Alessandro Palma,Giacomo Acitelli,Andrea Marrella,Silvia Bonomi,Marco Angelini

DOI: https://doi.org/10.1016/j.cose.2024.104070

IF: 5.105

2024-08-26

Computers & Security

Abstract:The Incident Management (IM) process is one of the core activities for increasing the overall security level of organizations and better responding to cyber attacks. Different security frameworks (such as ITIL and ISO 27035) provide guidelines for designing and properly implementing an effective IM process. Currently, assessing the compliance of the actual process implemented by an organization with such frameworks is a complex task. The assessment is mainly manually performed and requires much effort in the analysis and evaluation. In this paper, we first propose a taxonomy of compliance deviations to classify and prioritize the impacts of non-compliant causes. We combine trace alignment techniques with a new proposed cost model for the analysis of process deviations rather than process traces to prioritize interventions. We put these contributions into use in a system that automatically assesses the IM process compliance with a reference process model (e.g., the one described in the chosen security framework). It supports the auditor with increased awareness of process issues to make more focused decisions and improve the process's effectiveness. We propose a benchmark validation for the model, and we show the system's capability through a usage scenario based on a publicly available dataset of a real IM log. The source code of all components, including the code used for benchmarking, is publicly available as open source on GitHub.

computer science, information systems

Zhuangbin Chen,Yu Kang,Liqun Li,Xu Zhang,Hongyu Zhang,Hui Xu,Yangfan Zhou,Li Yang,Jeffrey Sun,Zhangwei Xu,Yingnong Dang,Feng Gao,Pu Zhao,Bo Qiao,Qingwei Lin,Dongmei Zhang,Michael R. Lyu

DOI: https://doi.org/10.1145/3368089.3417055

2020-01-01

Abstract:The management of cloud service incidents (unplanned interruptions or outages of a service/product) greatly affects customer satisfaction and business revenue. After years of efforts, cloud enterprises are able to solve most incidents automatically and timely. However, in practice, we still observe critical service incidents that occurred in an unexpected manner and orchestrated diagnosis workflow failed to mitigate them. In order to accelerate the understanding of unprecedented incidents and provide actionable recommendations, modern incident management system employs the strategy of AIOps (Artificial Intelligence for IT Operations). In this paper, to provide a broad view of industrial incident management and understand the modern incident management system, we conduct a comprehensive empirical study spanning over two years of incident management practices at Microsoft. Particularly, we identify two critical challenges (namely, incomplete service/resource dependencies and imprecise resource health assessment) and investigate the underlying reasons from the perspective of cloud system design and operations. We also present IcM BRAIN, our AIOps framework towards intelligent incident management, and show its practical benefits conveyed to the cloud services of Microsoft.

Daniel Lichte,Frank Sill Torres,Evelin Engler

DOI: https://doi.org/10.3390/infrastructures7050070

2022-05-06

Infrastructures

Abstract:Progressing digitalization and networking of systems and organizations representing Critical Infrastructures opens promising new potentials and opportunities, which on the downside, are accompanied by rising complexity and increasingly opaque interdependencies. The consequently increasing lack of knowledge leads to uncertainties affecting risk assessment and decision-making in case of adverse events. This trend motivated recent discussions and developments in risk science, emphasizing the need to handle such uncertainties. Complementarily, research in the resilience domain focuses on system capabilities to handle surprising hazardous situations. Several frameworks presented in the literature aim at combining both perspectives but either lack the focus on operational management, have a rather theoretical approach, or are designed for specific applications. Based on this observation, we propose an approach that integrates resilience management into the actual operation of Critical Infrastructure Systems and Organizations by providing an operational process that coordinates the fundamental resilience capabilities of responding, monitoring, anticipation, and learning. Furthermore, we tackle the challenge of uncertainties resulting from a lack of knowledge by aligning the concepts of digital twin and resilience management. The proposed framework is extensively discussed, and required processes are presented in detail. Eventually, its applicability and potential are reviewed by means of a complex hazardous situation at a Bavarian district heating power plant.

