Change search
Refine search result
1234 1 - 50 of 153
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the 'Create feeds' function.
  • 1. Aier, Stephan
    et al.
    Ekstedt, MathiasKTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.Matthes, FlorianProper, ErikSanz, Jorge
    Trends in Enterprise Architecture Research and Practice-Driven Research on Enterprise Transformation: 7th Workshop, TEAR 2012, and 5th Working Conference, PRET 2012, Held at The Open Group Conference 2012, Barcelona, Spain, October 23-24, 2012. Proceedings2012Conference proceedings (editor) (Refereed)
  • 2. Almeida, J. P. A.
    et al.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lapalme, J.
    Message from the TEAR 2013 workshop chairs2013In: 2013 17th IEEE International Enterprise Distributed Object Computing Conference Workshops (EDOCW), IEEE Computer Society, 2013, p. 287-288Conference paper (Refereed)
    Abstract [en]

    This paper gives a brief overview of the 8th Workshop on Trends in Enterprise Architecture Research (TEAR) held at EDOC 2013. The paper introduces the Workshop research topics and presents the accepted papers.

  • 3.
    Björkman, Gunnar
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Hadeli, Hadeli
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Zhu, Kun
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Chenine, Moustafa
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    SCADA system architectures2010Other (Other academic)
    Abstract [en]

    The aim of deliverable 2.3 in the VIKING is to catalogue architecture patterns or reference architectures, i.e. commonly deployed solutions, for SCADA systems. These patterns are represented as a set of descriptions that capture the vast majority of SCADA systems’ architecture on a high level. The patterns developed in this report focus on: - Software services in SCADA systems and software services which SCADA systems exchange data with. - Data flows among these services. - How services are placed in different security zones (network zones). The purpose of the SCADA architecture patterns is to clarify how SCADA systems are commonly designed by employing a stringent model framework. Internal in the project the SCADA patterns will be used to develop SCADA system design models that reflect some typical systems deployed in industry. These models will be used in other work packages and deliverables in the VIKING project.

  • 4.
    Björkman, Gunnar
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Nordström, Lars
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Information system architectures in electrical distribution utilities2010In: Proceedings of the 9th Nordic Electricity Distribution and Asset Management Conference, 2010Conference paper (Refereed)
    Abstract [en]

    Computerized control systems have been used in many years to supervise and control power distribution. These systems, which often are referred to as SCADA (Supervisory Control And Data Acquisition) systems, have in recent been more and more interconnected to other systems in recent years. In modern utilities various kinds of data are exchanged between the distribution management systems and the administrative systems located in the office network. For example are operational statistics, trouble reports and switch orders often communicated between the office systems and the systems inside the control center. This paper desccribes a survey over state-of-practice architectures in electrical distribution utilities. A set of system-services have been identified together with the interfaces that typically exists between these services. How these services are located within different zones within utilities is also identified. The set services, the data flows, and the location of these has been reviewed and validated by vendors of SCADA systems in the electric utility industry.

  • 5.
    Blom, Rikard
    et al.
    KTH.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Robert, Lagerström
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Mathias, Ekstedt
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Analyzing attack resilience of an advanced meter infrastructure reference model2016In: Joint Workshop on Cyber-Physical Security and Resilience in Smart Grids (CPSR-SG), IEEE conference proceedings, 2016Conference paper (Refereed)
    Abstract [en]

    Advanced metering infrastructure (AMI) is a key component of the concept of smart power grids. Although several functional/logical reference models of AMI exist, they are not suited for automated analysis of properties such as cyber security. This paper briefly presents a reference model of AMI that follows a tested and even commercially adopted formalism allowing automated analysis of cyber security. Finally, this paper presents an example cyber security analysis, and discusses its results.

  • 6.
    Buschle, Markus
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Grunow, S.
    Hauder, M.
    Matthes, F.
    Roth, S.
    Automating enterprise architecture documentation using an enterprise service bus2012In: 18th Americas Conference on Information Systems 2012, AMCIS 2012: Volume 6, 2012, 2012, p. 4213-4226Conference paper (Refereed)
    Abstract [en]

    Currently the documentation of Enterprise Architectures (EA) requires manual collection of data resulting in an error prone, expensive, and time consuming process. Recent approaches seek to automate and improve EA documentation by employing the productive system environment of organizations. In this paper, we investigate a specific Enterprise Service Bus (ESB) considered as the nervous system of an enterprise interconnecting business applications and processes as an information source. We evaluate the degree of coverage to which data of a productive system can be used for EA documentation. A vendor-specific ESB data model is reverse-engineered and transformation rules for three representative EA information models are derived. These transformation rules are employed to perform automated model transformations making the first step towards an automated EA documentation. We evaluate our approach using a productive ESB system from a leading enterprise of the fashion industry.

  • 7.
    Buschle, Markus
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Holm, Hannes
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Shahzad, Khurram
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A tool for automatic enterprise architecture modeling2011In: Proceedings of the CAiSE Forum 2011, 2011, p. 25-32Conference paper (Refereed)
    Abstract [en]

    Enterprise architecture is an approach which aim to provide decision support based on organization-wide models. The creation of these models is however cumbersome as multiple aspects of an organization need to be considered. The Enterprise Architecture approach would be significantly less demanding if data used to create the models could be collected automatically. This paper illustrates how a vulnerability scanner can be utilized for data collection in order to automatically create enterprise architecture models. We show how this approach can be realized by extending an earlier presented Enterprise Architecture tool. An example is provided through a case study applying the tool on a real network.

