5,150 Hits in 8.4 sec

How to Quantify the Security Level of Embedded Systems? A Taxonomy of Security Metrics [article]

Ángel Longueira-Romero, Rosa Iglesias, David Gonzalez, Iñaki Garitano
2021 arXiv   pre-print
This work aims to lay the foundations for constructing a security evaluation methodology that uses metrics to quantify the security level of an ES.  ...  This paper analyzes the features that a good security metric should exhibit, introduces a taxonomy for classifying them, and finally, it carries out a literature survey on security metrics for the security  ...  According to the research work in [34] , embedded security cannot be solved at a single level of abstraction; instead must be addressed at all abstraction levels.  ... 
arXiv:2112.05475v1 fatcat:bqsudvz2gff7vdkkenjxi5ma5q

Challenges and opportunities in deeply embedded systems security

Madhukar Anand, Insup Lee
2008 ACM SIGBED Review  
Deeply embedded systems present a number of new challenges and opportunities in security. In this essay, we introduce some of them and explore potential ideas for addressing them.  ...  Based on this model, in an earlier work [1] , we have presented an initial framework, taxonomy, and methodology for quantifying the privacy and security of deeply embedded applications, under the assumption  ...  The security challenge with respect to data in deeply networked systems is therefore to develop aggregation techniques that are secure, scalable and also ensure the desired level of privacy.  ... 
doi:10.1145/1366283.1366308 fatcat:q2fw4bzyqfhtbdlqm3f6qdowja

Systems Security Engineering

Jennifer L. Bayuk
2011 IEEE Security and Privacy  
Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does not display a currently  ...  the data needed, and completing and reviewing the collection of information.  ...  It should quantify how security affects human-computer interaction in ways that make sense at the tradespace level, and not as a post-design consideration.  ... 
doi:10.1109/msp.2011.41 fatcat:luk7ndqzvfgexg2wrnwsji5rci

Security in embedded systems

Srivaths Ravi, Anand Raghunathan, Paul Kocher, Sunil Hattangady
2004 ACM Transactions on Embedded Computing Systems  
The challenges unique to embedded systems require new approaches to security covering all aspects of embedded system design from architecture to implementation.  ...  Embedded systems, which account for a wide range of products from the electronics, semiconductor, telecommunications, and networking industries, face some of the most demanding security concerns-on the  ...  In many design scenarios today, it becomes hard to evaluate the effectiveness of a given security solution, or to trade-off between the above metrics, due to the absence of complete system-level analysis  ... 
doi:10.1145/1015047.1015049 fatcat:2x62l5pmdnawhnisbbfdvvgkly

Managing Trustworthiness in Component-based Embedded Systems

Gabriele Lenzini, Andrew Tokmakoff, Johan Muskens
2007 Electronical Notes in Theoretical Computer Science  
We address the problem of the enhancement of dependability and security for component-based embedded systems that run, for example, in consumer and embedded electronics devices.  ...  level of dependability and security.  ...  The authors would like to acknowledge the contribution of the project members in developing the concepts presented in this paper.  ... 
doi:10.1016/j.entcs.2006.08.038 fatcat:ogxiyu7knrgy5f5rztajqdqbsi

A Systematic Survey of Self-Protecting Software Systems

Eric Yuan, Naeem Esfahani, Sam Malek
2014 ACM Transactions on Autonomous and Adaptive Systems  
Self-protecting software systems are a class of autonomic systems capable of detecting and mitigating security threats at runtime.  ...  By proposing and applying a comprehensive taxonomy to classify and characterize the state-of-the-art research in this area, we have identified key patterns, trends and challenges in the existing approaches  ...  Several papers proposed various metrics as attempts to this goal -the Security Health Index comprised of a weighted basket of security metrics from [Savola and Heinonen 2010] and the Compromise Confidence  ... 
doi:10.1145/2555611 fatcat:e5ewgaqqr5fxtjtsbmebusneju

System Security Assurance: A Systematic Literature Review [article]

Ankur Shukla, Basel Katt, Livinus Obiora Nweke, Prosper Kandabongee Yeng, Goitom Kahsay Weldehawaryat
2022 arXiv   pre-print
We conducted a systematic review of requirements, processes, and activities involved in system security assurance including security requirements, security metrics, system and environments and assurance  ...  In this paper, extensive efforts have been made to study the state-of-the-art, limitations and future research directions for security assurance of the ICT and cyber-physical systems (CPS) in a wide range  ...  Acknowledgment This work was carried out during the tenure of an ERCIM 'Alain Bensoussan' Fellowship Programme. This work is also partially supported by Norwegian Cyber Range, NTNU, Norway.  ... 
arXiv:2110.01904v2 fatcat:wivzen3vmvafldt5vfgnpbssjy

A meta-model for software protections and reverse engineering attacks

Cataldo Basile, Daniele Canavese, Leonardo Regano, Paolo Falcarin, Bjorn De Sutter
2019 Journal of Systems and Software  
In related fields, such as network security, models exist that are consistently used in practice to assess the overall level of protection.  ...  These models are used in a more complex ecosystem where defenders can perform their assessment, implement their mitigations, and have a precise snapshot of the system to protect with ad hoc tool and language  ...  The potency is essentially a value stating how good the security of a protected asset is based on the value of selected software metrics.  ... 
doi:10.1016/j.jss.2018.12.025 fatcat:4v5vctri6re5ha7mtjdpzj3xoa