Ítalo Belo,Carina Alves

DOI: https://doi.org/10.1002/smr.2747

2024-12-01

Journal of Software Evolution and Process

Abstract:We use the Design Science Research method to propose three strategic patterns to assist companies in structuring their partnership models when migrating from a software product to an ecosystem. The patterns help the keystone to adopt strategies for managing partners and consumers and structuring the ecosystem platform. Platform owners like SAP, Eclipse Foundation, and Microsoft have developed partnership models to expand their software ecosystems. These models govern the cluster of complementors, enabling the attraction and maintenance of partners and consumers. Companies aiming to define new partnership models when moving from a software product approach to an ecosystem face challenges that may limit their growth. When establishing an emerging ecosystem, platform providers (i.e., keystones) must perform several activities, such as attracting and retaining partners, defining rules of participation, managing risks, and maintaining the quality of the platform. This paper proposes three strategic patterns to assist companies in structuring their partnership models. The patterns provide actionable guidance to companies establishing new ecosystems. We adopted the Design Science Research (DSR) method to conduct the study. Following the DSR cycle, the strategic patterns were defined using a Multivocal Literature Review. The strategies described in the proposed patterns were validated by the industry professionals with experience in emerging software ecosystems. The proposed patterns help keystone companies adopt suitable strategies to address the following challenges: selecting partners, attracting and retaining consumers, technically structuring the platform while maintaining the robustness of the ecosystem, managing risks and conflicts, and assisting complementors in developing, selling, and distributing solutions in the ecosystem.

computer science, software engineering

Jacopo Parri,Fulvio Patara,Samuele Sampietro,Enrico Vicario

DOI: https://doi.org/10.1007/s00607-020-00841-6

2020-09-02

Computing

Abstract:Abstract Emergent paradigms of Industry 4.0 and Industrial Internet of Things expect cyber-physical systems to reliably provide services overcoming disruptions in operative conditions and adapting to changes in architectural and functional requirements. In this paper, we describe a hardware/software framework supporting operation and maintenance of software-controlled systems enhancing resilience by promoting a Model-Driven Engineering (MDE) process to automatically derive structural configurations and failure models from reliability artifacts. Specifically, a reflective architecture developed around digital twins enables representation and control of system Configuration Items properly derived from SysML Block Definition Diagrams, providing support for variation. Besides, a plurality of distributed analytic agents for qualitative evaluation over executable failure models empowers the system with runtime self-assessment and dynamic adaptation capabilities. We describe the framework architecture outlining roles and responsibilities in a System of Systems perspective, providing salient design traits about digital twins and data analytic agents for failure propagation modeling and analysis. We discuss a prototype implementation following the MDE approach, highlighting self-recovery and self-adaptation properties on a real cyber-physical system for vehicle access control to Limited Traffic Zones.

computer science, theory & methods

Johan Linåker,Björn Regnell

DOI: https://doi.org/10.48550/arXiv.2208.02630

2022-07-31

Software Engineering

Abstract:Context and motivation: Contribution Management helps firms engaged in Open Source Software (OSS) ecosystems to motivate what they should contribute and when, but also what they should focus their resources on and to what extent. Such guidelines are also referred to as contribution strategies. The motivation for developing tailored contribution strategies is to maximize return on investment and sustain the influence needed in the ecosystem. Question/Problem: We aim to develop a framework to help firms understand their current situation and create a starting point to develop an effective contribution management process. Principal ideas/results: Through a design science approach, a prototype framework is created based on literature and validated iteratively with expert opinions through interviews. Contribution: In this research preview, we present our initial results after our first design cycle and consultation with one experienced OSS manager at a large OSS oriented software-intensive firm. The initial validation highlights importance of stakeholder identification and analysis, as well as the general need for contribution management and alignment with internal product planning. This encourages future work to develop the framework further using expert and case validation.

