BPMN4FRSS: An BPMN Extension to Support Risk-Based Development
of Forensic-Ready Software Systems

D 2023

BPMN4FRSS: An BPMN Extension to Support Risk-Based Development of Forensic-Ready Software Systems

DAUBNER, Lukáš, Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ and Tomáš PITNER

Basic information

Original name

BPMN4FRSS: An BPMN Extension to Support Risk-Based Development of Forensic-Ready Software Systems

Authors

DAUBNER, Lukáš (203 Czech Republic, guarantor, belonging to the institution), Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ (203 Czech Republic, belonging to the institution) and Tomáš PITNER (203 Czech Republic, belonging to the institution)

Edition

Cham, Evaluation of Novel Approaches to Software Engineering, p. 20-43, 24 pp. 2023

Publisher

Springer Nature Switzerland

Other information

Language

English

Type of outcome

Stať ve sborníku

Field of Study

10200 1.2 Computer and information sciences

Confidentiality degree

není předmětem státního či obchodního tajemství

Publication form

electronic version available online

References:

URL

RIV identification code

RIV/00216224:14330/23:00131217

Organization unit

Faculty of Informatics

ISBN

978-3-031-36596-6

ISSN

DOI

http://dx.doi.org/10.1007/978-3-031-36597-3_2

Keywords in English

Forensic readiness;Forensic-ready software systems;Modelling;BPMN;Software design;Risk management;Security

Abstract

V originále

The importance of systems secure-by-design is well recognised. However, incidents or disputes requiring thorough investigation might occur even in highly secure systems. Forensic-ready software systems aim to ease the investigations by including requirements for reliable, admissible, and on-point data - potential evidence. Yet, the software engineering techniques for such systems have numerous open challenges. One of them, representation and reasoning, is tackled in this chapter by defining the syntax and semantics of modelling language BPMN for Forensic-Ready Software Systems (BPMN4FRSS). In addition to representing the requirements and specific controls, a semantic mapping to forensic-ready risk management is defined to support risk-oriented design. This approach of designing forensic-ready software systems, supported by BPMN4FRSS models, is then demonstrated.

Links

CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(CEP code: EF16_019/0000822)

Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Acronym: C4e)

Investor: Ministry of Education, Youth and Sports of the CR, CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence, Priority axis 1: Strengthening capacities for high-quality research

EF16_019/0000822, research and development project

Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

MUNI/A/1389/2022, interní kód MU

Name: Aplikovaný výzkum na FI: Bezpečnost počítačových systémů, softwarových architektur kritických infrastruktur s forenzními aspekty, zpracování dat pokročilých sensorů a algoritmy plánování v dopravě a logistice

Investor: Masaryk University

Citovat

DAUBNER, Lukáš, Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ and Tomáš PITNER. BPMN4FRSS: An BPMN Extension to Support Risk-Based Development of Forensic-Ready Software Systems. Online. In Evaluation of Novel Approaches to Software Engineering. Cham: Springer Nature Switzerland, 2023, p. 20-43. ISBN 978-3-031-36596-6. Available from: https://dx.doi.org/10.1007/978-3-031-36597-3_2.

@inproceedings{2297178,
   author = {Daubner, Lukáš and Matulevičius, Raimundas and Bühnová, Barbora and Pitner, Tomáš},
   address = {Cham},
   booktitle = {Evaluation of Novel Approaches to Software Engineering},
   doi = {http://dx.doi.org/10.1007/978-3-031-36597-3_2},
   keywords = {Forensic readiness;Forensic-ready software systems;Modelling;BPMN;Software design;Risk management;Security},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {Cham},
   isbn = {978-3-031-36596-6},
   pages = {20-43},
   publisher = {Springer Nature Switzerland},
   title = {BPMN4FRSS: An BPMN Extension to Support Risk-Based Development of Forensic-Ready Software Systems},
   url = {https://link.springer.com/chapter/10.1007/978-3-031-36597-3_2},
   year = {2023}
}

TY  - JOUR
ID  - 2297178
AU  - Daubner, Lukáš - Matulevičius, Raimundas - Bühnová, Barbora - Pitner, Tomáš
PY  - 2023
TI  - BPMN4FRSS: An BPMN Extension to Support Risk-Based Development of Forensic-Ready Software Systems
PB  - Springer Nature Switzerland
CY  - Cham
SN  - 9783031365966
KW  - Forensic readiness;Forensic-ready software systems;Modelling;BPMN;Software design;Risk management;Security
UR  - https://link.springer.com/chapter/10.1007/978-3-031-36597-3_2
N2  - The importance of systems secure-by-design is well recognised. However, incidents or disputes requiring thorough investigation might occur even in highly secure systems. Forensic-ready software systems aim to ease the investigations by including requirements for reliable, admissible, and on-point data - potential evidence. Yet, the software engineering techniques for such systems have numerous open challenges. One of them, representation and reasoning, is tackled in this chapter by defining the syntax and semantics of modelling language BPMN for Forensic-Ready Software Systems (BPMN4FRSS). In addition to representing the requirements and specific controls, a semantic mapping to forensic-ready risk management is defined to support risk-oriented design. This approach of designing forensic-ready software systems, supported by BPMN4FRSS models, is then demonstrated.
ER  -

DAUBNER, Lukáš, Raimundas MATULEVIČIUS, Barbora BÜHNOVÁ and Tomáš PITNER. BPMN4FRSS: An BPMN Extension to~Support Risk-Based Development of~Forensic-Ready Software Systems. Online. In \textit{Evaluation of Novel Approaches to Software Engineering}. Cham: Springer Nature Switzerland, 2023, p.~20-43. ISBN~978-3-031-36596-6. Available from: https://dx.doi.org/10.1007/978-3-031-36597-3\_{}2.

Detailed Information on Publication Record