Integrating Safety, Security and Human Factors Engineering in Rail Infrastructure Design and Evaluation.

With the new emerging dependency towards the rail industry, there have been growing concerns on how to make this critical infrastructure more adaptable in this technological era of cyber attacks. Currently, the rail infrastructure is built around safety and human factors, but one important factor which has less attention is cyber security. In order to satisfy the security needs of rail stakeholders, there is a need to put together knowledge in the form of design framework by combining safety and human factors, with cyber security. The research problem this PhD thesis addresses is how the process-techniques and tool- support available in safety, security and human factors engineering can be integrated to provide design solutions in rail infrastructure. This PhD thesis claims that proposed design framework is an exemplar by making three significant contributions. Firstly, it identifies the integration of concepts between safety, security and human factors engineering. Secondly, based on integration it pro- vides an integrated design framework where Integrating Requirements and Information Security (IRIS), use-case specifications informed Task Analysis (TA) using Cognitive Task Analysis (CTA) and Hierarchical Task Analysis (HTA), Human Factors Analysis and Clas- sification System (HFACS) frameworks are used to inform Systems-Theoretic Process Analysis (STPA). This integrated design framework is tool-supported using the open- source Computer Aided Integrating Requirements and Information Security (CAIRIS) platform. Thirdly, the proposed design framework in the form of process-techniques and tool-support is implemented by rail infrastructure to determine the safe, secure and us- able design solutions. This PhD thesis is validated by applying the design framework to three case studies. In the first, preliminary evaluation is carried out by applying it to a case study of ‘Polish Tram Incident’, where inter-dependencies between safety, security, and human factors engineering are present. In the second, the results are used to inform TA using use-case specifications format by prototyping the role of European Railway Traffic Management System (ERTMS) - Signaller, which provides human factors experts a chance to work in collaboration with safety and security design experts. In the final case study, with the support of representative rail stakeholders from Ricardo Rail is used to implement STPA on case study of ’Cambrian Railway Incident’

On the Security of Software Systems and Services

This work investigates new methods for facing the security issues and threats arising from the composition of software. This task has been carried out through the formal modelling of both the software composition scenarios and the security properties, i.e., policies, to be guaranteed. Our research moves across three different modalities of software composition which are of main interest for some of the most sensitive aspects of the modern information society. They are mobile applications, trust-based composition and service orchestration. Mobile applications are programs designed for being deployable on remote platforms. Basically, they are the main channel for the distribution and commercialisation of software for mobile devices, e.g., smart phones and tablets. Here we study the security threats that affect the application providers and the hosting platforms. In particular, we present a programming framework for the development of applications with a static and dynamic security support. Also, we implemented an enforcement mechanism for applying fine-grained security controls on the execution of possibly malicious applications. In addition to security, trust represents a pragmatic and intuitive way for managing the interactions among systems. Currently, trust is one of the main factors that human beings keep into account when deciding whether to accept a transaction or not. In our work we investigate the possibility of defining a fully integrated environment for security policies and trust including a runtime monitor. Finally, Service-Oriented Computing (SOC) is the leading technology for business applications distributed over a network. The security issues related to the service networks are many and multi-faceted. We mainly deal with the static verification of secure composition plans of web services. Moreover, we introduce the synthesis of dynamic security checks for protecting the services against illegal invocations

A quantitative man-machine model for cyber security efficiency analysis

The analysis of security defense processes is of utmost importance in the management of various cyber-security attacks, which are increasing in scope and rapidity. Organizations need to optimize their resources based on a sound understanding of the level of their security defense processes' efficiency and the impact of their investment. Modeling and characterization of the dynamics of cyber security management are essential to risk prediction, damage assessment, and resource allocations. This dissertation addresses the interactions between human factors and information systems. On the basis of the spiral life cycle model of software development processes, we develop a realistic, holistic security attack-defense model - Man-Machine Model (M3), which combines human factors and information systems' (i.e., machine) states under an integrated analytical framework. M3 incorporates man and machine components. The man component is comprised of several variables such as Skill & Knowledge (SKKN) and Teamwork Quality (TWQ). The machine component is composed of variables such as traffic volume and the amount of downtime. M3 enables the analysis of intrusion detection and incident response process efficiency, i.e., security defense team performance. With data analysis, we formulate and test four major research hypotheses based on the data collected during security experiments. Through hypothesis testing, we evaluate regression models to estimate the security defense team performance (i.e. efficiency) at different levels of human intelligence (e.g., skill and knowledge) and teamwork (e.g., teamwork quality). We assess the fitness and significance of the regression models, and verify their assumptions. Based on these results, organizations can hire those who have an appropriate level of skill and knowledge when it concerns investments to increase the level of skill and knowledge of security personnel. They also can attempt to increase the level of skill and knowledge of security personnel

Why do People Adopt, or Reject, Smartphone Security Tools?

