Föreläsning 1 - introduction to SA and security Flashcards
(20 cards)
What is software architecture, and three important categories of architectural structures?
is the set of structures needed to reason about the system, which comprises software elements, relations among them, and properties of both.
Categories:
* Module (implementation units, specific computational responsibilities) ,
* Component and connector, and
* allocation.
What do functional requirements mean in software architecture, and what ranking does it have? -
(last in ranking), about functionality, describe what the system does, its behaviour, how it must behave or react to run-time stimuli.
What do non-functional requirements mean, and what ranking does it have? -
(number 1 in ranking order), about quality, qualify functional requirements, describe how a system achieves its functionality.
What do constraints mean, and what ranking does it have? -
(number 2)- limitations on how the system can be designed or on the development process (technical, business), design decisions that have been made (must run on Linux platform).
Architecting -
The process of creating, explaining, documenting, and managing a system’s architecture throughout its life.
Architecture -
The basic structure of a system, including its key parts, how they connect, and the rules guiding its design and growth.
Architecture description AD -
A collection of documents or models that show and explain a system’s architecture.
Architecture view -.
A way of showing a system’s architecture that focuses on specific concerns or questions.
Architecture viewpoint -
A set of guidelines that defines how to create, understand, and use an architecture view to focus on specific concerns about a system.
Environment -
context determining the setting and circumstances of all influences upon a system.
Concern -
is any issue or interest about a system that matters to stakeholders—such as its purpose, how well the architecture supports that purpose, how risky or impactful it is, and how maintainable or upgradeable it is over its life cycle.
What are the trends in smart objects? -
- Decreasing size (Advancements in MEMS technology enable ultra-small smart objects. Some are invisible to the naked eye, making embedding easier.).
- Lower power consumption (Hardware components consume less energy over time.).
- Increasing processing power (Smaller yet more powerful processors enable complex smart objects. Enhance real-time data processing and decision-making.).
- Improved communication capabilities (Wireless speeds and range are expanding. New communication protocols cater to diverse IoT applications).
What are IoT system characteristics? -
- Things (detect changes or events in environments, or change the status of those environments, after processing operations are performed).
- Connectivity (refers to any kind of networking that provides connections and data exchanges among endpoints, people, and processes.).
- Data (data is produced from endpoints and exchanges via networking to computers, systems, people or other endpoints).
- People and processes (two-way systems that create information from the exchanged data to make an actionable business decision).
What is information security? -
Measures and controls that ensure confidentiality, integrity, and availability of information system assets, including data, hardware, software, anf information being processed, stored, and communicated.
CIA triangle -
Confidentiality (ensuring that only authorised users access the information), Integrity (ensuring completeness, accuracy, and absence of unauthorised data manipulation) and Availability (ensuring all systems services are available, when requested by an authorised user).
What are the three distinct types of vulnerabilities that security issues in the digital environment typically involve? -
- Unauthorised access to data (which is either resident in or exchanged between devices).
- Hackers attack system resources (e.g. hardware, operating system software, and application software).
- Attacks on computer networks (including the infrastructure of privately owned networks and the internet itself).
What is IoT security? -
is about protecting network-connected physical devices (like printers, sensors, cameras, etc.) from cyberattacks with a cybersecurity strategy and protection mechanism. These devices often use different hardware, software, and firmware, which creates vulnerabilities and security risks.
IoT Security lifecycle -
- Understand the assets.
- Assess IoT risks.
- Apply risk reduction policies.
- Prevent known threats.
- Detect and respond to unknown threats.
IoT threats/vulnerabilities -
cloud-based, firmware-based, service-based, software-based, hardware-based, network-based, human factor.
What are common vulnerabilities and exposures (CVE)?
- a system used to identify and catalogue publicly known cybersecurity vulnerabilities and exposures in software and hardware products.
