Grounded Ontology Methodology – Illustrating the Seed Ontology Creation

This paper is an extension of a paper that suggested Grounded Ontology (GO) as a new methodology of ontology engineering. It adds an example of application of first two stages of GO Methodology to create an initial (seed) ontology to a summarized discussion from another paper on Grounded Ontology (GO) Methodology. Its efficacy in deriving entities and their relationships directly from the data along with ontologization is illustrated through a step-by-step example. The GO Methodology proposes that ‘a domain ontology developed using text-coding technique contributes in conceptualizing and representing state-of-the-art as given by published research in a particular domain.’ The motivation behind GO Methodology is to make the state-of-the art available to the researchers of a particular domain and help them come to common understanding through an ontology. Ontology developer are given a leading role by the existing ontology engineering methods. This has led to a general observation regarding dominating influence of personal perspective of ontology developer and/or expert on the resultant ontology. However, if coding of data is done such that entities and their relationships are directly obtained from and are closely linked to the text of the published research, the resultant ontology stands a better chance of being unbiased. Therefore, a new methodology (Grounded Ontology - GO) was proposed for deriving an ontology directly from text of published research. Such and ontology will not only help in bringing forth the research already done by other but can also help in highlighting areas where new research efforts are needed

Hackers vs. Security: Attack-Defence Trees as Asynchronous Multi-Agent Systems

Attack-Defence Trees (ADTs) are well-suited to assess possible attacks to systems and the efficiency of counter-measures. In this paper, we first enrich the available constructs with reactive patterns that cover further security scenarios, and equip all constructs with attributes such as time and cost to allow quantitative analyses. Then, ADTs are modelled as (an extension of) Asynchronous Multi-Agents Systems--EAMAS. The ADT-EAMAS transformation is performed in a systematic manner that ensures correctness. The transformation allows us to quantify the impact of different agents configurations on metrics such as attack time. Using EAMAS also permits parametric verification: we derive constraints for property satisfaction. Our approach is exercised on several case studies using the Uppaal and IMITATOR tools.Comment: This work was partially funded by the NWO project SEQUOIA (grant 15474), EU project SUCCESS (102112) and the PHC van Gogh PAMPAS. The work of Arias and Petrucci has been supported by the BQR project AMoJA

Ubiquitous and context-aware computing modelling : study of devices integration in their environment

Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Information Systems and Technologies ManagementIn an almost imperceptible way, ubiquitous and context-aware computing make part of our everyday lives, as the world has developed in an interconnected way between humans and technological devices. This interconnectedness raises the need to integrate humans’ interaction with the different devices they use in different social contexts and environments. In the proposed research, it is suggested the development of new scenario building based on a current ubiquitous computing model dedicated to the environment context-awareness. We will also follow previous research made on the formal structure computation model based on social paradigm theory, dedicated to embed devices into different context environments with social roles developed by Santos (2012/2015). Furthermore, several socially relevant context scenarios are to be identified and studied. Once identified, we gather and document the requirements that devices should have, according to the model, in order to achieve a correct integration in their contextual environment

Integrated Attack Tree in Residual Risk Management Framework

Safety-critical cyber-physical systems (CPSs), such as high-tech cars having cyber capabilities, are highly interconnected. Automotive manufacturers are concerned about cyber attacks on vehicles that can lead to catastrophic consequences. There is a need for a new risk management approach to address and investigate cybersecurity risks. Risk management in the automotive domain is challenging due to technological improvements and advances every year. The current standard for automotive security is ISO/SAE 21434, which discusses a framework that includes threats, associated risks, and risk treatment options such as risk reduction by applying appropriate defences. This paper presents a residual cybersecurity risk management framework aligned with the framework presented in ISO/SAE 21434. A methodology is proposed to develop an integrated attack tree that considers multiple sub-systems within the CPS. Integrating attack trees in this way will help the analyst to take a broad perspective of system security. Our previous approach utilises a flow graph to calculate the residual risk to a system before and after applying defences. This paper is an extension of our initial work. It defines the steps for applying the proposed framework and using adaptive cruise control (ACC) and adaptive light control (ALC) to illustrate the applicability of our work. This work is evaluated by comparing it with the requirements of the risk management framework discussed in the literature. Currently, our methodology satisfies more than 75% of their requirements

Digital Customer Experiences of White Goods Industries

This study aims to show the path to be followed to the white goods companies aiming to increase their online sales in order to provide their customers with a perfect digital customer experience. With the ever-increasing customer expectations, it explores how to achieve customer satisfaction and repurchase intention through online customer experience. Various sub constructs of customer experience were analyzed, and among these, ease of use and delivery process were found to be the most influential factors for repurchase intention and customer satisfaction. The results have significant implications both for the literature and in managerial context. This study is intended to be a road map for white goods companies that have just started their online sales

Towards an Entrepreneurship Curriculum in a Developing Country Tertiary Institution: The Case of Zimbabwe Open University

Entrepreneurial activities are considered crucial to economic development. In the case of Zimbabwe, unemployment has reached unprecedented levels because of the shutting down of industries. However, economic development can be resuscitated through higher education which is perceived as an instrument for entrepreneurship promotion. The purpose of this study was to investigate the need for an entrepreneurship curriculum in universities in developing countries such as Zimbabwe and the support needed in the implementation of such a curriculum. The study used a qualitative paradigm and adopted a case study design. The instrument used for the study was an open-ended questionnaire (Quester-view) and a study of literature documents was also undertaken. The sample of the study consisted of 14 full time and 10 part time lecturers. The findings were that an entrepreneurship curriculum was highly needed and the content for such a curriculum had to embrace business management courses, vocationalisation of learning and monitoring and evaluation of business operations. These areas were to be infused in every course of the university. The informants suggested that the curriculum was to be imparted using the hands-on methodologies that included field trips, attachments, use of ICT’s, videos, conferences and seminars and guided discovery and projects. Suggestions on assessment strategies and on the support to be offered were also proffered. The study recommended, inter alia, that universities in developing countries should have an entrepreneurship education curriculum across all subject areas, an entrepreneurship curriculum should to go hand in glove with a STEM curriculum in a university, and that there is need for full support of entrepreneurship education from all stakeholders

A modern approach for Threat Modelling in agile environments: redesigning the process in a SaaS company

Dealing with security aspects has become one of the priorities for companies operating in every sector. In the software industry building security requires being proactive and preventive by incorporating requirements right from the ideation and design of the product. Threat modelling has been consistently proven as one of the most effective and rewarding security activities in doing that, being able to uncover threats and vulnerabilities before they are even introduced into the codebase. Numerous approaches to conduct such exercise have been proposed over time, however, most of them can not be adopted in intricate corporate environments with multiple development teams. This is clear by analysing the case of Company Z, which introduced a well-documented process in 2019 but scalability, governance and knowledge issues blocked a widespread adoption. The main goal of the Thesis was to overcome these problems by designing a novel threat modelling approach, able to fit the company’s Agile environment and capable of closing the current gaps. As a result, a complete description of the redefined workflow and a structured set of suggestions was proposed. The solution is flexible enough to be adopted in multiple different contexts while meeting the requirements of Company Z. Achieving this result was possible only by analysing the industry’s best practices and solutions, understanding the current process, identifying the pain points, and gathering feedback from stakeholders. The solution proposed includes, alongside the new threat modelling process, a comprehensive method for evaluating and verifying the effectiveness of the proposed solution