On the role of primary and secondary assets in adaptive security: An application in smart grids

Liliana Pasquale*, Mazeiar Salehie, Raian Ali, Inah Omoronyia, Bashar Nuseibeh

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Citations (Scopus)

Abstract

Adaptive security aims to protect valuable assets managed by a system, by applying a varying set of security controls. Engineering adaptive security is not an easy task. A set of effective security countermeasures should be identified. These countermeasures should not only be applied to (primary) assets that customers desire to protect, but also to other (secondary) assets that can be exploited by attackers to harm the primary assets. Another challenge arises when assets vary dynamically at runtime. To accommodate these variabilities, it is necessary to monitor changes in assets, and apply the most appropriate countermeasures at runtime. The paper provides three main contributions for engineering adaptive security. First, it proposes a modeling notation to represent primary and secondary assets, along with their variability. Second, it describes how to use the extended models in engineering security requirements and designing required monitoring functions. Third, the paper illustrates our approach through a set of adaptive security scenarios in the customer domain of a smart grid. We suggest that modeling secondary assets aids the deployment of countermeasures, and, in combination with a representation of assets variability, facilitates the design of monitoring functions.

Original languageEnglish
Title of host publication2012 7th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2012 - Proceedings
PublisherIEEE Computer Society
Pages165-170
Number of pages6
ISBN (Print)9781467317870
DOIs
Publication statusPublished - 2012
Externally publishedYes
Event7th ACM/IEEE International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2012 - Zurich, Switzerland
Duration: 4 Jun 20125 Jun 2012

Publication series

NameICSE Workshop on Software Engineering for Adaptive and Self-Managing Systems
ISSN (Print)2157-2305
ISSN (Electronic)2156-7891

Conference

Conference7th ACM/IEEE International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2012
Country/TerritorySwitzerland
CityZurich
Period4/06/125/06/12

Keywords

  • Adaptive security
  • Adaptive software
  • Assets
  • Smart grid

Fingerprint

Dive into the research topics of 'On the role of primary and secondary assets in adaptive security: An application in smart grids'. Together they form a unique fingerprint.

Cite this