Kent Inge Fagerland Simonsen

Learn More
This paper shows that more than 80% of the E-Governments in the world are vulnerable to common Web-application attacks such as Cross Site Scripting and SQL injection. Industrialized countries were found to be more vulnerable than under-developed countries (90% vs. 50%). The paper also describes some malicious data mining possibilities on the Norwegian(More)
Key generation on resource-constrained devices is a challenging task. This paper describes a proof-of-concept implementation of an attack on Sun’s reference implementation of the Mobile Information Device Profile (MIDP). It is known that this implementation has a flaw in the generation of the premaster secret in SSL. The attack recovers the symmetric keys(More)
Abstract Code generation is an important part of model driven methodologies. In this paper, we present PetriCode, a software tool for generating protocol software from a subclass of Coloured Petri Nets (CPNs) that is the realization of previous work [17, 19, 18]. The CPN subclass is comprised of hierarchical CPN models describing a protocol system at(More)
Model-Driven Software Engineering (MDSE) is a promising approach for the development of applications, and has been well adopted in the embedded applications domain in recent years. Wireless Sensor Actuator Networks consisting of resource constrained hardware and platform-specific operating system is one application area where the advantages of MDSE can be(More)
Protocol software is important for much of the computer based infrastructure deployed today, and will remain so for the foreseeable future. With current modelling techniques for communication protocols, important properties are modelled and verified. However, most implementations are being done by hand even if good formal models exist. This paper discusses(More)
Automated code generation is an important element of model driven development methodologies. We have previously proposed an approach for code generation based on Coloured Petri Net models annotated with textual pragmatics for the network protocol domain. In this paper, we present and evaluate three important properties of our approach: platform(More)