ARTICLE | doi:10.20944/preprints202303.0331.v1
Subject: Mathematics & Computer Science, Information Technology & Data Management Keywords: Cyber-physical system; Internet of things; Security pattern; Security solution frame
Online: 20 March 2023 (02:12:35 CET)
Sensors and actuators are fundamental units in Cyber-Physical and Internet of Things systems. Because they are included in a variety of systems, using many technologies, it is very useful to characterize their functions abstractly by describing them as Abstract Entity Patterns (AEPs), that are patterns that describe abstract conceptual entities. For concreteness, we study them here in the context of autonomous cars. An autonomous car is a complex system because, in ad-dition to its own complex design, it interacts with other vehicles and with the surrounding in-frastructure. To handle these functions, it must incorporate various technologies from different sources. An autonomous car is an example of a Cyber-Physical System, where some of its func-tions are performed by Internet of Things units. Sensors are extensively used in autonomous cars to measure physical quantities; actuators are commanded by controllers to perform appro-priate physical actions. From AEPs we can derive concrete patterns, a structure combining re-lated AEPs is an Entity Solution Frame (ESF). Both sensors and actuators are susceptible to mali-cious attacks due to the large attack surface of the system where they are used. Our work is in-tended to make autonomous cars more secure, which also increases their safety. Our final objec-tive is to build a Security Solution Frame for sensors and actuators of autonomous cars that will facilitate their secure design. A Security Solution Frame is a solution structure that groups to-gether and organizes related security patterns. This article is the first stage of a secure unit that can be used to design not only secure autonomous cars but also any system where sensors and actuators are used. This paper concentrates on AEPs and ESFs for sensors and actuators; that is, on the functional aspects of these devices.
ARTICLE | doi:10.20944/preprints201904.0106.v1
Subject: Engineering, Other Keywords: cloud computing; security patterns; privacy patterns; software and system architecture
Online: 9 April 2019 (11:46:02 CEST)
Requirements for cloud services include security and privacy. Although many security patterns, privacy patterns, and non-pattern-based knowledge have been reported, knowing which pattern or combination of patterns to use in a specific scenario is challenging due to the sheer volume of options and the layered cloud stack. To deal with security and privacy in cloud services, this study proposes the Cloud Security and Privacy Metamodel (CSPM). CSPM uses a consistent approach to classify and support existing security and privacy patterns. In addition, CSPM is used to develop a security and privacy awareness process to develop cloud systems. The effectiveness and practicality of CSPM is demonstrated via several case studies.