  • 8.
    Buschle, Markus
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Holm, Hannes
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Shahzad, Khurram
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Tool for automatic Enterprise Architecture modeling2012In: IS Olympics: Information Systems in a Diverse World, Springer, 2012, p. 1-15Conference paper (Refereed)
    Abstract [en]

    Enterprise Architecture is an approach which aims to provide decision support based on organization-wide models. The creation of these models is however cumbersome as multiple aspects of an organization need to be considered. The Enterprise Architecture approach would be significantly less demanding if data used to create the models could be collected automatically. This paper illustrates how a vulnerability scanner can be utilized for data collection in order to automatically create Enterprise Architecture models, especially covering infrastructure aspects. We show how this approach can be realized by extending an earlier presented Enterprise Architecture tool. An example is provided through a case study applying the tool on a real network.

  • 9.
    Dán, György
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Sandberg, Henrik
    KTH, School of Electrical Engineering (EES), Automatic Control.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Björkman, Gunnar
    Challenges in Power System Information Security2012In: IEEE Security and Privacy, ISSN 1540-7993, E-ISSN 1558-4046, Vol. 10, no 4, p. 62-70Article in journal (Refereed)
    Abstract [en]

    Achieving all-encompassing component-level security in power system IT infrastructures is difficult, owing to its cost and potential performance implications.

  • 10.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    An empirical approach to a general theory of software (engineering)2013In: 2013 2nd SEMAT Workshop on a General Theory of Software Engineering (GTSE), 2013, p. 23-26Conference paper (Refereed)
    Abstract [en]

    This article describes an approach to how a general theory of software engineering could be developed. It argues that the approach should be top-down in nature. It also argues that the theory should include predictive capabilities that are empirically corroborated and as a result of the ambition to be general the theory needs to be probabilistic. Brief examples of such theories are provided.

  • 11.
    Ekstedt, Mathias
    KTH, Superseded Departments, Electrical Systems.
    Enterprise architecture for IT management: a CIO decision making perspective on the electrical power industry2004Doctoral thesis, comprehensive summary (Other scientific)
    Abstract [en]

    Within the electric power industry, the average company's enterprise system - i.e. the overall system of IT related entities - is today highly complex. Technically, large organizations posses hundreds or thousands of extensively interconnected and heterogeneous single IT systems performing tasks that varies from enterprise resource planning to real-time control and monitoring of industrial processes. Moreover are these systems storing a wide variety of sometimes redundant data, and typically they are deployed on several different platforms. IT does, however, not execute in splendid isolation. Organizationally, the enterprise system embraces business processes and business units using as well as maintaining and acquiring the IT systems. The interplay between the organization and the IT systems are further determined by for instance business goals, ownership and governance structures, strategies, individual system users, documentation, and cost.

    Lately, Enterprise Architecture (EA) has evolved with the mission to take a holistic approach to managing the above depicted enterprise system. The discipline's presumption is that architectural models are the key to succeed in understanding and administrating enterprise systems. Compared to many other engineering disciplines, EA is quite immature in many respects. This thesis identifies and elaborates on some important aspects that to date have been overlooked to a large extent. Firstly, the lack of explicit purpose for architectural models is identified. The thesis argues that the concerns of a company's Chief Information Officer (CIO) should guide the rationale behind the development of EA models. In particular, distribution of IT related information and knowledge throughout the organization is emphasized as an important concern uncared for. Secondly, the lack of architectural theory is recognized. The thesis provides examples of how theory, or analysis procedures, could be incorporated into the Enterprise Architecture approach and hereby concretely drive the development of the architectural models. Due to the nature of enterprise systems, EA theories inevitable will be of an indicative character. Finally, in relation to the models as such, three aspects are highlighted. Firstly, the cost of collecting information from the organization to populate models is routinely neglected by the EA community. This expense should be evaluated in relation to the utility of analyses that the information can provide in terms of better informed decision making by the CIO. Secondly, models (and meta-models) must be kept consistent. And thirdly, the design of models is restricted by the limited mental capabilities of the minds of the model users. CIO concerns must consequently be easy to extract from the Enterprise Architecture models.

    Key words: Enterprise Architecture, Enterprise System, Chief Information Officer (CIO), Information Technology (IT) Management, Architectural Theory, Electric Power Industry

  • 12.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Dahlgren, Anna
    KTH, School of Technology and Health (STH), Health Systems Engineering, Systems Safety and Management.
    Safe care also in the home: a future challenge2015In: Läkartidningen, ISSN 0023-7205, E-ISSN 1652-7518, Vol. 112, no 22, p. 1040-1041Article in journal (Refereed)
  • 13.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Dondossola, Giovanna
    Pietre-Cambacedes, Ludovic
    McDonald, John
    Torkilseng, Åge
    Modelling of cyber attacks for assessing smart grid security2011Conference paper (Refereed)
  • 14.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Franke, Ulrik
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerstrom, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ullberg, Johan
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Buschle, Markus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Tool for Enterprise Architecture Analysis of Maintainability: CSMR 2009, PROCEEDINGS2009In: EUR CON SFTWR MTNCE REENGR / [ed] Winter A, Knodel J, Los Almitos: IEEE COMPUTER SOC , 2009, p. 327-328Conference paper (Refereed)
    Abstract [en]

    A tool for Enterprise Architecture analysis using a probabilistic mathematical framework is demonstrated. The Model-View-Controller tool architecture is outlined, before the use of the tool is considered. A sample abstract maintainability model is created, showing the dependence of system maintainability on documentation quality. developer expertise, etc. Finally, a concrete model of an ERP system is discussed.

