74,495 Hits in 6.5 sec

Recent Advances towards the Industrial Application of Model-Driven Engineering for Assurance of Safety-Critical Systems

Jose Luis de la Vara, Alejandra Ruiz, Huáscar Espinoza
2018 Proceedings of the 6th International Conference on Model-Driven Engineering and Software Development  
Recent Advances towards the Industrial Application of Model-Driven Engineering for Assurance of Safety-Critical Systems.  ...  As a solution, many authors have argued that the use of Model-Driven Engineering principles and techniques can facilitate and improve assurance of safety-critical systems.  ...  project, 2017) towards an architecture-driven, multi-concern assurance, reuseoriented, and seamlessly interoperable tool platform.  ... 
doi:10.5220/0006733906320641 dblp:conf/modelsward/Vara0E18 fatcat:4cafnwsfardv7kulj7jcju42cq

Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems [chapter]

Alejandra Ruiz, Barbara Gallina, Jose Luis de la Vara, Silvia Mazzini, Huáscar Espinoza
2016 Lecture Notes in Computer Science  
This paper presents a recent initiative called AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) to promote harmonization, reuse and automation  ...  AMASS will develop an integrated and holistic approach, a supporting tool ecosystem and a self-sustainable community for assurance and certification of CPS.  ...  for hinging the assurance of both safety and security aspects such as partitioning and redundancies, or the SESAMO [9] component-oriented design methodology, based on model-driven technology and jointly  ... 
doi:10.1007/978-3-319-45480-1_25 fatcat:7mds4xwzcna35pyonmfajpymuy

System Security Assurance: A Systematic Literature Review [article]

Ankur Shukla, Basel Katt, Livinus Obiora Nweke, Prosper Kandabongee Yeng, Goitom Kahsay Weldehawaryat
2022 arXiv   pre-print
We conducted a systematic review of requirements, processes, and activities involved in system security assurance including security requirements, security metrics, system and environments and assurance  ...  In this paper, extensive efforts have been made to study the state-of-the-art, limitations and future research directions for security assurance of the ICT and cyber-physical systems (CPS) in a wide range  ...  Acknowledgment This work was carried out during the tenure of an ERCIM 'Alain Bensoussan' Fellowship Programme. This work is also partially supported by Norwegian Cyber Range, NTNU, Norway.  ... 
arXiv:2110.01904v2 fatcat:wivzen3vmvafldt5vfgnpbssjy

Preface to the special issue: Architecture-Driven Semantic Analysis of Embedded Systems

Jérôme Hugues, Oleg Sokolsky
2015 Science of Computer Programming  
OATAO is an open access repository that collects the work of Toulouse researchers and makes it freely available over the web where possible.  ...  At the core of the architecture-driven "single-source" DES design is the automatic generation of analytical models from the common architectural model.  ...  Such a repository enables automatic generation of analytical models for different aspects of the system, such as timing, reliability, security, performance, etc.  ... 
doi:10.1016/j.scico.2015.05.002 fatcat:dhks2qgsorb5del35guravkgli

A Data Driven Approach for the Science of Cyber Security: Challenges and Directions

Bhavani Thuraisingham, Murat Kantarcioglu, Kevin Hamlen, Latifur Khan, Tim Finin, Anupam Joshi, Tim Oates, Elisa Bertino
2016 2016 IEEE 17th International Conference on Information Reuse and Integration (IRI)  
This paper describes a data driven approach to studying the science of cyber security (SoS). It argues that science is driven by data.  ...  , and (iii) A Risk-based Approach to Security Metrics.  ...  ACKNOWLEDGMENT We acknowledge the support of AFOSR (contract MURI FA9550-08-1-0265) for this work. We thank Dr. Robert Herklotz for his encouragement.  ... 
doi:10.1109/iri.2016.10 dblp:conf/iri/ThuraisinghamKH16 fatcat:tjclsakmazazbls4r3lk5uv4dq

Process Artifacts Defined as an Aspectual Service to System Models

Robin Gandhi, Siddharth Wagle, Seok-won Lee
2006 2006 Service-Oriented Computing: Consequences for Engineering Requirements (SOCCER'06 - RE'06 Workshop)  
We discuss our approach in the context of designing tool support for a system security Certification and Accreditation (C&A) process automation based on service-oriented and aspect-oriented design paradigms  ...  Process artifacts identified from a process description often implicitly bias and cross-cut the definition of generic services from various tools that assist/automate process activities.  ...  Acknowledgement: This work is partially supported by grant from SPAWAR Systems Center, Department of Navy, Charleston, SC, USA.  ... 
doi:10.1109/soccer.2006.7 fatcat:gmcu4zkwnbenrmyky3fgvco4g4

Selected contributions from the Open Source Software Certification (OpenCert) workshops

Luís Soares Barbosa, Siraj Ahmed Shaikh
2014 Science of Computer Programming  
OpenCert provides for a unique venue advancing the state of the art in the analysis and assurance of open source software with an ultimate aim of achieving certification and standards.  ...  Breuer and Pickin take advantage of the modern shift towards the cloud computing paradigm and propose a 'volunteer cloud' to analyse large open source code bases.  ...  such efforts will help realise the various critical factors underpinning open source software projects that are successful from those that are not.  ... 
doi:10.1016/j.scico.2014.04.007 fatcat:lmnuuihzqvar5iajl2gd5nggsa

Towards security effectiveness measurement utilizing risk-based security assurance

