noah/CG_Example_Networks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Existing work

Browse Source
This commit is contained in:
Noah L. Schrick 2024-04-18 17:08:53 -05:00
commit ce08d0b487
8 changed files with 3460 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1805
Bibliography.bib Normal file
View File

File diff suppressed because it is too large Load Diff

280
Schrick-Noah_CG.tex Normal file
View File

@ -0,0 +1,280 @@
\documentclass[conference]{IEEEtran}
\RequirePackage{setspace}
\usepackage{graphicx} % Images
\graphicspath{ {./images/} }
\usepackage{float} % Table captions on top
\floatstyle{plaintop}
\restylefloat{table}
\usepackage{ifpdf} % Detect PDF or DVI mode
\usepackage{babel} % Bibliography
\usepackage{dsfont} % mathbb
\usepackage[utf8]{inputenc}
\usepackage{indentfirst}
\setlength{\parskip}{\baselineskip}
% Table of Contents/Figure Spacing
\usepackage[titles]{tocloft}
\cftsetindents{figure}{0em}{3.5em}
\cftsetindents{table}{0em}{3.5em}
\usepackage{dsfont} % mathbb
\usepackage{amsmath}
\begin{document}
\title{
Generation of Compliance Graphs Across Industries for Providing an Analysis Testbed
}
\author{
\IEEEauthorblockN{Noah L. Schrick}
\IEEEauthorblockA{
\textit{Tandy School of Computer Science} \\
\textit{The University of Tulsa}\\
Tulsa, USA \\
noah-schrick@utulsa.edu
}
\and
\IEEEauthorblockN{Peter J. Hawrylak}
\IEEEauthorblockA{
\textit{Tandy School of Computer Science} \\
\textit{The University of Tulsa}\\
Tulsa, USA \\
peter-hawrylak@utulsa.edu
}
}
\maketitle
\begin{abstract}
Compliance graphs provide the ability to analyze an environment in terms of its standing to a regulation, mandate, or standard. These graphs are directed acyclic graphs, and share commonalities with attack graphs. Though generator tools and example graph sets are available for attack graphs, the novelty of compliance graphs presents its own set of challenges with a lack of publicly available example graphs. In order to develop analysis techniques for compliance graphs, example networks are required for an examination and testing process. This work presents the generation of compliance graphs and releases their affiliated data for use in furthering the analysis process of this research area.
\end{abstract}
\begin{IEEEkeywords}
Compliance Graph; Attack Graph; Automotive Industry; Healthcare Industry; HIPAA; Oil and Gas Industry; OSHA 1910H;
\end{IEEEkeywords}
\section{Introduction}
Attack graphs are a common tool used to address and examine a system or set of systems under a cybersecurity lens. These graphs are directed acyclic graphs (DAGs) that present the paths from a state of information for an environment to any potential state of vulnerability. Compliance graphs were originally presented by the authors of \cite{j_hale_compliance_nodate}, and aim to shift the focus of attack graphs to focus on the standings of environments to any local, private, or federal regulations. The work presented by the authors of \cite{noah_ths} present the semantical and generator tool changes required to generate these graphs. Though the generation of compliance graphs has been the primary focus of the research topic, there is an increasing need of analysis work to address the challenges of maintaining compliance. Governance, Risk, and Compliance (GRC) Officers assist groups or organizations with preventing or mitigating incurred costs as a result of a violation of a mandate. With the wide array of mandates that organizations may need to follow regarding health or personally identifiable information (PII), specific industry standards such as FinCEN \cite{fincen}, FDA QSR \cite{fdaqsr}, NERC-CIP \cite{nerccip}, internal standards, or equipment maintenance schedules to avoid voiding a warranty, it becomes increasingly difficult for GRC Officers to manage and track all mandate statuses. In addition, organizations rapidly and frequently bring changes into environments with new software, new equipment, new products, new contracts, or new processes. Each of these changes propagates additional change, all of which may affect the standing in regard to a compliance or regulation mandate. Rather than manual compliance checks, compliance graphs can be automatically generated, and analysis can be conducted on the resulting graph to aid in decision-making and visualization.
To determine the adaptivity and soundness of compliance graph analysis work, example networks across multiple, disconnected sectors are generated in this work for future analysis use. These sectors maintain their own different set of local, private, and federal regulations that must be adhered to in order to avoid penalties. For the generated examples, each additionally possesses unique characteristics and properties that allow for the examination of the depth and range of any compliance graph analysis techniques, especially under the consideration of edge cases or unexpected behaviors. To fully examine the accuracy and level of analysis output detail, this work strove to generate example cases that were accurately sourced, described fully, scalable, and of high fidelity. This work presents and describes the example networks that can be used and referenced for future compliance graph analysis works. Section \ref{sec:Automotive} describes the Automobile Maintenance application that falls under the automotive industry. Section \ref{sec:Healthcare} describes a small network of healthcare clinics striving to maintain HIPAA \cite{noauthor_health_1996} compliance through the lens of the healthcare industry. Section \ref{sec:OSHA} describes an engineering firm as they attempt to maintain compliance with OSHA Standard 1910 Subpart H (Hazardous Materials) \cite{OSHA} within the oil and gas industry of the energy sector.
For each example network in the subsequent Sections, their properties are described. These properties are defined below. Each compliance graph was generated using a modified version of RAGE \cite{RAGE}.
\begin{itemize}
\item{Nodes: The number of states in the network that contain embedded information.}
\item{Edges: The number of edges in the network that caused a change or deviation from a prior state.}
\item{Exploits: The number of events, mandates, regulations, or checks that are investigated.}
\item{Assets: The number of entities in the network or environment. Examples include devices, vessels, people, policies, etc.}
\item{Qualities: The total number of descriptors for all assets. Examples include versions, make or model, material, policy limits, etc.}
\item{Average Degree: The average number of new nodes that a node directs to.}
\end{itemize}
\section{Automotive} \label{sec:Automotive}
The automotive industry is a substantial sector in the United States, and is one of the largest automotive markets globally \cite{AutoInd}. This industry invests \$7.5 billion in innovative R\&D, supports over 500,000 direct jobs in the US alone, has a Foreign Direct Investment of over \$115 billion, and expands the US exports by over \$56 billion \cite{AutoInd}, \cite{AutoIndFS}, \cite{BEAFS}, \cite{BEATables}, \cite{BEATablesOutput}. This work includes a compliance graph within this sector as a means to showcase its application and utility for analyzing cost-savings and methodologies for following compliance mandates. Specifically, this work examines the Automotive Repair and Maintenance Service subsector of this industry. This subsector is globally applicable, and has a wide range of focal points and scale that include personal passenger vehicle maintenance and commercial vehicle servicing. This market has an estimated CAGR (Compounded Annual Growth Rate) of 10.2\%, and passenger car maintenance holds a market share of 35\% \cite{GMInsight}. Due to the size of this market share, its applicability, its ease-of-understanding in compliance graph format, and its ability to scale to larger, more complex challenges in the automotive industry, this work generates and analyzes an automobile maintenance compliance graph. This Section discusses the generation process, graph properties, unique features, and incurred challenges with this example application.
\subsection{Network Properties, Data, and Violation Specifications}
The automobile maintenance example is centered around the maintenance of a single, 2006 Toyota Corolla over the span of 6 years. For this example, the compliance requirements follow the provided warranty and maintenance specifications as provided by the vehicle manufacturer. This document is accessible through the manufacturer's website \cite{Corolla}. The maintenance schedule provides the recommended maintenance routine based on either mileage or time since last maintenance, depending on which condition is met sooner. Following the recommended maintenance schedule is imperative to comply with any vendor or purchaser warranty, as well as to ensure proper operating conditions of the vehicle. Compliance graph generator input files were created following the maintenance document, and the properties for the generated automotive maintenance compliance graph are listed below.
\begin{itemize}
\item{Number of Nodes: 66,945}
\item{Number of Edges: 468,221}
\item{Number of Exploits: 28}
\item{Number of Qualities: 93}
\item{Number of Assets: 1}
\item{Average Degree: 6.994}
\end{itemize}
Properties and assumptions of the Toyota Corolla are listed below.
\begin{itemize}
\item{The vehicle is brand new, with 0 miles.}
\item{It has a gas engine.}
\item{It is an automatic.}
\item{It includes a daytime running light system.}
\item{The owner will perform minimal maintenance every 6 months or 6000 miles:}
\begin{itemize}
\item{Oil and fuel filter change.}
\item{AC filter replacement.}
\item{Maintain proper tire pressure.}
\end{itemize}
\item{The owner will take the vehicle to a mechanic shop every 1 year and 6 months for the following inspections and repairs:}
\begin{itemize}
\item{Drive Belts}
\item{Battery}
\item{Spark Plugs}
\item{Brake Pedals}
\item{Brake Pads and Discs}
\item{Tires (Pressure, Alignment, Rotation)}
\item{Lights, Horn, Wipers, Windshield Washers}
\item{Refrigerant and Coolant}
\end{itemize}
\item{Additional components modeled in this compliance graph include:}
\begin{itemize}
\item{Fuel tank lines}
\item{Steering wheel, linkage, and gear box}
\item{Brake pipes and hoses}
\item{Drive shaft boots}
\item{Suspension ball joints}
\item{Front and rear suspensions}
\item{Fuel tank cap, lines, connections, and fuel vapor control valve}
\end{itemize}
\end{itemize}
For this example, there is a single asset used to represent the 2006 Toyota Corolla. All parts, maintenances, timelines, properties, or any other features or components were considered to be a ``quality" of the asset. By reducing the example graph to center around a single asset, state space explosion is able to be mitigated by preventing the deviation and permutation exploration of assets. Various exploit locks and flags were also implemented to prevent diverting, duplicated branches of simultaneous exploit triggers. This was implemented through the use of precondition guarding, and was necessary since exploits could be fired through either time or mileage, but should only be fired once. Additionally, the problem space was able to be reduced through the use of combined events. Rather than having exploits or events contain single quality changes, events could be grouped to update multiple qualities simultaneously. This was implemented through maintenance events, which acted as the single point of action for all inspections, repairs, maintenances, or any other event that would service the vehicle and return it to a state of compliance. To further prevent divergence, all pre-defined events were also described using locks and flags, so the event (e.g. a traffic citation for a broken brake light) would happen a single time at a specific point in the generation.
