Representation of Security and Dependability Solutions (original) (raw)
Related papers
Patterns for Automated Management of Security and Dependability Solutions
18th International Conference on Database and Expert Systems Applications (DEXA 2007), 2007
Current processes for providing security and dependability (S&D) in computing systems require a detailed a priori knowledge about the target systems and their environments. However, in many emergent computing scenarios like ubiquitous computing or ambient intelligence, it is not possible to foresee all possible situations that may arise at runtime so the necessary knowledge is not available at development time. In this paper we present the concept of S&D Pattern and the artefacts that we use to implement it, as the basis for the automated provision of S&D Solutions to running applications in highly dynamic and heterogeneous environments.
Analyzing and Specifying Reusable Security Requirements
2003
ABSTRACT A system cannot have high assurance if it has poor security, and thus, requirements for high assurance systems will logically include security requirements as well as availability, reliability, and robustness requirements. Unlike typical functional requirements, security requirements can potentially be highly reusable, especially if specified as instances of reusable templates.
Critical Information Infrastructures Security, 2018
System architects should use security models to gain insight into how different design choices impact the overall security of a system. However, it is often difficult for those who do not possess a security modeling background to construct such models. To overcome this challenge we present a case study that demonstrates a novel approach that uses an ontology-assisted model generator to automatically create ADVISE security models from intuitive hand-built system models. More specifically, we consider a case study of a hypothetical utility that wishes to select the most cost-effective of several different intrusion detection system approaches to defend its Advanced Metering Infrastructure (AMI) deployment. We construct an AMI-focused ontology that consists of system model elements, security model elements, and the mapping between the two. We then use the ontology in conjunction with the generator to create security models from a system model. Finally, we discuss the benefits of the use of the approach relative to previous approaches, including an explanation of how it significantly eases the burden of creating complex security models for users without prior security modeling experience.
Orchestrating security and system engineering for evolving systems
Towards a Service-Based Internet, 2011
How to design a security engineering process that can cope with the dynamic evolution of Future Internet scenarios and the rigidity of existing system engineering processes? The SecureChange approach is to orchestrate (as opposed to integrate) security and system engineering concerns by two types of relations between engineering processes: (i) vertical relations between successive security-related processes; and (ii) horizontal relations between mainstream system engineering processes and concurrent security-related processes. This approach can be extended to cover the complete system/software lifecycle, from early security requirement elicitation to runtime configuration and monitoring, via high-level architecting, detailed design, development, integration and design-time testing. In this paper we illustrate the high-level scientific principles of the approach.
Organizational Patterns for Security and Dependability: from design to application
… Journal of Secure …, 2010
Designing secure and dependable IT systems requires a deep analysis of organizational as well as social aspects of the environment where the system will operate. Domain experts and analysts often face security and dependability (S&D) issues they have already encountered before. These concerns require the design of S&D patterns to facilitate designers when developing IT systems.
Formalization of design patterns for security anddependability
Proceedings of the 4th international ACM Sigsoft symposium on Architecting critical systems - ISARCS '13, 2013
In critical systems, failures or attacks based on software misconceptions can have catastrophic consequences. In order to avoid those situations, such systems need security and dependability (S&D) constraints. Usually S&D design patterns shape S&D mechanisms. Security and dependability experts identify S&D mechanisms to reach S&D objectives and manually apply them to the system architecture. Our contribution consists in studying S&D design patterns application. We formalize these S&D design patterns as model transformations, preconditions and postconditions to automate their integration. Finally, we illustrate this process with a Software Defined Radio case study to which we apply the red/black (R/B) architecture security design pattern.
Towards a Catalogue of Reusable Security Requirements, Vulnerabilities and Threats
2018
Organizations are giving more importance to secure their systems due to the increasing number of cyber-attacks and inherent complexity. The aim of our work is help organizations plan and consider these security concerns from the very beginning, since the requirements and design phases, and not just later in the implementation or deployment phases. Consider security-bydesign and security-by-default principles are good approaches to avoid rework costs or to mitigate security flaws. However, there is not yet a suitable approach to specify security requirements in a rigorous and systematic way. In this paper we propose an approach that allows the definition and specification of security-specific concerns like security requirements but also vulnerabilities, risks or threats. We discuss this approach based on two key parts: First, we introduce the RSLingo RSL language, that is a rigorous requirements specification language, and discuss how it is extended to support such security-specific concepts. Second, we claim the relevance for a catalogue of reusable security-specific specifications and then we show concrete examples of defining and using such specifications. The proposed catalogue can be easily used and extended by the community and involves currently 52 goals, 12 vulnerabilities and 31 risks; these concerns are defined into 9 packages each one representing a distinct asset.
An Engineering Process and Modelling Framework for development of Secure Systems
2013
This paper presents a novel Security Engineering Process for the creation of security-enhanced system models. The process offers a language for the definition of a domain-specific security knowledge language, the creation of security artefacts using the previous architecture and the use of these artefacts in a system model for fulfilling its security requirements and assurance. It makes security fit naturally in the systems by interleaving security into the initial architecture and system description. The process offers also solutions for the security properties by means of Security Patterns (a new type of patterns developed in the process) and Security Building Blocks. The Security Engineering Process and its Framework has being applied successfully to several and different domains (metering devices, emergency scenarios, set-top boxes, etc.) and is currently being expanded to work with cloud computing scenarios. To illustrate our process we use a mobile command post scenario where ...
Seventh international workshop on Software Engineering for Secure Systems (SESS 2011)
Proceedings - International Conference on Software Engineering, 2011
The 7th edition of the SESS workshop aims at providing a venue for software engineers and security researchers to exchange ideas and techniques. In fact, software is at core of most of the business transactions and its smart integration in an industrial setting may be the competitive advantage even when the core competence is outside the ICT field. As a result, the revenues of a firm depend directly on several complex software-based systems. Thus, stakeholders and users should be able to trust these systems to provide data and elaborations with a degree of confidentiality, integrity, and availability compatible with their needs. Moreover, the pervasiveness of software products in the creation of critical infrastructures has raised the value of trustworthiness and new efforts should be dedicated to achieve it. However, nowadays almost every application has some kind of security requirement even if its use is not to be considered critical.
An Approach to Model-based Development of Secure and Reliable Systems
2011 Sixth International Conference on Availability, Reliability and Security, 2011
A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same way, we can build systems that not only are inherently secure but also can withstand attacks from malicious applications and resist errors. In addition, all security and reliability constraints should be defined in the application level, where their semantics is understood and propagated to the lower levels. The lower levels provide the assurance that the constraints are being followed. In this approach all security constraints are defined at the conceptual or application level. The lower levels just enforce that there are no ways to bypass these constraints. By mapping to a highly secure platform, e.g., one using capabilities, we can produce a very secure system. Our approach is based on security patterns that are mapped through the architectural levels of the system. We make a case for this approach and we present here three aspects to further develop it. These aspects include a metamodel for security requirements, a mapping of models across architectural levels, and considerations about the degree of security of the system.