SDLC

DOWNLOAD FULL DOCUMENT

2016

2017

2018

2019

2020

LIST VIEW

RESEARCH TOPIC

RT04 Cryptography

RT01 Anti malware

RT12 New objects

RT17 Threat intelligence

RT08 Information exchange

RT16 SDCL & Architectures

RT07 Healthcare

RT11 Awareness

RT09 Law & order

RT10 Networking

RT15 Social resilience

RT05 CyberCrime Economy

RT02 Authentication

RT14 SCADA & CIP

RT19 Vulnerability assessment

RT06 Forensics

RT03 Behavioural security

RT18 Trust chain & identity

READ AN ABSTRACT

ABSTRACT

SDLC & ARCHITECTURES

Insecure software, even when executed in trusted computing environments, still represents a potential enabling factor for cybercrime and cyberterrorism scenarios. At the same time, even the most secure and bug-free software when run in untrusted execution environments, represents an important and often underestimated risk. Hence, the adoption of threat modelling techniques is to be considered fundamental in order to implement a Secure Software Development Lifecycle (SDLC) enabling the implementation of risk management best practices and the usage of well-known metrics. Other promising and interesting techniques aiming at protecting programs even if they contain vulnerabilities are still considered not mature and further research efforts needs to be spent in order to let them being effective. The efficiency of the threat modelling process is also an important factor affecting the security of developed software: all threats should be modelled, understood and properly rated as relevant (or not) considering the large degree of subjectivity involved in this process.

DOWNLOAD FULL DOCUMENT

SDLC & ARCHITECTURES

#04

Research Action

Extending current security architectures to large distributed systems including players with different background knowledge in Security. Furthermore, new authentication mechanisms need to be devised that provide usable security and continuous authentication

#01

Research Action

Development of coding standards for secure and fault-tolerant cyber-physical system development

#02

Research Action

Standardized interfaces to external modules and systems for providing in-depth security

#03

Research Action

Component and System level penetration-testing procedures during development and integration of complex systems

#05

Research Action

Methodologies to increase preparedness and responsiveness in case of attack, including attacks targeting production process (e.g. to insert malware, backdoors or Trojan in final products)

#06

Research Action

Intelligent IDS, hardening mechanisms and awareness

SDLC & ARCHITECTURES