the SSL certificate. If so, it sends a
message to the web server.
• The web server sends back a digitally signed acknowledgement to start an SSL encrypted
session.
• Encrypted data is shared between the browser/server and the web server.

Once the session has been established, the client and server can agree which encryption algorithms are
to be used and can define the values for the session keys that are to be used. For the transmission, SSL
provides encryption, compression of the data and integrity checking. When the transmission is complete
the session is closed and all records of the encryption disappear.

Malware
Malware is the colloquial name for malicious software. Malicious software is software that is introduced
into a system for a harmful purpose. Here are some examples of malware:

• Virus: Malicious software that replicates itself by inserting a copy of itself into a file of data.
• Worm: A malware that replicates itself and propagates to other network hosts
• Logic bomb: A malware that lies dormant until some condition is met
• Trojan horse: Malicious software that replaces all or part of a previously useful program
• Spyware: Malware that collects information and transmits it to another system for analysis.
• Bot: Takes control of another computer and uses it to launch attacks.

Malware can also be classified in terms of the activity involved:

Phishing: Phishing is the act of sending an email to a user falsely claiming to be an established
legitimate enterprise in an attempt to scam the user into surrendering private information
Pharming: Pharming is a scamming practice in which malicious code is installed on a
personal computer or server, misdirecting users to fraudulent Web sites without their
knowledge or consent.
Key logger: Recording keyboard usage by the legitimate user of the system.

System vulnerabilities
Many system vulnerabilities are associated directly with the activities of legitimate users of a system.
Malware can be introduced inadvertently by the user in a number of ways:

• Attaching a portable storage device

• Opening an email attachment

• Accessing a website

• Downloading a file from the Internet.

A very specific vulnerability is buffer overflow. A buffer overflow is a situation where a running program
attempts to write data outside the memory buffer which is not intended to store this data. When this
happens we are talking about a buffer overflow or buffer overrun situation. A memory buffer is an area
in the computer’s memory (RAM) meant for temporarily storing data. When a memory buffer overflow
occurs and data is written outside the buffer, the running program may become unstable, crash or
return corrupt information. The overwritten parts of memory may have contained other important data
for the running application which is now overwritten and not available to the program anymore. Buffer
overflows can even run other (malicious) programs or commands and result in arbitrary code execution
as well if cleverly engineered it could lead to an attacker gaining unauthorized access to the system and
causing serious problems.
 CHAPTER 7

Logistics
There can only be one of two reasons to monitor a system:
• To check whether or not the monitored value is within acceptable limits; in a safety system, if
the measured property has reached a dangerous level; some immediate action is required.
• to ensure routinely and continuously that the monitored property is as required; if the value
measured indicates that a change has occurred, then the control part of the system may have
to take measures to reverse this change.

Components of computer controlled environment:

• Sensor: A hardware device that measures a property and transmits a value to a controlling
computer
• Actuator: A hardware device that receives a signal from a computer and adjusts the setting of
a controlling device
• Analogue to digital converter (ADC): Analogue to digital converter (ADC) is needed to convert the
analogue data from sensors into digital data for the computer to process.

• Digital to analogue converter (DAC): Digital to analogue converter is needed to convert electrical
signals to analogue so that they can be understood by actuator and sensors.

• The control program stores the highest and the lowest acceptable parameters and what action to take
if they are exceeded.

• Microprocessor: It receives data from the sensor and compares them with acceptable parameters.
Depending on the comparison, a signal is sent to the actuator if some action is to be taken. Control
program is stored within the microprocessor.

END ALEVEL
Sources I would recommend for A-level computer science are as follows:
1) Cambridge endorsed Computer Science Book (First priority)
2) Zakonweb (http://zakonweb.com/)
3) Techopedia (https://www.techopedia.com/)
4) Cambridge Computer Science 9608 Past Papers. (Must do them as they are
very crucial for good result)
5) For paper 4 which is based on programming, I would first recommend to
improve the AS level programming concepts as many of the AS level topics are
building block for A2 level programming. Once you are proficient in AS level
programming, you may start preparing for paper 4 from Cambridge Computer
Science Book (My only priority and advice for paper 4 and paper 2). Finally, I
would say never leave any topic from the book as each topic is equally important.
(Especially for paper 2 and paper 4).