Publikationen

21 Publikation(en)

Risk-driven Security Engineering in the Automotive Domain

Daniel Angermeier and Jörn Eichler

escar USA | 2016-04-22

Erschienen in: Embedded Security in Cars (escar USA)

Agile Threat Assessment and Mitigation: An Approach for Method Selection and Tailoring

Clemens Teichmann and Stephan Renatus and Jörn Eichler

Erschienen in: International Journal of Secure Software Engineering

Security engineering and agile development are often perceived as a clash of cultures. To address this clash, several approaches have been proposed that allow for agile security engineering. Unfortunately, agile development organizations differ in their actual procedures and environmental properties resulting in varying requirements. The authors propose an approach to compare and select methods for agile security engineering. Furthermore, their approach addresses adaptation or construction of a tailored method taking the existing development culture into account. The authors demonstrate the feasibility of their proposal and report early experiences from its application within a small development organization for digital solutions in the automotive domain.

Vernetzte IT-Sicherheit in Kritischen Infrastrukturen

Marian Margraf and Steven Müller and Sophia Harth and Jörn Eichler

Erschienen in: DIN Mitteilungen

Sichere Business-Apps unter Android

Julian Schütte and Jörn Eichler and Dennis Titze

Springer Vieweg | 2016

Erschienen in: Mobile Anwendungen in Unternehmen - Konzepte und betriebliche Einsatzszenarien

Method Selection and Tailoring for Agile Threat Assessment and Mitigation

Renatus, S. and Teichmann, C. and Eichler, J.

ARES | 2015-08

Erschienen in: 10th International Conference on Availability, Reliability and Security (ARES 2015)

http://dx.doi.org/10.1109/ARES.2015.96

Security engineering and agile development are often perceived as a clash of cultures. To address this clash, several approaches have been proposed that allow for agile security engineering. Unfortunately, agile development organization differ in their actual procedures and environmental properties resulting in varying requirements. We propose an approach to compare and select methods for agile security engineering. Furthermore, our approach addresses adaptation or construction of a tailored method taking the existing development culture into account. We demonstrate the feasibility of our proposal and report early experiences from its application within a small development organization for digital solutions in the automotive domain.

Thema: security of data;software prototyping;agile security engineering;agile software development;agile threat assessment;automotive domain;Data models;Guidelines;Organizations;Planning;Proposals;Security;Training;Scrum (Software development);Threat modeli

Improving prioritization of software weaknesses using security models with AVUS

Stephan Renatus and Corrie Bartelheimer and Jörn Eichler

IEEE | 2015

Erschienen in: Proceedings of the 15th IEEE International Working Conference on Source Code Analysis and Manipulation

Testing tools for application security have become an integral part of secure development life-cycles. Despite their ability to spot important software weaknesses, the high number of findings require rigorous prioritization in many environments. Most testing tools provide generic ratings to support prioritization. Unfortunately, ratings from established tools lack context information especially with regard to the security requirements of respective components or source code. Thus experts often spend a great deal of time re-assessing the prioritization provided by these tools. This paper introduces our lightweight tool AVUS that adjusts context-free ratings of software weaknesses according to a user-defined security model. We also present a first evaluation applying AVUS to a well-known open source project and the findings of a popular, commercially available application security testing tool.

Modular risk assessment for the development of secure automotive systems

Jörn Eichler and Daniel Angermeier

VDI | 2015

Erschienen in: 31. VDI/VW-Gemeinschaftstagung Automotive Security

Monitoring Security Compliance of Critical Processes

Roland Rieke and Jürgen Repp and Maria Zhdanova and Jörn Eichler

IEEE | 2014

Erschienen in: Proceedings of the 22nd Euromicro International Conference on Parallel, Distributed, and Network-based Processing

Enforcing security in process-aware information systems at runtime requires the monitoring of systems’ operation using process information. Analysis of this information with respect to security and compliance aspects is growing in complexity with the increase in functionality, connectivity, and dynamics of process evolution. To tackle this complexity, the application of models is becoming standard practice. Considering today’s frequent changes to processes, model-based support for security and compliance analysis is not only needed in pre-operational phases but also at runtime. This paper presents an approach to support evaluation of the security status of processes at runtime. The approach is based on operational formal models derived from process specifications and security policies comprising technical, organizational, regulatory and cross-layer aspects. A process behavior model is synchronized by events from the running process and utilizes prediction of expected close-future states to find possible security violations and allow early decisions on countermeasures. The applicability of the approach is exemplified by a scenario from a hydroelectric power plant.

Voll ausgereift -- Sichere Software mit OpenSAMM, BSIMM und SSE-CMM

Jörn Eichler

Heise | 2013

Erschienen in: iX

Dass Software sensible Daten sicher verarbeiten sollte, dürfte Konsens sein. Doch das Messen und Vergleichen der relevanten Parameter ist keineswegs einfach. Reifegradmodelle sollen dabei helfen, Sicherheitslücken im Entwicklungsprozess zu schließen.

