Towards Understanding and Applying Security Assurance Cases for Automotive Systems

Security Assurance Cases (SAC) are structured bodies of arguments and evidence used to reason about security properties of a certain artefact.SAC are gaining focus in the automotive domain as the need for security assurance is growing due to software becoming a main part of vehicles. Market demands for new services and products in the domain require connectivity, and hence, raise security concerns. Regulators and standardisation bodies started recently to require a structured for security assurance of products in the automotive domain, and automotive companies started, hence, to study ways to create and maintain these cases, as well as adopting them in their current way of working.In order to facilitate the adoption of SAC in the automotive domain, we created CASCADE, an approach for creating SAC which have integrated quality assurance and are compliant with the requirements of ISO/SAE-21434, the upcoming cybersecurity standard for automotive systems.CASCADE was created by conducting design science research study in two iterative cycles. The design decisions of CASCADE are based on insights from a qualitative research study which includes a workshop, a survey, and one-to-one interviews, done in collaboration with our industrial partners about the needs and drivers of work in SAC in industry, and a systematic literature review in which we identified gaps between the industrial needs and the state of the art.The evaluation of CASCADE was done with help of security experts from a large automotive OEM. It showed that CASCADE is suitable for integration in industrial product development processes. Additionally, our results show that the elements of CASCADE align well with respect to the way of working at the company, and has the potential to scale to cover the requirements and needs of the company with its large organization and complex products

Instant Controlled Pressure Drop (DIC) Technology in Food Preservation: Fundamental and Industrial Applications

Alternative to conventional processes, many innovative techniques have been studied to preserve the nutritional quality and to protect food from deterioration. This chapter represents the principles and the applications of the instant controlled pressure drop (DIC) process in food drying and decontamination. This process is considered as a highly appropriate HTST-type treatment induced by subjecting the material to saturated steam, during a short time, followed by an instant pressure drop leading to auto evaporation of water, product texturing, and cooling. This effect results in improved drying of foods and in killing of the vegetative bacteria and/or spores with no impact on thermosensitive molecules or on the product quality. A wide range of foods and pharmaceutical products were effectively treated by DIC technology at both laboratory and industrial scales

Microwave Heating for Food Preservation

Since food is generally of low thermal conductivity, heating by conventional methods remains relatively slow. Thanks to its volumetric and rapid heating, microwave (MW) technology is successfully used in many applications of food processing. In this chapter, fundamental principles of MW heating are briefly presented. MW drying and MW microbial decontamination are extensively reviewed as innovative methods for food preservation. However, the complex interactions between microwaves and materials to be heated are not yet sufficiently controlled. Moreover, MW heating heterogeneity and thermal runaway are the main drawbacks of this technology. Several methods have been proposed and investigated in the literature to overcome these problems in order to assure the microbiological safety and quality of food products

Security Assurance Cases -- State of the Art of an Emerging Approach

Security Assurance Cases (SAC) are a form of structured argumentation used to reason about the security properties of a system. After the successful adoption of assurance cases for safety, SACs are getting significant traction in recent years, especially in safety-critical industries (e.g., automotive), where there is an increasing pressure to be compliant with several security standards and regulations. Accordingly, research in the field of SAC has flourished in the past decade, with different approaches being investigated. In an effort to systematize this active field of research, we conducted a systematic literature review (SLR) of the existing academic studies on SAC. Our review resulted in an in-depth analysis and comparison of 51 papers. Our results indicate that, while there are numerous papers discussing the importance of security assurance cases and their usage scenarios, the literature is still immature with respect to concrete support for practitioners on how to build and maintain a SAC. More importantly, even though some methodologies are available, their validation and tool support is still lacking

Identifying security-related requirements in regulatory documents based on cross-project classification

Security is getting substantial focus in many industries, especially safety-critical ones. When new regulations and standards which can run to hundreds of pages are introduced, it is necessary to identify the requirements in those documents which have an impact on security. Additionally, it is necessary to revisit the requirements of existing systems and identify the security related ones. We investigate the feasibility of using a classifier for security-related requirements trained on requirement specifications available online. We base our investigation on 15 requirement documents, randomly selected and partially pre-labelled, with a total of 3,880 requirements. To validate the model, we run a cross-project prediction on the data where each specification constitutes a group. We also test the model on three different United Nations (UN) regulations from the automotive domain with different magnitudes of security relevance. Our results indicate the feasibility of training a model from a heterogeneous data set including specifications from multiple domains and in different styles. Additionally, we show the ability of such a classifier to identify security requirements in real-life regulations and discuss scenarios in which such a classification becomes useful to practitioners

CONSERVE: A framework for the selection of techniques for monitoring containers security

