Martin Gilje Jaatun

Martin Gilje Jaatun
Verified
Martin verified their affiliation via an institutional email.
Verified
Martin verified their affiliation via an institutional email.
SINTEF | Stiftelsen for industriell og teknisk forskning

siv.ing., Dr.philos

About

204
Publications
138,384
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,661
Citations
Introduction
I am a senior scientist at SINTEF Digital in Trondheim, and adjunct professor at the University of Stavanger. My research interests include software security, cloud security and critical infrastructure security (power, water, oil, ...) --- Most of my papers are (eventually) available at: https://jaatun.no/papers --- ORCID: http://orcid.org/0000-0001-7127-6694
Additional affiliations
June 2004 - present
SINTEF Digital
Position
  • Senior Researcher
July 2002 - June 2004
Bodø Graduate School of Business
Position
  • Senior Lecturer
Description
  • Teaching undergraduate courses in cryptography and network security, operating systems and computer networks
November 1997 - June 2002
Forsvarets Forskningsinstitutt
Position
  • Scientist
Description
  • MACS Internet/cyber warfare
Education
December 2014 - June 2015
University of Stavanger
Field of study
  • Critical Information Infrastructure Security
September 1987 - March 1992
Norwegian Institute of Technology
Field of study
  • Telematics

Publications

Publications (204)
Conference Paper
Full-text available
Full text available at: http://jaatun.no/papers/2015/Cruzes_Jaatun_Cloud%20Provider%20Transparency.pdf A major feature of public cloud services is that data are processed remotely in unknown systems that the users do not own or operate. This context creates a number of challenges related to data privacy and security and may hinder the adoption of...
Article
Our study illustrates that the risk of getting infected by malware that antivirus protection doesn't detect is alarmingly high. New malware that the antivirus engines don't have signatures for is likely to escape detection by a desktop antivirus solution. Taking precautions while using the Internet can protect users only to a certain extent. If the...
Article
Full-text available
This article describes how a Redundant Array of Independent Net-storages (RAIN) can be deployed for confidentiality control in Cloud Computing. The RAIN approach splits data into segments and distributes segments between multiple storage providers; by keeping the distribution of segments and the relationships between the distributed segments privat...
Article
Full-text available
Solutions for federated identity management (FIM) are maturing; however, the adoption rate of this technology hasn't been as high as expected. The authors conducted and analyzed eleven semistructured interviews with representatives from the Norwegian oil and gas industry to learn more about the perceived benefits and challenges of FIM adoption. The...
Conference Paper
Full-text available
Available at: http://jaatun.no/papers/2014/guidinglights.pdf In order to be an accountable organisation, Cloud Providers need to commit to being responsible stewards of other people's information. This implies demonstrating both willingness and capacity for such stewardship. This paper outlines the fundamental requirements that must be met by acco...
Chapter
Full-text available
This paper explores the emergence of agile-inspired approaches in the critical infrastructure sector, with a focus on the current digital transformation of the Norwegian Oil & Gas industry. It addresses how traditional plan-driven development and strict architectural principles are challenged by the need to exploit the growing volume of operational...
Conference Paper
Full-text available
This paper presents cybersecurity challenges related to industrial control systems (ICSs), identified through interviews with ICS asset owners. We interviewed participants from 10 companies within the oil and gas, food and beverage, and electricity generation and distribution industries in Norway. The interviews focused on cybersecurity challenges...
Article
Full-text available
Digitization, powered by the Internet, artificial intelligence, inter-operabile data formats and communication standards, high-bandwidth mobile technology, and nano-technology, allows for an increasing number of new services that are tailored to the particular demands of end-users, industry and government organizations. However, these new digital s...
Chapter
Full-text available
Asset management issues are and will always be key concerns for many stakeholders in the water sector. Despite this, there is still a lack of awareness and clear guidance on the topic. There has been some focus on the management of drainage pipes, but more effort needs to be dedicated to examining the various regulations, practices, and research wi...
Chapter
Full-text available
Critical infrastructure applications do not emerge fully formed, but generally rely on components and services from third-party vendors. This paper presents a brief survey on good practice for security requirements to be put on vendors delivering products and services to power distribution system operators and other critical infrastructure operator...
Chapter
Full-text available
In this paper, we propose a new method for threat modelling of industrial control systems (ICS). The method is designed to be flexible and easy to use. Model elements inspired by IEC 62443 and Data Flow Diagrams (DFD) are used to create a model of the ICS under consideration. Starting from this model, threats are identified by investigating how the...
