A5071836226- Information and Cyber Security
- Smart Grid Security and Resilience
- Cloud Data Security Solutions
- Software Engineering Research
- Software Engineering Techniques and Practices
- Network Security and Intrusion Detection
- Advanced Malware Detection Techniques
- Cloud Computing and Resource Management
- Blockchain Technology Applications and Security
- Privacy, Security, and Data Protection
- IoT and Edge/Fog Computing
- Cryptography and Data Security
- Privacy-Preserving Technologies in Data
- Access Control and Trust
- Risk and Safety Analysis
- Software Reliability and Analysis Research
- Distributed systems and fault tolerance
- Digital and Cyber Forensics
- Opportunistic and Delay-Tolerant Networks
- Security and Verification in Computing
- Mobile Ad Hoc Networks
- Complex Systems and Decision Making
- Software System Performance and Reliability
- Internet Traffic Analysis and Secure E-voting
- Mobile Agent-Based Network Management
SINTEF Digital
2017-2025
SINTEF
2016-2025
University of Stavanger
2017-2024
University of Amsterdam
2020
Shenzhen University
2020
The University of Sydney
2020
Hong Kong Polytechnic University
2020
Nanjing University
2016
Eurocontrol
2014
KU Leuven
2013
Most software developers aren't primarily interested in security. For decades, the focus has been on implementing as much functionality possible before deadline, and patching inevitable bugs when it's time for next release or hot fix. However, engineering community is slowly beginning to realize that information security also important whose primary function isn't related Security features mechanisms typically prominent such software's user interface.
The federated Cloud paradigm aims to provide flexible and reliable services composed of a mixture internal external mini-clouds, but this heterogeneous nature is also fuelling the security concerns customers. To allay fears deal with threats associated outsourcing data applications Cloud, new methods for assurance are urgently needed. This paper presents current work on Security Service Level Agreements our approach how manage in context hybrid clouds. purpose facilitate rapid service...
Abstract This article investigates and analyzes the security aspects of 5G specifications from perspective IoT‐based smart grids. As grid requires high‐speed reliable communication to enable real‐time monitoring via Internet Things (IoT) devices, can be considered a catalyst transform current power infrastructure into grid. Thus, an understanding what bring in terms cyber grids is important for design decisions future risk analysis efforts. In this article, we explore use case on automatic...
The introduction of telecommunication in the energy grid, leading way towards Smart Grids, challenges safe operations have traditionally been assured sector. New cyber security emerge, especially related to privacy, connectivity and management, these need be properly addressed. Existing technology good practice mainly come from traditional environment where requirements on safety availability are less strict. For lessons can learned oil gas industry how they dealt with their implementation...
Cloud and IT service providers should act as responsible stewards for the data of their customers users. However, current absence accountability frameworks distributed services makes it difficult users to understand, influence determine how honour obligations. The A4Cloud project will create solutions support in deciding tracking is used by cloud providers. By combining methods risk analysis, policy enforcement, monitoring compliance auditing with tailored mechanisms security, assurance...
The smart grid vision implies extensive use of ICT in the power system, enabling increased flexibility and functionality thereby meeting future demands strategic goals. Consequently, system reliability will increasingly depend on components systems. While adding functionality, systems also contribute to failures, such as hidden failures protection systems, has been exemplified by recent outages. It brings new threats, that cyber-attacks. To ensure effective reliability, interdependencies...
Organizations recognize that protecting their assets against attacks is an important business. However, achieving what adequate security requires taking bold steps to address practices within the organization. In Agile software development world, engineering process unacceptable as it runs counter agile values. teams have thus approached activities in own way. To improve settings management understands current of teams. this study, we use survey investigate usage, competence, and training...
Software security is a complex topic, and for development projects it can be challenging to assess what necessary cost-effective. Agile Development (ASD) values self-management. Thus, teams their Product Owners are expected also manage software prioritisation. In this paper we build on the notion that experts who want influence priority given in ASD need do through interactions support rather than prescribing certain activities or priorities. But effectively, there understand hinders...
In this paper, we perform a threat modeling of architectures for controlling the medium voltage (MV) part power grid, arguing importance topic with brief summary serious cyber security attacks from last decade. As more Distributed Energy Resources (DERs) are introduced into need to control these resources arises. A two alternative is performed study different aspects. Firstly, and compare determine whether one them inherently secure than other. While both rely on 5G, uses centralized design,...
In this article, the authors contrast results of a series interviews with agile software development organizations case study distributed effort, focusing on how information security is taken care in an context. The indicate that small and medium-sized do not use any particular methodology to achieve goals, even when their web-facing potential targets attack. This confirms cases where articulated requirement, design fed as input implementation team, there no guarantee end result meets...
A full smart grid implementation requires the digitization of all parts infrastructure, including secondary electrical substations. Unfortunately, this introduces new security threats, which were not apparent before. This article uses a Smart Grid Threat Modeling Template implementing STRIDE model to create threat digital substation and its communication with control center. Threats are classified by priority need for further investigation. The tool was compared CORAS analysis, determined be...
Cloud computing has become a popular choice as an alternative to investing new IT systems. When making decisions on adopting cloud related solutions, security always been major concern. This article summarizes concerns in and proposes five service deployment models ease these concerns. The proposed provide different features address requirements scenarios can serve reference for deployment.
The goal of secure software engineering is to create that keeps performing as intended even when exposed attacks. Threat modeling considered be a key activity, but can challenging perform for developers, and more so in agile development. Hence, threat has not seen widespread use projects. this paper investigate the challenges facing adoption using Microsoft approach with STRIDE. We performed case study company comprising five development identified 21 emerged from our observations. then...