Model-Based Real-Time Evaluation of Security Patterns: A SCADA System Case Study

Motii, Anas; Lanusse, Agnès; Hamid, Brahim; Bruel, Jean‐Michel

doi:10.1007/978-3-319-45480-1_30

Cited by 6 publications

(2 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This method was used in [26] to validate the custom-designed emulators of transmission power lines by comparing the emulation results to Simulink/MatLab models. This form of testing also has the advantage of not being limited to real-time; thus, it may be used to quickly generate results for physical or cybercomponents [73][74][75][76][77][78][79][80][81][82].…”

Section: Cyber-physical System Testingmentioning

confidence: 99%

Review of Design Elements within Power Infrastructure Cyber–Physical Test Beds as Threat Analysis Environments

et al. 2021

View full text Add to dashboard Cite

Cyber–physical systems (CPSs) are an integral part of modern society; thus, enhancing these systems’ reliability and resilience is paramount. Cyber–physical testbeds (CPTs) are a safe way to test and explore the interplay between the cyber and physical domains and to cost-effectively enhance the reliability and resilience of CPSs. Here a review of CPT elements, broken down into physical components (simulators, emulators, and physical hardware), soft components (communication protocols, network timing protocols), and user interfaces (visualization-dashboard design considerations) is presented. Various methods used to validate CPS performance are reviewed and evaluated for potential applications in CPT performance validation. Last, initial simulated results for a CPT design, based on the IEEE 33 bus system, are presented, along with a brief discussion on how model-based testing and fault–injection-based testing (using scaling and ramp-type attacks) may be used to help validate CPT performance.

show abstract

Section: Cyber-physical System Testingmentioning

confidence: 99%

Review of Design Elements within Power Infrastructure Cyber–Physical Test Beds as Threat Analysis Environments

et al. 2021

View full text Add to dashboard Cite

show abstract

“… Evaluating security patterns: Some research works such as (Halkidis et al, 2006), (Motii et al, 2016b) and (Duncan and de Muijnck-Hughes, 2014) have focused on the evaluation of security patterns themselves.  Evaluating the effect of security patterns on software systems: Another group of research works such as (Abramov et al, 2012b), (Smith and Williams, 2012) and (Ortiz et al, 2011) have analyzed the effectiveness of security patterns and pattern-based methods on the security of the target system.…”

Section: The Quality Evaluation Categorymentioning

confidence: 99%

Security patterns: A systematic mapping study

Jafari

Rasoolzadegan

2020

Journal of Computer Languages

View full text Add to dashboard Cite

Security patterns are a means to encapsulate and communicate proven security solutions. They are wellestablished approaches for introducing security into the software development process. Our objective is to explore the research efforts on security patterns and discuss the current state of the art. This study will serve as a guideline for researchers, practitioners, and teachers interested in this field. We have conducted a systematic mapping study of relevant literature from 1997 until the end of 2017 and identified 403 relevant papers, 274 of which were selected for analysis based on quality criteria. This study derives a customized research strategy from established systematic approaches in the literature. We have utilized an exhaustive 3-tier search strategy to ensure a high degree of completeness during the study collection and used a test set to evaluate our search. The first 3 research questions address the demographics of security pattern research such as topic classification, trends, and distribution between academia and industry, along with prominent researchers and venues. The next 9 research questions focus on more indepth analyses such as pattern presentation notations and classification criteria, pattern evaluation techniques, and pattern usage environments. The results and discussions of this study have significant implications for researchers, practitioners, and teachers in software engineering and information security. to the end of 2017 Security pattern related research (Development, Evaluation, Usage)TABLE 1 COMPARISON BETWEEN OUR WORK AND OTHER REVIEWSpattern research and instead, attempted to cover the entire research spectrum in this field. We initially planned to utilize only two search strategies (manual search and backward snowballing), but we found that these two approaches were lacking in a few specific instances. The issue with backward snowballing and manual search is that they rely on the cross-reference relationship between research papers. Papers referenced from multiple other papers, or published in commonly occurring venues are easily discovered, whereas isolated papers in unexpected venues have a chance of never being found. Another issue with backward snowballing stems from its backward nature. The search period for our study was up to the end of 2017, but to find 2017 papers through backward snowballing, we had to analyze papers published after that period (2018 and up) which was out of our scope. Similarly, newer papers with fewer citations are hard to discover through backward snowballing. Adding a database search proved beneficial as we discovered 97 new papers, 64 of which were included.The time period for the study of Uzunov et al. (Uzunov et al., 2012) and Yoshioka et al. (Yoshioka et al., 2008) in Table 1 are not explicitly stated, but are extracted based on the references list. In the work of Bunke et al. (Bunke et al., 2012), the mentioned number of studies consists of other non-primary studies (e.g. tech reports, books, surveys). This work utilizes three search strat...

show abstract

Text Categorization Approach for Secure Design Pattern Selection Using Software Requirement Specification

et al. 2018

View full text Add to dashboard Cite

Model-Based Real-Time Evaluation of Security Patterns: A SCADA System Case Study

Cited by 6 publications

References 18 publications

Review of Design Elements within Power Infrastructure Cyber–Physical Test Beds as Threat Analysis Environments

Review of Design Elements within Power Infrastructure Cyber–Physical Test Beds as Threat Analysis Environments

Security patterns: A systematic mapping study

Text Categorization Approach for Secure Design Pattern Selection Using Software Requirement Specification

Contact Info

Product

Resources

About