Modeling security and privacy requirements: A use case-driven approach

Context: Modern internet-based services, ranging from food-delivery to home-caring, leverage the availability of multiple programmable devices to provide handy services tailored to end-user needs. These services are delivered through an ecosystem of device-specific software components and interfaces (e.g., mobile and wearable device applications). Since they often handle private information (e.g., location and health status), their security and privacy requirements are of crucial importance. Defining and analyzing those requirements is a significant challenge due to the multiple types of software components and devices integrated into software ecosystems. Each software component presents peculiarities that often depend on the context and the devices the component interact with, and that must be considered when dealing with security and privacy requirements. Objective: In this paper, we propose, apply, and assess a modeling method that supports the specification of security and privacy requirements in a structured and analyzable form. Our motivation is that, in many contexts, use cases are common practice for the elicitation of functional requirements and should also be adapted for describing security requirements. Method: We integrate an existing approach for modeling security and privacy requirements in terms of security threats, their mitigations, and their relations to use cases in a misuse case diagram. We introduce new security-related templates, i.e., a mitigation template and a misuse case template for specifying mitigation schemes and misuse case specifications in a structured and analyzable manner. Natural language processing can then be used to automatically report inconsistencies among artifacts and between the templates and specifications. Results: We successfully applied our approach to an industrial healthcare project and report lessons learned and results from structured interviews with engineers. Conclusion: Since our approach supports the precise specification and analysis of security threats, threat scenarios and their mitigations, it also supports decision making and the analysis of compliance to standards

State of Science: Why Does Rework Occur in Construction? What Are Its Consequences? And What Can be Done to Mitigate Its Occurrence?

There has been a wealth of research that has examined the nature of rework in construction. Progress toward addressing the rework problem has been limited—it still plagues practice, adversely impacting a project's performance. Almost all rework studies have focused on determining its proximal or root causes and therefore have overlooked the conditions that result from its manifestation. In filling this void, this paper draws upon our previous empirical studies, amongst others, to provide a much-needed theoretical framing to understand better why rework occurs, what its consequences are, and how it can be mitigated during construction. The theoretical framing we derive from our review provides construction organizations and their projects with a realization that the journey to mitigating rework begins with creating an error-mastery culture comprising authentic leadership, psychological safety, an error-management orientation, and resilience. We suggest that, once an error-mastery culture is established within construction organizations and their projects, they will be better positioned to realize the benefits of the techniques, tools, and technologies espoused to address rework, such as the Last Planner® and building information modeling. We also provide directions for future research and identify implications for practice so that strides toward rework mitigation in construction can be made

Understanding the reproductive behavior and population condition of the sandbar shark (Carcharhinus plumbeus) in the western North Atlantic: A molecular approach to conservation and management

The sandbar shark, Carcharhinus plumbeus, has a discontinuous cosmopolitan distribution and is exploited throughout much of its range. In the western North Atlantic, it constitutes the majority of the directed commercial fishery. The stock has declined greatly since the fisheries\u27 inception and has not shown signs of recovery despite the implementation of management practices. Like many highly vagile marine species, it is difficult to obtain information about the sandbar shark through direct observation. Therefore, the goal of this dissertation is to use a molecular approach to examine aspects of behavior and reproduction, providing information useful in conservation and management. to this end, I examine the prevalence of genetic polyandry in the western North Atlantic and estimate effective population size and effective number of breeders for the Delaware Bay and Eastern Shore of Virginia nursery grounds. In addition, I look at patterns of philopatry and reproductive periodicity, while on a worldwide scale, assessing both historical and contemporary gene flow. Paternity analysis using microsatellite markers reveals that most females are mate with multiple males during one reproductive period. Despite the high prevalence of genetic polyandry, no direct benefits are detected. The data, however, suggest that males benefit by excluding other males from mating, intimating strong intrasexual competition. The effective number of breeders per nursery ground, estimated using the linkage disequilibrium method, is fairly consistent across years. Comparisons with census size estimates made for Delaware Bay reveal that the two measurements are tightly coupled. The ratio of effective size to census size is 0.45 or higher. This suggests that monitoring of effective population size may be a useful methodology for tracking abundance, and that exploitation may have a direct negative impact on the level of genetic variance. The results suggest that females may stray between nursery grounds found in Delaware Bay, the Eastern Shore lagoons and Chesapeake Bay, as phi st values are nonsignificant and kin groups are detected between as well as within samples. However, true kin groups can not be distinguished from erroneous kin groups because sample size is too small and the loci employed do not have enough power. Even so, the results suggest that female reproductive periodicity in this species needs to be reevaluated. Different patterns of historical dispersal and contemporary gene flow are observed when markers with different modes of inheritance are used to evaluate historical phylogeography. The results suggest that, although females show regional phylopatry, pulses of female dispersal during the Pleistocene may have created the species\u27 current distribution. This dynamic may have been mediated by the changing distribution of nursery habitat caused by the rise and fall of sea level associated with climate change rather than by fluctuating temperature. This idea is supported by the results, which suggest that male mediated gene flow persists long after female gene flow has stopped

