20,786 research outputs found
Towards Automating the Construction & Maintenance of Attack Trees: a Feasibility Study
Security risk management can be applied on well-defined or existing systems;
in this case, the objective is to identify existing vulnerabilities, assess the
risks and provide for the adequate countermeasures. Security risk management
can also be applied very early in the system's development life-cycle, when its
architecture is still poorly defined; in this case, the objective is to
positively influence the design work so as to produce a secure architecture
from the start. The latter work is made difficult by the uncertainties on the
architecture and the multiple round-trips required to keep the risk assessment
study and the system architecture aligned. This is particularly true for very
large projects running over many years. This paper addresses the issues raised
by those risk assessment studies performed early in the system's development
life-cycle. Based on industrial experience, it asserts that attack trees can
help solve the human cognitive scalability issue related to securing those
large, continuously-changing system-designs. However, big attack trees are
difficult to build, and even more difficult to maintain. This paper therefore
proposes a systematic approach to automate the construction and maintenance of
such big attack trees, based on the system's operational and logical
architectures, the system's traditional risk assessment study and a security
knowledge database.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Working Notes from the 1992 AAAI Workshop on Automating Software Design. Theme: Domain Specific Software Design
The goal of this workshop is to identify different architectural approaches to building domain-specific software design systems and to explore issues unique to domain-specific (vs. general-purpose) software design. Some general issues that cut across the particular software design domain include: (1) knowledge representation, acquisition, and maintenance; (2) specialized software design techniques; and (3) user interaction and user interface
Recommended from our members
A framework of justification criteria for advanced manufacturing technology implementation in small and medium enterprises
Today in order to stay in businesses and prosper, Small and Medium Enterprises (SMEs) are seeking higher electiveness and competitiveness across the entire cycle of marketing, product design, manufacture, test and sales. SMEs play an increasingly important role in all aspects of competitiveness: both products and production techniques, but also management methods, the organization of the firm and human resources training. One of the ways by which SMEs can achieve a competitive advantage in manufacturing is through the implementation of Advanced Manufacturing Technology (AMT). An increasing number of them have chosen and are choosing various levels of AMT as the solution. Realizing the importance of SMEs, an attempt has been made in this paper to review the application of AMT in SMEs. Also, a framework has been offered for the implementation of AMT in SMEs. Finally, a summary of findings and conclusions are presented
- …