Skip to main content

Research Repository

Advanced Search

Identifying implicit vulnerabilities through personas as goal models. (2020)
Conference Proceeding
FAILY, S., IACOB, C., ALI, R. and KI-ARIES, D. 2020. Identifying implicit vulnerabilities through personas as goal models. In Katsikas, S., Cuppens, F., Cuppens, N., Lambrinoudakis, C., Kalloniatis, C., Mylopoulos, J., Antón, A., Gritzalis, S., Meng, W. and Furnell, S. (eds.) Computer security: ESORICS 2020 international workshops, CyberICPS, SECPRE, and ADIoT: revised selected papers from the 4th International workshop on security and privacy requirements engineering (SECPRE 2020), co-located with the 25th European symposium on research in computer security (ESORICS 2020), 14-18 September 2020, Guildford, UK. Lecture notes in computer science, 12501. Cham: Springer [online], pages 185-202. Available from: https://doi.org/10.1007/978-3-030-64330-0_12

When used in requirements processes and tools, personas have the potential to identify vulnerabilities resulting from misalignment between user expectations and system goals. Typically, however, this potential is unfulfilled as personas and system go... Read More about Identifying implicit vulnerabilities through personas as goal models..

Contextualisation of data flow diagrams for security analysis. (2020)
Conference Proceeding
FAILY, S., SCANDARIATO, R., SHOSTACK, A., SION, L. and KI-ARIES, D. 2020. Contextualisation of data flow diagrams for security analysis. In Eades, H. III and Gadyatskaya, O. (eds.) Graphical models for security: revised selected papers from the proceedings of the 7th International workshop on graphical models for security (GraMSec 2020), 22 June 2020, Boston, USA. Lecture notes in computer science, 12419. Cham: Springer [online], pages 186-197. Available from: https://doi.org/10.1007/978-3-030-62230-5_10

Data flow diagrams (DFDs) are popular for sketching systems for subsequent threat modelling. Their limited semantics make reasoning about them difficult, but enriching them endangers their simplicity and subsequent ease of take up. We present an appr... Read More about Contextualisation of data flow diagrams for security analysis..

The impact of undergraduate mentorship on student satisfaction and engagement, teamwork performance, and team dysfunction in a software engineering group project. (2020)
Conference Proceeding
IACOB, C. and FAILY, S. 2020. The impact of undergraduate mentorship on student satisfaction and engagement, teamwork performance, and team dysfunction in a software engineering group project. In Proceedings of the 51st ACM technical symposium on computer science education (SIGCSE 2020), 11-14 March 2020, Portland, USA. New York: ACM [online], pages 128-134. Available from: https://doi.org/10.1145/3328778.3366835

Mentorship schemes in software engineering education usually involve professional software engineers guiding and advising teams of undergraduate students working collaboratively to develop a software system. With or without mentorship, teams run the... Read More about The impact of undergraduate mentorship on student satisfaction and engagement, teamwork performance, and team dysfunction in a software engineering group project..

Identifying safety and human factors issues in rail using IRIS and CAIRIS. (2020)
Conference Proceeding
ALTAF, A., FAILY, S., DOGAN, H., MYLONAS, A. and THRON, E. 2020. Identifying safety and human factors issues in rail using IRIS and CAIRIS. In Katsikas, S., Cuppens, F., Cuppens, N., Lambrinoudakis, C., Kalloniatis, C., Mylopoulos, J., Antón, A., Gritzalis, S., Pallas, F., Pohle, J., Sasse, A., Meng, W., Furnell, S. and Garcia-Alfaro, J. (eds.) Computer security: ESORICS 2019 international workshops, CyberICPS, SECPRE, SPOSE and ADIoT: revised selected papers from the 5th Workshop on security of industrial control systems and cyber-physical systems (CyberICPS 2019), co-located with the 24th European symposium on research in computer security (ESORICS 2019), 26-27 September 2019, Luxembourg City, Luxembourg. Lecture notes in computer science, 11980. Cham: Springer [online], pages 98-107. Available from: https://doi.org/10.1007/978-3-030-42048-2_7

Security, safety and human factors engineering techniques are largely disconnected although the concepts are interlinked. We present a tool-supported approach based on the Integrating Requirements and Information Security (IRIS) framework using Compu... Read More about Identifying safety and human factors issues in rail using IRIS and CAIRIS..