Change search
Link to record
Permanent link

Direct link
BETA
Alternative names
Publications (10 of 89) Show all publications
Välja, M., Lagerström, R., Franke, U. & Ericsson, G. (2019). A Framework for Automatic IT Architecture Modeling: Applying Truth Discovery. Complex Systems Informatics and Modeling Quarterly (20)
Open this publication in new window or tab >>A Framework for Automatic IT Architecture Modeling: Applying Truth Discovery
2019 (English)In: Complex Systems Informatics and Modeling Quarterly, E-ISSN 2255-9922, no 20Article in journal (Refereed) Published
Abstract [en]

Modeling IT architecture is a complex, time consuming, and error prone task. However, many systems produce information that can be used for automating modeling. Early studies show that this is a feasible approach if we can overcome certain obstacles. Often more than one source is needed in order to cover the data requirements of an IT architecture model; and the use of multiple sources means that heterogeneous data needs to be merged. Moreover, the same collection of data might be useful for creating more than one kind of models for decision support. IT architecture is constantly changing and data sources provide information that can deviate from reality to some degree. There can be problems with varying accuracy (e.g. actuality and coverage), representation (e.g. data syntax and file format), or inconsistent semantics. Thus, integration of heterogeneous data from different sources needs to handle data quality problems of the sources. This can be done by using probabilistic models. In the field of truth discovery, these models have been developed to track data source trustworthiness in order to help solving conflicts while making quality issues manageable for automatic modeling. We build upon previous research in modeling automation and propose a framework for merging data from multiple sources with a truth discovery algorithm to create multiple IT architecture models. The usefulness of the proposed framework is demonstrated in a study where models using three tools are created, namely; Archi, securiCAD, and EMFTA.

Keywords
IT Architecture Modeling; System Modeling; Automatic Data Collection; Automatic Modeling
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-264230 (URN)10.7250/csimq.2019-20.02 (DOI)
Note

QC 20191125

Available from: 2019-11-25 Created: 2019-11-25 Last updated: 2019-11-25Bibliographically approved
Xiong, W., Carlsson, P. & Lagerström, R. (2019). Re-using Enterprise Architecture Repositories for Agile Threat Modeling. In: 2019 IEEE 23rd International Enterprise Distributed Object Computing Workshop (EDOCW): . Paper presented at IEEE 23rd International Enterprise Distributed Object Computing Workshop, 28-31 Oct. 2019, Paris, France. Paris, France: Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Re-using Enterprise Architecture Repositories for Agile Threat Modeling
2019 (English)In: 2019 IEEE 23rd International Enterprise Distributed Object Computing Workshop (EDOCW), Paris, France: Institute of Electrical and Electronics Engineers (IEEE), 2019Conference paper, Published paper (Refereed)
Abstract [en]

Digitization has increased exposure and opened up for more cyber threats and attacks. To proactively handle this issue, enterprise modeling needs to include threat management during the design phase that considers antagonists, attack vectors, and damage domains. Agile methods are commonly adopted to efficiently develop and manage software and systems. This paper proposes to use an enterprise architecture repository to analyze not only shipped components but the overall architecture, to improve the traditional designs represented by legacy systems in the situated IT-landscape. It shows how the hidden structure method (with Design Structure Matrices) can be used to evaluate the enterprise architecture, and how it can contribute to agile development. Our case study uses an architectural descriptive language called ArchiMate for architecture modeling and shows how to predict the ripple effect in a damaging domain if an attacker's malicious components are operating within the network.

