Related papers: SecDOAR: A Software Reference Architecture for Sec…
With the rapid rise in Software Supply Chain (SSC) attacks, organisations need thorough and trustworthy visibility over the entire SSC of their software inventory to detect risks early and identify compromised assets rapidly in the event of…
Blockchains are distributed systems, in which security is a critical factor for their success. However, despite their increasing popularity and adoption, there is a lack of standardized models that study blockchain-related security threats.…
The software supply chain comprises a highly complex set of operations, processes, tools, institutions and human factors involved in creating a piece of software. A number of high-profile attacks that exploit a weakness in this complex…
Robotic middleware serves as the foundational infrastructure, enabling complex robotic systems to operate in a coordinated and modular manner. In data-intensive robotic applications, especially in industrial scenarios, communication…
Natural Language Processing (NLP) tools support requirements engineering (RE) tasks like requirements elicitation, classification, and validation. However, they are often developed from scratch despite functional overlaps, and abandoned…
Security is an important quality of software systems, but there is a huge lack of security experts. To overcome this gap, we aim to make security design knowledge reusable for architects by proposing the SecuRe recommendation approach to…
In this article, we examine how security applies to Service Oriented Architecture (SOA). Before we discuss security for SOA, lets take a step back and examine what SOA is. SOA is an architectural approach which involves applications being…
Security Orchestration, Automation, and Response (SOAR) platforms integrate and orchestrate a wide variety of security tools to accelerate the operational activities of Security Operation Center (SOC). Integration of security tools in a…
Attacks based on side-channel analysis (SCA) pose a severe security threat to modern computing platforms, further exacerbated on IoT devices by their pervasiveness and handling of private and critical data. Designing SCA-resistant computing…
Supervisory Control and Data Acquisition (SCADA) systems support and control the operation of many critical infrastructures that our society depend on, such as power grids. Since SCADA systems become a target for cyber attacks and the…
The development of a system vulnerability analysis tool (SVAT) for complex mission critical systems (CMCS) produced the software for operation and network attack results review (SONARR). This software builds upon the Blackboard Architecture…
As many industries shift towards centralised controlled information systems for monitoring and control, more importance is being placed upon technologies such as Supervisory Control and Data Acquisitions industrial systems (SCADA). This…
Security operation centers (SOCs) all over the world are tasked with reacting to cybersecurity alerts ranging in severity. Security Orchestration, Automation, and Response (SOAR) tools streamline cybersecurity alert responses by SOC…
Software Defined Networking (SDN) is a widely deployed technology enabling the agile and flexible management of networks and services. This paradigm represents an appropriate candidate to address the dynamic and secure management of large…
The introduction of remote attestation (RA) schemes has allowed academia and industry to enhance the security of their systems. The commercial products currently available enable only the validation of static properties, such as…
A system vulnerability analysis technique (SVAT) for the analysis of complex mission critical systems (CMCS) that cannot be taken offline or subjected to the risks posed by traditional penetration testing was previously developed. This…
Users are demanding increased data security. As a result, security is rapidly becoming a first-order design constraint in next generation computing systems. Researchers and practitioners are exploring various security technologies to meet…
Embedded devices are increasingly present in our everyday life. They often process critical information, and hence, rely on cryptographic protocols to achieve security. However, embedded devices remain vulnerable to attackers seeking to…
The Network Function Virtualization paradigm is attracting the interest of service providers, that may greatly benefit from its flexibility and scalability properties. However, the diversity of possible orchestrated services, rises the…
Enterprise Networks, over the years, have become more and more complex trying to keep up with new requirements that challenge traditional solutions. Just to mention one out of many possible examples, technologies such as Virtual LANs…