Centre for Software Reliability
  1. News
  2. Staff
  3. Research
  4. Publications
  5. Courses
  6. Consultancy & Advisory Services
  7. Contact CSR
Software Reliability

CSR Seminars

Date / TimeTitleRoom
13 June 2018 at 15:00

Speaker: Assoc. Prof Ludovic Apvrille, LabSoC.

Title:SysML-Sec: A Model-Driven Approach for Designing Safe and Secure Embedded Systems

Abstract: The presence of communicating embedded systems/IoTs in our daily lives have brought a myriad of benefits, from adding conveniences and entertainment, to improving the safety of our commutes and healthcare.

However, the flaws and vulnerabilities in these devices expose their users to risks of property damage, monetary losses, and personal injury.

Various safety and security mechanisms for embedded systems, especially connected vehicles, have been proposed. To select and place these mechanisms correctly require methods of analysing and verifying that the system meets all safety, security, and performance requirements, preferably at the early design phases to minimize costly re-work after production. This talk will discuss the safety and security considerations for embedded systems based on the SysML-Sec Model-Driven Engineering approach.

Basically, the SysML-Sec approach covers the following embedded systems development phases: requirements, attack and fault trees, HW/SW partitioning and software design. The talk will cover all phases with a focus on the partitioning stage.

SysML-Sec is supported with the free and open source toolkit TTool.

A live demonstration of the main concepts will be performed.

Short Biography: Ludovic Apvrille obtained his M.Sc. in Computer Science, Network and Distributed Systems specialization in 1998 from ENSEIRB and ISAE. He then completed a Ph.D. in 2002, in the Department of Applied Mathematics and Computer Science at ISAE, in collaboration with LAAS-CNRS and Alcatel Space Industries (now, Thalès Alenia Space). After a postdoctoral term at Concordia University (Canada), he joined LabSoc in 2003 as an assistant professor at Telecom ParisTech, in the Communication and Electronics department. He obtained his HDR (Habilitation à Diriger les Recherches) in 2012. His research interests focus on tools and methods for the modelling and verification of embedded systems and Systems-on-Chip. Verification techniques target both safety and security properties. He's the inventor and the main contributor of the open-source UML/SysML toolkit named TTool. He's the team leader of the LabSoC.

AG06

29 January 2018

13:00 -14:00

Speaker: Ass. Prof Barbara Gallina, Mälardalen University, Sweden

Title: How to increase efficiency with the certification of process compliance

Abstract: Certification as well as self-assessment of safety-critical systems is an expensive and time-consuming activity due to the necessity of providing numerous deliverables. These deliverables can be process-related or product-related. Process-related deliverables are aimed at showing compliance with normative documents (e.g.,safety standards), which impose specific requirements on the development process (e.g., reference models for the safety life-cycles). In this talk, we limit our attention to process-related deliverables and we propose possible solutions aimed at reducing time and cost related to their provision.

Short Biography: Barbara Gallina is Associate Professor of Dependable Software Engineering at Mälardalen University. Currently, she is Vice-chair of the security subgourp within EWICS and  member of IEEE SMC Technical Committee on Homeland Security (TCHS). Within AMASS, a large EU-ECSEL funded project, she is playing various roles: technical manager at the global level, work package leader, task leader, and land coordinator. She was also the leader of the dependability-related work packages in the EU-Artemis funded SafeCer and CONCERTO projects. She has been visiting researcher at Scania AB, via the SSF-SM14-0013 grant. She has been member of several program committees related to dependability such as SafeComp, ISSRE, EDCC, COMPSAC, QUORS, WoSoCER, SASSUR, ReSACI, ISSA.

She got a M.Sc. in Computer Engineering and a II-level Master in IT, both from Politecnico di Milano (Italy). She got her PhD in Computer Science from the University of Luxembourg (Luxembourg).

Barbara Gallina' research interests focus on various aspects of dependable (software) systems engineering and certification. More specifically, she is interested in developing languages, methods, and processes for: 1) modelling, analysis, justification and certification of complex (computer-based) systems, 2) systematic reuse of certification artifacts (product, process, assurance case-related evidence), 3) multi-concern assurance, 4) continuous certification via tool integration, 5) compliance management 6) certification-related evidence engineering (immediate, direct, and indirect) 7) safety culture.

