SCS: 60 years and counting! A time to reflect on the Society's scholarly contribution to M&S from the turn of the millennium.

The Society for Modeling and Simulation International (SCS) is celebrating its 60th anniversary this year. Since its inception, the Society has widely disseminated the advancements in the field of modeling and simulation (M&S) through its peer-reviewed journals. In this paper we profile research that has been published in the journal SIMULATION: Transactions of the Society for Modeling and Simulation International from the turn of the millennium to 2010; the objective is to acknowledge the contribution of the authors and their seminal research papers, their respective universities/departments and the geographical diversity of the authors' affiliations. Yet another objective is to contribute towards the understanding of the overall evolution of the discipline of M&S; this is achieved through the classification of M&S techniques and its frequency of use, analysis of the sectors that have seen the predomination application of M&S and the context of its application. It is expected that this paper will lead to further appreciation of the contribution of the Society in influencing the growth of M&S as a discipline and, indeed, in steering its future direction

Access Control from an Intrusion Detection Perspective

Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the combination of their security policies. This report pursues this approach by defining a comparison framework for policy specification languages and using this to survey the languages Ponder, LGI, SPL and PDL from the perspective of intrusion detection. We identified that, even if an access control language has the necessary ingredients for merging policies, it might not be appropriate due to mismatches in overlapping concepts

Dagstuhl News January - December 2000

"Dagstuhl News" is a publication edited especially for the members of the Foundation "Informatikzentrum Schloss Dagstuhl" to thank them for their support. The News give a summary of the scientific work being done in Dagstuhl. Each Dagstuhl Seminar is presented by a small abstract describing the contents and scientific highlights of the seminar as well as the perspectives or challenges of the research topic

Impact of Mobility on Information Systems and Information System Design

The subject of this thesis is to analyse the impact of mobile hardware and software on information systems, to survey existing approaches for specifying mobile systems of computer science in general, and to provide suitable means for the formal design of information systems comprising such mobile units in particular. We consider a mobile unit to denote a mobile hardware or software entity, and a mobile system as a system comprising or being accessed by such mobile components. The various forms of mobile units occurring in computer science are explained and a taxonomy for them is developed, followed by a detailed discussion of their effects on computer and information systems. Several approaches for specifying mobile systems are presented and classified, with a particular emphasis on formal methods. As it turns out, these approaches do not allow to describe the set-up and release of communication links or to distinguish between the ever-mobile units of a compound system and those which provide the fixed subsystem as the context for the mobile entities, which are both important aspects to consider when developing information systems with mobile components. Therefore, corresponding constructs are then presented as an extension to the specification language Troll and its theoretical foundations, i.e. extended data signatures and the Module Distributed Temporal Logic Mdtl, both being interpreted over event structures. Finally, the application of the constructs is illustrated with the development of a system for accessing web services from mobile phones, which complements the ongoing example of information retrieval via mobile agents used to explain the constructs and concepts.Thema dieser Arbeit ist die Analyse der Auswirkungen von mobiler Hard- und Software auf Informationssysteme, die Untersuchung vorhandener Ansätze zur Spezifikation mobiler Systeme in der Informatik allgemein und für den formalen Entwurf von Informationssystemen mit mobilen Einheiten insbesondere. "Mobile Einheit" wird dabei als Oberbegriff für mobile Hardware- und Softwarekomponenten verwendet, und ein "mobiles System" ist ein System, das solche mobilen Komponenten beinhaltet oder auf das durch diese zugegriffen wird. Wir beschreiben die verschiedenen Formen, in denen mobile Einheiten in der Informatik auftreten, und entwickeln eine entsprechende Taxonomie, bevor wir deren Auswirkungen auf Computer- und Informationssysteme ausführlich diskutieren. Verschiedene Ansätze zur Spezifikation mobiler Systeme werden vorgestellt und eingeordnet, wobei das Augenmerk speziell auf formalen Methoden liegt. Es stellt sich heraus, dass es keiner dieser Ansätze ermöglicht, den Auf- und Abbau von Kommunikationsverbindungen zu beschreiben und zwischen den stets mobilen Einheiten und denjenigen zu unterscheiden, die das feste Teilsystem als Kontext für sie bilden. Beides sind aber wesentliche Aspekte, die in der Entwicklung von Informationssystemen mit mobilen Bestandteilen zu berücksichtigen sind. Daher stellen wir dann entsprechende Sprachkonstrukte als Erweiterung der Spezifikationssprache Troll inklusive der formalen Grundlagen vor. Diese Grundlagen beruhen auf erweiterten Datensignaturen und einer modularen verteilten temporalen Logik Mdtl, die beide über Ereignisstrukturen interpretiert werden. Schließlich wird die Verwendbarkeit der Sprachkonstrukte in der Entwicklung eines Systems zur Nutzung von Web-Diensten von Mobiltelefonen aus illustriert

