Institute for Software Research Seminar

  • Gates Hillman Centers
  • Reddy Conference Room 4405
  • Lecturer, University College Dublin
  • and, Researcher
  • Lero - the Irish Software Research Centre

Incidents are meant for learning, not repeating: Sharing Knowledge About Security Incidents in Cyber-Physical Systems

Cyber-physical systems (CPSs) are part of most critical infrastructures such as industrial automation and transportation systems. Thus, security incidents targeting CPSs can have disruptive consequences to assets and people. As prior incidents tend to re-occur, sharing knowledge about these incidents can help organizations being more prepared to prevent, mitigate or investigate future incidents. In this talk I will present a novel approach to enable representation and sharing of knowledge about security incidents in cyber-physical systems. To capture characteristics of security incidents that can manifest again, such as incident activities or vulnerabilities exploited by offenders, incident patterns are modelled  Incident patterns are a more abstract representation of specific incident instances and, thus, are general enough to be instantiated to various cyber-physical systems - different than the one in which the incident occurred. They can also avoid disclosing potentially sensitive information about an organization’s assets and resources.

 In my talk I will also present two  automated techniques to support sharing of incident knowledge. The first technique extracts incident patterns from specific incident instances. While the second instantiated  e incident patterns to specific cyber-physical systems in order to assess whether and how incident patterns can manifest again in other cyber-physical systems. I will showcase the approach in the application domain of smart buildings and I will evaluate  correctness, scalability, and performance using  a more compelling example  inspired by real-world systems and incidents. Finally I will have a look ahead towards future applications of the approach in security, digital forensics and incidents reporting.

Liliana Pasquale received the PhD degree from Politecnico di Milano (Italy), in 2011. She is a lecturer at University College Dublin (Ireland) and a researcher at Lero - the Irish Software Research Centre. Her research interests include requirements engineering and adaptive systems, with particular focus on security, privacy, and digital forensics. She has served in the Program and Organizing Committee of prestigious software engineering conferences, such as ICSE, FSE, ASE, RE. She is also part of the review committee of the IEEE TSE journal and the TOSEM journal. Liliana has received a best reviewer award at ICSE 2019 and a best paper award at SEAMS 2014. She currently leads the Science Foundation Ireland SIRG Project For-CoPS - Forensics Investigations of Cyber-Physical Incidents.

Faculty Host: David Garlan

For More Information, Please Contact: