The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Automotive electronic control units (ECUs) have been the focus of many security researchers who have demonstrated the ability to affect the deterministic operation of safety critical vehicle cyber physical systems. Flaws in software design that have direct impacts to the functional safety of a target vehicle have been discovered. The rapid increase in data connectivity within a modern automobile has...
There is widening chasm between the ease of creating software and difficulty of "building security in". This paper reviews the approach, the findings and recent experiments from a seven-year effort to enable consistency across a large, diverse development organization and software portfolio via policies, guidance, automated tools and services. Experience shows that developing secure software...
With the development of information technology, software plays an increasingly important role in the process of social development. However, at the same time, the number of software vulnerabilities is growing, posing a threat to national security and social stability. Therefore, some scholars and research institutions are paying their attention to the study of software vulnerability. In this paper,...
Internet of things is a latest technology which has good number of benefits to its users. It's an emerging technology where we connect daily objects to the internet for sending and receiving data. For an example home automation system, various durable goods, vehicles (cars and trucks) sensors. We can combine all these with internet. We can send and receive information as per user's requirement. IoT...
Safety and security in software coding is becoming increasingly important in mission-critical systems due to various emerging threats and to avoid potential disastrous consequences. These issues can be significantly reduced by software designs and implementations that adequately protect systems. This abstract describes coding methodologies in the Ada 95/2005 programming language for complex embedded...
With the increase of network bandwidth and the popularity of Internet, cloud storage has become one of the most widely used of cloud computing. Since the user may have a variety of terminal such as PC, notebook computers, tablet PCs and smart phones, and may access data in different places and on different terminal, cloud storage provides the most suitable solution to share data between these devices...
The versatility and cost of embedded systems have made it ubiquitous. Such wide-application exposes an embedded system to a variety of physical threats like side-channel attacks (SCA) and fault attacks (FA). Recently, a couple of software encoding schemes were proposed as a protection against SCA. These protection schemes are based on dual-rail precharge logic (DPL), previously shown resistant to...
This paper describes an implementation of a Secure Coding learning package for Undergraduate students in the Kulliyyah of Information and Communication Technology (KICT) at the International Islamic University Malaysia. The learning package consists of three components which are SCALT, WebGoat and notes on several vulnerabilities in programming languages. This work aims to create awareness among the...
As the need of software has been increasing, the danger of malicious attacks against software has been worse. In order to fortify software systems against adversaries, researchers have devoted significant efforts on mitigating software vulnerabilities. To eliminate security vulnerabilities from software with lower inspection effort, vulnerability prediction approaches have been emerged. By allocating...
Web applications dependent on back-end databases are currently not immune to SQL injection attacks despite huge investment in security artefacts and defensive software mechanisms deployed by organizations. These forms of attacks involve the insertion of malformed strings or specially crafted input encoded as SQL query into web forms or http header requests to web servers. While many techniques have...
Twitter is a popular means to disseminate information and currently more than 300 million people are using it actively. Software engineers are no exception; Singer et al. have shown that many developers use Twitter to stay current with recent technological trends. At various time points, many users are posting microblogs (i.e., tweets) about the same topic in Twitter. We refer to this reasonably large...
In the first part of this paper the operation mechanism of exchanging the data used in vehicles and equipment as well as the applied security measures have been presented. In the further part of the work, the identification method for the data in the network, for which the encoding system is not known, has been discussed. Subsequently, a suggestion of the decoding method for the network-derived data...
Building a secure software product is required understandings of security principles and guidelines for the secure coding in terms of programming languages to develop safe, reliable, and secure systems in software development process. Therefore, knowledge transferring is required and influenced to the most effective secure software development project. This paper proposes a knowledge transfer framework...
Number of security vulnerabilities in web application has grown with the tremendous growth of web application in last two decades. As the domain of Web Applications is maturing, large number of empirical studies has been reported in web applications to address the solution of vulnerable web application. However, before advancing towards finding new approaches of web applications security vulnerability...
Agility among the software is searching concern during the development phase, as it boost adaptive planning, incremental and evolutionary development with many other features that are lightweight in nature. Security is one of the considerable concern in today's highly agile software development industry. More assertion is on to produce a protected software, so as to lessen the amount of risk and damage...
Research shows that commonly accepted security requirements are not generally applied in practice. Instead of relying on requirements checklists, security experts rely on their expertise and background knowledge to identify security vulnerabilities. To understand the gap between available checklists and practice, we conducted a series of interviews to encode the decision-making process of security...
Software Maintainability is the business issue in large scale applications and it must be given adequate focus during software development process to minimize the downtime. Inculcating the maintainability features in the software application during its development can minimize the maintainability efforts during its real time use. In that view, this paper presents a new, Maintainable-Software Development...
This minitrack focuses on the research and automation techniques that can be applied to mobile platforms to ensure that software developed for these devices is secure without compromising other system properties such as performance or reliability.
The mobile payment service is an important and popular service that attracts attentions. Number of mobile users is growing up every day. The users like to have more and more services ready on the wireless networks. Companies try to produce more smart phones while customers buy and use them. More smart phones mean a more proper infrastructure to use 2-dimensional barcodes (2D-barcodes) in mobile payment...
Software security is a tough reality that affects the many facets of our modern, digital world. The pressure to produce secure software is felt particularly strongly by software engineers. Today's software engineering students will need to deal with software security in their profession. However, these students will also not be security experts, rather, they need to balance security concerns with...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.