Evaluating the Security of Complex Systems

A special issue of Information (ISSN 2078-2489).

Deadline for manuscript submissions: closed (15 February 2016) | Viewed by 45620

Special Issue Editor

Department of Computer and Electrical Engineering and Computer Science, Florida Atlantic University, 777 Glades Rd., Boca Raton, FL 33431, USA
Interests: software architecture; systems security; IoT systems; security patterns; cloud computing security; Internet of Things security; object-oriented design
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Recent security breaches show the need to secure large, distributed, complex systems. A fundamental, but little discussed, aspect of security is how to evaluate when a complete system is secure. Purely formal methods cannot handle this level of complexity. Code checking does not consider the interaction of separate modules working together and is hard to scale. Model-based approaches, such as patterns and aspects, can be effective for handling large systems. Their use in evaluating security appears promising. A few works in this direction exist [1–4], but there is a need for more ideas. This Special Issue focuses on global, model-based, architectural, systems-oriented evaluation methods.

  1. Breu, R.; Innerhofer-Oberperfler, F.; Yautsiukhin, A. Quantitative assessment of enterprise security system. In Proceedings of the Third International Conference on Availability, Security and Reliability, ARES, Barcelona, Spain, 4–7 March 2008; pp. 921–928.
  2. Fernandez, E.B.; Yoshioka, N.; Washizaki, H.; VanHilst, M. Measuring the level of security introduced by security patterns. In Proceedings of the 4th Workshop on Secure Systems Methodologies Using Patterns (SPattern 2010), in Conjunction with ARES 2010, Krakow, Poland, February 2010.
  3. Halkidis, S.T.; Tsantalkis, N.; Chatzigeorgiu, A.; Stephanides, G. Architectural risk analysis of software systems based on security patterns. IEEE Trans. Depend. Secure Comput. 2008, 5, 129–142.
  4. Heyman, T.; Scandariato, R.; Huygens, C.; Joosen, W. Using security patterns to combine security metrics. In Proceedings of the Third International Conference on Availability, Security and Reliability, ARES, Barcelona, Spain, 4–7 March 2008; pp. 1156–1163.

Prof. Dr. Eduardo B. Fernandez
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.


Published Papers (6 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Editorial

Jump to: Research

150 KiB  
Editorial
Introduction to the Special Issue on Evaluating the Security of Complex Systems
by Eduardo B. Fernandez
Information 2016, 7(3), 46; https://doi.org/10.3390/info7030046 - 18 Jul 2016
Cited by 2 | Viewed by 3744
Abstract
Recent security breaches show the need to secure large, distributed, complex systems. A fundamental, but little discussed aspect of security is how to evaluate when a complete system is secure. Purely formal methods cannot handle this level of complexity. Code checking does not [...] Read more.
Recent security breaches show the need to secure large, distributed, complex systems. A fundamental, but little discussed aspect of security is how to evaluate when a complete system is secure. Purely formal methods cannot handle this level of complexity. Code checking does not consider the interaction of separate modules working together and is hard to scale. Model-based approaches, such as patterns and problem frames, can be effective for handling large systems. Their use in evaluating security appears promising. A few works in this direction exist, but there is a need for more ideas. This Special Issue focuses on global, model-based, architectural, and systems-oriented evaluation methods. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)

Research

Jump to: Editorial

809 KiB  
Article
Standard Compliant Hazard and Threat Analysis for the Automotive Domain
by Kristian Beckers, Jürgen Dürrwang and Dominik Holling
Information 2016, 7(3), 36; https://doi.org/10.3390/info7030036 - 23 Jun 2016
Cited by 5 | Viewed by 8953
Abstract
The automotive industry has successfully collaborated to release the ISO 26262 standard for developing safe software for cars. The standard describes in detail how to conduct hazard analysis and risk assessments to determine the necessary safety measures for each feature. However, the standard [...] Read more.
The automotive industry has successfully collaborated to release the ISO 26262 standard for developing safe software for cars. The standard describes in detail how to conduct hazard analysis and risk assessments to determine the necessary safety measures for each feature. However, the standard does not concern threat analysis for malicious attackers or how to select appropriate security countermeasures. We propose the application of ISO 27001 for this purpose and show how it can be applied together with ISO 26262. We show how ISO 26262 documentation can be re-used and enhanced to satisfy the analysis and documentation demands of the ISO 27001 standard. We illustrate our approach based on an electronic steering column lock system. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Show Figures