  • 15.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Enterprise Architecture Modeling and Analysis of Quality Attributes: The Multi-Attribute Prediction Language (MAPL)2015In: Proceedings of the 1st Scandinavian Workshop on the Engineering of Systems-of-Systems (SWESoS 2015) / [ed] Jakob Axelsson, SICS , 2015, p. 10-12Conference paper (Other academic)
  • 16.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Gorton, Dan
    Foreseeti AB, Sweden.
    Nydren, Joakim
    Foreseeti AB, Sweden.
    Shahzad, Khurram
    Foreseeti AB, Sweden.
    securiCAD by foreseeti: A CAD tool for enterprise cyber security management2015In: Proceedings of the 2015 IEEE 19th International Enterprise Distributed Object Computing Conference Workshops and Demonstrations, EDOCW 2015, IEEE , 2015Conference paper (Refereed)
    Abstract [en]

    This paper presents a CAD tool for enterprise cyber security management called securiCAD. It is a software developed during ten years of research at KTH Royal Institute of Technology, and it is now being commercialized by foreseeti (a KTH spin-off company). The idea of the tool is similar to CAD tools used when engineers design and test cars, buildings, etc. Specifically, the securiCAD user first models the IT environment, an existing one or one under development, and then securiCAD, using attack graphs, calculates and highlights potential weaknesses and avenues of attacks. The main benefits with securiCAD are; 1) built in security expertise, 2) visualization, 3) holistic security assessments, and 4) scenario comparison (decision-making) capabilities.

  • 17.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lindström, Åsa
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Gammelgård, Magnus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johansson, Erik
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Plazaola, Leonel
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Silva, Enrique
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Liliesköld, Joakim
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Consistent enterprise software system architecture for the CIO: a utility-cost based approach2004In: Proceedings of the 37th Annual Hawaii International Conference on System Sciences, 2004, 2004Conference paper (Refereed)
    Abstract [en]

    Previously, business operations of most large companies were supported by a number of isolated software systems performing diverse specific tasks, from real-time process control to administrative functions. In order to better achieve business goals, these systems have in recent years been extended, and more importantly, integrated into a company-wide system in its own right, the enterprise software system. Due to its history, this system is composed of a considerable number of heterogeneous and poorly understood components interacting by means of equally diverse and confusing connectors. To enable informed decision-making, the Chief Information Officer (CIO), responsible for the overall evolution of the company's enterprise software system, requires management tools. This paper proposes enterprise software system architecture (ESSA) as a foundation for an approach for managing the company's software system portfolio. In order to manage the overwhelming information amounts associated with the enterprise software system, this approach is based on two concepts. Firstly, the approach explicitly relates the utility of knowledge to the cost of its acquisition. The utility of knowledge is derived from the increased value of better-informed decision-making. The cost of knowledge acquisition is primarily related to the resources spent on information searching. Secondly, the approach focuses on ensuring the consistency of the architectural model.

  • 18.
    Ekstedt, Mathias
    et al.
    KTH, Superseded Departments, Electrical Systems.
    Johnson, Pontus
    KTH, Superseded Departments, Electrical Systems.
    Lindström, Åsa
    KTH, Superseded Departments, Electrical Systems.
    Johansson, Erik
    KTH, Superseded Departments, Electrical Systems.
    Nordström, Lars
    KTH, Superseded Departments, Electrical Systems.
    Management of Enterprise Software System Architectures: Focusing on Information Economy and Model Consistency2003In: Proceedings of the 3rd Conference on Software Engineering Research and Practice in Sweden, 2003Conference paper (Refereed)
  • 19.
    Ekstedt, Mathias
    et al.
    KTH, Superseded Departments, Electrical Systems.
    Johnson, Pontus
    KTH, Superseded Departments, Electrical Systems.
    Sjölin, Peter
    KTH, Superseded Departments, Electrical Systems.
    Lilliesköld, Joakim
    KTH, Superseded Departments, Electrical Systems.
    The architectural information view for the power electricity industry2003In: Proceedings of the CIGRE SC D2´s Colloquium, 2003Conference paper (Refereed)
  • 20.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Jonsson, Narcisa
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Plazaola, Leonel
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Silva Molina, Enrique Javier
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Vargas, Norman
    An Organization-Wide Approach For Assessing Strategic Business And IT Alignment2005In: Proceedings from the Portland International Conference on Management of Engineering and Technology, 2005Conference paper (Refereed)
    Abstract [en]

    Contemporary firms operate in a dynamic environment for a number of reasons such as new technologies, entrepreneurial ideas, strategic alliances, mergers and acquisitions, and regulatory changes. A key for a well-functioning company is an Information Technology (IT) that is efficiently deployed to support the business objectives. Keeping business and IT strategies aligned as they evolve has been for several years in a row ranked amongst the top concerns of companies' executives. Despite this fact, there are few documented concepts and operation approaches for assessing business and IT alignment. This paper describes an organization-wide assessment approach, where the maturity model criteria and attributes are assessed with sub-questions for clarity.

