BEGIN:VCALENDAR
VERSION:2.0
PRODID:IEEE vTools.Events//EN
CALSCALE:GREGORIAN
BEGIN:VTIMEZONE
TZID:Canada/Eastern
BEGIN:DAYLIGHT
DTSTART:20210314T030000
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
END:DAYLIGHT
BEGIN:STANDARD
DTSTART:20211107T010000
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTAMP:20211021T204823Z
UID:0E82EE12-E159-4102-8EBC-64E6E1144D79
DTSTART;TZID=Canada/Eastern:20210603T180000
DTEND;TZID=Canada/Eastern:20210603T190000
DESCRIPTION:Today&#39;s software systems are riddled with security vulnerabilit
 ies that invite attack. We envisage a secure software design process at th
 e architectural level\, in which the security requirements are adequate\, 
 thus enabling appropriate security controls to be implemented to mitigate 
 known threats and vulnerabilities. How can we ensure that the security req
 uirements are adequate? In this talk\, we tackle this question by focusing
  on how external online data sources for vulnerabilities\, attack patterns
 \, threat intelligence\, and other security information can be leveraged\,
  using Natural Language Processing (NLP)\, to assist designers in validati
 ng the adequacy of the security requirements. This validation is done by d
 etermining which requirements map to known threats (identified from the ex
 ternal data)\, which requirements may be extraneous\, and which threats ma
 y need a closer look to identify new requirements. We will discuss the ava
 ilability and nature of the external data sources and describe how we empl
 oy NLP to process the data to support the design of secure systems.\n\nSpe
 aker(s): Jason Jaskolka\, \n\nOttawa\, Ontario\, Canada\, Virtual: https:/
 /events.vtools.ieee.org/m/272987
LOCATION:Ottawa\, Ontario\, Canada\, Virtual: https://events.vtools.ieee.or
 g/m/272987
ORGANIZER:ieeewieottawa@gmail.com
SEQUENCE:5
SUMMARY:Leveraging External Data Sources to Enhance Secure System Design
URL;VALUE=URI:https://events.vtools.ieee.org/m/272987
X-ALT-DESC:Description: &lt;br /&gt;&lt;p&gt;Today&#39;s software systems are riddled with 
 security vulnerabilities that invite attack. We envisage a secure software
  design process at the architectural level\, in which the security require
 ments are adequate\, thus enabling appropriate security controls to be imp
 lemented to mitigate known threats and vulnerabilities. How can we ensure 
 that the security requirements are adequate? In this talk\, we tackle this
  question by focusing on how external online data sources for vulnerabilit
 ies\, attack patterns\, threat intelligence\, and other security informati
 on can be leveraged\, using Natural Language Processing (NLP)\, to assist 
 designers in validating the adequacy of the security requirements. This va
 lidation is done by determining which requirements map to known threats (i
 dentified from the external data)\, which requirements may be extraneous\,
  and which threats may need a closer look to identify new requirements. We
  will discuss the availability and nature of the external data sources and
  describe how we employ NLP to process the data to support the design of s
 ecure systems.&lt;/p&gt;
END:VEVENT
END:VCALENDAR