SAVTA: A Hybrid Vehicular Threat Model: Overview and Case Study

In recent years, significant developments were introduced within the vehicular domain, evolving the vehicles to become a network of many embedded systems which depend on a set of sensors to interact with each other and with the surrounding environment. While these improvements have increased the safety and incontestability of the automotive system, they have opened the door for new potential security threats which need to be defined, assessed, and mitigated. The SAE J3061 standard has defined threat modeling as a critical step toward the secure development process for vehicle systems, but it did not determine which method could be used to achieve this process. Therefore, many threat modeling approaches were adopted. However, using one individual approach will not identify all the threats which could target the system, and may lead to insufficient mitigation mechanisms. Thus, having complete security requires the usage of a comprehensive threat model which identifies all the potential threats and vulnerabilities. In this work, we tried to revise the existing threat modeling efforts in the vehicular domain. Also, we proposed using a hybrid method called the Software, Asset, Vulnerability, Threat, and Attacker (SAVTA)-centric method to support security analysis for vehicular systems. SAVTA combines different existing threat modeling approaches to create a comprehensive and hybridized threat model. The model is used as an aid to construct general attack trees which illustrate attack vectors that threaten a particular vehicle asset and classify these attacks under different sub-trees.

Download Full-text

Methods, methodologies, and tools for threat modeling with case study

Telfor Journal ◽

10.5937/telfor2001056h ◽

2020 ◽

Vol 12 (1) ◽

pp. 56-61

Author(s):

Amina Hajrić ◽

Tarik Smaka ◽

Sabina Baraković ◽

Jasmina Baraković-Husić

Keyword(s):

Temperature Management ◽

Design Stage ◽

Security Threats ◽

Design Phase ◽

Specific System ◽

Threat Modeling ◽

Threat Model ◽

System A ◽

The Web

The security of each system is essential for its use. In order to make this process as successful as possible, it is advisable to develop a threat model for the system under consideration at the design stage. The purpose of the threat model is to enable the identification of security threats, by whose further analysis we can conclude which are the greatest vulnerabilities of the system and which pose the greatest risk. There exist many different approaches to threat modeling in terms of methods, methodologies, and tools. In this paper, we give an overview of those approaches and apply one of them, i.e., the most represented and mature to a specific system. A STRIDE-based methodology, software-centric method, and Microsoft Threat Modeling Tool (MTMT) mixture has been used to threat model the Web of Things (WoT)-based temperature management system which is in the design phase.

Download Full-text

A Threat Table Based Assessment of Information Security in Telemedicine

Transportation Systems and Engineering ◽

10.4018/978-1-4666-8473-7.ch076 ◽

2015 ◽

pp. 1601-1613 ◽

Cited By ~ 2

Author(s):

John C. Pendergrass ◽

Karen Heart ◽

C. Ranganathan ◽

V. N. Venkatakrishnan

Keyword(s):

Information Security ◽

Patient Information ◽

Controlled Environment ◽

Security Threats ◽

Security Risks ◽

Modeling Framework ◽

Threat Modeling ◽

Security Challenges

Information security within healthcare is paramount and telemedicine applications present unique security challenges. Technology is giving rise to new and advanced telemedicine applications and understanding the security threats to these applications is needed to ensure, among other things, the privacy of patient information. This paper proposes a threat table approach to assess security threats pertaining to telemedicine applications. The concept and its usefulness are illustrated using a case study. This case study focuses on the capture and representation of salient security threats in telemedicine. To analyze the security threats to an application, it presents a threat modeling framework utilizing a table driven approach. The study reveals that even in a highly controlled environment with static locations, the security risks posed by telemedicine applications are significant, and that using a threat table approach provides an easy-to-use and effective method for managing these threats.