AG04

13 July 2017
13:00 - 14:00

Speaker: Dr Roberto Pietrantuono, Federico II University of Naples, Italy

Title: Testing for software reliability assessment and improvement

Abstract: Testing software efficiently for reliability improvement and/or assessment is an as much old and studied topic as a still open and tricky challenge. It is related to the ability of appropriately designing testing strategies to get the best result (in terms of delivered reliability or of accurate reliability estimate) at low cost.

Conventional techniques are based on the operational profile (a.k.a. operational testing) and on software reliability growth models (SRGMs). Although these are pillars of software reliability engineering, they suffer from serious limitations related to the assumptions they rely on, but also related to their inherent inability to cope with ultra-reliable systems.

The seminar surveys some of the fundamental issues of reliability testing. It then presents practical policies to allocate testing effort optimally from the reliability perspective, and to design new sampling-based strategies for efficient test cases selection.

Short Biography: Roberto Pietrantuono, Ph.D., IEEE Senior Member, is a postdoctoral research fellow at the Federico II University of Naples, Italy, where he works with the Dependable Systems Software Engineering Research Team (DESSERT, www.dessert.unina.it).

He received the MS degree in computer engineering in 2006, and the PhD in computer and automation engineering in 2009, both from the Federico II University of Naples. In 2011, he co-founded the Critiware spin-off company (www.critiware.com), an innovative startup active in the field of quality assurance of critical software systems. He has been research fellow at CINI, the Italian inter-university consortium for informatics, working in national and European projects (ICEBERG - http://www.iceberg-sqa.eu/ ; TENACE - www.dis.uniroma1.it/~tenace/ ; the COSMIC public-private laboratory with Leonardo Finmeccanica).

His main interests are in the area of software quality, software reliability and V&V for critical systems.

AG01
30 June 2017
13:00 - 14:00

Speaker: Prof Kishor S. Trivedi, Duke University, North Carolina, USA

Title: Reliability and Availability Modeling in Practice

Abstract: High reliability and availability is a requirement for most technical systems. Reliability and availability assurance methods based on probabilistic models is the topic being addressed in this seminar. Non-state-space solution methods are often used to solve models based on reliability block diagrams, fault trees and reliability graphs. Relatively efficient algorithms are known to handle systems with hundreds of components and have been implemented in many software packages. Nevertheless, many practical problems cannot be handled by such algorithms. Bounding algorithms are then used in such cases as was done for a major subsystem of Boeing 787. Non-state-space methods derive their efficiency from the independence assumption that is often violated in practice. State space methods based on Markov chains, stochastic Petri nets, semi-Markov and Markov regenerative processes can be used to model various kinds of dependencies among system components. However, the resulting state space explosion severely restricts the size of the problem that can be solved. Hierarchical and fixed-point iterative methods provide a scalable alternative that combines the strengths of state space and non-state-space methods and have been extensively used to solve real-life problems. We will take a journey through these model types via interesting real-world examples.

Short Biography: Kishor Trivedi holds the Hudson Chair in the Department of Electrical and Computer Engineering at Duke University, Durham, NC. He has a B. Tech (EE, 1968) from IIT Mumbai, M.S. (CS, 1972) and PhD (CS, 1974) from the University of Illinois, Urbana-Champaign.  He has been on the Duke faculty since 1975. He is the author of a well-known text entitled, Probability and Statistics with Reliability, Queuing and Computer Science Applications, first published by Prentice-Hall; a thoroughly revised second edition (including its Indian edition) of this book has been published by John Wiley. This book has been recently translated into Chinese. He is a Life Fellow of the Institute of Electrical and Electronics Engineers. He has published over 500 articles and has supervised 46 Ph.D. dissertations. He is the recipient of IEEE Computer Society Technical Achievement Award for his research on Software Aging and Rejuvenation.