  • 21.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Terruggia, Roberta
    Dondossola, Giovanna
    Application of a cyber security assessment framework to smart grid architectures2013Conference paper (Refereed)
  • 22.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Närmen, Per
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Chenine, Moustafa
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Setting the Information Systems Goals2007In: Enterprise Architecture: Models and Analyses for Information Systems Decision Making, Studentlitteratur, 2007, p. 92-152Chapter in book (Other academic)
  • 23.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Enterprise Architecture Models for Cyber Security Analysis2009In: 2009 IEEE/PES POWER SYSTEMS CONFERENCE AND EXPOSITION, NEW YORK: IEEE , 2009, p. 832-837Conference paper (Refereed)
    Abstract [en]

    Enterprise architecture is a rising discipline that is gaining increasing interest in both industry and academia. It pays attention to the fact that effective management of business and IT needs take a holistic view of the enterprise. Enterprise architecture is based on graphical models as a vehicle for system analysis, design, and communication. Enterprise architecture is also a potential support for control systems management. Unfortunately, when it comes to security analyses, the architectural languages available are not adapted to provide support for this. This presentation focus on research performed as part of the EU seventh framework program VIKING (Vital Infrastructure, Networks, Information and Control Systems Management) and the Swedish Centre of Excellence in Electric Power Engineering, EKC2. The research is focusing on developing and adapting security analyses frameworks to architectural languages on a level where information about control systems' configuration is scarce and thus incomplete and partly unreliable.

  • 24.
    Ericsson, Evelina
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Buschle, Markus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lillieskold, Joakim
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Developing a Design for Six Sigma Framework For the Analysis of Product Development Processes2015In: 2015 PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET'15), IEEE Communications Society, 2015, p. 1549-1561Conference paper (Refereed)
    Abstract [en]

    During the last decades the importance of product development (PD) has become apparent for organizations. A majority of companies' total business results are dependent on the outcome of PD activities, results that crucially depends on new product's success and sales revenue. PD must be evaluated continuously, even without a physical final product accessible to measure. Therefore, in product development there is a need to evaluate the PD organization and project activities. This article presents a product development framework for analysis of organizations' product development performance according to Design for Six Sigma and evaluation of DFSS adopted companies' level of implementation.

  • 25.
    Flores, Waldo Rocha
    et al.
    KTH, School of Electrical Engineering (EES).
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Electric power and energy systems.
    Shaping intention to resist social engineering through transformational leadership, information security culture and awareness2016In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 59, p. 26-44Article in journal (Refereed)
    Abstract [en]

    This paper empirically investigates how organizational and individual factors complement each other in shaping employees' intention to resist social engineering. The study followed a mixed methods research design, wherein qualitative data were collected to both establish the study's research model and develop a survey instrument that was distributed to 4296 organizational employees from a diverse set of organizations located in Sweden. The results showed that attitude toward resisting social engineering has the strongest direct association with intention to resist social engineering, while both self-efficacy and normative beliefs showed weak relationships with intention to resist social engineering. Furthermore, the results showed that transformational leadership was strongly associated with both perceived information security culture and information security awareness. Two mediation tests showed that attitude and normative beliefs partially mediate the effect of information security culture on employees' intention to resist social engineering. This suggests that both attitude and normative beliefs play important roles in governing the relationship between information security culture and intention to resist social engineering. A third mediation test revealed that information security culture fully explains the effect of transformational leadership on employees' attitude toward resisting social engineering. Discussion of the results and practical implications of the performed research are provided.

  • 26.
    Franke, Ulrik
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Saat, Jan
    Winter, Robert
    Trends in Enterprise Architecture Practice: A Survey2010In: Lecture Notes in Business Information Processing / [ed] Proper E; Lankhorst MM; Schonherr M; Barjis J; Overbeek S, 2010, Vol. 70, p. 16-29Conference paper (Refereed)
    Abstract [en]

    In recent years, Enterprise Architecture (EA) has become a discipline for business and IT-system management. While much research focuses on theoretical contributions related to EA, very few studies use statistical tools to analyze empirical data. This paper investigates the actual application of EA, by giving a broad overview of the usage of enterprise architecture in Swedish, German, Austrian and Swiss companies. 162 EA professionals answered a survey originally focusing on the relation between IT/business alignment (ITBA) and EA. The dataset provides answers to questions such as: For how many years have companies been using EA models, tools, processes and roles? How is ITBA in relation to EA perceived at companies? In particular, the survey has investigated quality attributes of EA, related to IT-systems, business and IT governance. One important result is some interesting correlations between how these qualities are prioritized. For example, a high concern for interoperability correlates with a high concern for maintainability.

  • 27.
    Franke, Ulrik
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Höök, David
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    König, Johan
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Närman, Per
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ullberg, Johan
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Gustafsson, Pia
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    EAF(2) - A Framework for Categorizing Enterprise Architecture Frameworks2009In: SNPD 2009: 10TH ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCES, NETWORKING AND PARALLEL DISTRIBUTED COMPUTING, PROCEEDINGS, LOS ALAMITOS: IEEE COMPUTER SOC , 2009, p. 327-332Conference paper (Refereed)
    Abstract [en]

    What constitutes an enterprise architecture framework is a contested subject. The contents of present enterprise architecture frameworks thus differ substantially. This paper aims to alleviate the confusion regarding which framework contains what by proposing a meta framework for enterprise architecture frameworks. By using this meta framework, decision makers are able to express their requirements on what their enterprise architecture framework must contain and also to evaluate whether the existing frameworks meets these requirements. An example classification of common EA frameworks illustrates the approach.