Download Full-text

A Threat Table Based Assessment of Information Security in Telemedicine

International Journal of Healthcare Information Systems and Informatics ◽

10.4018/ijhisi.2014100102 ◽

2014 ◽

Vol 9 (4) ◽

pp. 20-31 ◽

Cited By ~ 5

Author(s):

John C. Pendergrass ◽

Karen Heart ◽

C. Ranganathan ◽

V. N. Venkatakrishnan

Keyword(s):

Information Security ◽

Patient Information ◽

Controlled Environment ◽

Security Threats ◽

Security Risks ◽

Modeling Framework ◽

Threat Modeling ◽

Security Challenges

Download Full-text

Competitiveness and Innovation in the New Products Development Process: A Case Study in a Brazilian Chemical Industry

Revista da Faculdade de Administração e Economia ◽

10.15603/2176-9583/refae.v6n2p51-66 ◽

2015 ◽

Vol 6 (2) ◽

pp. 51-66

Author(s):

A.S.T. Penedo ◽

G.H.S. Souza ◽

N.C. Lima ◽

L.C.C. Maia

Keyword(s):

Chemical Industry ◽

Development Process ◽

New Products

Download Full-text

Exploring Factors Influencing Scenarios Evolution of Waste NIMBY Crisis: Analysis of Typical Cases in China

International Journal of Environmental Research and Public Health ◽

10.3390/ijerph18042006 ◽

2021 ◽

Vol 18 (4) ◽

pp. 2006

Author(s):

Ling He ◽

Qing Yang ◽

Xingxing Liu ◽

Lingmei Fu ◽

Jinmei Wang

Keyword(s):

Network Theory ◽

Development Process ◽

Dynamic Bayesian Network ◽

Impact Factors ◽

Social Stability ◽

Ground Theory ◽

Evolution Path ◽

Dynamic Scenario ◽

The Impact

As the impact factors of the waste Not-In-My-Back Yard (NIMBY) crisis are complex, and the scenario evolution path of it is diverse. Once the crisis is not handled properly, it will bring adverse effects on the construction of waste NIMBY facilities, economic development and social stability. Consequently, based on ground theory, this paper takes the waste NIMBY crisis in China from 2006 to 2019 as typical cases, through coding analysis, scenario evolution factors of waste NIMBY crisis are established. Furtherly, three key scenarios were obtained, namely, external situation (E), situation state (S), emergency management (M), what is more, scenario evolution law of waste NIMBY crisis is revealed. Then, the dynamic Bayesian network theory is used to construct the dynamic scenario evolution network of waste NIMBY crisis. Finally, based on the above models, Xiantao waste NIMBY crisis is taken as a case study, and the dynamic process of scenario evolution network is visually displayed by using Netica. The simulation results show that the scenario evolution network of Xiantao waste NIMBY crisis is basically consistent with the actual incident development process, which confirms the effectiveness and feasibility of the model.

Download Full-text

Paper2Wire – A Case Study of User-Centred Development of Machine Learning Tools for UX Designers

i-com ◽

10.1515/icom-2021-0002 ◽

2021 ◽

Vol 20 (1) ◽

pp. 19-32

Author(s):

Daniel Buschek ◽

Charlotte Anlauff ◽

Florian Lachner

Keyword(s):

Machine Learning ◽

Development Process ◽

User Study ◽

Concept Development ◽

Lessons Learned ◽

Design Tool ◽

Learning Tools ◽

Interface Elements ◽

Industry Partner

Abstract This paper reflects on a case study of a user-centred concept development process for a Machine Learning (ML) based design tool, conducted at an industry partner. The resulting concept uses ML to match graphical user interface elements in sketches on paper to their digital counterparts to create consistent wireframes. A user study (N=20) with a working prototype shows that this concept is preferred by designers, compared to the previous manual procedure. Reflecting on our process and findings we discuss lessons learned for developing ML tools that respect practitioners’ needs and practices.

