Time filter

Source Type

Eichler J.,Fraunhofer Institute for Secure Information Technology
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Modeling results from risk assessment and the selection of safeguards is an important activity in information security management. Many approaches for this activity focus on an organizational perspective, are embedded in heavyweight processes and tooling and require extensive preliminaries. We propose a lightweight approach introducing SeCoML - a readable language on top of an established methodology within an open framework. Utilizing standard tooling for creation, management and analysis of SeCoML models our approach supports security engineering and integrates well in different environments. Also, we report on early experiences of the language's use. © 2011 Springer-Verlag. Source

Ocheretny V.,Fraunhofer Institute for Secure Information Technology
Proceedings of the 2010 IEEE 16th International On-Line Testing Symposium, IOLTS 2010

In this paper we present a new self-checking ALU with duplicated functional outputs. The arithmetic and logic functions as well as their inverses are implemented within a single ALU cell. Two new ALU cells which are intended for different application requirements (e.g. computational speed, hardware overhead and power consumption) are introduced. The hardware overhead for the implementation of the proposed ALU is lower than the hardware overhead required for complete duplication of the ALU. Thereby, the error detection capabilities are almost the same as for the complete duplication. © 2010 IEEE. Source

Turpe S.,Fraunhofer Institute for Secure Information Technology
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Just as security mechanisms for end users need to be usable, programming platforms and APIs need to be usable for programmers. To date the security community has assembled large catalogs of dos and don’ts for programmers, but rather little guidance for the design of APIs that make secure programming easy and natural. Unix with its setuid mechanism lets us study usable security issues of programming platforms. Setuid allows certain programs to run with higher privileges than the user or process controlling them. Operating across a privilege boundary entails security obligations for the program. Obligations are known and documented, yet developers often fail to fulfill them. Using concepts and vocabulary from usable security and usability of notations theory, we can explain how the Unix platform provokes vulnerabilities in such programs. This analysis is a first step towards developing platform design guidelines to address human factors issues in secure programming. © Springer International Publishing Switzerland 2016. Source

Baluda M.,Fraunhofer Institute for Secure Information Technology
6th International Workshop on Automating Test Case Design, Selection and Evaluation, A-TEST 2015 - Proceedings

Search Based Software Testing (SBST) and Symbolic Execution (SE) have emerged as the most effective among the fully automated test input generation techniques. However, none of the two techniques satisfactorily solves the problem of generating test cases that exercise specific code elements, as it is required for example in security vulnerability testing. This paper proposes EvoSE, an approach that combines the strengths of SBST and SE. EvoSE implements an evolutionary algorithm that searches the program control flow graph for symbolic paths that traverse the minimum number of unsatisfiable branch conditions. Preliminary evaluation shows that EvoSE outperforms state-of-the-art SE search strategies when targeting specific code elements. © 2015 ACM. Source

Turpe S.,Fraunhofer Institute for Secure Information Technology
Proceedings New Security Paradigms Workshop

Security property degrees systematize the angles from which one can discuss the security of a system. Microscopic properties characterize how specific actions affect parts of a system. Mesoscopic properties describe how the pursuit of an attack objective may affect the system and the attacker. Macroscopic properties represent the interaction of a threat environment with a system. Properties of different degrees are interdependent, but not in a simple and universal manner. Security design aims to control security properties, shaping them in a favorable way. Its objective is macroscopic control through design decisions on all three degrees. Design tools today occupy mostly the lower half of the property degree scale. A few macroscopic design aids exist but provide little guidance to engineers. Security designers are thus in a similar situation as photographers, having to make fundamental design decisions without methodologies other than their private, homegrown approaches. This is essential for art but a deficiency in engineering. Standardized mechanization in point-and-shoot cameras helps inexpert photographers to a limited extent but can get in the way of the experienced and ambitious. Point-and-shoot security design, shorthand for current practice as well as a widely held expectation, may do the same to security engineers.Copyright 2012 ACM. Source

Discover hidden collaborations