Attack-Surface Metrics, OSSTMM and Common Criteria Based Approach to “Composable Security” in Complex Systems

In recent studies on Complex Systems and Systems-of-Systems theory, a huge effort has been put to cope with behavioral problems, i.e. the possibility of controlling a desired overall or end-to-end behavior by acting on the individual elements that constitute the system itself. This problem is particularly important in the “SMART” environments, where the huge number of devices, their significant computational capabilities as well as their tight interconnection produce a complex architecture for which it is difficult to predict (and control) a desired behavior; furthermore, if the scenario is allowed to dynamically evolve through the modification of both topology and subsystems composition, then the control problem becomes a real challenge. In this perspective, the purpose of this paper is to cope with a specific class of control problems in complex systems, the “composability of security functionalities”, recently introduced by the European Funded research through the pSHIELD and nSHIELD projects (ARTEMIS-JU programme). In a nutshell, the objective of this research is to define a control framework that, given a target security level for a specific application scenario, is able to i) discover the system elements, ii) quantify the security level of each element as well as its contribution to the security of the overall system, and iii) compute the control action to be applied on such elements to reach the security target. The main innovations proposed by the authors are: i) the definition of a comprehensive methodology to quantify the security of a generic system independently from the technology and the environment and ii) the integration of the derived metrics into a closed-loop scheme that allows real-time control of the system. The solution described in this work moves from the proof-of-concepts performed in the early phase of the pSHIELD research and enrich es it through an innovative metric with a sound foundation, able to potentially cope with any kind of pplication scenarios (railways, automotive, manufacturing, ...)

An Investigation into Dynamic Web Service Composition Using a Simulation Framework

[Motivation] Web Services technology has emerged as a promising solution for creat- ing distributed systems with the potential to overcome the limitation of former distrib- uted system technologies. Web services provide a platform-independent framework that enables companies to run their business services over the internet. Therefore, many techniques and tools are being developed to create business to business/business to customer applications. In particular, researchers are exploring ways to build new services from existing services by dynamically composing services from a range of resources. [Aim] This thesis aims to identify the technologies and strategies cur- rently being explored for organising the dynamic composition of Web services, and to determine how extensively each of these has been demonstrated and assessed. In addition, the thesis will study the matchmaking and selection processes which are essential processes for Web service composition. [Research Method] We under- took a mapping study of empirical papers that had been published over the period 2000 to 2009. The aim of the mapping study was to identify the technologies and strategies currently being explored for organising the composition of Web services, and to determine how extensively each of these has been demonstrated and assessed. We then built a simulation framework to carry out some experiments on composition strategies. The rst experiment compared the results of a close replication of an ex- isting study with the original results in order to evaluate our close replication study. The simulation framework was then used to investigate the use of a QoS model for supporting the selection process, comparing this with the ranking technique in terms of their performance. [Results] The mapping study found 1172 papers that matched our search terms, from which 94 were classied as providing practical demonstration of ideas related to dynamic composition. We have analysed 68 of these in more detail. Only 29 provided a `formal' empirical evaluation. From these, we selected a `baseline' study to test our simulation model. Running the experiments using simulated data- sets have shown that in the rst experiment the results of the close replication study and the original study were similar in terms of their prole. In the second experiment, the results demonstrated that the QoS model was better than the ranking mechanism in terms of selecting a composite plan that has highest quality score. [Conclusions] No one approach to service composition seemed to meet all needs, but a number has been investigated more. The similarity between the results of the close replication and the original study showed the validity of our simulation framework and a proof that the results of the original study can be replicated. Using the simulation it was demonstrated that the performance of the QoS model was better than the ranking mechanism in terms of the overall quality for a selected plan. The overall objectives of this research are to develop a generic life-cycle model for Web service composition from a mapping study of the literature. This was then used to run simulations to replicate studies on matchmaking and compare selection methods

Envisioning Tool Support for Designing Privacy-Aware Internet of Thing Applications

