Search Results

${\mathsf{TLA}}^{+}$ is a formal specification language for modelling systems and programs. While ${\mathsf{TLA}}^{+}$ allows writing specifications involving real numbers, its existing tool support does not currently extend to automating real arithmetic proofs. This ...${\mathsf{}}^{}$${\mathsf{}}^{}$

Assurance techniques such as adversary-centric security testing are an essential part of the risk assessment process for improving risk mitigation and response capabilities against cyber attacks. While the use of these techniques, including vulnerability ...

A variety of Threat Analysis (TA) techniques exist that typically target exploring threats to discrete assets (e.g., services, data, etc.) and reveal potential attacks pertinent to these assets. Furthermore, these techniques assume that the ...

Moving Target Defense (MTD) can eliminate the asymmetric advantage that attackers have in terms of time to explore a static system by changing a system's configuration dynamically to reduce the efficacy of reconnaissance and increase uncertainty and ...

The advent of 5G technology introduces new - and potentially undiscovered - cybersecurity challenges, with unforeseen impacts on our economy, society, and environment. Interestingly, Intrusion Detection Mechanisms (IDMs) can provide the necessary network ...

Over the last decade, we have seen a shift in the focus of cyber attacks, moving from traditional IT systems to include more specialised Industrial Control Systems (ICS), often found within Critical National Infrastructure (CNI). ...

• Analysis of guideline documents on industrial cyber incident response & recovery.

Cyber-Physical Systems (CPS) are formed through interconnected components capable of computation, communication, sensing and changing the physical world. The development of these systems poses a significant challenge, since they have to be designed in a ...

Novel computing paradigms, e.g., the Cloud, introduce new requirements with regard to access control such as utilization of historical information and continuity of decision. However, these concepts may introduce an additional level of complexity ...${}^{}$${}^{}$

Do today’s certification qualifications effectively assess cybersecurity professionals’ core competencies? Five distinct techniques for identifying qualifications form the basis of a large-scale survey of industry stakeholders.

Access control offers mechanisms to control and limit the actions or operations that are performed by a user on a set of resources in a system. Many access control models exist that are able to support this basic requirement. One of the properties ...

It becomes essential when reasoning about the security risks to critical utilities such electrical power and water distribution to recognize that the interests of producers and consumers do not fully coincide. They may have incentives to behave ...

The assurance technique is a fundamental component of the assurance ecosystem; it is the mechanism by which we assess security to derive a measure of assurance. Despite this importance, the characteristics of these assurance techniques have not been ...

Assurance techniques generate evidence that allow us to make claims of assurance about security. For the purpose of certification to an assurance scheme, this evidence enables us to answer the question: are the implemented security controls consistent ...

The cloud is a modern computing paradigm with the ability to support a business model by providing multi-tenancy, scalability, elasticity, pay as you go and self-provisioning of resources by using broad network access. Yet, cloud systems are mostly ...

The increased complexity of modern access control (AC) systems stems partly from the need to support diverse and multiple administrative domains. Systems engineering is a key technology to manage this complexity since it is capable of assuring that an ...

Modern collaborative systems such as the Grid computing paradigm are capable of providing resource sharing between users and platforms. These collaborations need to be done in a transparent way among the participants of a virtual organization (VO). A VO ...

Dynamic inter-domain collaborations and resource sharing comprise two key characteristics of mobile Grid systems. However, interdomain collaborations have proven to be vulnerable to conflicts that can lead to privilege escalation. These conflicts are ...

Despite the wide adoption by the scientific community, grid technologies have not been given the appropriate attention by enterprises. This is merely due to the lack of enough studying and defining security requirements of grid computing systems. More ...