AG01
7 April 2017
12:00 - 13:00

Speaker: Ken Keefe
Title: Generating Attack Graph Models from Community Drive Ontology Libraries
Abstract: This talk will present the ADversary VIew Security Evaluation (ADVISE) modeling formalism, which is used to create an attack graph model of a cyber-physical system. Coupling the attack graph with an adversary profile, the model is evaluated using discrete event simulation to calculate values for user-defined metrics. This approach has been used to make cyber-physical system design choices and understand the security and performance impact of those decisions. This talk will also discuss the next evolution of this work, which generates the attack graph from a UML-like system diagram through the use of community-driven ontology definitions.

Short Bio: Ken Keefe is a Senior Software Engineer at the Information Trust Institute at the University of Illinois at Urbana-Champaign. Ken has been studying stochastic models for security and reliability analysis and building tools to understand these models at ITI for the past decade.

AG01
28 March 2017
13:00 - 14:00

Speaker: Prof Wolter
Title: Assessing dependability of mobile computing systems
Abstract: Mobile application offloading moves compute intensive jobs from energy-constrained mobile devices to powerful servers or the Cloud. The decision when and what to offload depends on many factors. Next to the obvious ones, the application and network connectivity, it also depends on the metrics of interest. I will show how to balance energy concerns with response time requirements. Even with the same attributes the formulation of the trade-off between them has an impact on the decisions taken based on the metric. I will talk about how to investigate trade-offs in the setting of mobile offloading.

Short Bio: Prof Wolter is Professor at Freie Universität Berlin. She is the head of the Dependable Systems Group. Their field of research is adaptive and resilient distributed computing systems using stochastic models and online versions of machine learning techniques. She is interested in measuring and evaluating dependability, performance, and security of complex computing systems, with a particular focus on timing behaviour. Within their group they employ a broad range of assessment and evaluation techniques for computing systems and networks, ranging from fault-injection test-beds to simulation and analytical techniques. They develop efficient and accurate modelling and evaluation techniques, applying e.g. Phase-Type distributions in fault-modelling for fault-injection experiments and hybrid discrete-event simulation. They study a large variety of systems, including wireless networks, mobile telephony networks, service-oriented systems, and Computing Clouds.

AG05
12 May 2016
14:30 - 16:30

Speaker: Patrick Rubin-Delanchy
Title: Bayesian Anomaly Detection for Cyber-Security Applications
Abstract: In this talk, I outline a general modus operandi under which to perform intrusion detection at scale. The over-arching principle is this: a network monitoring tool has access to large stores of data on which it can learn `normal' network behaviour. On the other hand, data on intrusions are relatively rare. This imbalance invites us to frame intrusion detection as an anomaly detection problem where, under the null hypothesis that there is no intrusion, the data follow a machine-learnt model of behaviour, and, under the alternative that there is some form of intrusion, certain anomalies in that model will be apparent. This approach to cyber-security poses some important statistical challenges. One is modelling a complex data structure, that is at the same time a set of point processes and a network. Another is the actual deployment of statistical methodology over such large scale and heterogeneous data. Finally, a number of anomaly detection problems arise, for example, `finding a needle in a haystack', combining anomalies through time and across the network, and incorporating model uncertainty.

Short Bio: Patrick Rubin-Delanchy obtained a PhD in Statistics from Imperial College London in 2008. Since November 2015, he has held a Heilbronn Research fellowship at the University of Oxford, in the department of Statistics. His research focuses on Bayesian modelling of complex data structures, particularly point processes, networks, and Big Data, with applications in cyber-security, biophysics, and more.

ELG08
28 April 2016
16:00 - 17:30

Speaker: Marco Vieira
Title: On the Metrics for Benchmarking Vulnerability Detection Tool
Abstract: Research and practice show that the effectiveness of vulnerability detection tools depends on the concrete use scenario. Benchmarking can be used for selecting the most appropriate tool, helping assessing and comparing alternative solutions, but its effectiveness largely depends on the adequacy of the metrics. In this seminar we will discuss the problem of selecting the metrics to be used in a benchmark for software vulnerability detection tools. Based on the characteristics of a good metric for the vulnerability detection domain, a set of metrics is analyzed in the context of specific scenarios to select the most adequate one and a MCDA algorithm together with experts’ judgment is applied to validate the conclusions. Results show that although some of the metrics traditionally used like precision and recall are adequate in some scenarios, others require alternative metrics that are seldom used in the benchmarking area.

