CC-Case-Safety and Security Engineering Methodology

As the complexity of computer systems increases, assuring safety and security is significant. The authors aim to construct a new development methodology CC-Case that can assure the demands of complex systems, including IoT and AI, using safety and security technologies in an integrated manner. As a central framework of CC-Case, this manuscript shows requirements extraction by STAMP/STPA extension to safety and security (STAMP S & S) and assurance using GSN divided into a logical model and a concrete model. STAMP S & S makes it possible to model requirements based on system theory and extract more comprehensive safety and security requirements in a single model diagram. Besides, the GSN defines the overall picture of the assurance and verifies and validates the hazards and threats extracted by STAMP S & S. This paper presents the procedures of CC-Case with STAMP, GSN, and show examples of level 3 autonomous driving.

Download Full-text

ANALYSIS AND ASSESSMENT OF METHODS AND MEANS OF DESTRUCTING INFORMATION FROM MAGNETIC MEDIA AS AN ELEMENT OF MODERN INFORMATION SECURITY

Collection of scientific works of Odesa Military Academy ◽

10.37129/2313-7509.2019.11.99-112 ◽

2019 ◽

pp. 99-112 ◽

Cited By ~ 1

Author(s):

O. Semenenko ◽

Y. Dobrovolsky ◽

V. Koverga ◽

O. Sechenev

Keyword(s):

Information Security ◽

Information Exchange ◽

Integrated Approach ◽

Operating Conditions ◽

Security Requirements ◽

Magnetic Media ◽

Security Technologies ◽

Analysis Of Means ◽

Complex Development ◽

Modern Information

Evolution of security technologies shows that only the concept of an integrated approach to information security can provide modern information security requirements. A comprehensive approach means the complex development of all the necessary methods and means of information protection. Today, the information exchange and information systems in the Ministry of Defense of Ukraine have certain means and approaches to the destruction of information, but each of them has different estimates of the effectiveness of their use, as well as different cost of their purchase and use. Therefore, the main purpose of the article is to carry out a comprehensive analysis of means of destroying confidential information of methods of its destruction in order to formulate practical recommendations for choosing the most effective and economically feasible for the Ministry of Defense of Ukraine. The perfection of methods and means of destroying information from magnetic media is an important element of modern information security. The results of the analysis carried out in the article are the disclosure of the main features of modern devices for the elimination of magnetic records, as well as the ability to formulate a list of basic requirements for modern devices for the destruction of information from magnetic media. Today, technical means of information security, in particular, the elimination of information on magnetic media, are constantly being improved, absorbing the latest advances in modern security technologies. Their model range, which takes into account the diversity of customer requirements, such as the type of energy supply, the level of mobility, reliability and operating conditions, expands. All this determines the relevance of research topics in this direction in the future.

Download Full-text

Model Driven Security Engineering for the Realization of Dynamic Security Requirements in Collaborative Systems

Models in Software Engineering - Lecture Notes in Computer Science ◽

10.1007/978-3-540-69489-2_34 ◽

2007 ◽

pp. 278-287 ◽

Cited By ~ 6

Author(s):

Muhammad Alam

Keyword(s):

Security Requirements ◽

Collaborative Systems ◽

Security Engineering ◽

Model Driven ◽

Dynamic Security

Download Full-text

Automatisiertes Fahren: Was fehlt noch fur einen sicheren Rechtsrahmen fur Level 3? /Legislation Needed: What is Missing to Make Level 3 Autonomous Driving Legal?

41. Internationales Wiener Motorensymposium 22.-24. April 2020 ◽

10.51202/9783186813121-i-411 ◽

2020 ◽

pp. I-411-I-418

Author(s):

M. Siemann

Keyword(s):

Autonomous Driving ◽

Level 3 ◽

Automatisiertes Fahren

Download Full-text

Privacy and Security in e-Health Applications

User-Driven Healthcare ◽

10.4018/978-1-4666-2770-3.ch058 ◽

2012 ◽

pp. 1141-1166

Author(s):

Milan Petkovic ◽

Luan Ibraimi

Keyword(s):

Digital Technologies ◽

Health Data ◽

Security Requirements ◽

Security And Privacy ◽

Sensitive Information ◽

Privacy And Security ◽

Security Technologies ◽

Technological Means ◽

The Individual ◽

Health Applications

The introduction of e-Health and extramural applications in the personal healthcare domain has raised serious concerns about security and privacy of health data. Novel digital technologies require other security approaches in addition to the traditional “purely physical” approach. Furthermore, privacy is becoming an increasing concern in domains that deal with sensitive information such as healthcare, which cannot absorb the costs of security abuses in the system. Once sensitive information about an individual’s health is uncovered and social damage is done, there is no way to revoke the information or to restitute the individual. Therefore, in addition to legal means, it is very important to provide and enforce privacy and security in healthcare by technological means. In this chapter, the authors analyze privacy and security requirements in healthcare, explain their importance and review both classical and novel security technologies that could fulfill these requirements.