Karim Djemame,Django J. Armstrong,Mariam Kiran,Ming Jiang

2011-01-01

Abstract:As the realization of Cloud computing environments advances from a simple and single private Cloud towards a more complex Cloud Service Ecosystem consisting of multiple coexisting public or hybrid Clouds, there are emerging high level concerns such as risk, trust, ecological, security, cost and legal factors that underpin the non-functional properties of the ecosystem. These concerns are beyond the traditional focus of providing functionalities at levels close to a single Cloud infrastructure such as hardware resource virtualization. In this paper we present ongoing research work to analyze and address the risk factor in such a Cloud Service Ecosystem for the purpose of optimizing Cloud service. The main contributions of the work are the design and implementation of an effective and efficient risk assessment framework (methodologies of risk identification, evaluation, mitigation and monitoring) for Cloud service provision. Together with the corresponding mitigation strategies, the framework provides technological assurance that will lead to a higher confidence of Cloud service consumers on one side and a cost-effective and reliable productivity of Cloud Service Provider (SP) and resources organized by individual Infrastructure Provider (IP) on the other side. The design of the risk assessment framework and its software toolkit implementation is part of the research and development work of the OPTIMIS (Optimized Infrastructure Services) project whose objective is to enable an open and dependable Cloud Service Ecosystem that delivers IT services that are adaptable, reliable, auditable and sustainable both ecologically and economically.

Heru Susanto,Mohammad Nabil Almunawar,Yong Chee Tuan,Mehmet Sabih Aksoy,Wahyudin P. Syam

DOI: https://doi.org/10.48550/arXiv.1203.6214

2012-03-28

Abstract:Actually Information security becomes a very important part for the organization's intangible assets, so level of confidence and stakeholder trusted are performance indicator as successes organization. Since information security has a very important role in supporting the activities of the organization, we need a standard or benchmark which regulates governance over information security. The main objective of this paper is to implement a novel practical approach framework to the development of information security management system (ISMS) assessment and monitoring software, called by I-SolFramework. System / software is expected to assist stakeholders in assessing the level of their ISO27001 compliance readiness, the software could help stakeholders understood security control or called by compliance parameters, being shorter and more structured. The case study illustrated provided to the reader with a set of guidelines, that aims easy understood and applicable as measuring tools for ISMS standards (ISO27001) compliance.

Cryptography and Security

Yi Peng,Yong Zhang,Yu Tang,Shiming Li

DOI: https://doi.org/10.1016/j.dss.2010.11.025

IF: 6.969

2011-01-01

Decision Support Systems

Abstract:An effective incident information management system needs to deal with several challenges. It must support heterogeneous distributed incident data, allow decision makers (DMs) to detect anomalies and extract useful knowledge, assist DMs in evaluating the risks and selecting an appropriate alternative during an incident, and provide differentiated services to satisfy the requirements of different incident management phases. To address these challenges, this paper proposes an incident information management framework that consists of three major components. The first component is a high-level data integration module in which heterogeneous data sources are integrated and presented in a uniform format. The second component is a data mining module that uses data mining methods to identify useful patterns and presents a process to provide differentiated services for pre-incident and post-incident information management. The third component is a multi-criteria decision-making (MCDM) module that utilizes MCDM methods to assess the current situation, find the satisfactory solutions, and take appropriate responses in a timely manner. To validate the proposed framework, this paper conducts a case study on agrometeorological disasters that occurred in China between 1997 and 2001. The case study demonstrates that the combination of data mining and MCDM methods can provide objective and comprehensive assessments of incident risks.

Heru Susanto,Mohammad Nabil Almunawar,Yong Chee Tuan,Mehmet Sabih Aksoy,Wahyudin P Syam

DOI: https://doi.org/10.48550/arXiv.1204.0240

2012-04-02

Abstract:Actually Information security becomes a very important part for the organization's intangible assets, so level of confidence and stakeholder trusted are performance indicator as successes organization. Since information security has a very important role in supporting the activities of the organization, we need a standard or benchmark which regulates governance over information security. The main objective of this paper is to implement a novel practical approach framework to the development of information security management system (ISMS) assessment and monitoring software, called by I-SolFramework. System / software is expected to assist stakeholders in assessing the level of their ISO27001 compliance readiness, the software could help stakeholders understood security control or called by compliance parameters, being shorter and more structured. The case study illustrated provided to the reader with a set of guidelines, that aims easy understood and applicable as measuring tools for ISMS standards (ISO27001) compliance.

