From Requirements to Operation: Components for Risk Assessment in a Pervasive System of Systems

Ki-Aries, Duncan; Doğan, Hüseyin; Faily, Shamal; Whittington, Paul; Williams, Christopher

doi:10.1109/rew.2017.36

Cited by 7 publications

(8 citation statements)

References 28 publications

(26 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Through our research [19] [37], it has also become evident that use of a common less-technical language of security and risk can assist multi-level stakeholder understanding. Moreover, it is useful for operational stakeholders to first align with the concept of SoSs before its complexity can be identified and appreciated.…”

Section: Approachmentioning

confidence: 97%

“…Therefore, Sommerville et al [17] argue a system's components and their relationships need to be thoroughly understood, otherwise predictions cannot be made as the scale and complexity increases. Typical examples of SoSs may range from larger-scale military operations, to smaller examples with fewer direct stakeholders [18] [19]. For example, the Smartphone is a common system integrated into personal and work environments that could be considered a SoS.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

System of Systems Characterisation assisting Security Risk Assessment

Ki-Aries

Faily

Doğan

et al. 2018

2018 13th Annual Conference on System of Systems Engineering (SoSE)

Self Cite

View full text Add to dashboard Cite

System of Systems (SoS) is a term often used to describe the coming together of independent systems, collaborating to achieve a new or higher purpose. However, clarity is needed when using this term given that operational areas may be unfamiliar with the terminology. In this paper, we present an approach for refining System and SoS descriptions to aid multistakeholder communication and understanding; building on previous work, we illustrate an example of characterising a likely SoS. By identifying key stakeholders, systems, management and control, this approach supports the initial steps of a SoS security risk assessment approach using a tool-supported framework that supports operational needs towards requirements engineering.

show abstract

Section: Approachmentioning

confidence: 97%

Section: Related Workmentioning

confidence: 99%

System of Systems Characterisation assisting Security Risk Assessment

Ki-Aries

Faily

Doğan

et al. 2018

2018 13th Annual Conference on System of Systems Engineering (SoSE)

Self Cite

View full text Add to dashboard Cite

show abstract

“…Another set of manual approaches [27] describing MS STRIDE and DREAD application for risk modelling is also lacking automation characteristic. CAIRIS method [28] is based on the evaluation of the context, goals, boundaries, stakeholders, scope and risk criteria.…”

Section: Dynamic and Automated Cybersecurity Risk Assessmentmentioning

confidence: 99%

Complex Engineering Systems as an enabler for security in Internet of Vehicles: The nIoVe approach

Zacharaki

Paliokas

Votis

et al. 2019

2019 First International Conference on Societal Automation (SA)

View full text Add to dashboard Cite

Today's vehicles are increasingly "connected"; there is wireless data exchange with servers, infrastructure and other vehicles. Tomorrow's vehicles will be automated and autonomous, capable of sensing their environment and navigating through cities without human interference. Therefore, connected and autonomous vehicles come with the cost of a new set of threats pertaining to higher risks of cyberattacks. A cyber-attack in a Connected Vehicle (CV) can yield high recall costs, loss of property and even jeopardise human safety. Therefore, the need for cyber protection of CVs is becoming paramount. nIoVe introduces a holistic and multilayered cybersecurity solution for the Internet-of-Vehicles (IoV) by addressing secure-by-design aspects of CVs, along with cyber protection, threat response and attack recovery at vehicle, infrastructure and service/application layer of the whole IoV ecosystem at complex use cases.

show abstract

“…Using this output with other SoS information, this provided an opportunity to integrate the use of tool-support, testing the feasibility of CAIRIS to model the SoS and its human interactions to identify and address challenges to security risk and requirements within the SoS. Further details of this work can be found in [2].…”

Section: B Towards Rq2 and Rq3mentioning

confidence: 99%

Assessing Security Risk and Requirements for Systems of Systems

Ki-Aries

2018

2018 IEEE 26th International Requirements Engineering Conference (RE)

Self Cite

View full text Add to dashboard Cite

A System of Systems (SoS) is a term used to describe independent systems converging for a purpose that could only be carried out through this interdependent collaboration. Many examples of SoSs exist, but the term has become a source of confusion across domains. Moreover, there are few illustrative SoS examples demonstrating their initial classification and structure. While there are many approaches for engineering of systems, less exist for SoS engineering. More specifically, there is a research gap towards approaches addressing SoS security risk assessment for engineering and operational needs, with a need for tool-support to assist modelling and visualising security risk and requirements in an interconnected SoS. From this, security requirements can provide a systematic means to identify constraints and related risks of the SoS, mitigated by humanuser and system requirements. This work investigates specific challenges and current approaches for SoS security and risk, and aims to identify the alignment of SoS factors and concepts suitable for eliciting, analysing, validating risks with use of a tool-support for assessing security risk in the SoS context.

show abstract

From Requirements to Operation: Components for Risk Assessment in a Pervasive System of Systems

Cited by 7 publications

References 28 publications

System of Systems Characterisation assisting Security Risk Assessment

System of Systems Characterisation assisting Security Risk Assessment

Complex Engineering Systems as an enabler for security in Internet of Vehicles: The nIoVe approach

Assessing Security Risk and Requirements for Systems of Systems

Contact Info

Product

Resources

About