Place, publisher, year, edition, pages
Paris, France: Institute of Electrical and Electronics Engineers (IEEE), 2019
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Computer Science
Identifiers
urn:nbn:se:kth:diva-264018 (URN)10.1109/EDOCW.2019.00031 (DOI)978-1-7281-4598-3 (ISBN)
Conference
IEEE 23rd International Enterprise Distributed Object Computing Workshop, 28-31 Oct. 2019, Paris, France
Note

QC 20191126

Available from: 2019-11-20 Created: 2019-11-20 Last updated: 2019-11-26Bibliographically approved
Xiong, W. & Lagerström, R. (2019). Threat Modeling of Connected Vehicles: A privacy analysis and extension of vehicleLang. In: 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA): . Paper presented at 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA), 3-4 June 2019, Oxford, United Kingdom, United Kingdom. Oxford, United Kingdom, United Kingdom: Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Threat Modeling of Connected Vehicles: A privacy analysis and extension of vehicleLang
2019 (English)In: 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA), Oxford, United Kingdom, United Kingdom: Institute of Electrical and Electronics Engineers (IEEE), 2019Conference paper, Published paper (Refereed)
Abstract [en]

Modern vehicles contain more than a hundred Electronic Control Units (ECUs) that communicate over different in-vehicle networks. These ECUs are often connected to the Internet, which makes them vulnerable to various cyber attacks. Besides, large amounts of data are generated and communicated through vehicular networks, and some of them are sensitive for the vehicle drivers. Previously, a threat modeling language named vehicleLang was proposed for security analysis of vehicles, however, privacy issues of the vehicular data have not been thoroughly addressed. To fill the gap, this paper proposes a privacy-focused enhancement of vehicleLang, and the suggested privacy extension is evaluated by threat modeling with test cases running through the Meta Attack Language (MAL) compiler.

Place, publisher, year, edition, pages
Oxford, United Kingdom, United Kingdom: Institute of Electrical and Electronics Engineers (IEEE), 2019
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Electrical Engineering
Identifiers
urn:nbn:se:kth:diva-264010 (URN)10.1109/CyberSA.2019.8899615 (DOI)978-1-7281-0232-0 (ISBN)
Conference
2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA), 3-4 June 2019, Oxford, United Kingdom, United Kingdom
Note

QC 20191125

Available from: 2019-11-20 Created: 2019-11-20 Last updated: 2019-11-25Bibliographically approved
Johnson, P., Lagerström, R., Ekstedt, M. & Franke, U. (2018). Can the Common Vulnerability Scoring System be Trusted?: A Bayesian Analysis. IEEE Transactions on Dependable and Secure Computing, 15(6), 1002-1015, Article ID 7797152.
Open this publication in new window or tab >>Can the Common Vulnerability Scoring System be Trusted?: A Bayesian Analysis
2018 (English)In: IEEE Transactions on Dependable and Secure Computing, ISSN 1545-5971, E-ISSN 1941-0018, Vol. 15, no 6, p. 1002-1015, article id 7797152Article in journal (Refereed) Published
Abstract [en]

The Common Vulnerability Scoring System (CVSS) is the state-of-the art system for assessing software vulnerabilities. However, it has been criticized for lack of validity and practitioner relevance. In this paper, the credibility of the CVSS scoring data found in five leading databases – NVD, X-Force, OSVDB, CERT-VN, and Cisco – is assessed. A Bayesian method is used to infer the most probable true values underlying the imperfect assessments of the databases, thus circumventing the problem that ground truth is not known. It is concluded that with the exception of a few dimensions, the CVSS is quite trustworthy. The databases are relatively consistent, but some are better than others. The expected accuracy of each database for a given dimension can be found by marginalizing confusion matrices. By this measure, NVD is the best and OSVDB is the worst of the assessed databases.

Place, publisher, year, edition, pages
IEEE Press, 2018
Keywords
cyber security, software vulnerability, CVSS, information security
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-200695 (URN)10.1109/TDSC.2016.2644614 (DOI)000449980000008 ()2-s2.0-85056520813 (Scopus ID)
Funder
EU, FP7, Seventh Framework Programme, 607109Swedish Civil Contingencies Agency, 2015-6986StandUp
Note