Short Bio: Marco Vieira is an Associate Professor at the University of Coimbra (UC) and is the Director of the Center for Informatics and Systems of the University of Coimbra (CISUC). Marco’s research focuses mainly in the area of dependable and secure systems, namely in benchmarking and experimental assessment of security and dependability attributes. His research interests also include failure prediction, evaluation and improvement of software robustness, fault injection, database systems and software development processes. Marco Vieira has published more than 150 papers in international conferences and journals with peer reviewing process, and has served on the program committee of the major conferences on the dependability area. Currently, he is the coordinator of the DEVASSES (FP7 IRSES) and EUBrasilCloudFORUM (H2020 CSA) projects and the Principal Investigator at the University of Coimbra for the CECRIS (FP7 IAPP) and EUBra-BIGSEA (H2020 RIA) projects.

AG01
10 December 2015
13:00 - 14:00

Speaker: Prof Ricardo Jimenez-Peris
Title:
Ultra-Scalable Transactional Processing
Abstract:
The talk will present a novel technique for parallel-distributed processing that solves the scalability issue of transactional systems. The talk will introduce why existing transactional processing techniques failed to scale and how LeanXcale has managed to overcome the scalability bottleneck. The talk will also describe the different design decisions that have been taken to attain high levels of efficiency in the materialization of the transactional processing protocol.
Short Bio:
Dr. Ricardo Jimenez-Peris is the CEO & Co-Founder of LeanXcale, a startup that makes an ultra-scalable database. He devoted most of his former scientific career to study how to scale transactional processing and data management. Some years ago, after over 15 years of academic research, he found the perfect solution to scale transactional processing. He quit the university last March to incorporate LeanXcale and commercialize the outcome of this research.
He is also technical coordinator of the CoherentPaaS and LeanBigData FP7 projects, two European projects that are applying the ultra-scalable transactional technology to two different polyglot persistence environments and real-time big data.
He is also member of the expert group advising the European Commission on Cloud Computing. He is co-inventor of three patent applications, co-author of a book on Scalable Database Replication and also over 100 papers in international conferences and journals.
He has served as the PC Chair for the ICDCS 2014, EDCC 2008 and as the General Chair for SRDS 2011.

