A Natural Language Programming Approach for Requirements-based Security Testing

To facilitate communication among stakeholders, software security requirements are typically written in natural language and capture both positive requirements (i.e., what the system is supposed to do to ensure security) and negative requirements (i.e., undesirable behavior undermining security). In this paper, we tackle the problem of automatically generat- ing executable security test cases from security requirements in natural language (NL). More precisely, since existing approaches for the generation of test cases from NL requirements verify only positive requirements, we focus on the problem of generating test cases from negative requirements. We propose, apply and assess Misuse Case Programming (MCP), an approach that automatically generates security test cases from misuse case specifications (i.e., use case specifications capturing the behavior of malicious users). MCP relies on natural language processing techniques to extract the concepts (e.g., inputs and activities) appearing in requirements specifications and generates executable test cases by matching the extracted concepts to the members of a provided test driver API. MCP has been evaluated in an industrial case study, which provides initial evidence of the feasibility and benefits of the approach

Modeling security and privacy requirements: A use case-driven approach

Context: Modern internet-based services, ranging from food-delivery to home-caring, leverage the availability of multiple programmable devices to provide handy services tailored to end-user needs. These services are delivered through an ecosystem of device-specific software components and interfaces (e.g., mobile and wearable device applications). Since they often handle private information (e.g., location and health status), their security and privacy requirements are of crucial importance. Defining and analyzing those requirements is a significant challenge due to the multiple types of software components and devices integrated into software ecosystems. Each software component presents peculiarities that often depend on the context and the devices the component interact with, and that must be considered when dealing with security and privacy requirements. Objective: In this paper, we propose, apply, and assess a modeling method that supports the specification of security and privacy requirements in a structured and analyzable form. Our motivation is that, in many contexts, use cases are common practice for the elicitation of functional requirements and should also be adapted for describing security requirements. Method: We integrate an existing approach for modeling security and privacy requirements in terms of security threats, their mitigations, and their relations to use cases in a misuse case diagram. We introduce new security-related templates, i.e., a mitigation template and a misuse case template for specifying mitigation schemes and misuse case specifications in a structured and analyzable manner. Natural language processing can then be used to automatically report inconsistencies among artifacts and between the templates and specifications. Results: We successfully applied our approach to an industrial healthcare project and report lessons learned and results from structured interviews with engineers. Conclusion: Since our approach supports the precise specification and analysis of security threats, threat scenarios and their mitigations, it also supports decision making and the analysis of compliance to standards

Modeling Security and Privacy Requirements for Mobile Applications: a Use Case-driven Approach

Defining and addressing security and privacy requirements in mobile apps is a significant challenge due to the high level of transparency regarding users' (private) information. In this paper, we propose, apply, and assess a modeling method that supports the specification of security and privacy requirements of mobile apps in a structured and analyzable form. Our motivation is that, in many contexts including mobile app development, use cases are common practice for the elicitation and analysis of functional requirements and should also be adapted for describing security requirements. We integrate and adapt an existing approach for modeling security and privacy requirements in terms of security threats, their mitigations, and their relations to use cases in a misuse case diagram. We introduce new security-related templates, i.e., a mitigation template and a misuse case template for specifying mitigation schemes and misuse case specifications in a structured and analyzable manner. Natural language processing can then be used to automatically detect and report inconsistencies among artifacts and between the templates and specifications. Since our approach supports stakeholders in precisely specifying and checking security threats, threat scenarios and their mitigations, it is expected to help with decision making and compliance with standards for improving security. We successfully applied our approach to industrial mobile apps and report lessons learned and results from structured interviews with engineers

