Biblio

Today, connectivity is demanded in almost every domain, e.g., the smart home domain and its connected smart household devices like TVs and fridges, or the industrial automation domain, connecting plants, controllers and sensors to the internet for purposes like condition monitoring. This trend amplifies the need for secure applications that can protect their sensitive data against manipulation and leaks. However, many applications are still built without considering security in its design phase, often it is perceived as too complicated and time consuming. This is a major oversight, as fixing vulnerabilities after release is often not feasible when major architecture redesigns are necessary. Therefore, the software developer has to make sure that the developed software architecture is secure. Today, there are some tools available to help the software developer in identifying potential security weaknesses of their architecture. However, easy and fast to use tools that support the software developer in improving their architecture's security are lacking. The goal of my thesis is to make security improvements easily applicable by non-security and non-architecture experts by proposing systematic, easy to use and automated techniques that will help the software developer in designing secure software architectures. To achieve this goal, I propose a method that enables the software developer to automatically find flaws and weaknesses, as well as appropriate improvements in their given software architecture during the design phase. For this method, I adopt Model-Based Development techniques by extending and creating Domain-Specific Languages (DSL) for specifying the architecture itself and possible architectural improvements. Using these DSLs, my approach automatically suggests security enhancing improvements for the architecture, promoting increased security of software architectures and as such for the developed applications as a whole.

The process of digitalisation has an advanced impact on social lives, state affairs, and the industrial automation domain. Ubiquitous networks and the increased requirements in terms of Quality of Service (QoS) create the demand for future-proof network management. Therefore, new technological approaches, such as Software-Defined Networks (SDN) or the 5G Network Slicing concept, are considered. However, the important topic of cyber security has mainly been ignored in the past. Recently, this topic has gained a lot of attention due to frequently reported security related incidents, such as industrial espionage, or production system manipulations. Hence, this work proposes a concept for adding cyber security requirements to future network management paradigms. For this purpose, various security related standards and guidelines are available. However, these approaches are mainly static, require a high amount of manual efforts by experts, and need to be performed in a steady manner. Therefore, the proposed solution contains a dynamic, machine-readable, automatic, continuous, and future-proof approach to model and describe cyber security QoS requirements for the next generation network management.

The process of digitalisation has an advanced impact on social lives, state affairs, and the industrial automation domain. Ubiquitous networks and the increased requirements in terms of Quality of Service (QoS) create the demand for future-proof network management. Therefore, new technological approaches, such as Software-Defined Networks (SDN) or the 5G Network Slicing concept, are considered. However, the important topic of cyber security has mainly been ignored in the past. Recently, this topic has gained a lot of attention due to frequently reported security related incidents, such as industrial espionage, or production system manipulations. Hence, this work proposes a concept for adding cyber security requirements to future network management paradigms. For this purpose, various security related standards and guidelines are available. However, these approaches are mainly static, require a high amount of manual efforts by experts, and need to be performed in a steady manner. Therefore, the proposed solution contains a dynamic, machine-readable, automatic, continuous, and future-proof approach to model and describe cyber security QoS requirements for the next generation network management.