A Model Driven Approach to Model Transformations

The OMG's Model Driven Architecture (MDA) initiative has been the focus of much attention in both academia and industry, due to its promise of more rapid and consistent software development through the increased use of models. In order for MDA to reach its full potential, the ability to manipulate and transform models { most obviously from the Platform Independent Model (PIM) to the Platform Specific Models (PSM) { is vital. Recognizing this need, the OMG issued a Request For Proposals (RFP) largely concerned with finding a suitable mechanism for trans- forming models. This paper outlines the relevant background material, summarizes the approach taken by the QVT-Partners (to whom the authors belong), presents a non-trivial example using the QVT-Partners approach, and finally sketches out what the future holds for model transformations

Modèles algorithmes et méthodologie pour la conception de systèmes de sécurité physique basés sur des microcontrôleurs protégés des attaques cyber-physiques

Un moyen d'assurer la sécurité de systèmes basés sur des micro-contrôleurs (mCS) est de considérer une approche de génération à partir de spécifications. Malheureusement, les approches existantes souffrent d'inconvénients, et le but de la méthodologie présentée dans cette thèse est de les éviter dans le cas particulier des mCS pour la sécurité physique (mCS-Sec). Les principaux résultats de ce travail sont le développement de modèles, d'algorithmes, et d'une méthodologie originale de création de mCS-Sec, et leur implémentation. L'applicabilité de la méthode a été évaluée sur un système de robot de surveillance d'une zone. Dans ce cas, notre évaluation a montré que l'approche développée satisfaisait toutes les contraintes imposées, tout en offrant certains avantages par rapport aux solutions existantes. Nous pensons que cette approche permettra de réduire le nombre de faiblesses et les problèmes d'architecture dans les mCS, ce qui en réduira la surface d'attaque.One of the possible ways to ensure the security of microcontroller-based systems is the implementation of security by design approach. Unfortunately, existing approaches are not without drawbacks, that is why this thesis is aimed at developing the new one. Moreover, among all possible systems, in this work, only physical security systems were chosen as an area of the application. The main findings of the work are containing original models, algorithms, methodology and software implementation. Their correctness was checked on a system of mobile robots for perimeter monitoring. The evaluation of the developed solution showed that it satisfies all requirements while having advantages over commercial and scientific analogues, which means that the goal of this work was reached. It is assumed that the use of the developed solution will help to reduce the number of weak places and architectural defects in microcontroller-based systems, thereby significantly reducing their attack surface

Mathematics in Software Reliability and Quality Assurance

This monograph concerns the mathematical aspects of software reliability and quality assurance and consists of 11 technical papers in this emerging area. Included are the latest research results related to formal methods and design, automatic software testing, software verification and validation, coalgebra theory, automata theory, hybrid system and software reliability modeling and assessment

Diagnosing runtime violations of security and dependability properties

Monitoring the preservation of security and dependability (S&D) properties of complex software systems is widely accepted as a necessity. Basic monitoring can detect violations but does not always provide sufficient information for deciding what the appropriate response to a violation is. Such decisions often require additional diagnostic information that explains why a violation has occurred and can, therefore, indicate what would be an appropriate response action to it. In this thesis, we describe a diagnostic procedure for generating explanations of violations of S&D properties developed as extension of a runtime monitoring framewoek, called EVEREST. The procedure is based on a combination of abductive and evidential reasoning about violations of S&D properties which are expressed in Event Calculus