Modeling Security and Privacy Requirements: a Use Case-Driven Approach

Context: Modern internet-based services, ranging from food-delivery to home-caring, leverage the availability of multiple programmable devices to provide handy services tailored to end-user needs. These services are delivered through an ecosystem of device-specific software components and interfaces (e.g., mobile and wearable device applications). Since they often handle private information (e.g., location and health status), their security and privacy requirements are of crucial importance. Defining and analyzing those requirements is a significant challenge due to the multiple types of software components and devices integrated into software ecosystems. Each software component presents peculiarities that often depend on the context and the devices the component interact with, and that must be considered when dealing with security and privacy requirements. Objective: In this paper, we propose, apply, and assess a modeling method that supports the specification of security and privacy requirements in a structured and analyzable form. Our motivation is that, in many contexts, use cases are common practice for the elicitation of functional requirements and should also be adapted for describing security requirements. Method: We integrate an existing approach for modeling security and privacy requirements in terms of security threats, their mitigations, and their relations to use cases in a misuse case diagram. We introduce new security-related templates, i.e., a mitigation template and a misuse case template for specifying mitigation schemes and misuse case specifications in a structured and analyzable manner. Natural language processing can then be used to automatically report inconsistencies among artifacts and between the templates and specifications. Results: We successfully applied our approach to an industrial healthcare project and report lessons learned and results from structured interviews with engineers. Conclusion: Since our approach supports the precise specification and analysis of security threats, threat scenarios and their mitigations, it also supports decision making and the analysis of compliance to standards

Improved utility and application of probabilistic methods for reliable mechanical design

In a modern product development process such as in the automotive and aerospace sectors, extensive analytical and simulation approaches often are used to assess the ability of a design in fulfilling its requirements. Consideration of uncertainty in such situations is critical in ensuring a reliable design is produced. Probabilistic methods facilitate an improved understanding of design performance through characterization of uncertainty in the design parameters. The probabilistic methods developed over the past several decades have a range of capabilities and modes of application, for example, to predict reliability, for optimization, and to perform sensitivity studies, but have yet to be taken up routinely by industry due to a number of reasons. In this paper, issues that have typically inhibited their use or prevented a successful outcome are addressed through a systematic framework for improved utility and successful application of probabilistic designing for mechanical reliability

Effective board governance of safe care: a (theoretically underpinned) cross-sectioned examination of the breadth and depth of relationships through national quantitative surveys and in-depth qualitative case studies

Background: Recent high-profile reports into serious failings in the quality of hospital care in the NHS raise concerns over the ability of trust boards to discharge their duties effectively. Objectives: Our study aimed to generate theoretically grounded empirical evidence on the associations between board governance, patient safety processes and patient-centred outcomes. The specific aims were as follows: (1) to identify the types of governance activities undertaken by hospital trust boards in the English NHS with regard to ensuring safe care in their organisation; (2) in foundation trusts, to explore the role of boards and boards of governors with regards to the oversight of patient safety in their organisation; (3) to assess the association between particular hospital trust board oversight activities and patient safety processes and clinical outcomes; (4) to identify the facilitators and barriers to developing effective hospital trust board governance of safe care; and (5) to assess the impact of external commissioning arrangements and incentives on hospital trust board oversight of patient safety. Methods: The study comprised three distinct but interlocking strands: (1) a narrative systematic review in order to describe, interpret and synthesise key findings and debates concerning board oversight of patient safety; (2) in-depth mixed-methods case studies in four organisations to assess the impact of hospital board governance and external incentives on patient safety processes and outcomes; and (3) two national surveys exploring board management in NHS acute and specialist hospital trusts in England, and relating board characteristics to whole-organisation outcomes. Results: A very high proportion of trust boards reported the kinds of desirable characteristics and board-related processes that research says may be associated with higher performance. Our analysis of the symbolic aspects of board activities highlights the role and differences in local processes of organising the governance of patient safety. Most boards do allocate considerable amount of time to discussing patient safety and quality-related issues and were using a wide range of hard performance metrics and soft intelligence to monitor its organisation with regard to patient safety. Although the board of governors is generally perceived to be well-meaning, they were also considered to be being largely ineffective in helping to promote and deliver safer care for their organisations. We did not find any statistically significant relationship between board attributes (self-reported) and processes and any patient safety outcome measures. However, we did find a significant relationship between two dimensions of the Board Self-Assessment Questionnaire and two specific-and-related national staff survey organisational ‘process’ measures: (1) staff feeling safe to raise concerns about errors, near-misses and incidents and (2) staff feeling confident that their organisation would address their concerns, if raised. We also found that contracting and external financial incentives appeared to play only a relatively minor role in incentivising quality and safety improvement. Conclusions: Our research is the first large-scale mixed-methods study of hospital board activity and behaviour related to the oversight of patient safety in the English NHS and the key findings should be used to influence the design of future governance arrangements as well as the training and support of board. Funding: The National Institute for Health Research Health Services and Delivery Research programme