QC 20170202

Available from: 2017-02-01 Created: 2017-02-01 Last updated: 2019-03-12Bibliographically approved
Välja, M., Korman, M. & Lagerström, R. (2017). A study on software vulnerabilities and weaknesses of embedded systems in power networks. In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week): . Paper presented at 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017, 21 April 2017 (pp. 47-52). Association for Computing Machinery, Inc
Open this publication in new window or tab >>A study on software vulnerabilities and weaknesses of embedded systems in power networks
2017 (English)In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), Association for Computing Machinery, Inc , 2017, p. 47-52Conference paper (Refereed)
Abstract [en]

In this paper we conduct an empirical study with the purpose of identifying common software weaknesses of embedded devices used as part of industrial control systems in power grids. The data is gathered about the devices and software of 6 companies, ABB, General Electric, Schneider Electric, Schweitzer Engineering Laboratories, Siemens and Wind River. The study uses data from the manufacturersfi online databases, NVD, CWE and ICS CERT. We identified that the most common problems that were reported are related to the improper input validation, cryptographic issues, and programming errors.

Place, publisher, year, edition, pages
Association for Computing Machinery, Inc, 2017
Keywords
Cyber security, Power networks, Software vulnerability CVSS, Electric network analysis, Electric power transmission networks, Embedded systems, Intelligent control, Laboratories, Network security, Smart power grids, Cryptographic issues, Engineering laboratories, Industrial control systems, Programming errors, Schneider electrics, Software vulnerabilities, Electric power system control
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-216531 (URN)10.1145/3055386.3055397 (DOI)2-s2.0-85019013078 (Scopus ID)9781450349789 (ISBN)
Conference
2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017, 21 April 2017
Note

QC 20171128

Available from: 2017-11-28 Created: 2017-11-28 Last updated: 2017-11-28Bibliographically approved
Korman, M., Välja, M., Björkman, G., Ekstedt, M., Vernotte, A. & Lagerström, R. (2017). Analyzing the effectiveness of attack countermeasures in a SCADA system. In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week): . Paper presented at 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017, 21 April 2017 (pp. 73-78). Association for Computing Machinery, Inc
Open this publication in new window or tab >>Analyzing the effectiveness of attack countermeasures in a SCADA system
Show others...
2017 (English)In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), Association for Computing Machinery, Inc , 2017, p. 73-78Conference paper (Refereed)
Abstract [en]

The SCADA infrastructure is a key component for power grid operations. Securing the SCADA infrastructure against cyber intrusions is thus vital for a well-functioning power grid. However, the task remains a particular challenge, not the least since not all available security mechanisms are easily deployable in these reliability-critical and complex, multi-vendor environments that host modern systems alongside legacy ones, to support a range of sensitive power grid operations. This paper examines how effective a few countermeasures are likely to be in SCADA environments, including those that are commonly considered out of bounds. The results show that granular network segmentation is a particularly effective countermeasure, followed by frequent patching of systems (which is unfortunately still difficult to date). The results also show that the enforcement of a password policy and restrictive network configuration including whitelisting of devices contributes to increased security, though best in combination with granular network segmentation.

Place, publisher, year, edition, pages
Association for Computing Machinery, Inc, 2017
Keywords
Cyber security, SCADA system, Security controls, Threat modeling, Vulnerability assessment, Electric power system security, Electric power transmission networks, Legacy systems, SCADA systems, Smart power grids, Multi-vendor environment, Network configuration, Network segmentation, Power grid operations, Vulnerability assessments, Network security
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-216532 (URN)10.1145/3055386.3055393 (DOI)2-s2.0-85019036296 (Scopus ID)9781450349789 (ISBN)
Conference
2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017, 21 April 2017
Note

QC 20171128

Available from: 2017-11-28 Created: 2017-11-28 Last updated: 2017-11-28Bibliographically approved
Lagerström, R., Johnson, P. & Ekstedt, M. (2017). Automatic Design of Secure Enterprise Architecture. In: Halle, S Dijkman, R Lapalme, J (Ed.), Proceedings of the 2017 IEEE 21st International Enterprise Distributed Object Computing Conference Workshops and Demonstrations (EDOCW 2017): . Paper presented at 21st IEEE International Enterprise Distributed Object Computing Conference (EDOC), OCT 10-13, 2017, Quebec City, CANADA (pp. 65-70). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Automatic Design of Secure Enterprise Architecture
2017 (English)In: Proceedings of the 2017 IEEE 21st International Enterprise Distributed Object Computing Conference Workshops and Demonstrations (EDOCW 2017) / [ed] Halle, S Dijkman, R Lapalme, J, Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 65-70Conference paper, Published paper (Refereed)
Abstract [en]

