Next Article in Journal
Knowledge Absorption Capacity as a Factor for Increasing Logistics 4.0 Maturity
Next Article in Special Issue
A Zero-Knowledge Proof System with Algebraic Geometry Techniques
Previous Article in Journal
Non-Intrusive Load Monitoring Using Current Shapelets
Previous Article in Special Issue
Malware Detection on Byte Streams of Hangul Word Processor Files
Open AccessArticle

CyberSPL: A Framework for the Verification of Cybersecurity Policy Compliance of System Configurations Using Software Product Lines

Departamento de Lenguajes y Sistemas Informáticos, Universidad de Sevilla, 41004 Sevilla, Spain
*
Author to whom correspondence should be addressed.
Appl. Sci. 2019, 9(24), 5364; https://doi.org/10.3390/app9245364
Received: 25 September 2019 / Revised: 2 December 2019 / Accepted: 4 December 2019 / Published: 8 December 2019
Cybersecurity attacks affect the compliance of cybersecurity policies of the organisations. Such disadvantages may be due to the absence of security configurations or the use of default configuration values of software products and systems. The complexity in the configuration of products and systems is a known challenge in the software industry since it includes a wide range of parameters to be taken into account. In other contexts, the configuration problems are solved using Software Product Lines. This is the reason why in this article the framework Cybersecurity Software Product Line (CyberSPL) is proposed. CyberSPL is based on a methodology to design product lines to verify cybersecurity policies according to the possible configurations. The patterns to configure the systems related to the cybersecurity aspects are grouped by defining various feature models. The automated analysis of these models allows us to diagnose possible problems in the security configurations, reducing or avoiding them. As support for this proposal, a multi-user and multi-platform solution has been implemented, enabling setting a catalogue of public or private feature models. Moreover, analysis and reasoning mechanisms have been integrated to obtain all the configurations of a model, to detect if a configuration is valid or not, including the root cause of problems for a given configuration. For validating the proposal, a real scenario is proposed where a catalogue of four different feature models is presented. In this scenario, the models have been analysed, different configurations have been validated, and several configurations with problems have been diagnosed. View Full-Text
Keywords: configuration; variability; software product line; security policies; compliance; feature models configuration; variability; software product line; security policies; compliance; feature models
Show Figures

Figure 1

MDPI and ACS Style

Varela-Vaca , Á.J.; Gasca, R.M.; Ceballos, R.; Gómez-López, M.T.; Torres, P.B. CyberSPL: A Framework for the Verification of Cybersecurity Policy Compliance of System Configurations Using Software Product Lines. Appl. Sci. 2019, 9, 5364.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop