Using the NIST reference model for refining logical architectures

The emergence of the Internet as a ubiquitous means of communication fostered the growth of new business and service models based on Cloud Computing. Information and Communication Technology companies use reference models to define their Cloud Computing strategies. NIST Cloud Computing Reference Architecture is one of these reference models that assist in the design of business, services, and architecture models. This paper aims to present the use of NIST reference architecture in the design of Cloud Computing architectures by employing a method that enables the application of the reference architecture to the refinement of logical architectures. © 2014 Springer International Publishing

Cybersecurity Architectural Analysis for Complex Cyber-Physical Systems

In the modern military’s highly interconnected and technology-reliant operational environment, cybersecurity is rapidly growing in importance. Moreover, as a number of highly publicized attacks have occurred against complex cyber-physical systems such as automobiles and airplanes, cybersecurity is no longer limited to traditional computer systems and IT networks. While architectural analysis approaches are critical to improving cybersecurity, these approaches are often poorly understood and applied in ad hoc fashion. This work addresses these gaps by answering the questions: 1. “What is cybersecurity architectural analysis?” and 2. “How can architectural analysis be used to more effectively support cybersecurity decision making for complex cyber-physical systems?” First, a readily understandable description of key architectural concepts and definitions is provided which culminates in a working definition of “cybersecurity architectural analysis,” since none is available in the literature. Next, we survey several architectural analysis approaches to provide the reader with an understanding of the various approaches being used across government and industry. Based on our proposed definition, the previously introduced key concepts, and our survey results, we establish desirable characteristics for evaluating cybersecurity architectural analysis approaches. Lastly, each of the surveyed approaches is assessed against the characteristics and areas of future work are identified

Conceptual Systems Security Analysis Aerial Refueling Case Study

In today’s highly interconnected and technology reliant environment, systems security is rapidly growing in importance to complex systems such as automobiles, airplanes, and defense-oriented weapon systems. While systems security analysis approaches are critical to improving the security of these advanced cyber-physical systems-of-systems, such approaches are often poorly understood and applied in ad hoc fashion. To address these gaps, first a study of key architectural analysis concepts and definitions is provided with an assessment of their applicability towards complex cyber-physical systems. From this initial work, a definition of cybersecurity architectural analysis for cyber-physical systems is proposed. Next, the System Theory Theoretic Process Analysis approach for Security (STPA Sec) is tailored and presented in three phases which support the development of conceptual-level security requirements, applicable design-level criteria, and architectural-level security specifications. This work uniquely presents a detailed case study of a conceptual-level systems security analysis of a notional aerial refueling system based on the tailored STPA-Sec approach. This work is critically important for advancing the science of systems security engineering by providing a standardized approach for understanding security, safety, and resiliency requirements in complex systems with traceability and testability

Securing industrial control system environments: the missing piece

Cyberattacks on industrial control systems (ICSs) are no longer matters of anticipation. These systems are continually subject to malicious attacks without much resistance. Network breaches, data theft, denial of service, and command and control functions are examples of common attacks on ICSs. Despite available security solutions, safety, security, resilience, and performance require both private public sectors to step-up strategies to address increasing security concerns on ICSs. This paper reviews the ICS security risk landscape, including current security solution strategies in order to determine the gaps and limitations for effective mitigation. Notable issues point to a greater emphasis on technology security while discounting people and processes attributes. This is clearly incongruent with; emerging security risk trends, the biased security strategy of focusing more on supervisory control and data acquisition systems, and the emergence of more sector-specific solutions as against generic security solutions. Better solutions need to include approaches that follow similar patterns as the problem trend. These include security measures that are evolutionary by design in response to security risk dynamics. Solutions that recognize and include; people, process and technology security enhancement into asingle system, and addressing all three-entity vulnerabilities can provide a better solution for ICS environments

Architectural abstraction as transformation of poset labelled graphs

The design of large, complex computer based systems, based on their architecture, will benefit from a formal system that is intuitive, scalable and accessible to practitioners. The work herein is based in graphs which are an efficient and intuitive way of encoding structure, the essence of architecture. A model of system architectures and architectural abstraction is proposed, using poset labelled graphs and their transformations. The poset labelled graph formalism closely models several important aspects of architectures, namely topology, type and levels of abstraction. The technical merits of the formalism are discussed in terms of the ability to express and use domain knowledge to ensure sensible refinements. An abstraction / refinement calculus is introduced and illustrated with a detailed usage scenario. The paper concludes with an evaluation of the formalism in terms of its rigour, expressiveness, simplicity and practicality. © J.UCS

Cloud Architecture Evaluation

Cloud computing has introduced numerous ways to build software systems in the cloud environment. The complexity of today’s system architectures require architecture evaluation in the designing phase of the system, in the implementation phase, and in the maintenance phase. There are many different architecture evaluation models. This thesis discusses three different evaluation models: architecture tradeoff analysis method, cost-benefit analysis method, and AWS Well-Architected framework. The AWS Well-Architected framework is deeply evaluated by performing an architectural evaluation for the case study software: Lixani 5. This thesis introduces and compares the opportunities for cloud architecture evaluation by literature review, case study, and interviews with experts. The thesis begins with introduction to cloud computing, cloud architecture models and architecture evaluation methods. An architecture evaluation for a case study software is then carried out. This thesis also contains interviews with experts, producing knowledge on how the system architecture is being evaluated in the field. The research methods used in the thesis are literature review, case study, and expert interviews. This thesis attempts to describe and assess the architecture evaluation models by using the research methods. In addition, this thesis introduces and discusses the case study software – Lixani 5 – and its architectural decisions. Based on research in the thesis it was noted that all three studied software architecture evaluation models are suitable options for reviewing software architecture. All models included positive and negative aspects and none of them was seen as superior compared to the others. Based on the interviews with experts it was noted that there are also multiple other efficient ways to evaluate the system architecture than the models discussed in the thesis. These ways included a technology audit template and a proof-of-concept culture