12 research outputs found
Idea-caution before exploitation:the use of cybersecurity domain knowledge to educate software engineers against software vulnerabilities
The transfer of cybersecurity domain knowledge from security experts (âEthical Hackersâ) to software engineers is discussed in terms of desirability and feasibility. Possible mechanisms for the transfer are critically examined. Software engineering methodologies do not make use of security domain knowledge in its form of vulnerability databases (e.g. CWE, CVE, Exploit DB), which are therefore not appropriate for this purpose. An approach based upon the improved use of pattern languages that encompasses security domain knowledge is proposed
Recommended from our members
Patterns for the design of secure and dependable software defined networks
In an interconnected world, cyber and physical networks face a number of challenges that need to be resolved. These challenges are mainly due to the nature and complexity of interconnected systems and networks and their ability to support heterogeneous physical and cyber components simultaneously. The construction of complex networks preserving Security and Dependability (S&D) properties is necessary to avoid system vulnerabilities, which may occur in all the different layers of Software Defined Networking (SDN) architectures. In this paper, we present a model based approach to support the design of secure and dependable SDN. This approach is based on executable patterns for designing networks able to guarantee S&D properties and can be used in SDN networks. The design patterns express conditions that can guarantee specific S&D properties and can be used to design networks that have these properties and manage them during their deployment. To evaluate our pattern approach, we have implemented executable pattern instances, in a rule-based reasoning system, and used them to design and verify wireless SDN networks with respect to availability and confidentiality. To complete this work, we propose and evaluate an implementation framework in which S&D patterns can be applied for the design and verification of SDN networks
Security patterns in practice: designing secure architectures using software patterns
Learn to combine security theory and code to produce secure systems Security is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provide
Synthesis of Methionine-Derived Endocyclic Sulfilimines and Sulfoximines
International audienceThe asymmetric synthesis of endocyclic methionine sulfilimines and sulfoximines from methionine derivatives was explored. The cyclization was performed by using phenyliodine diacetate (PIDA). In the case of lâmethionine, dehydromethionine was obtained, and a deprotonation step by tBuONa was necessary to yield the corresponding sulfilimine. On the other hand, the cyclic sulfilimine of methionine methyl ester, methylthiopropylamine, and lâmethioninol were synthesized in a single step by using PIDA. Owing to their instability, the sulfilimines were oxidized to their corresponding sulfoximines in good yields
Multicenter evaluation of the Idylla NRAS-BRAF mutation test in metastatic colorectal cancer
Treatment of colorectal cancer (CRC) with monoclonal antibodies against epidermal growth factor receptor requires the assessment of the mutational status of exons 2, 3, and 4 of the NRAS and KRAS oncogenes. Moreover, the mutational status of exon 15 of the BRAF oncogene is a marker of poor prognosis in CRC. The Idylla NRAS-BRAF Mutation Test is a reliable, simple (<2 minutes hands-on time), and quick (<2 hours turnaround time) sample-to-result solution, enabling the detection of clinically relevant mutations in NRAS (18 mutations) and BRAF (5 mutations). A multicenter study was conducted in 14 centers using the Idylla NRAS-BRAF Mutation Test to assess the NRAS and BRAF mutational status of 418 formalin-fixed, paraffin-embedded tissue samples from CRC patients. Results were compared with those obtained earlier by routine reference methods, including next-generation sequencing, pyrosequencing, mass spectrometry-based assays, PCR-based assays, and Sanger sequencing. In case of discordance, additional tests were performed by digital droplet PCR. Overall, after testing confirmation and excluding invalids/errors by design, concordances between the Idylla NRAS-BRAF Mutation Test and the reference test results were found in almost perfect agreement. In conclusion, the Idylla NRAS-BRAF Mutation Test enables the routine detection of all NRAS and BRAF mutations deemed clinically relevant according to the latest clinical guidelines, without necessitating molecular expertise or infrastructure