On the Automated Synthesis of Enterprise Integration Patterns to Adapt Choreography-based Distributed Systems

The Future Internet is becoming a reality, providing a large-scale computing environments where a virtually infinite number of available services can be composed so to fit users' needs. Modern service-oriented applications will be more and more often built by reusing and assembling distributed services. A key enabler for this vision is then the ability to automatically compose and dynamically coordinate software services. Service choreographies are an emergent Service Engineering (SE) approach to compose together and coordinate services in a distributed way. When mismatching third-party services are to be composed, obtaining the distributed coordination and adaptation logic required to suitably realize a choreography is a non-trivial and error prone task. Automatic support is then needed. In this direction, this paper leverages previous work on the automatic synthesis of choreography-based systems, and describes our preliminary steps towards exploiting Enterprise Integration Patterns to deal with a form of choreography adaptation.Comment: In Proceedings FOCLASA 2015, arXiv:1512.0694

How Digital Transformation affects Enterprise Architecture Management – a case study

Internet of Things (IoT), machine learning, cyber-physical systems and other recent technological innovations offer new opportunities for enterprises in the context of Digital Transformation (DT) but also cause new challenges for Enterprise Architecture Management (EAM), which traditionally deals with enterprise-IT planning and coordination. Based on an industrial case of a power garden products manufacturer that is exploring potentials and facing challenges in DT, this article investigates the integration of product-IT into EAM. Product-IT includes the embedded IT-systems in physical products and services, components for operations, maintenance or evaluation purposes. In this article we discuss product-IT and enterprise-IT integration in the context of EAM observed in the industrial practice. The main contributions are (1) positioning of the product-IT in the field of EAM, and (2) identification of the challenges from real-world case regarding integration of product-IT into EAM

How Digital Transformation affects Enterprise Architecture Management – a case study

Internet of Things (IoT), machine learning, cyber-physical systems and other recent technological innovations offer new opportunities for enterprises in the context of Digital Transformation (DT) but also cause new challenges for Enterprise Architecture Management (EAM), which traditionally deals with enterprise-IT planning and coordination. Based on an industrial case of a power garden products manufacturer that is exploring potentials and facing challenges in DT, this article investigates the integration of product-IT into EAM. Product-IT includes the embedded IT-systems in physical products and services, components for operations, maintenance or evaluation purposes. In this article we discuss product-IT and enterprise-IT integration in the context of EAM observed in the industrial practice. The main contributions are (1) positioning of the product-IT in the field of EAM, and (2) identification of the challenges from real-world case regarding integration of product-IT into EAM

Supporting Virtual Enterprise Systems Using Agent Coordination

International audienceOpen environments like the Internet or corporate intranets enable a large number of interested enterprises to access, filter, process, and present information on an as-needed basis. These environments support modern applications, such as virtual enterprises and inter-organizational workflow management systems, which involve a number of heterogeneous resources, services, and processes. However, any execution of a virtual enterprise system would yield to disjoining and error-prone behavior without appropriate techniques to coordinate the various business processes. This paper reports on the design and implementation of a flexible agent-based framework for supporting the coordination of virtual enterprises and workflow management systems. The paper also shows how an agent coordination infrastructure, which is explained by social constraints, can impact on the engineering of highly dynamic virtual enterprises and workflow management systems by presenting a simple case study

Applying Lessons from Cyber Attacks on Ukrainian Infrastructures to Secure Gateways onto the Industrial Internet of Things

Previous generations of safety-related industrial control systems were ‘air gapped’. In other words, process control components including Programmable Logic Controllers (PLCs) and smart sensor/actuators were disconnected and isolated from local or wide area networks. This provided a degree of protection; attackers needed physical access to compromise control systems components. Over time this ‘air gap’ has gradually been eroded. Switches and gateways have subsequently interfaced industrial protocols, including Profibus and Modbus, so that data can be drawn from safety-related Operational Technology into enterprise information systems using TCP/IP. Senior management uses these links to monitor production processes and inform strategic planning. The Industrial Internet of Things represents another step in this evolution – enabling the coordination of physically distributed resources from a centralized location. The growing range and sophistication of these interconnections create additional security concerns for the operation and management of safety-critical systems. This paper uses lessons learned from recent attacks on Ukrainian critical infrastructures to guide a forensic analysis of an IIoT switch. The intention is to identify and mitigate vulnerabilities that would enable similar attacks to be replicated across Europe and North America

Value-driven Security Agreements in Extended Enterprises

Today organizations are highly interconnected in business networks called extended enterprises. This is mostly facilitated by outsourcing and by new economic models based on pay-as-you-go billing; all supported by IT-as-a-service. Although outsourcing has been around for some time, what is now new is the fact that organizations are increasingly outsourcing critical business processes, engaging on complex service bundles, and moving infrastructure and their management to the custody of third parties. Although this gives competitive advantage by reducing cost and increasing flexibility, it increases security risks by eroding security perimeters that used to separate insiders with security privileges from outsiders without security privileges. The classical security distinction between insiders and outsiders is supplemented with a third category of threat agents, namely external insiders, who are not subject to the internal control of an organization but yet have some access privileges to its resources that normal outsiders do not have. Protection against external insiders requires security agreements between organizations in an extended enterprise. Currently, there is no practical method that allows security officers to specify such requirements. In this paper we provide a method for modeling an extended enterprise architecture, identifying external insider roles, and for specifying security requirements that mitigate security threats posed by these roles. We illustrate our method with a realistic example

A Case for Peering of Content Delivery Networks

The proliferation of Content Delivery Networks (CDN) reveals that existing content networks are owned and operated by individual companies. As a consequence, closed delivery networks are evolved which do not cooperate with other CDNs and in practice, islands of CDNs are formed. Moreover, the logical separation between contents and services in this context results in two content networking domains. But present trends in content networks and content networking capabilities give rise to the interest in interconnecting content networks. Finding ways for distinct content networks to coordinate and cooperate with other content networks is necessary for better overall service. In addition to that, meeting the QoS requirements of users according to the negotiated Service Level Agreements between the user and the content network is a burning issue in this perspective. In this article, we present an open, scalable and Service-Oriented Architecture based system to assist the creation of open Content and Service Delivery Networks (CSDN) that scale and support sharing of resources with other CSDNs.Comment: Short Article (Submitted in DS Online as Work in Progress