Medical Cyber-Physical Systems Development: A Forensics-Driven Approach

The synthesis of technology and the medical industry has partly contributed to the increasing interest in Medical Cyber-Physical Systems (MCPS). While these systems provide benefits to patients and professionals, they also introduce new attack vectors for malicious actors (e.g. financially-and/or criminally-motivated actors). A successful breach involving a MCPS can impact patient data and system availability. The complexity and operating requirements of a MCPS complicates digital investigations. Coupling this information with the potentially vast amounts of information that a MCPS produces and/or has access to is generating discussions on, not only, how to compromise these systems but, more importantly, how to investigate these systems. The paper proposes the integration of forensics principles and concepts into the design and development of a MCPS to strengthen an organization's investigative posture. The framework sets the foundation for future research in the refinement of specific solutions for MCPS investigations.Comment: This is the pre-print version of a paper presented at the 2nd International Workshop on Security, Privacy, and Trustworthiness in Medical Cyber-Physical Systems (MedSPT 2017

Modelling and Analysing Highly-Configurable Services

Since the emergence of XaaS and Cloud Computing paradigms, the number and complexity of available services have been increasing enormously. These services usually o er a plethora of con guration options, which can even include additional services provided as a bundled o er. In this scenario, usual tasks, such as description, discovery and selection, become increasingly complex due to the variability of the decision space. The notion of Highly-Con gurable Service (HCS) has been coined to identify such group of services that can be con gured and bundled together to perform demanding computing tasks. In this paper we characterize HCSs by means of an abstract model and a text-based, human-readable notation named SYNOPSIS that facilitates the execution of various service tasks. In particular, we validate the usefulness of our model when checking the validity of HCSs descriptions in SYNOPSIS, as well as selecting the optimal con guration with regards to user requirements and preferences by providing a prototype implementation.Junta de Andalucía P12-TIC-1867Ministerio de Economía y Competitividad TIN2015-70560-RScience Foundation Ireland Research. Centre grant 13/RC/2094ERC Advanced Grant no. 29165

Decision Making for Self-adaptation based on Partially Observable Satisfaction of Non-Functional Requirements

Approaches that support the decision-making of self-adaptive and autonomous systems (SAS) often consider an idealized situation where (i) the system’s state is treated as fully observable by the monitoring infrastructure, and (ii) adaptation actions are assumed to have known, deterministic effects over the system. However, in practice, the system’s state may not be fully observable, and the adaptation actions may produce unexpected effects due to uncertain factors. This article presents a novel probabilistic approach to quantify the uncertainty associated with the effects of adaptation actions on the state of a SAS. Supported by Bayesian inference and POMDPs (Partially-Observable Markov Decision Processes), these effects are translated into the satisfaction levels of the non-functional requirements (NFRs) to, therefore, drive the decision-making. The approach has been applied to two substantial case studies from the networking and Internet of Things (IoT) domains, using two different POMDP solvers. The results show that the approach delivers statistically significant improvements in supporting decision-making for SAS