The data sourcing for the violation specifications and prior-knowledge network consisted of maintenance and repair estimates at large, as well as for individual components or malfunctions. This also included mileages per year, by month, and various other personal automobile transportation statistics. Sourcing was collected from government entities like the Department of Energy \cite{carDOE}, Department of Transportation \cite{carDOT}, and Federal Highway Administration \cite{carFWHA}, aggregated car performance, reliability, and safety reports from Consumer Reports \cite{carCR}, and insurance companies like AAA \cite{carAAA}, Farmers \cite{carFarmers}, and external reports \cite{carExt}. At the time of this release, the prior-knowledge network is undergoing additional formatting and feature work before its release. The prior-knowledge networks are intended to be added to the released dataset, and the initial work is described in this publication. The prior-knowledge network contained additional detail about each exploit in the network. For each exploit, the cost of occurrence was described. These costs were expressed as one-time monetary costs, recurring monetary costs and their rate of charge, and one-time time-commitment costs, recurring time-commitment costs and their rate of charge. For each exploit, possible mitigation schemes were described. Each exploit could have zero or many mitigation options. Each mitigation option described one-time monetary costs, recurring monetary costs and their rate of charge, and one-time time-commitment costs, recurring time-commitment costs and their rate of charge for preventing the exploit. For this example, most exploits had at least one mitigation that was represented as a maintenance or service event.
\subsection{Objectives and Goals of the Network}
The primary objective of this example is to highlight the usefulness of the analysis methods for small, individual scale problems. Though the analysis methods are intended to work at a large scale, showcasing the utility of the approaches at a daily, understandable, personal level can lead to a greater adoption. In addition, this example network has unique properties not seen in the other example networks. This network is isolated to a single asset to highlight how the analysis methods can function even when centered on only one object of interest. Budgetary constraints are allocated at a monthly rate, rather than through lump sums. Many individuals may be able to allocate a limited amount of their monthly income to repairs and maintenance, but may have a more difficult time paying for unexpected costs and repairs all at once. This example includes a large number of qualities in proportion to the number of assets, and bolsters how effective the analysis techniques are when given more information. This example showcases how repeated, consistent, small-scale investments in repair and maintenance pay off significantly over the lifespan of a vehicle in terms of avoided malfunctions, damages, or fines.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\section{Healthcare} \label{sec:Healthcare}
The healthcare industry is another significant sector in the United States, and accounts for 17.3\% of the GDP \cite{CMS, WB, OECD, CDC}. National Health Expenditures (NHE) have grown to over \$4.5 trillion \cite{CMS, WB, OECD, CDC, BEAHC}, Medicare and Medicaid spending have grown to over \$944 billion and over \$805 billion, respectively \cite{CMS, CDC, BEAHCM}, R\&D spending has grown to over \$114 billion spread across biotechnology, nanotechnology, and software \cite{NCSES} (with \$83 billion in the pharmaceutical industry alone \cite{CBO}), and there are over 6,100 \cite{AHA} hospitals, 10,200 urgent care clinics \cite{DefHC}, and 938,000 active physicians \cite{AAMC}. This work includes a compliance graph within this sector as a means to showcase its application and utility for analyzing cost-savings and methodologies for following compliance mandates. This work examines compliance of the Health Insurance Portability and Accountability Act (HIPAA) \cite{noauthor_health_1996}. This is a broadly applicable federal act that mandates proper handling for the containment and dissemination of all healthcare information. HIPAA complaints have now exceeded 350,000, with 2,074 complaints being referred to the U.S. Department of Justice \cite{HHS}. A total dollar amount exceeding \$142 million has been collected as a result of noncompliance \cite{HHSDol}. The Office for Civil Rights of the U.S. Department of Health and Human Services have reported the following as the most common occurrences of noncompliance complaints \cite{HHSDol}:
\begin{itemize}
\item{``Impermissible uses and disclosures of protected health information."}
\item{``Lack of safeguards of protected health information."}
\item{``Lack of patient access to their protected health information."}
\item{``Lack of administrative safeguards of electronic protected health information."}
\item{``Use or disclosure of more than the minimum necessary protected health information."}
\end{itemize}
Due to the applicability of HIPAA to all healthcare related activities and processing, the quantity of noncompliance complaints, and the total monetary collection as a result of noncompliance, this work generates and analyzes a HIPAA compliance graph. This Section discusses the generation process, graph properties, unique features, and incurred challenges with this example application.
\subsection{Network Properties, Data, and Violation Specifications}
The HIPAA example is centered around a network of urgent care clinics and their compliance to HIPAA over the span of one year. For this example, the compliance requirements follow the provided guidelines as set by HIPAA. Since this is a federal regulation, specific guidelines and mandates are publicly accessible through the U.S. Department of Health and Human Services, as well as with summaries through the Center for Disease Control. HIPAA necessitates a range of requirements be met to ensure compliance, which include document control, training, reporting options, officers, physical and digital access control, and mandatory assessments. Compliance graph generator input files were created following the HIPAA guidelines, and the properties for the generated HIPAA compliance graph are listed below.
\begin{itemize}
\item{Number of Nodes: 62,217}
\item{Number of Edges: 400,917}
\item{Number of Exploits: 27}
\item{Number of Qualities: 62}
\item{Number of Assets: 5}
\item{Average Degree: 6.444}
\end{itemize}
Properties and assumptions of the urgent care clinics are listed below.
\begin{itemize}
\item{Each clinic has five employees.}
\item{The organization has an in-house IT staff (that is \textbf{not} modeled).}
\item{Each clinic will submit a HIPAA attestation letter.}
\item{HIPAA attestation letters are not sent simultaneously.}
\item{Each employee has a different renewal date for their trainings.}
\item{Employee trainings and requirements enforced by the organization include the following:}
\begin{itemize}
\item{HIPAA training.}
\item{Mobile and/or portable device regulation agreements.}
\item{Hardware inventories.}
\item{Security awareness.}
\end{itemize}
\item{There are three total, distinct HIPAA officers:}
\begin{itemize}
\item{HIPAA Compliance Officer}
\item{HIPAA Privacy Officer}
\item{HIPAA Security Officer}
\end{itemize}
\item{Audits and assessments include:}
\begin{itemize}
\item{Security risk assessment.}
\item{Privacy standing audit.}
\item{HIPAA audit.}
\item{Security standing audit.}
\item{Physical audit.}
\item{Device and asset audit.}
\end{itemize}
\item{Additional components modeled in this compliance graph include:}
\begin{itemize}
\item{An encrypted database.}
\item{Reporting processes.}
\item{A ``company" asset that is independent of the employee and database assets.}
\item{Certificate expirations.}
\end{itemize}
\end{itemize}
For this example, multiple assets are implemented to capture and model their relationships individually, as well as to other assets. These assets include employee assets, a database asset, and a company asset which is used to model the organization overall. Each asset had its own set of qualities, and their own quality for measuring the progression of time. In order to prevent unnecessary state space exploration on unfeasible states caused by a deviation in time progression, a synchronous firing feature \cite{10124989} in the generator tool was used. Various exploit locks and flags were also implemented to prevent diverting, duplicated branches of simultaneous exploit triggers. This was implemented through the use of precondition guarding, and was necessary since exploits could be fired through multiple conditions, but should only be fired once. Additionally, the problem space was able to be reduced through the use of combined events. Rather than having exploits or events contain single quality changes, events could be grouped to update multiple qualities simultaneously. This was implemented through audit, assessment, or time-based events, which acted as a single point of action for all assessments, audits, services, or any other event that would correct any violation and return the organization to a state of compliance. To further prevent divergence, all pre-defined events were also described using locks and flags, so the event (e.g. an addition to or the removal of the number of employees) would happen a single time at a specific point in the generation.
The data sourcing for the violation specifications and prior-knowledge network consisted of imposed civil monetary penalties for noncompliance, time closures for noncompliance, and implementation or mitigation costs to prevent a compliance violation. At the time of this release, the prior-knowledge network is undergoing additional formatting and feature work before its release. The prior-knowledge networks are intended to be added to the released dataset, and the initial work is described in this publication. The penalty structure as set by the Office for Civil Rights (OCR) consists of four tiers. Tier 1 is defined as a lack of knowledge of the violation, Tier 2 is for having reasonable cause for possessing knowledge of the violation, Tier 3 is for willful neglect, and Tier 4 is for willful neglect and a lack of correction within 30 days. Each tier has an associated minimum and maximum, with annual caps. These violations are stipulated by the Office of Management and Budget (OMB). In addition, the U.S. Department of Health and Human Services publishes a yearly summary of all OCR HIPAA settlements and judgments \cite{HHSPen}. Reports to Congress \cite{HHSCong}, audits \cite{HHSAud}, and case examples \cite{HHSCE} are also published. The prior-knowledge network was constructed around all publicly available sources, and contained additional detail about each exploit in the network. For each exploit, the cost of occurrence was described. These costs were expressed as one-time monetary costs, recurring monetary costs and their rate of charge, and one-time time-commitment costs, recurring time-commitment costs and their rate of charge. For each exploit, possible mitigation schemes were described. Each exploit could have zero or many mitigation options. Each mitigation option described one-time monetary costs, recurring monetary costs and their rate of charge, and one-time time-commitment costs, recurring time-commitment costs and their rate of charge for preventing the exploit. For this example, most exploits had two mitigations. This will be described further in Section \ref{sec:hipaa-obj}.
\subsection{Objectives and Goals of the Network} \label{sec:hipaa-obj}
The primary objective of this example is to highlight the usefulness of the analysis methods for broadly applicable regulations. Though the input for this specific example was a network of urgent care clinics, the methods, procedure, and output would be largely similar to an input of a pharmacy, hospital, or biotechnology company. In addition, this example network has unique properties not seen in the other example networks. This network includes the addition and removal of employees, and attempts to mimic the behaviors of individuals. Though no claims of human behavior modeling is claimed, this work statically made events that were executed during the generation process as a way to represent human error (such as failing to complete a mandatory training). For the analysis of this work, this example showcases how a company could invest more time, rather than money, to maintain compliance. Most mitigatable exploits include at least two mitigations: one for contracting a correction, and one for utilizing the in-house staff. The contracting option requires minimal time cost, but has a greater monetary cost. The in-house implementation requires minimal monetary cost, but a greater time cost. This allows for the analysis to offer more robust correction schemes that can utilize both the monetary and time budgets to minimize and correct compliance violations.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\section{Oil and Gas} \label{sec:OSHA}