  • 28.
    Franke, Ulrik
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ullberg, Johan
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Höök, David
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    König, Johan
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A formal method for cost and accuracy trade-off analysis in software assessment measures2009In: RCIS 2009: PROCEEDINGS OF THE IEEE INTERNATIONAL CONFERENCE ON RESEARCH CHALLENGES IN INFORMATION SCIENCE, NEW YORK: IEEE , 2009, p. 295-302Conference paper (Refereed)
    Abstract [en]

    Creating accurate models of information systems is an important but challenging task. It is generally well understood that such modeling encompasses general scientific issues, but the monetary aspects of the modeling of software systems are not equally well acknowledged. The present paper describes a method using Bayesian networks for optimizing modeling strategies, perceived as a trade-off between these two aspects. Using GeNIe, a graphical tool with the proper Bayesian algorithms implemented, decision support can thus be provided to the modeling process. Specifically, an informed trade-off can be made, based on the modeler's prior knowledge of the predictive power of certain models, combined with his projection of their costs. It is argued that this method might enhance modeling of large and complex software systems in two principal ways: Firstly, by enforcing rigor and making hidden assumptions explicit. Secondly, by enforcing cost awareness even in the early phases of modeling. The method should be used primarily when the choice of modeling can have great economic repercussions.

  • 29.
    Franke, Ulrik
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ullberg, Johan
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Höök, David
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    König, Johan
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Method for Choosing Software Assessment Measures using Bayesian Networks and Diagnosis: CSMR 2009, PROCEEDINGS2009In: 13TH EUROPEAN CONFERENCE ON SOFTWARE MAINTENANCE AND REENGINEERING: CSMR 2009, PROCEEDINGS / [ed] Winter A, Knodel J, LOS ALAMITOS, CA.: IEEE COMPUTER SOC. , 2009, p. 241-245Conference paper (Refereed)
    Abstract [en]

    Creating accurate models of information systems is an important but challenging task. While the scienti c aspects of such modeling are generally acknowledged, the monetary aspects of the modeling of software systems are not. The present paper describes a Bayesian method for optimizing modeling strategies, perceived as a trade-off between these two aspects. Speci cally, an informed trade-off can be made, based on the modeler's prior knowledge of the predictive power of certain models, combined with her projection of the costs. It is argued that this method enhances modeling of large and complex software systems in two principal ways: Firstly, by enforcing rigor and making hidden assumptions explicit. Secondly, by enforcing cost awareness even in the early phases of modeling. The method should be used primarily when the choice of modeling can have great economic repercussions.

  • 30.
    Franke, Ulrik
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Defense graphs and Enterprise Architecture for Information Assurance analysis2008In: Proceedings of the 26th Army Science Conference, 2008Conference paper (Refereed)
    Abstract [en]

    The JQRR metrics for Information Assurance (IA)and Computer Network Defense (CND) are combinedwith a framework based on defense graphs. This enablesthe use of architectural models for rational decision making,based on the mathematical rigor of extended influencediagrams. A sample abstract model is provided,along with a simple example of its usage to assess accesscontrol vulnerability.

  • 31.
    Gammelgård, Magnus
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Närman, Per
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A method for assessing the business value of information system scenarios with an estimated credibility of the result2010In: International Journal of Services Technology and Management, ISSN 1460-6720, E-ISSN 1741-525X, Vol. 13, no 1-2, p. 105-133Article in journal (Refereed)
    Abstract [en]

    This paper presents a method for assessing the business value of information system scenarios. The purpose of the method is to provide information system decision makers with high quality information about potential future scenarios at a relative low cost of investigation. The method features three frameworks; one for functional assessments of information system scenarios, one for non-functional assessments of information system scenarios and finally a general business value taxonomy. The former two serve as an input structure to the latter one. The business various concepts in the business value taxonomy were prioritised by business managers to reflect the organisation's business needs. A problem with estimating the business value of an information system scenario is that it is a very complex undertaking; there are a vast number of aspects that need to be assessed in order to get a correct result. To be cost efficient all of these aspects cannot be addressed so the results of the method will inevitably contain a degree of uncertainty. The method thus also provides an estimate of the uncertainty of its results. The method has been tested in a comprehensive case study at a large European power company.

  • 32.
    Gammelgård, Magnus
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Närman, Per
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Architecture scenario analysis - Estimating the credibility of the results2007In: 17th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2007 - Systems Engineering: Key to Intelligent Enterprises, The International Council on Systems Engineering (INCOSE), 2007, p. 750-764Conference paper (Refereed)
    Abstract [en]

    Good decision support requires good information. A key aspect of good information is that it is credible. Presently, architecture frameworks and methods within systems engineering often lacks support for mediating the credibility of the analyses made. This paper presents a method for enterprise architecture analyses that employs an evidential reasoning algorithm for multi-attribute decision analysis. By doing this, the quality of the analyses as decision support is demonstrated. The method includes an assessment framework, based on established theories, for evaluating architecture scenarios functional and non-functional qualities. The paper also presents a full scale case study where method has been employed at a large European power company.

