Software Engineering and Information Security

1,064 views
966 views

Published on

Software Engineering and Information Security: R&D Perspectives

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,064
On SlideShare
0
From Embeds
0
Number of Embeds
17
Actions
Shares
0
Downloads
36
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Software Engineering and Information Security

  1. 1. Software Engineering and Information Security R&D Perspectives Massimo FeliciMassimo Felici © 2012 Software Engineering and Information Security 1
  2. 2. Overview • Background and Experience • Software Engineering and Information Security: Rationale • Complex Application Domain: Air Traffic Management • Research Perspectives – Requirements – Risk Analysis – Design and Validation • Research Considerations – Research Impact • Future ResearchMassimo Felici © 2012 Software Engineering and Information Security 2
  3. 3. Background and ExperienceMassimo Felici © 2012 Software Engineering and Information Security 3
  4. 4. Rationale SOFTWARE ENGINEERING AND INFORMATION SECURITYMassimo Felici © 2012 Software Engineering and Information Security 4
  5. 5. Sony Security Cyber Attack • “Sony of Japan revealed that names, addresses, passwords and possibly credit-card details of 77 million accounts were stolen when hackers gained access to the network it runs in 60 countries for its PlayStation online-gaming system” [The Economist, Apr 28th 2011] • “Sony warns of almost 25 million extra user detail theft” [BBC News, 3 May 2011]Massimo Felici © 2012 Software Engineering and Information Security 5
  6. 6. Security AttacksAttacker Types and Techniques Attach Type, Time and Impact [IBM Security Solutions, IBM X-Force® 2011 Mid-year Trend and Risk Report]Massimo Felici © 2012 Software Engineering and Information Security 6
  7. 7. Vulnerability Disclosures [IBM Security Solutions, IBM X-Force® 2011 Mid-year Trend and Risk Report]Massimo Felici © 2012 Software Engineering and Information Security 7
  8. 8. Who should worry? • Security is a concern across different domains and countries • “An investigation of targeted intrusions into more than 70 global companies, governments, and non-profit organizations during the last five years” [McAfee, 2011]Massimo Felici © 2012 Software Engineering and Information Security 8
  9. 9. Scenario AIR TRAFFIC MANAGEMENTMassimo Felici © 2012 Software Engineering and Information Security 9
  10. 10. Complex Application Domain • Ongoing developments in the Air Traffic Management domain • The SESAR (Single European Sky ATM Research) project is the European air traffic control infrastructure modernisation programme. SESAR aims at developing the new generation Air Traffic Management system capable of ensuring the safety and fluidity of air transport worldwide over the next 30 years • Overall features – Large-Scale... European (and beyond) wide systems – Complex ICT – Stringent security requirements along side other key Performance Indicators (e.g. Safety) – Deployments of new ICT involving operational changes – Human factors, changes in ICT affecting work practicesMassimo Felici © 2012 Software Engineering and Information Security 10
  11. 11. Air Traffic ManagementToday The SESAR ATM System [SESAR Release, SESAR Joint Undertaking 2011]Massimo Felici © 2012 Software Engineering and Information Security 11
  12. 12. System Wide Information Management SWIM Infrastructure System Security DesignMassimo Felici © 2012 Software Engineering and Information Security 12
  13. 13. Research SOFTWARE ENGINEERING AND INFORMATION SECURITYMassimo Felici © 2012 Software Engineering and Information Security 13
  14. 14. Ensuring Trustworthiness and Security in Service Composition Socio-Technical Security Requirements Problem: ensuring trustworthiness and security in service composition Modelling and Validation: socio-technical security requirementsContext: operational accounts of ATMpractice highlight information exchange Massimo Felici © 2012 Software Engineering and Information Security 14
  15. 15. Requirements Evolution Problem: understanding requirements changes, requirements evolution • Avionics case study • Safety-critical software • Empirical analysis of requirements changes • Functional analysis of requirements changes • Architecture stability • Quantitative accounts of requirements changes • Requirements evolution modelling [Felici, 2004]Massimo Felici © 2012 Software Engineering and Information Security 15
  16. 16. Security Engineering for Lifelong Evolvable Systems Security Model-Driven Risk Analysis Problem: assessing impact of changes [Felici et al., 2011] on critical security properties Modelling: structured (CORAS) models elicited to perform risk analysis Validation: shift of risk perceptionsMassimo Felici © 2012 Software Engineering and Information Security 16
  17. 17. Interdisciplinary Research Collaboration in Interdisciplinary Design and Dependability of Computer-Based Systems Evaluation of Dependability Emerging Technological Risk • Provides a multidisciplinary account of technology risk • Reviews different case studies • Identifies classes of socio- technical hazards – how technological risk crosses organizational boundaries – how technological trajectories S. Anderson, M. Felici and evolution develop Emerging Technological Risk Underpinning the Risk of Technology Innovation – how social behaviour shapes, and is shaped by, technology Springer, 2012Massimo Felici © 2012 Software Engineering and Information Security 17
