From 9446634eafb9895e1ab9129b883c36a568dbf64a Mon Sep 17 00:00:00 2001 From: Paul Wortman Date: Sun, 29 May 2016 10:55:07 -0400 Subject: [PATCH] Proper formatting of sources. Next push is fixed version of citations (making up for previous failed sources push) --- AADLSecPaper.tex | 138 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 138 insertions(+) diff --git a/AADLSecPaper.tex b/AADLSecPaper.tex index 0426db5..ba43ae9 100644 --- a/AADLSecPaper.tex +++ b/AADLSecPaper.tex @@ -310,6 +310,144 @@ Delange, J., Feiler, P., Klieber, W., Nam, M., Seibel, J.: AADL Security Annex, \url{https://github.com/saeaadl/userdays/blob/master/UserDays/May2016/security-annex-May2016.pdf} +\bibitem {ellison2015extending} +Ellison, R., Householder, A., Hudak, J., Kazman, R., Woody, C.: +Extending AADL for Security Design Assurance of Cyber-Physical Systems, +Software Engineering Institute, CMU/SEI-2015-TR-014 (2015) + +\bibitem {jeepHack} +Drozhzhin, A.: +Black Hat USA 2015: The full story of how that Jeep was hacked, +\url{https://blog.kaspersky.com/blackhat-jeep -cherokee-hack-explained/9493/} + +\bibitem {planeHack} +Zetter, K.: +Feds say that banned researcher commandeered a plane, +\url{http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/} + +\bibitem {superFish} +Hope, P.: +Superfish adware weakens security and injects ads on some Lenovo laptops, +\url{http://www.techrepublic.com/article/superfish-adware-weakens-security-and-injects-ads-on-some-lenovo-laptops/} + +\bibitem {lenovoWPBT} +Sanders, J.: +Windows and UEFI anti-theft mechanism makes systems less secure, +\url{http://www.techrepublic.com/article/windows-and -uefi-anti-theft-mechanism-makes-systems-less-secure/} + +\bibitem {govHack} +Olorunnipa, T.: +Breach of Employee Data Wider Than Initial Report, U.S. Says, +\url{http://www.bloomberg.com/politics/articles/2015-06-12/white-house-says-personnel-records-possibly-breached-twice} + +\bibitem {stageFright} +Vaughan-Nicholas, S.J.: +Stagefright: Just how scary is it for Android users?, +\url{http://www.zdnet.com/article/stagefright-just-how-scary-is-it-for-android-users/} + +\bibitem {stageFright2} +Whittaker, Z.: +Stagefright is back, and affecting millions of Android devices, +\url{http://www.zdnet.com/article/new-stagefright-2-0-flaws-affect-millions-of-android-devices/} + +\bibitem {androidUpdates} +Tofel, K.: +HTC says monthly Android security updates are ``unrealistic'', +\url{http://www.zdnet.com/article/htc-says-monthly-stagefright-android-security-updates-are-unrealistic/} + +\bibitem {androidMarshmallow} +Jack Wallen, J.: +The woes of Android updates, and how to fix the process, +\url{http://www.techrepublic.com/article/the-woes-of-android-updates-and-how-to-fix-the-process/} + +\bibitem {googleAndroid} +Sanders, J.: +Google finally doubles down on security with monthly Android updates, +\url{http://www.techrepublic.com/article/google-and-some -android-phone-vendors-introduce-welcome-changes-to-security-update-process/} + +\bibitem {aaraj2008analysis} +Aaraj, N., Raghunathan, A., Jha, N.K.: +Analysis and design of a hardware/software trusted platform module for embedded systems, +ACM Transactions on Embedded Computing Systems (TECS), Volume 8 Number 1, page 8 (2008) + +\bibitem {denning1996location} +Denning, D.E., MacDoran, P.F.: +Location-based authentication: Grounding cyberspace for better security, +Computer Fraud \& Security, Volume 1996 Number 