Programming Mechatronics, Secure Software, Web Development & Automation – Key Concepts

A comprehensive set of 50 question-and-answer flashcards that cover fundamental ideas from mechatronics control, secure software design, web development, and machine-learning-based automation.

What three subsystems make up a typical mechatronic system?

Sensors (eyes), controller (brain), and actuators (muscles).

In mechatronics, what is the main difference between an open-loop and a closed-loop control system?

Closed-loop systems use sensor feedback to correct errors; open-loop systems do not.

What does a sensor do in a mechatronic system?

Converts a physical phenomenon (e.g., temperature, light) into an electrical signal for the controller.

Give two common examples of mechatronic actuators.

DC motors and hydraulic or pneumatic cylinders (servo motors, robotic grippers also valid).

What is the role of the controller in a closed-loop system?

It compares desired and actual output, computes an error, and drives actuators to minimize that error.

Which Python library classes were shown for reading a distance sensor and driving a motor on a Raspberry Pi?

DistanceSensor and Motor from the gpiozero library.

In proportional control, what does the constant Kp represent?

Proportional gain – it scales the error to compute the actuator command.

Name the three terms of a PID controller.

Proportional, Integral, Derivative.

What embedded component integrates CPU, memory, and I/O on one chip?

A microcontroller.

Why is closed-loop control essential for a robot vacuum?

Distance and cliff sensors feed back to adjust motor motion in real time, preventing collisions or falls.

Define ‘mechatronic design integration’.

Coordinating mechanical, electrical, and software components (wiring, power, algorithms, safety) into one system.

What does the CIA triad stand for in secure software architecture?

Confidentiality, Integrity, and Availability.

What is the goal of confidentiality?

Ensure data is accessible only to authorized parties.

How is integrity maintained in software systems?

By preventing unauthorized modification and ensuring data remains accurate and unaltered.

What principle ensures reliable access to a system when needed?

Availability.

Differentiate authentication and authorization.

Authentication verifies identity; authorization determines what an authenticated user is allowed to do.

Why should passwords be hashed rather than stored in plaintext?

Hashing prevents attackers from reading original passwords even if the database is breached.

Give one symmetric and one asymmetric encryption algorithm.

Symmetric: AES. Asymmetric: RSA.

What security concept provides proof that a specific user performed an action?

Non-repudiation, often implemented with digital signatures.

Name two common input-based attacks mitigated by validation and sanitization.

SQL injection and Cross-Site Scripting (XSS).

How do prepared statements help prevent SQL injection?

They separate SQL code from user data, so injected code is treated as plain data.

What HTTP header forces browsers to always use HTTPS for a domain?

HSTS (HTTP Strict Transport Security).

Explain CSRF and one defense against it.

Cross-Site Request Forgery tricks users into unwanted actions; anti-CSRF tokens in forms defend against it.

What is sandboxing in computer security?

Running code in a restricted environment to limit the impact of vulnerabilities or malicious behavior.

Differentiate SAST and DAST.

SAST (static analysis) inspects source code; DAST (dynamic analysis) tests the running application.

What network protocol does HTTPS add to HTTP for encryption?

TLS/SSL.

Which ports are standard for HTTP and HTTPS?

Port 80 for HTTP, port 443 for HTTPS.

Describe the basic client–server model of a web application.

Clients (browsers) send requests to a central server, which processes them and returns responses over the Internet.

What three layers make up a typical three-tier web architecture?

Presentation layer (frontend), business logic layer (application server), and data layer (database).

List the core front-end technologies of the web.

HTML, CSS, and JavaScript.

Give one example each of a front-end and back-end framework.

Front-end: React (or Vue/Angular). Back-end: Flask (or Express/Django).

Why use Object-Relational Mapping (ORM) libraries?

They abstract SQL queries into language objects, simplifying and securing database access.

What is a Progressive Web App (PWA)?

A web app that can be installed, works offline, and uses device capabilities like a native app.

Which JavaScript feature enables offline caching in PWAs?

Service workers.

Name two performance optimization techniques for web pages.

Minifying CSS/JS and using Content Delivery Networks (CDNs).

Define Artificial Intelligence (AI).

The field of creating machines that mimic human reasoning and decision-making.

How does Machine Learning (ML) differ from general AI?

ML is a subset of AI that lets systems learn patterns from data instead of being explicitly programmed.

Describe supervised learning.

Training a model on labeled data with known outputs for tasks like classification or regression.

Give one example of an unsupervised learning task.

Clustering (e.g., K-means) or dimensionality reduction (PCA).

What is reinforcement learning?

An agent learns by interacting with an environment and receiving rewards or penalties.

Which algorithm is suitable for numeric prediction problems?

Linear regression (or polynomial regression).

Name a popular Python library for traditional ML algorithms.

scikit-learn.

What is the purpose of a train/test split?

To evaluate model performance on unseen data and avoid overfitting.

Which library and API were shown for building neural networks in Python?

TensorFlow/Keras with Sequential and Dense layers.

Explain an ML pipeline in industrial automation.

Collect data → clean data → train model → test model → deploy model for real-time predictions.

Give one social impact (positive or negative) of ML-driven automation.

Increased efficiency and safety, but potential job displacement and bias concerns.

Why must engineers check datasets for bias?

Biased data can lead to unfair or discriminatory model outcomes.

What is ‘security by design’?

Embedding security principles into software architecture from the start rather than adding them later.

State one benefit of integrating automated security tests into a CI/CD pipeline.

Catches vulnerabilities early, reducing costly fixes after deployment.

How do Content Security Policy (CSP) headers enhance security?

They restrict sources from which a browser can load scripts, mitigating XSS attacks.

What is the main function of a voltage regulator in a mechatronic system?

Provide stable power supply levels to sensors and actuators.