The oil and gas industry contributes roughly 8\% of the U.S. GDP, totaling to nearly \$1.7 trillion \cite{Census}. This industry supports over 10 million jobs \cite{Census, EnergyGov}, invests over \$30 billion in R\&D spending \cite{IEA}, and 72\% of companies had positive free cash flow in the last year, with 86\% reporting positive upstream earning \cite{EIA}. This work includes a compliance graph within this sector as a means to showcase its application and utility for analyzing cost-savings and methodologies for following compliance mandates. This subsector is globally applicable, and has a wide range of focal points and scale that include upstream, midstream, and downstream related services and processes. Specifically, this work examines the processing, transportation, and storage of oil and gas related products, byproducts, and intermediates as they relate to Occupational Safety and Health Administration (OSHA) regulations, and in particular, Standard 1910, Subpart H - Hazardous Materials \cite{OSHA}. In past years, the top 10 OSHA standard citations were from Standard 1910 \cite{oshonline}. From 2022 to 2023, specifically for Standard 1910 Subpart H, there were a total of 996 citations, 589 investigations, and a total imposed civil monetary fines of \$4,995,005 across relevant North American Industry Classification System (NAICS) sectors \cite{OSHAHist}. Due to the applicability of OSHA Standard 1910 Subpart H to all Hazardous Material related activities of the oil and gas industry and relevant subsectors, the quantity of noncompliance complaints, and the total monetary collection as a result of noncompliance, this work generates and analyzes an OSHA 1910H compliance graph. This Section discusses the generation process, graph properties, unique features, and incurred challenges with this example application.
\subsection{Network Properties, Data, and Violation Specifications}
The OSHA 1910H example is centered an oil and gas company that processes, transports, and stores oil and gas related products, byproducts, and intermediates. This example models and analyzes their compliance standings to OSHA Standard 1910 Subpart H - Hazardous Materials over the course of 8 years. Since this is a federal regulation, specific guidelines and mandates are publicly accessible through the Occupational Safety and Health Administration. OSHA Standard 1910 Subpart H necessitates a range of requirements be met to ensure compliance, which include requirements for specific hazardous materials such as compressed gases, acetylene, flammable liquids, chemicals, and waste, among others. Compliance graph generator input files were created following the OSHA guidelines, and the properties for the generated OSHA compliance graph are listed below.
\begin{itemize}
\item{Number of Nodes: 48,369}
\item{Number of Edges: 408,330}
\item{Number of Exploits: 32}
\item{Number of Qualities: 109}
\item{Number of Assets: 3}
\item{Average Degree: 8.442}
\end{itemize}
Properties and assumptions of the oil and gas company are listed below.
\begin{itemize}
\item{The company has separate divisions for transportation, storage, and processing.}
\item{The organization has an in-house Safety staff (that is \textbf{not} modeled).}
\item{The company has an in-house fabrication/machining/manufacturing shop.}
\item{The company has ownership of the vehicle transportation fleet.}
\item{In addition to any imposed fines, failures or malfunctions can and/or will cause additional damages, such as:}
\begin{itemize}
\item{Leakage or spillage.}
\item{Gaseous emissions.}
\item{Contamination.}
\item{Physical damage to company and/or non-company assets.}
\item{Burst pipes.}
\item{Schedule delays.}
\item{Violations in contracts.}
\end{itemize}
\item{As part of, and in addition to, upholding OSHA 1910 Subpart H requirements, examples of other compliance standards include:}
\begin{itemize}
\item{ASTM A 53/A 53M-06a into § 173.5b}
\item{CGA Pamphlet G-2.2 into § 173.315}
\item{Dwg. 106-6 into § 178.337-8}
\item{ASTM A 20/A 20M-93a into §§ 178.337-2; 179.102-4; 179.102-1; 179.102-17}
\item{ASTM A 302/A 302M-93 into § 179.100-7; 179.200-7; 179.220-7}
\item{Among others.}
\end{itemize}
\item{Inspections include specific testing, such as:}
\begin{itemize}
\item{Plastic Film Impact Resistance Testing.}
\item{Chlorine Flow Valve Removable Baskets.}
\item{Water in Anhydrous Ammonia.}
\item{Anhydrous Ammonia Hose pressure and burst pressures.}
\end{itemize}
\item{Additional components modeled in this compliance graph include:}
\begin{itemize}
\item{Ventiliation and exhaust systems.}
\item{Coatings, castings, and materials.}
\item{Transportation staff.}
\item{Bleeder valves, backflow check valves, and bin discharge gates.}
\end{itemize}
\end{itemize}
For this example, multiple assets are implemented to capture and model their relationships individually, as well as to other assets. These assets include transportation, ventilation, and vessel assets. Each asset had its own set of qualities, and their own quality for measuring the progression of time. In order to prevent unnecessary state space exploration on unfeasible states caused by a deviation in time progression, a synchronous firing feature \cite{10124989} in the generator tool was used. Various exploit locks and flags were also implemented to prevent diverting, duplicated branches of simultaneous exploit triggers. This was implemented through the use of precondition guarding, and was necessary since exploits could be fired through multiple conditions, but should only be fired once. Additionally, the problem space was able to be reduced through the use of combined events. Rather than having exploits or events contain single quality changes, events could be grouped to update multiple qualities simultaneously. This was implemented through inspection, assessment, or time-based events, which acted as a single point of action for all assessments, inspections, repairs, services, or any other event that would correct any violation and return the organization to a state of compliance. To further prevent divergence, all pre-defined events were also described using locks and flags, so the event (e.g. challenges with design scope, or improperly fabricated parts) would happen a single time at a specific point in the generation.
The data sourcing for the violation specifications and prior-knowledge network consisted of imposed civil monetary penalties for noncompliance, time closures for noncompliance, and implementation or mitigation costs to prevent a compliance violation. At the time of this release, the prior-knowledge network is undergoing additional formatting and feature work before its release. The prior-knowledge networks are intended to be added to the released dataset, and the initial work is described in this publication. The penalty structure as set by the Occupational Safety and Health Administration is defined as per Standard 1903.15 - Inspections, Citations, and Proposed Penalties \cite{OSHAPen}. These penalties are categorized by type of violation, which include willful violations, repeated violations, serious violations, other-than-serious violations, and posting requirement violation. Each of these categories has a defined maximum penalty, with some categories having minimum requirements, and with some categories including units of time (e.g. monetary penalties per day). The prior-knowledge network was constructed around all publicly available sources, and contained additional detail about each exploit in the network. Damages, as relevant, were estimated in terms of costs of repairs, repeated fabrications, or other fines as necessary. No estimations were made regarding environmental damage, damages to animal or wildlife populations, or any other type of damages. For each exploit, the cost of occurrence was described. These costs were expressed as one-time monetary costs, recurring monetary costs and their rate of charge, and one-time time-commitment costs, recurring time-commitment costs and their rate of charge. For each exploit, possible mitigation schemes were described. Each exploit could have zero or many mitigation options. Each mitigation option described one-time monetary costs, recurring monetary costs and their rate of charge, and one-time time-commitment costs, recurring time-commitment costs and their rate of charge for preventing the exploit. For this example, most exploits had two mitigations. This will be described further in Section \ref{sec:osha-obj}.
\subsection{Objectives and Goals of the Network} \label{sec:osha-obj}
The primary objective of this example is to highlight the usefulness of the analysis methods for preventing or mitigating larger, more catastrophic events or penalties. Many events or exploits would lead to further, repeated or increased damages. This example highlights the effectiveness of how investing in better policies, procedures, materials, and quality of components has substantial cost-saving benefits over time. This example network has unique properties not seen in the other example networks. This network includes cascading or repeated costs. If one (or multiple) components fall into a state of noncompliance, the resulting fines and damage costs increase. For the analysis of this work, this example showcases how a company could invest earlier on in a company project to maintain compliance and avoid cascading costs. This example also includes the ability to invest more time, rather than monetary investments. Most mitigatable exploits include at least two mitigations: one for including longer timeframes for inspections, testing, and quality control, and another for investing in better quality material, machinery, and staff investment. The latter option requires minimal time cost, but has a greater monetary cost. The former requires minimal monetary cost, but a greater time cost. This allows for the analysis to offer more robust correction schemes that can utilize both the monetary and time budgets to minimize and correct compliance violations.
\section{Future Works}
Due to the novelty of compliance graphs, there are multiple avenues available for future research investigations. This work provided the compliance graph input and output files for the RAGE Attack Graph Engine. Future works could include the output compliance graphs when using these input files for alternative generator tools. The output compliance graphs could undergo a comparison to identify or uncover information that could assist in future analysis works. The compliance graph analysis space would also benefit both from a broader range of compliance graphs, and compliance graphs with finer detail. Though this work implemented a compliance graph for OSHA 1910H, the various standards and guidelines that fit under this regulation (such as various ASTM standards) possess more detail and information than was incorporated in this example. Including full, in-depth input files that describe all details of a regulation would provide researchers the tools to conduct a thorough investigation into compliance graph analysis.
Future works are likely to include additional input files that describe potential mitigation or solution opportunities for known states of noncompliance. These input files would not be included as part of the generation process, but could be used to further describe the known nodes and edges of a given compliance graph. These files could indicate transitional probabilities or weights of edges, the fines or penalties when states of noncompliance are identified, or the costs of repair or replacement of components.
\section{Conclusion}
This work presented the generation process of three distinct compliance graphs across three unique industries. The generation of each of these example graphs was described in each respective Section along with the data sourcing techniques. The output files of these graphs have been publicly released, along with their input data files. This work aims to provide a starting foundation for compliance graph analysis through example cases that can be explored and improved upon. The automobile maintenance network provides a compliance graph that describes the state of a personal vehicle over a period of time as it relates to the recommended maintenance schedule provided by the vehicle manufacturer. The healthcare network provides a compliance graph that describes the state of an urgent care clinic as it strives to maintain compliance to HIPAA. The oil and gas network provides a compliance graph that describes the state of an oil and gas company as it transports, stores, and processes hazardous material and works to maintain compliance to OSHA 1910H. Each of these example networks contains unique properties that highlights edge cases and insightful information about each industry and various compliance and noncompliance information.
\addcontentsline{toc}{section}{Bibliography}
\bibliography{Bibliography}
\bibliographystyle{ieeetr}
\end{document}