Modeling Security and Privacy Requirements: a Use Case-Driven Approach

Context: Modern internet-based services, ranging from food-delivery to home-caring, leverage the availability of multiple programmable devices to provide handy services tailored to end-user needs. These services are delivered through an ecosystem of device-specific software components and interfaces (e.g., mobile and wearable device applications). Since they often handle private information (e.g., location and health status), their security and privacy requirements are of crucial importance. Defining and analyzing those requirements is a significant challenge due to the multiple types of software components and devices integrated into software ecosystems. Each software component presents peculiarities that often depend on the context and the devices the component interact with, and that must be considered when dealing with security and privacy requirements. Objective: In this paper, we propose, apply, and assess a modeling method that supports the specification of security and privacy requirements in a structured and analyzable form. Our motivation is that, in many contexts, use cases are common practice for the elicitation of functional requirements and should also be adapted for describing security requirements. Method: We integrate an existing approach for modeling security and privacy requirements in terms of security threats, their mitigations, and their relations to use cases in a misuse case diagram. We introduce new security-related templates, i.e., a mitigation template and a misuse case template for specifying mitigation schemes and misuse case specifications in a structured and analyzable manner. Natural language processing can then be used to automatically report inconsistencies among artifacts and between the templates and specifications. Results: We successfully applied our approach to an industrial healthcare project and report lessons learned and results from structured interviews with engineers. Conclusion: Since our approach supports the precise specification and analysis of security threats, threat scenarios and their mitigations, it also supports decision making and the analysis of compliance to standards

A Retrospective Analysis of the Haemodynamic and Metabolic Effects of Fluid Resuscitation in Vietnamese Adults with Severe Falciparum Malaria

BACKGROUND: Optimising the fluid resuscitation of patients with severe malaria is a simple and potentially cost-effective intervention. Current WHO guidelines recommend central venous pressure (CVP) guided, crystalloid based, resuscitation in adults. METHODS: Prospectively collected haemodynamic data from intervention trials in Vietnamese adults with severe malaria were analysed retrospectively to assess the responses to fluid resuscitation. RESULTS: 43 patients were studied of whom 24 received a fluid load. The fluid load resulted in an increase in cardiac index (mean increase: 0.75 L/min/m(2) (95% Confidence interval (CI): 0.41 to 1.1)), but no significant change in acid-base status post resuscitation (mean increase base deficit 0.6 mmol/L (95% CI: -0.1 to 1.3). The CVP and PAoP (pulmonary artery occlusion pressure) were highly inter-correlated (r(s) = 0.7, p<0.0001), but neither were correlated with acid-base status (arterial pH, serum bicarbonate, base deficit) or respiratory status (PaO(2)/FiO(2) ratio). There was no correlation between the oxygen delivery (DO(2)) and base deficit at the 63 time-points where they were assessed simultaneously (r(s) = -0.09, p = 0.46). CONCLUSIONS: In adults with severe falciparum malaria there was no observed improvement in patient outcomes or acid-base status with fluid loading. Neither CVP nor PAoP correlated with markers of end-organ perfusion or respiratory status, suggesting these measures are poor predictors of their fluid resuscitation needs

Concomitant Bacteremia in Adults With Severe Falciparum Malaria.

BackgroundApproximately 6% of children hospitalized with severe falciparum malaria in Africa are also bacteremic. It is therefore recommended that all children with severe malaria should receive broad-spectrum antibiotics in addition to parenteral artesunate. Empirical antibiotics are not recommended currently for adults with severe malaria.MethodsBlood cultures were performed on sequential prospectively studied adult patients with strictly defined severe falciparum malaria admitted to a single referral center in Vietnam between 1991 and 2003.ResultsIn 845 Vietnamese adults with severe falciparum malaria admission blood cultures were positive in 9 (1.07%: 95% confidence interval [CI], .37-1.76%); Staphylococcus aureus in 2, Streptococcus pyogenes in 1, Salmonella Typhi in 3, Non-typhoid Salmonella in 1, Klebsiella pneumoniae in 1, and Haemophilus influenzae type b in 1. Bacteremic patients presented usually with a combination of jaundice, acute renal failure, and high malaria parasitemia. Four bacteremic patients died compared with 108 (12.9%) of 836 nonbacteremic severe malaria patients (risk ratio, 3.44; 95% CI, 1.62-7.29). In patients with >20% parasitemia the prevalence of concomitant bacteremia was 5.2% (4/76; 95% CI, .2-10.3%) compared with 0.65% (5/769; 0.08-1.2%) in patients with ConclusionsIn contrast to children, the prevalence of concomitant bacteremia in adults with severe malaria is low. Administration of empirical antibiotics, in addition to artesunate, is warranted in the small subgroup of patients with very high parasitemias, emphasizing the importance of quantitative blood smear microscopy assessment, but it is not indicated in most adults with severe falciparum malaria

Ventilator-associated respiratory infection in a resource-restricted setting: impact and etiology.

