Rodríguez, Ricardo J; Merseguer, José; Bernardi, Simona
Modelling Security of Critical Infrastructures: A Survivability Assessment Journal Article
In: The Computer Journal, vol. 58, no. 10, pp. 2313–2327, 2015.
Abstract | Links | BibTeX | Tags: Security, sensitive analysis, software system engineering, Survivability, UML
@article{RMB-COMPJ-15,
title = {Modelling Security of Critical Infrastructures: A Survivability Assessment},
author = {Ricardo J Rodríguez and José Merseguer and Simona Bernardi},
url = {http://webdiis.unizar.es/~ricardo/files/papers/RMB-COMPJ-15.pdf},
doi = {10.1093/comjnl/BXU096},
year = {2015},
date = {2015-10-01},
journal = {The Computer Journal},
volume = {58},
number = {10},
pages = {2313--2327},
abstract = {Critical infrastructures, usually designed to handle disruptions caused by human errors or random acts of nature, define assets whose normal operation must be guaranteed to maintain its essential services for human daily living. Malicious intended attacks to these targets need to be considered during system design. To face with these situations, defense plans must be developed in advance. In this paper, we present a UML profile, named SecAM, that enables the modelling and security specification for critical infrastructures during the early phases (requirements, design) of systems development life-cycle. SecAM endows security assessment, through survivability analysis, of different security solutions before system deployment. As a case study, we evaluate the survivability of the Saudi Arabia crude-oil pipeline network under two different attack scenarios. The stochastic analysis, carried out with Generalized Stochastic Petri nets, quantitatively estimates the minimisation of attack damages into the crude-oil network.},
keywords = {Security, sensitive analysis, software system engineering, Survivability, UML},
pubstate = {published},
tppubtype = {article}
}
Critical infrastructures, usually designed to handle disruptions caused by human errors or random acts of nature, define assets whose normal operation must be guaranteed to maintain its essential services for human daily living. Malicious intended attacks to these targets need to be considered during system design. To face with these situations, defense plans must be developed in advance. In this paper, we present a UML profile, named SecAM, that enables the modelling and security specification for critical infrastructures during the early phases (requirements, design) of systems development life-cycle. SecAM endows security assessment, through survivability analysis, of different security solutions before system deployment. As a case study, we evaluate the survivability of the Saudi Arabia crude-oil pipeline network under two different attack scenarios. The stochastic analysis, carried out with Generalized Stochastic Petri nets, quantitatively estimates the minimisation of attack damages into the crude-oil network.
Vila, José; Rodríguez, Ricardo J
Practical Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited Proceedings Article
In: Proceedings of the 11th International Workshop on RFID Security (RFIDsec), pp. 87–103, Springer, 2015.
Abstract | Links | BibTeX | Tags: Android, contactless cards, contactless payment, NFC, relay attacks, Security
@inproceedings{VR-RFIDsec-15,
title = {Practical Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited},
author = {José Vila and Ricardo J Rodríguez},
url = {http://webdiis.unizar.es/~ricardo/files/papers/VR-RFIDsec-15.pdf},
doi = {10.1007/978-3-319-24837-0_6},
year = {2015},
date = {2015-01-01},
booktitle = {Proceedings of the 11th International Workshop on RFID Security (RFIDsec)},
volume = {9440},
pages = {87--103},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
abstract = {Near Field Communication (NFC) is a short-range contactless communication standard recently emerging as cashless payment technology. However, NFC has been proved vulnerable to several threats, such as eavesdropping, data modification, and relay attacks. A relay attack forwards the entire wireless communication, thus communicating over larger distances. In this paper, we review and discuss feasibility limitations when performing these attacks in Google's Android OS. We show an experiment proving its feasibility using off-the-shelf NFC-enabled Android devices (i.e., no custom firmware nor root required). Thus, Android NFC-capable malicious software might appear before long to virtually pickpocket contactless payment cards within its proximity.},
keywords = {Android, contactless cards, contactless payment, NFC, relay attacks, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Near Field Communication (NFC) is a short-range contactless communication standard recently emerging as cashless payment technology. However, NFC has been proved vulnerable to several threats, such as eavesdropping, data modification, and relay attacks. A relay attack forwards the entire wireless communication, thus communicating over larger distances. In this paper, we review and discuss feasibility limitations when performing these attacks in Google's Android OS. We show an experiment proving its feasibility using off-the-shelf NFC-enabled Android devices (i.e., no custom firmware nor root required). Thus, Android NFC-capable malicious software might appear before long to virtually pickpocket contactless payment cards within its proximity.
Rodríguez, Ricardo J; Júlvez, Jorge; Merseguer, José
Quantification and Compensation of the Impact of Faults in System Throughput Journal Article
In: Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability, vol. 227, no. 6, pp. 614–628, 2013.