SecEPM: A Security Engineering Process Model for Electronic Business Processes

Jörn Eichler

IEEE | 2012

Erschienen in: Proceedings of the 9th IEEE International Conference on e-Business Engineering (ICEBE 2012)

Supporting Security Engineering at Design Time with Adequate Tooling

Jörn Eichler and Andreas Fuchs and Nico Lincke

IEEE | 2012

Erschienen in: Proceedings of the 15th IEEE International Conference on Computational Science and Engineering (CSE 2012)

Towards a Security Engineering Process Model for Electronic Business Processes

Jörn Eichler

CoRR | 2012

Erschienen in: Fast Abstracts \& Student Forum Proceedings of the 9th European Dependable Computing Conference (EDCC 2012)

Modellgetriebener IT-Grundschutz: Erstellung und Analyse von IT-Sicherheitskonzeptionen in offenen Werkzeugketten

Jörn Eichler

Bundesamt für Sicherheit in der Informationstechnik | 2011

Erschienen in: Sicher in die digitale Welt von morgen -- Tagungsband zum 12. Deutschen IT-Sicherheitskongress

IT-Sicherheitskonzeptionen sind ein zentrales Element des Informationssicherheitsmanagements auf Basis des IT-Grundschutz. Sie umfassen Ergebnisse der Strukturanalyse und der Schutzbedarfsfeststellung sowie Maßnahmen zur Behandlung der identifizierten Risiken. Sie stellen damit einerseits eine wertvolle Informationsbasis an den Schnittstellen zu anderen Unternehmensfunktionen bereit, werden andererseits aber auch durch zahlreiche (Änderungs-) Prozesse innerhalb von Unternehmen berührt. Wir schlagen mit SeCoML eine domänenspezifische Modellierungssprache für IT-Sicherheitskonzeptionen vor, die eine Grundlage für die Unterstützung des Lebenszyklus von IT-Sicherheitskonzeptionen in einer dynamischen Umgebung darstellt. Unter Verwendung modellgetriebener Verfahren für die Softwareentwicklung stellen wir ein Werkzeug zur Erstellung und Analyse von IT-Sicherheitskonzeptionen bereit und integrieren dieses in eine offene Werkzeugkette.

Sicherheitsverwalter. Management-Werkzeuge für die Informationssicherheit

Jörn Eichler and Mike Bona-Stecki and Thomas Wiezcorek

Heise | 2011

Erschienen in: iX

Immer mehr Unternehmen planen die Einführung eines Informationssicherheitsmanagementsystems.Welche Funktionen Werkzeuge zu dessen Unterstützung aufweisen sollten und welche Anbieter im deutschsprachigen Markt aktiv sind, stellt der folgende Artikel vor.

Lightweight Modeling and Analysis of Security Concepts

Eichler, Jörn

Springer | 2011

Erschienen in: Engineering Secure Software and Systems (ESSoS 2011)

Modeling results from risk assessment and the selection of safeguards is an important activity in information security management. Many approaches for this activity focus on an organizational perspective, are embedded in heavyweight processes and tooling and require extensive preliminaries. We propose a lightweight approach introducing SeCoML – a readable language on top of an established methodology within an open framework. Utilizing standard tooling for creation, management and analysis of SeCoML models our approach supports security engineering and integrates well in different environments. Also, we report on early experiences of the language’s use.

The ADiWa Project - On the Way to Just-in-Time Process Dynamics Based on Events from the Internet of Things

Schief, Markus and Kuhn, Christian and Zimmermann, Birgit and Rösch, Phillipp and Waterfeld, Walter and Schimmelpfennig, Jens and Mayer, Dirk and Maus, Heiko and Eichler, Jörn

SciTePress | 2011

Erschienen in: Enterprise Information Systems (ICEIS 2011)

In this paper, we introduce a concept, which focuses on innovative commercial system implementations reflecting process-embedded events from the Internet of Things. The developed concepts are derived from experiences applying recent research advances to industry scenarios. The rationale behind the overall concept is twofold: while transparency is increased by event-based methodologies in the context of the Internet of Things, the agility of business processes is fostered by enhanced business process models, orchestration support, execution control,and user assistance.

Thema: Event-based system, Event processing, Context awareness, Dynamic business processes, Internet of things

Model-based Situational Security Analysis

Eichler, J. and Rieke, R.

CEUR | 2011

Erschienen in: Workshop on Models@run.time (MRT 2011)

Security analysis is growing in complexity with the increase in functionality, connectivity, and dynamics of current electronic business processes. To tackle this complexity, the application of models in pre-operational phases is becoming standard practice. Runtime models are also increasingly applied to analyze and validate the actual security status of business process instances. In this paper we present an approach to support not only model-based evaluation of the current security status of business process instances, but also to allow for decision support by analyzing close-future process states. Our approach is based on operational formal models derived from development-time process and security models. This paper exemplifies our approach utilizing real world processes from the logistics domain and demonstrates the systematic development and application of runtime models for situational security analysis.

Thema: security requirements elicitation, predictive security analysis, analysis of business process behavior, security modeling and simulation, security monitoring

Sicherheitsmodellierung dynamischer Geschäftsprozesse

Eichler, J.

BMBF | 2010-02

Erschienen in: Deliverable D.G7.2 im Forschungsprojekt ADiWa (BMBF Förderkennzeichen 01IA08006)

Produktivsysteme sicher testen. Praktische Vorsichtsmaßnahmen für Penetrationstests

Jörn Eichler and Sven Türpe

<kes> | 2010

Erschienen in: kes

Testing Production Systems Safely: Common Precautions in Penetration Testing

Sven Türpe and Jörn Eichler

IEEE | 2009

Erschienen in: Proceedings of the 4th IEEE Testing: Academic and Industrial Conference (TAIC-PART 2009)

Unlike testing in a laboratory or test bed situation, the testing of production systems requires precautions to avoid side effects that might damage or disturb the system, its environment, or its users. This paper outlines safety precautions to be taken when testing production systems. Specifically we discuss precautions for penetration testing aiming at identifying security vulnerabilities. We generalize and document experience we gained as penetration testers, describing how the risks of testing can be mitigated through selection of test cases and techniques, partial isolation of subsystems and organizational measures. Though some of the precautions are specific to security testing, our experience might be helpful to anyone testing production systems.

Thema: security test, penetration test, risk mitigation

eNAQ: A Prototype for an electronic Version of the UN National Accounts Questionnaire

Müller, P. and Eichler, J. and Lenz, H.J.

School of Business & Economics, Freie Universität Berlin | 2004