Advertisement

Further Applications of CAIRIS for Usable and Secure Software Design

  • Shamal FailyEmail author
Chapter

Abstract

To close this book, this chapter presents further applications afforded by the CAIRIS platform. We consider new ideas around the role of environments in CAIRIS, examine how the IRIS meta-model can be leveraged to support the modelling of threats and trust expectations in CAIRIS, and how IRIS and CAIRIS realises the idea of “design as code”. I conclude by demonstrating the use of CAIRIS to model both functional and human concerns, and show how CAIRIS models help evaluate research when participants can be difficult to find or reach.

References

  1. 1.
    Jamshidi M. System of systems - innovations for 21st century. In: 2008 IEEE region 10 and the third international conference on industrial and information systems; 2008. p. 6–7.Google Scholar
  2. 2.
    Ki-Aries D, Dogan H, Faily S, Whittington P, Williams C. From requirements to operation: components for risk assessment in a pervasive system of systems. In: IEEE 25th international requirements engineering conference workshops, RE 2017 workshops, Lisbon, Portugal, September 4–8, 2017; 2017. p. 83–89.Google Scholar
  3. 3.
    Shostack A. Threat modeling: designing for security. New York: Wiley; 2014.Google Scholar
  4. 4.
    Zand DE. Trust and managerial problem solving. Adm Sci Q. 1972;17(2):229–39.CrossRefGoogle Scholar
  5. 5.
    Riegelsberger J, Sasse MA, McCarthy JD. The mechanics of trust: a framework for research and design. Int J Hum Comput Stud. 2005;62(3):381–422.CrossRefGoogle Scholar
  6. 6.
    Fléchais I. Designing secure and usable systems. University College London; 2005.Google Scholar
  7. 7.
    Faily S. Bridging user-centered design and requirements engineering with GRL and persona cases. In: Proceedings of the 5th international i* workshop. CEUR workshop proceedings; 2011. p. 114–119.Google Scholar
  8. 8.
    Amyot D, Ghanavati S, Horkoff J, Mussbacher G, Peyton L, Yu E. Evaluating goal models within the goal-oriented requirement language. Int J Intell Syst. 2010;25(8):841–77.CrossRefGoogle Scholar
  9. 9.
    Faily S, Fléchais I. Eliciting and visualising trust expectations using persona trust characteristics and goal models. In: Proceedings of the 6th international workshop on social software engineering. SSE 2014. ACM; 2014. p. 17–24.Google Scholar
  10. 10.
    Faily S, Power D, Fléchais I. Gulfs of expectation: eliciting and verifying differences in trust expectations using personas. J Trust Manag. 2016;3(1):4 Jul.CrossRefGoogle Scholar
  11. 11.
    Hoare CAR. Communicating sequential processes. Englewood Cliffs: Prentice-Hall; 1985.Google Scholar
  12. 12.
    University of Oxford. FDR website; 2018. https://www.cs.ox.ac.uk/projects/fdr.
  13. 13.
    Kim G, Behr K, Spafford G. The phoenix project: a novel about IT, DevOps, and helping your business win. IT Revolution Press; 2014.Google Scholar
  14. 14.
    Gaver WW, Beaver J, Benford S. Ambiguity as a resource for design. In: CHI ’03: proceedings of the SIGCHI conference on Human factors in computing systems. ACM; 2003. p. 233–240.Google Scholar
  15. 15.
    Wuyts K. Privacy threats in software architecture. Heverlee: KU Leuven; 2015.Google Scholar
  16. 16.
    Church L, Kreeger MN, Streets M. Introducing usability to the common criteria. In: 9th international common criteria conference; 2008.Google Scholar
  17. 17.
    Shamal F. NeuroGrid specification exemplar; 2018. https://cairis.org/NeuroGrid.
  18. 18.
    Shamal F. ACME Water specification exemplar; 2018. https://cairis.org/ACME_Water.
  19. 19.
    SweetWilliam SL. HMI Pad website; 2013. http://www.sweetwilliamsl.com/hmi-ipad.
  20. 20.
    Faily S, Iacob C, Field S. Ethical hazards and safeguards in penetration testing. In: Proceedings of the 30th british HCI group annual conference on people and computers: fusion. British Computer Society; 2016.Google Scholar
  21. 21.
    Parkin S, Fielder A, Ashby A. Pragmatic security: modelling IT security management responsibilities for SME archetypes. In: Proceedings of the 8th ACM CCS international workshop on managing insider security threats. MIST ’16. ACM; 2016. p. 69–80.Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Department of Computing & InformaticsBournemouth UniversityPoole, DorsetUK

Personalised recommendations