Managing runtime re-engineering of a System-of-Systems for cyber security

Waller, Adrian; Craddock, R.

doi:10.1109/sysose.2011.5966566

Cited by 12 publications

(6 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is recognised that cyber security is often "bolted on as an afterthought" and that "this is not effective in practice" [32] and indeed "dangerous" [33]. To overcome challenges in the efficacy of formal verification and security, we propose a methodology that combines the two processes: threat modelling and formal verification.…”

Section: Combining Formal Verification and Cyber Securitymentioning

confidence: 99%

Security-Minded Verification of Space Systems

Maple

Bradbury

Yuan

et al. 2020

2020 IEEE Aerospace Conference

View full text Add to dashboard Cite

show abstract

Section: Combining Formal Verification and Cyber Securitymentioning

confidence: 99%

Security-Minded Verification of Space Systems

Maple

Bradbury

Yuan

et al. 2020

2020 IEEE Aerospace Conference

View full text Add to dashboard Cite

show abstract

“…On the contrary, SoSs pose new constraints to the threat analysis processes [2], especially regarding their (i) evolutionary nature and (ii) emergent properties. Evolution refers to long-term changes required to accomplish variations to the requirements in light of an always-changing environment [3].…”

Section: Introductionmentioning

confidence: 99%

Threat Analysis in Systems-of-Systems

Ceccarelli

Zoppi

Vasenev

et al. 2018

ACM Trans. Cyber-Phys. Syst.

View full text Add to dashboard Cite

Cyber-physical Systems of Systems (SoSs) are large-scale systems made of independent and autonomous cyber-physical Constituent Systems (CSs) which may interoperate to achieve high-level goals also with the intervention of humans. Providing security in such SoSs means, among other features, forecasting and anticipating evolving SoS functionalities, ultimately identifying possible detrimental phenomena that may result from the interactions of CSs and humans. Such phenomena, usually called emergent phenomena, are often complex and difficult to capture: the first appearance of an emergent phenomenon in a cyber-physical SoS is often a surprise to the observers. Adequate support to understand emergent phenomena will assist in reducing both the likelihood of design or operational flaws, and the time needed to analyze the relations amongst the CSs, which always has a key economic significance. This article presents a threat analysis methodology and a supporting tool aimed at (i) identifying (emerging) threats in evolving SoSs, (ii) reducing the cognitive load required to understand an SoS and the relations among CSs, and (iii) facilitating SoS risk management by proposing mitigation strategies for SoS administrators. The proposed methodology, as well as the tool, is empirically validated on Smart Grid case studies by submitting questionnaires to a user base composed of 3 stakeholders and 18 BSc and MSc students. CCS Concepts: • Software and its engineering → Risk management; • Security and privacy → Software security engineering; • Applied computing → IT architectures; • Computer systems organization → Embedded and cyber-physical systems;

show abstract

“…Hence, it is important to consider the interdependence between quality attributes in scenarios where cascading failures and bottlenecks could result in a complete SoS blackout (Chiprianov et al, 2014). In this sense, quality attributes needs to be measured and controlled for each constituent system to address the impact on SoS quality (Chiprianov et al, 2014;Gorod et al, 2007;Waller and Craddock, 2011).…”

Section: Discussion and Evaluation Challengesmentioning

confidence: 99%

“…Moreover, it is necessary to take into account the SoS specific characteristics and how they impact the quality of SoS as a whole. For instance, considering performance and security, some example of the impact of SoS characteristics on these quality attributes are (Chiprianov et al, 2014;Gorod et al, 2007;Waller and Craddock, 2011): (i) the operational independence of the constituents can lead to potential incompatibilities and conflicts between security or performance of each system; then, some systems may be more vulnerable to attacks or have less critical real-time constraints than others and, therefore, their effects and consequences must be carefully considered in the SoS. (ii) due to managerial independence, constituents can have to protect themselves within the SoS from other systems and from SoS emerging activities, which can bring consequences to the SoS mission; (iii) evolutionary development of SoS makes difficult to completely specify quality requirements, such as performance and security at design time, and will need to evolve as the SoS evolves; (iv) emergent behavior difficults the clear identification of the source of a security fault or performance degradation; and (v) geographic distribution makes difficult to achieve security or performance in the SoS as a whole, mainly when different national regulations must be met and when functionalities are met due to numerous and long paths of interaction.…”

Section: Discussion and Evaluation Challengesmentioning

confidence: 99%

Quality Evaluation Model for Crisis and Emergency Management Systems-of-Systems

Santos¹

View full text Add to dashboard Cite

Systems-of-Systems (SoS) have performed an important and even essential role to the whole society and refer to complex softwareintensive systems, resulted from interoperability of independent constituent systems that work together to achieve more complex missions. SoS have emerged specially in critical application domains and, therefore, high level of quality must be assured during their development and evolution. However, dealing with quality of SoS still presents great challenges, as SoS present a set of unique characteristics that can directly affect the quality of such systems. Moreover, there are not comprehensive models that can support the quality evaluation of SoS. Motivated by this scenario, the main contribution of this Master's project is to present a SoS Evaluation Model, more specifically, addressing the crisis/emergency management domain, built in the context of a large international research project. The proposed model covers important evaluation activities and considers all SoS characteristics and challenges not usually addressed by other models. This model was applied to evaluate a crisis/emergency management SoS and our results have shown it viability to the effective management of the SoS quality.

show abstract

Managing runtime re-engineering of a System-of-Systems for cyber security

Cited by 12 publications

References 16 publications

Security-Minded Verification of Space Systems

Security-Minded Verification of Space Systems

Threat Analysis in Systems-of-Systems

Quality Evaluation Model for Crisis and Emergency Management Systems-of-Systems

Contact Info

Product

Resources

About