{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,6]],"date-time":"2025-05-06T08:52:05Z","timestamp":1746521525535,"version":"3.40.3"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031575365"},{"type":"electronic","value":"9783031575372"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-57537-2_24","type":"book-chapter","created":{"date-parts":[[2024,4,24]],"date-time":"2024-04-24T19:02:38Z","timestamp":1713985358000},"page":"391-407","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Hardening Systems Against Data Corruption Attacks at\u00a0Design Time"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4558-8173","authenticated-orcid":false,"given":"John","family":"Breton","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6316-3040","authenticated-orcid":false,"given":"Jason","family":"Jaskolka","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6002-5101","authenticated-orcid":false,"given":"George O. M.","family":"Yee","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,4,25]]},"reference":[{"key":"24_CR1","unstructured":"Apple: CVE-2023-32435. Available from MITRE, CVE-2023-32435 (2023). https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-32435"},{"key":"24_CR2","unstructured":"Chen, S., Xu, J., Nakka, N., Kalbarczyk, Z., Iyer, R.K.: Defeating memory corruption attacks via pointer taintedness detection. In: 2005 International Conference on Dependable Systems and Networks, pp. 378\u2013387. DSN 2005 (2005)"},{"key":"24_CR3","doi-asserted-by":"crossref","unstructured":"Cheng, L., et al.: Exploitation techniques and defenses for data-oriented attacks. In: 2019 IEEE Cybersecurity Development (SecDev), pp. 114\u2013128. IEEE (2019)","DOI":"10.1109\/SecDev.2019.00022"},{"key":"24_CR4","doi-asserted-by":"crossref","unstructured":"Chowdhury, I., Chan, B., Zulkernine, M.: Security metrics for source code structures. In: 4th International Workshop on Software Engineering for Secure Systems, pp. 57\u201364. SESS 2008, ACM (2008)","DOI":"10.1145\/1370905.1370913"},{"key":"24_CR5","doi-asserted-by":"crossref","unstructured":"Fiala, D., Mueller, F., Engelmann, C., Riesen, R., Ferreira, K., Brightwell, R.: Detection and correction of silent data corruption for large-scale high-performance computing. In: 2012 International Conference on High Performance Computing, Networking, Storage and Analysis, pp. 1\u201312 (2012)","DOI":"10.1109\/SC.2012.49"},{"key":"24_CR6","unstructured":"Google: CVE-2023-3079. Available from MITRE, CVE-2023-3079 (2023). https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-3079"},{"key":"24_CR7","volume-title":"The Security Development Lifecycle","author":"M Howard","year":"2006","unstructured":"Howard, M., Lipner, S.: The Security Development Lifecycle, vol. 8. Microsoft Press, Redmond (2006)"},{"key":"24_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1007\/3-540-45800-X_32","volume-title":"UML 2002 \u2014 The Unified Modeling Language","author":"J J\u00fcrjens","year":"2002","unstructured":"J\u00fcrjens, J.: UMLsec: extending UML for secure systems development. In: J\u00e9z\u00e9quel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412\u2013425. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45800-X_32"},{"key":"24_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/978-3-540-31984-9_23","volume-title":"Fundamental Approaches to Software Engineering","author":"J J\u00fcrjens","year":"2005","unstructured":"J\u00fcrjens, J., Shabalin, P.: Tools for secure systems development with uml: security analysis with ATPs. In: Cerioli, M. (ed.) FASE 2005. LNCS, vol. 3442, pp. 305\u2013309. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-31984-9_23"},{"issue":"10","key":"24_CR10","doi-asserted-by":"publisher","first-page":"4601","DOI":"10.1007\/s12652-021-03450-z","volume":"13","author":"S Kang","year":"2022","unstructured":"Kang, S., Kim, S.: CIA-level driven secure SDLC framework for integrating security into SDLC process. J. Ambient. Intell. Humaniz. Comput. 13(10), 4601\u20134624 (2022)","journal-title":"J. Ambient. Intell. Humaniz. Comput."},{"key":"24_CR11","doi-asserted-by":"publisher","first-page":"872","DOI":"10.1007\/s40565-018-0452-y","volume":"6","author":"E Kontouras","year":"2018","unstructured":"Kontouras, E., Tzes, A., Dritsas, L.: Set-theoretic detection of data corruption attacks on cyber physical power systems. J. Mod. Power Syst. Clean Energy 6, 872\u2013886 (2018)","journal-title":"J. Mod. Power Syst. Clean Energy"},{"key":"24_CR12","unstructured":"Lee, M., Davis, C.: XMI extension for StarUML (2018). https:\/\/github.com\/staruml\/staruml-xmi"},{"key":"24_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/3-540-45800-X_33","volume-title":"UML 2002 \u2014 The Unified Modeling Language","author":"T Lodderstedt","year":"2002","unstructured":"Lodderstedt, T., Basin, D., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: J\u00e9z\u00e9quel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426\u2013441. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45800-X_33"},{"key":"24_CR14","unstructured":"lxml Development Team: lxml: XML and HTML with python (2023). https:\/\/lxml.de\/. version 4.9.3 [Software library]"},{"key":"24_CR15","unstructured":"Microsoft: Microsoft outlook elevation of privilege vulnerability (2023). https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-23397"},{"key":"24_CR16","unstructured":"MKLabs Co.,Ltd.: StarUML (2023). https:\/\/staruml.io. version 6.0 [Software]"},{"key":"24_CR17","doi-asserted-by":"crossref","unstructured":"Nie, X., Chen, L., Wei, H., Zhang, Y., Cui, N., Shi, G.: KPDFI: efficient data flow integrity based on key property against data corruption attack. In: Computers & Security, pp. 103\u2013183 (2023)","DOI":"10.1016\/j.cose.2023.103183"},{"key":"24_CR18","unstructured":"Object Management Group: Unified Modeling Language (2017). https:\/\/www.omg.org\/spec\/UML\/2.5.1\/PDF. version 2.5.1"},{"issue":"5","key":"24_CR19","doi-asserted-by":"publisher","first-page":"338","DOI":"10.1049\/iet-sen.2018.5409","volume":"13","author":"M Ozkaya","year":"2019","unstructured":"Ozkaya, M.: Are the UML modelling tools powerful enough for practitioners? a literature review. IET Softw. 13(5), 338\u2013354 (2019)","journal-title":"IET Softw."},{"key":"24_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1007\/11908883_6","volume-title":"Advances in Conceptual Modeling - Theory and Practice","author":"A Rodr\u00edguez","year":"2006","unstructured":"Rodr\u00edguez, A., Fern\u00e1ndez-Medina, E., Piattini, M.: Capturing security requirements in business processes through a UML 2.0 activity diagrams profile. In: Roddick, J.F., et al. (eds.) ER 2006. LNCS, vol. 4231, pp. 32\u201342. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11908883_6"},{"key":"24_CR21","doi-asserted-by":"crossref","unstructured":"Samuel, J., Jaskolka, J., Yee, G.O.M.: Analyzing structural security posture to evaluate system design decisions. In: 21st IEEE International Conference on Software Quality, Reliability, and Security, QRS 2021, pp. 8\u201317 (2021)","DOI":"10.1109\/QRS54544.2021.00012"},{"key":"24_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"355","DOI":"10.1007\/978-3-540-73031-6_27","volume-title":"Requirements Engineering: Foundation for Software Quality","author":"G Sindre","year":"2007","unstructured":"Sindre, G.: Mal-activity diagrams for capturing attacks on business processes. In: Sawyer, P., Paech, B., Heymans, P. (eds.) REFSQ 2007. LNCS, vol. 4542, pp. 355\u2013366. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-73031-6_27"},{"key":"24_CR23","doi-asserted-by":"crossref","unstructured":"Szekeres, L., Payer, M., Wei, T., Song, D.: Sok: eternal war in memory. In: 2013 IEEE Symposium on Security and Privacy, pp. 48\u201362. IEEE (2013)","DOI":"10.1109\/SP.2013.13"},{"key":"24_CR24","unstructured":"The Eclipse Foundation: Eclipse Papyrus (2023). https:\/\/www.eclipse.org\/papyrus\/. version 6.5.0 [Software]"},{"key":"24_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1007\/978-3-642-33338-5_5","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"V van der Veen","year":"2012","unstructured":"van der Veen, V., dutt-Sharma, N., Cavallaro, L., Bos, H.: Memory errors: the past, the present, and the future. In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) RAID 2012. LNCS, vol. 7462, pp. 86\u2013106. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33338-5_5"},{"key":"24_CR26","unstructured":"Yee, G.O.M.: Reducing the attack surface for private data. In: 13th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2019, pp. 28\u201334 (2019)"}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-57537-2_24","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,24]],"date-time":"2024-04-24T19:06:00Z","timestamp":1713985560000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-57537-2_24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031575365","9783031575372"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-57537-2_24","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"25 April 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FPS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Foundations and Practice of Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bordeaux","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 December 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 December 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fps2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.fps-2023.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"80","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}