Article
Full-text available
The European health care system is moving toward personalised, distributed, and home-based services. This is made possible via new and improved connected medical devices (CMDs), and will benefit health care providers in terms of reduced cost and improved service. Patients will see improved quality of life in terms of reduced travel time and reduced...
Article
Full-text available
The ongoing digitalization of critical infrastructures enables more efficient processes, but also comes with new challenges related to potential cyber-physical attacks or incidents. To manage their associated risk, a precise and systematic framework should be adopted. This paper describes a general methodology that is consistent with the Risk Manag...
Conference Paper
Full-text available
Operational Technology (OT) systems are becoming increasingly software-driven and connected. This creates new digitalization opportunities but can also increase the risk of cyber security breaches than can have severe consequences. Through a close dialogue with Norwegian actors in the oil- and gas industry and insight into the IEC 62443 standard we...
Chapter
Full-text available
During the grid planning process, electric power grid companies evaluate different options for the long-term grid development to address the expected future demands. The options can be passive measures, e.g., traditional reinforcement or building new lines, or active measures, e.g., support from ICT-solutions during operation to increase the power...
Technical Report
Full-text available
NESSI Whitepaper on software security with input from several NESSI partners, edited by Josef URban, Steve Taylor and Martin Gilje Jaatun
Book
This book highlights advances in Cyber Security, Cyber Situational Awareness (CyberSA), Artificial Intelligence (AI) and Social Media. It brings together original discussions, ideas, concepts and outcomes from research and innovation from multidisciplinary experts. It offers topical, timely and emerging original innovations and research results in...
Chapter
Full-text available
This paper presents an empirical study on the need for sector-specific CERT capacity in the Norwegian construction sector. Findings from the interviews demonstrate a need for developing competence in ICT security in this sector. The actors express a desire for a forum for sharing information and learning from other actors within the industry. In ou...
Article
Full-text available
The security of IoT-based digital solutions is a critical concern in the adoption of Industry 4.0 technologies. These solutions are increasingly being used to support the interoperability of critical infrastructure, such as in the water and energy sectors, and their security is essential to ensure the continued reliability and integrity of these sy...
Conference Paper
Full-text available
Cyber-risk assessment methods are used by energy companies to manage security risks in smart grids. However, current standards, methods and tools do not adequately provide the support needed in practice and the industry is struggling to adopt and carry out cyber-risk assessments. The contribution of this paper is twofold. First, we interview six co...
Article
Full-text available
Modern information systems are built fron a complex composition of networks, infrastructure, devices, services, and applications, interconnected by data flows that are often private and financially sensitive. The 5G networks, which can create hyperlocalized services, have highlighted many of the deficiencies of current practices in use today to cre...
Article
Full-text available
Software security is a complex topic, and for development projects it can be challenging to assess what security is necessary and cost-effective. Agile Software Development (ASD) values self-management. Thus, teams and their Product Owners are expected to also manage software security prioritisation. In this paper we build on the notion that securi...
Article
Full-text available
A full smart grid implementation requires the digitization of all parts of the smart grid infrastructure, including secondary electrical substations. Unfortunately, this introduces new security threats, which were not apparent before. This article uses a Smart Grid Threat Modeling Template implementing the STRIDE model to create a threat model of a...
Article
Full-text available
The developments of reduced manning on offshore facilities and increased information transfer from offshore to land continue and may also be a prerequisite for the future survival of the oil and gas industry. A general requirement from the operators has emerged in that all relevant information from offshore-located systems should be made available...
Chapter
Full-text available
Threat modeling is a way to get an overview of possible attacks against your systems. The advantages of threat modeling include tackling security problems early, improved risk assessments, and more effective security testing. There will always be limited resources available for security, and threat modeling will allow you to focus on the most impor...
Chapter
Full-text available
Security requirement work plays a key role in achieving cost-effective and adequate security in a software development project. Knowledge about software companies' experiences of security requirement work is important in order to bridge the observed gap between software security practices and security risks in many projects today. Particularly, suc...
Chapter
Full-text available
Software security does not emerge fully formed by divine intervention in deserving software development organizations; it requires that developers have the required theoretical background and practical skills to enable them to write secure software, and that the software security activities are actually performed, not just documented procedures tha...
Conference Paper
Full-text available
The introduction of Information and Communications Technology (ICT) into conventional power grids has resulted in a digitalized smart grid, enabling a more efficient and robust operation. However, it can also lead to increased risk and new threats due to more complex systems and longer supply chains. Recent events indicate that the electrical power...
