Our latest article published in builds upon the concept of Secure Machine Learning Operations (SecMLOps), providing a comprehensive framework designed to integrate robust security measures throughout the entire ML operations (MLOps) lifecycle. This framework is particularly focused on safeguarding against sophisticated attacks that target various stages of the MLOps lifecycle, thereby enhancing the resilience and trustworthiness of ML applications. Through extensive empirical evaluations, we highlight the trade-offs between security measures and system performance, providing critical insights into optimizing security without unduly impacting operational efficiency. Our findings underscore the importance of a balanced approach, offering valuable guidance for practitioners on how to achieve an optimal balance between security and performance in ML deployments across various domains.See Publications for more details!

The post New Publication: SecMLOps: A comprehensive framework for integrating security throughout the machine learning operations lifecycle appeared first on CyberSEA.

Our recent paper “” is now available online. This work addresses the challenge of maintaining security compliance and traceability in low-earth orbit (LEO) satellite control systems, which must adhere to multiple standards and regulations throughout the system development lifecycle. Existing work focuses on space system resilience but lacks comprehensive methods for compliance traceability. To fill this gap, we adopt a formal model-based systems engineering (MBSE) framework to support compliance checking for LEO satellite control systems. This paper was presented at the . See Publications for more details!

The post New Publication: Formal Model-Based Traceability for Security Compliance in Satellite Control Systems appeared first on CyberSEA.

Our recent paper “” is now available online. In this paper, we introduce an approach to enhance system security during the early design phase, targeting the creation of a system’s behavioural view. We derived two sound security metrics, Critical Element Risk Index (CERI) and Corruption Propagation Potential (CPP). These metrics inform a system’s Behavioural Security Posture (BSP), which we define as a system’s resilience to knowable threats based on its flows, as determined by its security policies and threat model. To best support designers, we expanded on previous work and updated our BSP analysis tool, Dubhe. In this expanded approach, Dubhe (1) identifies threats and mitigation patterns present within UML activity diagrams, (2) calculates a system’s average CERI and CPP through pattern matching and depth-first flow traversal, and (3) presents a system’s BSP to designers, alongside identified threats and recommended mitigation strategies. We demonstrate this approach by applying it to an Online Seller of Merchandise (OSM) system, analyzing a login use case to ensure target security requirements are adequately addressed. Using the information from Dubhe, designers have the tools and support needed to make meaningful security improvements to their systems during the design phase of the SDLC. This paper was presented at the . See Publications for more details!

The post New Publication: An Approach to Determine a System’s Behavioural Security Posture appeared first on CyberSEA.

Our paper “” is now available online. While there has been significant research on individual XOps, there is a lack of systematic, horizontal analysis across all XOps practices. This paper addresses this gap by conducting a scoping review of XOps literature, focusing on three fundamental research questions: the definition and categorization of XOps, the methodologies used to study their adoption, and the common challenges identified in their implementation. As the first study to systematically address these questions, we propose the XOps conceptualization framework, offering a structured approach to understanding and studying XOps. This framework serves as an initial step toward bringing clarity to the DevOps landscape, providing guidance in uncovering its complexities and laying the foundation for future research and the emergence of new XOps. This paper was presented at the . See Publications for more details!

The post New Publication: Uncovering the DevOps Landscape: A Scoping Review and Conceptualization Framework appeared first on CyberSEA.

Our paper “” is now available online. In this paper, we propose a formal approach to verify some security properties of neural networks. The overall approach goes through three steps: (1) specify security objectives as properties of a modeled neural network in a technology-independent specification language; (2) implement the developed model in a suitable tooled language for analysis; and (3) suggest a set of security requirements necessary to fulfill the targeted security objectives. We use first-order logic and modal logic as abstract and technology independent formalism and Alloy as a tooled language. To validate our work, we explore a set of representative security objectives from the Confidentiality, Integrity, and Availability classification in a use case from the unmanned aircraft domain. This paper was presented at the . See Publications for more details!

The post New Publication: Formal Security Analysis of Deep Neural Network Architecture appeared first on CyberSEA.

Our recent work on “” is now available online. This paper proposes an approach for the design and analysis of secure software architecture in the context of a component-port-connector architecture model and message passing communication. We use the Event-B formal method to create the software architecture model and security in successive steps using the refinement process. We also use proof obligations to verify the security of the successive software architecture models. Furthermore, we use the ProB model-checker and animator for the model validation. This paper was presented at the . See Publications for more details!

The post New Publication: A Formal Approach for Verifying and Validating Security Objectives in Software Architecture appeared first on CyberSEA.

Our recent work on “” is now available online. In this paper, we propose an integrated approach for specifying and verifying security objectives in component-based software architecture models via reusable formal model libraries of security properties and constraints. Our solution is based on metamodeling techniques for specifying the software architecture structure and on formal techniques for precisely specifying and verifying security properties of a modeled system. We explore a set of representative security objectives from the Confidentiality, Integrity, Availability (CIA) classification. We also use model-driven engineering techniques for the development of a tool suite to support our approach. This paper was presented at the . See Publications for more details!

The post New Publication: Reusable Formal Model Libraries for Specifying and Analyzing Security Objectives in Event-B appeared first on CyberSEA.

Our latest paper on “” is now available online. This paper presents a methodology supported by a domain-specific modeling language (DSML) to create, analyze, and apply security argument patterns for constructing security cases. This paper was presented at the . See Publications for more details!

The post New Publication: A Tool-Supported Methodology for Creating Security Cases Using Argument Patterns appeared first on CyberSEA.

Our recent work on “” is now available online. This paper introduces a secure authentication protocol that enables direct communication between CAVs and roadside sensors, addressing a critical gap in existing research focused on vehicle-to-cloud authentication. The proposed multi-factor authentication scheme combines password, biometric, and device-specific factors with Elliptic Curve Cryptography (ECC) and efficient key agreement protocols. A comprehensive adversary model tailored for vehicular networks is presented, along with an in-depth security analysis demonstrating the scheme’s resilience against various threats. The cloud-assisted authentication framework offloads computationally intensive tasks to the cloud server, reducing the burden on resource-constrained Roadside Units (RSUs) and ensuring scalability. Extensive performance evaluations showcase the scheme’s computational efficiency, low communication overhead, and storage costs compared to state-of-the-art solutions, highlighting its practical feasibility and potential for real-world deployment in intelligent transportation systems. This paper was presented at the . See Publications for more details!

The post New Publication: Enhancing Security and Efficiency in Vehicle-to-Sensor Authentication: A Multi-Factor Approach with Cloud Assistance appeared first on CyberSEA.

Our recent work on “” is now available online as open access in the Journal of Systems and Software. This research constructs a comprehensive picture of the existing DevOps landscape, clarifying the nature and nuances of various DevOps variants (called XOps), to guide effective future studies and implementations. Utilizing Multivocal Literature Review (MLR), 80 gathered documents are thoroughly examined from throughout the whole community, encompassing both white and grey literature, to map the DevOps landscape. We provide dictionary-like resource that describes the core concepts and main ideas associated with each XOps. An in-depth understanding of intricate evolution from DevOps to XOps is delved into, supplemented by the research of relationships between XOps and various technological enablers as well as relationships between XOps and organizational teams, contributing to the ongoing dialogue surrounding their application and evolution. This paper provides a foundational understanding of the DevOps landscape including open issues and challenges, current and future trends, assisting both researchers and practitioners in navigating this complex field. It establishes a platform for further research and practical applications in the evolving field of DevOps and XOps. See Publications for more details!

The post New Publication: Navigating the DevOps Landscape appeared first on CyberSEA.