AG04
26 November 2015
16:00
Speaker: Juan Tapiador
Title: Fencing Off Apps for Fun and Hygiene
Abstract: Some smartphone platforms such as Android have a distinctive message passing system that allows for sophisticated interactions among app components, both within and across app boundaries. This gives rise to various security and privacy risks, including not only intentional collusion attacks via permission re-delegation but also inadvertent disclosure of information and service misuse through confused deputy attacks. In this talk, we first revisit the perils of app coexistence in the same platform and provide an overview of recent efforts to extend static and dynamic information flow analysis techniques to the case of app sets. We then introduce a mitigation mechanism based on segregating apps into isolated groups following classical security compartmentalization principles. Compartments can be implemented using lightweight approaches such as Inter-Component Communication (ICC) firewalling or through virtualization, effectively fencing off each subset of apps. We then leverage recent works on quantified risk metrics for Android apps to couch compartmentalization as a combinatorial optimization problem akin to the classical bin packing or knapsack problems. We study a number of simple yet effective numerical optimization heuristics, showing that very good compartmentalization solutions can be obtained for the problem sizes expected in current's mobile environments.
Short Bio: Juan Tapiador is Associate Professor of Computer Science in the Computer Security (COSEC) Lab at Universidad Carlos III de Madrid, Spain. He obtained a B.Sc. in Computer Science in 2000 from the University of Granada, and then a Ph.D in 2004 from the same university with a dissertation on statistical anomaly detection for network security. Prior to joining UC3M, he worked at the University of York, UK, mainly funded by the ITA project, a joint effort between the UK Ministry of Defence and the US Army Research Lab led by IBM. His main research interests are in computer/network security and applied cryptography. For further information please see: http://www.seg.inf.uc3m.es/~jet
AG01
29 October 2015
16:00 -17:00
Speaker: Dr Dong Seong Kim
Title: Graphical Security Models and Their Applications
Abstract:
Graphical security models can be used to assess the network security. Purely graph based (e.g., Attack Graphs) security models have a state-space explosion problem. Tree-based models (e.g., Attack Trees) cannot capture the path information explicitly. In this talk, we introduce hierarchical attack representation models (HARM) to deal with the above mentioned issues. The main idea is to separate the network topology information (in the upper level) from the vulnerability information of each host (in the lower level). We show how the HARM can be used to assess the cyber security of networked systems using security metrics. We also present how the HARM with other methods to evaluate the effectiveness of Moving Target Defenses. Finally, research revenues in the graphical security modeling and assessment will be discussed.
Short Bio: Dong-Seong “Dan” Kim is a Lecturer (softly equivalent to an assistant professor in the US, but permanent position) in Cyber Security in the Department of Computer Science and Software Engineering at the University of Canterbury, Christchurch, New Zealand since August 2011. He received Ph.D. degree in Computer Engineering from Korea Aerospace University, South Korea in February 2008. He was a visiting scholar at the University of Maryland, College Park, Maryland, U.S.A. during the year of 2007 in Prof. Virgil D. Gligor (Former ACM SIGSAC chair, currently co-director of CyLab at Carnegie Mellon University) Research Group. From June 2008 to July 2011, he was a postdoc at Duke University, Durham, NC, USA in Prof. Kishor S. Trivedi (IEEE fellow)’s Research Group (http://dhaal.ee.duke.edu/). His research interests are in security and dependability for systems and networks; in particular, Intrusion Detection using Data Mining Techniques, Security and Survivability for Wireless Ad Hoc and Sensor Networks and Internet of Things, Availability and Security modeling and analysis of Cloud computing, and Reliability and Resilience modelling and analysis of Smart Grid. More information is at http://cosc.canterbury.ac.nz/dongseong.kim
C143
23 October 2015
2.30pm

Speaker: John Knight
Dependable Computing and University of Virginia
Title: Formal Verification of Mathworks Simulink Models
Abstract: Mathworks Simulink is a popular notation for model-based software development.  The aerospace, automobile and medical industries are
making extensive use of Simulink in production systems.   In this
presentation, I will discuss a formal semantics for Simulink and a general approach to formal verification of properties of Simulink
models.   The properties discussed include safety properties, model
equivalence, and consistency of units and physical dimensions.

A225
7 October 2015
12.30 - 14.00

Speaker: Dr Rasha Osman
Title: Performance Modelling of Databases: Current and Future Issues
Abstract: The Internet, mobile and scientific computing and the ubiquitous deployment of networking infrastructures have created the big data revolution. A large proportion of this data is stored in databases and is managed by database management systems. Performance of these systems is a critical issue linked to user satisfaction and/or revenue, especially in cloud environments.

This talk will overview the contribution of the performance engineering community to modelling and analysing the performance of database systems. We will start with a taxonomy of queueing network models of database systems and look into the accuracy of the modelling assumptions used in these studies in comparison to real database systems and workloads. An overview of our current contributions in modelling relational database systems and cloud datastores will be presented.

Bio: Rasha Osman is a post-doctoral research associate at the Department of Computing, Imperial College London, which she joined in 2011. She obtained a B.Sc. in Computer Science with Honours in 1995 and an M.Sc. in Computer Science in 2001 both from the Faculty of Mathematical Sciences, University of Khartoum, Sudan. After her studies she worked as a lecturer and a software developer in Sudan for 10 years. She completed her Ph.D. in Software Performance Engineering in 2010 at the University of Bradford, UK. Her main interests are in performance modelling and evaluation of database/datastore systems for real-time decision making, specifically in autonomous DBMSs and cloud datastores.  She is a Fellow of the Higher Education Academy (UK), Senior Member of the IEEE & Member of the ACM.