Preprint
Full-text available
Modern information systems are built fron a complex composition of networks, infrastructure, devices, services, and applications, interconnected by data flows that are often private and financially sensitive. The 5G networks, which can create hyperlocalized services, have highlighted many of the deficiencies of current practices in use today to cre...
Article
Full-text available
Cybersecurity in water and wastewater sector and the contribution from STOP-IT. This article discusses the current issues related to cybersecurity in the water and wastewater sector as a critical infrastructure. It emphasizes the need for rising cyber-physical security awareness, competence, and technological uptake in the sector. Some of the main...
Article
Full-text available
The goal of secure software engineering is to create software that keeps performing as intended, even when exposed to attacks. Threat modelling is considered to be a key activity to reach this goal, but has turned out to be challenging to implement in agile teams. This paper presents results from four different studies, in which we have investigate...
Article
Full-text available
This article investigates and analyzes the security aspects of 5G specifications from the perspective of IoT-based smart grids. As the smart grid requires high-speed and reliable communication to enable real-time grid monitoring via Internet of Things (IoT) devices, 5G can be considered a catalyst to transform the current power grid infrastructure...
Conference Paper
Full-text available
Threat modeling is about identifying architectural flaws and weaknesses in a system in order to mitigate them and avoid unwanted incidents caused by an attacker. Tool-assisted threat modeling has seen limited use in complex cyberphysical systems involving both Information Technology (IT) and Operational Technology (OT) systems. In this paper, we in...
Preprint
Full-text available
We have entered the era of big data, and it is considered to be the "fuel" for the flourishing of artificial intelligence applications. The enactment of the EU General Data Protection Regulation (GDPR) raises concerns about individuals' privacy in big data. Federated learning (FL) emerges as a functional solution that can help build high-performanc...
Conference Paper
Full-text available
The railway domain has a justifiable preoccupation with safety, but less of a focus on cyber security. This could result in the risk of cyber security flaws in current railway systems being unacceptably high. However, in recent years the railway industry has realized the importance of cyber security, and the possible effects cyber security could ha...
Article
Full-text available
The divide between IT security and software security can result in the neglect of proper software security. This divide can be bridged by establishing a formal security champion role in the development team and conducting collaborative risk-based security activities.
Conference Paper
Full-text available
The modernisation of the power grid is ongoing,and the level of digitalisation of the power grid in, say, ten yearsmay be quite different than today. Cyber security needs willchange correspondingly. In this paper we utilise a qualitativeresearch approach to explore misuse cases related to three mainareas of modernisation that we envision for the ne...
Conference Paper
Full-text available
Today’s software development projects need to consider security as one of the qualities the software should possess. However, overspending on security will imply that the software will become more expensive and often also delayed. This paper discusses the role of objectivity in assessing and researching the goal of good enough security. Different u...
Article
Full-text available
Security requirement work plays a key role in achieving cost-effective and adequate security in a software development project. Knowledge about software companies' experiences of security requirement work is important in order to bridge the observed gap between software security practices and security risks in many projects today. Particularly, suc...
Article
Full-text available
With the expansion of cyber-physical systems (CPSs) across critical and regulated industries, systems must be continuously updated to remain resilient. At the same time, they should be extremely secure and safe to operate and use. The DevOps approach caters to business demands of more speed and smartness in production, but it is extremely challengi...
Conference Paper
Full-text available
Software in the cloud is predominantly developed using agile methodologies, where practices such as continuous deployment and DevOps contribute to increased speed and quick turnarounds. This increased speed does however require additional focus on software security in order to avoid security bugs and architectural flaws from crippling a cloud busin...
Chapter
Full-text available
The smart grid evolution digitalizes the traditional power distribution grid, by integrating information communication technology into its operation and control. A particularly interesting challenge is the integration of grid topology monitoring and decision support systems with the remote control of breakers in the grid and at the subscribers’ pre...
Conference Paper
Full-text available
The use of IoT devices in the future electricity domain (known as the smart grid) has numerous benefits, such as improved reliability of the power system, enhanced functions of SCADA (Supervisory Control and Data Acquisition), improved monitoring and management of operational power grid assets, and advanced metering infrastructure. The smart grid c...
Conference Paper
Full-text available
To achieve a level of security that is just right, software development projects need to strike a balance between security and cost. This necessitates making such decisions as to what security activities to perform in development and which security requirements should be given priority. Current evidence indicates that in many agile development proj...
Conference Paper
Full-text available
Context: Security work in software development is generally under- prioritized. Software developers are not aware of security engineer- ing practices, or find them external to the software development process. To the management, security work presents itself in the form of reactive testing performed out of necessity, incurring only costs in terms o...
