Business Process Model and Notation for Forensic-Ready Software Systems

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F22%3A00125901" target="_blank" >RIV/00216224:14330/22:00125901 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.5220/0011041000003176" target="_blank" >http://dx.doi.org/10.5220/0011041000003176</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.5220/0011041000003176" target="_blank" >10.5220/0011041000003176</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Business Process Model and Notation for Forensic-Ready Software Systems

Popis výsledku v původním jazyce

The design and development of secure systems is an important and challenging task. However, such systems should also be prepared for eventual disputes or occurrences of a security incident. To solve this, forensic-ready software systems are, by-design, prepared to assist in the forensic investigation and to provide on-point data with high evidentiary value. However, software engineering support for the systematic development of such software systems is rather sparse. This paper tackles the problem by introducing novel modelling notation, called BPMN for Forensic-Ready Software Systems (BPMN4FRSS), including its syntax and semantics. The notation aims to capture the forensic-ready controls and enable reasoning over them, primarily focusing on potential digital evidence. Importantly, it is made to support forensic readiness oriented risk management decisions. The approach is then demonstrated in a scenario where the controls, which mitigate security and business risks, are properly rep resented.

Název v anglickém jazyce

Business Process Model and Notation for Forensic-Ready Software Systems

Popis výsledku anglicky

The design and development of secure systems is an important and challenging task. However, such systems should also be prepared for eventual disputes or occurrences of a security incident. To solve this, forensic-ready software systems are, by-design, prepared to assist in the forensic investigation and to provide on-point data with high evidentiary value. However, software engineering support for the systematic development of such software systems is rather sparse. This paper tackles the problem by introducing novel modelling notation, called BPMN for Forensic-Ready Software Systems (BPMN4FRSS), including its syntax and semantics. The notation aims to capture the forensic-ready controls and enable reasoning over them, primarily focusing on potential digital evidence. Importantly, it is made to support forensic readiness oriented risk management decisions. The approach is then demonstrated in a scenario where the controls, which mitigate security and business risks, are properly rep resented.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

<a href="/cs/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2022

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering

ISBN

9789897585685

ISSN

2184-4895

e-ISSN

—

Počet stran výsledku

12

Strana od-do

95-106

Název nakladatele

SciTePress

Místo vydání

Setúbal, Portugal

Místo konání akce

Online

Datum konání akce

25. 4. 2022

Typ akce podle státní příslušnosti

CST - Celostátní akce

Kód UT WoS článku

000814765400008