Architecture models mainly have three functions; 1) document, 2) analyze, and 3) improve the system under consideration. All three functions have suffered from being time-consuming and expensive, mainly due to being manual processes in need of hard to find expertise. Recent work has however automated both the data collection and the analysis. In order for enterprise architecture modeling to finally become free of manual labor the design function also needs to be automated. In this position paper we propose the Automatic Designer. A solution that employs machine learning techniques to realize the design of (near) optimal architecture solutions. This particular implementation is focused on security analysis, but could easily be extended to other topics.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2017
Series
IEEE International Enterprise Distributed Object Computing Conference Workshops-EDOCW, ISSN 2325-6583
National Category
Other Computer and Information Science
Identifiers
urn:nbn:se:kth:diva-220665 (URN)10.1109/EDOCW.2017.19 (DOI)000417417800011 ()2-s2.0-85043595735 (Scopus ID)978-1-5386-1568-3 (ISBN)
Conference
21st IEEE International Enterprise Distributed Object Computing Conference (EDOC), OCT 10-13, 2017, Quebec City, CANADA
Note

QC 20191009

Available from: 2017-12-29 Created: 2017-12-29 Last updated: 2019-10-09Bibliographically approved
Vernotte, A., Johnson, P., Ekstedt, M. & Lagerström, R. (2017). In-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis. In: Halle, S Dijkman, R Lapalme, J (Ed.), PROCEEDINGS OF THE 2017 IEEE 21ST INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE WORKSHOPS AND DEMONSTRATIONS (EDOCW 2017): . Paper presented at 21st IEEE International Enterprise Distributed Object Computing Conference (EDOC), OCT 10-13, 2017, Quebec City, CANADA (pp. 127-136). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>In-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis
2017 (English)In: PROCEEDINGS OF THE 2017 IEEE 21ST INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE WORKSHOPS AND DEMONSTRATIONS (EDOCW 2017) / [ed] Halle, S Dijkman, R Lapalme, J, Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 127-136Conference paper, Published paper (Refereed)
Abstract [en]

ICT systems have become an integral part of business and life. At the same time, these systems have become extremely complex. In such systems exist numerous vulnerabilities waiting to be exploited by potential threat actors. pwnPr3d is a novel modelling approach that performs automated architectural analysis with the objective of measuring the cyber security of the modeled architecture. Its integrated modelling language allows users to model software and hardware components with great level of details. To illustrate this capability, we present in this paper the metamodel of UNIX, operating systems being the core of every software and every IT system. After describing the main UNIX constituents and how they have been modelled, we illustrate how the modelled OS integrates within pwnPr3d's rationale by modelling the spreading of a self-replicating malware inspired by WannaCry.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2017
Series
IEEE International Enterprise Distributed Object Computing Conference Workshops-EDOCW, ISSN 2325-6583
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-220666 (URN)10.1109/EDOCW.2017.26 (DOI)000417417800020 ()2-s2.0-85043606711 (Scopus ID)978-1-5386-1568-3 (ISBN)
Conference
21st IEEE International Enterprise Distributed Object Computing Conference (EDOC), OCT 10-13, 2017, Quebec City, CANADA
Funder
EU, FP7, Seventh Framework Programme, 607109Swedish Civil Contingencies Agency
Note

QC 20180108

Available from: 2018-01-08 Created: 2018-01-08 Last updated: 2019-10-24Bibliographically approved
Välja, M., Korman, M., Lagerström, R., Franke, U. & Ekstedt, M. (2016). Automated Architecture Modeling for Enterprise Technology Management Using Principles from Data Fusion: A Security Analysis Case. In: Kocaoglu, DF Anderson, TR Daim, TU Kozanoglu, DC Niwa, K Perman, G (Ed.), PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016): TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION. Paper presented at Portland International Conference on Management of Engineering and Technology (PICMET), SEP 04-08, 2016, Honolulu, HI (pp. 14-22). IEEE
Open this publication in new window or tab >>Automated Architecture Modeling for Enterprise Technology Management Using Principles from Data Fusion: A Security Analysis Case
Show others...
2016 (English)In: PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016): TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION / [ed] Kocaoglu, DF Anderson, TR Daim, TU Kozanoglu, DC Niwa, K Perman, G, IEEE , 2016, p. 14-22Conference paper, Published paper (Refereed)
Abstract [en]

Architecture models arc used in enterprise management for decision support. These decisions range from designing processes to planning for the appropriate supporting technology. It is unreasonable for an existing enterprise to completely reinvent itself. Incremental changes are in most cases a more resource efficient tactic. Thus, for planning organizational changes, models of the current practices and systems need to be created. For mid-sized to large organizations this can be an enormous task when executed manually. Fortunately, there's a lot of data available from different sources within an enterprise that can be used for populating such models. The data are however almost always heterogeneous and usually only representing fragmented views of certain aspects. In order to merge such data and obtaining a unified view of the enterprise a suitable methodology is needed. In this paper we address this problem of creating enterprise architecture models from heterogeneous data. The paper proposes a novel approach that combines methods from the fields of data fusion and data warehousing. The approach is tested using a modeling language focusing on cyber security analysis in a study of a lab setup mirroring a small power utility's IT environment.

Place, publisher, year, edition, pages
IEEE, 2016
Series
Portland International Conference on Management of Engineering and Technology, ISSN 2159-5100
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-242720 (URN)10.1109/PICMET.2016.7806662 (DOI)000403104500002 ()2-s2.0-85016195766 (Scopus ID)
Conference
Portland International Conference on Management of Engineering and Technology (PICMET), SEP 04-08, 2016, Honolulu, HI
Note

QC 20190220

Available from: 2019-02-20 Created: 2019-02-20 Last updated: 2019-10-24Bibliographically approved
Lagerström, R., Addibpour, M. & Heiser, F. (2016). Product Feature Prioritization using the Hidden Structure Method: A Practical Case at Ericsson. In: : . Paper presented at Portland International Center for Management of Engineering and Technology (PICMET) conference (pp. 2308-2315).
Open this publication in new window or tab >>Product Feature Prioritization using the Hidden Structure Method: A Practical Case at Ericsson
2016 (English)Conference paper, Published paper (Refereed)
Abstract [en]

In this paper, we present a case were we employ the Hidden Structure method to product feature prioritization at Ericsson. The method extends the more common Design Structure Matrix (DSM) approach that has been used in technology management (e.g. project management and systems engineering) for quite some time in order to model complex systems and processes. The hidden structure method focuses on analyzing a DSM based on coupling and modularity theory, and it has been used in a number of software architecture and software portfolio cases. In previous work by the authors the method was tested on organization transformation at Ericsson, however this is the first time it has been employed in the domain of product feature prioritization. Today, at Ericsson, features are prioritized based on a business case approach where each feature is handled isolated from other features and the main focus is customer or market-based requirements. By employing the hidden structure method we show that features are heavily dependent on each other in a complex network, thus they should not be treated as isolated islands. These dependencies need to be considered when prioritizing features in order to save time and money, as well as increase end customer satisfaction.

National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-200699 (URN)10.1109/PICMET.2016.7806519 (DOI)000403104502016 ()2-s2.0-85016211407 (Scopus ID)
Conference
Portland International Center for Management of Engineering and Technology (PICMET) conference
Note

QC 20191001

Available from: 2017-02-01 Created: 2017-02-01 Last updated: 2019-10-02Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0003-3089-3885

Search in DiVA

Show all publications