39,630 research outputs found
Recommended from our members
Arguing satisfaction of security requirements
This chapter presents a process for security requirements elicitation and analysis,
based around the construction of a satisfaction argument for the security of a
system. The process starts with the enumeration of security goals based on assets
in the system, then uses these goals to derive security requirements in the form of
constraints. Next, a satisfaction argument for the system is constructed, using a
problem-centered representation, a formal proof to analyze properties that can be
demonstrated, and structured informal argumentation of the assumptions exposed
during construction of the argument. Constructing the satisfaction argument can
expose missing and inconsistent assumptions about system context and behavior
that effect security, and a completed argument provides assurances that a system
can respect its security requirements
Model the System from Adversary Viewpoint: Threats Identification and Modeling
Security attacks are hard to understand, often expressed with unfriendly and
limited details, making it difficult for security experts and for security
analysts to create intelligible security specifications. For instance, to
explain Why (attack objective), What (i.e., system assets, goals, etc.), and
How (attack method), adversary achieved his attack goals. We introduce in this
paper a security attack meta-model for our SysML-Sec framework, developed to
improve the threat identification and modeling through the explicit
representation of security concerns with knowledge representation techniques.
Our proposed meta-model enables the specification of these concerns through
ontological concepts which define the semantics of the security artifacts and
introduced using SysML-Sec diagrams. This meta-model also enables representing
the relationships that tie several such concepts together. This representation
is then used for reasoning about the knowledge introduced by system designers
as well as security experts through the graphical environment of the SysML-Sec
framework.Comment: In Proceedings AIDP 2014, arXiv:1410.322
A Systematic Classification and Analysis of NFRs
The main agenda of Requirements Engineering (RE) is the development of tools, techniques and languages for the elicitation, specification, negotiation, and validation of software requirements. However, this development has traditionally been focused on functional requirements (FRs), rather than non-functional requirements (NFRs). Consequently, NFR approaches developed over the years have been fragmental and there is a lack of clear understanding of the positions of these approaches in the RE process. This paper provides a systematic classification and analysis of 89 NFR approaches
Recommended from our members
Towards an aspect weaving BPEL engine
This position paper proposes the use of dynamic aspects and
the visitor design pattern to obtain a highly configurable and
extensible BPEL engine. Using these two techniques, the
core of this infrastructural software can be customised to
meet new requirements and add features such as debugging,
execution monitoring, or changing to another Web Service
selection policy. Additionally, it can easily be extended to
cope with customer-specific BPEL extensions. We propose
the use of dynamic aspects not only on the engine itself
but also on the workflow in order to tackle the problems of
Web Service hot deployment and hot fixes to long running
processes. In this way, composing aWeb Service "on-the-fly"
means weaving its choreography interface into the workflow
Managing in conflict: How actors distribute conflict in an industrial network
IMP researchers have examined conflict as a threat to established business relationships and commercial exchanges, drawing on theories and concepts developed in organization studies. We examine cases of conflict in relationships from the oil and gas industry's service sector, focusing on conflicts of interest and resources, and conflict as experienced by actors. Through a comparative case study design, we propose an explanation of how actors manage conflict and manage in conflict given that they tend to value and maintain relationships beyond episodes of exchange. We consider conflicts in relationships from a network perspective, showing that actors experienced these while adapting to changes in their business setting, modifying their roles in that network. By identifying conflict with the organizing forms of relationship and network, we show how actors formulate conflict through pursuing and combining a number of strategies, distributing the conflict across an enlarged network
Optical Flow on Moving Manifolds
Optical flow is a powerful tool for the study and analysis of motion in a
sequence of images. In this article we study a Horn-Schunck type
spatio-temporal regularization functional for image sequences that have a
non-Euclidean, time varying image domain. To that end we construct a Riemannian
metric that describes the deformation and structure of this evolving surface.
The resulting functional can be seen as natural geometric generalization of
previous work by Weickert and Schn\"orr (2001) and Lef\`evre and Baillet (2008)
for static image domains. In this work we show the existence and wellposedness
of the corresponding optical flow problem and derive necessary and sufficient
optimality conditions. We demonstrate the functionality of our approach in a
series of experiments using both synthetic and real data.Comment: 26 pages, 6 figure
Relating software requirements and architectures using problem frames
Problem frames provide a means of analyzing and decomposing problems. They emphasise the world outside of the computer, helping the developer to focus on the problem domain, instead of drifting into inventing solutions.
However, even modestly complex problems can force us into detailed consideration of the architecture of the solution. This is counter to the intention of the problem frames approach, which is to delay consideration of the solution space until a good understanding of the problem is gained.
We therefore extend problem frames, allowing architectural structures, services and artifacts to be considered as part of the problem domain. Through a case study, we show how this extension enhances the applicability of problem frames in permitting an architecture-based approach to software development. We conclude that, through our extension, the applicability of problem frames is extended to include domains with existing architectural support
Modal logics are coalgebraic
Applications of modal logics are abundant in computer science, and a large number of structurally different modal logics have been successfully employed in a diverse spectrum of application contexts. Coalgebraic semantics, on the other hand, provides a uniform and encompassing view on the large variety of specific logics used in particular domains. The coalgebraic approach is generic and compositional: tools and techniques simultaneously apply to a large class of application areas and can moreover be combined in a modular way. In particular, this facilitates a pick-and-choose approach to domain specific formalisms, applicable across the entire scope of application areas, leading to generic software tools that are easier to design, to implement, and to maintain. This paper substantiates the authors' firm belief that the systematic exploitation of the coalgebraic nature of modal logic will not only have impact on the field of modal logic itself but also lead to significant progress in a number of areas within computer science, such as knowledge representation and concurrency/mobility
- …