| 1. |
- Vasilevskaya, Maria, et al.
(författare)
-
Security Asset Elicitation for Collaborative Models
- 2012
-
Ingår i: MDsec '12 Proceedings of the Workshop on Model-Driven Security. - New York, NY, USA : ACM Digital Library. - 9781450318068
-
Konferensbidrag (refereegranskat)abstract
- Building secure systems is a difficult job for most engineers since it requires in-depth understanding of security aspects. This task, however, can be assisted by capturing security knowledge in a particular domain and reusing the knowl- edge when designing applications. We use this strategy and employ an information security ontology to represent the se- curity knowledge. The ontology is associated with system designs which are modelled in collaborative building blocks specifying the behaviour of several entities. In this paper, we identify rules to be applied to the elements of collaborations in order to identify security assets present in the design. Further, required protection mechanisms are determined by applying a reasoner to the ontology and the obtained assets. We exemplify our approach with a case study from the smart metering domain.
|
|
| 2. |
- Vasilevskaya, Maria, et al.
(författare)
-
Integrating security mechanisms into embedded systems by domain-specific modelling
- 2014
-
Ingår i: Security and Communication Networks. - : John Wiley & Sons. - 1939-0114 .- 1939-0122. ; 7:12, s. 2815-2832
-
Tidskriftsartikel (refereegranskat)abstract
- Embedded devices are crucial enablers of the Internet of Things and become increasingly common in our daily life. They store, manipulate and transmit sensitive information and, therefore, must be protected against security threats. Due to the security and also resource constraint concerns, designing secure networked embedded systems is a difficult task. Model-based development (MBD) is promoted to address complexity and ease the design of software intensive systems. We leverage MBD and domain-specific modelling to characterise common issues related to security and embedded systems that are specific to a given application domain. Security-specific knowledge relevant for a certain application domain is represented in the form of an adapted information security ontology. Further, the elements of the ontology are associated with security building blocks modelled with the MBD method SPACE. The selection of relevant security building blocks is based on (i) assets automatically elicited from the functional models, (ii) domain security knowledge captured by the security expert and (iii) the platform adopted by the embedded system engineer. A tool is developed to support the steps supporting this methodology and help to bridge between the security and embedded systems domains. We illustrate our approach with a case study from the smart metering domain.
|
|