Cryptography and Security,Software Engineering

Gustavo Gonzalez-Granadillo,Sofia Anna Menesidou,Dimitrios Papamartzivanos,Ramon Romeu,Diana Navarro-Llobet,Caxton Okoh,Sokratis Nifakos,Christos Xenakis,Emmanouil Panaousis

DOI: https://doi.org/10.3390/s21165493

IF: 3.9

2021-08-15

Sensors

Abstract:Addressing cyber and privacy risks has never been more critical for organisations. While a number of risk assessment methodologies and software tools are available, it is most often the case that one must, at least, integrate them into a holistic approach that combines several appropriate risk sources as input to risk mitigation tools. In addition, cyber risk assessment primarily investigates cyber risks as the consequence of vulnerabilities and threats that threaten assets of the investigated infrastructure. In fact, cyber risk assessment is decoupled from privacy impact assessment, which aims to detect privacy-specific threats and assess the degree of compliance with data protection legislation. Furthermore, a Privacy Impact Assessment (PIA) is conducted in a proactive manner during the design phase of a system, combining processing activities and their inter-dependencies with assets, vulnerabilities, real-time threats and Personally Identifiable Information (PII) that may occur during the dynamic life-cycle of systems. In this paper, we propose a cyber and privacy risk management toolkit, called AMBIENT (Automated Cyber and Privacy Risk Management Toolkit) that addresses the above challenges by implementing and integrating three distinct software tools. AMBIENT not only assesses cyber and privacy risks in a thorough and automated manner but it also offers decision-support capabilities, to recommend optimal safeguards using the well-known repository of the Center for Internet Security (CIS) Controls. To the best of our knowledge, AMBIENT is the first toolkit in the academic literature that brings together the aforementioned capabilities. To demonstrate its use, we have created a case scenario based on information about cyber attacks we have received from a healthcare organisation, as a reference sector that faces critical cyber and privacy threats.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Konstantinos Fysarakis,Alexios Lekidis,Vasileios Mavroeidis,Konstantinos Lampropoulos,George Lyberopoulos,Ignasi Garcia-Milà Vidal,José Carles Terés i Casals,Eva Rodriguez Luna,Alejandro Antonio Moreno Sancho,Antonios Mavrelos,Marinos Tsantekidis,Sebastian Pape,Argyro Chatzopoulou,Christina Nanou,George Drivas,Vangelis Photiou,George Spanoudakis,Odysseas Koufopavlou

DOI: https://doi.org/10.48550/arXiv.2307.06932

2023-07-18

Abstract:As digital technologies become more pervasive in society and the economy, cybersecurity incidents become more frequent and impactful. According to the NIS and NIS2 Directives, EU Member States and their Operators of Essential Services must establish a minimum baseline set of cybersecurity capabilities and engage in cross-border coordination and cooperation. However, this is only a small step towards European cyber resilience. In this landscape, preparedness, shared situational awareness, and coordinated incident response are essential for effective cyber crisis management and resilience. Motivated by the above, this paper presents PHOENI2X, an EU-funded project aiming to design, develop, and deliver a Cyber Resilience Framework providing Artificial-Intelligence-assisted orchestration, automation and response capabilities for business continuity and recovery, incident response, and information exchange, tailored to the needs of Operators of Essential Services and the EU Member State authorities entrusted with cybersecurity.

Cryptography and Security

Laurie Williams,Sammy Migues,Jamie Boote,Ben Hutchison

2024-04-19

Abstract:The Proactive Software Supply Chain Risk Management Framework (P SSCRM) described in this document is designed to help you understand and plan a secure software supply chain risk management initiative. P SSCRM was created through a process of understanding and analyzing real world data from nine industry leading software supply chain risk management initiatives as well as through the analysis and unification of ten government and industry documents, frameworks, and standards. Although individual methodologies and standards differ, many initiatives and standards share common ground. P SSCRM describes this common ground and presents a model for understanding, quantifying, and developing a secure software supply chain risk management program and determining where your organization's existing efforts stand when contrasted with other real world software supply chain risk management initiatives.

Cryptography and Security

Andrew Darby,Pete Sawyer,Nelly Bencomo

2023-06-17

Abstract:In an ever-changing world, even software that fulfils its requirements may have un-envisioned aftereffects with significant impacts. We explored how such impacts can be better understood at the pre-design phase in support of organisational preparedness. We considered three real-world case studies and engaged with literature from several disciplines to develop a conceptual framework. Across three workshops with industry practitioners and academics creative strategies from speculative design practices were used to prompt engagement with the framework. We found participant groups navigated the model with either a convergent or divergent intent. The academics, operating in an exploratory mode, came to a broad understanding of a class of technologies through its impacts. Operating in an anticipatory mode the industry practitioners came to a specific understanding of a technology's potential in their workplace. The study demonstrated potential for the conceptual framework to be used as a tool with implications for research and practice.

Software Engineering

Ma Ye-feng,Zhang Hui,Liu Yi,Huang Hong

2013-01-01

Abstract:The present paper introduces a Scenario-response Based Emergency Management Integration Platform system for emergency response and decision-making during crisis. The platform system is developed on basis of current Emergency Response Platform (ERP) system used in China. This paper proposes the systematic plan and framework design for next generation of ERP and discusses the related methodologies used for the integration of information, computation and application. This paper contributes to the improvement of ERP design by taking account into distributed computing and scenario simulation, which improve the capability of decision-making. An open information sharing platform that makes the public involved has been developed in system design, which plays an important role in controlling public opinions and enhancing the communication between government and the public.

Jorge Ribeiro,Victor Alves,Henrique Vicente,José Neves

DOI: https://doi.org/10.1007/978-3-319-91334-6_2

2018-06-03

Abstract:Over the past few decades many different Information Technologies (IT) policies have been introduced, including COSO, ITIL, PMBook, CMM, ISO 2700x, Six Sigma, being COBIT IT (Control Objectives for IT) the framework that encompasses all IT and Information Systems (IS) governance activities at the organization’s level. As part of the applicability of quality services certification (ISO 9001) in all IT services of a public institution, it is presented a case study aimed at planning, managing and monitoring technological security infrastructures. It followed the guidelines for the ISO 2700x family, COBIT, ITIL and other standards and conducted a survey to complement the IT process’s objectives. With regard to an action-research methodology for problem-solving (i.e., a kind of attempt to improve or investigate practice) and according to the issue under analyze, the question is put into the terms, viz. “How can the ISO 2700x, COBIT, ITIL and other guidelines help with the planning, management and monitoring of technological security infrastructures and minimize the risk management of IT and IS?”. Indeed, it may be resolved that it is possible to achieve the goals of planning, managing and monitoring a technological security infrastructure. In the future, we will use Artificial Intelligence based approaches to problem solving such as Artificial Neural Networks and Cased Based Reasoning, to evaluate this issue.

Vuk Mijović,Nikola Tomašević,Valentina Janev,Mladen Stanojević,Sanja Vraneš

DOI: https://doi.org/10.1007/s11518-018-5393-5

2018-11-09

Journal of Systems Science and Systems Engineering

Abstract:Critical infrastructures (CI) are difficult to handle due to their complexity, size and the number of stakeholders involved. During emergency situations (e.g. fire or terrorist attack), a CI operator in the control room is faced with a flood of information coming from different sensors and legacy monitoring systems. Since in these situations, time is critical and the operators are under a great deal of pressure, a holistic management of all the technical systems and actors involved is needed, reinforced by the Recommendation and Decision Support System (RDSS) that helps emergency managers to take correct and timely decisions. One way to provide an adequate RDSS support to the operator is proposed in this paper which is based on an intelligent, event driven layer that sits on top of the legacy CI monitoring system. Powered by the complex event processing capabilities and facility data model implemented in the form of CI ontology, this layer processes events originating from different sources, conducts the situation and risk assessment, and reacts accordingly, either automatically or via recommendations proposed to emergency personnel. To validate the proposed approach, an event-driven RDSS was deployed on an airport use case (Nikola Tesla airport in Belgrade), as one of the most complex CIs.

