8 research outputs found

    Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS

    Get PDF
    As systems become more complex, the potential for security vulnerabilities being introduced increases. If we are to provide assurances about systems we design then we need the means of analysing, managing, and generally making sense of the data that contributes to the design. Unfortunately, despite ongoing research into tools for supporting secure software development, there are few examples of how tools can be used to help build and support design models associated with security and usability. This paper summarises some of our experiences developing and applying CAIRIS: a requirements management tool for usable and secure system design. We describe our motivation for building CAIRIS, summarise how it was built and evaluated, and present our experiences applying it to real world case studies

    Eliciting and Visualising Trust Expectations using Persona Trust Characteristics and Goal Models

    Get PDF
    Developers and users rely on trust to simplify complexity when building and using software. Unfortunately, the invisibility of trust and the richness of a system’s context of use means that factors influencing trust are difficult to see, and assessing its implications before a system is built is complex and time-consuming. This paper presents an approach for eliciting and visualising differences between trust expectations using persona cases, goal models, and complementary tool support. We evaluate our approach by using it to identify misplaced trust expectations in a software infrastructure by its users and application developers

    Gulfs of Expectation: Eliciting and Verifying Differences in Trust Expectations using Personas

    Get PDF
    Personas are a common tool used in Human Computer Interaction to represent the needs and expectations of a system’s stakeholders, but they are also grounded in large amounts of qualitative data. Our aim is to make use of this data to anticipate the differences between a user persona’s expectations of a system, and the expectations held by its developers. This paper introduces the idea of gulfs of expectation – the gap between the expectations held by a user about a system and its developers, and the expectations held by a developer about the system and its users. By evaluating these differences in expectation against a formal representation of a system, we demonstrate how differences between the anticipated user and developer mental models of the system can be verified. We illustrate this using a case study where persona characteristics were analysed to identify divergent behaviour and potential security breaches as a result of differing trust expectations

    Human-centered specification exemplars for critical infrastructure environments.

    Get PDF
    Specification models of critical infrastructure focus on parts of a larger environment. However, to consider the security of critical infrastructure systems, we need approaches for modelling the sum of these parts; these include people and activities, as well as technology. This paper presents human-centered specification exemplars that capture the nuances associated with interactions between people, technology, and critical infrastructure environments. We describe requirements each exemplar needs to satisfy, and present preliminary results in developing and evaluating them

    Finding and Resolving Security Misusability with Misusability Cases

    Get PDF
    Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice- versa. One way of using scenarios to bridge security and usability involves explicitly describing how design deci- sions can lead to users inadvertently exploiting vulnera- bilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems sub- sequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illus- trating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems

    Nuevo prototipo de máquina frigorífica de absorción de LiBr-H₂O de simple y doble efecto con absorbedor adiabático refrigerado por aire de alta eficiencia : descripción, simulación y resultados experimentales