Article
Full-text available
Purpose Today, agile software development teams in general do not adopt security risk-assessment practices in an ongoing manner to prioritize security work. Protection Poker is a collaborative and lightweight software security risk-estimation technique that is particularly suited for agile teams. Motivated by a desire to understand why security ri...
Conference Paper
Full-text available
Threat modelling is considered a key activity in secure software engineering. However, despite its documented benefits it has not (yet) been widely adopted by agile software development projects. In this paper we present results from a qualitative study of how it is performed in practice by four different organisations. The findings show that, even...
Conference Paper
Full-text available
Current proof-of-work blockchains are not sustainable in terms of energy needed to run them. In this paper we propose a new scheme that avoids wasted proof-of-work by a dynamic probabilistic method, where the consensus algorithm can be adjusted according to the parties' required assurance levels.
Conference Paper
Full-text available
Security concerns are often cited as the most prominent reason for not using cloud computing, but customers of cloud users, especially end-users, frequently do not understand the need to control access to personal information. On the other hand, some users might understand the risk, and yet have inadequate means to address it. In order to make the...
Article
Full-text available
Guidelines exist in order to ensure efficient, effective and consistent provision of healthcare service. Unfortunately, existing guidelines are often not adopted in a timely manner, even to the point of being outdated at the time of adoption. Hence, many healthcare professionals are eschewing guidelines, sometimes leading to suboptimal outcomes. Th...
Chapter
Full-text available
Currently, security requirements are often neglected in agile projects. Despite many approaches to agile security requirements engineering in literature, there is little empirical research available on why there is limited adoption of these techniques. In this paper we describe a case study on challenges facing adoption of the Protection Poker game...
Chapter
Full-text available
Threat modeling is a way to get an overview of possible attacks against your systems. The advantages of threat modeling include tackling security problems early, improved risk assessments, and more effective security testing. There will always be limited resources available for security, and threat modeling will allow you to focus on the most impor...
Chapter
Full-text available
Software security does not emerge fully formed by divine intervention in deserving software development organizations; it requires that developers have the required theoretical background and practical skills to enable them to write secure software, and that the software security activities are actually performed, not just documented procedures tha...
Article
Full-text available
Online services are increasingly becoming a composition of different cloud services, making incident-handling difficult, as Cloud Service Providers (CSPs) with end-user customers need information from other providers about incidents that occur at upstream CSPs to inform their users. In this paper, we argue the need for commonly agreed-upon incident...
Conference Paper
Full-text available
The goal of secure software engineering is to create software that keeps performing as intended even when exposed to attacks. Threat modeling is considered to be a key activity, but can be challenging to perform for developers, and even more so in agile software development. Hence, threat modeling has not seen widespread use in agile software proje...
Article
Full-text available
Emergency and rescue operations are often carried out in areas where the network infrastructure cannot be relied on for message exchange between first responders. Since a fundamental feature of a Mobile Ad Hoc Network is the ability to operate independently of existing infrastructure, it is deemed a well-suited solution to first responders scenario...
Conference Paper
Full-text available
Many software services are currently created using DevOps, where developers and operations personnel are more tightly integrated. The DevOps paradigm enables shorter development cycles, but increased speed has raised concerns over whether security issues may be overlooked. However, perfect security is never achievable, and in addition to the proact...
Conference Paper
Full-text available
Article
Full-text available
In order to be responsible stewards of other people's data, cloud providers must be accountable for their data handling practices. The potential long provider chains in cloud computing introduces additional accountability challenges, with many stakeholders involved. Symmetry is very important in any requirements elicitation activity, since input fr...
Conference Paper
Full-text available
When studying work practices, it is important to obtain accurate and reliable information about how work is actually done. Action research is an interactive inquiry process that balances problem solving actions implemented in a collaborative context with data-driven collaborative analysis or research to understand underlying causes enabling future...
Conference Paper
Full-text available
The goal of secure software engineering is to create software that keeps performing as intended even when exposed to an active attacker. Threat modelling is considered to be a key activity, but can be challenging to perform for developers. Microsoft has tried to lower the bar through creating a threat modelling game called Elevation of Privilege (E...
Chapter
Full-text available
7.1 Introduction : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 201 7.2 Background : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 202 7.3 Questionnaires in Software Security : : : : : : : : : : : : : : : : : : : : : : : : :...
Article
Full-text available
When working with software security in a risk-centric way, development projects become equipped to make decisions on how much security to include and what type of security pays off. This article presents the results of a study made among 23 public organisations, mapping their risk-centric activities and practices, and challenges for implementing th...
Conference Paper
Full-text available
The DevOps paradigm means that development and operations