Evaluating Security Assurance Case Adaptation

Security certification processes for information systems involve expressing security controls as functional and non-functional requirements, monitoring deployed mechanisms that satisfy the requirements, and measuring the degree of confidence in system compliance. With the potential for systems to perform runtime self-adaptation, functional changes to remedy system performance may impact security control compliance. This impact can extend throughout a network of related controls causing significant degradation to the system’s overall compliance status. We represent security controls as security assurance cases and implement them in XML for management and evaluation. The approach maps security controls to softgoals, introducing achievement weights to the assurance case structure as the foundation for determining security softgoal satisficing levels. Potential adaptations adjust the achievement weights to produce different satisficing levels. We show how the levels can be propagated within the network of related controls to assess the overall security control compliance of a potential adaptation

Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS - a collection of Technical Notes Part 1

This report provides an introduction and overview of the Technical Topic Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS (Tigars) project. These notes aim to support the development and evaluation of autonomous vehicles. Part 1 addresses: Assurance-overview and issues, Resilience and Safety Requirements, Open Systems Perspective and Formal Verification and Static Analysis of ML Systems. Part 2: Simulation and Dynamic Testing, Defence in Depth and Diversity, Security-Informed Safety Analysis, Standards and Guidelines

An Architectural Design to Address the Impact of Adaptations on Intrusion Detection Systems

Many self-adaptive, autonomous systems rely on component technologies to report anomalies to planning processes that can choose adaptations. What if the analysis technologies themselves need to be adapted? We consider an intrusion detection system (IDS) supported by two component technologies that assist its decision making: a neural network that finds security anomalies and an attack graph that informs the IDS about system states of interest. The IDS’s purpose is to send alerts regarding security anomalies. Planning processes respond to alerts by selecting mitigation strategies. Mitigations are imposed system-wide and can result in adaptations to the analysis technology, such as the IDS. Thus, without adaptation it may reach a state of stagnation in its detection quality. In this paper, we describe an architectural design for an adaptive layer that works directly with an IDS. We examine two use cases involving different mitigation strategies and their impact on the IDS’s supporting components

Report Open Course Programme Wageningen UR, 2010

Annually, the Wageningen UR open course programme for mid-career professionals provides some six hundred individuals with the opportunity to update their competencies and insights. EL&I co-finances this course programme with the aim to maintain close linkages with international policy priorities and to support course innovation and development. This report provides an overview of the outputs over 2010 in relation to the commitment number 1400002642. The demand driven programme was highly successful with over six hundred participants in some 23 courses. Individual course developments are indicated and the annex provides a strategy update indicating how the programme addresses the new government’s policy priorities on international cooperation

Enterprise resource planning systems implementation and the implications for the internal audit function

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Corporate governance has received increased attention from both regulators and researchers in recent years resulting in highlighting the significance of the internal audit function (IAF). Another transformative force on the IAF has been the dissemination of enterprise resource planning (ERP) systems which have an impact on the legitimacy of the IAF if it is not suitably adapted. However, there is insufficient knowledge about the adaptations of the IAF which are required if it is to maintain its essential role in governance. This thesis extends our knowledge by exploring and theorising the adaptation of the IAF after ERP introduction. This thesis uses institutional theory as a lens through which to investigate how the IAF responds to the external governance pressures and the internal pressures of the control logic following the introduction of an ERP system. Data were gathered from two listed companies in the food and beverage sector and two large banks operating in Egypt, where one of each pair is an international company and the other is a national company. Interviews and focus groups were conducted with all stakeholders in addition to careful analysis of a number of internal and external documents related to the ERP and the IAF. The study finds that governance pressures related to the IAF determine the legitimisation criteria for the IAF. There is little coercive governance pressure on the IAF in Egypt. However, international companies with operations in Egypt have introduced normative governance pressures as a result of their compliance with stock exchange rules in other jurisdictions. Therefore, mimetic behaviour has helped in transferring the IAF response to ERP implementation. ERP systems carry new control logics based on some interlinked assumptions, which have affected the IAF. The ERP system’s control logic is aligned with the corporate governance goals and objectives, but further alignment is needed to make the best use of the ERP system in enhancing internal control. The introduction of an ERP system produces uncertainty about the IAF’s activities, which motivates it to adapt by changing its practice and structure. The changes in the IAF are dependent on the strategic response adopted by the auditors, which range from acquiescence to defiance. These responses were found to change over time. The differences in responses result in different outcomes for the IAF adaptation. In the international companies the implementation of an ERP system motivates the IAF to be integrated and have a comprehensive scope, whereas in the national companies change was resisted and the role of the IAF was significantly diminished. The IAF’s legitimacy maintaining strategies depend on the coercive and normative governance pressures, which give directions about how to maintain legitimacy. This study offers an explanation of how information systems contribute to the IAF’s professional stability or change and of how macro-governance pressures can bind micro-IAF practice within organisations.

Newcastle College: report from the Inspectorate (FEFC inspection report; 80/96 and 98/99)

The Further Education Funding Council has a legal duty to make sure further education in England is properly assessed. The FEFC’s inspectorate inspects and reports on each college of further education according to a four-year cycle. This record comprises the reports for periods 1995-96 and 1998-99