In this paper, a novel security-enhanced agile software development process, SEAP, is introduced. It has been designed, tested, and implemented at Ericsson AB, specifically in the development of a mobile money transfer system. Two important features of SEAP are 1) that it includes additional security competences, and 2) that it includes the continuous conduction of an integrated risk analysis for identifying potential threats. As a general finding of implementing SEAP in software development, the developers solve a large proportion of the risks in a timely, yet cost-efficient manner. The default agile software development process at Ericsson AB, i.e. where SEAP was not included, required significantly more employee hours spent for every risk identified compared to when integrating SEAP. The default development process left 50.0% of the risks unattended in the software version that was released, while the application of SEAP reduced that figure to 22.5%. Furthermore, SEAP increased the proportion of risks that were corrected from 12.5% to 67.9%, a more than five times increment.

Maritime traffic modeling serves the purpose of extracting human-readable information and discovering knowledge in the otherwise illegible mass of traffic data. The goal of this study is to examine the presence and character of fluctuations in maritime traffic patterns. The main objective is to identify such fluctuations and capture them in terms of a concept drift, i.e., unforeseen shifts in statistical properties of the modeled target occurring over time. The empirical study is based on a collection of AIS vessel tracking data, spanning over a year. The scope of the study limits the AIS data area to the Baltic region (9-31°E, 53-66°N), which experiences some of the most dense maritime traffic in the world. The investigations employ a novel maritime traffic modeling method based on the potential fields concept, adapted for this study to facilitate the examination of concept drift. The concept drift is made apparent in course of the statistical and visual analysis of the experimental results. This study shows a number of particular cases, in which the maritime traffic is affected by concept drifts of varying extent and character. The visual representations of the traffic models make shifts in the traffic patterns apparent and comprehensible to human eye. Based on the experimental outcomes, the robustness of the modeling method against concept drift in traffic is discussed and improvements are proposed. The outcomes provide insights into regularly reoccurring drifts and irregularities within the traffic data itself that may serve to further optimize the modeling method, and - in turn - the performance of detection based on it. © 2017 The Authors. Published by Elsevier B. V.

Enforcing security in Internet of Things environments has been identified as one of the top barriers for realizing the vision of smart, energy-efficient homes and buildings. In this context, understanding the risks related to the use and potential misuse of information about homes, partners, and end-users, as well as, forming methods for integrating security-enhancing measures in the design is not straightforward and thus requires substantial investigation. A risk analysis applied on a smart home automation system developed in a research project involving leading industrial actors has been conducted. Out of 32 examined risks, 9 were classified as low and 4 as high, i.e., most of the identified risks were deemed as moderate. The risks classified as high were either related to the human factor or to the software components of the system. The results indicate that with the implementation of standard security features, new, as well as, current risks can be minimized to acceptable levels albeit that the most serious risks, i.e., those derived from the human factor, need more careful consideration, as they are inherently complex to handle. A discussion of the implications of the risk analysis results points to the need for a more general model of security and privacy included in the design phase of smart homes. With such a model of security and privacy in design in place, it will contribute to enforcing system security and enhancing user privacy in smart homes, and thus helping to further realize the potential in such loT environments. (C) 2015 Elsevier B.V. All rights reserved.

A security-enhanced agile software development process, SEAP, is introduced in the development of a mobile money transfer system at Ericsson Corp. A specific characteristic of SEAP is that it includes a security group consisting of four different competences, i.e., security manager, security architect, security master and penetration tester. Another significant feature of SEAP is an integrated risk analysis process. In analyzing risks in the development of the mobile money transfer system, a general finding was that SEAP either solves risks that were previously postponed or solves a larger proportion of the risks in a timely manner. The previous software development process, i.e., the baseline process of the comparison outlined in this paper, required 2.7 employee hours spent for every risk identified in the analysis process compared to, on the average, 1.5 hours for the SEAP. The baseline development process left 50% of the risks unattended in the software version being developed, while SEAP reduced that figure to 22%. Furthermore, SEAP increased the proportion of risks that were corrected from 12.5% to 67.1%, i.e., more than a five times increment. This is important, since an early correction may avoid severe attacks in the future. The security competence in SEAP accounts for 5% of the personnel cost in the mobile money transfer system project. As a comparison, the corresponding figure, i.e., for security, was 1% in the previous development process.

The Automatic Identification System (AIS) is used to identify and locate active maritime vessels. Datasets of AIS messages recorded over time make it possible to model ship movements and analyze traffic events. Here, the maritime traffic is modeled using a potential fields method, enabling the extraction of traffic patterns and anomaly detection. A software tool named STRAND, implementing the modeling method, displays real-world ship behavior patterns, and is shown to generate traffic rules spontaneously. STRAND aids maritime situational awareness by displaying patterns of common behaviors and highlighting suspicious events, i.e., abstracting informative content from the raw AIS data and presenting it to the user. In this it can support decisions regarding, e.g., itinerary planning, routing, rescue operations, or even legislative traffic regulation. This study in particular focuses on identification and analysis of traffic rules discovered based on the computed traffic models. The case study demonstrates and compares results from three different areas, and corresponding traffic rules identified in course of the result analysis. The ability to capture distinctive, repetitive traffic behaviors in a quantitative, automatized manner may enhance detection and provide additional information about sailing practices.