4
build.sh Executable file
View File

@ -0,0 +1,4 @@
#!/bin/bash
bibtex ./output/Schrick-Noah_CG
pdflatex -output-directory=./output Schrick-Noah_CG.tex

132
output/Schrick-Noah_CG.aux Normal file
View File

@ -0,0 +1,132 @@
\relax
\providecommand\babel@aux[2]{}
\@nameuse{bbl@beforestart}
\citation{j_hale_compliance_nodate}
\citation{noah_ths}
\citation{fincen}
\citation{fdaqsr}
\citation{nerccip}
\citation{noauthor_health_1996}
\citation{OSHA}
\citation{RAGE}
\babel@aux{nil}{}
\@writefile{toc}{\contentsline {section}{\numberline {I}Introduction}{1}{}\protected@file@percent }
\citation{AutoInd}
\citation{AutoInd}
\citation{AutoIndFS}
\citation{BEAFS}
\citation{BEATables}
\citation{BEATablesOutput}
\citation{GMInsight}
\citation{Corolla}
\@writefile{toc}{\contentsline {section}{\numberline {II}Automotive}{2}{}\protected@file@percent }
\newlabel{sec:Automotive}{{II}{2}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-A}}Network Properties, Data, and Violation Specifications}{2}{}\protected@file@percent }
\citation{carDOE}
\citation{carDOT}
\citation{carFWHA}
\citation{carCR}
\citation{carAAA}
\citation{carFarmers}
\citation{carExt}
\citation{CMS}
\citation{WB}
\citation{OECD}
\citation{CDC}
\citation{CMS}
\citation{WB}
\citation{OECD}
\citation{CDC}
\citation{BEAHC}
\citation{CMS}
\citation{CDC}
\citation{BEAHCM}
\citation{NCSES}
\citation{CBO}
\citation{AHA}
\citation{DefHC}
\citation{AAMC}
\citation{noauthor_health_1996}
\citation{HHS}
\citation{HHSDol}
\citation{HHSDol}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-B}}Objectives and Goals of the Network}{3}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {III}Healthcare}{3}{}\protected@file@percent }
\newlabel{sec:Healthcare}{{III}{3}{}{}{}}
\citation{10124989}
\citation{HHSPen}
\citation{HHSCong}
\citation{HHSAud}
\citation{HHSCE}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-A}}Network Properties, Data, and Violation Specifications}{4}{}\protected@file@percent }
\citation{Census}
\citation{Census}
\citation{EnergyGov}
\citation{IEA}
\citation{EIA}
\citation{OSHA}
\citation{oshonline}
\citation{OSHAHist}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-B}}Objectives and Goals of the Network}{5}{}\protected@file@percent }
\newlabel{sec:hipaa-obj}{{\mbox {III-B}}{5}{}{}{}}
\@writefile{toc}{\contentsline {section}{\numberline {IV}Oil and Gas}{5}{}\protected@file@percent }
\newlabel{sec:OSHA}{{IV}{5}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-A}}Network Properties, Data, and Violation Specifications}{5}{}\protected@file@percent }
\citation{10124989}
\citation{OSHAPen}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-B}}Objectives and Goals of the Network}{6}{}\protected@file@percent }
\newlabel{sec:osha-obj}{{\mbox {IV-B}}{6}{}{}{}}
\bibdata{Bibliography}
\bibcite{j_hale_compliance_nodate}{1}
\bibcite{noah_ths}{2}
\bibcite{fincen}{3}
\bibcite{fdaqsr}{4}
\bibcite{nerccip}{5}
\bibcite{noauthor_health_1996}{6}
\bibcite{OSHA}{7}
\bibcite{RAGE}{8}
\bibcite{AutoInd}{9}
\bibcite{AutoIndFS}{10}
\bibcite{BEAFS}{11}
\bibcite{BEATables}{12}
\bibcite{BEATablesOutput}{13}
\bibcite{GMInsight}{14}
\@writefile{toc}{\contentsline {section}{\numberline {V}Future Works}{7}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {VI}Conclusion}{7}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{Bibliography}{7}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{References}{7}{}\protected@file@percent }
\bibcite{Corolla}{15}
\bibcite{carDOE}{16}
\bibcite{carDOT}{17}
\bibcite{carFWHA}{18}
\bibcite{carCR}{19}
\bibcite{carAAA}{20}
\bibcite{carFarmers}{21}
\bibcite{carExt}{22}
\bibcite{CMS}{23}
\bibcite{WB}{24}
\bibcite{OECD}{25}
\bibcite{CDC}{26}
\bibcite{BEAHC}{27}
\bibcite{BEAHCM}{28}
\bibcite{NCSES}{29}
\bibcite{CBO}{30}
\bibcite{AHA}{31}
\bibcite{DefHC}{32}
\bibcite{AAMC}{33}
\bibcite{HHS}{34}
\bibcite{HHSDol}{35}
\bibcite{10124989}{36}
\bibcite{HHSPen}{37}
\bibcite{HHSCong}{38}
\bibcite{HHSAud}{39}
\bibcite{HHSCE}{40}
\bibcite{Census}{41}
\bibcite{EnergyGov}{42}
\bibcite{IEA}{43}
\bibcite{EIA}{44}
\bibcite{oshonline}{45}
\bibcite{OSHAHist}{46}
\bibcite{OSHAPen}{47}
\bibstyle{ieeetr}
\gdef \@abspage@last{8}

257
output/Schrick-Noah_CG.bbl Normal file
View File

@ -0,0 +1,257 @@
\begin{thebibliography}{10}
\bibitem{j_hale_compliance_nodate}
{J. Hale}, P.~Hawrylak, and M.~Papa, ``Compliance {Method} for a
{Cyber}-{Physical} {System}.''
\newblock U.S. Patent Number 9,471,789, Oct. 18, 2016.
\bibitem{noah_ths}
N.~Schrick and P.~Hawrylak, {\em Compliance Graph Generation Techniques and
Parallel Computing Implementations Using Message-Passing Interfaces}.
\newblock {MS} thesis, The University of Tulsa, Tulsa, OK, 2022.
\bibitem{fincen}
``{Financial Crimes Enforcement Network, Title 31 U.S.C. 310},'' 2010.
\newblock {Available:
https://www.govinfo.gov/content/pkg/USCODE-2010-title31/html/USCODE-2010-title31-subtitleI-chap3-subchapI-sec310.htm}.
\bibitem{fdaqsr}
{Food and Drug Administration}, ``Quality system regulations,'' 1996.
\newblock Federal Register: Volume 61, Number 195. 1996 [Online]. Available:
https://www.fda.gov/science-research/clinical-trials-and-human-subject-protection/quality-system-regulations.
\bibitem{nerccip}
{Federal Energy Regulatory Commission}, ``Critical infrastructure protection
reliability standard cip,'' 2020.
\newblock 85 FR 8161. 2020 [Online]. Available:
https://www.federalregister.gov/documents/2020/02/13/2020-02173/critical-infrastructure-protection-reliability-standard-cip-012-1-cyber-security-communications.
\bibitem{noauthor_health_1996}
``Health {Insurance} {Portability} and {Accountability} {Act} of 1996.''
\newblock Pub. L. No. 104-191. 1996 [Online]. Available:
https://www.govinfo.gov/content/pkg/PLAW-104publ191/html/PLAW-104publ191.htm.
\bibitem{OSHA}
{Occupational Safety and Health Administration}, ``{Standard} 1910 {Subpart}
{H} {Hazardous} {Materials},'' {Last Amended 2024 via Code of Federal
Regulations Title 29}.
\bibitem{RAGE}
K.~Cook, ``{RAGE}: {The} {Rage} {Attack} {Graph} {Engine},'' Master's thesis,
The {University} of {Tulsa}, 2018.
\bibitem{AutoInd}
{International Trade Administration, U.S. Department of Commerce},
``{Automotive Industry},'' August 2021.
\newblock {[Online]. Available:
https://www.trade.gov/selectusa-automotive-industry}.
\bibitem{AutoIndFS}
{International Trade Administration, U.S. Department of Commerce}, ``{Foreign
Direct Investment (FDI): Automotive},'' August 2021.
\newblock {[Online]. Available:
https://www.trade.gov/sites/default/files/2021-09/Automotive{\%}20-{\%}20FINAL.pdf}.
\bibitem{BEAFS}
{U.S. Bureau of Economic Analysis}, ``{Industry Factsheet: Transportation and
Warehousing},'' 2023.
\newblock {[Online]. Available:
https://apps.bea.gov/industry/factsheet/factsheet.html\#48TW}.
\bibitem{BEATables}
{U.S. Bureau of Economic Analysis}, ``{Value Added by Industry},'' 2023-12-21.
\bibitem{BEATablesOutput}
{U.S. Bureau of Economic Analysis}, ``{Gross Output by Industry},'' 2023-12-21.
\bibitem{GMInsight}
{Singh, A, and Singh, S.}, ``{Automotive Repair and Maintenance Service Market
Size},'' Feb. 2024.
\newblock {[Online]. Available:
https://www.gminsights.com/industry-analysis/automotive-repair-maintenance-services-market}.
\bibitem{Corolla}
{Toyota Motor Sales, U.S.A., Inc.}, ``{Downloadable Manuals}.''
\newblock {[Online]. Available:
https://www.toyota.com/owners/warranty-owners-manuals/}.
\bibitem{carDOE}
{U.S. Department of Energy}, ``{Alternative Fuels Data Center}.''
\newblock {[Online]. Available:
https://afdc.energy.gov/data/categories/driving-patterns}.
\bibitem{carDOT}
{National Transportation Statistics Datasets}, ``{United States Department of
Transportation Bureau of Transportation Statistics}.''
\newblock {[Online]. Available:
https://www.bts.gov/product/national-transportation-statistics}.
\bibitem{carFWHA}
{U.S. Department of Transportation Federal Highway Administration}, ``{Highway
Statistics Series}.''
\newblock {[Online]. Available:
https://www.fhwa.dot.gov/policyinformation/statistics.cfm}.
\bibitem{carCR}
{Preston, B.}, ``{Car Brands and Models That Can Save You Money Over Time},''
2023-04-02.
\newblock {[Online]. Available:
https://www.consumerreports.org/cars/car-repair-maintenance/car-brands-and-models-that-can-save-you-money-over-time-a9081677414}.
\bibitem{carAAA}
{AAA}, ``{Planning for Auto Maintenance and Repair Costs}.''
\newblock {[Online]. Available:
https://www.aaa.com/autorepair/articles/planning-for-auto-maintenance-and-repair-costs
(visited on Feb. 25, 2024.)}.
\bibitem{carFarmers}
{Farmers Insurance}, ``{Auto Service and Repair Shop Insurance}.''
\newblock {[Online]. Available:
https://www.farmers.com/business/industry/auto-service-repair/ (visited on
Feb. 25, 2024.)}.
\bibitem{carExt}
{AAA}, ``{Your Driving Costs},'' 2020-12-09.
\newblock {[Online]. Available:
https://newsroom.aaa.com/wp-content/uploads/2020/12/Your-Driving-Costs-2020-Fact-Sheet-FINAL-12-9-20-2.pdf}.
\bibitem{CMS}
{Centers for Medicare \& Medicaid Services}, ``{NHE Fact Sheet},'' 2022.
\newblock {[Online]. Available:
https://www.cms.gov/data-research/statistics-trends-and-reports/national-health-expenditure-data/nhe-fact-sheet}.
\bibitem{WB}
{The World Bank}, ``{Current Health Expenditure (\% of GDP)},'' 2023-04-07.
\newblock {[Online]. Available:
https://data.worldbank.org/indicator/SH.XPD.CHEX.GD.ZS?name{\_}desc=true{\&}locations=US}.
\bibitem{OECD}
{Organisation for Economic Co-operation and Development}, ``{OECD Health
Statistics 2023},'' 2023.
\newblock {[Online]. Available: https://www.oecd.org/health/health-data.htm}.
\bibitem{CDC}
{Centers for Disease Control and Preventation}, ``{Health Expenditures},''
2019.
\newblock {[Online]. Available:
https://www.cdc.gov/nchs/fastats/health-expenditures.htm}.
\bibitem{BEAHC}
{Bureau of Economic Analysis}, ``{New Health Care Statistics for First Year of
COVID-19 Pandemic},'' 2023-02-10.
\newblock {[Online]. Available:
https://www.bea.gov/news/blog/2023-02-10/new-health-care-statistics-first-year-covid-19-pandemic}.
\bibitem{BEAHCM}
{Bureau of Economic Analysis}, ``{Experimental Data Map Health Care Estimates
in GDP to Centers for Medicare \& Medicaid Framework},'' 2023-09-25.
\newblock {[Online]. Available:
https://www.bea.gov/news/blog/2023-09-25/experimental-data-map-health-care-estimates-gdp-centers-medicare-medicaid}.
\bibitem{NCSES}
{National Center for Science and Engineering Statistics}, ``{R\&D; Most
Pharmaceutical R\&D Focused on Biotechnology},'' 2018.
\newblock {[Online]. Available: https://ncses.nsf.gov/pubs/nsf21316}.
\bibitem{CBO}
{Congressional Budget Office}, ``{Research and Development in the
Pharmaceutical Industry},'' April 2021.
\newblock {[Online]. Available: https://www.cbo.gov/publication/57126}.
\bibitem{AHA}
{American Hospital Association}, ``{Fast Facts on U.S. Hospitals, 2024},''
2024.
\newblock {[Online]. Available:
https://www.aha.org/statistics/fast-facts-us-hospitals}.
\bibitem{DefHC}
{Definitive Healthcare}, ``{Healthcare Insights},'' 2023-08-22.
\newblock {[Online]. Available:
https://www.definitivehc.com/resources/healthcare-insights/urgent-care-clinics-us}.
\bibitem{AAMC}
{Association of American Medical Colleges}, ``{Workforce Data},'' 2019.
\newblock {[Online]. Available:
https://www.aamc.org/data-reports/workforce/data/active-physicians-us-doctor-medicine-us-md-degree-specialty-2019}.
\bibitem{HHS}
{U.S. Department of Health and Human Services}, ``{Compliance Enforcement
Data},'' 2024-01-31.
\newblock {[Online]. Available:
https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/data/numbers-glance/index.html}.
\bibitem{HHSDol}
{U.S. Department of Health and Human Services}, ``{Enforcement Highlights},''
2024-01-31.
\newblock {[Online].
Available:https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/data/enforcement-highlights/index.html}.
\bibitem{10124989}
N.~L. Schrick and P.~J. Hawrylak, ``State space explosion mitigation for
large-scale attack and compliance graphs using synchronous exploit firing,''
{\em IEEE Open Journal of the Computer Society}, vol.~4, pp.~147--157, 2023.
\bibitem{HHSPen}
{U.S. Department of Health and Human Services}, ``{Resolution Agreements},''
2024-02-06.
\newblock {[Online]. Available:
https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/index.html}.
\bibitem{HHSCong}
{U.S. Department of Health and Human Services}, ``{Reports to Congress on
Privacy Rule and Security Rule Compliance},'' 2022.
\newblock {[Online]. Available:
https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/reports-congress/index.html}.
\bibitem{HHSAud}
{U.S. Department of Health and Human Services}, ``{HIPAA Privacy, Security, and
Breach Notification Audit Program},'' 2020.
\newblock {[Online]. Available:
https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/index.html}.
\bibitem{HHSCE}
{U.S. Department of Health and Human Services}, ``{Case Examples},''
2023-11-01.
\newblock {[Online]. Available:
https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/examples/index.html}.
\bibitem{Census}
{United States Census Bureau}, ``{Oil \& Natural Gas},'' 2019.
\newblock {[Online]. Available:
https://www.census.gov/history/pdf/api-082021.pdf}.
\bibitem{EnergyGov}
{U.S. Department of Energy}, ``{Economic Impact of Oil \& Gas},'' 2020.
\newblock {[Online]. Available:
https://www.energy.gov/articles/economic-impact-oil-and-gas}.
\bibitem{IEA}
{International Energy Agency}, ``{R\&D Technology Innovation},'' 2020.
\newblock {[Online]. Available:
https://www.iea.org/reports/world-energy-investment-2020/rd-and-technology-innovation}.
\bibitem{EIA}
{U.S. Energy Information Administration}, ``{Financial Review of the Global Oil
and Natural Gas Industry: Third-Quarter 2023},'' December 2023.
\newblock {[Online]. Available:
https://www.eia.gov/finance/review/pdf/3Q2023{\%}20Financial{\%}20Review.pdf}.
\bibitem{oshonline}
{Smart, S.J.}, ``{Keeping Oil and Gas Workers Safe and Avoiding Costly
Penalties},'' June 2015.
\newblock {[Online]. Available:
https://ohsonline.com/Articles/2015/06/01/Keeping-Oil-and-Gas-Workers-Safe-and-Avoiding-Costly-Penalties.aspx}.
\bibitem{OSHAHist}
{U.S. Department of Labor, Occupational Safety and Health Administration},
``{Industry Profile for an OSHA Standard Results},'' 2023.
\newblock {[Online]. Available:
https://www.osha.gov/ords/imis/industryprofile.html}.
\bibitem{OSHAPen}
{U.S. Department of Labor, Occupational Safety and Health Administration},
``{Standard Number 1903.15 - Proposed Penalties},'' 2024-01-15.
\newblock {[Online]. Available:
https://www.osha.gov/laws-regs/regulations/standardnumber/1903/1903.15}.
\end{thebibliography}

