Marcos Arjona

Learn More
This paper presents a security engineering process for the development of secure systems focusing on the specification and development of the Set-top Boxes. The paper describes the Set-top Box characteristics and functionalities and, using the process and its secure artefacts, models what we call a Domain Security Metamodel that defines all the security(More)
Development of secure cloud applications requires a supportive approach that should also enable software assessment and certification by different mechanisms. These can assure by independent means that the required security is present. In this paper we present a Core Security Metamodel (CSM) that is the director of a security engineering process that also(More)
In today's software development process, security related design decisions are rarely made early in the overall process. Even if security is considered early, this means that in most cases a more-or-less encompassing security requirement analyses is made; Based on this analysis best-practices, ad-hoc design decisions or individual expertise is used to(More)
Complexity, dynamism and overlays in networks and systems are some of the main challenges we face nowadays when reasoning on systems' assurance and behavior. Security certification has shown to be a solid foundation to provide assurance and trust about system properties. This paper presents a certification framework for composite, layered and evolving(More)
This paper presents a security engineering process for the modelling of security-sensitive systems using a real use case of metering devices. The process provides a security framework that can be used with other existing processes (such as the agile ones). It helps to develop and model systems bearing in mind their heterogeneity, real-time and dynamic(More)
  • 1