Reijo M. Savola, Heimo Pentikainen, Moussa Ouedraogo
2010 2010 Information Security for South Africa  
This paper introduces an enhanced methodology to develop security effectiveness metrics that can be used in connection with correctness assurance of security controls.  ...  Systematic and practical approaches to risk-driven operational security evidence help ensure the effectiveness and efficiency of security controls in business-critical applications and services.  ...  Security assurance activities focus on certain components of the SuI and the system as a whole.  ... 
doi:10.1109/issa.2010.5588322 fatcat:joplcg5eljbhdo7hzurf67mk7a

Finance Sector: Requirements for High Assurance within Spatial SOA Based Grid Infrastructures

P C Donachy, R H Perrott, T J Harmer, F Sharkey
2007 10th IEEE High Assurance Systems Engineering Symposium (HASE'07)  
This paper presents from a commercial perspective a critical assessment of the limitations of today's SOA based approaches to high assurance.  ...  A use case from the Finance Sector is presented, which has deep implications in terms of high availability, security and spatial awareness in a SOA environment.  ...  These requirements include: • Provision of a single hosting environment integrating the various best of breed open source high assurance components. • Define a proven and robust security model across the  ... 
doi:10.1109/hase.2007.45 dblp:conf/hase/DonachyPHS07 fatcat:yca65wdcynhizkcqx3cf4ye5he

Can We Ever Build Survivable Systems from COTS Components? [chapter]

Howard F. Lipson, Nancy R. Mead, Andrew P. Moore
2002 Lecture Notes in Computer Science  
This paper describes a risk-mitigation framework for deciding when and how COTS components can be used to build survivable systems.  ...  However, there is considerable evidence that COTS-based systems are being used in domains where significant economic damage and even loss-of-life are possible in the event of a major system failure or  ...  Carol A. Sledge, a colleague at the Software Engineering Institute, for her valuable comments and suggestions based on her review of an earlier draft of this paper.  ... 
doi:10.1007/3-540-47961-9_17 fatcat:tsp3uteffnawrndf3rl6rfir24

Performance Evaluation and Operation of Enterprise Resource Planning (ERP) Software Security System

Diponkar Paul
2014 International Journal of Intelligent Information Systems  
The criteria for selecting the specific systems are -containment of most common sources for attacks, knowledge of the exact location of each security hole, accessibility to the source code and selection  ...  The applied framework has been used to map a commercial security library to the target mobile application SoC (System-of-Chip).  ...  steps toward a hybrid model.  ... 
doi:10.11648/j.ijiis.20140305.11 fatcat:cokovldx2bhrncolsi6atrvrsi

DevSecOps in Robotics [article]

Víctor Mayoral-Vilches, Nuria García-Maestro, McKenna Towers, Endika Gil-Uriarte
2021 arXiv   pre-print
We finalize with a discussion on the relationship between security, quality and safety, open problems and future research questions.  ...  In this article we introduce DevSecOps in Robotics, a set of best practices designed to help roboticists implant security deep in the heart of their development and operations processes.  ...  This work has partially been funded by the ROS-Industrial Quality-Assured Robot Software Components (ROSin) RedROS-I and RedROS2-I FTPs which received funding from the European Union's Horizon 2020 research  ... 
arXiv:2003.10402v3 fatcat:qjc3pdfmpnduvfwgyqjk5tey4y

Towards Transparent and Trustworthy Cloud

Marco Anisetti, Claudio A. Ardagna, Ernesto Damiani, Antonio Mana, George Spanoudakis
2017 IEEE Cloud Computing  
In this paper, we start from the assumption that an opaque cloud does not fit security, and present a reliable evidence collection process and infrastructure extending existing assurance techniques towards  ...  Cloud assurance techniques, developed to assess the trustworthiness of cloud services, can play a major role in building trust.  ...  Also, he is interested in models and platforms supporting open source development. He has served and is serving in all capacities on many congress, conference, and workshop committees.  ... 
doi:10.1109/mcc.2017.51 fatcat:o66qvfknu5haxjgzmnwxxgqxou

2018 Index IEEE Transactions on Software Engineering Vol. 44

2019 IEEE Transactions on Software Engineering  
Han, A., þ, TSE Oct. 2018 1001-1023 J Java A Study of Social Interactions in Open Source Component Use.  ...  Wang, Y., þ, TSE March 2018 291-307 Collaboration A Study of Social Interactions in Open Source Component Use.  ... 
doi:10.1109/tse.2018.2887195 fatcat:sss2tw3g2bb2xpsrbh6oyrduti

Towards trustworthy end-to-end communication in industry 4.0

Ani Bicaku, Silia Maksuti, Silke Palkovits-Rauter, Markus Tauber, Rainer Matischek, Christoph Schmittner, Georgios Mantas, Mario Thron, Jerker Delsing
2017 2017 IEEE 15th International Conference on Industrial Informatics (INDIN)  
We derive a meta-model based on RAMI 4.0, which is used to describe an end-to-end communication use case for an Industry 4.0 application scenario and to identify dependabilities in case of security challenges  ...  Furthermore, we evaluate secure messaging protocols and the integration of Trusted Platform Module (TPM) as a root of trust for data-exchange.  ...  AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) 9 project aims on developing a holistic approach for assurance and certification of CPS by  ... 
doi:10.1109/indin.2017.8104889 dblp:conf/indin/BicakuMPTMSMTD17 fatcat:lvyqyffri5dwzgussmnpsfse44
« Previous Showing results 1 — 15 out of 74,495 results