    Get PDF
    Due to unsustainable growth of air conditioning market, a great interest in solar cooling technologies has emerged. The coincidence between availability of solar irradiation and peaks of cooling demand makes solar cooling a very attractive option to replace conventional refrigeration machines based on electricity. What is more, solar cooling systems normally use natural refrigerants that are not harmful to the environment. However, an improvement of the current technology is needed for solar cooling systems to compete with electricity‐powered air conditioning systems. In this work, a novel air‐cooled single–double‐effect LiBr/H₂O absorption prototype is proposed as a solution to improve the viability of solar cooling systems. This prototype presents the following distinguishing features: firstly, it is directly air‐cooled, which means that no cooling tower is needed; secondly, it is made up by compact heat exchangers, which allows for a reduced size of about 1 m₃; thirdly, it incorporates an adiabatic absorber operating with flat‐fan solution sheets, which permits the working solution not to crystallize at high ambient temperatures; lastly, it can be powered by solar heat in its single‐effect mode (4.5 kW), or by an alternative source such as fuel or waste heat in its double‐effect stage (7 kW). In this way, 100% of the cooling demand may be supplied by a single absorption machine using solar energy as far as possible or, when it is not available, efficiently utilizing a fuel or even waste heat, for instance in a trigeneration system. This thesis includes a detailed description of that single–double‐effect absorption prototype as well as the fundamentals for its numerical simulation. Likewise, experimental results from a testing campaign carried out in Madrid during 2010 are presented and discussed. A solar facility with evacuated flat‐plate collectors was used to test the single-effect operation mode of the prototype. In turn, the double‐effect stage was fired by a thermal oil facility with electrical resistances. As relevant results of the whole experimental campaign it is worth mentioning that the single‐effect stage was able to work with COP values around 0.6, whereas the double‐effect mode permitted to achieve values of about 1.0. The chilled water temperatures mostly ranged between 14°C and 16°C in single‐effect operation mode, while they were around 12°C for the double‐effect stage. Besides, it is highly noteworthy that after some 125 hours of operation under a wide range of conditions (outdoor temperatures up to 39.5°C), no solution crystallization was noticed. On the other hand, this work includes an in‐depth description of the absorber assembled in the single–double‐effect prototype. Furthermore, a mathematical model is developed for simulation of air‐cooled flat‐fan sheets adiabatic absorbers. As far as we know, there is not any numerical modeling for this kind of absorbers in the literature. Based on that model, which was as well experimentally validated in this study, the capacity of the prototype absorber is optimized as a function of the energy consumption of its ancillary equipment (solution pump and fan). Finally, the positive results derived from this work may be regarded as an important contribution to the development of air‐cooled LiBr/H₂O absorption technology. Even though a few improvements in the prototype are still required, it seems that the proposed system represents a feasible alternative to overcome some of the major obstacles concerning solar air conditioning. -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------La actual situación de insostenibilidad en el mercado de la climatización ha motivado un gran interés por la refrigeración solar como alternativa al uso de máquinas eléctricas. El hecho de que las horas de máxima radiación solar coincidan con los momentos de mayor demanda de frío en los edificios, hace que estos sistemas sean especialmente indicados para sustituir a los equipos convencionales de aire acondicionado. Además, hay que añadir que esta tecnología normalmente utiliza refrigerantes naturales que no son dañinos para el medio ambiente. Sin embargo, los sistemas actuales de refrigeración solar necesitan una mejora sustancial para poder competir directamente con los aparatos tradicionales de climatización. Como una posible solución para mejorar la viabilidad de los sistemas de refrigeración solar, en este trabajo se presenta un nuevo prototipo de máquina de absorción de LiBr/H₂O que integra los ciclos de simple y doble efecto en una misma unidad. Las principales características que hacen de este prototipo una novedad tecnológica son las siguientes: en primer lugar, se trata de una máquina directamente condensada por aire, eliminando así la necesidad de instalar torres de refrigeración; en segundo lugar, el prototipo está básicamente formado por intercambiadores de calor compactos, con lo que se alcanza un tamaño final de máquina muy reducido, aproximadamente 1 m3; en tercer lugar, el prototipo incorpora un absorbedor adiabático con láminas planas que evita que la disolución cristalice a altas temperaturas ; por último, la máquina puede funcionar como una unidad de simple efecto (4.5 kW), alimentada en este caso por energía solar, o como una unidad de doble efecto (7 kW), quemando combustibles o utilizando calor residual. De este modo, se podría llegar cubrir el 100% de la demanda de refrigeración con una sola unidad que saca el máximo partido a la energía solar y, cuando ésta no es suficiente, utiliza eficientemente combustibles o incluso el calor residual procedente de otros procesos, por ejemplo en una planta de trigeneración. En esta tesis doctoral se incluye una descripción detallada del prototipo de simple y doble efecto así como los fundamentos teóricos para su simulación numérica. Asimismo, se presentan y discuten los resultados experimentales obtenidos durante una campaña de ensayos llevada a cabo en Madrid durante el año 2010. Para probar el funcionamiento del prototipo como máquina de absorción de simple efecto se ha utilizado una instalación solar con colectores planos de vacío. En cambio, para ensayar el prototipo como máquina de doble efecto se ha utilizado un aceite térmico como fuente de energía. Como resultados destacados de la campaña de experimentación cabe mencionar que los valores del COP se movieron entorno a 0.6 en simple efecto y alrededor de 1.0 en doble efecto. A su vez, se alcanzaron temperaturas de agua fría entre 14°C y 16°C para el simple efecto y de aproximadamente 12°C para el doble efecto. Además, es de gran relevancia el hecho de que, después de unas 125 horas de funcionamiento bajo condiciones de trabajo muy diferentes (hasta 39.5°C de temperatura exterior), la disolución de LiBr/H₂O no se haya cristalizado en ningún momento. Por otra parte, este trabajo incluye una descripción detallada del absorbedor instalado en el prototipo. Asimismo, se ha desarrollado un modelo matemático para simular absorbedores adiabáticos de láminas directamente refrigerados por aire. Por lo que sabemos, hasta el momento no se ha publicado ninguna modelización numérica para este tipo de absorbedores. Tomando como referencia el modelo propuesto, que también ha sido validado experimentalmente en este estudio, se ha realizado una optimización de la capacidad del absorbedor del prototipo en función del consumo energético de sus equipos auxiliares (bomba de disolución y ventilador). Por último, los buenos resultados obtenidos con este prototipo nos hacen pensar que este trabajo representa una contribución importante al desarrollo de las máquinas de absorción de LiBr/H₂O refrigeradas por aire. A pesar de que el prototipo todavía no está totalmente optimizado, con él se ha demostrado que la tecnología propuesta en esta tesis doctoral constituye una alternativa viable para superar algunos de los principales problemas relacionados con la refrigeración solar

    Usability and security by design: a case study in research and development

    No full text
    There is ongoing interest in utilising user experiences associated with security and privacy to better inform system design and development. However, there are few studies demonstrating how, together, security and usability design techniques can help in the design of secure systems; such studies provide practical examples and lessons learned that practitioners and researchers can use to inform best practice, and underpin future research. This paper describes a three-year study where security and usability techniques were used in a research and development project to develop webinos — a secure, crossplatform software environment for web applications. Because they value innovation over both security and usability, research and development projects are a particularly difficult context of study. We describe the difficulties faced in applying these security and usability techniques, the approaches taken to overcome them, and lessons that can be learned by others trying to build usability and security into software systems.</p
    corecore