  18. 18. System Engineering for Security & Dependability Security & Dependability PatternsProblem: Security & Dependability Context: supporting organisational workPatterns to design and implement ICT practice to deal with emerging threats Validation: Security & Dependability Patterns enabling resilient processesMassimo Felici © 2012 Software Engineering and Information Security 18
  19. 19. Trust Observations Problem: validating new operational concepts and system configurations • Empirical analysis of an operational account of trust in validation exercises • Trust observations highlight how different system configurations support work practices [Felici et al., 2011]Massimo Felici © 2012 Software Engineering and Information Security 19
  20. 20. Summary • Information security is a real problem in different complex application domains – Air Traffic Management • Research Perspectives – Requirements problems: validation and evolution – Socio-technical Risk Analysis: modelling and social perspectives of risk analysis – Validation: Dependability, Resilience, TrustMassimo Felici © 2012 Software Engineering and Information Security 20
  21. 21. Research Considerations SOFTWARE ENGINEERING AND INFORMATION SECURITYMassimo Felici © 2012 Software Engineering and Information Security 21
  22. 22. Research Remarks • Engineering software systems for security and trustworthiness requires dealing with subtle complexities • It is necessary to combine diverse methodologies throughout software development and deployment • My research is concerned with supporting engineering software and understanding software complexities (e.g. in terms of critical features) in different development phases (e.g. validation) and application domains – Multidisciplinary research – Socio-technical systems – Dependability, Risk, TrustMassimo Felici © 2012 Software Engineering and Information Security 22
  23. 23. Research Impact: ATM Community • Exploited PhD on requirements evolution within the EU SecureChange project • Exploited Dependability, Risk and Trust studies to support SME in related EU ICT projects • Conducted case studies drawn from the ATM domain • Led Edinburgh University engagement in the INNOVATE (INNOvation through Validation for Air Transportation in Europe) consortium, Modelling Support to Validation, Associate Partners of SESAR JU • Visibility: Work on Trust published, and also linked in SKYbrary (the online ATM reference collection for aviation safety knowledge) • Visibility: Consulting Editor for the US FAA (Federal Aviation Administration) International Journal of Applied AviationMassimo Felici © 2012 Software Engineering and Information Security 23
  24. 24. Supporting European Commission • Co-organised a networking session, on Privacy, Identity Management and Dependability in Emerging ICT-based Interaction Scenarios: Trustworthy Fulfillment of Requirements beyond purely Technological Innovation, at ICT 2008 • Appointed by the European Commission, Information Society and Media Directorate, Trust and Security, as Independent Expert/Reviewer for industry-led ICT projects – PrimeLife, Privacy and Identity Management in Europe for Life – WebSand, Server-driven Outbound Web-application SandboxingMassimo Felici © 2012 Software Engineering and Information Security 24
  25. 25. Another Application Domain: Healthcare Recently, started collaborating and extending research work in Healthcare domains • Centre for Population Health Sciences, The University of Edinburgh Anderson, S., Fairbrother, P., Felici, M., Hanley, J., McKinstry, B. Ure, J.: From Hazards to Resilience in Socio-Technical Healthcare Systems. In Hollnagel, E., Rigaud, E., Besnard, D. (Eds.), Proceedings of the fourth Resilience Engineering Symposium, pp.15- 21 (2011) • Warwick Medical School, The University of Warwick Sujan, M.-A., Felici, M.: Combining Failure Mode and Functional Resonance Analyses in Healthcare Settings. In Proceedings of SAFECOMP 2012, the 31st International Conference on Computer Safety, Reliability and Security, LNCS, Springer-Verlag (to appear)Massimo Felici © 2012 Software Engineering and Information Security 25
  26. 26. Supporting Research Communities• SAFECOMP, International Conference on Computer Safety, Reliability and Security• DSN, IEEE/IFIP International Conference on Dependable Systems and Networks• SERE, IEEE International Conference on Software Security and Reliability• ISARCS, International ACM SigSoft Symposium on Architecting Critical Systems...and many othersMassimo Felici © 2012 Software Engineering and Information Security 26
  27. 27. Future Research • Software Engineering Foundations – Empirical investigation of software engineering models (e.g. requirements and design models) – Further understanding evolution (e.g. requirements evolution) – Modelling support to validation – INNOVATE (INNOvation through Validation for Air Transportation in Europe) • Security and Trust Observations – Security and Trust as deployment strategies that offers a rich range of trade-offs – Empirical investigation and validation of different Security and Trust models • Dependability Benchmarking and Risk Analysis – Socio-technical risk analysis – Operational validationMassimo Felici © 2012 Software Engineering and Information Security 27
  28. 28. THANK YOUMassimo Felici © 2012 Software Engineering and Information Security 28

×