Extending a Multi-Agent Systems Simulation Architecture for Systems-of-Systems Security Analysis

International audienceSecurity is an important concern for software-intensive Systems-of-Systems (SoS). Architectural analysis for SoS secturity assessment should be performed at early stages of development. Such activity could prevent vulnerabilities and avoid potential cascading attack emergent behaviors, i.e., a succession of security vulnerabilities that emerge from individual constituents security fragilities, potentially causing interruption and collapse of SoS operation. Model simulation can prevent these issues by predicting, at design-time, how SoS will behave regarding its reaction to potential attacks. As security is a quality attribute, i.e., a property that comes up from the relation between software parts, software architecture analysis and simulation are an additional support for the prediction of SoS security. However, despite recent advances in such area, few simulation approaches have tackled simulation of secure SoS architectures where the basis of the described models are the SoS behavior or the interactions among the SoS Constituent Systems (CS). The main contribution of this paper is offering a big picture of how recent advances on SoS security analysis via simulations can form a robust framework for SoS security prediction. We argue the pertinence of Multi-Agent Systems (MAS) for SoS simulation due to similarities between MAS and SoS concepts, and we report how MAS simulation enables the visualization of emergent behaviors and how they impact the SoS security. Our results to foster SoS security analysis include (i) an extension of a MAS conceptual model and platform to include security concepts, (ii) a Model-Driven Engineering (MDE) approach that adopts automatic mappings between secure SoS architecture modeled using an existing SysML-based modeling language, namely the SoSSecML, and (iii) a MAS platform to support such analysis