Without an explicit road-like regulation, following the proper sailing routes and practices is still a challenge mostly addressed using seamen’s know-how and experience. This chapter focuses on the problem of modeling ship movements over water with the aim to extract and represent this kind of knowledge. The purpose of the developed modeling method, inspired by the theory of potential fields, is to capture the process of navigation and piloting through the observation of ship behaviors in transport over water on narrow waterways. When successfully modeled, that knowledge can be subsequently used for various purposes. Here, the models of typical ship movements and behaviors are used to provide a visual insight into the actual normal traffic properties (maritime situational awareness) and to warn about potentially dangerous traffic behaviors (anomaly detection). A traffic modeling and anomaly detection prototype system STRAND implements the potential field based method for a collected set of AIS data. A quantitative case study is taken out to evaluate the applicability and performance of the implemented modeling method. The case study focuses on quantifying the detections for varying geographical resolution of the detection process. The potential fields extract and visualize the actual behavior patterns, such as right-hand sailing rule and speed limits, without any prior assumptions or information introduced in advance. The display of patterns of correct (normal) behavior aids the choice of an optimal path, in contrast to the anomaly detection which notifies about possible traffic incidents. A tool visualizing the potential fields may aid traffic surveillance and incident response, help recognize traffic regulation and legislative issues, and facilitate the process of waterways development and maintenance. © Springer International Publishing Switzerland 2015.

This study focuses on improving the potential field based maritime data modeling method, developed to extract traffic patterns and detect anomalies, in a clear, understandable and informative way. The method's novelty lies in employing the concept of a potential field for AIS vessel tracking data abstraction and maritime traffic representation. Unlike the traditional maritime surveillance equipment, such as radar or GPS, the AIS system comprehensively represents the identity and properties of a vessel, as well as its behavior, thus preserving the effects of navigational decisions, based on the skills of experienced seamen. In the developed data modeling process, every vessel generates potential charges, which value represent the vessel's behavior, and drops the charges at locations it passes. Each AIS report is used to assign a potential charge at the reported vessel positions. The method derives three construction elements, which define, firstly, how charges are accumulated, secondly, how a charge decays over time, and thirdly, in what way the potential is distributed around the source charge. The collection of potential fields represents a model of normal behavior, and vessels not conforming to it are marked as anomalous. In the anomaly detection prototype system STRAND, the sensitivity of anomaly detection can be modified by setting a geographical coordinate grid precision to more dense or coarse. The objective of this study is to identify the optimal grid size for two different conditions an open sea and a port area case. A noticeable shift can be observed between the results for the open sea and the port area. The plotted detection rates converge towards an optimal ratio for smaller grid sizes in the port area (60-200 meters), than in the open sea case (300-1000 meters). The effective outcome of the potential filed based anomaly detection is filtering out all vessels behaving normally and presenting a set of anomalies, for a subsequent incident analysis using STRAND as an information visualization tool.

A recent study has shown that more than every fourth person in Sweden feels that they have poor knowledge and control over their energy use, and that four out of ten would like to be more aware and to have better control over their consumption [5]. A solution is to provide the householders with feedback on their energy consumption, for instance, through a smart home automation system [10]. Studies have shown that householders can reduce energy consumption with up to 20% when gaining such feedback [5] [10]. Home automation is a prime example of a smart environment built on various types of cyber-physical systems generating volumes of diverse, heterogeneous, complex, and distributed data from a multitude of applications and sensors. Thereby, home automation is also an example of an Internet of Things (IoT) scenario, where a communication network extends the present Internet by including everyday items and sensors [22]. Home automation is attracting more and more attention from commercial actors, such as, energy suppliers, infrastructure providers, and third party software and hardware vendors [8] [10]. Among the non-commercial stake-holders, there are various governmental institutions, municipalities, as well as, end-users.

Based on the question "How can people and computers be connected so that - collectively - they act more intelligently than any individuals, groups, or computers have ever done before?" we propose an evolutionary approach. From this point of view, there are of course fundamental differences between man and machine. Where one is artificial, the other is natural, and where the computer needs to process, the brain must adapt. We propose the use of culturally inherited units, i.e., memes, for describing collective knowledge storage. Like the genes, memes have the ability to be inherited to the next generation. Genes appear independently of our society while memes are a result of our cultural development. The concept of collective intelligence may involve a new kind of meme, entirely emerging within the intersection between man and machine, i.e., outside the scope of human control. The challenge is to model this behavior without overriding constraints within basic evolutionary vs. machine settings.

We compare four high-profile waterfall security-engineering processes (CLASP, Microsoft SDL, Cigital Touchpoints and Common Criteria) with the available preconditions within agile processes. Then, using a survey study, agile security activities are identified and evaluated by practitioners from large companies, e.g. software and telecommunication companies. Those activities are compared and a specific security engineering process is suggested for an agile process setting that can provide high benefit with low integration cost.