Business Process Model and Notation for Forensic-Ready Software
Systems

D 2022

Business Process Model and Notation for Forensic-Ready Software Systems

DAUBNER, Lukáš, Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ and Tomáš PITNER

Basic information

Original name

Business Process Model and Notation for Forensic-Ready Software Systems

Authors

DAUBNER, Lukáš (203 Czech Republic, guarantor, belonging to the institution), Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ (203 Czech Republic, belonging to the institution) and Tomáš PITNER (203 Czech Republic, belonging to the institution)

Edition

Setúbal, Portugal, Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering, p. 95-106, 12 pp. 2022

Publisher

SciTePress

Other information

Language

English

Type of outcome

Stať ve sborníku

Field of Study

10200 1.2 Computer and information sciences

Confidentiality degree

není předmětem státního či obchodního tajemství

Publication form

electronic version available online

References:

URL

RIV identification code

RIV/00216224:14330/22:00125901

Organization unit

Faculty of Informatics

ISBN

978-989-758-568-5

ISSN

DOI

http://dx.doi.org/10.5220/0011041000003176

UT WoS

000814765400008

Keywords in English

Forensic Readiness; Forensic-Ready Software Systems; Modelling; BPMN; Software Design

Abstract

V originále

The design and development of secure systems is an important and challenging task. However, such systems should also be prepared for eventual disputes or occurrences of a security incident. To solve this, forensic-ready software systems are, by-design, prepared to assist in the forensic investigation and to provide on-point data with high evidentiary value. However, software engineering support for the systematic development of such software systems is rather sparse. This paper tackles the problem by introducing novel modelling notation, called BPMN for Forensic-Ready Software Systems (BPMN4FRSS), including its syntax and semantics. The notation aims to capture the forensic-ready controls and enable reasoning over them, primarily focusing on potential digital evidence. Importantly, it is made to support forensic readiness oriented risk management decisions. The approach is then demonstrated in a scenario where the controls, which mitigate security and business risks, are properly rep resented.

Links

CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(CEP code: EF16_019/0000822)

Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Acronym: C4e)

Investor: Ministry of Education, Youth and Sports of the CR, CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence, Priority axis 1: Strengthening capacities for high-quality research

EF16_019/0000822, research and development project

Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

Citovat

DAUBNER, Lukáš, Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ and Tomáš PITNER. Business Process Model and Notation for Forensic-Ready Software Systems. Online. In Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering. Setúbal, Portugal: SciTePress, 2022, p. 95-106. ISBN 978-989-758-568-5. Available from: https://dx.doi.org/10.5220/0011041000003176.

@inproceedings{1856737,
   author = {Daubner, Lukáš and Matulevičius, Raimundas and Bühnová, Barbora and Pitner, Tomáš},
   address = {Setúbal, Portugal},
   booktitle = {Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering},
   doi = {http://dx.doi.org/10.5220/0011041000003176},
   keywords = {Forensic Readiness; Forensic-Ready Software Systems; Modelling; BPMN; Software Design},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {Setúbal, Portugal},
   isbn = {978-989-758-568-5},
   pages = {95-106},
   publisher = {SciTePress},
   title = {Business Process Model and Notation for Forensic-Ready Software Systems},
   url = {https://www.scitepress.org/PublicationsDetail.aspx?ID=WfdKUNdsvxM=},
   year = {2022}
}

TY  - JOUR
ID  - 1856737
AU  - Daubner, Lukáš - Matulevičius, Raimundas - Bühnová, Barbora - Pitner, Tomáš
PY  - 2022
TI  - Business Process Model and Notation for Forensic-Ready Software Systems
PB  - SciTePress
CY  - Setúbal, Portugal
SN  - 9789897585685
KW  - Forensic Readiness
KW  - Forensic-Ready Software Systems
KW  - Modelling
KW  - BPMN
KW  - Software Design
UR  - https://www.scitepress.org/PublicationsDetail.aspx?ID=WfdKUNdsvxM=
N2  - The design and development of secure systems is an important and challenging task. However, such systems should also be prepared for eventual disputes or occurrences of a security incident. To solve this, forensic-ready software systems are, by-design, prepared to assist in the forensic investigation and to provide on-point data with high evidentiary value. However, software engineering support for the systematic development of such software systems is rather sparse. This paper tackles the problem by introducing novel modelling notation, called BPMN for Forensic-Ready Software Systems (BPMN4FRSS), including its syntax and semantics. The notation aims to capture the forensic-ready controls and enable reasoning over them, primarily focusing on potential digital evidence. Importantly, it is made to support forensic readiness oriented risk management decisions. The approach is then demonstrated in a scenario where the controls, which mitigate security and business risks, are properly rep resented.
ER  -

DAUBNER, Lukáš, Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ and Tomáš PITNER. Business Process Model and Notation for Forensic-Ready Software Systems. Online. In \textit{Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering}. Setúbal, Portugal: SciTePress, 2022, p.~95-106. ISBN~978-989-758-568-5. Available from: https://dx.doi.org/10.5220/0011041000003176.

Detailed Information on Publication Record