A Tool-Based Security Analysis - Part 2: Damage Classes And Potentials

In Part 1 of this blog series, we have seen how the attack potential of an attacking agent can be modeled. For our system, we also want to model the parts and aspects that we want to protect and the damage that can be done by an attacker.  So as a next step, we will model damage classes and damage potential. Read more >

Pro Tip: Visualizing Xtext Grammar with Eclipse GEF

The Xtext grammar is the central component when developing DSL workbenches based on the Xtext framework. In case of complex DSLs, analyzing the graphical representation of *.xtext files can be useful to understand the structure of the defined grammar rules. Read more >

Vom IT-Berater zum Usability Engineering: Erfahrungen mit der CPUX-F-Zertifizierung

Eine Situation, wie sie hundertfach in IT-Teams auftritt: Durch verschiedene Feedback-Kanäle (BI / BA, Callcenter, Bewertungsportale, andere KPIs) erfährt das Team, dass das eigene Produkt Optimierungspotential im Bereich Usability oder User Experience hat und ein Update nötig wäre. Doch es fehlt das nötige Know-How, bisher hat man das alles “halt einfach nach bestem Wissen und Gewissen” gemacht. Also soll Wissen nachgetankt werden – eine Schulung muss her! Weiterlesen >

Working in a male-dominated industry: The everyday life of a software developer at itemis

When a colleague asked me recently if I could write an article for our blog about my work as a woman in the ‘male domain’ of IT, it was a strange moment. Read more >

A Tool-Based Security Analysis – Part 1: Required Attack Potential

As Dirk Leopold pointed out in his post, security is one of the most strategically important concerns in the automotive industry in the future. We will be introducing the concepts of security analysis and how they are adressed in a tool, that we have been developing. Read more >

Weaving Testing into the Web of Traceability

In the development of safety-critical systems it is essential to prove that the developed product fullfills all requirements (including system requirements, safety requirements and security requirements) to ensure the correct functionality and to prove that engineering is up to the state-of-the-art for legal reasons. Read more >

Becoming Xtext Co-Project Lead

I started using Xtext more than 10 years ago. Back then it was a small part of the openArchitectureware framework. I began using it heavily after the move to Eclipse and got a power user and supporter in the newsgroups and forum. In 2016 I joined the Xtext Committer team and worked on the framework for about 50% of my time. Read more >

In 5 Minuten zur DSL mit transitiven Importen in Xtext

Xtext ermöglicht das Referenzieren von Elementen in DSLs auf mehrere Arten. Eine Möglichkeit sieht den Import von Elementen über Namensräume vor. Dies geschieht über die Verwendung des ImportedNamespaceAwareLocalScopeProvider und erlaubt den "Import" einzelner oder, unter Einsatz von Wildcards (.*), aller Elemente eines Namensraumes. Weiterlesen >

Why security is one of the biggest engineering challenges ahead

Hardly a week goes by without major security issues being reported. The recently identified vulnerabilities of a wide range of CPUs named “Spectre” and “Meltdown” potentially affect millions of PCs and smartphones. While no actual damage can be connected to these vulnerabilities (yet), it shows that a huge number of users can be affected literally overnight.  Read more >

Agilität im Zentrum der Finanzwelt: itemis Frankfurt

Frankfurt – Weltstadt in der Metropolregion Rhein-Main, internationaler Finanzplatz, Sitz der Internationalen Automobil-Ausstellung, das Ma(i)nhatten von Deutschland, kurz: eine Stadt der Superlative – und ein weiterer Standort von itemis. Wir haben uns die Standortleiter Ali Kazmi und Christian Fischer geschnappt und ihnen auf den Zahn gefühlt, ob der Frankfurter Standort hält, was er verspricht. Weiterlesen >

COMMENTS

Popular posts