Human in the Loop: What is the Point of no Return?

The main goal of any feedback control system is essentially to remove humans from the loop. This has always been the goal in the engineering of control systems. The MAPE-K loop is the embodiment of a feedback control loop in self-adaptive software systems, but the complete removal of humans from the control loop has not been thoroughly debated. One of the reasons is that, software systems are social-technical systems, and as such, humans need to be considered right from the inception of such systems, otherwise their deployment is bound to fail. However, as software self-adaptation progresses, enabling to place higher assurances on the deployment of these systems to the point humans become dispensable, some ethical questions need to be raised. Similar questions have been raised in past when the first automatic systems became intrinsic to the industrial fabric. The difference between then and now is that then the impact was confined to portions of the society, but now the implications are much wider, if we consider, in particular, software systems that are able to change themselves. If humans are not aware of those changes, and their implications, humans cease to be in tune with the system they are operating, and inevitably accidents will ensue. The point of no return in self-adaptive software systems refers to the moment in their technical maturity when any human involvement with the operation of a system is perceived to create more harm than benefit. Confronted with this situation, software engineers need start asking themselves some basic ethical questions. Do we really need to consider humans as an integral part of self-adaptive software systems? If humans are removed from the control loop, what kind of assurances will be needed for society to accept such systems

Enabling the Autonomic Management of Federated Identity Providers

The autonomic management of federated authorization infrastructures (federations) is seen as a means for improving the monitoring and use of a service provider’s resources. However, federations are comprised of independent management domains with varying scopes of control and data ownership. The focus of this paper is on the autonomic management of federated identity providers by service providers located in other domains, when the identity providers have been diagnosed as the source of abuse. In particular, we describe how an autonomic controller, external to the domain of the identity provider, exercises control over the issuing of privilege attributes. The paper presents a conceptual design and implementation of an effector for an identity provider that is capable of enabling cross-domain autonomic management. The implementation of an effector for a SimpleSAMLphp identity provider is evaluated by demonstrating how an autonomic controller, together with the effector, is capable of responding to malicious abuse

An Object-Based Approach to Modelling and Analysis of Failure Properties

In protection systems, when traditional technology is replaced by software, the functionality and complexity of the system is likely to increase. The quantitative evidence normally provided for safety certification of traditional systems cannot be relied upon in software-based systems. Instead there is a need to provide qualitative evidence. As a basis for the required qualitative evidence, we propose an object-based approach that allows modelling of both the application and software domains. From the object class model of a system and a formal specification of the failure properties of its components, we generate a graph of failure propagation over object classes, which is then used to generate a graph in terms of object instances in order to conduct fault tree analysis. The model is validated by comparing the resulting minimal cut sets with those obtained from the fault tree analysis of the original system. The approach is illustrated on a case study based on a protection system from..

Software Self-adaptation and Industry: Blame MAPE-K

If software self-adaptation has to be widely adopted by industry, we need to think big, embrace complexity, provide easily deployed and cost-effective solutions, and justify trust. On fairness, MAPE-K should not solely take the blame. MAPE-K is one of the many interpretations of feedback loops apply to systems for which mathematical models - mostly based on control theory, are difficult to be synthesised. MAPE-K has provided a basic and widely accepted framework for justifying the deployment of feedback loops in software systems. Undoubtedly, it has helped to promote and advance the whole area, but now more concrete and resilient solutions are necessary. This position paper argues that, first, industry has been adopting software self-adaptation, perhaps in a way that may not be recognised by the academic community, second, generic solutions are unfeasible since every software system brings its own challenges, and thirdly, the generic stages associated with a feedback loop, like MAPE-K, are insufficient to solve specific challenges

Run-time generation, transformation, and verification of access control models for self-protection