127
output/Schrick-Noah_CG.blg Normal file
View File

@ -0,0 +1,127 @@
This is BibTeX, Version 0.99d (TeX Live 2024/Arch Linux)
Capacity: max_strings=200000, hash_size=200000, hash_prime=170003
The top-level auxiliary file: ./output/Schrick-Noah_CG.aux
The style file: ieeetr.bst
Database file #1: Bibliography.bib
You're missing a field part---line 390 of file Bibliography.bib
: number =
: ,
I'm skipping whatever remains of this entry
Warning--entry type for "AutoInd" isn't style-file defined
--line 1322 of file Bibliography.bib
Warning--entry type for "AutoIndFS" isn't style-file defined
--line 1330 of file Bibliography.bib
Warning--entry type for "BEAFS" isn't style-file defined
--line 1338 of file Bibliography.bib
Warning--entry type for "BEATables" isn't style-file defined
--line 1346 of file Bibliography.bib
Warning--entry type for "BEATablesOutput" isn't style-file defined
--line 1353 of file Bibliography.bib
Warning--entry type for "GMInsight" isn't style-file defined
--line 1360 of file Bibliography.bib
Warning--entry type for "Corolla" isn't style-file defined
--line 1368 of file Bibliography.bib
Warning--entry type for "carDOE" isn't style-file defined
--line 1375 of file Bibliography.bib
Warning--entry type for "carDOT" isn't style-file defined
--line 1382 of file Bibliography.bib
Warning--entry type for "carFWHA" isn't style-file defined
--line 1389 of file Bibliography.bib
Warning--entry type for "carCR" isn't style-file defined
--line 1396 of file Bibliography.bib
Warning--entry type for "carAAA" isn't style-file defined
--line 1404 of file Bibliography.bib
Warning--entry type for "carFarmers" isn't style-file defined
--line 1410 of file Bibliography.bib
Warning--entry type for "carext" isn't style-file defined
--line 1416 of file Bibliography.bib
Warning--entry type for "CMS" isn't style-file defined
--line 1424 of file Bibliography.bib
Warning--entry type for "WB" isn't style-file defined
--line 1432 of file Bibliography.bib
Warning--entry type for "OECD" isn't style-file defined
--line 1440 of file Bibliography.bib
Warning--entry type for "CDC" isn't style-file defined
--line 1448 of file Bibliography.bib
Warning--entry type for "NCSES" isn't style-file defined
--line 1456 of file Bibliography.bib
Warning--entry type for "DefHC" isn't style-file defined
--line 1464 of file Bibliography.bib
Warning--entry type for "AHA" isn't style-file defined
--line 1472 of file Bibliography.bib
Warning--entry type for "AAMC" isn't style-file defined
--line 1480 of file Bibliography.bib
Warning--entry type for "CBO" isn't style-file defined
--line 1488 of file Bibliography.bib
Warning--entry type for "BEAHC" isn't style-file defined
--line 1496 of file Bibliography.bib
Warning--entry type for "BEAHCM" isn't style-file defined
--line 1504 of file Bibliography.bib
Warning--entry type for "HHS" isn't style-file defined
--line 1527 of file Bibliography.bib
Warning--entry type for "HHSDol" isn't style-file defined
--line 1535 of file Bibliography.bib
Warning--entry type for "HHSPen" isn't style-file defined
--line 1555 of file Bibliography.bib
Warning--entry type for "HHSCong" isn't style-file defined
--line 1563 of file Bibliography.bib
Warning--entry type for "HHSAud" isn't style-file defined
--line 1571 of file Bibliography.bib
Warning--entry type for "HHSCE" isn't style-file defined
--line 1579 of file Bibliography.bib
Warning--entry type for "Census" isn't style-file defined
--line 1587 of file Bibliography.bib
Warning--entry type for "EnergyGov" isn't style-file defined
--line 1595 of file Bibliography.bib
Warning--entry type for "IEA" isn't style-file defined
--line 1603 of file Bibliography.bib
Warning--entry type for "EIA" isn't style-file defined
--line 1611 of file Bibliography.bib
Warning--entry type for "oshonline" isn't style-file defined
--line 1619 of file Bibliography.bib
Warning--entry type for "OSHAHist" isn't style-file defined
--line 1627 of file Bibliography.bib
Warning--entry type for "OSHAPen" isn't style-file defined
--line 1635 of file Bibliography.bib
You've used 47 entries,
1876 wiz_defined-function locations,
716 strings with 12050 characters,
and the built_in function-call counts, 6339 in all, are:
= -- 626
> -- 197
< -- 0
+ -- 96
- -- 49
* -- 207
:= -- 908
add.period$ -- 81
call.type$ -- 47
change.case$ -- 47
chr.to.int$ -- 0
cite$ -- 47
duplicate$ -- 206
empty$ -- 845
format.name$ -- 49
if$ -- 1631
int.to.chr$ -- 0
int.to.str$ -- 47
missing$ -- 1
newline$ -- 186
num.names$ -- 45
pop$ -- 324
preamble$ -- 1
purify$ -- 0
quote$ -- 0
skip$ -- 153
stack$ -- 0
substring$ -- 28
swap$ -- 10
text.length$ -- 0
text.prefix$ -- 0
top$ -- 0
type$ -- 0
warning$ -- 0
while$ -- 47
width$ -- 49
write$ -- 412
(There was 1 error message)