AG08
25 June 2015
4.30 - 5.30

Speaker: Alysson Bessani
Title: Practical State Machine Replication and Beyond
Abstract:
State machine replication protocols like Paxos are used for implementing fault-tolerant critical services of internet-scale infrastructures like the ones operated by Amazon, Google and Facebook. In this talk we discuss some of these uses and describe important issues found when employing state machine replication in practical scenarios. In particular, we discuss the modularity, efficiency, durability and elasticity of replicated state machines, using the BFT-SMaRt replication library (http://bft-smart.github.io/library/) as a case study.

Bio: Alysson Bessani is a Assistant Professor of the Department of Informatics of the University of Lisbon Faculty of Sciences, Portugal, since 2007 and a member of LASIGE/Navigators research team since 2006. He received his B.S. degree in Computer Science from Maringá State University, Brazil in 2001, the MSc and PhD in Electrical Engineering from Santa Catarina Federal University (UFSC), Brazil in 2002 and 2006, respectively. He spent a semester as a visiting professor in Carnegie Mellow University (2010) and as a visiting researcher in Microsoft Research Cambridge (2014). Alysson participated in nine international projects and has more than 100 peer-reviewed publications. More information about him can be found here.

AG01
15 April 2015
1 - 2pm

Speaker: Dr Marcin Wójcik, U. Bristol
Title: THOR - The Hardware Onion Router
Abstract:
The security and privacy of data traversing the internet has always been a major concern for all users. In this context, The Onion Routing (Tor) is the most successful protocol to anonymise global Internet traffic and is widely deployed as software on many personal computers and servers. In this talk, we explore the potential of modern reconfigurable devices to efficiently realise the Tor protocol on embedded devices. In particular, this targets the acceleration of the complex cryptographic operations involved in the handshake of routing nodes and the data stream encryption. Our hardware-based implementation on the Xilinx Zynq platform outperforms previous embedded solutions with respect to the cryptographic handshake - ultimately enabling quite inexpensive but highly efficient routers. This work might be seen as a step towards the development and the dissemination of a high number of low-cost and high performance onion relays that will hopefully ultimately leads to a more private internet.

Bio: Dr Marcin Wójcik is currently a Research Assistant in Applied Mobile Security at Bristol University. He obtained his PhD from the Bristol University in 2014. Prior to this, he completed BSc and MSc degrees in Telecommunications as well as an MSc degree in Mathematics, all at Warsaw University of Technology in Poland. From 2006 to 2009 he worked as a Cryptography Specialist, with a remit including design and implementation of secure FPGA-based systems for telecommunications; he was also a member of one of the NATO's security project working groups. During his PhD studies, Dr Wójcik completed a 3 month internship at the Intel R&D center in Ireland, working on applications of Physical Unclonable Functions (PUFs). His major research interests include side-channel attacks, PUFs, implementation of cryptography, and embedded and network system security.

AG07
30 March 2015
Time 4-5pm
Speaker: Prof Peter Ryan
Title: "E2E Verifiable Voting Schemes, Theory to Practice"
Abstract:
Democracy, in particular the conduct of elections faces major challenges. Rarely a day goes past without reports of contested elections somewhere in the world. Traditional ways of conducting elections are often thrown into doubt, see for example the "Where is my Vote?" campaign in Iran. Attempts to introduce technological approaches to voting are also highly controversial, see for example the US, the Netherlands, etc. Over the past few decades cryptographers and information security experts have turned their attention to this topic. The challenge is to reconcile the conflicting requirements of assurance of accuracy on the one hand and ballot privacy on the other. Modern cryptography has enabled the remarkable new notion of "end-to-end verifiability" as a way to allow voters to confirm that their vote is accurately included in the tally while not revealing to a third party how they voted.

In this talk I will present a brief history of progress in his field and describe how such schemes are making it out of the lab into the real world, I will focus primarily on the Prè‡t à Voter scheme and the experiences of its deployment in the state elections in Victoria State Australia.

