software engineering and information security
DESCRIPTION
Software Engineering and Information Security: R&D PerspectivesTRANSCRIPT
![Page 1: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/1.jpg)
Software Engineering and Information Security R&D Perspectives
Massimo Felici
1 Software Engineering and Information Security Massimo Felici © 2012
![Page 2: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/2.jpg)
Overview
• Background and Experience
• Software Engineering and Information Security: Rationale • Complex Application Domain: Air Traffic Management
• Research Perspectives – Requirements
– Risk Analysis
– Design and Validation • Research Considerations
– Research Impact
• Future Research
2 Software Engineering and Information Security Massimo Felici © 2012
![Page 3: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/3.jpg)
Background and Experience
3 Software Engineering and Information Security Massimo Felici © 2012
![Page 4: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/4.jpg)
SOFTWARE ENGINEERING AND INFORMATION SECURITY
Rationale
4 Software Engineering and Information Security Massimo Felici © 2012
![Page 5: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/5.jpg)
Sony Security Cyber Attack • “Sony of Japan revealed that names, addresses, passwords
and possibly credit-card details of 77 million accounts were stolen when hackers gained access to the network it runs in 60 countries for its PlayStation online-gaming system”
[The Economist, Apr 28th 2011]
• “Sony warns of almost 25 million extra user detail theft” [BBC News, 3 May 2011]
5 Software Engineering and Information Security Massimo Felici © 2012
![Page 6: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/6.jpg)
Security Attacks Attacker Types and Techniques Attach Type, Time and Impact
6 Software Engineering and Information Security
[IBM Security Solutions, IBM X-Force® 2011 Mid-year Trend and Risk Report]
Massimo Felici © 2012
![Page 7: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/7.jpg)
Vulnerability Disclosures
[IBM Security Solutions, IBM X-Force® 2011 Mid-year Trend and Risk Report]
7 Software Engineering and Information Security Massimo Felici © 2012
![Page 8: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/8.jpg)
Who should worry? • Security is a concern across different domains and countries
• “An investigation of targeted intrusions into more than 70 global companies, governments, and non-profit organizations during the last five years”
[McAfee, 2011]
8 Software Engineering and Information Security Massimo Felici © 2012
![Page 9: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/9.jpg)
AIR TRAFFIC MANAGEMENT Scenario
9 Software Engineering and Information Security Massimo Felici © 2012
![Page 10: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/10.jpg)
Complex Application Domain • Ongoing developments in the Air Traffic Management domain
• The SESAR (Single European Sky ATM Research) project is the European air traffic control infrastructure modernisation programme. SESAR aims at developing the new generation Air Traffic Management system capable of ensuring the safety and fluidity of air transport worldwide over the next 30 years
• Overall features
– Large-Scale... European (and beyond) wide systems
– Complex ICT – Stringent security requirements along side other key
Performance Indicators (e.g. Safety)
– Deployments of new ICT involving operational changes – Human factors, changes in ICT affecting work practices
10 Software Engineering and Information Security Massimo Felici © 2012
![Page 11: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/11.jpg)
Air Traffic Management
Today
[SESAR Release, SESAR Joint Undertaking 2011]
The SESAR ATM System
11 Software Engineering and Information Security Massimo Felici © 2012
![Page 12: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/12.jpg)
System Wide Information Management
SWIM Infrastructure System Security Design
12 Software Engineering and Information Security Massimo Felici © 2012
![Page 13: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/13.jpg)
SOFTWARE ENGINEERING AND INFORMATION SECURITY
Research
13 Software Engineering and Information Security Massimo Felici © 2012
![Page 14: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/14.jpg)
Socio-Technical Security Requirements
14 Software Engineering and Information Security
Ensuring Trustworthiness and Security in Service Composition
Problem: ensuring trustworthiness and security in service composition
Context: operational accounts of ATM practice highlight information exchange
Modelling and Validation: socio-technical security requirements
Massimo Felici © 2012
![Page 15: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/15.jpg)
Requirements Evolution
15 Software Engineering and Information Security
• Avionics case study
• Safety-critical software
• Empirical analysis of requirements changes
• Functional analysis of requirements changes
• Architecture stability
• Quantitative accounts of requirements changes
• Requirements evolution modelling
[Felici, 2004]
Problem: understanding requirements changes, requirements evolution
Massimo Felici © 2012
![Page 16: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/16.jpg)
Security Model-Driven Risk Analysis
16 Software Engineering and Information Security
Security Engineering for Lifelong Evolvable Systems
Problem: assessing impact of changes on critical security properties
Modelling: structured (CORAS) models elicited to perform risk analysis
Validation: shift of risk perceptions
[Felici et al., 2011]
Massimo Felici © 2012
![Page 17: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/17.jpg)
Emerging Technological Risk • Provides a multidisciplinary
account of technology risk
• Reviews different case studies
• Identifies classes of socio-technical hazards
– how technological risk crosses organizational boundaries
– how technological trajectories and evolution develop
– how social behaviour shapes, and is shaped by, technology
17 Software Engineering and Information Security
S. Anderson, M. Felici Emerging Technological Risk Underpinning the Risk of Technology Innovation Springer, 2012
Interdisciplinary Research Collaboration in Dependability of Computer-Based Systems
