Home / Publication / Page 2
Monday, September 18, 2023
Our recent paper on constructing security assurance cases based on formal verification using Alloy. This work is the result of a collaboration with with colleagues at IRIT and CEA List. It was presented at the 8th International Workshop on Assurance Cases for Software-intensive Systems (ASSURE 2023) in September 2023. See Publications for more... More
Tuesday, May 2, 2023
Our recent work on formalizing the relationship between security policies and objectives in software architectures is now available online. This work is the result of a collaboration with with colleagues at IRIT. It was presented at the 20th IEEE International Conference on Software Architecture (ICSA 2023) in March 2023. See Publications for more... More
Wednesday, April 5, 2023
Check out our latest publication "Understanding the Role of Human-Related Factors in Security Requirements Elicitation" which is now online. This is collaborative work with colleagues at Ontario Tech University a. This paper explores the role that human-related factors of requirements engineering teams play in eliciting high-quality security... More
Tuesday, April 4, 2023
Our new publication "Defense Models for Data Recovery in Industrial Control Systems" is available online. This is the work of PhD Student, Alvi Jawad. In this work, we equip a manufacturing ICS with three system defenses, modeled using timed automata in UPPAAL, that can perform data recovery against data corruption attacks. Additionally, we... More
Friday, March 24, 2023
Our publication "Conceptualizing the Secure Machine Learning Operations (SecMLOps) Paradigm" is now available online. This is the work of PhD Student, Xinrui Zhang. This paper introduces the Secure Machine Learning Operations (SecMLOps) paradigm, which extends MLOps with security considerations. We use the People, Processes, Technology, Governance... More
Our publication "Towards Logical Specification of Adversarial Examples in Machine Learning" is now available online. This is collaborative work with researchers at IRIT and CEA List. This paper proposes an approach to adversarial example threat specification and detection in component-based software architecture models using first-order and modal... More
Wednesday, February 8, 2023
Our publication "Security Patterns for Machine Learning: The Data-Oriented Stages" is now available online. This is the work of PhD Student, Xinrui Zhang. This paper presents a collection of security patterns for the data-oriented stages in the machine learning (ML) workflow, including data collection, data storage, and data preparation. It... More
Monday, January 9, 2023
Our publication "Towards the Integration of Human Factors in Collaborative Decision Making for Secure Architecture Design" is now available online. In this paper, we propose a framework for considering human factors in collaborative decision-making for secure architecture design. At the core of the proposed framework, are conceptual models for... More
Sunday, August 28, 2022
Our publication "A Threat Model and Security Recommendations for IoT Sensors in Connected Vehicle Networks" is now available online. This paper proposes a novel STRIDE-based threat model for IoT sensors in connected vehicle networks aimed at addressing these challenges. Using a reference architecture of a connected vehicle, we identify system... More
Wednesday, August 17, 2022
Our publication "A Formal Analysis of the Efficacy of Rebooting as a Countermeasure Against IoT Botnets" is now available online. In this paper, we present a timed formal mode-based approach is presented to observe and analyze the manifold impact of various cyberattacks on the operations of industrial control systems. The analysis is automated... More
Saturday, June 25, 2022
Our Guest Editor introduction for the IEEE Software Theme Issue on Software Design Trends Supporting Multiconcern Assurance is now online. The concept of software assurance is centred around the ability to provide justified confidence that that software, hardware, and services function as intended with adequate safety, security, availability,... More
Wednesday, April 27, 2022
Our publication "An Evaluation of IoT Security Guidance Documents: A Shared Responsibility Perspective" is now available online. In this paper, we explore the extent to which existing guidance documentation supports a shared responsibility model between manufacturers and end users for IoT security. Based on a comparative analysis of existing... More
Search