Graphical abstract

6855 KiB  
Article
A Framework for Measuring Security as a System Property in Cyberphysical Systems
by Janusz Zalewski, Ingrid A. Buckley, Bogdan Czejdo, Steven Drager, Andrew J. Kornecki and Nary Subramanian
Information 2016, 7(2), 33; https://doi.org/10.3390/info7020033 - 17 Jun 2016
Cited by 9 | Viewed by 6581
Abstract
This paper addresses the challenge of measuring security, understood as a system property, of cyberphysical systems, in the category of similar properties, such as safety and reliability. First, it attempts to define precisely what security, as a system property, really is. Then, an [...] Read more.
This paper addresses the challenge of measuring security, understood as a system property, of cyberphysical systems, in the category of similar properties, such as safety and reliability. First, it attempts to define precisely what security, as a system property, really is. Then, an application context is presented, in terms of an attack surface in cyberphysical systems. Contemporary approaches related to the principles of measuring software properties are also discussed, with emphasis on building models. These concepts are illustrated in several case studies, based on previous work of the authors, to conduct experimental security measurements. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Show Figures

Figure 1

8343 KiB  
Article
Implementation Support of Security Design Patterns Using Test Templates
by Masatoshi Yoshizawa, Hironori Washizaki, Yoshiaki Fukazawa, Takao Okubo, Haruhiko Kaiya and Nobukazu Yoshioka
Information 2016, 7(2), 34; https://doi.org/10.3390/info7020034 - 15 Jun 2016
Cited by 7 | Viewed by 8855
Abstract
Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design [...] Read more.
Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an “aspect test template” to observe the internal processing and a “test case template”. Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Show Figures

Figure 1

2262 KiB  
Article
Computer-Aided Identification and Validation of Privacy Requirements
by Rene Meis and Maritta Heisel
Information 2016, 7(2), 28; https://doi.org/10.3390/info7020028 - 26 May 2016
Cited by 12 | Viewed by 5360
Abstract
Privacy is a software quality that is closely related to security. The main difference is that security properties aim at the protection of assets that are crucial for the considered system, and privacy aims at the protection of personal data that are processed [...] Read more.
Privacy is a software quality that is closely related to security. The main difference is that security properties aim at the protection of assets that are crucial for the considered system, and privacy aims at the protection of personal data that are processed by the system. The identification of privacy protection needs in complex systems is a hard and error prone task. Stakeholders whose personal data are processed might be overlooked, or the sensitivity and the need of protection of the personal data might be underestimated. The later personal data and the needs to protect them are identified during the development process, the more expensive it is to fix these issues, because the needed changes of the system-to-be often affect many functionalities. In this paper, we present a systematic method to identify the privacy needs of a software system based on a set of functional requirements by extending the problem-based privacy analysis (ProPAn) method. Our method is tool-supported and automated where possible to reduce the effort that has to be spent for the privacy analysis, which is especially important when considering complex systems. The contribution of this paper is a semi-automatic method to identify the relevant privacy requirements for a software-to-be based on its functional requirements. The considered privacy requirements address all dimensions of privacy that are relevant for software development. As our method is solely based on the functional requirements of the system to be, we enable users of our method to identify the privacy protection needs that have to be addressed by the software-to-be at an early stage of the development. As initial evaluation of our method, we show its applicability on a small electronic health system scenario. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Show Figures

Figure 1

2884 KiB  
Article
Using Proven Reference Monitor Patterns for Security Evaluation
by Mark R. Heckman and Roger R. Schell
Information 2016, 7(2), 23; https://doi.org/10.3390/info7020023 - 26 Apr 2016
Cited by 6 | Viewed by 11165
Abstract
The most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor [...] Read more.
The most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor abstraction. An associated systematic security engineering and evaluation methodology was codified as an engineering standard in the Trusted Computer System Evaluation Criteria (TCSEC). This paper explains how the TCSEC and its Trusted Network Interpretation (TNI) constitute a set of security patterns for large, complex and distributed systems and how those patterns have been repeatedly and successfully used to create and evaluate some of the most secure government and commercial systems ever developed. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Show Figures

Figure 1

Back to TopTop