Ingeniería y Seguridad

URI permanente para esta colección:

https://hdl.handle.net/11705/496
Artículos en la categoría Ingeniería y Seguridad publicados en las Actas de las XVII Jornadas de Ingeniería de Ciencia e Ingeniería de Servicios (JCIS 2022).

Examinar

Examinando Ingeniería y Seguridad por Título

Mostrando 1 - 3 de 3
  • Miniatura
    Resumen
    CARMEN: A framework for the verification and diagnosis of the specification of security requirements in Cyber-physical systems
    Varela Vaca, Ángel Jesús; Garcia Rosado, David; Sanchez Crespo, Luis Enrique; Gómez-López, María Teresa; Gasca, Rafael M.; Fernandez-Medina, Eduardo. Actas de las XVII Jornadas de Ingeniería de Ciencia e Ingeniería de Servicios (JCIS 2022), 2022-09-05.
    Nowadays, Cyber-physical systems (CPS) are drawn the attention within the industry, society and government, due to the enormous impact they have on the economy and the environment, and providing citizens and businesses with a wide range of innovative applications and services. However this popularity has been accompanied by serious security challenges. A CPS is a complex system that includes hardware and software components, with different suppliers and connection protocols, forcing complex data management and storage. Furthermore, security requirements associated with a CPS implies a very high number of characteristics and potential configurations that makes the assessment and diagnosis of security requirements very difficult. For this reason, the construction, verification and diagnosis of security CPS become a major challenge, which involves a correct specification of security requirements, the verification of the correct system configurations, and if necessary, the diagnosis to detect the features to be modified to obtain a security configuration. To fulfil the gap, we present the CAR- MEN framework to guide users in the definition of correct security requirements for CPS and to enable the diagnosis of these requirements. The framework is based on the specification of the security requirements and their analysis supported by Model-Driven Engineering and Software Product Line Engineering (SPLE) approaches. The proposal has been evaluated by means of a case study of hydroponic cultivation associated with Agriculture 4.0.
  • Miniatura
    Resumen
    Quantum Software as a Service Through a Quantum API Gateway
    García Alonso, José Manuel; Rojo, Javier; Valencia, David; Moguel, Enrique; Berrocal, José Javier; Murillo Rodríguez, Juan Manuel. Actas de las XVII Jornadas de Ingeniería de Ciencia e Ingeniería de Servicios (JCIS 2022), 2022-09-05.
    As quantum computers mature, the complexity of quantum software increases. As we move from the initial standalone quantum algorithms toward complex solutions combining quantum algorithms with traditional software, new software engineering methods and abstractions are needed. Nowadays, quantum computers are usually offered in the cloud, under a pay-per-use model, leading to the adoption of the service-oriented good practices that dominate the cloud today. However, specific adaptations are needed to reap the benefits of service-oriented computing while dealing with quantum hardware limitations. In this paper, we propose the Quantum API Gateway---an adaptation of the API Gateway pattern that takes into account the fact that quantum services cannot be deployed as traditional services. Instead, the Quantum API Gateway recommends the best quantum computer to run a specific quantum service at run-time. As proof of concept, we provide an implementation of the Quantum API Gateway for the Amazon Braket platform.
  • Miniatura
    Artículo
    Un Servicio de Gamificación para Mejorar la Cultura de la Ciberseguridad
    Lagares-Galán, Jesús; Navas-Pérez, Pedro José; Peregrina-Pérez, María Jesús; Boubeta-Puig, Juan. Actas de las XVII Jornadas de Ingeniería de Ciencia e Ingeniería de Servicios (JCIS 2022), 2022-09-05.
    La situación de la pandemia provocada por el COVID-19 ha generado un gran aumento en el número de ataques informáticos. Gracias a las técnicas, herramientas y servicios de ciberseguridad podemos prevenir y defendernos ante este tipo de ataques, independientemente del sector donde se realice. Sin embargo, todavía existe un gran desconocimiento de la ciberseguridad entre la población, así como una enorme falta de formación en este sector. Para lograr una mejora en la cultura de la ciberseguridad, este artículo propone la utilización de un servicio de gamificación, concretamente una competición Capture The Flag. Además, se expone un caso práctico con una serie de retos de ciberseguridad llevados a cabo en un entorno real. Los resultados demuestran que estas prácticas tienen interés entre la población y pueden ser una herramienta viable para una enseñanza amena de conceptos relacionados con la seguridad informática.