Business Process Model and Notation for Forensic-Ready Software Systems

Investor logo

Warning

This publication doesn't include Faculty of Economics and Administration. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

DAUBNER Lukáš MATULEVIČIUS Raimundas BÜHNOVÁ Barbora PITNER Tomáš

Year of publication 2022
Type Article in Proceedings
Conference Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering
MU Faculty or unit

Faculty of Informatics

Citation
Web https://www.scitepress.org/PublicationsDetail.aspx?ID=WfdKUNdsvxM=
Doi http://dx.doi.org/10.5220/0011041000003176
Keywords Forensic Readiness; Forensic-Ready Software Systems; Modelling; BPMN; Software Design
Description The design and development of secure systems is an important and challenging task. However, such systems should also be prepared for eventual disputes or occurrences of a security incident. To solve this, forensic-ready software systems are, by-design, prepared to assist in the forensic investigation and to provide on-point data with high evidentiary value. However, software engineering support for the systematic development of such software systems is rather sparse. This paper tackles the problem by introducing novel modelling notation, called BPMN for Forensic-Ready Software Systems (BPMN4FRSS), including its syntax and semantics. The notation aims to capture the forensic-ready controls and enable reasoning over them, primarily focusing on potential digital evidence. Importantly, it is made to support forensic readiness oriented risk management decisions. The approach is then demonstrated in a scenario where the controls, which mitigate security and business risks, are properly rep resented.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.