Research Projects
ANIKETOS - Ensuring Trustworthiness and Security in Service Composition
Aniketos (Ensuring Trustworthiness and Security in Service Composition)–funded by the EU Commission, FP7–is concerned with the design and implementation of secure and trustworthy service compositions. The project lies within the scope of the Future Internet, which will provide an environment wherein a diverse range of services are offered by a diverse range of suppliers, and users are likely to unknowingly invoke underlying services in a dynamic and ad hoc manner. Such services have to be composed and recomposed, transparently to the end user, to guarantee security and trustworthiness. (funding: EU FP7, 2010-2014)
SECURE CHANGE - Security Engineering for Lifelong Evolvable Systems
Software-based systems are becoming increasingly long-living. This was demonstrated strikingly with the occurrence of the year 2000 bug, which occurred because software had been in use for far longer than its expected lifespan. At the same time, software-based systems are getting increasingly security-critical since software now pervades the whole critical infrastructures dealing with critical data of both nations and also private individuals. There is therefore a growing demand for more assurance and more verified security properties of IT systems both during development and at deployment time, in particular also for long living systems. Yet a long lived system also needs to be flexible, to adapt to changes and adjust to evolving requirements, usage and attack models. However, using today's system engineering techniques we are forced to trade flexibility for assurance or vice versa. Our objective is thus to develop techniques and tools that ensure "lifelong" compliance to evolving security, privacy and dependability requirements for a long-running evolving software system. This is challenging because these requirements are not necessarily preserved by system evolution. The project will develop techniques, tools, and processes that support design techniques for evolution, testing, verification, re-configuration and local analysis of evolving software. The project results will be applied and evaluated in particular in the industrial application domains of mobile devices, digital homes, and large scale air traffic management which all offer both great research challenges and long-term business opportunities. (funding: EU FP7, 2009-2012)
MASTER - Managing Assurance, Security and Trust for sERvices
MASTER will provide methodologies and
infrastructure that facilitate monitoring, enforcement, and auditing of
security compliance, especially where highly dynamic service oriented
architectures are used to support business process enactment in single,
multi-domain, and iterated contexts. In MASTER, we focus on the
regulatory requirements related to IT support of application of security
policies to business processes in organizations. From the view point of
regulatory compliance, MASTER brings added value in two main respects.
Firstly, it provides an approach to implementation and maintence of
auditable provisions to achieve and assure compliance with a set of
regulatory requirements. Secondly, it provides a oncrete implementation
of this approach, specifically to Service Oriented Systems. (funding: EU
FP7, 2008-2011)
MEnSA - Methodologies for the Engineering of complex software Systems: Agent-based approach
MEnSA is a research project financed by the Italian Ministery for Education, University, and Research (Ministero dell'Università e della Ricerca).
The main objective is the creation of agent-oriented software
engineering methodologies that support the development of complex
software systems. The methodologies will assist the whole development
processs, from the requirements analysis to the actual implementation of
the systems, using a metamodel-based approach. The expected result is a
contribute in filling the existing gap between agent-oriented
methodologies and multi-agent systems. (funding: MIUR, 2007-2009)
SERENITY - System Engineering for Security and Dependability
SERENITY addresses Security and dependability in Ambient Intelligence Systems. Currently,
the provision of appropriate security and dependability mechanisms for
Ambient Intelligence (AmI) ecosystems remains an unsolved issue.
SERENITY aims to create the first practical secure and dependable
solution for these heterogeneous and dynamic architectures. SERENITY
project has a wide scope, ranging from low-level security mechanisms to
high-level organizational modeling. SERENITY proposes not only an
architecture that supports secure and dependable systems, but also
modeling languages and methods that allow for designing such systems.
(funding: EU FP6, 2006-2009)
MOSTRO - MOdeling Security and Trust Relationships within organizations
Although security concerns are central to organizations, they rarely
affect the software design and development. This simple observation
explains why nowadays software problems are mainly due to security
design flaws. These kinds of flaw are hard to detect, and are often the
major cause for system reorganization and adjustments which are
notoriously expensive processes. The MOSTRO project aims at detecting
and isolating security flaws in the very early stages of software design
and development, taking into account the reasons for the existence of
ineffective practices in software design. The project is based on an
interdisciplinary approach to the security problem, that combines
techniques coming from ontological analysis, security modelling,
multi-agents reasoning, and systems engineering in order to formally
characterize security concerns in a coherent and verifiable way at all
stages of software design and development.(funding: PAT, 2006-2007)