Archives: Publication

Tuesday, May 2, 2023

New Publication: Formalizing the Relationship between Security Policies and Objectives in Software Architectures

Our recent work on formalizing the relationship between security policies and objectives in software architectures is now available online. This work is the result of a collaboration with with colleagues at IRIT. It was presented at the 20th IEEE International Conference on Software Architecture (ICSA 2023) in March 2023. See Publications for more... More

Wednesday, April 5, 2023

New Publication: Understanding the Role of Human-Related Factors in Security Requirements Elicitation

Check out our latest publication "Understanding the Role of Human-Related Factors in Security Requirements Elicitation" which is now online. This is collaborative work with colleagues at Ontario Tech University a. This paper explores the role that human-related factors of requirements engineering teams play in eliciting high-quality security... More

Tuesday, April 4, 2023

New Publication: Defense Models for Data Recovery in Industrial Control Systems

Our new publication "Defense Models for Data Recovery in Industrial Control Systems" is available online. This is the work of PhD Student, Alvi Jawad. In this work, we equip a manufacturing ICS with three system defenses, modeled using timed automata in UPPAAL, that can perform data recovery against data corruption attacks. Additionally, we... More

Friday, March 24, 2023

New Publication: Conceptualizing the Secure Machine Learning Operations (SecMLOps) Paradigm

Our publication "Conceptualizing the Secure Machine Learning Operations (SecMLOps) Paradigm" is now available online. This is the work of PhD Student, Xinrui Zhang. This paper introduces the Secure Machine Learning Operations (SecMLOps) paradigm, which extends MLOps with security considerations. We use the People, Processes, Technology, Governance... More

Friday, March 24, 2023

New Publication: Towards Logical Specification of Adversarial Examples in Machine Learning

Our publication "Towards Logical Specification of Adversarial Examples in Machine Learning" is now available online. This is collaborative work with researchers at IRIT and CEA List. This paper proposes an approach to adversarial example threat specification and detection in component-based software architecture models using first-order and modal... More

Wednesday, February 8, 2023

New Publication: Security Patterns for Machine Learning: The Data-Oriented Stages

Our publication "Security Patterns for Machine Learning: The Data-Oriented Stages" is now available online. This is the work of PhD Student, Xinrui Zhang. This paper presents a collection of security patterns for the data-oriented stages in the machine learning (ML) workflow, including data collection, data storage, and data preparation. It... More

Monday, January 9, 2023

New Publication: Towards the Integration of Human Factors in Collaborative Decision Making for Secure Architecture Design

Our publication "Towards the Integration of Human Factors in Collaborative Decision Making for Secure Architecture Design" is now available online. In this paper, we propose a framework for considering human factors in collaborative decision-making for secure architecture design. At the core of the proposed framework, are conceptual models for... More

Sunday, August 28, 2022

New Publication: A Threat Model and Security Recommendations for IoT Sensors in Connected Vehicle Networks

Our publication "A Threat Model and Security Recommendations for IoT Sensors in Connected Vehicle Networks" is now available online. This paper proposes a novel STRIDE-based threat model for IoT sensors in connected vehicle networks aimed at addressing these challenges. Using a reference architecture of a connected vehicle, we identify system... More

Wednesday, August 17, 2022

New Publication: A Formal Analysis of the Efficacy of Rebooting as a Countermeasure Against IoT Botnets

Our publication "A Formal Analysis of the Efficacy of Rebooting as a Countermeasure Against IoT Botnets" is now available online.  In this paper, we present a timed formal mode-based approach is presented to observe and analyze the manifold impact of various cyberattacks on the operations of industrial control systems. The analysis is automated... More

Saturday, June 25, 2022

New Publication: Software Design Trends Supporting Multiconcern Assurance

Our Guest Editor introduction for the IEEE Software Theme Issue on Software Design Trends Supporting Multiconcern Assurance is now online. The concept of software assurance is centred around the ability to provide justified confidence that that software, hardware, and services function as intended with adequate safety, security, availability,... More

Wednesday, April 27, 2022

New Publication: An Evaluation of IoT Security Guidance Documents: A Shared Responsibility Perspective

Our publication "An Evaluation of IoT Security Guidance Documents: A Shared Responsibility Perspective" is now available online.  In this paper, we explore the extent to which existing guidance documentation supports a shared responsibility model between manufacturers and end users for IoT security. Based on a comparative analysis of existing... More

Sunday, March 13, 2022

New Publication: Analyzing the Impact of Cyberattacks on Industrial Control Systems using Timed Automata

Our publication "Analyzing the Impact of Cyberattacks on Industrial Control Systems using Timed Automata" is now available online.  In this paper, we present a timed formal mode-based approach is presented to observe and analyze the manifold impact of various cyberattacks on the operations of industrial control systems. The analysis is automated... More

Load More →