BACKGROUND: Ventilator-associated respiratory infection (VARI) is a significant problem in resource-restricted intensive care units (ICUs), but differences in casemix and etiology means VARI in resource-restricted ICUs may be different from that found in resource-rich units. Data from these settings are vital to plan preventative interventions and assess their cost-effectiveness, but few are available. METHODS: We conducted a prospective observational study in four Vietnamese ICUs to assess the incidence and impact of VARI. Patients ≥ 16 years old and expected to be mechanically ventilated > 48 h were enrolled in the study and followed daily for 28 days following ICU admission. RESULTS: Four hundred fifty eligible patients were enrolled over 24 months, and after exclusions, 374 patients' data were analyzed. A total of 92/374 cases of VARI (21.7/1000 ventilator days) were diagnosed; 37 (9.9%) of these met ventilator-associated pneumonia (VAP) criteria (8.7/1000 ventilator days). Patients with any VARI, VAP, or VARI without VAP experienced increased hospital and ICU stay, ICU cost, and antibiotic use (p < 0.01 for all). This was also true for all VARI (p < 0.01 for all) with/without tetanus. There was no increased risk of in-hospital death in patients with VARI compared to those without (VAP HR 1.58, 95% CI 0.75-3.33, p = 0.23; VARI without VAP HR 0.40, 95% CI 0.14-1.17, p = 0.09). In patients with positive endotracheal aspirate cultures, most VARI was caused by Gram-negative organisms; the most frequent were Acinetobacter baumannii (32/73, 43.8%) Klebsiella pneumoniae (26/73, 35.6%), and Pseudomonas aeruginosa (24/73, 32.9%). 40/68 (58.8%) patients with positive cultures for these had carbapenem-resistant isolates. Patients with carbapenem-resistant VARI had significantly greater ICU costs than patients with carbapenem-susceptible isolates (6053 USD (IQR 3806-7824) vs 3131 USD (IQR 2108-7551), p = 0.04) and after correction for adequacy of initial antibiotics and APACHE II score, showed a trend towards increased risk of in-hospital death (HR 2.82, 95% CI 0.75-6.75, p = 0.15). CONCLUSIONS: VARI in a resource-restricted setting has limited impact on mortality, but shows significant association with increased patient costs, length of stay, and antibiotic use, particularly when caused by carbapenem-resistant bacteria. Evidence-based interventions to reduce VARI in these settings are urgently needed

Risk Factors of Streptococcus suis Infection in Vietnam. A Case-Control Study

Background: Streptococcus suis infection, an emerging zoonosis, is an increasing public health problem across South East Asia and the most common cause of acute bacterial meningitis in adults in Vietnam. Little is known of the risk factors underlying the disease. Methods and Findings: A case-control study with appropriate hospital and matched community controls for each patient was conducted between May 2006 and June 2009. Potential risk factors were assessed using a standardized questionnaire and investigation of throat and rectal S. suis carriage in cases, controls and their pigs, using real-time PCR and culture of swab samples. We recruited 101 cases of S. suis meningitis, 303 hospital controls and 300 community controls. By multivariate analysis, risk factors identified for S. suis infection as compared to either control group included eating "high risk" dishes, including such dishes as undercooked pig blood and pig intestine (OR1 = 2.22; 95% CI = [1.15-4.28] and OR2 = 4.44; 95% CI = [2.15-9.15]), occupations related to pigs (OR1 = 3.84; 95% CI = [1.32-11.11] and OR2 = 5.52; 95% CI = [1.49-20.39]), and exposures to pigs or pork in the presence of skin injuries (OR1 = 7.48; 95% CI = [1.97-28.44] and OR2 = 15.96; 95% CI = [2.97-85.72]). S. suis specific DNA was detected in rectal and throat swabs of 6 patients and was cultured from 2 rectal samples, but was not detected in such samples of 1522 healthy individuals or patients without S. suis infection. Conclusions: This case control study, the largest prospective epidemiological assessment of this disease, has identified the most important risk factors associated with S. suis bacterial meningitis to be eating 'high risk' dishes popular in parts of Asia, occupational exposure to pigs and pig products, and preparation of pork in the presence of skin lesions. These risk factors can be addressed in public health campaigns aimed at preventing S. suis infectio