The design and development process for Internet of Things (IoT) applications is more complicated than for desktop, mobile, or web applications. IoT applications require both software and hardware to work together across multiple different types of nodes (e.g., microcontrollers, system-on-chips, mobile phones, miniaturised single-board computers, and cloud platforms) with different capabilities under different conditions. IoT applications typically collect and analyse personal data that can be used to derive sensitive information about individuals. Without proper privacy protections in place, IoT applications could lead to serious privacy violations. Thus far, privacy concerns have not been explicitly considered in software engineering processes when designing and developing IoT applications, partly due to a lack of tools, technologies, and guidance. This paper presents a research vision that argues the importance of developing a privacy-aware IoT application design tool to address the challenges mentioned above. This tool should not only transform IoT application designs into privacy-aware application designs but also validate and verify them. First, we outline how this proposed tool should work in practice and its core functionalities. Then, we identify research challenges and potential directions towards developing the proposed tool. We anticipate that this proposed tool will save many engineering hours which engineers would otherwise need to spend on developing privacy expertise and applying it. We also highlight the usefulness of this tool towards privacy education and privacy compliance

e-Business challenges and directions: important themes from the first ICE-B workshop

A three-day asynchronous, interactive workshop was held at ICE-B’10 in Piraeus, Greece in July of 2010. This event captured conference themes for e-Business challenges and directions across four subject areas: a) e-Business applications and models, b) enterprise engineering, c) mobility, d) business collaboration and e-Services, and e) technology platforms. Quality Function Deployment (QFD) methods were used to gather, organize and evaluate themes and their ratings. This paper summarizes the most important themes rated by participants: a) Since technology is becoming more economic and social in nature, more agile and context-based application develop methods are needed. b) Enterprise engineering approaches are needed to support the design of systems that can evolve with changing stakeholder needs. c) The digital native groundswell requires changes to business models, operations, and systems to support Prosumers. d) Intelligence and interoperability are needed to address Prosumer activity and their highly customized product purchases. e) Technology platforms must rapidly and correctly adapt, provide widespread offerings and scale appropriately, in the context of changing situational contexts

Digital Twin in the IoT context: a survey on technical features, scenarios and architectural models

Digital Twin is an emerging concept that is gaining attention in various industries. It refers to the ability to clone a physical object into a software counterpart. The softwarized object, termed logical object, reflects all the important properties and characteristics of the original object within a specific application context. To fully determine the expected properties of the Digital Twin, this paper surveys the state of the art starting from the original definition within the manufacturing industry. It takes into account related proposals emerging in other fields, namely, Augmented and Virtual Reality (e.g., avatars), Multi-agent systems, and virtualization. This survey thereby allows for the identification of an extensive set of Digital Twin features that point to the “softwarization” of physical objects. To properly consolidate a shared Digital Twin definition, a set of foundational properties is identified and proposed as a common ground outlining the essential characteristics (must-haves) of a Digital Twin. Once the Digital Twin definition has been consolidated, its technical and business value is discussed in terms of applicability and opportunities. Four application scenarios illustrate how the Digital Twin concept can be used and how some industries are applying it. The scenarios also lead to a generic DT architectural Model. This analysis is then complemented by the identification of software architecture models and guidelines in order to present a general functional framework for the Digital Twin. The paper, eventually, analyses a set of possible evolution paths for the Digital Twin considering its possible usage as a major enabler for the softwarization process

A Service-Oriented Approach for Sensing in the Internet of Things: Intelligent Transportation Systems and Privacy Use Cases

This paper presents a Sensing-as-a-Service run-time Service Oriented Architecture (SOA), called 3SOA, for the development of Internet of Things (IoT) applications. 3SOA aims to allow interoperability among various IoT platforms and support service-oriented modelling at high levels of abstraction where fundamental SOA theories and techniques are fully integrated into a practical software engineering approach. 3SOA abstracts the dependencies of the middleware programming model from the application logic. This abstraction allows the development efforts to focus on writing the application logic independently from hardware platforms, middleware, and languages in which applications are programmed. To achieve this result, IoT objects are treated as independent entities that may interact with each other using a well-defined message exchange sequence. Each object is defined by the services it provides and the coordination protocol it supports. Objects are then able to coordinate their resources to address the global objectives of the system. To practically validate our proposals, we demonstrate an intelligent transportation system and data privacy functional prototypes as proof of concepts. The use cases show that 3SOA and the presented abstraction language allow the amalgamation of macroprogramming and node-centric programming to develop real-time and efficient applications over IoT

