Text
VeriDevOps Research Workshop VI
Time: 9:30-13:30 (CET) Oct.26th. 2023
Location: Hybrid (online and Fagor Arrasate S. Coop. San Andres Auzoa, 20, 20500 Arrasate, Gipuzkoa, Spanien)
Time | Duration | Topic | Presenter | Organization | ||
---|---|---|---|---|---|---|
9:30 | 20 mins | VeriDevOps Technical Introduction | Andrey Sadovykh | SOFTEAM | ||
Part I: Security Requirements Engineering | ||||||
9:50 | 20 mins | A Taxonomy of Vulnerabilities, Attacks, and Security Solutions in Industrial PLCs. | Eduard Paul Enoiu | Mälardalen University | ||
10:10 | 20 mins | Natural Language Processing with Machine Learning for Security Requirements Analysis - Practical Approaches. |
| SOFTEAM | ||
10:30 | 20 mins | Security Requirements Formalization with RQCODE. | Andrey Sadovykh | SOFTEAM | ||
10:50 | 20 mins | break | / | / | ||
Part II: Prevention at Development Time | ||||||
11:00 | 20 mins | Vulnerability Detection and Response: Current Status and New Approaches |
|
| ||
11:20 | 20 mins | Metamorphic Testing for Verification and Fault Localization in Industrial Control Systems | Gaadha Sudheerbabu | Åbo Akademi University | ||
11:40 | 20 mins | Interactive Application Security Testing with Hybrid Fuzzing and Statistical Estimators | Ramon Barakat | FFK | ||
12:00 | 10 mins | break | / | / | ||
Part III: Protection at Operations | ||||||
12:10 | 20 mins | CTAM: a tool for Continuous Threat Analysis and Management | Laurens Sion | KUL | ||
12:30 | 20 mins | EARLY - a tool for real-time security attack detection | Tanwir Ahmad | Åbo Akademi University | ||
12:50 | 20 mins | A Stream-Based Approach to Intrusion Detection | Sylvain Hallé | UM | ||
13:10 | 20 mins | Towards Anomaly Detection using Explainable AI | Manh Dung | MI | ||
13:30 | 10 mins | Conclusions | Andrey Sadovykh | SOFTEAM |
About this book
The book aims to provide a comprehensive and systematic overview of the current state of the art and practice in software security analysis, covering topics such as security requirements specification, verification, and continuous monitoring. The book also discusses the challenges and opportunities for future research and practice in this emerging field.
Learn more
Background information and purchase link
Watch this Workshop
VeriDevOps Technical Introduction
Part I Security Requirements Engineering
Part II: Prevention at Development Time
Part III: Protection at Operations
Meet the speakers
Sylvain Hallé, Ph.D. is a Full Professor in the Department of Computer Science and Mathematics at Université du Québec à Chicoutimi, Canada, since 2010, and is the current holder of the Canada Research Chair on Software Specification, Testing and Verification. Both an ACM and IEEE senior member, Pr. Hallé has won multiple awards in international conferences for his research on software testing and formal methods. The team he leads at Laboratoire d'informatique formelle has produced a number of free software tools that directly apply the results of his research. In addition to the BeepBeep event stream processing engine, let us mention Cornipickle, an automated testing tool for web interfaces, and LabPal, an environment for streamlining the execution of computer experiments and their inclusion within research papers.
Manh-Dung Nguyen is currently a research engineer at Montimage, France. He earned his PhD from CEA LIST and the University of Grenoble Alpes in 2021. He also holds a master's degree in network and telecommunications from the University of Paris Sud, obtained in 2013. His current research emphasizes explainable AI and automated vulnerability detection, with a particular interest in greybox fuzzing.
Jose Luis Flores is a researcher at Ikerlan Technology Research Center within the Cybersecurity in Embedded Systems team. He holds a M.Sc. in Robotics and Advanced Control from the University of the Basque Country. His main interest is related to Artificial Intelligence and Cybersecurity. As such, the main lines he works on in each organization are Embedded System security at Ikerlan, and Machine Learning and Optimization at the university.
Ramon Barakat graduated with a master’s degree in Computer Science from the Technical University of Berlin. He works at the Fraunhofer Institute for Open Communication Systems (FOKUS) where he participates in several industrial and research projects in the field of Software Quality Assurance, Model-based and Security Testing. He is currently working in various research projects on the topics of security and penetration testing and deals mainly with the topics Dynamic and Interactive Application Security Testing (IAST) with a special focus on Fuzzing.
Dr. Ahmad is a post-Doctoral Researcher at Åbo Akademi University. His research focuses on the exploratory testing of cyber-physical systems. He has proposed different methodologies to efficiently discover faults in systems with multidimensional large input spaces using machine learning and evolutionary algorithms. In his recent work, he utilizes a 1-D convolution neural network for early network attack detection.
Dr. Enoiu is a senior lecturer at Mälardalen University in Västerås, Sweden, primarily affiliated with the Software Testing Laboratory and the Formal Modelling and Analysis groups at the Department of Networked and Embedded Systems. His research interests span software engineering and empirical research, especially how to test, maintain, evolve, and assure high-quality software systems.
Dr. Sadovykh is an innovation consultant and a research project manager in Softeam and an Assistant Professor at Innopolis University. He coordinated SOFTEAM’s research activities of the company covering fields such as model-driven development (MDD) and model-based system engineering (MBSE), Business Process Automation (BPA), Cloud and Big Data in application areas such as eGovernment, eHealth, Space and Agro sectors.