Context:\ua0Container-based virtualization is gaining popularity in different domains, as it supports continuous development and improves the efficiency and reliability of run-time environments.\ua0Problem:\ua0Different techniques are proposed for monitoring the security of containers. However, there are no guidelines supporting the selection of suitable techniques for the tasks at hand.\ua0Objective:\ua0We aim to support the selection and design of techniques for monitoring container-based virtualization environments.\ua0Approach: First, we review the literature and identify techniques for monitoring containerized environments. Second, we classify these techniques according to a set of categories, such as technical characteristic, applicability, effectiveness, and evaluation. We further detail the pros and cons that are associated with each of the identified techniques.\ua0Result:\ua0As a result, we present CONSERVE, a multi-dimensional decision support framework for an informed and optimal selection of a suitable set of container monitoring techniques to be implemented in different application domains.\ua0Evaluation:\ua0A mix of eighteen researchers and practitioners evaluated the ease of use, understandability, usefulness, efficiency, applicability, and completeness of the framework. The evaluation shows a high level of interest, and points out to potential benefits

Aqueous Extracts of Some Medicinal Plants are as Toxic as Lmidacloprid to the Sweet Potato Whitefly, Bemisia tabaci

Aqueous extracts of nine plants, known to have medicinal activity, were tested for their toxicity against the sweet potato whitefly, Bemisia tabaci Genn. (Homoptera: Aleurodidae) compared to the toxicity of the insecticide, Imidacloprid. Extracts of Lepidiuim sativum L. (Brassicales: Brassicaceae) killed 71 % of early stage nymphs, which was not significantly different from mortality caused by Imidacloprid. Treatment of pupae with three plant extracts, L. sativum, Achillea biebersteinii L. (Asterales: Asteraceae), or Retama raetam (Forssk.) Webb and Berthel (Fabales: Fabaceae) prevented adult development, and treatment with R. raetam extract killed adults, at levels that were not significantly different from Imidacloprid. None of the other plants showed significant toxicity. However extracts of four plants, Pimpinella anisum L. (Apiales: Apiaceae), Galium longifolium (Sibth. and SM.) (Gentianales: Rubiaceae), R. raetam and Ballota undulata Bentham (Lamiales: Lamiaceae) had a repellent effect

Earlier peak latencies may not fully reflect the robustness of cervical vestibular evoked myogenic potential to CE-Chirp stimulus

Dear Editor, We read with great interest the article by Ocal, et al. [1] that studied cervical vestibular evoked myogenic potential (cVEMP) results elicited by the conventional 500 Hz tone burst (TB) and narrow band Claus Elberling (CE)-chirp stimulus (360-720 Hz) among heathy adults. The chirp stimulus was found to produce significantly earlier P1 and N1 latencies, but P1N1 amplitudes were comparable between the two stimuli. The authors then concluded that “the chirp stimulus produces robust but earlier cVEMP than TB does” [1]. In this regard, we wish to highlight several issues worthy of consideration. The cVEMP latencies are influenced by the rise times of stimuli [2,3]. That is, stimuli with short rise times (such as clicks) would produce cVEMP with earlier latencies [2,3]. This is possibly because the otolith organs are sensitive to changes in acceleration over time [4]. The earlier cVEMP latencies for the chirp stimulus reported by Ocal, et al. [1] appear “insensible” and a further consideration is needed. The narrow band CE-chirp stimulus was designed with a specific envelope (and its onset is not steep) [5]. As such, it is expected that the chirp-evoked cVEMP would produce longer P1 and N1 latencies than the click-evoked cVEMP. This contemplation, in fact, has been demonstrated by Walther and Cebulla [6]. Since the commercially available CE-chirp stimuli were designed to optimally record auditory brainstem response (ABR), Walther and Cebulla [6] designed a band limited chirp stimulus (250-1,000 Hz) to record cVEMP and ocular vestibular evoked myogenic potential (oVEMP). As reported, cVEMP and oVEMP latencies were the longest for the chirp stimulus (relative to click and 500 Hz TB). Indeed, the earliest latencies were produced by the click stimulus [6]. In the study by Ocal, et al. [1], the earlier P1 and N1 latencies found with the narrow band CE-chirp stimulus (relative to the 500 Hz TB) were “unexpected” given the waveform and envelope of the two stimuli (i.e., the onset of both stimuli is not “equally” steep). Furthermore, the P1 latency was curiously early (around 10 ms), which is not consistent with studies utilizing clicks (stimuli with the steepest onset) [3,6]. Taken together, it appears that caution is advisable when using the CE-chirp stimulus in cVEMP recording. This stimulus was constructed to optimize ABR recording [5], and it may not “work” similarly in cVEMP recording. Moreover, the onset and offset times of CE-chirp stimulus were temporally “adjusted” during its construction so that it appears earlier than the conventional stimulus [7,8]. As such, the offset of chirp is the onset of click (0 ms) [7]. Therefore, it is not surprising to see earlier cVEMP latencies when tested with the CE-chirp stimulus. In contrast, using the custom-built chirp stimulus (without the temporal adjustment), cVEMP latencies were at least comparable to those of 500 Hz TB [6]. Collectively, the earlier cVEMP latencies elicited by the commercially available narrow band CE-chirp stimulus may not fully reflect the response robustness. When recording cVEMP with this stimulus, perhaps the amplitude is a better indicator for the robustness of cVEMP waveforms