A Meta-Model Driven Method for Establishing Business Process Compliance to GDPR

2016. aasta aprillis kiitis Euroopa Parlament ja Nõukogu heaks ning võttis vastu uue isikuandmete kaitse määruse - GDPRi (Isikuandmete kaitse üldmäärus), mis jõustub 2018. aasta mai lõpus Euroopa Liidus (EL). GDPRi eesmärgiks on lahendada ELi kodanike isikuandmete kaitse ja kasutamisega seotud päevakohaseid probleeme. Uue määruse kohaselt kõik organisatsioonid, mis kasutavad ELi kodanike isikuandmeid oma igapäevases tegevuses, peavad oma infosüsteeme ja äriprotsesse ümber hindama, et need vastaksid uutele eeskirjadele ja piirangutele. Isikuandmete väärkasutus võib ettevõttele olla väga kulukas - kuni 20 miljonit eurot või 4% aastasest käibest trahvidena. Sellele vaatamata puudub tehniline juhis või selge lähenemisviis, mis aitaks hinnata infosüsteemide äriprotsesside vastavust GDPRi nõuetele. Käesolev töö käsitleb mainitud probleemi, uurides üldmääruse õigusakti teksti ja pakkudes välja infosüsteemide äriprotsesside analüüsimise metoodikat, mis aitaks viia äriprotsesse vastavusse GDPRi nõuetele. Pakutud metoodika aitab kaardistada isikuandmete liikumist erinevate osapoolte vahel ja tuua välja äriprotsessi probleemsed kohad, mis aitab vähendada isikuandmete kuritarvitamist. Pakutud metoodikat saab kasutada ka automatiseeritud tööriista väljatöötamiseks.In the April 2016, the European Parliament and Council approved the new personal data protection regulation - GDPR (General Data Protection Regulation), which will take effect at the end of the May 2018 in all Member States of European Union (EU). The GDPR is addressing common problems of the protection and the usage of the personal data of EU citizens. According to the new regulation, all organizations that use personal data of EU citizens in their day-to-day activities - have to re-evaluate their business processes and information systems to comply with the new rules and constraints. The punishment for misuse of personal data can be very costly to the company - up to 20 million euros or 4% of the annual global turnover in fines. Nevertheless, there is no technical guidance or clear approach that would help to evaluate business processes of an information system to comply with GDPR. This thesis will address mentioned issue by researching the GDPR legislation text and proposing an actual methodology for analysing business processes of information systems and aligning them with the GDPR. The proposed methodology will also help to map the flow of the personal data between different parties and highlight the problematic places in the business processes suggesting measures to reduce the misuse of personal data. This approach could be used as a reference point for developing the automated tool for analysing the processes of an information system to comply with GDPR

Accounting for crisis: the power of ambiguity in the management of humanitarian emergencies

A defining feature of humanitarian crises is their unpredictable nature, making them interesting sites to analyse how accounting systems can facilitate engagement with the unexpected. This thesis explores the question of how evaluation systems can be designed and practiced to engage with the complexities of humanitarian crisis settings, in which the potential for disastrous errors is overwhelming. Informed by empirical research on the management practices in a large-scale refugee camp, the study investigates principles and tactics that allow humanitarian evaluation systems to make a resource of the inevitable ambiguity and incompleteness that define their contexts. In doing so, the thesis draws from and further develops the concept of heterarchy, defined as ‘governance through difference’, and shows how it provides promising insights for accounting research. To explain how evaluation systems can become performable in the dynamic humanitarian environments, the study theorizes four interlinked principles that emerge from the empirical findings. These principles are: (1) in-built tensions between evaluation dimensions; (2) open and participatory design; (3) relational value and incompleteness; and (4) enacting minimalist control through a community of practitioners. In doing so, the study makes three contributions. Firstly, the study contributes to the accounting literature on the enabling role of ambiguity by theorizing how evaluation systems can foster approaches and techniques that embrace ambiguity as a resource to engage with complex settings. Secondly, it further develops the notion of heterarchy by explicating how heterarchical tensions can become productive without leading to chaos and by theorizing additional principles that are necessary to sustain heterarchies in an organized fashion. Thirdly, departing from the emerging literature on humanitarian crises that primarily focuses on how accounting systems can be used to normalize and control disaster settings, the thesis advances understanding of how accounting technologies can serve as anomalizing devices for the adaptive management of crises

Towards adaptive compliance

Mission critical software is often required to comply with multiple regulations, standards or policies. Recent paradigms, such as cloud computing, also require software to operate in heterogeneous, highly distributed, and changing environments. In these environments, compliance requirements can vary at runtime and traditional compliance management techniques, which are normally applied at design time, may no longer be su cient. In this paper, we motivate the need for adaptive compliance by illustrating possible compliance concerns determined by runtime variability. We further motivate our work by means of a cloud computing scenario, and present two main contributions. First, we propose and justify a process to support adaptive compliance that extends the traditional compliance management lifecycle with the activities of the Monitor-Analyse-Plan-Execute (MAPE) loop, and enacts adaptation through re-con guration. Second, we explore the literature on software compliance and classify existing work in terms of the activities and concerns of adaptive compliance. In this way, we determine how the literature can support our proposal and what are the open research challenges that need to be addressed in order to fully support adaptive compliance