Self-adaptive access control, in which self-* properties are applied to protecting systems, is a promising solution for the handling of malicious user behaviour in complex infrastructures. A major challenge in self-adaptive access control is ensuring that chosen adaptations are valid, and produce a satisfiable model of access. The contribution of this paper is the generation, transformation and verification of Role Based Access Control (RBAC) models at run-time, as a means for providing assurances that the adaptations to be deployed are valid. The goal is to protect the system against insider threats by adapting at run-time the access control policies associated with system resources, and access rights assigned to users. Depending on the type of attack, and based on the models from the target system and its environment, the adapted access control models need to be evaluated against the RBAC metamodel, and the adaptation constraints related to the application. The feasibility of the proposed approach has been demonstrated in the context of a fully working prototype using malicious scenarios inspired by a well documented case of insider attack

Self-adaptation made easy with Blockchains

This position paper describes how blockchains facilitate the implementation of distributed self-adaptive systems. We demonstrate how the master/slave decentralised control pattern for self-adaptive systems, integrated with a permissioned blockchain, can protect nodes of a network against attacks by continuously adapting the membership of an access control list. Whenever malicious behaviour is detected, consensus on an updated access control list is reached, and that node is removed from the network. Using a smart home, as an example, we demonstrate that a permissioned blockchain is able to maintain a consistent view of a network of Internet of Things (IoT) devices in the presence of malicious nodes

EVASÃO NOS CURSOS DO PROEJA: UM ESTUDO DE CASO NO IFRJ.

O Curso de Manutenção e Suporte em Informática Integrado ao Ensino Médio na Modalidade de Jovens e Adultos, oferecido no Campus Rio de Janeiro do Instituto Federal de Educação, Ciência e Tecnologia do RJ(IFRJ), tem como proposta a formação de jovens e adultos que não tiveram oportunidade de concluir a Educação Básica em época oportuna. O curso tem apresentado baixa procura e elevado índice de evasão. Diante desta situação, chegou-se a seguinte questão: Quais ações organizacionais podem ser realizadas para possibilitar a alteração desse cenário? Visando responder à questão problemática da evasão foi estruturado o seguinte objetivo principal: Realizar um diagnóstico sobre permanência, evasão escolar e elaborar um Plano de Ação Educacional para reduzir a evasão no curso de MSI-CRJ do IFRJ contribuindo para o alcance das metas organizacionais e sociais. Como metodologia foi realizada pesquisa qualitativa tendo como instrumentos de coleta de dados pesquisa documental, revisão bibliográfica e entrevistas semiestruturadas. O estudo utilizou a análise de conteúdo e posterior categorização dos dados. A pesquisa apresentou como resultado a elaboração de Plano de Ação Educacional

AVALIAÇÃO DA EVASÃO ESCOLAR NO CURSO DE MANUTENÇÃO E SUPORTE EM INFORMÁTICA INTEGRADO AO ENSINO MÉDIO, NA MODALIDADE DE EDUCAÇÃO DE JOVENS E ADULTOS NO CAMPUS RJ DO INSTITUTO FEDERAL DE EDUCAÇÃO, CIÊNCIA E TECNOLOGIA DO RIO DE JANEIRO (IFRJ)

O Curso de Manutenção e Suporte em Informática Integrado ao Ensino Médio na Modalidade de Jovens e Adultos, oferecido no Campus Rio de Janeiro do Instituto Federal de Educação, Ciência e Tecnologia do RJ(IFRJ), tem como proposta a formação de jovens e adultos que não tiveram oportunidade de concluir a Educação Básica em época oportuna. O curso tem baixa procura e elevado índice de evasão. Diante desta situação, chegou-se a seguinte questão: Quais ações organizacionais podem ser realizadas para possibilitar a alteração desse cenário. Visando responder à questão problemática da evasão foi estruturado o seguinte objetivo principal: Realizar um diagnóstico sobre permanência e evasão escolar e elaborar um Plano de Ação Educacional para reduzir a evasão no curso de MSI-CRJ do IFRJ contribuindo para o alcance das metas organizacionais e sociais. Como metodologia foi realizada pesquisa qualitativa tendo como instrumentos de coleta de dados pesquisa documental, revisão bibliográfica e entrevistas semiestruturadas. O estudo utilizou a análise de conteúdo e posterior categorização dos dados. A pesquisa apresentou como resultado a elaboração de Plano de Ação Educacional, constituído de ações para diminuir a evasão escolar no curso de MSI-CRJ e alcançar os resultados organizacionais e sociais planejados