Browsing SINTEF Open by Author "Meland, Per Håkon"
Now showing items 1-20 of 30
-
A Lightweight Approach to Secure Software Engineering
JAATUN, Martin Gilje; Jensen, Jostein; Meland, Per Håkon; Tøndel, Inger Anne (Chapter, 2011)Secure software engineering is much more than developing critical software. History has shown us that software bugs and design flaws also represent exploitable security vulnerabilities in seemingly innocuous applications ... -
An architectural foundation for security model sharing and reuse
Meland, Per Håkon (Chapter, 2009) -
An experimental evaluation of bow-tie analysis for cybersecurity requirements
Meland, Per Håkon; Bernsmed, Karin; Frøystad, Christian; Li, Jingyue; Sindre, Guttorm (Journal article; Peer reviewed, 2019)Bow-tie analysis includes a graphical representation for depicting threats and consequences related to unwanted events, and shows how preventive and reactive barriers can provide control over such situations. This kind of ... -
Assessing cyber threats for storyless systems
Meland, Per Håkon; Nesheim, Dag Atle; Bernsmed, Karin; Sindre, Guttorm (Peer reviewed; Journal article, 2021)A proper assessment of potential cyber threats is vital for security decision-making. This becomes an even more challenging task when dealing with new system designs and industry sectors where there is little or no historical ... -
Assessing cyber threats for storyless systems
Meland, Per Håkon; Nesheim, Dag Atle; Bernsmed, Karin; Sindre, Guttorm (Peer reviewed; Journal article, 2021)A proper assessment of potential cyber threats is vital for security decision-making. This becomes an even more challenging task when dealing with new system designs and industry sectors where there is little or no historical ... -
Breaking the Cyber Kill Chain by Modelling Resource Costs
Haga, Kristian; Meland, Per Håkon; Sindre, Guttorm (Chapter, 2020)To combat cybercrime, a clearer understanding of the attacks and the offenders is necessary. When there is little available data about attack incidents, which is usually the case for new technology, one can make estimations ... -
Cloud Security Requirements - A checklist with security and privacy requirements for public cloud services
Bernsmed, Karin; Meland, Per Håkon; Jaatun, Martin Gilje (Research report, 2015)This document contains a checklist that can be used to develop or evaluate security and privacy requirements for Cloud computing services. The content has been gathered from established industry standards and best practices, ... -
Cyber Attacks for Sale
Meland, Per Håkon; Sindre, Guttorm (Chapter, 2020)The infamous darknet hosts an underground economy for illegal goods and services, some of which can be purchased and used for cyber attacks. By analyzing the properties and popularity of such items, we can get indications ... -
D2.2 Updated cyber risk assessment for the maritime industry
Meland, Per Håkon; Bernsmed, Karin; Wille, Egil; Rødseth, Ørnulf Jan; Nesheim, Dag Atle (SINTEF Rapport;2021:00341, Research report, 2021)This report presents an updated assessment of the cyberthreat landscape in the context of CySiMS-SE. It is based on the previous work from CySiMS “D1.1 Risk Model and Analysis” and the methodology from CySiMS-SE “D2.1 ... -
D4.3 Multi-modal communication - Securing future communication across different sectors and technologies
Bernsmed, Karin; Bour, Guillaume; Meland, Per Håkon; Borgaonkar, Ravishankar Bhaskarrao; Wille, Egil (SINTEF rapport;2021:00314, Research report, 2021)This document introduces the concept of multi-modal communication, using the coordination of a Search and Rescue (SAR) operation as an illustrating scenario, identifies challenges for secure information exchange and ... -
Facing uncertainty in cyber insurance policies
Meland, Per Håkon; Tøndel, Inger Anne; Moe, Marie Elisabeth Gaup; Seehusen, Fredrik (Journal article; Peer reviewed, 2017)Cyber insurance has gained less ground in Europe than in the U.S., but with emerging laws and regulations, the prospect of considerable fines for security breaches is pushing many organisations into this market. A qualitative ... -
Fool Me Once, Shame on Me - A Qualitative Interview Study of Social Engineering Victims
Berg, Silje; Thorvik, Tilde Gregusson; Meland, Per Håkon (Peer reviewed; Journal article, 2023)Security breaches still continue to flourish despite of the many technical measures in place. More often than not, the human users get the blame. Social engineering attacks use various manipulation techniques to fool users ... -
Keeping the human element to secure autonomous shipping operations
Meland, Per Håkon; Nesheim, Dag Atle; Rødseth, Ørnulf Jan (Peer reviewed; Journal article, 2023)Autonomous shipping operations are becoming economically and technically feasible, but this development also requires new human roles and responsibilities onshore for managing cyber events. The goal of this paper is to ... -
Kunnskapsoversikt cyberkriminalitet
Meland, Per Håkon; Bjørge, Nina Møllerstuen; Høiby, Marte; Kilskar, Stine Skaufel (SINTEF Rapport;2023:01331, Research report, 2024)På oppdrag fra Justis- og beredskapsdepartementet har SINTEF gjennomført en systematisk litteraturstudie for å adressere forskningsspørsmål knyttet til begreps-definisjoner og hvordan man kan måle omfang av fenomenet ... -
The need for a public key infrastructure for automated and autonomous ships
Rødseth, Ørnulf Jan; Frøystad, Christian; Meland, Per Håkon; Bernsmed, Karin; Nesheim, Dag Atle (Peer reviewed; Journal article, 2020)Shipping undergoes rapid digitization, covering safety and security reporting, mandatory ship documentation, electronic port clearance as well as commercial and operational information exchanges. Increasing automation of ... -
On the Certificate Revocation Problem in the Maritime Sector
Bour, Guillaume; Bernsmed, Karin; Meland, Per Håkon; Borgaonkar, Ravishankar Bhaskarrao (Peer reviewed; Journal article, 2021)Maritime shipping is currently undergoing rapid digitalization, but with increasing exposure to cyber threats, there is a need to improve the security of the ship communication technology used during operations across ... -
Ontology-based Use Cases for Design-time and Runtime Composition of Mobile Services
Rój, Michal Konrad; Meland, Per Håkon; Floch, Jacqueline; Domaszewicz, Jaroslaw (Chapter, 2009)This paper presents application of ontology-based modelling and reasoning related to the different phases of the lifecycle of mobile services. Ontology-based descriptions complement traditional design-time and runtime ... -
Protecting Future Maritime Communication
Frøystad, Christian; Bernsmed, Karin; Meland, Per Håkon (Chapter, 2017)Our oceans are filled with ships that take care of the most important distribution of goods in the world economy. Evolving from isolated chunks of hollow metal containers, ships are becoming more and more like interconnected ... -
The Ransomware-as-a-Service economy within the darknet
Meland, Per Håkon; Bayoumy, Yara; Sindre, Guttorm (Peer reviewed; Journal article, 2020)Ransomware is an epidemic that adversely affects the lives of both individuals and large companies, where criminals demand payments to release infected digital assets. In the wake of the ransomware success, Ransomware-as-a-Service ... -
A Retrospective Analysis of Maritime Cyber Security Incidents
Meland, Per Håkon; Bernsmed, Karin; Wille, Egil; Rødseth, Ørnulf Jan; Nesheim, Dag Atle (Peer reviewed; Journal article, 2021)The maritime industry is undergoing a rapid evolution through the introduction of new technology and the digitization of existing services. At the same time, the digital attack surface is increasing, and incidents can lead ...