A Near-miss Analysis Model for Improving the Forensic Investigation of Software Failures PDF Download

Author: Madeleine Adrienne Bihina Bella
Publisher:
ISBN:
Category : Application software
Languages : en
Pages : 494

View

Book Description
The increasing complexity of software applications can lead to operational failures that have disastrous consequences. In order to prevent the recurrence of such failures, a thorough post-mortem investigation is required to identify the root causes involved. This root-cause analysis must be based on reliable digital evidence to ensure its objectivity and accuracy. However, current approaches to software failure analysis do not promote the collection of digital evidence for causal analysis. This leaves the system vulnerable to the reoccurrence of a similar failure. A promising alternative is offered by the field of digital forensics. Digital forensics uses proven scientific methods and principles of law to determine the cause of an event based on forensically sound evidence. However, being a reactive process, digital forensics can only be applied after the occurrence of costly failures. This limits its effectiveness as volatile data that could serve as potential evidence may be destroyed or corrupted after a system crash. In order to address this limitation of digital forensics, it is suggested that the evidence collection be started at an earlier stage, before the software failure actually unfolds, so as to detect the high-risk conditions that can lead to a major failure. These forerunners to failures are known as near misses. By alerting system users of an upcoming failure, the detection of near misses provides an opportunity to collect at runtime failure-related data that is complete and relevant. The detection of near misses is usually performed through electronic near-miss management systems (NMS). An NMS that combines near-miss analysis and digital forensics can contribute significantly to the improvement of the accuracy of the failure analysis. However, such a system is not available yet and its design still presents several challenges due to the fact that neither digital forensics nor near-miss analysis is currently used to investigate software failures and their existing methodologies and processes are not directly applicable to failure analysis. This research therefore presents the architecture of an NMS specifically designed to address the above challenges in order to facilitate the accurate forensic investigation of software failures. The NMS focuses on the detection of near misses at runtime with a view to maximising the collection of appropriate digital evidence of the failure. The detection process is based on a mathematical model that was developed to formally define a near miss and calculate its risk level. A prototype of the NMS has been implemented and is discussed in the thesis.

Author: Jan Eloff
Publisher: Springer
ISBN: 3319613340
Category : Technology & Engineering
Languages : en
Pages : 125

View

Book Description
This book reviews existing operational software failure analysis techniques and proposes near-miss analysis as a novel, and new technique for investigating and preventing software failures. The authors provide details on how near-miss analysis techniques focus on the time-window before the software failure actually unfolds, so as to detect the high-risk conditions that can lead to a major failure. They detail how by alerting system users of an upcoming software failure, the detection of near misses provides an opportunity to collect at runtime failure-related data that is complete and relevant. They present a near-miss management systems (NMS) for detecting upcoming software failures, which can contribute significantly to the improvement of the accuracy of the software failure analysis. A prototype of the NMS is implemented and is discussed in the book. The authors give a practical hands-on approach towards doing software failure investigations by means of near-miss analysis that is of use to industry and academia

Author:
Publisher: Lulu.com
ISBN: 1841022853
Category : Computer crimes
Languages : en
Pages : 179

View

Book Description

Author: Andrew Liaropoulos
Publisher: Academic Conferences Limited
ISBN: 1910309249
Category : Computers
Languages : en
Pages : 341

View

Book Description

Author: Anjan Patel
Publisher: Woodhead Publishing
ISBN: 0128170484
Category : Technology & Engineering
Languages : en
Pages : 210

View

Book Description
Geotechnical Investigation and Improvement of Ground Conditions covers practical information on ground improvement and site investigation, considering rock properties and engineering geology and its relation to construction. The book covers geotechnical investigation for construction projects, including classic case studies with geotechnical significance. Additional sections cover soil compaction, soil stabilization, drainage and dewatering, grouting methods, the stone column method, geotextiles, fabrics and earth reinforcement, miscellaneous methods and tools for ground improvement, geotechnical investigation for construction projects, and forensic geotechnical engineering. Final sections present a series of site-specific case studies. Dedicated to ground improvement techniques and geotechnical site investigation Provides practical guidance on site-specific geotechnical investigation and the subsequent interpretation of data Presents site-specific case studies with geotechnical significance Includes site investigation of soils and rocks Gives field-oriented information and guidance

Author: Institute of Medicine
Publisher: National Academies Press
ISBN: 0309090776
Category : Medical
Languages : en
Pages : 551

View

Book Description
Americans should be able to count on receiving health care that is safe. To achieve this, a new health care delivery system is needed â€" a system that both prevents errors from occurring, and learns from them when they do occur. The development of such a system requires a commitment by all stakeholders to a culture of safety and to the development of improved information systems for the delivery of health care. This national health information infrastructure is needed to provide immediate access to complete patient information and decision-support tools for clinicians and their patients. In addition, this infrastructure must capture patient safety information as a by-product of care and use this information to design even safer delivery systems. Health data standards are both a critical and time-sensitive building block of the national health information infrastructure. Building on the Institute of Medicine reports To Err Is Human and Crossing the Quality Chasm, Patient Safety puts forward a road map for the development and adoption of key health care data standards to support both information exchange and the reporting and analysis of patient safety data.

