The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Aeronautical Engineering: A special bibliography with indexes, supplement 64, December 1975

This bibliography lists 288 reports, articles, and other documents introduced into the NASA scientific and technical information system in November 1975

Attack-Surface Metrics, OSSTMM and Common Criteria Based Approach to “Composable Security” in Complex Systems

In recent studies on Complex Systems and Systems-of-Systems theory, a huge effort has been put to cope with behavioral problems, i.e. the possibility of controlling a desired overall or end-to-end behavior by acting on the individual elements that constitute the system itself. This problem is particularly important in the “SMART” environments, where the huge number of devices, their significant computational capabilities as well as their tight interconnection produce a complex architecture for which it is difficult to predict (and control) a desired behavior; furthermore, if the scenario is allowed to dynamically evolve through the modification of both topology and subsystems composition, then the control problem becomes a real challenge. In this perspective, the purpose of this paper is to cope with a specific class of control problems in complex systems, the “composability of security functionalities”, recently introduced by the European Funded research through the pSHIELD and nSHIELD projects (ARTEMIS-JU programme). In a nutshell, the objective of this research is to define a control framework that, given a target security level for a specific application scenario, is able to i) discover the system elements, ii) quantify the security level of each element as well as its contribution to the security of the overall system, and iii) compute the control action to be applied on such elements to reach the security target. The main innovations proposed by the authors are: i) the definition of a comprehensive methodology to quantify the security of a generic system independently from the technology and the environment and ii) the integration of the derived metrics into a closed-loop scheme that allows real-time control of the system. The solution described in this work moves from the proof-of-concepts performed in the early phase of the pSHIELD research and enrich es it through an innovative metric with a sound foundation, able to potentially cope with any kind of pplication scenarios (railways, automotive, manufacturing, ...)

The Factory of the Future

A brief history of aircraft production techniques is given. A flexible machining cell is then described. It is a computer controlled system capable of performing 4-axis machining part cleaning, dimensional inspection and materials handling functions in an unmanned environment. The cell was designed to: allow processing of similar and dissimilar parts in random order without disrupting production; allow serial (one-shipset-at-a-time) manufacturing; reduce work-in-process inventory; maximize machine utilization through remote set-up; maximize throughput and minimize labor

Aeronautical engineering: A continuing bibliography, supplement 122

This bibliography lists 303 reports, articles, and other documents introduced into the NASA scientific and technical information system in April 1980

The outlook for aeronautics, 1980 - 2000: Appendix B: Study group report on an industry-university-government survey

Results of a comprehensive survey of key representatives of the aeronautical community are presented. Emphasis is placed on trends in civil and military aviation, the role of NASA in aeronautical research and development, and the required technology advances for the development of new aircraft

Architectural Generation of Context-based Attack Paths

In industriellen Prozessen (Industrie 4.0) und anderen Bereichen unseres Lebens wie dem Energie- oder Gesundheitssektor wird die Vertraulichkeit von Daten zunehmend wichtig. Um vertrauliche Informationen auf kritischen Systemen zu schützen, ist es wichtig zu bestimmen ob die Kompromittierung dieser kritischen Systeme möglich ist. Deshalb müssen relevante Angriffspfade in verschiedenen Zugriffskontrollkontexten gefunden werden, um verschiedene Softwarearchitekturen bezüglich dieses Sicherheitsaspekts zu vergleichen. Um Kosten zu sparen, ist es wichtig potentielle Angriffspfade bereits in der Entwurfsphase der Softwarearchitektur zu betrachten. Es gibt bereits Ansätze, die das Thema der Angriffspfadgenerierung adressieren. Allerdings betrachten sie es oft nicht auf einer Softwarearchitekturmodellierungsebene, was die Analyse für den Zweck der komponentenbasierten Softwaremodellierung erschwert. Des Weiteren, betrachten andere Ansätze oft nicht sowohl Verwundbarkeiten als auch Zugriffskontrollmechanismen. Deshalb stellt diese Arbeit einen Ansatz vor, um alle potentiellen Angriffspfade in einem Softwarearchitekturmodell bezüglich Verwundbarkeiten und Zugriffskontrolle zu finden. Das hilft Softwarearchitekten und Sicherheitsexperten relevante und kritische Angriffspfade zu einem kritischen Element leichter zu finden. Jedoch sind alle Angriffspfade oft zu viele, sodass der hier präsentierte Ansatz sinnvolle Filterkriterien einführt und verwendet, welche auf verbreiteten Verwundbarkeitsklassifikationsstandarts beruhen. Der Grund für diese Filter ist es, dem Softwarearchitekt zu ermöglichen, die resultierenden Angriffspfade auf die relevanten zu begrenzen. Die Evaluation der Arbeit deutete an, dass das verwendete Modell und der implementierte Ansatz in kleinen Szenarien, die aus Fallstudien aus der echten Welt extrahiert wurden, meistens angewendet werden kann. Außerdem deutete die Evaluation ebenfalls eine Aufwandsreduktion von 35 % bis zu 80 % für den Softwarearchitekt an. Allerdings konnte keine größere Skalierbarkeit des Ansatzes gezeigt werden, da ein exponentielles Laufzeitverhalten festgestellt wurde. Allerdings ist das Abmildern des Skalierbarkeitsproblem einer der Hauptgründe für das Verwenden der Filterkriterien