Automated, Requirements-based Security Testing of Web-oriented Software Systems

Motivation and Context. Modern Internet-based services (e.g., home-banking, personal-training, healthcare) are delivered through Web-oriented software systems which run on multiple and different devices including computers, mobile devices, wearable devices, and smart TVs. They manage and exchange users’ personal data such as credit reports, locations, and health status. Therefore, the security of the system and its data are of crucial importance. Unfortunately, from security requirements elicitation to security testing, there are a number of challenges to be addressed to ensure the security of Web-oriented software systems. First, existing practices for capturing security requirements do not rely on templates that ensure the specification of requirements in a precise, structured, and unambiguous manner. Second, security testing is usually performed either manually or is only partially automated. Most of existing security testing automation approaches focus only on specific vulnerabilities (e.g., buffer overflow, code injection). In addition, they suffer from the oracle problem, i.e., they cannot determine that the software does not meet its security requirements, except when it leads to denial of service or crashes. For this reason, security test automation is usually partial and only addresses the generation of inputs and not the verification of outputs. Though, in principle, solutions for the automated verification of functional requirements might be adopted to automatically verify security requirements, a number of concerns remain to be addressed. First, there is a lack of studies that demonstrate their applicability, in the context of security testing. Second, the oracle problem remains an open problem in many aspects of software testing research, not only security testing. In the context of functional testing, metamorphic testing has shown to be a viable solution to address the oracle problem; however, it has never been studied in the context of security testing. Contributions. In this dissertation, we propose a set of approaches to address the above-mentioned challenges. (1) To model security requirements in a structured and analyzable manner, we propose a use case modeling approach that relies on a restricted natural language and a template already validated in the context of functional testing. It introduces the concepts of security use case specifications (i.e., what the system is supposed to do) and misuse case specifications (i.e., malicious user behaviours that the system is supposed to prevent). Moreover, we propose a template for capturing guidelines for the mitigation of security threats. (2) To verify that systems meet their security requirements, we propose an approach to automatically generate security test cases from misuse use case specifications. More precisely, we propose a natural language programming solution that automatically generates executable security test cases and test inputs from misuse case specifications in natural language. (3) To address the oracle problem, we propose a metamorphic testing solution for Web-oriented software systems. The solution relies on a predefined set of metamorphic relations that capture (a) how an attacker likely alters a valid input to exploit a vulnerable system and (b) how the output of the system should change as a result of the attack if the system meet its security requirements. Our solution relies on Web-crawlers to automatically identify the valid inputs to be used for testing. (4) We identify a set of testability guidelines to facilitate the adoption of the proposed approaches in software projects. The identified guidelines indicate (a) which types of vulnerabilities can be addressed through the solutions proposed in this dissertation and (b) which design solutions should be integrated into the system to enable effective test automation

PHÂN TÍCH CHUỖI GIÁ TRỊ CÁ TRA TỈNH TIỀN GIANG

The research results on the catfish value chain of Tien Giang province show that there were five market channels, of which, the export market channel occupied 94.14% and the domestic market channel took a share of 5.86%. The analysis shows that catfish farming households achieved high economic efficiency, but processing and retail businesses were the actors who gained the largest added value. Enterprises played an important role in controlling the activities of other actors such as households and middlemen in the chain. The division of benefits among the actors was not reasonable, most of the profits belonged to the commercial stage. The research results suggest several solutions to improve the catfish value chain in Tien Giang province such as improving product quality, strengthening cooperation between actors, especially between businesses and households, building brand and market development for the chain.Kết quả nghiên cứu chuỗi giá trị cá tra tỉnh Tiền Giang cho thấy có 5 kênh thị trường. Trong đó, có hai kênh chính, kênh thị trường xuất khẩu chiếm 94,14% và kênh thị trường nội địa chiếm 5,86% tổng khối lượng sản phẩm. Kết quả phân tích chỉ ra hộ nuôi cá tra đạt hiệu quả kinh tế cao nhưng doanh nghiệp chế biến và người bán lẻ là tác nhân thu được giá trị gia tăng lớn nhất. Doanh nghiệp chế biến là tác nhân đóng vai trò quan trọng nhất, chi phối hầu hết các hoạt động của các tác nhân trong chuỗi. Việc phân phối lợi ích giữa các tác nhân chưa hợp lý, phần lớn lợi nhuận thuộc về khâu thương mại. Từ đó, để nâng cao chuỗi giá trị cá tra cần tập trung nâng cao chất lượng sản phẩm; tăng cường mối liên kết giữa các tác nhân; xây dựng thương hiệu và thị trường tiêu thụ sản phẩm