Module: IoT Systems Security Module code: UFCF8P-15-M

Assessment Specification Document: Random Numbers

Generators

Module Assement
Table 1 summarizes the module assessment component and their respective ratios.

Table 1: Module Assessment

Weighting percentage between components Comp A: 60 Comp B: 40

Comp A: E-portfolio Element Weight
A.1 Individual E-portfolio 24% (40% of the component, i.e., 24 of 60)
A.2 Group Work (Demo and E-portfolio) 36% (60% of the component)
Comp B: Element Weight
Group Presentation 40 (100% of the component)

Specification
This is related to component A.1 of the module assessment, with an overall ratio of 24% of the
module assessment. It consists in implementing a simple random number generator using the
rand() function of “stdlib.h” and writing test programs to assess its quality.

The quality of random numbers generation has always been a source of concern. Nowadays, we
generally use pseudo-random computer generated numbers and these are vital to cyber security
and encryption. These numbers are not truly random, but rather a set of these numbers should
display the property of randomness. In this task we are NOT seeking generating real random
numbers but just interested in investigating the distribution of pseudo random numbers
generated by rand() function.

1
 Module: IoT Systems Security Module code: UFCF8P-15-M

The tests you are going to implement were suggested by Kendall & Babbington-Smith over a
series of papers published in 1938/39. These tests obviously predate computer generated
random numbers but are ways of assessing the randomness of a set of numbers.

The rand() function returns a pseudo-random integer between 0 and RAND_MAX, which his
is defined in stdlib.h. You should not replace it with a constant since its value may vary with
implementations.

We need to rescale this value and fit it between 0 and 10 (0 included, 10 excluded). This can be
achieved by multiplying by 10 and dividing by RAND_MAX. To ensure that the generated integer
numbers is one digit in decimal, i.e., strictly less than 10, we need to divide by (RAND_MAX+1).
Please use the following to generate a single pseudo random number between 0 (included) and
10.

randon_number = (int) (10.0*rand()/(RAND_MAX + 1.0));

Write a single code, randTest.c, that uses the instruction above to generate every single
number and implements all the tests given in table 2. In the runtime, however, only a single
(selected) test will be performed, and the result will be displayed on the screen. E.g., suppose the
executable file is named, ranTest.out, if in the runtime one wants the first test, they just
have to type “ranTest.out 1”, if the second, “ranTest.out 2”, etc. In other words, a
single character parameter is used after the file name for that. You need to use the parsing
command line arguments through the main function.

2
 Module: IoT Systems Security Module code: UFCF8P-15-M

Table 2: Tests
Test Deception
1. Mean test Calculate the mean of 1000 random numbers. the result should be close to 4.5.
2. Frequency test Tabulate the percentage of each digit 0 through 9 in 10,000 generated numbers.
These should each be close to 10%.
3. Serial test Generate 10,000 pairs of numbers. Tabulate the frequency of each pair, 00, 01,02,
….., 99. This time we would expect roughly 1% in each category.
4. Poker test Generate four digits at a time, and repeat 1000 time (a thousand sets of 4 digits).
Tabulate the sets as: i) all the same (e.g. 4444), ii) 3 digits the same (e.g. 4443, 3444
or 4344), iii) two pairs (e.g. 4334, 4433), iv) one pair (e.g. 4324 or4342), or v) none
identical. In theory we would expect frequencies of 1, 36, 27, 432 & 504 respectively
for a thousand sets of numbers (i.e. 4000 digits). You will not necessarily get those
exact numbers.
5. Pocker Test using a Generate 4000 random digits and save them in a text (using ASCII coding), where
file characters are separated by spaces. Repeat the poker test by reading the numbers
from the file.

Deliverables

For this part (Part A.1: individual E-portfolio), please upload a single .c source file. Please name
it randTest.c, that is clearly organized and well commented on the Blackboard. Instructions
on submission will be given in due time.

You will need to submit your work via Blackboard by Thursday 6th May 2021.

3
 Module: IoT Systems Security Module code: UFCF8P-15-M

Marking criteria

The total mark will be out of 24 points, which is split among the question as follows:

• test 1: 2 points (pass or fail),

• test 2: 4 points (pass or fail),
• test 3: 4 points (pass or fail),
• test 4: 5 points, 1pt for each frequency (of each class).
• test 5: 5 points, 2.5pt for saving the generated numbers in a file, and then 0.5 for each
class.
• code quality: 4 points.

Note that for you to get the maximum mark on each test you need to show that the random
numbers are correctly generating and matching the distribution. Matching the distribution does
not mean reaching the exact theoretical values given in the table, those are just indicative. To get
points for “the quality of the code”, it should be easy to follow, commented, modular (use of
functions for repetitive actions), and all functions with clear headers.