Copy the page URI to the clipboard
Alrimawi, Faeq; Pasquale, Liliana and Nuseibeh, Bashar
(2019).
DOI: https://doi.org/10.1109/ACCESS.2019.2934221
Abstract
The proliferation of smart spaces, such as smart buildings, is increasing opportunities for offenders to exploit the interplay between cyber and physical components, in order to trigger security incidents. Organizations are obliged to report security incidents to comply with recent data protection regulations. Organizations can also use incident reports to improve security of the smart spaces where they operate. Incident reporting is often documented in structured natural language. However, reports often do not capture relevant information about cyber and physical vulnerabilities present in a smart space that are exploited during an incident. Moreover, sharing information about security incidents can be difficult, or even impossible, since a report may contain sensitive information about an organization. In previous work, we provided a meta-model to represent security incidents in smart spaces. We also developed an automated approach to share incident knowledge across different organizations. In this paper we focus on incident reporting. We provide a System Editor to represent smart buildings where incidents can occur. Our editor allows us to represent cyber and physical components within a smart building and their interplay. We also propose an Incident Editor to represent the activities of an incident, including —for each activity— the target and the resources exploited, the location where the activity occurred, and the activity initiator. Building on our previous work, incidents represented using our editor can be shared across various organizations, and instantiated in different smart spaces to assess how they can re-occur. We also propose an Incident Filter component that allows viewing and prioritizing the most relevant incident instantiations, for example, involving a minimum number of activities. We assess the feasibility of our approach in assisting incident reporting using an example of a security incident that occurred in a research center.
Viewing alternatives
Download history
Metrics
Public Attention
Altmetrics from AltmetricNumber of Citations
Citations from DimensionsItem Actions
Export
About
- Item ORO ID
- 66724
- Item Type
- Journal Item
- ISSN
- 2169-3536
- Project Funding Details
-
Funded Project Name Project ID Funding Body Lero 13/RC/2094 SFI SAUSE: Secure, Adaptive, Usable Software Engineering EP/R013144/1 (previous: EP/R005095/1) EPSRC (Engineering and Physical Sciences Research Council) - Keywords
- software engineering, security, forensics
- Academic Unit or School
-
Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM) - Research Group
- Software Engineering and Design (SEAD)
- Copyright Holders
- © 2019 IEEE
- Depositing User
- Bashar Nuseibeh