Security assessment of a system is a difficult problem. Most of the current efforts in security
assessment involve searching for known vulnerabilities. Finding unknown vulnerabilities still …

This paper presents a graph-based approach to network vulnerability analysis. The method
is flexible, allowing analysis of attacks from both outside and inside the network. It can …

New viewpoints of covert channels are presented in this work. First, the origin of covert
channels is traced back to acc ess control and a new class of covert channel, air-gap covert …

Component based software technologies are viewed as essential for creating the software
systems of the future. However, the use of externally-provided components has serious …

This paper presents a framework that lets a component de-veloper provide a component
user with different kinds of information, depending on the specific context and needs. The …

In this work, we study the ability for malware to leak sensitive information from an air-gapped
high-security system to systems on a low-security network, using ultrasonic and audible …

Recent years have seen an explosion of data volumes from a myriad of distributed sources
such as ubiquitous cameras and various sensors. The challenges of analyzing these …

Abstract COTS-Based Systems (CBS) development focuses on building large software
systems by integrating previously existing software components. CBS success depends on …

The ROI from Software Quality provides the tools needed for software engineers and project
managers to calculate how much they should invest in quality, what benefits the investment …

Security is a cross-cutting concern in software intensive systems and should consequently
be subject to careful architectural analysis and decision making. The requirements for …