Interdisciplinary Design and Evaluation of Dependability
Massimo Felici © 2012
![Page 18: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/18.jpg)
Security & Dependability Patterns
18 Software Engineering and Information Security
System Engineering for Security & Dependability
Problem: Security & Dependability Patterns to design and implement ICT
Context: supporting organisational work practice to deal with emerging threats
Validation: Security & Dependability Patterns enabling resilient processes
Massimo Felici © 2012
![Page 19: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/19.jpg)
Trust Observations
• Empirical analysis of an operational account of trust in validation exercises
• Trust observations highlight how different system configurations support work practices
[Felici et al., 2011]
19 Software Engineering and Information Security
Problem: validating new operational concepts and system configurations
Massimo Felici © 2012
![Page 20: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/20.jpg)
Summary
• Information security is a real problem in different complex application domains
– Air Traffic Management • Research Perspectives
– Requirements problems: validation and evolution
– Socio-technical Risk Analysis: modelling and social perspectives of risk analysis
– Validation: Dependability, Resilience, Trust
20 Software Engineering and Information Security Massimo Felici © 2012
![Page 21: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/21.jpg)
SOFTWARE ENGINEERING AND INFORMATION SECURITY
Research Considerations
21 Software Engineering and Information Security Massimo Felici © 2012
![Page 22: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/22.jpg)
Research Remarks • Engineering software systems for security and trustworthiness
requires dealing with subtle complexities • It is necessary to combine diverse methodologies
throughout software development and deployment
• My research is concerned with supporting engineering software and understanding software complexities (e.g. in terms of critical features) in different development phases (e.g. validation) and application domains
– Multidisciplinary research
– Socio-technical systems
– Dependability, Risk, Trust
22 Software Engineering and Information Security Massimo Felici © 2012
![Page 23: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/23.jpg)
Research Impact: ATM Community • Exploited PhD on requirements evolution within the EU
SecureChange project
• Exploited Dependability, Risk and Trust studies to support SME in related EU ICT projects
• Conducted case studies drawn from the ATM domain
• Led Edinburgh University engagement in the INNOVATE (INNOvation through Validation for Air Transportation in Europe) consortium, Modelling Support to Validation, Associate Partners of SESAR JU
• Visibility: Work on Trust published, and also linked in SKYbrary (the online ATM reference collection for aviation safety knowledge)
• Visibility: Consulting Editor for the US FAA (Federal Aviation Administration) International Journal of Applied Aviation
23 Software Engineering and Information Security Massimo Felici © 2012
![Page 24: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/24.jpg)
Supporting European Commission • Co-organised a networking session, on Privacy, Identity Management
and Dependability in Emerging ICT-based Interaction Scenarios: Trustworthy Fulfillment of Requirements beyond purely Technological Innovation, at ICT 2008
• Appointed by the European Commission, Information Society and Media Directorate, Trust and Security, as Independent Expert/Reviewer for industry-led ICT projects
– PrimeLife, Privacy and Identity Management in Europe for Life
– WebSand, Server-driven Outbound Web-application Sandboxing
24 Software Engineering and Information Security Massimo Felici © 2012
![Page 25: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/25.jpg)
Another Application Domain: Healthcare Recently, started collaborating and extending research work in Healthcare domains
• Centre for Population Health Sciences, The University of Edinburgh
Anderson, S., Fairbrother, P., Felici, M., Hanley, J., McKinstry, B. Ure, J.: From Hazards to Resilience in Socio-Technical Healthcare Systems. In Hollnagel, E., Rigaud, E., Besnard, D. (Eds.), Proceedings of the fourth Resilience Engineering Symposium, pp.15-21 (2011)
• Warwick Medical School, The University of Warwick
Sujan, M.-A., Felici, M.: Combining Failure Mode and Functional Resonance Analyses in Healthcare Settings. In Proceedings of SAFECOMP 2012, the 31st International Conference on Computer Safety, Reliability and Security, LNCS, Springer-Verlag (to appear)
25 Software Engineering and Information Security Massimo Felici © 2012
![Page 26: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/26.jpg)
Supporting Research Communities • SAFECOMP, International Conference on Computer Safety, Reliability and Security
• DSN, IEEE/IFIP International Conference on Dependable Systems and Networks
• SERE, IEEE International Conference on Software Security and Reliability
• ISARCS, International ACM SigSoft Symposium on Architecting Critical Systems
...and many others
26 Software Engineering and Information Security Massimo Felici © 2012
![Page 27: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/27.jpg)
Future Research • Software Engineering Foundations
– Empirical investigation of software engineering models (e.g. requirements and design models)
– Further understanding evolution (e.g. requirements evolution)
– Modelling support to validation – INNOVATE (INNOvation through Validation for Air Transportation in Europe)
• Security and Trust Observations – Security and Trust as deployment strategies that offers a rich
range of trade-offs
– Empirical investigation and validation of different Security and Trust models
• Dependability Benchmarking and Risk Analysis – Socio-technical risk analysis
– Operational validation
27 Software Engineering and Information Security Massimo Felici © 2012
![Page 28: Software Engineering and Information Security](https://reader037.vdocument.in/reader037/viewer/2022103000/5557bbc5d8b42a696c8b5179/html5/thumbnails/28.jpg)
THANK YOU
28 Software Engineering and Information Security Massimo Felici © 2012