Semantic interoperability in ad-hoc computing environments

This thesis introduces a novel approach in which multiple heterogeneous devices collaborate to provide useful applications in an ad-hoc network. This thesis proposes a smart home as a particular ubiquitous computing scenario considering all the requirements given by the literature for succeed in this kind of systems. To that end, we envision a horizontally integrated smart home built up from independent components that provide services. These components are described with enough syntactic, semantic and pragmatic knowledge to accomplish spontaneous collaboration. The objective of these collaboration is domestic use, that is, the provision of valuable services for home residents capable of supporting users in their daily activities. Moreover, for the system to be attractive for potential customers, it should offer high levels of trust and reliability, all of them not at an excessive price. To achieve this goal, this thesis proposes to study the synergies available when an ontological description of home device functionality is paired with a formal method. We propose an ad-hoc home network in which components are home devices modelled as processes represented as semantic services by means of the Web Service Ontology (OWL-S). In addition, such services are specified, verified and implemented by means of the Communicating Sequential Processes (CSP), a process algebra for describing concurrent systems. The utilisation of an ontology brings the desired levels of knowledge for a system to compose services in a ad-hoc environment. Services are composed by a goal based system in order to satisfy user needs. Such system is capable of understaning, both service representations and user context information. Furthermore, the inclusion of a formal method contributes with additional semantics to check that such compositions will be correctly implemented and executed, achieving the levels of reliability and costs reduction (costs derived form the design, development and implementation of the system) needed for a smart home to succeed.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

PRIME: Proactive Inter-Middleware for Global Enterprise Resource Integration

We present PRIME software ecosystem, which connects heterogeneous resources from different layers of the Internet of Things and capable of handling complex interoperability scenarios involving: hardware devices, software-based systems and humansМы представляем программную экосистему  PRIME, которая соединит разнородные ресурсы из различных слоев Интернета вещей и способна обслуживать сложные сценарии взаимодействия с участием: аппаратных устройств, программных систем и людейМи представляємо програмну екосистему PRIME, яка з'єднає різнорідні ресурси з різних верств Інтернету речей і здатна обслуговувати складні сценарії взаємодії за участю: апаратних пристроїв, програмних систем і люде

Hybrid Models as Transdisciplinary Research Enablers

This is the final version. Available on open access from Elsevier via the DOI in this recordModelling and simulation (M&S) techniques are frequently used in Operations Research (OR) to aid decision-making. With growing complexity of systems to be modelled, an increasing number of studies now apply multiple M&S techniques or hybrid simulation (HS) to represent the underlying system of interest. A parallel but related theme of research is extending the HS approach to include the development of hybrid models (HM). HM extends the M&S discipline by combining theories, methods and tools from across disciplines and applying multidisciplinary, interdisciplinary and transdisciplinary solutions to practice. In the broader OR literature, there are numerous examples of cross-disciplinary approaches in model development. However, within M&S, there is limited evidence of the application of conjoined methods for building HM. Where a stream of such research does exist, the integration of approaches is mostly at a technical level. In this paper, we argue that HM requires cross-disciplinary research engagement and a conceptual framework. The framework will enable the synthesis of discipline-specific methods and techniques, further cross-disciplinary research within the M&S community, and will serve as a transcending framework for the transdisciplinary alignment of M&S research with domain knowledge, hypotheses and theories from diverse disciplines. The framework will support the development of new composable HM methods, tools and applications. Although our framework is built around M&S literature, it is generally applicable to other disciplines, especially those with a computational element. The objective is to motivate a transdisciplinarity-enabling framework that supports the collaboration of research efforts from multiple disciplines, allowing them to grow into transdisciplinary research