SLA-Based Continuous Security Assurance in Multi-Cloud DevOps

Multi-cloud applications, i.e. those that are deployed over multiple independent Cloud providers, pose a number of challenges to the security-aware development and operation. Security assurance in such applications is hard due to the lack of insights of security controls ap- plied by Cloud providers and the need of controlling the security levels of all the components and layers at a time. This paper presents the MUSA approach to Service Level Agreement (SLA)-based continuous security assurance in multi-cloud applications. The paper details the proposed model for capturing the security controls in the o ered application Se- curity SLA and the approach to continuously monitor and asses the controls at operation phase. This new approach enables to easily align development security requirements with controls monitored at operation as well as early react at operation to any possible security incident or SLA violation.The MUSA project leading to this paper has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No. 644429

Making the Internet of Things More Reliable Thanks to Dynamic Access Control

While the Internet-of-Things (IoT) infrastructure is rapidly growing, the performance and correctness of such systems becomes more and more critical. Together with flexibility and interoperability, trustworthiness related aspects, including security, privacy, resilience and robustness, are challenging goals faced by the next generation of IoT systems. In this chapter, we propose approaches for IoT tailored access control mechanisms that ensure data and services protection against unauthorized use, with the aim of improving IoT system trustworthiness and lowering the risks of massive-scale IoT-driven cyber-attacks or incidents.acceptedVersio

Continuous Quantitative Risk Management in Smart Grids Using Attack Defense Trees

Although the risk assessment discipline has been studied from long ago as a means to support security investment decision-making, no holistic approach exists to continuously and quantitatively analyze cyber risks in scenarios where attacks and defenses may target different parts of Internet of Things (IoT)-based smart grid systems. In this paper, we propose a comprehensive methodology that enables informed decisions on security protection for smart grid systems by the continuous assessment of cyber risks. The solution is based on the use of attack defense trees modelled on the system and computation of the proposed risk attributes that enables an assessment of the system risks by propagating the risk attributes in the tree nodes. The method allows system risk sensitivity analyses to be performed with respect to different attack and defense scenarios, and optimizes security strategies with respect to risk minimization. The methodology proposes the use of standard security and privacy defense taxonomies from internationally recognized security control families, such as the NIST SP 800-53, which facilitates security certifications. Finally, the paper describes the validation of the methodology carried out in a real smart building energy efficiency application that combines multiple components deployed in cloud and IoT resources. The scenario demonstrates the feasibility of the method to not only perform initial quantitative estimations of system risks but also to continuously keep the risk assessment up to date according to the system conditions during operation.This research leading to these results was funded by the EUROPEAN COMMISSION, grant number 787011 (SPEAR Horizon 2020 project) and 780351 (ENACT Horizon 2020 project)

Towards Self-Protective Multi-Cloud Applications: MUSA – a Holistic Framework to Support the Security-Intelligent Lifecycle Management of Multi-Cloud Applications

The most challenging applications in heterogeneous cloud ecosystems are those that are able to maximise the benefits of the combination of the cloud resources in use: multi-cloud applications. They have to deal with the security of the individual components as well as with the overall application security including the communications and the data flow between the components. In this paper we present a novel approach currently in progress, the MUSA framework. The MUSA framework aims to support the security-intelligent lifecycle management of distributed applications over heterogeneous cloud resources. The framework includes security-by-design mechanisms to allow application self-protection at runtime, as well as methods and tools for the integrated security assurance in both the engineering and operation of multi-cloud applications. The MUSA framework leverages security-by-design, agile and DevOps approaches to enable the security-aware development and operation of multi-cloud applications.European Commission's H202

Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

Continuous Quantitative Risk Management in Smart Grids Using Attack Defense Trees

Although the risk assessment discipline has been studied from long ago as a means to support security investment decision-making, no holistic approach exists to continuously and quantitatively analyze cyber risks in scenarios where attacks and defenses may target different parts of Internet of Things (IoT)-based smart grid systems. In this paper, we propose a comprehensive methodology that enables informed decisions on security protection for smart grid systems by the continuous assessment of cyber risks. The solution is based on the use of attack defense trees modelled on the system and computation of the proposed risk attributes that enables an assessment of the system risks by propagating the risk attributes in the tree nodes. The method allows system risk sensitivity analyses to be performed with respect to different attack and defense scenarios, and optimizes security strategies with respect to risk minimization. The methodology proposes the use of standard security and privacy defense taxonomies from internationally recognized security control families, such as the NIST SP 800-53, which facilitates security certifications. Finally, the paper describes the validation of the methodology carried out in a real smart building energy efficiency application that combines multiple components deployed in cloud and IoT resources. The scenario demonstrates the feasibility of the method to not only perform initial quantitative estimations of system risks but also to continuously keep the risk assessment up to date according to the system conditions during operation.This research leading to these results was funded by the EUROPEAN COMMISSION, grant number 787011 (SPEAR Horizon 2020 project) and 780351 (ENACT Horizon 2020 project)

