Smart cyber-physical systems:beyond usable security to security ergonomics by design

Securing cyber-physical systems is hard. They are complex infrastructures comprising multiple technological artefacts, designers, operators and users. Existing research has established the security challenges in such systems as well as the role of usable security to support humans in effective security decisions and actions. In this paper we focus on smart cyberphysical systems, such as those based on the Internet of Things (IoT). Such smart systems aim to intelligently automate a variety of functions, with the goal of hiding that complexity from the user. Furthermore, the interactions of the user with such systems are more often implicit than explicit, for instance, a pedestrian with wearables walking through a smart city environment will most likely interact with the smart environment implicitly through a variety of inferred preferences based on previously provided or automatically collected data. The key question that we explore is that of empowering software engineers to pragmatically take into account how users make informed security choices about their data and information in such a pervasive environment. We discuss a range of existing frameworks considering the impact of automation on user behaviours and argue for the need of a shift—from usability to security ergonomics as a key requirement when designing and implementing security features in smart cyber-physical environments. Of course, the considerations apply more broadly than security but, in this paper, we focus only on security as a key concern

Software engineering for privacy in-the-large

There will be an estimated 35 zettabytes (35$times$10textsuperscript{21}) of digital records worldwide by the year 2020. This effectively amounts to privacy management on an ultra-large-scale. In this briefing, we discuss the privacy challenges posed by such an ultra-large-scale ecosystem - we term this ``Privacy in the Large''. We will contrast existing approaches to privacy management, reflect on their strengths and limitations in this regard and outline key software engineering research and practice challenges to be addressed in the future

Technical Report: Gone in 20 Seconds -- Overview of a Password Vulnerability in Siemens HMIs

Siemens produce a range of industrial human machine interface (HMI) screens which allow operators to both view information about and control physical processes. For scenarios where an operator cannot physically access the screen, Siemens provide the SM@rtServer features on HMIs, which when activated provides remote access either through their own Sm@rtClient application, or through third party VNC client software. Through analysing this server, we discovered a lack of protection against brute-force password attacks on basic devices. On advanced devices which include a brute-force protection mechanism, we discovered an attacker strategy that is able to evade the mechanism allowing for unlimited password guess attempts with minimal effect on the guess rate. This vulnerability has been assigned two CVEs - CVE-2020-15786 and CVE-2020-157867. In this report, we provide an overview of this vulnerability, discuss the impact of a successful exploitation and propose mitigations to provide protection against this vulnerability. This report accompanies a demo presented at CPSIoTSec 2020.Comment: 7 page

Engineering sustainability through language

As our understanding and care for sustainability concerns increases, so does the demand for incorporating these concerns into software. Yet, existing programming language constructs are not well-aligned with concepts of the sustainability domain. This undermines what we term technical sustainability of the software due to (i) increased complexity in programming of such concerns and (ii) continuous code changes to keep up with changes in (environmental, social, legal and other) sustainability-related requirements. In this paper we present a proof-of-concept approach on how technical sustainability support for new and existing concerns can be provided through flexible language-level programming. We propose to incorporate sustainability-related behaviour into programs through micro-languages enabling such behaviour to be updated and/or redefined as and when required

A systematic survey of online data mining technology intended for law enforcement

As an increasing amount of crime takes on a digital aspect, law enforcement bodies must tackle an online environment generating huge volumes of data. With manual inspections becoming increasingly infeasible, law enforcement bodies are optimising online investigations through data-mining technologies. Such technologies must be well designed and rigorously grounded, yet no survey of the online data-mining literature exists which examines their techniques, applications and rigour. This article remedies this gap through a systematic mapping study describing online data-mining literature which visibly targets law enforcement applications, using evidence-based practices in survey making to produce a replicable analysis which can be methodologically examined for deficiencies

Developer Essentials:Top Five Interventions to Support Secure Software Development

Cyber security is a big and increasing problem. Almost every week we hear of a new exploit or security breach that leads to major concerns about our digital infrastructure. Software systems are at the very heart of this digital infrastructure. Therefore, while there may be many commercial, social and practical factors that contribute, it is certain that the decisions of software development teams must have a significant impact on the vulnerability of those systems. In this research we explored ways in which outside actors – such as management, coaches, security teams, industry bodies, and government agencies – may positively influence the security of the software created by development teams, while keeping the development competitive and practically viable. This means that the costs of such 'interventions' need to be acceptable relative to the risks that they address. We interviewed 14 specialists in introducing software security to development teams. Based on a rigorous analysis of their responses, we were surprised to find that three of the most cost effective and scalable interventions are 'cultural interventions' – ones that work to influence the working of development teams, rather than the artefacts they produce: 1. Developing a 'threat model' and using that model to achieve commercially negotiated, risk based, agreement how threats are to be addressed; 2. A motivational workshop engaging the team with the genuine security problems as they affect their specific projects, while making it clear how they are to address those problems; and 3. Continuing 'nudges' to the developers to remind them of the importance of security. The other two low-cost and effective interventions relate to the code produced: 4. The use of source code analysis tools; and 5. The informed choice of components based on their security quality. We therefore suggest that providing guidelines, technical support and mentoring in each of these five interventions will have a significant effect on improving the security quality of code developed in future