Biography
AG07
25 March 2015

Time 12.30pm-2pm
Speaker: Dr Peter Popov
Title: "Modelling Critical Infrastructures (CIs) resilience"
joint Department of Computer Science/CSR seminar
Abstract:

Resilience of critical infrastructures is of paramount importance for society. In the last decade the landscape of critical infrastructures has changed significantly and new challenges have emerged due to various factors, e.g. deregulation and the increased deployment of “smart” technologies. The main challenges have been interdependence between infrastructures and more recently cyber security.
In the talk I will summarise the effort to date by a small team at the Centre for Software Reliability to address these two concerns.

-A decade ago interdependence between critical infrastructures has been recognised as a serious challenge in achieving resilience of critical infrastructures. Many discussed the issue qualitatively, but little has been done to date to quantify interdependences and their impact on resilience. I will present briefly the approach developed at CSR for stochastic interdependency modelling, the tool support for building hybrid models quickly to help with the studies and will show some of the interesting results obtained over the last few years.

-Very recently interdependency modelling has been extended to address cyber threats specific for industrial control systems (ICS). I will illustrate this work with very recent results – comparison of the impact of different cyber attacks on a non-trivial case study:  a power transmission network (NORDIC32) extended with a SCADA network and sub-stations compliant with IEC 615850. The model of this power system captures measurements, protection and control functions and the functional dependencies between the modelled elements (e.g. due to power flows or unavailability of the equipment used for measurement and control). Different models of an Adversary can be added to the system model and thus a range of studies (via Monte Carlo simulation) can be undertaken to compare the impact of different attacks on the modelled cyber-physical system.

The talk is a compilation from 2 presentations I delivered recently: at the IFIP Working Group 10.4 meeting in Amicalola Falls (Georgia, USA) in June 2014, and at the 9th International Conference on Critical Information Infrastructures Security (CRITIS’2014), in October 2014.

I hope the talk may trigger interest from other research centres and groups.

Biography

AG08
13 March 2015

2pm
Speaker: Ian Mann
Title: "Hacking the human - The adventures of a social engineer"
Abstract: Exploring the strategies and techniques involved in hacking people as part of information security breaches.
Biography
AG07
25 Feb 2015

12.30pm
Speaker: Prof Lorenzo Strigini
Title: Assessment techniques, certification and [what else we need for] confidence in software
joint department/CSR seminar.
Abstract:
Software is used in applications where its failures may cause very serious harm. The most recent reminder is the finding of a jury against Toyota, suggesting that defective software in their cars may have killed tens of people. To avoid these and worse consequences, the software used in many industrial sectors is subject to regulation and/or "certification". How effective these practices really are, and how to make them more effective, is a subject of vigorous debate and of research in which we at CSR have been active for a long time.

I will give some background on standards and practices for safety-critical software, and then discuss the open problems and the ways forward, along the lines of an invited talk I gave at the 2014 International Symposium on Software Reliability Engineering and was received well. I think these "big picture" issues matter not only for that specialised audience but for most engineers and computer scientist.

Certification of software may play multiple roles, both intended and unintended, and both beneficial and damaging. Some of these roles are unrelated to what the name "certification" is about, i.e., creating certainties; for those that are related to it, we should usually talk about creating confidence rather than certainty. With an eye on this socio-technical landscape, this talk will attempt a map of the logical links between the evidence collected through assessment practices and the confidence in reliability, safety or security that users wish to derive from the evidence. Central issues are the links between deterministic and probabilistic claims, their scopes of validity, and the evidence behind them. Probing these links raises useful questions about unstated assumptions, possible means for giving confidence more solid bases, and how these could affect the practice of certification.

Biography
AG08
15 Jan 2015

3pm
Speaker: Prof John Rushby
Title: "On Assurances Cases" as part of the School's Cyber Security meeting.
Biography
-
5 Nov 2014

12.30pm
Speaker: Dr Eugenio Alberdi
Title: Computer Induced Human Error: Beyond 'Complacency'
joint department/CSR seminar.
-