Towards Automating the Construction & Maintenance of Attack Trees: a Feasibility Study

Security risk management can be applied on well-defined or existing systems; in this case, the objective is to identify existing vulnerabilities, assess the risks and provide for the adequate countermeasures. Security risk management can also be applied very early in the system's development life-cycle, when its architecture is still poorly defined; in this case, the objective is to positively influence the design work so as to produce a secure architecture from the start. The latter work is made difficult by the uncertainties on the architecture and the multiple round-trips required to keep the risk assessment study and the system architecture aligned. This is particularly true for very large projects running over many years. This paper addresses the issues raised by those risk assessment studies performed early in the system's development life-cycle. Based on industrial experience, it asserts that attack trees can help solve the human cognitive scalability issue related to securing those large, continuously-changing system-designs. However, big attack trees are difficult to build, and even more difficult to maintain. This paper therefore proposes a systematic approach to automate the construction and maintenance of such big attack trees, based on the system's operational and logical architectures, the system's traditional risk assessment study and a security knowledge database.Comment: In Proceedings GraMSec 2014, arXiv:1404.163

A method for tailoring the information content of a software process model

The framework is defined for a general method for selecting a necessary and sufficient subset of a general software life cycle's information products, to support new software development process. Procedures for characterizing problem domains in general and mapping to a tailored set of life cycle processes and products is presented. An overview of the method is shown using the following steps: (1) During the problem concept definition phase, perform standardized interviews and dialogs between developer and user, and between user and customer; (2) Generate a quality needs profile of the software to be developed, based on information gathered in step 1; (3) Translate the quality needs profile into a profile of quality criteria that must be met by the software to satisfy the quality needs; (4) Map the quality criteria to set of accepted processes and products for achieving each criterion; (5) Select the information products which match or support the accepted processes and product of step 4; and (6) Select the design methodology which produces the information products selected in step 5

Integration of Cost andWork Breakdown Structures in the Management of Construction Projects

Scope management allows project managers to react when a project underperforms regarding schedule, budget, and/or quality at the execution stage. Scope management can also minimize project changes and budget omissions, as well as improve the accuracy of project cost estimates and risk responses. For scope management to be effective, though, it needs to rely on a robust work breakdown structure (WBS). A robust WBS hierarchically and faithfully reflects all project tasks and work packages so that projects are easier to manage. If done properly, the WBS also allows meeting the project objectives while delivering the project on time, on budget, and with the required quality. This paper analyzes whether the integration of a cost breakdown structure (CBS) can lead to the generation of more robust WBSs in construction projects. Over the last years, some international organizations have standardized and harmonized different cost classification systems (e.g., ISO 12006-2, ISO 81346-12, OmniClass, CoClass, UniClass). These cost databases have also been introduced into building information modeling (BIM) frameworks. We hypothesize that in BIM environments, if these CBSs are used to generate the project WBS, several advantages are gained such as sharper project definition. This enhanced project definition reduces project contradictions at both planning and execution stages, anticipates potential schedule and budget deviations, improves resource allocation, and overall it allows a better response to potential project risks. The hypothesis that the use of CBSs can generate more robust WBSs is tested by the response analysis of a questionnaire survey distributed among construction practitioners and project managers. By means of structural equation modeling (SEM), the correlation (agreement) and perception differences between two 250-respondent subsamples (technical project staff vs. project management staff) are also discussed. Results of this research support the use of CBSs by construction professionals as a basis to generate WBSs for enhanced project management (PM)

Vaccine Risk Communication: Lessons from Risk Perception, Decision Making and Environmental Risk Communication Research

Dr. Bostrom reviews the rich variety of empirical findings available to guide risk communication and demonstrates how it can contribute to vaccine risk and safety communication

Combined make-to-order and make-to-stock in a food production system

The research into multi-product production/inventory control systems has mainly assumed one of the two strategies: Make-to-Order (MTO) or Make-to-Stock (MTS). In practice, however, many companies cater to an increasing variety of products with varying logistical demands (e.g. short due dates, specific products) and production characteristics (e.g. capacity usage, setup) to different market segments and so they are moving to more MTO-production. As a consequence they operate under a hybrid MTO-MTS strategy. Important issues arising out of such situations are, for example, which products should be manufactured to stock and which ones on order and, how to allocate capacity among various MTO-MTS products. This paper presents the state-of-the-art literature review of the combined MTO-MTS production situations. A variety of production management issues in the context of food processing companies, where combined MTO-MTS production is quite common, are discussed in details. The authors propose a comprehensive hierarchical planning framework that covers the important production management decisions to serve as a starting point for evaluation and further research on the planning system for MTO-MTS situations.

Multiple Criteria Decision Analysis (MCDA) for evaluating new medicines in Health Technology Assessment and beyond: the Advance Value Framework

Escalating drug prices have catalysed the generation of numerous “value frameworks” with the aim of informing payers, clinicians and patients on the assessment process of new medicines for the purpose of coverage and treatment selection decisions. Although this is an important step towards a more inclusive Value Based Assessment (VBA) approach, aspects of these frameworks are based on weak methodologies and could potentially result in misleading recommendations or decisions. A Multiple Criteria Decision Analysis (MCDA) methodological process based on Multi Attribute Value Theory (MAVT) is adopted for building a multi-criteria evaluation model. A five-stage model-building process is followed, using a top-down “value-focused thinking” approach, involving literature reviews and expert consultations. A generic value tree is structured capturing decision-makers’ concerns for assessing the value of new medicines in the context of Health Technology Assessment (HTA) and in alignment with decision theory. The resulting value tree (Advance Value Tree) spans three levels of criteria (top level criteria clusters, mid-level criteria, bottom level sub-criteria or attributes) relating to five key domains that can be explicitly measured and assessed: (a) burden of disease, (b) therapeutic impact, (c) safety profile (d) innovation level, and (e) socioeconomic impact. A number of MAVT modelling techniques are introduced for operationalising (i.e. estimating) the model, for scoring the alternative options, assigning relative weights of importance to the criteria, and combining scores and weights. Overall, the combination of these MCDA modelling techniques for the elicitation and construction of value preferences across the generic value tree provides 3 a new value framework (Advance Value Framework) enabling the comprehensive measurement of value in a transparent and structured way. Given the flexibility to meet diverse requirements and become readily adaptable across different settings, it could be tested as a decision-support tool for decision-makers to aid coverage and reimbursement of new medicines

Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS - a collection of Technical Notes Part 1

This report provides an introduction and overview of the Technical Topic Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS (Tigars) project. These notes aim to support the development and evaluation of autonomous vehicles. Part 1 addresses: Assurance-overview and issues, Resilience and Safety Requirements, Open Systems Perspective and Formal Verification and Static Analysis of ML Systems. Part 2: Simulation and Dynamic Testing, Defence in Depth and Diversity, Security-Informed Safety Analysis, Standards and Guidelines