855
output/Schrick-Noah_CG.log Normal file
View File

@ -0,0 +1,855 @@
This is pdfTeX, Version 3.141592653-2.6-1.40.26 (TeX Live 2024/Arch Linux) (preloaded format=pdflatex 2024.4.16) 18 APR 2024 17:06
entering extended mode
restricted \write18 enabled.
%&-line parsing enabled.
**Schrick-Noah_CG.tex
(./Schrick-Noah_CG.tex
LaTeX2e <2023-11-01> patch level 1
L3 programming layer <2024-02-20>
(/usr/share/texmf-dist/tex/latex/ieeetran/IEEEtran.cls
Document Class: IEEEtran 2015/08/26 V1.8b by Michael Shell
-- See the "IEEEtran_HOWTO" manual for usage information.
-- http://www.michaelshell.org/tex/ieeetran/
\@IEEEtrantmpdimenA=\dimen140
\@IEEEtrantmpdimenB=\dimen141
\@IEEEtrantmpdimenC=\dimen142
\@IEEEtrantmpcountA=\count188
\@IEEEtrantmpcountB=\count189
\@IEEEtrantmpcountC=\count190
\@IEEEtrantmptoksA=\toks17
LaTeX Font Info: Trying to load font information for OT1+ptm on input line 5
03.
(/usr/share/texmf-dist/tex/latex/psnfss/ot1ptm.fd
File: ot1ptm.fd 2001/06/04 font definitions for OT1/ptm.
)
-- Using 8.5in x 11in (letter) paper.
-- Using PDF output.
\@IEEEnormalsizeunitybaselineskip=\dimen143
-- This is a 10 point document.
\CLASSINFOnormalsizebaselineskip=\dimen144
\CLASSINFOnormalsizeunitybaselineskip=\dimen145
\IEEEnormaljot=\dimen146
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <5> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <5> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <7> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <7> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <8> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <8> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <9> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <9> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <10> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <10> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <11> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <11> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <12> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <12> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <17> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <17> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <20> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <20> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <24> not available
(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090.
LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <24> not available
(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090.
\IEEEquantizedlength=\dimen147
\IEEEquantizedlengthdiff=\dimen148
\IEEEquantizedtextheightdiff=\dimen149
\IEEEilabelindentA=\dimen150
\IEEEilabelindentB=\dimen151
\IEEEilabelindent=\dimen152
\IEEEelabelindent=\dimen153
\IEEEdlabelindent=\dimen154
\IEEElabelindent=\dimen155
\IEEEiednormlabelsep=\dimen156
\IEEEiedmathlabelsep=\dimen157
\IEEEiedtopsep=\skip48
\c@section=\count191
\c@subsection=\count192
\c@subsubsection=\count193
\c@paragraph=\count194
\c@IEEEsubequation=\count195
\abovecaptionskip=\skip49
\belowcaptionskip=\skip50
\c@figure=\count196
\c@table=\count197
\@IEEEeqnnumcols=\count198
\@IEEEeqncolcnt=\count199
\@IEEEsubeqnnumrollback=\count266
\@IEEEquantizeheightA=\dimen158
\@IEEEquantizeheightB=\dimen159
\@IEEEquantizeheightC=\dimen160
\@IEEEquantizeprevdepth=\dimen161
\@IEEEquantizemultiple=\count267
\@IEEEquantizeboxA=\box51
\@IEEEtmpitemindent=\dimen162
\IEEEPARstartletwidth=\dimen163
\c@IEEEbiography=\count268
\@IEEEtranrubishbin=\box52
) (/usr/share/texmf-dist/tex/latex/setspace/setspace.sty
Package: setspace 2022/12/04 v6.7b set line spacing
)
(/usr/share/texmf-dist/tex/latex/graphics/graphicx.sty
Package: graphicx 2021/09/16 v1.2d Enhanced LaTeX Graphics (DPC,SPQR)
(/usr/share/texmf-dist/tex/latex/graphics/keyval.sty
Package: keyval 2022/05/29 v1.15 key=value parser (DPC)
\KV@toks@=\toks18
)
(/usr/share/texmf-dist/tex/latex/graphics/graphics.sty
Package: graphics 2022/03/10 v1.4e Standard LaTeX Graphics (DPC,SPQR)
(/usr/share/texmf-dist/tex/latex/graphics/trig.sty
Package: trig 2021/08/11 v1.11 sin cos tan (DPC)
)
(/usr/share/texmf-dist/tex/latex/graphics-cfg/graphics.cfg
File: graphics.cfg 2016/06/04 v1.11 sample graphics configuration
)
Package graphics Info: Driver file: pdftex.def on input line 107.
(/usr/share/texmf-dist/tex/latex/graphics-def/pdftex.def
File: pdftex.def 2022/09/22 v1.2b Graphics/color driver for pdftex
))
\Gin@req@height=\dimen164
\Gin@req@width=\dimen165
)
(/usr/share/texmf-dist/tex/latex/float/float.sty
Package: float 2001/11/08 v1.3d Float enhancements (AL)
\c@float@type=\count269
\float@exts=\toks19
\float@box=\box53
\@float@everytoks=\toks20
\@floatcapt=\box54
)
\@float@every@table=\toks21
(/usr/share/texmf-dist/tex/generic/iftex/ifpdf.sty
Package: ifpdf 2019/10/25 v3.4 ifpdf legacy package. Use iftex instead.
(/usr/share/texmf-dist/tex/generic/iftex/iftex.sty
Package: iftex 2022/02/03 v1.0f TeX engine tests
))
(/usr/share/texmf-dist/tex/generic/babel/babel.sty
Package: babel 2024/02/07 v24.2 The Babel package
\babel@savecnt=\count270
\U@D=\dimen166
\l@unhyphenated=\language5
(/usr/share/texmf-dist/tex/generic/babel/txtbabel.def)
\bbl@readstream=\read2
\bbl@dirlevel=\count271
Package babel Info: You haven't specified a language as a class or package
(babel) option. I'll load 'nil'. Reported on input line 4258.
(/usr/share/texmf-dist/tex/generic/babel/nil.ldf
Language: nil 2024/02/07 v24.2 Nil language
\l@nil=\language6
))
(/usr/share/texmf-dist/tex/latex/doublestroke/dsfont.sty
Package: dsfont 1995/08/01 v0.1 Double stroke roman fonts
)
(/usr/share/texmf-dist/tex/latex/base/inputenc.sty
Package: inputenc 2021/02/14 v1.3d Input encoding file
\inpenc@prehook=\toks22
\inpenc@posthook=\toks23
)
(/usr/share/texmf-dist/tex/latex/tools/indentfirst.sty
Package: indentfirst 2023/07/02 v1.03 Indent first paragraph (DPC)
)
(/usr/share/texmf-dist/tex/latex/tocloft/tocloft.sty
Package: tocloft 2017/08/31 v2.3i parameterised ToC, etc., typesetting
Package tocloft Info: The document has section divisions on input line 51.
\cftparskip=\skip51
\cftbeforetoctitleskip=\skip52
\cftaftertoctitleskip=\skip53
\cftbeforesecskip=\skip54
\cftsecindent=\skip55
\cftsecnumwidth=\skip56
\cftbeforesubsecskip=\skip57
\cftsubsecindent=\skip58
\cftsubsecnumwidth=\skip59
\cftbeforesubsubsecskip=\skip60
\cftsubsubsecindent=\skip61
\cftsubsubsecnumwidth=\skip62
\cftbeforeparaskip=\skip63
\cftparaindent=\skip64
\cftparanumwidth=\skip65
\cftbeforesubparaskip=\skip66
\cftsubparaindent=\skip67
\cftsubparanumwidth=\skip68
\cftbeforeloftitleskip=\skip69
\cftafterloftitleskip=\skip70
\cftbeforefigskip=\skip71
\cftfigindent=\skip72
\cftfignumwidth=\skip73
\c@lofdepth=\count272
\c@lotdepth=\count273
\cftbeforelottitleskip=\skip74
\cftafterlottitleskip=\skip75
\cftbeforetabskip=\skip76
\cfttabindent=\skip77
\cfttabnumwidth=\skip78
)
(/usr/share/texmf-dist/tex/latex/amsmath/amsmath.sty
Package: amsmath 2023/05/13 v2.17o AMS math features
\@mathmargin=\skip79
For additional information on amsmath, use the `?' option.
(/usr/share/texmf-dist/tex/latex/amsmath/amstext.sty
Package: amstext 2021/08/26 v2.01 AMS text
(/usr/share/texmf-dist/tex/latex/amsmath/amsgen.sty
File: amsgen.sty 1999/11/30 v2.0 generic functions
\@emptytoks=\toks24
\ex@=\dimen167
))
(/usr/share/texmf-dist/tex/latex/amsmath/amsbsy.sty
Package: amsbsy 1999/11/29 v1.2d Bold Symbols
\pmbraise@=\dimen168
)
(/usr/share/texmf-dist/tex/latex/amsmath/amsopn.sty
Package: amsopn 2022/04/08 v2.04 operator names
)
\inf@bad=\count274
LaTeX Info: Redefining \frac on input line 234.
\uproot@=\count275
\leftroot@=\count276
LaTeX Info: Redefining \overline on input line 399.
LaTeX Info: Redefining \colon on input line 410.
\classnum@=\count277
\DOTSCASE@=\count278
LaTeX Info: Redefining \ldots on input line 496.
LaTeX Info: Redefining \dots on input line 499.
LaTeX Info: Redefining \cdots on input line 620.
\Mathstrutbox@=\box55
\strutbox@=\box56
LaTeX Info: Redefining \big on input line 722.
LaTeX Info: Redefining \Big on input line 723.
LaTeX Info: Redefining \bigg on input line 724.
LaTeX Info: Redefining \Bigg on input line 725.
\big@size=\dimen169
LaTeX Font Info: Redeclaring font encoding OML on input line 743.
LaTeX Font Info: Redeclaring font encoding OMS on input line 744.
\macc@depth=\count279
LaTeX Info: Redefining \bmod on input line 905.
LaTeX Info: Redefining \pmod on input line 910.
LaTeX Info: Redefining \smash on input line 940.
LaTeX Info: Redefining \relbar on input line 970.
LaTeX Info: Redefining \Relbar on input line 971.
