Research Projects

ANIKETOS - Ensuring Trustworthiness and Security in Service Composition

Aniketos (Ensuring Trustworthiness and Security in Service Composition)–funded by the EU Commission, FP7–is concerned with the design and implementation of secure and trustworthy service compositions. The project lies within the scope of the Future Internet, which will provide an environment wherein a diverse range of services are offered by a diverse range of suppliers, and users are likely to unknowingly invoke underlying services in a dynamic and ad hoc manner. Such services have to be composed and recomposed, transparently to the end user, to guarantee security and trustworthiness. (funding: EU FP7, 2010-2014)

SECURE CHANGE - Security Engineering for Lifelong Evolvable Systems

Software-based systems are becoming increasingly long-living. This was demonstrated strikingly with the occurrence of the year 2000 bug, which occurred because software had been in use for far longer than its expected lifespan. At the same time, software-based systems are getting increasingly security-critical since software now pervades the whole critical infrastructures dealing with critical data of both nations and also private individuals. There is therefore a growing demand for more assurance and more verified security properties of IT systems both during development and at deployment time, in particular also for long living systems. Yet a long lived system also needs to be flexible, to adapt to changes and adjust to evolving requirements, usage and attack models. However, using today's system engineering techniques we are forced to trade flexibility for assurance or vice versa. Our objective is thus to develop techniques and tools that ensure "lifelong" compliance to evolving security, privacy and dependability requirements for a long-running evolving software system. This is challenging because these requirements are not necessarily preserved by system evolution. The project will develop techniques, tools, and processes that support design techniques for evolution, testing, verification, re-configuration and local analysis of evolving software. The project results will be applied and evaluated in particular in the industrial application domains of mobile devices, digital homes, and large scale air traffic management which all offer both great research challenges and long-term business opportunities. (funding: EU FP7, 2009-2012)

MASTER - Managing Assurance, Security and Trust for sERvices

MASTER will provide methodologies and infrastructure that facilitate monitoring, enforcement, and auditing of security compliance, especially where highly dynamic service oriented architectures are used to support business process enactment in single, multi-domain, and iterated contexts. In MASTER, we focus on the regulatory requirements related to IT support of application of security policies to business processes in organizations. From the view point of regulatory compliance, MASTER brings added value in two main respects. Firstly, it provides an approach to implementation and maintence of auditable provisions to achieve and assure compliance with a set of regulatory requirements. Secondly, it provides a oncrete implementation of this approach, specifically to Service Oriented Systems. (funding: EU FP7, 2008-2011)

MEnSA - Methodologies for the Engineering of complex software Systems: Agent-based approach

MEnSA is a research project financed by the Italian Ministery for Education, University, and Research (Ministero dell'Università e della Ricerca). The main objective is the creation of agent-oriented software engineering methodologies that support the development of complex software systems. The methodologies will assist the whole development processs, from the requirements analysis to the actual implementation of the systems, using a metamodel-based approach. The expected result is a contribute in filling the existing gap between agent-oriented methodologies and multi-agent systems.
(funding: MIUR, 2007-2009)

SERENITY - System Engineering for Security and Dependability

SERENITY addresses Security and dependability in Ambient Intelligence Systems. Currently, the provision of appropriate security and dependability mechanisms for Ambient Intelligence (AmI) ecosystems remains an unsolved issue. SERENITY aims to create the first practical secure and dependable solution for these heterogeneous and dynamic architectures. SERENITY project has a wide scope, ranging from low-level security mechanisms to high-level organizational modeling. SERENITY proposes not only an architecture that supports secure and dependable systems, but also modeling languages and methods that allow for designing such systems. (funding: EU FP6, 2006-2009)

MOSTRO - MOdeling Security and Trust Relationships within organizations

Although security concerns are central to organizations, they rarely affect the software design and development. This simple observation explains why nowadays software problems are mainly due to security design flaws. These kinds of flaw are hard to detect, and are often the major cause for system reorganization and adjustments which are notoriously expensive processes. The MOSTRO project aims at detecting and isolating security flaws in the very early stages of software design and development, taking into account the reasons for the existence of ineffective practices in software design. The project is based on an interdisciplinary approach to the security problem, that combines techniques coming from ontological analysis, security modelling, multi-agents reasoning, and systems engineering in order to formally characterize security concerns in a coherent and verifiable way at all stages of software design and development.(funding: PAT, 2006-2007)


Back to top