Enhancing security requirements engineering by organizational learning

More and more software projects today are security-related in one way or the other. Requirements engineers without expertise in security are at risk of overlooking security requirements, which often leads to security vulnerabilities that can later be exploited in practice. Identifying security-relevant requirements is labor-intensive and error-prone. In order to facilitate the security requirements elicitation process, we present an approach supporting organizational learning on security requirements by establishing company-wide experience resources and a socio-technical network to benefit from them. The approach is based on modeling the flow of requirements and related experiences. Based on those models, we enable people to exchange experiences about security-relevant requirements while they write and discuss project requirements. At the same time, the approach enables participating stakeholders to learn while they write requirements. This can increase security awareness and facilitate learning on both individual and organizational levels. As a basis for our approach, we introduce heuristic assistant tools. They support reuse of existing experiences that are relevant for security. In particular, they include Bayesian classifiers that issue a warning automatically when new requirements seem to be security-relevant. Our results indicate that this is feasible, in particular if the classifier is trained with domain-specific data and documents from previous projects. We show how the ability to identify security-relevant requirements can be improved using this approach. We illustrate our approach by providing a step-by-step example of how we improved the security requirements engineering process at the European Telecommunications Standards Institute (ETSI) and report on experiences made in this application.     

Stability of SrFeO3 based materials in the presence of SiOx species in humid atmosphere at high temperatures and pressures

Strontium silicate was found on the surface of La_0.2Sr_0.8Fe_0.79Cr_0.2Mg_0.01O₃ exposed to hydrogen containing humid atmospheres at 1000 °C and 30 bars. Silica originated from the furnace tube material and was transported via the gas phase as a gaseous silica hydrate. Fe and Sr were initially preferentially expelled from the perovskite grain boundaries to give Sr₂SiO₄ at the surface, along with a secondary Fe-rich phase and a LaCrO₃-rich grain boundary region. Eventually, Fe and Sr were drawn from the grains, leaving a porous structure. This investigation highlights the importance of avoiding Si sources near Sr-rich membranes in humid atmospheres at high temperatures.     

Stability of SrFeO3-Based Materials in H2O/CO2-Containing Atmospheres at High Temperatures and Pressures

The chemical stability of SrFeO₃-based perovskites in H₂O- and CO₂-containing atmospheres at high temperatures and pressures has been examined. The extent of reaction as a function of p CO₂, p H₂O, temperature, and time has been determined. Either strontium carbonate or Sr(OH)₂·H₂O was observed on sample surfaces after exposure. Observation of two different reaction-rate behaviors could be explained by the formation of different products. The stability of the perovskite has been found to increase when the activity of Sr is decreased. Chemical stability in H₂O/CO₂ is important to understand in order to use these membrane materials for syngas production.     

Bulk tank raw milk microbiota differs within and between farms: A moving goalpost challenging quality control

Microbial contamination of bovine raw milk often occurs at the farm. To acquire a deeper knowledge of the microbiota of farm tank milk, we studied milk from 45 farms situated in 2 geographical areas in Norway. Each farm was visited on 3 different occasions, with at least 2 wk between visits. We combined both bacterial cell counts and a sequence variant inference method of amplicon-based high-throughput sequencing to achieve a high-resolution overview of the microbiota in each sample. Compositional variation of the farm milk microbiota was shown in relation to the 2 areas, between the farms and between the sampling times. Despite the near constant level of bacteria enumerated in milk from each individual farm, the dominant microbiota differed significantly between the samplings. The predominant microbiota was dominated by spoilage genera, such as Pseudomonas and Bacillus, as well as the dairy fermentation genus Lactococcus and mastitis-causing organisms (Streptococcus). Analysis of the identified sequence variants within these genera showed that the populations of Pseudomonas and Lactococcus in milk had similar composition between the farms, but that Bacillus and, in particular, Streptococcus populations changed between collection days from the same farm and between farms and geographical areas. Furthermore, the levels and composition of Bacillus and Paenibacillus were different between the 2 geographical areas. The results presented here provide new insight into the farm milk microbiota and show that this microbiota is a dynamic community highly subject to variation.     