\c@MaxMatrixCols=\count280
\dotsspace@=\muskip16
\c@parentequation=\count281
\dspbrk@lvl=\count282
\tag@help=\toks25
\row@=\count283
\column@=\count284
\maxfields@=\count285
\andhelp@=\toks26
\eqnshift@=\dimen170
\alignsep@=\dimen171
\tagshift@=\dimen172
\tagwidth@=\dimen173
\totwidth@=\dimen174
\lineht@=\dimen175
\@envbody=\toks27
\multlinegap=\skip80
\multlinetaggap=\skip81
\mathdisplay@stack=\toks28
LaTeX Info: Redefining \[ on input line 2953.
LaTeX Info: Redefining \] on input line 2954.
)
(/usr/share/texmf-dist/tex/latex/l3backend/l3backend-pdftex.def
File: l3backend-pdftex.def 2024-02-20 L3 backend support: PDF output (pdfTeX)
\l__color_backend_stack_int=\count286
\l__pdf_internal_box=\box57
)
(./output/Schrick-Noah_CG.aux)
\openout1 = `Schrick-Noah_CG.aux'.
LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 26.
LaTeX Font Info: ... okay on input line 26.
LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 26.
LaTeX Font Info: ... okay on input line 26.
LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 26.
LaTeX Font Info: ... okay on input line 26.
LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 26.
LaTeX Font Info: ... okay on input line 26.
LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 26.
LaTeX Font Info: ... okay on input line 26.
LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 26.
LaTeX Font Info: ... okay on input line 26.
LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 26.
LaTeX Font Info: ... okay on input line 26.
-- Lines per column: 56 (exact).
(/usr/share/texmf-dist/tex/context/base/mkii/supp-pdf.mkii
[Loading MPS to PDF converter (version 2006.09.02).]
\scratchcounter=\count287
\scratchdimen=\dimen176
\scratchbox=\box58
\nofMPsegments=\count288
\nofMParguments=\count289
\everyMPshowfont=\toks29
\MPscratchCnt=\count290
\MPscratchDim=\dimen177
\MPnumerator=\count291
\makeMPintoPDFobject=\count292
\everyMPtoPDFconversion=\toks30
) (/usr/share/texmf-dist/tex/latex/epstopdf-pkg/epstopdf-base.sty
Package: epstopdf-base 2020-01-24 v2.11 Base part for package epstopdf
(/usr/share/texmf-dist/tex/generic/infwarerr/infwarerr.sty
Package: infwarerr 2019/12/03 v1.5 Providing info/warning/error messages (HO)
)
(/usr/share/texmf-dist/tex/latex/grfext/grfext.sty
Package: grfext 2019/12/03 v1.3 Manage graphics extensions (HO)
(/usr/share/texmf-dist/tex/generic/kvdefinekeys/kvdefinekeys.sty
Package: kvdefinekeys 2019-12-19 v1.6 Define keys (HO)
))
(/usr/share/texmf-dist/tex/latex/kvoptions/kvoptions.sty
Package: kvoptions 2022-06-15 v3.15 Key value format for package options (HO)
(/usr/share/texmf-dist/tex/generic/ltxcmds/ltxcmds.sty
Package: ltxcmds 2023-12-04 v1.26 LaTeX kernel commands for general use (HO)
)
(/usr/share/texmf-dist/tex/latex/kvsetkeys/kvsetkeys.sty
Package: kvsetkeys 2022-10-05 v1.19 Key value parser (HO)
))
(/usr/share/texmf-dist/tex/generic/pdftexcmds/pdftexcmds.sty
Package: pdftexcmds 2020-06-27 v0.33 Utility functions of pdfTeX for LuaTeX (HO
)
Package pdftexcmds Info: \pdf@primitive is available.
Package pdftexcmds Info: \pdf@ifprimitive is available.
Package pdftexcmds Info: \pdfdraftmode found.
)
Package epstopdf-base Info: Redefining graphics rule for `.eps' on input line 4
85.
Package grfext Info: Graphics extension search list:
(grfext) [.pdf,.png,.jpg,.mps,.jpeg,.jbig2,.jb2,.PDF,.PNG,.JPG,.JPE
G,.JBIG2,.JB2,.eps]
(grfext) \AppendGraphicsExtensions on input line 504.
(/usr/share/texmf-dist/tex/latex/latexconfig/epstopdf-sys.cfg
File: epstopdf-sys.cfg 2010/07/13 v1.3 Configuration of (r)epstopdf for TeX Liv
e
))
Underfull \hbox (badness 1515) in paragraph at lines 64--65
\OT1/ptm/m/n/10 The work presented by the authors of [[]] present the
[]
Underfull \hbox (badness 1448) in paragraph at lines 66--67
\OT1/ptm/m/n/10 graph analysis work, example networks across multiple,
[]
Underfull \vbox (badness 10000) has occurred while \output is active []
[1{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}{/usr/share/texmf-dist/fo
nts/enc/dvips/base/8r.enc}
]
Underfull \hbox (badness 1668) in paragraph at lines 73--74
[]\OT1/ptm/m/n/10 Assets: The number of entities in the network or
[]
LaTeX Font Info: Trying to load font information for TS1+ptm on input line 7
9.
(/usr/share/texmf-dist/tex/latex/psnfss/ts1ptm.fd
File: ts1ptm.fd 2001/06/04 font definitions for TS1/ptm.
)
Underfull \hbox (badness 3417) in paragraph at lines 127--128
\OT1/ptm/m/n/10 properties, or any other features or components were
[]
Underfull \hbox (badness 1603) in paragraph at lines 127--128
\OT1/ptm/m/n/10 This was implemented through the use of precondition
[]
[2]
Underfull \hbox (badness 1515) in paragraph at lines 129--130
\OT1/ptm/m/n/10 Reports [[]], and insurance companies like AAA [[]],
[]
Underfull \hbox (badness 3428) in paragraph at lines 141--142
[]\OT1/ptm/m/n/10 ``Lack of patient access to their protected health
[]
Underfull \hbox (badness 1924) in paragraph at lines 146--147
\OT1/ptm/m/n/10 process, graph properties, unique features, and incurred
[]
[3]
Underfull \hbox (badness 1540) in paragraph at lines 149--150
\OT1/ptm/m/n/10 a range of requirements be met to ensure compliance,
[]
Underfull \hbox (badness 1472) in paragraph at lines 193--194
[]\OT1/ptm/m/n/10 A ``company" asset that is independent of the
[]
Underfull \hbox (badness 5147) in paragraph at lines 200--201
\OT1/ptm/m/n/10 and implementation or mitigation costs to prevent a
[]
[4]
Underfull \hbox (badness 1616) in paragraph at lines 208--209
[]\OT1/ptm/m/n/10 The oil and gas industry contributes roughly 8% of
[]
Underfull \hbox (badness 1910) in paragraph at lines 208--209
\OT1/ptm/m/n/10 over \TS1/ptm/m/n/10 $\OT1/ptm/m/n/10 30 billion in R&D spendin
g [[]], and 72% of
[]
Underfull \hbox (badness 10000) in paragraph at lines 226--227
[]\OT1/ptm/m/n/10 The company has an in-house
[]
[5]
Underfull \hbox (badness 3029) in paragraph at lines 252--253
[]\OT1/ptm/m/n/10 Anhydrous Ammonia Hose pressure and burst
[]
Underfull \hbox (badness 5147) in paragraph at lines 265--266
\OT1/ptm/m/n/10 and implementation or mitigation costs to prevent a
[]
Underfull \hbox (badness 1577) in paragraph at lines 265--266
\OT1/ptm/m/n/10 knowledge network was constructed around all publicly
[]
[6]
Underfull \hbox (badness 1939) in paragraph at lines 275--276
[]\OT1/ptm/m/n/10 This work presented the generation process of three
[]
Underfull \hbox (badness 2409) in paragraph at lines 275--276
\OT1/ptm/m/n/10 upon. The automobile maintenance network provides a
[]
(./output/Schrick-Noah_CG.bbl
Underfull \hbox (badness 3179) in paragraph at lines 9--12
\OT1/ptm/m/it/8 and Parallel Computing Implementations Using Message-Passing
[]
Underfull \hbox (badness 2635) in paragraph at lines 14--17
[]\OT1/ptm/m/n/8 ``Financial Crimes Enforcement Network, Title 31 U.S.C. 310,''
[]
Underfull \hbox (badness 6316) in paragraph at lines 14--17
\OT1/ptm/m/n/8 2010. Available: https://www.govinfo.gov/content/pkg/USCODE-
[]
Underfull \hbox (badness 10000) in paragraph at lines 14--17
\OT1/ptm/m/n/8 2010-title31/html/USCODE-2010-title31-subtitleI-chap3-subchapI-
[]
Underfull \hbox (badness 10000) in paragraph at lines 19--22
\OT1/ptm/m/n/8 https://www.fda.gov/science-research/clinical-trials-and-human-s
ubject-
[]
Underfull \hbox (badness 6542) in paragraph at lines 24--28
[]\OT1/ptm/m/n/8 Federal Energy Regulatory Commission, ``Critical infrastructur
e
[]
Underfull \hbox (badness 10000) in paragraph at lines 24--28
\OT1/ptm/m/n/8 02173/critical-infrastructure-protection-reliability-standard-ci
p-012-1-
[]
Underfull \hbox (badness 10000) in paragraph at lines 30--33
[]\OT1/ptm/m/n/8 ``Health Insurance Portability and Accountability Act of
[]
Underfull \hbox (badness 10000) in paragraph at lines 30--33
\OT1/ptm/m/n/8 1996.'' Pub. L. No. 104-191. 1996 [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 30--33
\OT1/ptm/m/n/8 https://www.govinfo.gov/content/pkg/PLAW-104publ191/html/PLAW-
[]
Underfull \hbox (badness 10000) in paragraph at lines 44--48
\OT1/ptm/m/n/8 ``Automotive Industry,'' August 2021. [Online]. Available:
[]
Underfull \hbox (badness 6526) in paragraph at lines 50--54
\OT1/ptm/m/n/8 ``Foreign Direct Investment (FDI): Automotive,'' August 2021.
[]
Underfull \hbox (badness 10000) in paragraph at lines 50--54
\OT1/ptm/m/n/8 [Online]. Available: https://www.trade.gov/sites/default/files/2
021-
[]
Underfull \hbox (badness 10000) in paragraph at lines 56--60
[]\OT1/ptm/m/n/8 U.S. Bureau of Economic Analysis, ``Industry Factsheet:
[]
Underfull \hbox (badness 5954) in paragraph at lines 56--60