  • 33.
    Gammelgård, Magnus
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Närman, Per
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Evaluation of business value of IT-system scenarios: a case study at a large north European power company2007In: PICMET '07: PORTLAND INTERNATIONAL CENTER FOR MANAGEMENT OF ENGINEERING AND TECHNOLOGY, 2007Conference paper (Refereed)
    Abstract [en]

    This paper presents a method, the KTH1 IT Investment Evaluation Method, to assess the business value of IT-investments. The method aims at a priori and at a relative low cost of investigation assesses the business value of IT-systems scenarios, i.e. alternative combinations of IT-systems intended to support a particular business area. First, the scenarios are evaluated with respect to their technical quality. Second, the technical attributes used for this technical evaluation are related to business value dimensions, i.e. it is determined in what ways certain functions and non-functional attributes generate business value. Third, the business value dimensions are prioritized by the business managers. Finally, the business value of each scenario is established by combining the technical assessments with the relations to the business value dimension found in the second step and the prioritizations done by business managers. All parts of the method have been verified in comprehensive case study at a large European power company and the results are presented in the paper.

  • 34.
    Gunaratne, Dinusha
    et al.
    Vattenfall Research and Development AB.
    Chenine, Moustafa
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Närman, Per
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Framework to Evaluate a Functional Reference Model at a Nordic Distribution Utility2008In: NORDAC 2008, The 8th Nordic Electricity Distribution and Asset Management Conference. Bergen, Norway. 8-9 September 2008, 2008Conference paper (Refereed)
    Abstract [en]

    Distribution utilities have found IT systems to be indispensable for competition in the deregulated electricity market. But in order to be highly efficient, a distribution utility ought to essentially maintain a correlation between IT systems and business processes. A Functional Reference Models (FRM) is one way to achieve this correlation.A FRM is a versatile and multidisciplinary tool that could be used to create alignment between business processes and IT-systems by describing what a “business is” and in terms of business functions that are carried out. There are many utility standards and system vendors claiming to offer complete FRMs for the utility domains. In addition, of course there exist implicit FRMs in the company in terms of existing processes and IT-systems. Thus there is a growing need among distribution utilities for a method to evaluate the quality and suitability of a FRM for a given enterprise.This paper will describe the development of a framework that has been used to evaluate the quality of a FRM in a Nordic distribution utility by benchmarking against the IEC 61968-1, UCA 2.0, IFS and Oracle FRMs for the utility domain. The framework cross reference a FRM with other FRMs to get a Coverage of all the business functions used in the utility business and eliminate vendor dependence and it analyze the strengths and weakness of the FRM and what amendments to be included. Finally it evaluates the Suitability of the FRM to the utility by aligning with the IT systems. The evaluation also helps to identify redundant IT systems and maximize the IT usage in a distribution utility. This paper concludes with a motivation to distribution utilities to adopt a FRM discussing its business values.

  • 35. Gustafson, P.
    et al.
    Ahlberg, J.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Electric power and energy systems.
    Lindh, M.
    Pukk Härenstam, K.
    Rutberg, H.
    Safer Swedish healthcare requires coherent and persistent efforts2015In: Läkartidningen, ISSN 0023-7205, E-ISSN 1652-7518, Vol. 112Article in journal (Refereed)
    Abstract [en]

    Despite a development in Swedish patient safety work in recent years, unambiguous results are missing. Here we propose some activities that will result in improved patient safety. Patients and employees are a strong driving force, and should be given a more important role. The level of education in patient safety must be raised in all levels in the system. Effective systems for learning, sharing and follow-up need to be reinforced. The understanding on how the health-care system adapts to varying circumstances, resilience, needs development. The knowledge basis of what constitutes and creates safety in psychiatry, paediatric care, primary care, and in care of the elderly must be developed.

  • 36.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Buschle, Markus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Automatic data collection for enterprise architecture models2014In: Software and Systems Modeling, ISSN 1619-1366, E-ISSN 1619-1374, Vol. 13, no 2, p. 825-841Article in journal (Refereed)
    Abstract [en]

    Enterprise Architecture (EA) is an approach used to provide decision support based on organization-wide models. The creation of such models is, however, cumbersome as multiple aspects of an organization need to be considered, making manual efforts time-consuming, and error prone. Thus, the EA approach would be significantly more promising if the data used when creating the models could be collected automatically-a topic not yet properly addressed by either academia or industry. This paper proposes network scanning for automatic data collection and uses an existing software tool for generating EA models (ArchiMate is employed as an example) based on the IT infrastructure of enterprises. While some manual effort is required to make the models fully useful to many practical scenarios (e.g., to detail the actual services provided by IT components), empirical results show that the methodology is accurate and (in its default state) require little effort to carry out.

  • 37.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A metamodel for web application injection attacks and countermeasures2012In: Trends in Enterprise Architecture Research and Practice-Driven Research on Enterprise Transformation: 7th Workshop, TEAR 2012, and 5th Working Conference, PRET 2012, Held at The Open Group Conference 2012, Barcelona, Spain, October 23-24, 2012. Proceedings / [ed] Stephan Aier, Mathias Ekstedt, Florian Matthes, Erik Proper, Jorge L. Sanz, Springer, 2012, p. 198-217Conference paper (Refereed)
    Abstract [en]

    Web application injection attacks such as cross site scripting and SQL injection are common and problematic for enterprises. In order to defend against them, practitioners with large heterogeneous system architectures and limited resources struggle to understand the effectiveness of different countermeasures under various conditions. This paper presents an enterprise architecture metamodel that can be used by enterprise decision makers when deciding between different countermeasures for web application injection attacks. The scope of the model is to provide low-effort guidance on an abstraction level of use for an enterprise decision maker. This metamodel is based on a literature review and revised according to the judgment by six domain experts identified through peer-review.

