> | ">Deutsch
|
|||||
PortSec |
||||||
The PortSec project (IT Risk
Management in Port Community Systems Based on the Software Architecture)
develops a systematic and comprehensive IT risk management for port community
systems based on the software architecture while considering legal and economic
security requirements. The software-centric approach focuses on the prevention
of attacks and not primarily on attack detection and defense.
The approach is innovative as it is currently not being considered in the
processes and standards of information security management systems (ISMS). The Universität Bremen will
(semi-)automatically reconstruct the implemented software architecture from the
source code of the port community system. Business processes and corresponding
legal as well as economic security requirements will be formalized. Checking
these requirements against the reconstructed software and system architecture
contributes to the identification of specific IT risks. Within the R&D project PortSec,
the Universität Bremen will reconstruct the security architecture of port telematics systems semi-automatically. With the help of
static program analyses, the security architecture will be reconstructed from
the Java code of the port community system. Furthermore, the IT environment of
the port community system will be systematically determined to obtain a
comprehensive picture of the whole system security architecture. The system
security architecture will then be visualized and analyzed. The Universität Bremen will also
formalize business processes relevant for port telematics
and their security requirements (e.g., with UML/OCL, graph formalisms or
logics). The resulting formalized security rules will then be checked against
the (semi-)automatically reconstructed IT-security architecture. Period: 01/09/2016 -31/08/2018 |
||||||
Author: |
||||||
|