Download Full-text

TOOLS FOR RECORDING PROTOTYPING ACTIVITIES AND QUANTIFYING CORRESPONDING DOCUMENTATION IN THE EARLY STAGES OF PRODUCT DEVELOPMENT

Proceedings of the Design Society ◽

10.1017/pds.2021.577 ◽

2021 ◽

Vol 1 ◽

pp. 3159-3168

Author(s):

Sohail Ahmed Soomro ◽

Yazan A M Barhoush ◽

Zhengya Gong ◽

Panos Kostakos ◽

Georgi V. Georgiev

Keyword(s):

Product Development ◽

Learning Process ◽

Design Education ◽

Development Process ◽

Digital Fabrication ◽

Prototype Development ◽

Early Stages ◽

Creative Solutions ◽

Insight Into

AbstractPrototyping is an essential activity in the early stages of product development. This activity can provide insight into the learning process that takes place during the implementation of an idea. It can also help to improve the design of a product. This information and the process are useful in design education as they can be used to enhance students' ability to prototype their ideas and develop creative solutions. To observe the activity of prototype development, we conducted a study on students participating in a 7-week course: Principles of Digital Fabrication. During the course, eight teams made prototypes and shared their weekly developments via internet blog posts. The posts contained prototype pictures, descriptions of their ideas, and reflections on activities. The blog documentation of the prototypes developed by the students was done without the researchers' intervention, providing essential data or research. Based on a review of other methods of capturing the prototype development process, we compare existing documentation tools with the method used in the case study and outline the practices and tools related to the effective documentation of prototyping activity.

Download Full-text

APPROACH FOR THE DEVELOPMENT AND APPLICATION OF TARGET PROCESS MODULE SETS

Proceedings of the Design Society ◽

10.1017/pds.2021.53 ◽

2021 ◽

Vol 1 ◽

pp. 531-540

Author(s):

Albert Albers ◽

Miriam Wilmsen ◽

Kilian Gericke

Keyword(s):

Product Development ◽

Development Process ◽

Process Management ◽

Process Quality ◽

Project Planning ◽

Project Managers ◽

Product Development Process ◽

Design Processes ◽

Adaptive Processes

AbstractThe implementation of agile frameworks, such as SAFe, in large companies causes conflicts between the overall product development process with a rigid linkage to the calendar cycles and the continuous agile project planning. To resolve these conflicts, adaptive processes can be used to support the creation of realistic target-processes, i.e. project plans, while stabilizing process quality and simplifying process management. This enables the usage of standardisation methods and module sets for design processes.The objective of this contribution is to support project managers to create realistic target-processes through the usage of target-process module sets. These target-process module sets also aim to stabilize process quality and to simplify process management. This contribution provides an approach for the development and application of target-process module sets, in accordance to previously gathered requirements and evaluates the approach within a case study with project managers at AUDI AG (N=21) and an interview study with process authors (N=4) from three different companies.

Download Full-text

The Protection and Reuse of the Industrial Building Heritages in Historical City — The Case Study of Luoyang City

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.174-177.2520 ◽

2012 ◽

Vol 174-177 ◽

pp. 2520-2523

Author(s):

Yan Sun ◽

Wen Cui

Keyword(s):

Development Process ◽

Industrial Building ◽

Urban Construction ◽

Protection And Utilization

By analyzing the formation and development of urban industry district and the industrial building heritages in Luoyang, this paper expounds the current problems and contradictions about the industrial building heritages protection and utilization in urban construction and development process. Aiming at these problems, some suggestions about the protection and reuse of industrial building heritages are put forward, in order to perserve and utilize them well.

Download Full-text

On Integration of Additive Manufacturing During the Design and Development of a Rehabilitation Robot: A Case Study

Journal of Mechanical Design ◽

10.1115/1.4031123 ◽

2015 ◽

Vol 137 (11) ◽

Cited By ~ 8

Author(s):

Kaci E. Madden ◽

Ashish D. Deshpande

Keyword(s):

Additive Manufacturing ◽

Neurological Disorders ◽

Development Process ◽

Mechanical Design ◽

Rehabilitation Robotics ◽

Critical Design ◽

Rehabilitation Robots ◽

Time Optimization ◽

Hand Exoskeleton

The field of rehabilitation robotics has emerged to address the growing desire to improve therapy modalities after neurological disorders, such as a stroke. For rehabilitation robots to be successful as clinical devices, a number of mechanical design challenges must be addressed, including ergonomic interactions, weight and size minimization, and cost–time optimization. We present additive manufacturing (AM) as a compelling solution to these challenges by demonstrating how the integration of AM into the development process of a hand exoskeleton leads to critical design improvements and substantially reduces prototyping cost and time.

Download Full-text