000 | 05176nam a22006015i 4500 | ||
---|---|---|---|
001 | 978-3-031-42212-6 | ||
003 | DE-He213 | ||
005 | 20240730170740.0 | ||
007 | cr nn 008mamaa | ||
008 | 231215s2024 sz | s |||| 0|eng d | ||
020 |
_a9783031422126 _9978-3-031-42212-6 |
||
024 | 7 |
_a10.1007/978-3-031-42212-6 _2doi |
|
050 | 4 | _aQA76.758 | |
072 | 7 |
_aUMZ _2bicssc |
|
072 | 7 |
_aCOM051230 _2bisacsh |
|
072 | 7 |
_aUMZ _2thema |
|
082 | 0 | 4 |
_a005.1 _223 |
245 | 1 | 0 |
_aCyberSecurity in a DevOps Environment _h[electronic resource] : _bFrom Requirements to Monitoring / _cedited by Andrey Sadovykh, Dragos Truscan, Wissam Mallouli, Ana Rosa Cavalli, Cristina Seceleanu, Alessandra Bagnato. |
250 | _a1st ed. 2024. | ||
264 | 1 |
_aCham : _bSpringer Nature Switzerland : _bImprint: Springer, _c2024. |
|
300 |
_aXVI, 324 p. 1 illus. _bonline resource. |
||
336 |
_atext _btxt _2rdacontent |
||
337 |
_acomputer _bc _2rdamedia |
||
338 |
_aonline resource _bcr _2rdacarrier |
||
347 |
_atext file _bPDF _2rda |
||
505 | 0 | _aPart I: Security Requirements Engineering -- 1. A Taxonomy of Vulnerabilities, Attacks, and Security Solutions in Industrial PLCs -- 2. Natural Language Processing with Machine Learning for Security Requirements Analysis - Practical Approaches -- 3. Security Requirements Formalisation with RQCODE -- Part II: Prevention at Development Time -- 4. Vulnerability Detection and Response: Current Status and New Approaches -- 5. Metamorphic Testing for Verification and Fault Localization in Industrial Control Systems -- 6. Interactive Application Security Testing with Hybrid Fuzzing and Statistical Estimators -- Part III: Protection at Operations -- 7. CTAM: a tool for Continuous Threat Analysis and Management -- 8. EARLY - a tool for real-time security attack detection -- 9. A Stream-Based Approach to Intrusion Detection -- 10. Towards Anomaly Detection using Explainable AI. . | |
520 | _aThis book provides an overview of software security analysis in a DevOps cycle including requirements formalisation, verification and continuous monitoring. It presents an overview of the latest techniques and tools that help engineers and developers verify the security requirements of large-scale industrial systems and explains novel methods that enable a faster feedback loop for verifying security-related activities, which rely on techniques such as automated testing, model checking, static analysis, runtime monitoring, and formal methods. The book consists of three parts, each covering a different aspect of security engineering in the DevOps context. The first part, "Security Requirements", explains how to specify and analyse security issues in a formal way. The second part, "Prevention at Development Time", offers a practical and industrial perspective on how to design, develop and verify secure applications. The third part, "Protection at Operations", eventually introducestools for continuous monitoring of security events and incidents. Overall, it covers several advanced topics related to security verification, such as optimizing security verification activities, automatically creating verifiable specifications from security requirements and vulnerabilities, and using these security specifications to verify security properties against design specifications and generate artifacts such as tests or monitors that can be used later in the DevOps process. The book aims at computer engineers in general and does not require specific knowledge. In particular, it is intended for software architects, developers, testers, security professionals, and tool providers, who want to define, build, test, and verify secure applications, Web services, and industrial systems. | ||
650 | 0 |
_aSoftware engineering. _94138 |
|
650 | 0 |
_aData protection. _97245 |
|
650 | 0 |
_aComputer programs _xTesting. _980793 |
|
650 | 0 |
_aCooperating objects (Computer systems). _96195 |
|
650 | 1 | 4 |
_aSoftware Engineering. _94138 |
650 | 2 | 4 |
_aData and Information Security. _931990 |
650 | 2 | 4 |
_aSoftware Testing. _980795 |
650 | 2 | 4 |
_aCyber-Physical Systems. _932475 |
700 | 1 |
_aSadovykh, Andrey. _eeditor. _4edt _4http://id.loc.gov/vocabulary/relators/edt _995104 |
|
700 | 1 |
_aTruscan, Dragos. _eeditor. _4edt _4http://id.loc.gov/vocabulary/relators/edt _995105 |
|
700 | 1 |
_aMallouli, Wissam. _eeditor. _4edt _4http://id.loc.gov/vocabulary/relators/edt _995107 |
|
700 | 1 |
_aCavalli, Ana Rosa. _eeditor. _4edt _4http://id.loc.gov/vocabulary/relators/edt _995108 |
|
700 | 1 |
_aSeceleanu, Cristina. _eeditor. _4edt _4http://id.loc.gov/vocabulary/relators/edt _995110 |
|
700 | 1 |
_aBagnato, Alessandra. _eeditor. _4edt _4http://id.loc.gov/vocabulary/relators/edt _995111 |
|
710 | 2 |
_aSpringerLink (Online service) _995114 |
|
773 | 0 | _tSpringer Nature eBook | |
776 | 0 | 8 |
_iPrinted edition: _z9783031422119 |
776 | 0 | 8 |
_iPrinted edition: _z9783031422133 |
776 | 0 | 8 |
_iPrinted edition: _z9783031422140 |
856 | 4 | 0 | _uhttps://doi.org/10.1007/978-3-031-42212-6 |
912 | _aZDB-2-SCS | ||
912 | _aZDB-2-SXCS | ||
942 | _cEBK | ||
999 |
_c87144 _d87144 |