2, pages 12--16 (1996) + +\bibitem {saito2015case} +Saito, M., Hazeyama, A., Yoshioka, N., Kobashi, T., Washizaki, H., Kaiya, H., Ohkubo, T.: +A case-based management system for secure software development using software security knowledge, +Procedia Computer Science, Volume 60, pages 1092--1100 (2015) + +\bibitem {denning2015toward} +Denning, D.E.: +Toward more secure software, +Communications of the ACM, Volume 8 Number 4, pages 24--26 (2015) + +\bibitem {nguyen2015model} +Nguyen, P.: +Model-Driven Security With Modularity and Reusability For Engineering Secure Software Systems, +University of Luxembourg (2015) + +\bibitem {ravi2004security} +Ravi, S., Raghunathan, A., Kocher, P., Hattangady, S.: +Security in embedded systems: Design challenges, +ACM Transactions on Embedded Computing Systems (TECS), Volume 3 Number 3, pages 461--491 (2004) + +\bibitem {gokhale2008model} +Gokhale, A., Balasubramanian, K., Krishna, A.S., Balasubramanian, J., Edwards, G., Deng, G., Turkay, E., Parsons, J., Schmidt, D.C.: +Model driven middleware: A new paradigm for developing distributed real-time and embedded systems, +Science of Computer programming, Volume 73 Number 1, pages 39--58 (2008) + +\bibitem {perez2006vtpm} +Perez, R., Sailer, R., van Doorn, L., and others: +vTPM: virtualizing the trusted platform module, +Proc. 15th Conf. on USENIX Security Symposium, pages 305--320 + +\bibitem {yan2015novel} +Yan, W., Tehranipoor, F., Chandy, J.A.: +A Novel Way to Authenticate Untrusted Integrated Circuits, +Proceedings of the IEEE/ACM International Conference on Computer-Aided Design, pages 132--138 (2015) + +\bibitem {tehranipoor2015dram} +Tehranipoor, F., Karimina, N., Xiao, K., Chandy, J.: +DRAM based intrinsic physical unclonable functions for system level security, +Proceedings of the 25th edition on Great Lakes Symposium on VLSI, pages 15--20 (2015) + +\bibitem {CommonCriteria} +Common Criteria for Information Technology Security Evaluation, +ISO/IEC, Number ISO/IEC 15408, July 2015 + +\bibitem {benzel2005design}, +Benzel, T.V., Irvine, C.E., Levin, T.E., Bhaskara, G., Nguyen, T.D., Clark, P.C.: +Design principles for security (2005) + +\bibitem {lin2013security} +Lin, C., Zhu, Q., Phung, C., Sangiovanni-Vincentelli, A.: +Security-aware mapping for CAN-based real-time distributed automotive systems, +Computer-Aided Design (ICCAD), 2013 IEEE/ACM International Conference on, pages 115--121 (2013) + +\bibitem {markose2008systematic} +Markose, S., Liu, X., McMillin, B.: +A systematic framework for structured object-oriented security requirements analysis in embedded systems, + IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, 2008. EUC'08, Volume 1, pages 75--81 (2008) + +\bibitem {yu1997towards} +Yu, E.S.: +Towards modelling and reasoning support for early-phase requirements engineering, +Proceedings of the Third IEEE International Symposium on Requirements Engineering, pages 226--235 (1997) + +\bibitem {massacci2010security} +Massacci, F., Mylopoulos, J., Zannone, N.: +Security requirements engineering: the SI* modeling language and the secure tropos methodology, +Advances in Intelligent Information Systems, pages 147--174 (2010) + +\bibitem {sangiovanni2007quo} +Sangiovanni-Vincentelli, A.: +Quo vadis, SLD? Reasoning about the trends and challenges of system level design, +Proceedings of the IEEE, Volume 95 Number 3, pages 467--506 (2007) + \end{thebibliography} \end{document}