Author:
Publisher:
ISBN:
Category : Aircraft accidents
Languages : en
Pages : 258

View

Book Description

Author: National Academies of Sciences, Engineering, and Medicine
Publisher: National Academies Press
ISBN: 0309377722
Category : Medical
Languages : en
Pages : 473

View

Book Description
Getting the right diagnosis is a key aspect of health care - it provides an explanation of a patient's health problem and informs subsequent health care decisions. The diagnostic process is a complex, collaborative activity that involves clinical reasoning and information gathering to determine a patient's health problem. According to Improving Diagnosis in Health Care, diagnostic errors-inaccurate or delayed diagnoses-persist throughout all settings of care and continue to harm an unacceptable number of patients. It is likely that most people will experience at least one diagnostic error in their lifetime, sometimes with devastating consequences. Diagnostic errors may cause harm to patients by preventing or delaying appropriate treatment, providing unnecessary or harmful treatment, or resulting in psychological or financial repercussions. The committee concluded that improving the diagnostic process is not only possible, but also represents a moral, professional, and public health imperative. Improving Diagnosis in Health Care, a continuation of the landmark Institute of Medicine reports To Err Is Human (2000) and Crossing the Quality Chasm (2001), finds that diagnosis-and, in particular, the occurrence of diagnostic errorsâ€"has been largely unappreciated in efforts to improve the quality and safety of health care. Without a dedicated focus on improving diagnosis, diagnostic errors will likely worsen as the delivery of health care and the diagnostic process continue to increase in complexity. Just as the diagnostic process is a collaborative activity, improving diagnosis will require collaboration and a widespread commitment to change among health care professionals, health care organizations, patients and their families, researchers, and policy makers. The recommendations of Improving Diagnosis in Health Care contribute to the growing momentum for change in this crucial area of health care quality and safety.

Author: CCPS (Center for Chemical Process Safety)
Publisher: John Wiley & Sons
ISBN: 0470925124
Category : Technology & Engineering
Languages : en
Pages : 478

View

Book Description
This book provides a valuable reference tool for technical and management personnel who lead or are a part of incident investigation teams. This second edition focuses on investigating process-related incidents with real or potential catastrophic consequences. It presents on-the-job information, techniques, and examples that support successful investigations. The methodologies, tools, and techniques described in this book can also be applied when investigating other types of events such as reliability, quality, occupational health, and safety incidents. The accompanying CD-ROM contains the text of the book for portability as well as additional supporting tools for on-site reference and trouble shooting. Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

Author: Ganesh Ramakrishnan
Publisher: Packt Publishing Ltd
ISBN: 1800560834
Category : Computers
Languages : en
Pages : 384

View

Book Description
Enhance your skills as a cloud investigator to adeptly respond to cloud incidents by combining traditional forensic techniques with innovative approaches Key Features Uncover the steps involved in cloud forensic investigations for M365 and Google Workspace Explore tools and logs available within AWS, Azure, and Google for cloud investigations Learn how to investigate containerized services such as Kubernetes and Docker Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionAs organizations embrace cloud-centric environments, it becomes imperative for security professionals to master the skills of effective cloud investigation. Cloud Forensics Demystified addresses this pressing need, explaining how to use cloud-native tools and logs together with traditional digital forensic techniques for a thorough cloud investigation. The book begins by giving you an overview of cloud services, followed by a detailed exploration of the tools and techniques used to investigate popular cloud platforms such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). Progressing through the chapters, you’ll learn how to investigate Microsoft 365, Google Workspace, and containerized environments such as Kubernetes. Throughout, the chapters emphasize the significance of the cloud, explaining which tools and logs need to be enabled for investigative purposes and demonstrating how to integrate them with traditional digital forensic tools and techniques to respond to cloud security incidents. By the end of this book, you’ll be well-equipped to handle security breaches in cloud-based environments and have a comprehensive understanding of the essential cloud-based logs vital to your investigations. This knowledge will enable you to swiftly acquire and scrutinize artifacts of interest in cloud security incidents. What you will learn Explore the essential tools and logs for your cloud investigation Master the overall incident response process and approach Familiarize yourself with the MITRE ATT&CK framework for the cloud Get to grips with live forensic analysis and threat hunting in the cloud Learn about cloud evidence acquisition for offline analysis Analyze compromised Kubernetes containers Employ automated tools to collect logs from M365 Who this book is for This book is for cybersecurity professionals, incident responders, and IT professionals adapting to the paradigm shift toward cloud-centric environments. Anyone seeking a comprehensive guide to investigating security incidents in popular cloud platforms such as AWS, Azure, and GCP, as well as Microsoft 365, Google Workspace, and containerized environments like Kubernetes will find this book useful. Whether you're a seasoned professional or a newcomer to cloud security, this book offers insights and practical knowledge to enable you to handle and secure cloud-based infrastructure.