DAUBNER, Lukáš, Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ and Tomáš PITNER. Business Process Model and Notation for Forensic-Ready Software Systems. Online. In Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering. Setúbal, Portugal: SciTePress, 2022, p. 95-106. ISBN 978-989-758-568-5. Available from: https://dx.doi.org/10.5220/0011041000003176.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Business Process Model and Notation for Forensic-Ready Software Systems
Authors DAUBNER, Lukáš (203 Czech Republic, guarantor, belonging to the institution), Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ (203 Czech Republic, belonging to the institution) and Tomáš PITNER (203 Czech Republic, belonging to the institution).
Edition Setúbal, Portugal, Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering, p. 95-106, 12 pp. 2022.
Publisher SciTePress
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10200 1.2 Computer and information sciences
Confidentiality degree is not subject to a state or trade secret
Publication form electronic version available online
WWW URL
RIV identification code RIV/00216224:14330/22:00125901
Organization unit Faculty of Informatics
ISBN 978-989-758-568-5
ISSN 2184-4895
Doi http://dx.doi.org/10.5220/0011041000003176
UT WoS 000814765400008
Keywords in English Forensic Readiness; Forensic-Ready Software Systems; Modelling; BPMN; Software Design
Tags best, firank_B
Tags International impact, Reviewed
Changed by Changed by: RNDr. Lukáš Daubner, Ph.D., učo 410034. Changed: 1/2/2023 14:24.
Abstract
The design and development of secure systems is an important and challenging task. However, such systems should also be prepared for eventual disputes or occurrences of a security incident. To solve this, forensic-ready software systems are, by-design, prepared to assist in the forensic investigation and to provide on-point data with high evidentiary value. However, software engineering support for the systematic development of such software systems is rather sparse. This paper tackles the problem by introducing novel modelling notation, called BPMN for Forensic-Ready Software Systems (BPMN4FRSS), including its syntax and semantics. The notation aims to capture the forensic-ready controls and enable reasoning over them, primarily focusing on potential digital evidence. Importantly, it is made to support forensic readiness oriented risk management decisions. The approach is then demonstrated in a scenario where the controls, which mitigate security and business risks, are properly rep resented.
Links
CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(CEP code: EF16_019/0000822)		Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Acronym: C4e)
Investor: Ministry of Education, Youth and Sports of the CR, CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence, Priority axis 1: Strengthening capacities for high-quality research
EF16_019/0000822, research and development projectName: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur
PrintDisplayed: 21/7/2024 21:20