Abstract | Links | BibTeX | Tags: fault-tolerant techniques, integer-linear programming, Performability, Petri nets
@article{RJM-JRR-13,
title = {Quantification and Compensation of the Impact of Faults in System Throughput},
author = {Ricardo J Rodríguez and Jorge Júlvez and José Merseguer},
url = {http://webdiis.unizar.es/~ricardo/files/papers/RJM-JRR-13.pdf},
doi = {10.1177/1748006X13492284},
year = {2013},
date = {2013-12-01},
journal = {Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability},
volume = {227},
number = {6},
pages = {614--628},
abstract = {Performability relates the performance (throughput) and reliability of software systems whose normal behaviour may degrade owing to the existence of faults. These systems, naturally modelled as discrete event systems using shared resources, can incorporate fault-tolerant techniques to mitigate such a degradation. In this article, compositional fault-tolerant models based on Petri nets, which make its sensitive performability analysis easier, are proposed. Besides, two methods to compensate existence of faults are provided: an iterative algorithm to compute the number of extra resources needed, and an integer-linear programming problem that minimises the cost of incrementing resources and/or decrementing fault-tolerant activities. The applicability of the developed methods is shown on a Petri net that models a secure database system.},
keywords = {fault-tolerant techniques, integer-linear programming, Performability, Petri nets},
pubstate = {published},
tppubtype = {article}
}
Performability relates the performance (throughput) and reliability of software systems whose normal behaviour may degrade owing to the existence of faults. These systems, naturally modelled as discrete event systems using shared resources, can incorporate fault-tolerant techniques to mitigate such a degradation. In this article, compositional fault-tolerant models based on Petri nets, which make its sensitive performability analysis easier, are proposed. Besides, two methods to compensate existence of faults are provided: an iterative algorithm to compute the number of extra resources needed, and an integer-linear programming problem that minimises the cost of incrementing resources and/or decrementing fault-tolerant activities. The applicability of the developed methods is shown on a Petri net that models a secure database system.
Rodríguez, Ricardo J; Merseguer, José; Bernardi, Simona
Modelling and Analysing Resilience as a Security Issue within UML Proceedings Article
In: Proceedings of the 2nd International Workshop on Software Engineering for Resilient Systems (SERENE), pp. 42–51, ACM, London, United Kingdom, 2010.
Abstract | Links | BibTeX | Tags: Petri nets, Petri nets, Security, software system engineering, UML
@inproceedings{RMB-SERENE-10,
title = {Modelling and Analysing Resilience as a Security Issue within UML},
author = {Ricardo J Rodríguez and José Merseguer and Simona Bernardi},
url = {http://webdiis.unizar.es/~ricardo/files/papers/RMB-SERENE-10.pdf},
doi = {10.1145/2401736.2401741},
year = {2010},
date = {2010-04-01},
booktitle = {Proceedings of the 2nd International Workshop on Software Engineering for Resilient Systems (SERENE)},
pages = {42--51},
publisher = {ACM},
address = {London, United Kingdom},
abstract = {Modelling system security is not common practise in software projects yet. Among other problems, there is not a widely accepted methodology which unifies the actual heterogeneity of security issues when addressing a whole security specification. Certainly, the reality is even worse since there is not an accepted or standard common notation for carrying out the security specification. In this work, we study how modelling security issues, specifically resilience, could be integrated in the MARTE-DAM framework, which allows the expression of performance and dependability requirements in UML models. We base this claim on the close relationship between security and dependability. Indeed, MARTE proposes a framework for non-functional properties specification (NFP), while DAM exploits it for dependability purposes. So, our goal is to take advantage of the common NFP framework while the dependability and security concerns are modelled in a unified view. On the other hand, we consider that the resulting security specification will be useful for developing model in which security related properties, such as availability, will be analysed. We will clarify these claims by means of an example.},
keywords = {Petri nets, Petri nets, Security, software system engineering, UML},
pubstate = {published},
tppubtype = {inproceedings}
}
Modelling system security is not common practise in software projects yet. Among other problems, there is not a widely accepted methodology which unifies the actual heterogeneity of security issues when addressing a whole security specification. Certainly, the reality is even worse since there is not an accepted or standard common notation for carrying out the security specification. In this work, we study how modelling security issues, specifically resilience, could be integrated in the MARTE-DAM framework, which allows the expression of performance and dependability requirements in UML models. We base this claim on the close relationship between security and dependability. Indeed, MARTE proposes a framework for non-functional properties specification (NFP), while DAM exploits it for dependability purposes. So, our goal is to take advantage of the common NFP framework while the dependability and security concerns are modelled in a unified view. On the other hand, we consider that the resulting security specification will be useful for developing model in which security related properties, such as availability, will be analysed. We will clarify these claims by means of an example.