Further Applications of CAIRIS for Usable and Secure Software Design
To close this book, this chapter presents further applications afforded by the CAIRIS platform. We consider new ideas around the role of environments in CAIRIS, examine how the IRIS meta-model can be leveraged to support the modelling of threats and trust expectations in CAIRIS, and how IRIS and CAIRIS realises the idea of “design as code”. I conclude by demonstrating the use of CAIRIS to model both functional and human concerns, and show how CAIRIS models help evaluate research when participants can be difficult to find or reach.
- 1.Jamshidi M. System of systems - innovations for 21st century. In: 2008 IEEE region 10 and the third international conference on industrial and information systems; 2008. p. 6–7.Google Scholar
- 2.Ki-Aries D, Dogan H, Faily S, Whittington P, Williams C. From requirements to operation: components for risk assessment in a pervasive system of systems. In: IEEE 25th international requirements engineering conference workshops, RE 2017 workshops, Lisbon, Portugal, September 4–8, 2017; 2017. p. 83–89.Google Scholar
- 3.Shostack A. Threat modeling: designing for security. New York: Wiley; 2014.Google Scholar
- 6.Fléchais I. Designing secure and usable systems. University College London; 2005.Google Scholar
- 7.Faily S. Bridging user-centered design and requirements engineering with GRL and persona cases. In: Proceedings of the 5th international i* workshop. CEUR workshop proceedings; 2011. p. 114–119.Google Scholar
- 9.Faily S, Fléchais I. Eliciting and visualising trust expectations using persona trust characteristics and goal models. In: Proceedings of the 6th international workshop on social software engineering. SSE 2014. ACM; 2014. p. 17–24.Google Scholar
- 11.Hoare CAR. Communicating sequential processes. Englewood Cliffs: Prentice-Hall; 1985.Google Scholar
- 12.University of Oxford. FDR website; 2018. https://www.cs.ox.ac.uk/projects/fdr.
- 13.Kim G, Behr K, Spafford G. The phoenix project: a novel about IT, DevOps, and helping your business win. IT Revolution Press; 2014.Google Scholar
- 14.Gaver WW, Beaver J, Benford S. Ambiguity as a resource for design. In: CHI ’03: proceedings of the SIGCHI conference on Human factors in computing systems. ACM; 2003. p. 233–240.Google Scholar
- 15.Wuyts K. Privacy threats in software architecture. Heverlee: KU Leuven; 2015.Google Scholar
- 16.Church L, Kreeger MN, Streets M. Introducing usability to the common criteria. In: 9th international common criteria conference; 2008.Google Scholar
- 17.Shamal F. NeuroGrid specification exemplar; 2018. https://cairis.org/NeuroGrid.
- 18.Shamal F. ACME Water specification exemplar; 2018. https://cairis.org/ACME_Water.
- 19.SweetWilliam SL. HMI Pad website; 2013. http://www.sweetwilliamsl.com/hmi-ipad.
- 20.Faily S, Iacob C, Field S. Ethical hazards and safeguards in penetration testing. In: Proceedings of the 30th british HCI group annual conference on people and computers: fusion. British Computer Society; 2016.Google Scholar
- 21.Parkin S, Fielder A, Ashby A. Pragmatic security: modelling IT security management responsibilities for SME archetypes. In: Proceedings of the 8th ACM CCS international workshop on managing insider security threats. MIST ’16. ACM; 2016. p. 69–80.Google Scholar