A large variety of security tools exist for Smartphones, to help their owners to secure the phones and prevent unauthorised others from accessing their data and services. These range from screen locks to antivirus software to password managers. Yet many Smartphone owners do not use these tools despite their being free and easy to use. We were interested in exploring this apparent anomaly. A number of researchers have applied existing models of behaviour from other disciplines to try to understand these kinds of behaviours in a security context, and a great deal of research has examined adoption of screen locking mechanisms. We review the proposed models and consider how they might fail to describe adoption behaviours. We then present the Integrated Model of Behaviour Prediction (IMBP), a richer model than the ones tested thus far. We consider the kinds of factors that could be incorporated into this model in order to understand Smartphone owner adoption, or rejection, of security tools. The model seems promising, based on existing literature, and we plan to test its efficacy in future studies

Specification of vertical semantic consistency rules of UML class diagram refinement using logical approach

Unified Modelling Language (UML) is the most popular modelling language use for software design in software development industries with a class diagram being the most frequently use diagram. Despite the popularity of UML, it is being affected by inconsistency problems of its diagrams at the same or different abstraction levels. Inconsistency in UML is mostly caused by existence of various views on the same system and sometimes leads to potentially conflicting system specifications. In general, syntactic consistency can be automatically checked and therefore is supported by current UML Computer-aided Software Engineering (CASE) tools. Semantic consistency problems, unlike syntactic consistency problems, there exists no specific method for specifying semantic consistency rules and constraints. Therefore, this research has specified twenty-four abstraction rules of class‟s relation semantic among any three related classes of a refined class diagram to semantically equivalent relations of two of the classes using a logical approach. This research has also formalized three vertical semantic consistency rules of a class diagram refinement identified by previous researchers using a logical approach and a set of formalized abstraction rules. The results were successfully evaluated using hotel management system and passenger list system case studies and were found to be reliable and efficient

Post-Westgate SWAT : C4ISTAR Architectural Framework for Autonomous Network Integrated Multifaceted Warfighting Solutions Version 1.0 : A Peer-Reviewed Monograph

Police SWAT teams and Military Special Forces face mounting pressure and challenges from adversaries that can only be resolved by way of ever more sophisticated inputs into tactical operations. Lethal Autonomy provides constrained military/security forces with a viable option, but only if implementation has got proper empirically supported foundations. Autonomous weapon systems can be designed and developed to conduct ground, air and naval operations. This monograph offers some insights into the challenges of developing legal, reliable and ethical forms of autonomous weapons, that address the gap between Police or Law Enforcement and Military operations that is growing exponentially small. National adversaries are today in many instances hybrid threats, that manifest criminal and military traits, these often require deployment of hybrid-capability autonomous weapons imbued with the capability to taken on both Military and/or Security objectives. The Westgate Terrorist Attack of 21st September 2013 in the Westlands suburb of Nairobi, Kenya is a very clear manifestation of the hybrid combat scenario that required military response and police investigations against a fighting cell of the Somalia based globally networked Al Shabaab terrorist group.Comment: 52 pages, 6 Figures, over 40 references, reviewed by a reade

A conceptual model for EAI adoption in an e-government environment

The non-integrated nature of Local Government Authority (LGA) Information Systems (IS) is strongly associated with the inconsistency and duplication of data, reduction in data integrity and quality, and high operational and maintenance cost. The reason is that legacy IS within the LGAs are usually tailored to support particular business processes and functions and are as a consequence usually difficult to integrate. This gives rise to a strong need for an integrated architecture that facilitates reuse of existing applications and flexibly implementing business processes across the functional boundaries within the LGAs. This paper examines a potentially important area of IS integration in the United Kingdom (UK) LGAs through Enterprise Application Integration (EAI) technology. A review of the literature indicates that EAI has been a focal technology for several organisations in solving their integration problems. However, is new in the LGAs; thus research literature around it is limited. Yet the effect of IS integration using EAI technology remains under explored, as little research has been conducted to comprehend the LGAs perception of integration that influences their decisions and actions. The author demonstrates that it is of high importance to investigate this area within LGAs and result in research that contributes towards successful EAI adoption. Therefore, resulting in the development of a conceptual model that may be used to assist the government decision-making process for EAI adoption in an electronic Government (e-Government) environment