English
Related papers

Related papers: Finding Security Threats That Matter: An Industria…

200 papers

Insider threats entail major security issues in geopolitics, cyber risk management and business organization. The game theoretic models proposed so far do not take into account some important factors such as the organisational culture and…

Cryptography and Security · Computer Science 2019-11-25 Chaitanya Joshi , David Rios Insua , Jesus Rios

For workers, the exposure to on-site hazards can result in fatalities and serious injuries. To improve safety outcomes, different approaches have been implemented for health and safety training in the construction sector, such as…

Computers and Society · Computer Science 2018-08-08 Yifan Gao , Vicente Gonzalez , Tak Wing Yiu

Bug reports are common artefacts in software development. They serve as the main channel for users to communicate to developers information about the issues that they encounter when using released versions of software programs. In the…

Software Engineering · Computer Science 2021-12-21 Arthur D. Sawadogo , Quentin Guimard , Tegawendé F. Bissyandé , Abdoul Kader Kaboré , Jacques Klein , Naouel Moha

The project managers who deal with risk management are often faced with the difficult task of determining the relative importance of the various sources of risk that affect the project. This prioritisation is crucial to direct management…

Risk Management · Quantitative Finance 2024-06-03 Fernando Acebes , José Manuel González-Varona , Adolfo López-Paredes , Javier Pajares

Software testing has often to be done under severe pressure due to limited resources and a challenging time schedule facing the demand to assure the fulfillment of the software requirements. In addition, testing should unveil those software…

Software Engineering · Computer Science 2019-12-30 Michael Felderer , Ina Schieferdecker

Many project risks in distributed software development are very different from the ones in collocated development and therefore are often overlooked. At the same time, they depend to a large extent on project-specific characteristics. This…

Todays industrial control systems consist of tightly coupled components allowing adversaries to exploit security attack surfaces from the information technology side, and, thus, also get access to automation devices residing at the…

Software Engineering · Computer Science 2023-06-26 Mukund Bhole , Wolfgang Kastner , Thilo Sauter

Advanced Persistent Threats (APTs) pose a significant security risk to organizations and industries. These attacks often lead to severe data breaches and compromise the system for a long time. Mitigating these sophisticated attacks is…

Cryptography and Security · Computer Science 2025-08-04 Ehsan Hallaji , Roozbeh Razavi-Far , Mehrdad Saif

Background. Software companies need to manage and refactor Technical Debt issues. Therefore, it is necessary to understand if and when refactoring Technical Debt should be prioritized with respect to developing features or fixing bugs.…

Software Engineering · Computer Science 2020-01-31 Valentina Lenarduzzi , Terese Besker , Davide Taibi , Antonio Martini , Francesca Arcelli Fontana

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited…

Cryptography and Security · Computer Science 2007-05-23 Xiamoneg Su , Damiano Bolzoni , Pascal van Eck

Threat modeling is a popular method to securely develop systems by achieving awareness of potential areas of future damage caused by adversaries. However, threat modeling for systems relying on Artificial Intelligence is still not well…

Cryptography and Security · Computer Science 2024-06-04 Jan von der Assen , Jamo Sharif , Chao Feng , Christian Killer , Gérôme Bovet , Burkhard Stiller

Industrial components are of high importance because they control critical infrastructures that form the lifeline of modern societies. However, the rapid evolution of industrial components, together with the new paradigm of Industry 4.0,…

Cryptography and Security · Computer Science 2022-03-16 Ángel Longueira-Romero , Rosa Iglesias , Jose Luis Flores , Iñaki Garitano

Threat modeling and risk assessments are common ways to identify, estimate, and prioritize risk to national, organizational, and individual operations and assets. Several threat modeling and risk assessment approaches have been proposed…

Cryptography and Security · Computer Science 2021-10-18 Paul Griffioen , Bruno Sinopoli

Hardware vulnerabilities are generally considered more difficult to fix than software ones because they are persistent after fabrication. Thus, it is crucial to assess the security and fix the vulnerabilities at earlier design phases, such…

Agile and DevOps are widely adopted by the industry. Hence, integrating security activities with industrial practices, such as continuous integration (CI) pipelines, is necessary to detect security flaws and adhere to regulators' demands…

Software Engineering · Computer Science 2024-01-17 Florian Angermeir , Markus Voggenreiter , Fabiola Moyón , Daniel Mendez

Defect prevention is the most vital but habitually neglected facet of software quality assurance in any project. If functional at all stages of software development, it can condense the time, overheads and wherewithal entailed to engineer a…

Software Engineering · Computer Science 2016-09-08 V. Suma , T. R. Gopalakrishnan Nair

Traditional Cyber-physical Systems(CPSs) were not built with cybersecurity in mind. They operated on separate Operational Technology (OT) networks. As these systems now become more integrated with Information Technology (IT) networks based…

Cryptography and Security · Computer Science 2021-03-09 Ameerah-Muhsinah Jamil , Lotfi ben Othmane , Altaz Valani

Software updates reduce the opportunity for exploitation. However, since updates can also introduce breaking changes, enterprises face the problem of balancing the need to secure software with updates with the need to support operations. We…

Cryptography and Security · Computer Science 2022-05-26 Giorgio Di Tizio , Michele Armellini , Fabio Massacci

In the highly interconnected digital landscape of today, safeguarding complex infrastructures against cyber threats has become increasingly challenging due to the exponential growth in the number and complexity of vulnerabilities. Resource…

Cryptography and Security · Computer Science 2025-02-18 Yuning Jiang , Nay Oo , Qiaoran Meng , Hoon Wei Lim , Biplab Sikdar

In recent years, the World Economic Forum has identified software security as the most significant technological risk to the world's population, as software-intensive systems process critical data and provide critical services. This raises…

Software Engineering · Computer Science 2021-08-27 Stefan Dziwok , Thorsten Koch , Sven Merschjohann , Boris Budweg , Sebastian Leuer