The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Architecture models mainly have three functions; 1) document, 2) analyze, and 3) improve the system under consideration. All three functions have suffered from being timeconsuming and expensive, mainly due to being manual processes in need of hard to find expertise. Recent work has however automated both the data collection and the analysis. In order for enterprise architecture modeling to finally...
Red teaming, as it has been traditionally practiced, cannot adequately support assessment of the kinds of system of systems that IOT and related technologies will deliver. Ways must be found to transfer responsibility for system assessment from humans to the systems themselves. This will require an intentional, fundamental reframing of how the system assessment R&D community approaches its work.
Cyber-physical Production Systems (CPPS) are one of the technical driving forces behind the transformation of industrial production towards "digital factory of the future" in the context of Industry 4.0. Security is a major concern for such systems as they become more intelligent, interconnected, and coupled with physical devices. For various security activities from security analysis to...
The recent growth of popularity of cloud computing services delivers various benefits in multiple fields of activity, including reduced resource costs due to optimized hardware setup, as well as improving mobility. However, cloud computing has some issues that need to be clarified, one of which is the security of cloud computing. The dispersion of cloud service vendors means that most security issues...
Typical AAL solutions rely on integrating capabilities for health monitoring, fall detection, communication and social inclusion, supervised physical exercises, vocal interfaces, robotic platforms etc. Ensuring the safe function and quality of service with respect to various extra-functional requirements like timing and security of such AAL solutions is of highest importance. To facilitate analysis,...
Lithium-Ion (Li-Ion) battery packs are continuously gaining in importance in many energy storage applications such as electric vehicles and smart energy grids. Such battery packs require advanced Battery Management Systems (BMSs), which are contributions from the embedded systems and integrated circuits domain. The BMS monitors and controls the battery cells in a pack and ensures the functionality,...
Securing critical systems such as Cyber-Physical Systems (CPS) is an important feature especially when it comes to critical transmitted data in a real-time environment. At the same time, the implementation of security counter-measures in such systems may impact transmission delays of critical tasks. For this reason selecting proper security mechanisms in such critical systems is an important issue...
The "Future Internet Services and Applications" (FISA) track focuses on three complementary aspects that have to be considered while setting up future Internet services: (i) their modeling, provisioning and management, (ii) data protection, and (iii) data collection, storage and analysis. FISA is in its second edition and results from the fusion of the PASCS (Privacy and Accountability for...
We are witnessing a growing interest around thecost of security in terms of energy consumption. For instance, in wired networking, some proposals have been put forwardto try to balance the efficacy of intrusion detection with theneed to save energy dynamically, by changing the amount ofresources dedicated to security analysis and routing on the basisof current load. These hybrid energy-aware Routers/IntrusionPrevention...
On a cloud environment, the platform that runs a program is not fixed, and there is a possibility that a program runs on several servers in a cloud environment. Transferability of the license information by a valid user should be allowed, even though general requirements for license management have to be satisfied. In this paper, we consider software license management models for cloud environments,...
This paper addresses the use of events within discrete-event systems modeling formalisms, presenting the concept of event life time when enclosed in the detection of a specific behavior defined by sequences of events. This concept defines the time interval during which a macro-event is valid (a macro-event is an event computed as the result of a pre-defined sequence of events). Two types of life times...
This paper proposes a metamodel for analyzing security aspects of enterprise architecture by combining analysis of cyber security with analysis of interoperability and availability. The metamodel extends an existing attack graph based metamodel for cyber security modeling and evaluation, P2CySeMoL, and incorporates several new elements and evaluation rules. The approach improves security analysis...
A Distributed Denial of Service (DDoS) attack can inflict a grave toll on revenues. Developing countries like Nepal where the E-government system services are in infancy state; if attack like DDoS occurs the probability of dying out of system itself is more. Citizens may be reluctant in using E-services. To handle such challenges, this paper compares various security architectures for E-government...
Incorporating security features is one of the most important and challenging tasks in designing distributed systems. Over the last decade, researchers and practitioners have come to recognize that the incorporation of security features should proceed by means of a systematic approach, combining principles from both software and security engineering. Such systematic approaches, particularly those implying...
Earlier software architecture design is essential particularly when it comes to security concerns, since security risks, requirements and architectures are all closely interrelated and interacting. We have proposed the security driven twin peaks method with a mutual refinement of the requirements, and architectures. However, there are multiple alternatives to an architecture design for initial requirements,...
After several years of research on cryptographic models for privacy in RFID systems, it appears that no universally model exists yet. Experience shows that security experts usually prefer using their own ad-hoc model than the existing ones. In particular, the impossibility of the models to refine the privacy assessment of different protocols has been highlighted in several studies. The paper emphasizes...
Systems of systems (SoS) are large-scale systems composed of complex systems with difficult to predict emergent properties. One of the most significant challenges in the engineering of such systems is how to predict their Non-functional Properties (NFP) such as performance and security, and more specifically, how to model NFP when the overall system functionality is not available. In this paper, we...
Non-functional requirements (NFRs) such as security, reliability and performance play a crucial role in the development of modern distributed systems. The burden of incorporating NFRs into a system's architecture, as well the determination of new design-level NFRs, can be greatly eased by the use of a structured approach providing guidance to developers. Such structured approaches, however, require...
This paper describes the Mission Assurance Analytics Platform (MAAP), an open, experimental software framework that provides analysts with an environment for systematically studying the link between cyber attack and the resulting impact on operational missions that are supported by a cyber system. MAAP directly informs both risk decisions and mitigation prioritization.
There is a growing need to defend networked information systems from cyber-attacks. Cyber security analysis tools are key enablers in analyzing the attacks and developing defenses. In this paper, we present the Cyber Analysis System Toolkit (CAST), a high-fidelity, scalable, virtual test-bed for cyber systems modeling, experimentation and analysis. At the heart of CAST is the Common Open Research...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.