Continuous Quantitative Risk Management in Smart Grids Using Attack Defense Trees

Although the risk assessment discipline has been studied from long ago as a means to support security investment decision-making, no holistic approach exists to continuously and quantitatively analyze cyber risks in scenarios where attacks and defenses may target different parts of Internet of Things (IoT)-based smart grid systems. In this paper, we propose a comprehensive methodology that enables informed decisions on security protection for smart grid systems by the continuous assessment of cyber risks. The solution is based on the use of attack defense trees modelled on the system and computation of the proposed risk attributes that enables an assessment of the system risks by propagating the risk attributes in the tree nodes. The method allows system risk sensitivity analyses to be performed with respect to different attack and defense scenarios, and optimizes security strategies with respect to risk minimization. The methodology proposes the use of standard security and privacy defense taxonomies from internationally recognized security control families, such as the NIST SP 800-53, which facilitates security certifications. Finally, the paper describes the validation of the methodology carried out in a real smart building energy efficiency application that combines multiple components deployed in cloud and IoT resources. The scenario demonstrates the feasibility of the method to not only perform initial quantitative estimations of system risks but also to continuously keep the risk assessment up to date according to the system conditions during operation.This research leading to these results was funded by the EUROPEAN COMMISSION, grant number 787011 (SPEAR Horizon 2020 project) and 780351 (ENACT Horizon 2020 project)

Continuous Deployment of Trustworthy Smart IoT Systems.

While the next generation of IoT systems need to perform distributed processing and coordinated behaviour across IoT, Edge and Cloud infrastructures, their development and operation are still challenging. A major challenge is the high heterogeneity of their infrastructure, which broadens the surface for security attacks and increases the complexity of maintaining and evolving such complex systems. In this paper, we present our approach for Generation and Deployment of Smart IoT Systems (GeneSIS) to tame this complexity. GeneSIS leverages model-driven engineering to support the DevSecOps of Smart IoT Systems (SIS). More precisely, GeneSIS includes: (i) a domain specific modelling language to specify the deployment of SIS over IoT, Edge and Cloud infrastructure with the necessary concepts for security and privacy; and (ii) a [email protected] engine to enact the orchestration, deployment, and adaptation of these SIS. The results from our smart building case study have shown that GeneSIS can support security by design from the development (via deployment) to the operation of IoT systems and back again in a DevSecOps loop. In other words, GeneSIS enables IoT systems to keep up security and adapt to evolving conditions and threats while maintaining their trustworthiness.The research leading to these results has received funding from the European Commission’s H2020 Programme under grant agreement numbers 780351 (ENACT)

Virtual model of an orthosis-chair mobility platform for domestic environments

[Resumen] Dada una plataforma híbrida silla-ortesis que permita gestionar movilidad, postura y actuación, es necesario controlar numerosos grados de libertad. Para que la plataforma sea funcional, es necesario asegurar que el comportamiento cinemático y dinámico de dichos grados de libertad haga posible realizar tareas habituales. El presente artículo estudia mediante simulación un caso de uso correspondiente a la realización de una tarea (preparar una taza de té) en un entorno doméstico (cocina) por parte de una persona usuaria de una plataforma silla-ortesis con arquitectura POSMOFYA. Dicho caso de uso comienza con un modelado en un entorno virtual 3D, del cual se extrae la evolución de la cinemática de la plataforma híbrida y su contexto. A continuación, se realiza un estudio dinámico inverso para obtener los valores necesarios de fuerzas y pares de los actuadores. La resolución del caso de estudio permite validar el funcionamiento de la arquitectura propuesta y también dimensionar la motorización necesaria para la plataforma ortesis-silla.[Abstract] Given a hybrid orthosis-chair platform that allows managing mobility, posture, and actuation, it is necessary to control a large number of degrees of freedom. For the platform to be functional, it is necessary to ensure that the kinematic and dynamic behavior of these degrees of freedom makes it possible to perform common tasks. This article studies by simulation a case study consisting of performing a task (preparing a cup of tea) in a domestic environment (kitchen) by a user of an orthosis-chair platform with POSMOFYA architecture. This use case begins with a 3D virtual environment modeling, from which the evolution of the kinematics of the hybrid platform and its context are extracted. Then, a reverse dynamic study is performed to obtain the necessary values of forces and torques of the actuators. The resolution of the case study allows to validate the operation of the proposed architecture and to dimension the necessary motorization for the orthosis-chair platform.Ministerio de Ciencia e Innovación; PID2020-116091RB-I0

Dynamic security assurance in multi-cloud DevOps

Development and operation of multi-cloud applications, i.e. applications which consume and orchestrate services from multiple independent Cloud Service Providers, are challenging topics nowadays. Systematically addressing security assurance in such applications is an additional issue, unsolved at state of art. This paper introduces the MUSA DevOps approach to holistic security assurance in multi-cloud applications and details particularly the proposed approach to dynamic assurance at operation phase, which enables to early feed back the application security status to the development phase in order to take corrective actions as soon as possible, whenever they are needed