  • 38.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Estimates on the effectiveness of web application firewalls against targeted attacks2013In: Information Management & Computer Security, ISSN 0968-5227, E-ISSN 1758-5805, Vol. 21, no 4, p. 250-265Article in journal (Refereed)
    Abstract [en]

    Purpose – The purpose of this paper is to estimate the effectiveness of web application firewalls (WAFs) at preventing injection attacks by professional penetration testers given presence or absence of four conditions: whether there is an experienced operator monitoring the WAF; whether an automated black box tool has been used when tuning the WAF; whether the individual tuning the WAF is an experienced professional; and whether significant effort has been spent tuning the WAF.

    Design/methodology/approach – Estimates on the effectiveness of WAFs are made for 16 operational scenarios utilizing judgments by 49 domain experts participating in a web survey. The judgments of these experts are pooled using Cooke's classical method.

    Findings – The results show that the median prevention rate of a WAF is 80 percent if all measures have been employed. If no measure is employed then its median prevention rate is 25 percent. Also, there are no strong dependencies between any of the studied measures.

    Research limitations/implications – The results are only valid for the attacker profile of a professional penetration tester who prepares one week for attacking a WA protected by a WAF.

    Practical implications – The competence of the individual(s) tuning a WAF, employment of an automated black box tool for tuning and the manual effort spent on tuning are of great importance for the effectiveness of a WAF. The presence of an operator monitoring it has minor positive influence on its effectiveness.

    Originality/value – WA vulnerabilities are widely considered a serious concern. To manage them in deployed software, many enterprises employ WAFs. However, the effectiveness of this type of countermeasure under different operational scenarios is largely unknown.

  • 39.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Andersson, Dennis
    Swedish Defense Research Agency.
    Empirical Analysis of System-Level Vulnerability Metrics through Actual Attacks2012In: IEEE Transactions on Dependable and Secure Computing, ISSN 1545-5971, E-ISSN 1941-0018, Vol. 9, no 6, p. 825-837Article in journal (Refereed)
    Abstract [en]

    The Common Vulnerability Scoring System (CVSS) is a widely used and well-established standard for classifying the severity of security vulnerabilities. For instance, all vulnerabilities in the US National Vulnerability Database (NVD) are scored according to this method. As computer systems typically have multiple vulnerabilities, it is often desirable to aggregate the score of individual vulnerabilities to a system level. Several such metrics have been proposed, but their quality has not been studied. This paper presents a statistical analysis of how 18 security estimation metrics based on CVSS data correlate with the time-to-compromise of 34 successful attacks. The empirical data originates from an international cyber defense exercise involving over 100 participants and were collected by studying network traffic logs, attacker logs, observer logs, and network vulnerabilities. The results suggest that security modeling with CVSS data alone does not accurately portray the time-to-compromise of a system. However, results also show that metrics employing more CVSS data are more correlated with time-to-compromise. As a consequence, models that only use the weakest link (most severe vulnerability) to compose a metric are less promising than those that consider all vulnerabilities.

  • 40.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    Swedish Defense Research Agency.
    Effort estimates on web application vulnerability discovery2013Conference paper (Refereed)
    Abstract [en]

    Web application vulnerabilities are widely considered a serious concern. However, there are as of yet scarce data comparing the effectiveness of different security countermeasures or detailing the magnitude of the security issues associated with web applications. This paper studies the effort that is required by a professional penetration tester to find an input validation vulnerability in an enterprise web application that has been developed in the presence or absence of four security measures: (i) developer web application security training, (ii) type-safe API’s, (iii) black box testing tools, or (iv) static code analyzers. The judgments of 21 experts are collected and combined using Cooke’s classical method. The results show that 53 hours is enough to find a vulnerability with a certainty of 95% even though all measures have been employed during development. If no measure is employed 7 hours is enough to find a vulnerability with 95% certainty.

  • 41.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Manual for the Cyber Security Modeling Language2013Report (Other academic)
    Abstract [en]

    The Cyber Security Modeling Language (CySeMoL) is an attack graph toolthat can be used to estimate the cyber security of enterprise architectures. Cy-SeMoL includes theory on how attacks and defenses relate quantitatively; thus,users must only model their assets and how these are connected in order to enablecalculations. This report functions as a manual to facilitate practical usage andunderstanding of CySeMoL.

  • 42.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Bayesian Model for Likelihood Estimations of Acquirement of Critical Software Vulnerabilities and ExploitsManuscript (preprint) (Other academic)
  • 43.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Bayesian network model for likelihood estimations of acquirement of critical software vulnerabilities and exploits2015In: Information and Software Technology, ISSN 0950-5849, E-ISSN 1873-6025, Vol. 58, p. 304-318Article in journal (Refereed)
    Abstract [en]

    Context: Software vulnerabilities in general, and software vulnerabilities with publicly available exploits in particular, are important to manage for both developers and users. This is however a difficult matter to address as time is limited and vulnerabilities are frequent. Objective: This paper presents a Bayesian network based model that can be used by enterprise decision makers to estimate the likelihood that a professional penetration tester is able to obtain knowledge of critical vulnerabilities and exploits for these vulnerabilities for software under different circumstances. Method: Data on the activities in the model are gathered from previous empirical studies, vulnerability databases and a survey with 58 individuals who all have been credited for the discovery of critical software vulnerabilities. Results: The proposed model describes 13 states related by 17 activities, and a total of 33 different datasets. Conclusion: Estimates by the model can be used to support decisions regarding what software to acquire, or what measures to invest in during software development projects.