Methodology for Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

Frederick T. Sheldon, Robert K. Abercrombie, Ali Mili
2009 2009 42nd Hawaii International Conference on System Sciences  
This paper proposes a Cyberspace Security Econometrics System (CSES) that provides a measure (i.e., a quantitative indication) of reliability, performance and/or safety of a system that accounts for the  ...  Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection,  ...  Qualities of Security Metrics Some qualities of a good metric include: (1) ability to measure the right thing (e.g., supports the decisions that need to be made), (2) quantifiable (e.g., damages in dollars  ... 
doi:10.1109/hicss.2009.308 dblp:conf/hicss/SheldonAM09 fatcat:hx5owp4lgvb57g3d7pb7npc3je

Use of Attack Graphs in Security Systems

Vivek Shandilya, Chris B. Simmons, Sajjan Shiva
2014 Journal of Computer Networks and Communications  
The successful exploits leading to the partial/total failure of the systems are subject of keen security interest.  ...  We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system.  ...  Conflict of Interests The authors declare that there is no conflict of interests regarding the publication of this paper.  ... 
doi:10.1155/2014/818957 fatcat:3tumnhfkefel3izxtzbhm2izeu

Security Benchmarks for Web Serving Systems

Naaliel Mendes, Henrique Madeira, Joao Duraes
2014 2014 IEEE 25th International Symposium on Software Reliability Engineering  
Our benchmark methodology uses the notion of risk in a quantifiable way to measure the security of systems, with a single security metric (SBench) to simplify the comparison of different systems (or different  ...  The assessment of the security level of computer systems in a standardized and regular manner (security benchmarking) has become a very relevant subject, especially for those who use computer systems to  ...  To the best of our knowledge, this is a completely novel contribution to the security field, as our methodology proposes a risk-based metric to quantify the security level of systems (also allowing the  ... 
doi:10.1109/issre.2014.38 dblp:conf/issre/MendesMD14 fatcat:mtvyoch3jrbgrmgylfqsm4uiiy

Challenges in Data Quality Assurance in Pervasive Health Monitoring Systems [chapter]

Janani Sriram, Minho Shin, David Kotz, Anand Rajan, Manoj Sastry, Mark Yarvis
2009 Future of Trust in Computing  
To be effective, however, these systems must provide assurances about the quality of the sensor data.  ...  While no system can guarantee data quality, we anticipate that it will help for the system to annotate data with some measure of confidence.  ...  [C5] How can we ensure sensor integrity, using tamper-resistant hardware and secure embedded software?  ... 
doi:10.1007/978-3-8348-9324-6_14 fatcat:brbi5fuytjf2vgp5fxovoi4abe

Assessing the security of internet-connected critical infrastructures

Hamza Ghani, Abdelmajid Khelil, Neeraj Suri, György Csertán, László Gönczy, Gábor Urbanics, James Clarke
2012 Security and Communication Networks  
To this end, we are developing a novel security metrics-based approach to assess and thereon enhance the CIP.  ...  Determining the security and dependability level of the communication over the CI constitutes a basic precondition for assessing the QoP of the whole CI, which is needed for any efforts to improve this  ...  The need to protect CI's reveals the necessity to quantify trustworthiness (i.e. dependability and security) metrics to determine the exact trustworthiness level [17] .  ... 
doi:10.1002/sec.399 fatcat:nskagnplpzbzlegirhkkvwjnvy

A Comprehensive Survey on Trustworthy Recommender Systems [article]

Wenqi Fan, Xiangyu Zhao, Xiao Chen, Jingran Su, Jingtong Gao, Lin Wang, Qidong Liu, Yiqi Wang, Han Xu, Lei Chen, Qing Li
2022 arXiv   pre-print
In this survey, we provide a comprehensive overview of Trustworthy Recommender systems (TRec) with a specific focus on six of the most important aspects; namely, Safety & Robustness, Nondiscrimination  ...  As one of the most successful AI-powered applications, recommender systems aim to help people make appropriate decisions in an effective and efficient way, by providing personalized suggestions in many  ...  Previous works [223, 266] have presented various fairness metrics to quantify the effects of discriminatory bias in recommender systems.  ... 
arXiv:2209.10117v1 fatcat:p2dc3xywl5hr3eoy4alvxtqbdu

Explainability in Human-Agent Systems [article]

Avi Rosenfeld, Ariella Richardson
2019 arXiv   pre-print
This paper presents a taxonomy of explainability in Human-Agent Systems. We consider fundamental questions about the Why, Who, What, When and How of explainability.  ...  We then consider when the user should be presented with this information. Last, we consider how objective and subjective measures can be used to evaluate the entire system.  ...  We hope that the definitions presented in this paper will serve as a basis for future studies about the five questions about explainability that we present, particularly in the proper evaluation of explainability  ... 
arXiv:1904.08123v1 fatcat:tp7r4pecjjfn5arqkeu643vcj4
« Previous Showing results 1 — 15 out of 5,150 results