\OT1/ptm/m/n/8 Transportation and Warehousing,'' 2023. [Online]. Available:
[]
Underfull \hbox (badness 2096) in paragraph at lines 68--72
[]\OT1/ptm/m/n/8 Singh, A, and Singh, S., ``Automotive Repair and Maintenance
[]
Underfull \hbox (badness 10000) in paragraph at lines 68--72
\OT1/ptm/m/n/8 Service Market Size,'' Feb. 2024. [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 68--72
\OT1/ptm/m/n/8 https://www.gminsights.com/industry-analysis/automotive-repair-
[]
[7]
Underfull \hbox (badness 10000) in paragraph at lines 90--94
[]\OT1/ptm/m/n/8 U.S. Department of Transportation Federal Highway
[]
Underfull \hbox (badness 6792) in paragraph at lines 96--100
[]\OT1/ptm/m/n/8 Preston, B., ``Car Brands and Models That Can Save You
[]
Underfull \hbox (badness 10000) in paragraph at lines 96--100
\OT1/ptm/m/n/8 Money Over Time,'' 2023-04-02. [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 96--100
\OT1/ptm/m/n/8 https://www.consumerreports.org/cars/car-repair-maintenance/car-
[]
Underfull \hbox (badness 10000) in paragraph at lines 102--106
\OT1/ptm/m/n/8 Available: https://www.aaa.com/autorepair/articles/planning-for-
auto-
[]
Underfull \hbox (badness 2932) in paragraph at lines 108--112
[]\OT1/ptm/m/n/8 Farmers Insurance, ``Auto Service and Repair Shop Insurance.''
[]
Underfull \hbox (badness 5231) in paragraph at lines 108--112
\OT1/ptm/m/n/8 [Online]. Available: https://www.farmers.com/business/industry/a
uto-
[]
Underfull \hbox (badness 2582) in paragraph at lines 114--117
[]\OT1/ptm/m/n/8 AAA, ``Your Driving Costs,'' 2020-12-09. [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 114--117
\OT1/ptm/m/n/8 https://newsroom.aaa.com/wp-content/uploads/2020/12/Your-Driving
-
[]
Underfull \hbox (badness 10000) in paragraph at lines 124--127
[]\OT1/ptm/m/n/8 The World Bank, ``Current Health Expenditure
[]
Underfull \hbox (badness 10000) in paragraph at lines 124--127
\OT1/ptm/m/n/8 (% of GDP),'' 2023-04-07. [Online]. Available:
[]
Overfull \hbox (68.21298pt too wide) in paragraph at lines 124--127
\OT1/ptm/m/n/8 https://data.worldbank.org/indicator/SH.XPD.CHEX.GD.ZS?name[]des
c=true&locations=US.
[]
Underfull \hbox (badness 10000) in paragraph at lines 129--132
[]\OT1/ptm/m/n/8 Organisation for Economic Co-operation and Development,
[]
Underfull \hbox (badness 6608) in paragraph at lines 129--132
\OT1/ptm/m/n/8 ``OECD Health Statistics 2023,'' 2023. [Online]. Available:
[]
Underfull \hbox (badness 1968) in paragraph at lines 140--144
[]\OT1/ptm/m/n/8 Bureau of Economic Analysis, ``New Health Care Statistics for
[]
Underfull \hbox (badness 6445) in paragraph at lines 140--144
\OT1/ptm/m/n/8 First Year of COVID-19 Pandemic,'' 2023-02-10. [Online].
[]
Underfull \hbox (badness 10000) in paragraph at lines 146--150
\OT1/ptm/m/n/8 09-25/experimental-data-map-health-care-estimates-gdp-centers-
[]
Underfull \hbox (badness 10000) in paragraph at lines 157--160
[]\OT1/ptm/m/n/8 Congressional Budget Office, ``Research and Development in
[]
Underfull \hbox (badness 2478) in paragraph at lines 157--160
\OT1/ptm/m/n/8 the Pharmaceutical Industry,'' April 2021. [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 168--171
\OT1/ptm/m/n/8 Available: https://www.definitivehc.com/resources/healthcare-
[]
Underfull \hbox (badness 10000) in paragraph at lines 173--176
[]\OT1/ptm/m/n/8 Association of American Medical Colleges, ``Workforce
[]
Underfull \hbox (badness 10000) in paragraph at lines 173--176
\OT1/ptm/m/n/8 Data,'' 2019. [Online]. Available: https://www.aamc.org/data-
[]
Underfull \hbox (badness 10000) in paragraph at lines 173--176
\OT1/ptm/m/n/8 reports/workforce/data/active-physicians-us-doctor-medicine-us-m
d-
[]
Underfull \hbox (badness 3568) in paragraph at lines 178--182
[]\OT1/ptm/m/n/8 U.S. Department of Health and Human Services, ``Compliance
[]
Underfull \hbox (badness 10000) in paragraph at lines 178--182
\OT1/ptm/m/n/8 Enforcement Data,'' 2024-01-31. [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 178--182
\OT1/ptm/m/n/8 https://www.hhs.gov/hipaa/for-professionals/compliance-
[]
Underfull \hbox (badness 10000) in paragraph at lines 184--188
[]\OT1/ptm/m/n/8 U.S. Department of Health and Human Services,
[]
Underfull \hbox (badness 10000) in paragraph at lines 184--188
\OT1/ptm/m/n/8 ``Enforcement Highlights,'' 2024-01-31. [Online].
[]
Underfull \hbox (badness 10000) in paragraph at lines 184--188
\OT1/ptm/m/n/8 Available:https://www.hhs.gov/hipaa/for-professionals/compliance
-
[]
Underfull \hbox (badness 10000) in paragraph at lines 195--199
[]\OT1/ptm/m/n/8 U.S. Department of Health and Human Services,
[]
Underfull \hbox (badness 10000) in paragraph at lines 195--199
\OT1/ptm/m/n/8 ``Resolution Agreements,'' 2024-02-06. [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 195--199
\OT1/ptm/m/n/8 https://www.hhs.gov/hipaa/for-professionals/compliance-
[]
Underfull \hbox (badness 10000) in paragraph at lines 201--205
\OT1/ptm/m/n/8 Available: https://www.hhs.gov/hipaa/for-professionals/complianc
e-
[]
Underfull \hbox (badness 10000) in paragraph at lines 207--211
\OT1/ptm/m/n/8 Available: https://www.hhs.gov/hipaa/for-professionals/complianc
e-
[]
Underfull \hbox (badness 5533) in paragraph at lines 213--217
\OT1/ptm/m/n/8 2023-11-01. [Online]. Available: https://www.hhs.gov/hipaa/for-
[]
Underfull \hbox (badness 10000) in paragraph at lines 229--232
[]\OT1/ptm/m/n/8 International Energy Agency, ``R&D Technology Innovation,''
[]
Underfull \hbox (badness 10000) in paragraph at lines 234--238
[]\OT1/ptm/m/n/8 U.S. Energy Information Administration, ``Financial Review
[]
Underfull \hbox (badness 10000) in paragraph at lines 234--238
\OT1/ptm/m/n/8 of the Global Oil and Natural Gas Industry: Third-
[]
Underfull \hbox (badness 10000) in paragraph at lines 234--238
\OT1/ptm/m/n/8 Quarter 2023,'' December 2023. [Online]. Available:
[]
Overfull \hbox (17.66994pt too wide) in paragraph at lines 234--238
\OT1/ptm/m/n/8 https://www.eia.gov/finance/review/pdf/3Q2023%20Financial%20Revi
ew.pdf.
[]
Underfull \hbox (badness 10000) in paragraph at lines 240--244
[]\OT1/ptm/m/n/8 Smart, S.J., ``Keeping Oil and Gas Workers Safe and
[]
Underfull \hbox (badness 5504) in paragraph at lines 240--244
\OT1/ptm/m/n/8 Avoiding Costly Penalties,'' June 2015. [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 240--244
\OT1/ptm/m/n/8 https://ohsonline.com/Articles/2015/06/01/Keeping-Oil-and-Gas-
[]
Underfull \hbox (badness 10000) in paragraph at lines 246--250
[]\OT1/ptm/m/n/8 U.S. Department of Labor, Occupational Safety
[]
Underfull \hbox (badness 10000) in paragraph at lines 246--250
\OT1/ptm/m/n/8 and Health Administration, ``Industry Profile for an
[]
Underfull \hbox (badness 10000) in paragraph at lines 246--250
\OT1/ptm/m/n/8 OSHA Standard Results,'' 2023. [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 252--256
[]\OT1/ptm/m/n/8 U.S. Department of Labor, Occupational Safety and Health
[]
Underfull \hbox (badness 10000) in paragraph at lines 252--256
\OT1/ptm/m/n/8 2024-01-15. [Online]. Available: https://www.osha.gov/laws-
[]
)
** Conference Paper **
Before submitting the final camera ready copy, remember to:
1. Manually equalize the lengths of two columns on the last page
of your paper;
2. Ensure that any PostScript and/or PDF output post-processing
uses only Type 1 fonts and that every step in the generation
process uses the appropriate paper size.
[8] (./output/Schrick-Noah_CG.aux)
***********
LaTeX2e <2023-11-01> patch level 1
L3 programming layer <2024-02-20>
***********
)
Here is how much of TeX's memory you used:
4949 strings out of 476076
84433 string characters out of 5793775
1945187 words of memory out of 5000000
26995 multiletter control sequences out of 15000+600000
590447 words of font info for 89 fonts, out of 8000000 for 9000
14 hyphenation exceptions out of 8191
61i,8n,69p,2241b,265s stack positions out of 10000i,1000n,20000p,200000b,200000s
</usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmsy7.pfb></usr/share/t
exmf-dist/fonts/type1/urw/times/utmb8a.pfb></usr/share/texmf-dist/fonts/type1/u
rw/times/utmbi8a.pfb></usr/share/texmf-dist/fonts/type1/urw/times/utmr8a.pfb></
usr/share/texmf-dist/fonts/type1/urw/times/utmri8a.pfb>
Output written on ./output/Schrick-Noah_CG.pdf (8 pages, 102348 bytes).
PDF statistics:
57 PDF objects out of 1000 (max. 8388607)
36 compressed objects within 1 object stream
0 named destinations out of 1000 (max. 500000)
1 words of extra memory for PDF output out of 10000 (max. 10000000)

BIN
output/Schrick-Noah_CG.pdf Normal file
View File

Binary file not shown.