Error aversion or management? Exploring the impact of culture at the sharp-end of production in a mega-project

The research we present in this paper addresses the following question: What type of error culture does the rank-and-file workforce experience during construction, and does it help mitigate rework? We undertake an exploratory case study of an Alliance, which forms part of a transport mega-project. An error culture questionnaire is administered to the Alliance's subcontractors' workforce across four projects. We find that an error management culture positively correlates with reductions in rework and holds a divergent relationship with an error aversion culture. We further reveal a negative association between an error aversion culture and the ability to reduce rework. Consequently, we question the contemporary wisdom that assumes that error prevention should be combined with error management to create an adaptive culture, aiming to minimise the negative and maximise positive error consequences. We finally discuss the study's limitations and implications for future research examining error culture in construction projects

Effective board governance of safe care: a (theoretically underpinned) cross-sectioned examination of the breadth and depth of relationships through national quantitative surveys and in-depth qualitative case studies

Background: Recent high-profile reports into serious failings in the quality of hospital care in the NHS raise concerns over the ability of trust boards to discharge their duties effectively. Objectives: Our study aimed to generate theoretically grounded empirical evidence on the associations between board governance, patient safety processes and patient-centred outcomes. The specific aims were as follows: (1) to identify the types of governance activities undertaken by hospital trust boards in the English NHS with regard to ensuring safe care in their organisation; (2) in foundation trusts, to explore the role of boards and boards of governors with regards to the oversight of patient safety in their organisation; (3) to assess the association between particular hospital trust board oversight activities and patient safety processes and clinical outcomes; (4) to identify the facilitators and barriers to developing effective hospital trust board governance of safe care; and (5) to assess the impact of external commissioning arrangements and incentives on hospital trust board oversight of patient safety. Methods: The study comprised three distinct but interlocking strands: (1) a narrative systematic review in order to describe, interpret and synthesise key findings and debates concerning board oversight of patient safety; (2) in-depth mixed-methods case studies in four organisations to assess the impact of hospital board governance and external incentives on patient safety processes and outcomes; and (3) two national surveys exploring board management in NHS acute and specialist hospital trusts in England, and relating board characteristics to whole-organisation outcomes. Results: A very high proportion of trust boards reported the kinds of desirable characteristics and board-related processes that research says may be associated with higher performance. Our analysis of the symbolic aspects of board activities highlights the role and differences in local processes of organising the governance of patient safety. Most boards do allocate considerable amount of time to discussing patient safety and quality-related issues and were using a wide range of hard performance metrics and soft intelligence to monitor its organisation with regard to patient safety. Although the board of governors is generally perceived to be well-meaning, they were also considered to be being largely ineffective in helping to promote and deliver safer care for their organisations. We did not find any statistically significant relationship between board attributes (self-reported) and processes and any patient safety outcome measures. However, we did find a significant relationship between two dimensions of the Board Self-Assessment Questionnaire and two specific-and-related national staff survey organisational ‘process’ measures: (1) staff feeling safe to raise concerns about errors, near-misses and incidents and (2) staff feeling confident that their organisation would address their concerns, if raised. We also found that contracting and external financial incentives appeared to play only a relatively minor role in incentivising quality and safety improvement. Conclusions: Our research is the first large-scale mixed-methods study of hospital board activity and behaviour related to the oversight of patient safety in the English NHS and the key findings should be used to influence the design of future governance arrangements as well as the training and support of board. Funding: The National Institute for Health Research Health Services and Delivery Research programme