  • 44.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Shahzad, Khurram
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Buschle, Markus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    P2CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language2015In: IEEE Transactions on Dependable and Secure Computing, ISSN 1545-5971, E-ISSN 1941-0018, Vol. 12, no 6, p. 626-639Article in journal (Refereed)
    Abstract [en]

    This paper presents the Predictive, Probabilistic Cyber Security Modeling Language ((PCySeMoL)-Cy-2), an attack graph tool that can be used to estimate the cyber security of enterprise architectures. (PCySeMoL)-Cy-2 includes theory on how attacks and defenses relate quantitatively; thus, users must only model their assets and how these are connected in order to enable calculations. The performance of (PCySeMoL)-Cy-2 enables quick calculations of large object models. It has been validated on both a component level and a system level using literature, domain experts, surveys, observations, experiments and case studies.

  • 45.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    CySeMoL: A tool for cyber security analysis of enterprises2013In: CIRED, 2013Conference paper (Refereed)
    Abstract [en]

    The Cyber Security ModellingLanguage (CySeMoL) is a tool for quantitative cyber security analyses of enterprise architectures. This paper describes the CySeMoL and illustrates its use through an example scenario involving cyber attacks against protection and control assets located inan electrical substation.

  • 46.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Vulnerability assessment of SCADA systems2011Report (Other academic)
  • 47.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Honeth, Nicholas
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Indicators of expert judgement and their significance: An empirical investigation in the area of cyber security2014In: Expert systems (Print), ISSN 0266-4720, E-ISSN 1468-0394, Vol. 3, no 4, p. 299-318Article in journal (Refereed)
    Abstract [en]

    In situations when data collection through observations is difficult to perform, the use of expert judgement can be justified. A challenge with this approach is, however, to value the credibility of different experts. A natural and state-of-the art approach is to weight the experts' judgements according to their calibration, that is, on the basis of how well their estimates of a studied event agree with actual observations of that event. However, when data collection through observations is difficult to perform, it is often also difficult to estimate the calibration of experts. As a consequence, variables thought to indicate calibration are generally used as a substitute of it in practice. This study evaluates the value of three such indicative variables: consensus, experience and self-proclamation. The significances of these variables are analysed in four surveys covering different domains in cyber security, involving a total of 271 subjects. Results show that consensus is a reasonable indicator of calibration. The mean Pearson correlation between these two variables across the four studies was 0.407. No significant correlations were found between calibration and experience or calibration and self-proclamation. However, as a side result, it was discovered that a subject that perceives itself as more knowledgeable than others likely also is more experienced.

  • 48.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Franke, Ulrik
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Expert assessment on the probability of successful remote code execution attacks2011In: Proceedings of 8th International Workshop on Security in Information Systems - WOSIS 2011, 2011, p. 49-58Conference paper (Refereed)
    Abstract [en]

    This paper describes a study on how cyber security experts assess the importance of three variables related to the probability of successful remote code execution attacks – presence of: (i) non-executable memory, (ii) access and (iii) exploits for High or Medium vulnerabilities as defined by the Common Vulnerability Scoring System. The rest of the relevant variables were fixed by the environment of a cyber defense exercise where the respondents participated. The questionnaire was fully completed by fifteen experts. These experts perceived access as the most important variable and availability of exploits for High vulnerabilities as more important than Medium vulnerabilities. Non-executable memory was not seen as significant, however, presumably due to lack of address space layout randomization and canaries in the network architecture of the cyber defense exercise scenario.

  • 49.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Franke, Ulrik
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Success Rate of Remote Code Execution Attacks: Expert Assessments and Observations2012In: Journal of universal computer science (Online), ISSN 0948-695X, E-ISSN 0948-6968, Vol. 18, no 6, p. 732-749Article in journal (Refereed)
    Abstract [en]

    This paper describes a study on how cyber security experts assess the importance of three variables related to the probability of successful remote code execution attacks: (i) non-executable memory, (ii) access and (iii) exploits for High or Medium vulnerabilities as defined by the Common Vulnerability Scoring System. The rest of the relevant variables were fixed by the environment of a cyber defense exercise where the respondents participated. The questionnaire was fully completed by fifteen experts. These experts perceived access as the most important variable and availability of exploits for High vulnerabilities as more important than Medium vulnerabilities. Non-executable memory was not seen as significant. Estimates by the experts are compared to observations of actual attacks carried out during the cyber defense exercise. These comparisons show that experts' in general provide fairly inaccurate advice on an abstraction level such as in the present study. However, results also show a prediction model constructed through expert judgment likely is of better quality if the experts' estimates are weighted according to their expertise.

  • 50.
    Johansson, Erik
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Assessment of Enterprise Information Security: The Importance of Information Search Cost2006In: Proceedings of the Annual Hawaii International Conference on System Sciences, ISSN 1530-1605, Vol. 9, p. 219a-Article in journal (Refereed)
    Abstract [en]

    There are today several methods and standards available for assessment of the level of information security in an enterprise. A problem with these assessment methods is that they neither provide an indication of the amount of effort required to obtain the assessment nor an approximation of this measure's credibility. This paper describes a part of a new method for assessing the level of enterprise information security expresses the credibility of the results in terms of confidence levels and make use of an estimation of the cost of searching for security evidence. Such methods for predicting information search cost of assessments are detailed in the paper. Search cost predictions are used for providing guidance on how to minimize the effort spent on performing enterprise information security assessments. The conclusions are based on a security assessment performed at a large European energy company and a statistical survey among Swedish security experts.

1234 1 - 50 of 153
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf