Special Issue "Evaluating the Security of Complex Systems"

A special issue of Information (ISSN 2078-2489).

Deadline for manuscript submissions: closed (15 February 2016)

Special Issue Editor

Guest Editor
Prof. Dr. Eduardo B. Fernandez

Department of Computer & Electrical Engineering and Computer Science, Florida Atlantic University, 777 Glades Road, Boca Raton, FL 33431, USA
Website | E-Mail
Interests: security; software architecture

Special Issue Information

Dear Colleagues,

Recent security breaches show the need to secure large, distributed, complex systems. A fundamental, but little discussed, aspect of security is how to evaluate when a complete system is secure. Purely formal methods cannot handle this level of complexity. Code checking does not consider the interaction of separate modules working together and is hard to scale. Model-based approaches, such as patterns and aspects, can be effective for handling large systems. Their use in evaluating security appears promising. A few works in this direction exist [1–4], but there is a need for more ideas. This Special Issue focuses on global, model-based, architectural, systems-oriented evaluation methods.

  1. Breu, R.; Innerhofer-Oberperfler, F.; Yautsiukhin, A. Quantitative assessment of enterprise security system. In Proceedings of the Third International Conference on Availability, Security and Reliability, ARES, Barcelona, Spain, 4–7 March 2008; pp. 921–928.
  2. Fernandez, E.B.; Yoshioka, N.; Washizaki, H.; VanHilst, M. Measuring the level of security introduced by security patterns. In Proceedings of the 4th Workshop on Secure Systems Methodologies Using Patterns (SPattern 2010), in Conjunction with ARES 2010, Krakow, Poland, February 2010.
  3. Halkidis, S.T.; Tsantalkis, N.; Chatzigeorgiu, A.; Stephanides, G. Architectural risk analysis of software systems based on security patterns. IEEE Trans. Depend. Secure Comput. 2008, 5, 129–142.
  4. Heyman, T.; Scandariato, R.; Huygens, C.; Joosen, W. Using security patterns to combine security metrics. In Proceedings of the Third International Conference on Availability, Security and Reliability, ARES, Barcelona, Spain, 4–7 March 2008; pp. 1156–1163.

Prof. Dr. Eduardo B. Fernandez
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 350 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.


Published Papers (6 papers)

View options order results:
result details:
Displaying articles 1-6
Export citation of selected articles as:

Editorial

Jump to: Research

Open AccessEditorial Introduction to the Special Issue on Evaluating the Security of Complex Systems
Information 2016, 7(3), 46; doi:10.3390/info7030046
Received: 8 July 2016 / Accepted: 9 July 2016 / Published: 18 July 2016
PDF Full-text (150 KB) | HTML Full-text | XML Full-text
Abstract
Recent security breaches show the need to secure large, distributed, complex systems. A fundamental, but little discussed aspect of security is how to evaluate when a complete system is secure. Purely formal methods cannot handle this level of complexity. Code checking does not
[...] Read more.
Recent security breaches show the need to secure large, distributed, complex systems. A fundamental, but little discussed aspect of security is how to evaluate when a complete system is secure. Purely formal methods cannot handle this level of complexity. Code checking does not consider the interaction of separate modules working together and is hard to scale. Model-based approaches, such as patterns and problem frames, can be effective for handling large systems. Their use in evaluating security appears promising. A few works in this direction exist, but there is a need for more ideas. This Special Issue focuses on global, model-based, architectural, and systems-oriented evaluation methods. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)

Research

Jump to: Editorial

Open AccessArticle Standard Compliant Hazard and Threat Analysis for the Automotive Domain
Information 2016, 7(3), 36; doi:10.3390/info7030036
Received: 14 February 2016 / Revised: 5 May 2016 / Accepted: 14 June 2016 / Published: 23 June 2016
Cited by 1 | PDF Full-text (809 KB) | HTML Full-text | XML Full-text
Abstract
The automotive industry has successfully collaborated to release the ISO 26262 standard for developing safe software for cars. The standard describes in detail how to conduct hazard analysis and risk assessments to determine the necessary safety measures for each feature. However, the standard
[...] Read more.
The automotive industry has successfully collaborated to release the ISO 26262 standard for developing safe software for cars. The standard describes in detail how to conduct hazard analysis and risk assessments to determine the necessary safety measures for each feature. However, the standard does not concern threat analysis for malicious attackers or how to select appropriate security countermeasures. We propose the application of ISO 27001 for this purpose and show how it can be applied together with ISO 26262. We show how ISO 26262 documentation can be re-used and enhanced to satisfy the analysis and documentation demands of the ISO 27001 standard. We illustrate our approach based on an electronic steering column lock system. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Figures

Open AccessArticle A Framework for Measuring Security as a System Property in Cyberphysical Systems
Information 2016, 7(2), 33; doi:10.3390/info7020033
Received: 15 February 2016 / Revised: 22 May 2016 / Accepted: 3 June 2016 / Published: 17 June 2016
Cited by 1 | PDF Full-text (6855 KB) | HTML Full-text | XML Full-text
Abstract
This paper addresses the challenge of measuring security, understood as a system property, of cyberphysical systems, in the category of similar properties, such as safety and reliability. First, it attempts to define precisely what security, as a system property, really is. Then, an
[...] Read more.
This paper addresses the challenge of measuring security, understood as a system property, of cyberphysical systems, in the category of similar properties, such as safety and reliability. First, it attempts to define precisely what security, as a system property, really is. Then, an application context is presented, in terms of an attack surface in cyberphysical systems. Contemporary approaches related to the principles of measuring software properties are also discussed, with emphasis on building models. These concepts are illustrated in several case studies, based on previous work of the authors, to conduct experimental security measurements. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Figures

Figure 1

Open AccessArticle Implementation Support of Security Design Patterns Using Test Templates
Information 2016, 7(2), 34; doi:10.3390/info7020034
Received: 15 February 2016 / Revised: 15 May 2016 / Accepted: 2 June 2016 / Published: 15 June 2016
Cited by 1 | PDF Full-text (8343 KB) | HTML Full-text | XML Full-text
Abstract
Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design
[...] Read more.
Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an “aspect test template” to observe the internal processing and a “test case template”. Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Figures

Figure 1

Open AccessArticle Computer-Aided Identification and Validation of Privacy Requirements
Information 2016, 7(2), 28; doi:10.3390/info7020028
Received: 15 February 2016 / Revised: 12 May 2016 / Accepted: 21 May 2016 / Published: 26 May 2016
Cited by 2 | PDF Full-text (2262 KB) | HTML Full-text | XML Full-text
Abstract
Privacy is a software quality that is closely related to security. The main difference is that security properties aim at the protection of assets that are crucial for the considered system, and privacy aims at the protection of personal data that are processed
[...] Read more.
Privacy is a software quality that is closely related to security. The main difference is that security properties aim at the protection of assets that are crucial for the considered system, and privacy aims at the protection of personal data that are processed by the system. The identification of privacy protection needs in complex systems is a hard and error prone task. Stakeholders whose personal data are processed might be overlooked, or the sensitivity and the need of protection of the personal data might be underestimated. The later personal data and the needs to protect them are identified during the development process, the more expensive it is to fix these issues, because the needed changes of the system-to-be often affect many functionalities. In this paper, we present a systematic method to identify the privacy needs of a software system based on a set of functional requirements by extending the problem-based privacy analysis (ProPAn) method. Our method is tool-supported and automated where possible to reduce the effort that has to be spent for the privacy analysis, which is especially important when considering complex systems. The contribution of this paper is a semi-automatic method to identify the relevant privacy requirements for a software-to-be based on its functional requirements. The considered privacy requirements address all dimensions of privacy that are relevant for software development. As our method is solely based on the functional requirements of the system to be, we enable users of our method to identify the privacy protection needs that have to be addressed by the software-to-be at an early stage of the development. As initial evaluation of our method, we show its applicability on a small electronic health system scenario. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Figures

Figure 1

Open AccessArticle Using Proven Reference Monitor Patterns for Security Evaluation
Information 2016, 7(2), 23; doi:10.3390/info7020023
Received: 12 February 2016 / Revised: 5 April 2016 / Accepted: 14 April 2016 / Published: 26 April 2016
Cited by 2 | PDF Full-text (2884 KB) | HTML Full-text | XML Full-text
Abstract
The most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor
[...] Read more.
The most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor abstraction. An associated systematic security engineering and evaluation methodology was codified as an engineering standard in the Trusted Computer System Evaluation Criteria (TCSEC). This paper explains how the TCSEC and its Trusted Network Interpretation (TNI) constitute a set of security patterns for large, complex and distributed systems and how those patterns have been repeatedly and successfully used to create and evaluate some of the most secure government and commercial systems ever developed. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Figures

Figure 1

Journal Contact

MDPI AG
Information Editorial Office
St. Alban-Anlage 66, 4052 Basel, Switzerland
E-Mail: 
Tel. +41 61 683 77 34
Fax: +41 61 302 89 18
Editorial Board
Contact Details Submit to Information Edit a special issue Review for Information
loading...
Back to Top