Quantifying security risk level from CVSS estimates of frequency and impact

Modern society relies on and profits from well-balanced computerized systems. Each of these systems has a core mission such as the correct and safe operation of safety critical systems or innovative and effective operation of e-commerce systems. It might be said that the success of these systems depends on their mission. Although the concept of “well-balanced” has a slightly different meaning for each of these two categories of systems, both have to meet customer needs, deliver capabilities and functions according to expectations and generate revenue to sustain today’s highly competitive market. Tighter financial constraints are forcing safety critical systems away from dedicated and expensive communication regimes, such as the ownership and operation of dedicated communication links, towards reliance on third parties and standardized means of communication. As a consequence, knowledge about their internal structures and operations is more widely and publicly available and this can make them more prone to security attacks. These systems are, therefore, moving towards a remotely exploitable environment and the risks associated with this must be controlled.Risk management is a good tool for controlling risk but it has the inherent challenge of quantitatively estimating frequency and impact in an accurate and trustworthy way. Quantifying the frequency and impact of potential security threats requires experience-based data which is limited and rarely reusable because it involves company confidential data. Therefore, there is a need for publicly available data sources that can be used in risk estimation. This paper presents a risk estimation model that makes use of one such data source, the Common Vulnerability Scoring System (CVSS). The CVSS Risk Level Estimation Model estimates a security risk level from vulnerability information as a combination of frequency and impact estimates derived from the CVSS. It is implemented as a Bayesian Belief Network (BBN) topology, which allows not only the use of CVSS-based estimates but also the combination of disparate information sources and, thus, provides the ability to use whatever risk information that is available. The model is demonstrated using a safety- and mission-critical system for drilling operational support, the Measurement and Logging While Drilling (M/LWD) system.     

Groundwater Contamination from Rural Pit Latrines: Examples from Siberia and Kosova

New hydrogeochemical data from Kosova and southern Siberia agree with previous studies from Botswana and Moldova in suggesting that high densities of pit latrines (and other domestic pollution sources) in rural villages can result in contamination of potable groundwater supplies by microbes and nitrate. Concentrations in excess of 100 mg/l nitrate have been recorded in each of these areas, at which levels small children may be endangered by methaemoglobinaemia. The sanitation and water-supply conditions are believed to be typical of large areas of Eastern Europe and the former Soviet Union. It is likely that poor sanitation and conflict with potable-water supplies are among the main sources of environmental risk to populations in these areas, rather than the industrial and military contamination upon which so many international collaborative programmes have focused.     

Identification and Evaluation of 21 Novel Microsatellite Markers from the Autumnal Moth (Epirrita autumnata) (Lepidoptera: Geometridae)

The autumnal moth (Epirrita autumnata) is a cyclically outbreaking forest Lepidoptera with circumpolar distribution and substantial impact on Northern ecosystems. We have isolated 21 microsatellites from the species to facilitate population genetic studies of population cycles, outbreaks, and crashes. First, PCR primers and PCR conditions were developed to amplify 19 trinucleotide loci and two tetranucleotide loci in six multiplex PCR approaches and then analyzed for species specificity, sensitivity and precision. Twelve of the loci showed simple tandem repeat array structures while nine loci showed imperfect repeat structures, and repeat numbers varied in our material between six and 15. The application in population genetics for all the 21 microsatellites were further validated in 48 autumnal moths sampled from Northern Norway, and allelic variation was detected in 19 loci. The detected numbers of alleles per locus ranged from two to 13, and the observed and expected heterozygosities varied from 0.04 to 0.69 and 0.04 to 0.79, respectively. Evidence for linkage disequilibrium was found for six loci as well as indication of one null allele. We find that these novel microsatellites and their multiplex-PCR assays are suitable for further research on fine- and large-scale population-genetic studies of Epirrita autumnata.     

Studies on two insect pests

Samples of two insect species, the Blossom beetle (Meligethes aeneusF.) and the Turnip seed weevil (Ceuthorrhynchus assimilisPayk.), were taken at various occasions in a winter rape field, both in areas treated with DDT and in areas untreated. As indicated by sweep net samples the DDT treatments caused a considerable reduction in the population level of the Blossom beetle. On the other hand, the treatments were associated with no significant decrease in the abundance of the Turnip seed weevil. Gas chromatography analyses showed large amounts of residue in both species in samples from the DDT‐treated areas. In the Turnip seed weevil, residues were also clearly demonstrated in samples from the areas where no DDT was used. The results indicate that DDT contaminated specimens spread at most to a limited extent in the Blossom beetle, while a movement of contaminated specimens to the untreated areas was evident in the Turnip seed weevil.