ThreMA: Ontology-based Automated Threat Modelling for ICT Infrastructures

Threat Modelling allows defenders to identify threats to which the target system is exposed. Such a process requires a detailed infrastructure analysis to map threats to assets and to identify possible flaws. Unfortunately, the process is still mostly done manually and without the support of formally sound approaches. Moreover, Threat Modelling often involves teams with different levels of security knowledge, leading to different possible interpretation in the system under analysis representation. Threat modelling automation comes with two main challenges: (i) the need for a standard representation of models and data used in various stages of the process, establishing a formal vocabulary for all involved parties, and (ii) the requirement for a well-defined inference rule set enabling reasoning process automation for threat identification. The paper presents the ThreMA approach to automating threat modelling for ICT infrastructures, aiming at addressing the key automation issues through the use of ontologies. Specifically, a formal vocabulary for modelling an ICT infrastructure, a threat catalog and a set of inference rules needed to support the reasoning process for threat identification are provided. The proposed approach has been validated against actual significant case studies provided by different Stakeholders of the Italian Public Sector

Assessing Security Risk and Requirements for Systems of Systems

A System of Systems (SoS) is a term used to describe independent systems converging for a purpose that could only be carried out through this interdependent collaboration. Many examples of SoSs exist, but the term has become a source of confusion across domains. Moreover, there are few illustrative SoS examples demonstrating their initial classification and structure. While there are many approaches for engineering of systems, less exist for SoS engineering. More specifically, there is a research gap towards approaches addressing SoS security risk assessment for engineering and operational needs, with a need for tool-support to assist modelling and visualising security risk and requirements in an interconnected SoS. From this, security requirements can provide a systematic means to identify constraints and related risks of the SoS, mitigated by human-user and system requirements. This work investigates specific challenges and current approaches for SoS security and risk, and aims to identify the alignment of SoS factors and concepts suitable for eliciting, analysing, validating risks with use of a tool-support for assessing security risk in the SoS context

CURRENT ISSUES AFFECTING TRADE AND TRADE POLICY: AN ANNOTATED LITERATURE REVIEW

This review provides a base of literature describing current issues and research on the impacts of lobalization and the industrialization of agriculture and recent approaches to analyze and model agricultural trade and trade policies. Three key factors of the survey are differentiated goods, global economic integration and international supply chain linkages. The review covers 182 publications, which are presented alphabetically by author with a brief annotation describing how it relates to the above criteria. The articles are also indexed by keyword. A brief summary highlights the documented literature and includes a series of issues for future discussion and research.International Relations/Trade,

Implementing 5D BIM on construction projects: Contractor perspectives from the UK construction sector

This is an accepted manuscript of an article published by Emerald in Journal of Engineering, Design and Technology on 09/05/2020: https://doi.org/10.1108/JEDT-01-2020-0007 The accepted version of the publication may differ from the final published version.Purpose The purpose of this paper is to report on primary research findings that sought to investigate and analyse salient issues on the implementation of 5D building information modelling (BIM) from the UK contractors’ perspective. Previous research and efforts have predominantly focussed on the use of technologies for cost estimation and quantity takeoff within a more traditional-led procurement, with a paucity of research focussing on how 5D BIM could facilitate costing within contractor-led procurement. This study fills this current knowledge gap and enhances the understanding of the specific costing challenges faced by contractors in contractor-led projects, leading to the development of 5D framework for use in future projects. Design/methodology/approach To develop a fully detailed understanding of the challenges and issues being faced in this regard, a phenomenological, qualitative-based study was undertaken through interviews involving 21 participants from UK-wide construction organisations. A thematic data analytical process was applied to the data to derive key issues, and this was then used to inform the development of a 5D-BIM costing framework. Findings Multi-disciplinary findings reveal a range of issues faced by contractors when implementing 5D BIM. These exist at strategic, operational and technological levels which require addressing successful implementation of 5D BIM on contractor-led projects adhering to Level 2 BIM standards. These findings cut across the range of stakeholders on contractor-led projects. Ultimately, the findings suggest strong commitment and leadership from organisational management are required to facilitate cost savings and generate accurate cost information. Practical implications This study highlights key issues for any party seeking to effectively deploy 5D BIM on a contractor-led construction project. A considerable cultural shift towards automating and digitising cost functions virtually, stronger collaborative working relationship relative to costing in design development, construction practice, maintenance and operation is required. Originality/value By analysing findings from primary research data, the work concludes with the development of a 5D BIM costing framework to support contractor-led projects which can be implemented to ensure that 5D BIM is successfully implemented

Systems approaches to animal disease surveillance and resource allocation: methodological frameworks for behavioral analysis

While demands for animal disease surveillance systems are growing, there has been little applied research that has examined the interactions between resource allocation, cost-effectiveness, and behavioral considerations of actors throughout the livestock supply chain in a surveillance system context. These interactions are important as feedbacks between surveillance decisions and disease evolution may be modulated by their contextual drivers, influencing the cost-effectiveness of a given surveillance system. This paper identifies a number of key behavioral aspects involved in animal health surveillance systems and reviews some novel methodologies for their analysis. A generic framework for analysis is discussed, with exemplar results provided to demonstrate the utility of such an approach in guiding better disease control and surveillance decisions

The Knowledge Application and Utilization Framework Applied to Defense COTS: A Research Synthesis for Outsourced Innovation

Purpose -- Militaries of developing nations face increasing budget pressures, high operations tempo, a blitzing pace of technology, and adversaries that often meet or beat government capabilities using commercial off-the-shelf (COTS) technologies. The adoption of COTS products into defense acquisitions has been offered to help meet these challenges by essentially outsourcing new product development and innovation. This research summarizes extant research to develop a framework for managing the innovative and knowledge flows. Design/Methodology/Approach – A literature review of 62 sources was conducted with the objectives of identifying antecedents (barriers and facilitators) and consequences of COTS adoption. Findings – The DoD COTS literature predominantly consists of industry case studies, and there’s a strong need for further academically rigorous study. Extant rigorous research implicates the importance of the role of knowledge management to government innovative thinking that relies heavily on commercial suppliers. Research Limitations/Implications – Extant academically rigorous studies tend to depend on measures derived from work in information systems research, relying on user satisfaction as the outcome. Our findings indicate that user satisfaction has no relationship to COTS success; technically complex governmental purchases may be too distant from users or may have socio-economic goals that supersede user satisfaction. The knowledge acquisition and utilization framework worked well to explain the innovative process in COTS. Practical Implications – Where past research in the commercial context found technological knowledge to outweigh market knowledge in terms of importance, our research found the opposite. Managers either in government or marketing to government should be aware of the importance of market knowledge for defense COTS innovation, especially for commercial companies that work as system integrators. Originality/Value – From the literature emerged a framework of COTS product usage and a scale to measure COTS product appropriateness that should help to guide COTS product adoption decisions and to help manage COTS product implementations ex post