Download Full-text

Cloud Security Engineering Concept and Vision

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch006 ◽

2018 ◽

pp. 93-101 ◽

Cited By ~ 1

Author(s):

Shadi Aljawarneh

Keyword(s):

Cloud Security ◽

Research Community ◽

Security Requirements ◽

Software System ◽

Security Engineering ◽

Security Issues ◽

Requirements Specifications ◽

Evolutionary Changes ◽

World Environment ◽

Engineering Concept

The research community found that a software system should be evolved once every few months to ensure it is adapted to the real-world environment. The system evolution requires regularly amendments that append, delete, or alter features. It also migrates or converts the software system from one operating platform to another. These amendments may result in requirements/ specifications that were satisfied in a previous release of a software system not being satisfied in the subsequent versions. As a result, software evolutionary changes violate security requirements, and then a system may become vulnerable to different kinds of attacks. In this paper, concepts and visions are presented to avoid/minimize the Cloud security issues.

Download Full-text

Multimodal Cue Combinations: A Possible Approach to Designing In-Vehicle Takeover Requests for Semi-autonomous Driving

Proceedings of the Human Factors and Ergonomics Society Annual Meeting ◽

10.1177/1071181319631053 ◽

2019 ◽

Vol 63 (1) ◽

pp. 1739-1743

Author(s):

Gaojian Huang ◽

Clayton Steele ◽

Xinrui Zhang ◽

Brandon J. Pitts

Keyword(s):

Autonomous Vehicles ◽

Response Times ◽

Autonomous Driving ◽

Multimodal Signals ◽

Road Sign ◽

Sign Detection ◽

Level 3 ◽

Perceived Workload ◽

Tactile Cues ◽

Vehicle Automation

The rapid growth of autonomous vehicles is expected to improve roadway safety. However, certain levels of vehicle automation will still require drivers to ‘takeover’ during abnormal situations, which may lead to breakdowns in driver-vehicle interactions. To date, there is no agreement on how to best support drivers in accomplishing a takeover task. Therefore, the goal of this study was to investigate the effectiveness of multimodal alerts as a feasible approach. In particular, we examined the effects of uni-, bi-, and trimodal combinations of visual, auditory, and tactile cues on response times to takeover alerts. Sixteen participants were asked to detect 7 multimodal signals (i.e., visual, auditory, tactile, visual-auditory, visual-tactile, auditory-tactile, and visual-auditory-tactile) while driving under two conditions: with SAE Level 3 automation only or with SAE Level 3 automation in addition to performing a road sign detection task. Performance on the signal and road sign detection tasks, pupil size, and perceived workload were measured. Findings indicate that trimodal combinations result in the shortest response time. Also, response times were longer and perceived workload was higher when participants were engaged in a secondary task. Findings may contribute to the development of theory regarding the design of takeover request alert systems within (semi) autonomous vehicles.

Download Full-text

A Proposal of a New Product Development Methodology: The CS-TG Method “Causality Search T-Method With Graphical Modeling”

Volume 11: Systems, Design, and Complexity ◽

10.1115/imece2017-72555 ◽

2017 ◽

Author(s):

Tetsuo Hosokawa ◽

Makoto Matsushita

Keyword(s):

New Product Development ◽

Parameter Design ◽

Causal Relationships ◽

Graphical Modeling ◽

Development Methodology ◽

New Development ◽

Box Method ◽

The Individual ◽

Target Characteristics

In 2015, our team proposed a new development methodology, which we named the Causality Search T-Method (CS-T Method). This method makes it possible to solve the intrinsic limitation of target characteristics-based Parameter Design. Specifically, target characteristics-based Parameter Design is in essence a black-box method, which makes it difficult to obtain information on the mechanisms of quality improvement. The first aim of the CS-T Method is to determine the causal relationships between the target characteristics and multiple candidate “Effective-Explanation Factors” (EEF) such as physical properties, sensing data. The second aim is to improve the efficiency. Through a case study, our team demonstrated that it is possible to determine the causal relationships with significantly fewer experiments. We propose an extension of the CS-T Method, one which incorporates Graphical Modeling (GM), which we have named the CS-TG Method. Unlike conventional GM, which performs the analysis on the entire pool of candidate EEFs, CS-TG method allows the GM analysis to focus on the limited set of factors that were identified by the original CS-T as having a causal relationship with the target characteristics. In doing so, the new method is able to establish the causal relationships between each of the individual EEFs with fewer experiments.

Download Full-text

Research on the Security Technologies of Power Grid EMS Based on SOA

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.347-350.1846 ◽

2013 ◽

Vol 347-350 ◽

pp. 1846-1851

Author(s):

Zhi Yong Lu ◽

Yi Jun Zhang ◽

Luan Yang ◽

Shi Ping Xu ◽

Yuan You Chen

Keyword(s):

Cloud Computing ◽

Energy Management ◽

Power Grid ◽

Security Requirements ◽

Management Systems ◽

Loosely Coupled ◽

Energy Management Systems ◽

Security Technologies ◽

Key Technologies ◽

Security Configuration

This article analyzes the accidents of power grid in some domestic region to discuss the security problems existing in the power grid Energy Management Systems (EMS). Combined with the security requirements of EMS, the method of improving EMS security based on SOA is proposed and the involving key technologies are studied as follows: the loosely coupled EMS based on SOA, the graded and modularity security configuration, the management of security configuration based on Concurrent Version System (CVS) and the mirror of Real-Time Databases (RTD) based on cloud computing. All the above technologies proposed in this paper greatly improve the security of EMS.

Download Full-text