operations research & management science

Paulo Malcher,Olavo Barbosa,Davi Viana,Rodrigo Santos

DOI: https://doi.org/10.48550/arXiv.2212.10443

2022-12-20

Software Engineering

Abstract:A software ecosystem (SECO) is an interaction, communication, cooperation, and synergy among a set of players. Depending on the actors type of interaction with others, each one can play a different role. These interactions provide a set of positive relationships (symbiosis) between actors who work together around a common technology platform or a service. SECO has been explored in several studies, some related to their general characteristics and others focusing on a specific topic (e.g., requirements, governance, open-source, mobile). There are many literature reviews of different natures (e.g., systematic literature reviews and systematic mapping studies). This study presents the status of the SECO field motivated by analyzing several secondary studies published over the years. To do so, we conducted a tertiary study. From an initial set of 518 studies on the subject, we selected 22 studies. We identified the theoretical foundations used by researchers and their influences and relationships with other ecosystems. We performed a thematic synthesis and identified one high-order theme, 5 themes, 10 subthemes, and 206 categories. As a result, we proposed a thematic model for SECO containing five themes, namely: social, technical, business, management, and an evaluation theme named Software Ecosystems Assessment Models (SEAM). Our main conclusion is that relationships between SECO themes should not be seen in isolation, and it must be interpreted in a holistic approach, given the number of implications to other themes mainly related to the distinction of governance and management activities in the SECO interactions. Finally, this work provides an overview of the field and points out areas for future research, such as the need of SECO community to further investigate the results from other ecosystems, mainly from the Digital Ecosystem and Digital Business Ecosystem communities.

Marco Nunes,Jelena Bagnjuk,António Abreu,Edgar Cardoso,Joane Smith,Célia Saraiva

DOI: https://doi.org/10.3390/su15065474

IF: 3.9

2023-03-21

Sustainability

Abstract:It is often argued that efficient collaboration is the key to success. However, research shows that if collaboration is not properly managed, collaborative risks may emerge, threatening business success. Furthermore, research shows that there is a lack of models to support the management of collaborative initiatives in organizations. To address this lack, presented in this work is a model to manage collaborative risks in organizations that work under the open innovation and the hybrid stage-gate development frameworks (two of the most popular collaborative frameworks in product and process development). The model presented in this work is a novel approach to manage collaborative risks in the open innovation and the hybrid stage-gate frameworks, and was developed based on network graph-theory to be used to identify informal collaborative interactions that may lead to the emergence of three major collaborative risks: (1) partner choice risks, (2) task assignment risks, and (3) behavioral risks. The results of the application of the proposed model in a real organizational collaborative context illustrated in the case study show that such collaborative risks can be identified in a timely manner, enabling an organization to efficiently and preventively act to minimize or eliminate the undesired effects of the mentioned collaborative risks.

environmental sciences,environmental studies,green & sustainable science & technology

Priscila Basto Fagundes,Douglas Dyllon Jeronimo de Macedo,António Lucas Soares,Fagundes, Priscila Basto,de Macedo, Douglas Dyllon Jeronimo

DOI: https://doi.org/10.1007/s11036-023-02226-3

2023-08-04

Mobile Networks and Applications

Abstract:Some of the fundamental activities of the software development process relate to the discipline of Requirements Engineering. Their objectives are to discover, analyze, document, verify and manage the requirements that will be part of the software. The requirements are the system's characteristics, which are identified based on information provided by users or experts in the field. The effective management of this information is essential to ensure that the system meets the needs of those who will use it. Considering that the requirements are information, we carried out research to propose a framework contemplating a set of tools used by the information management to assist the requirements management process's activities. This article aims to present the FIRMa - Framework based on Information Management to Requirements Management, and the results of an evaluation carried out by a group of eighteen specialists in Requirements Engineering, who gave their opinion about the tools contemplated by the framework, as well as defined steps and the guidelines elaborated for its use. The evaluation results showed that FIRMa could contribute to the requirements management process's activities and increase the project's chances of success.

computer science, information systems,telecommunications, hardware & architecture