Vasilis Katos
Cybersecurity user requirements analysis: the ECHO approach.
Katos, Vasilis; Ki-Aries, Duncan; Faily, Shamal; Genchev, Angel; Bozhilova, Maya; Stoianov, Nikolai
Authors
Duncan Ki-Aries
Shamal Faily
Angel Genchev
Maya Bozhilova
Nikolai Stoianov
Contributors
Serhiy Shkarlet
Editor
Anatoliy Morozov
Editor
Alexander Palagin
Editor
Dmitri Vinnikov
Editor
Nikolai Stoianov
Editor
Mark Zhelezniak
Editor
Volodymyr Kazymyr
Editor
Abstract
Cyber defense requires research and investment in advanced technological solution as well as in the development of effective methods and tools for identifying cyber threats and risks. This implies a need for a well-defined process for user requirements elicitation. The paper presents a structured approach for the identification of cybersecurity knowledge and elicitation of user needs, based on the development of specific use cases. Employing use cases is an effective way to identify the cyber security gaps. Example use case descriptions of the attacks on а general computer network are given. The proposed use cases are analyzed within CAIRIS platform. The modelling process confirms that CAIRIS is a powerful tool to enrich the context of threat models and UML class diagrams. Also, the modelling with CAIRIS could support using security-by-design principles. The research is conducted under the activities of “The European network of Cybersecurity centres and competence Hub for innovation and Operations” (ECHO) project.
Citation
KATOS, V., KI-ARIES, D., FAILY, S., GENCHEV, A., BOZHILOVA, M. and STOIANOV, N. 2022. Cybersecurity user requirements analysis: the ECHO approach. In: Shkarlet, S., Morozov, A., Palagin, A., Vinnikov, D., Stoianov, N., Zhelezniak, M. and Kazymyr, V. (eds.) Mathematical modeling and simulation of systems: selected papers from the proceedings of the 16th International scientific-practical conference on mathematical modeling and simulation of systems (MODS 2021), 28 June - 1 July 2021, Chernihiv, Ukraine. Lecture notes in networks and systems, 344. Cham: Springer [online], pages 405-421. Available from: https://link.springer.com/book/9783030899011
Conference Name | 16th International scientific-practical conference on mathematical modeling and simulation of systems (MODS 2021) |
---|---|
Conference Location | Chernihiv, Ukraine |
Start Date | Jun 28, 2021 |
End Date | Jul 1, 2021 |
Acceptance Date | Jun 14, 2021 |
Online Publication Date | Jan 1, 2022 |
Publication Date | Dec 31, 2022 |
Deposit Date | Feb 23, 2022 |
Publicly Available Date | Jan 2, 2023 |
Publisher | Springer |
Pages | 405-421 |
Series Title | Lecture notes in networks and systems (LNNS) |
Series Number | 344 |
Series ISSN | 2367-3370 |
Book Title | Mathematical modeling and simulation of systems: selected papers from the proceedings of the 16th International scientific-practical conference on mathematical modeling and simulation of systems (MODS 2021), 28 June - 1 July 2021, Chernihiv, Ukraine. |
ISBN | 9783030899011; 9783030899042 |
DOI | https://doi.org/10.1007/978-3-030-89902-8_30 |
Keywords | Cyber defense; User requirements elicitation; Use case analysis; CAIRIS modelling |
Public URL | https://rgu-repository.worktribe.com/output/1428236 |
Files
KOTOS 2022 Cybersecurity user requirements (AAM)
(1.1 Mb)
PDF
Copyright Statement
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2022. This accepted manuscript is subject to the Springer Nature terms of use for archived versions of subscription articles and chapters: https://www.springernature.com/gp/open-research/policies/accepted-manuscript-terms
You might also like
Privacy goals for the data lifecycle.
(2022)
Journal Article
Automation and cyber security risks on the railways: the human factors implications.
(2022)
Presentation / Conference
Assessing system of systems information security risk with OASoSIS.
(2022)
Journal Article
Integrated design framework for facilitating systems-theoretic process analysis.
(2022)
Conference Proceeding
Use-case informed task analysis for secure and usable design solutions in rail.
(2021)
Conference Proceeding