George Spanoudakis | City, University of London (original) (raw)
George Spanoudakis is Professor of Software Engineering at City University London. He is also a member of the Council of University of Piraeus (Greece). He holds a BSc degree in Informatics (Athens University of Economics & Business Science, 1988), an MSc degree in Advanced Methods in Computer Science (Queen Mary College-University of London, 1989) and a PhD in Computer Science (University of Crete, 1994). Prior to his current post, he had been a lecturer (1997-99), senior lecturer (1999-2004) and reader (2004-06) at City University. He had also been Head of the Department of Computing at City (2004-2007) and Associate Dean for Research of the School of Informatics at City (2010-2014), and held visiting posts at University of Crete (1999), London School of Economics (1999), University of Essen (2001) and University of Malaga (2008).
Professor Spanoudakis works in the broad field of software systems engineering, leading the Software Engineering at City research group (SE@City). His current research interests focus on service oriented computing, cloud computing and software systems security (with particular focus on assessing system security compliance and risk, and security certification). He has published extensively in the areas of his research (more than 125 peer reviewed publications) and has obtained more than 5.2m Euro of external research funding. He has also been the principal investigator of several research projects including the EU Framework 7 projects EMBalance (Dec 2013 - Nov 2016), CUMULUS (Certification Infrastructure for Multi-Layer Cloud Services, Oct 2012- Sep 2015), ASSERT4SOA (Advanced Security Service Certificates for SOA, 2010-13), IoT-at-Work (IoT technology in manufacturing, 2010-2013, co investigator), S-CUBE (Software, Systems and Services Network of Excellence, 2008-12) and SLA@SOI (Empowering the Service Economy with SLA-aware Infrastructures, 2008-11), the EU Framework 6 projects SERENITY (Systems Engineering for Security and Dependability, 2006-08), PEPERS (Mobile Peer-to-Peer Security Infrastructure, 2006-08), SECSE (Service-centric System Engineering, 2004-2008), GREDIA (2006-2009, co-investigator), and the EPSRC project IMOOSD (1999-2000).
Beyond research, he has been providing consultancy advice to private companies, public funding bodies, universities and standardisation bodies.
He has also been serving as a member of the editorial boards of international journals, including International Journal of Software Engineering and Knowledge Engineering. The Scientific World Journal (Computer Science Domain), Int. Journal On Advances in Intelligent Systems, Int. Journal On Advances in Security, and Int. Journal On Advances in Software , and the programme committees of more than 140 international conferences and workshops.
less
Related Authors
King AbdulAziz University (KAU) Jeddah, Saudi Arabia
Uploads
Papers by George Spanoudakis
2018 IEEE 11th International Conference on Cloud Computing (CLOUD), 2018
Enabled by advances in Cloud technologies, Big Data Analytics Services (BDAS) can improve many pr... more Enabled by advances in Cloud technologies, Big Data Analytics Services (BDAS) can improve many processes and identify extra information from previously untapped data sources. As our experience with BDAS and its benefits grows and technology for obtaining even more data improves, BDAS becomes ever more important for many different domains and for our daily lives. Most efforts in improving BDAS technologies have focused on scaling and efficiency issues. However, an equally important property is that of security, especially as we increasingly use public Cloud infrastructures instead of private ones. In this paper we present our approach for strengthening BDAS security by modifying the popular Spark infrastructure so as to monitor at run-time the integrity of data manipulated. In this way, we can ensure that the results obtained by the complex and resource-intensive computations performed on the Cloud are based on correct data and not data that have been tampered with or modified through faults in one of the many and complex subsystems of the overall system.
IEEE Transactions on Services Computing, 2017
Ensuring the preservation of security is a key requirement and challenge for Service-Based System... more Ensuring the preservation of security is a key requirement and challenge for Service-Based Systems (SBS) due to the use of third party software services not operating under different security perimeters. In this paper, we present an approach for verifying the security properties of SBS workflows and adapting them if such properties are not preserved. Our approach uses secure service composition patterns. These patterns encode proven dependencies between service level and workflow level security properties. These dependencies are used in reasoning processes supporting the verification of SBS workflows with respect to workflow security properties and their adaptation in ways that guarantee the properties if necessary. Our approach has been implemented by extending the Eclipse BPEL Designer and validated experimentally. The experimental evaluation has produced positive results, indicating that even for complex workflows and large sets of secure service composition patterns verification can be performed efficiently.
International Journal of Cooperative Information Systems, 2006
This paper presents a framework for monitoring the compliance of systems composed of Web-services... more This paper presents a framework for monitoring the compliance of systems composed of Web-services with requirements set for them at runtime. This framework assumes systems composed of Web-services which are co-coordinated by a service composition process expressed in BPEL and uses event calculus to specify the requirements to be monitored. These requirements may include behavioral properties of a system which are automatically extracted from the specification of its composition process in BPEL and/or assumptions that system providers can specify in terms of events extracted from this specification.
Test and Analysis of Web Services
In this paper, we present a framework that we have developed to support the monitoring of service... more In this paper, we present a framework that we have developed to support the monitoring of service level agreements. The agreements that can be monitored by this framework are expressed in an extension of WS-Agreement that we propose. The main characteristic of the proposed extension is that it uses an event calculus based language, called EC-Assertion, for the specification of the service guarantee terms in a service level agreement that need to be monitored at runtime. The use of EC-Assertion for specifying service guarantee terms provides a well-defined semantics to the specification of such terms and a formal reasoning framework for assessing their satisfiability. The paper describes also an implementation of the framework and the results of a set of experiments that we have conducted to evaluate it.
Lecture Notes in Computer Science
In this paper we describe a framework that supports the dynamic configuration, adaptation and mon... more In this paper we describe a framework that supports the dynamic configuration, adaptation and monitoring of systems that need to guarantee specific security and dependability (S&D) properties whilst operating in distributed settings. The framework is based on patterns providing abstract specifications of implementation solutions that can be used by systems in order to achieve specific S&D properties. The focus herein will be on the monitoring aspects of the framework which allow it to adapt to violations of the S&D requirements and changes to the current context.
Proceedings of the 2nd international conference on Service oriented computing, 2004
This paper proposes a framework for monitoring the compliance of systems composed of web-services... more This paper proposes a framework for monitoring the compliance of systems composed of web-services with requirements set for them. This framework assumes systems composed of web-services that are coordinated by a service composition process expressed in BPEL4WS and uses event calculus to specify the properties to be monitored. The monitorable properties may include behavioural properties of a system which are automatically extracted from the specification of its composition process in BPEL4WS and/or assumptions that system providers can specify in terms of events extracted from this specification.
2012 IEEE Ninth International Conference on Services Computing, 2012
With the increased awareness of security and safety of services in on-demand distributed service ... more With the increased awareness of security and safety of services in on-demand distributed service provisioning (such as the recent adoption of Cloud infrastructures), certification and compliance checking of services is becoming a key element for service engineering. Existing certification techniques tend to support mainly design-time checking of service properties and tend not to support the run-time monitoring and progressive certification in the service execution environment. In this paper we discuss an approach which provides both design-time and runtime behavioural compliance checking for a services architecture, through enabling a progressive event-driven model-checking technique. Providing an integrated approach to certification and compliance is a challenge however using analysis and monitoring techniques we present such an approach for ongoing compliance checking.
Advances in Information Security, 2009
The SERENITY monitoring framework offers mechanisms for diagnosing the causes of violations of se... more The SERENITY monitoring framework offers mechanisms for diagnosing the causes of violations of security and dependability (S&D) properties and detecting potential violations of such properties, called "threats". Diagnostic information and threat detection are often necessary for deciding what an appropriate reaction to a violation is and taking pre-emptive actions against predicted violations, respectively. In this chapter, we describe the mechanisms of the SERENITY monitoring framework which generate diagnostic information for violations of S&D properties and detecting threats.
Lecture Notes in Computer Science, 2014
This paper presents an approach that we have developed to support the design of secure service ba... more This paper presents an approach that we have developed to support the design of secure service based applications in BPEL. The approach is based on the use of secure service composition patterns, which are proven to preserve composition level security properties if the services that are composed according to the pattern satisfy other properties individually. The secure service composition patterns are used for two purposes: (a) to analyse whether a given workflow fragment satisfies a given security property, and (b) to generate compositions of services that could substitute for individual services within the workflow that cause the violation of the security properties. Our approach has been implemented in a tool that is based on Eclipse BPEL Designer.
IEEE International Conference on Services Computing (SCC 2007), 2007
Service discovery has been recognised as an important aspect of service oriented computing. This ... more Service discovery has been recognised as an important aspect of service oriented computing. This is even more the case when developing service centric systems in which software systems are constructed based on the identification and composition of web services that together can fulfil the functionality of the system being developed. In this paper we present a framework that supports the discovery of services that can provide the functionality and satisfy the properties and constraints of service-based systems during their design phase. Our framework makes use of linear composition of service operations in which more than one web service operations can be combined to fulfil a functionality of the system when no single operation can be identified. The discovery process is based on a graph-matching algorithm. A prototype tool has been developed to demonstrate and evaluate the framework.
International Conference on Web Services, 2005
This paper describes a framework supporting the run- time monitoring of requirements for systems ... more This paper describes a framework supporting the run- time monitoring of requirements for systems implemented as compositions of web-services specified in BPEL. The requirements that can be monitored are specified in event calculus. The paper presents an overview of the framework and describes the architecture and implementation of a tool that we have developed to operationalise it. It also presents
Proceedings of the 2007 ACM symposium on Applied computing, 2007
Runtime monitoring is performed during system execution to detect whether the system's behaviour ... more Runtime monitoring is performed during system execution to detect whether the system's behaviour deviates from that described by requirements. To support this activity we have developed a monitoring framework that expresses the requirements to be monitored in event calculus-a formal temporal first order language. Following an investigation of how this framework could be used to monitor security requirements, in this paper we propose patterns for expressing three basic types of such requirements, namely confidentiality, integrity and availability. These patterns aim to ease the task of specifying confidentiality, integrity and availability requirements in monitorable forms by non-expert users. The paper illustrates the use of these patterns using examples of an industrial case study.
2008 The Third International Conference on Internet Monitoring and Protection, 2008
The development of dependable mobile P2P systems is an inherently challenging task since such sys... more The development of dependable mobile P2P systems is an inherently challenging task since such systems may operate in largely uncontrolled environments and may engage new peers or lose existing ones without any form of centralised control. In these circumstances, dependability and security can be enhanced through the runtime monitoring (a.k.a. dynamic verification) of the compliance of the system behaviour against specific dependability and security properties and the execution of control in cases where properties are violated. In this paper we present a framework for the dynamic verification and control of mobile P2P systems, which uses peer-specific monitoring policies to specify application-level properties. The deployment of this framework for monitoring system behaviour adds an extra layer of security and dependability checking, which is independent from checks performed directly by the P2P system that is being monitored. Thus, it makes the system more fault-tolerant and enables event logging that could be used for further analysis and prevention of attacks.
Proceedings. 19th International Conference on Automated Software Engineering, 2004.
This paper proposes a framework for run-time monitoring of the compliance of systems composed of ... more This paper proposes a framework for run-time monitoring of the compliance of systems composed of web-services with requirements set for them. The framework assumes systems composed of web-services which are coordinated by a service composition process expressed in BPEL4WS and uses event calculus to specify the requirements to be monitored. These requirements include behavioural properties of the system which are automatically extracted from the specification of its composition process in BPEL4WS and/or assumptions that system providers can specify in terms of events extracted from this specification. Requirements are checked using a variant of techniques for checking integrity constraints against temporal deductive databases.
IEEE International Conference on Web Services (ICWS 2007), 2007
In this paper we describe a platform that supports context aware runtime service discovery. The p... more In this paper we describe a platform that supports context aware runtime service discovery. The platform supports service discovery based on structural and behavioural service models as well as complex context related service discovery conditions which are specified in a newly introduced query language. During discovery, context information is obtained through a uniform scheme of calling "context operations" and is subsequently used in the evaluation of service discovery queries.
2014 IEEE International Conference on Services Computing, 2014
In this paper, we introduce a hybrid approach for certifying security properties of cloud service... more In this paper, we introduce a hybrid approach for certifying security properties of cloud services that combines monitoring and testing data. The paper argues about the need for hybrid certification and examines some basic characteristics of hybrid certification models.
Security and Dependability for Ambient Intelligence, 2009
AmI considerations lead us to argue that it is essential for Security and Dependability (S&D) mec... more AmI considerations lead us to argue that it is essential for Security and Dependability (S&D) mechanisms to be able to adapt themselves to renewable context conditions in order to be applied to the ever-changing AmI scenarios. The key for this dynamic adaptation relies on the ability to capture the expertise of S&D engineers in such a way that it can be selected, adapted, used and monitored at runtime by automated means. S&D Artefacts proposed in this chapter represent the core of author's approach to precisely model such expertise in form of semantic descriptions. They adopt an integral methodology covering the complete system life cycle going from S&D Classes, mostly used at development time, to S&D Patterns and S&D Implementations, perfectly suited for deployment and runtime use. This chapter traces the foundations and internals of S&D Artefacts, describing how they
Journal of Systems and Software, 2004
The support for traceability between requirement specifications has been recognised as an importa... more The support for traceability between requirement specifications has been recognised as an important task in the development life-cycle of software systems. In this paper, we present a rule-based approach to support the automatic generation of traceability relations between documents which specify requirement statements and use cases (expressed in structured forms of natural language), and analysis object models for software systems. The generation of such relations is based on traceability rules of two different types of traceability rules. More specifically, we use requirement-to-object-model rules to trace the requirements and use case specification documents to an analysis object model, and inter-requirements traceability rules to trace requirement and use case specification documents to each other. By deploying such rules, our approach can generate four different types of traceability relations. To implement and demonstrate our approach, we have implemented a traceability prototype system. This system assumes requirement and use case specification documents and analysis object models represented in XML. It also uses traceability rules are also represented in an XML-based rule markup language that we have developed for this purpose. This XML-based representation framework makes it easier to deploy our prototype in settings characterised by the use of heterogeneous software engineering and requirements management tools. The developed prototype has been used in a series of experiments that we have conducted to evaluate our approach. The results of these experiments have provided encouraging initial evidence about the plausibility of our approach and are discussed in the paper.
2018 IEEE 11th International Conference on Cloud Computing (CLOUD), 2018
Enabled by advances in Cloud technologies, Big Data Analytics Services (BDAS) can improve many pr... more Enabled by advances in Cloud technologies, Big Data Analytics Services (BDAS) can improve many processes and identify extra information from previously untapped data sources. As our experience with BDAS and its benefits grows and technology for obtaining even more data improves, BDAS becomes ever more important for many different domains and for our daily lives. Most efforts in improving BDAS technologies have focused on scaling and efficiency issues. However, an equally important property is that of security, especially as we increasingly use public Cloud infrastructures instead of private ones. In this paper we present our approach for strengthening BDAS security by modifying the popular Spark infrastructure so as to monitor at run-time the integrity of data manipulated. In this way, we can ensure that the results obtained by the complex and resource-intensive computations performed on the Cloud are based on correct data and not data that have been tampered with or modified through faults in one of the many and complex subsystems of the overall system.
IEEE Transactions on Services Computing, 2017
Ensuring the preservation of security is a key requirement and challenge for Service-Based System... more Ensuring the preservation of security is a key requirement and challenge for Service-Based Systems (SBS) due to the use of third party software services not operating under different security perimeters. In this paper, we present an approach for verifying the security properties of SBS workflows and adapting them if such properties are not preserved. Our approach uses secure service composition patterns. These patterns encode proven dependencies between service level and workflow level security properties. These dependencies are used in reasoning processes supporting the verification of SBS workflows with respect to workflow security properties and their adaptation in ways that guarantee the properties if necessary. Our approach has been implemented by extending the Eclipse BPEL Designer and validated experimentally. The experimental evaluation has produced positive results, indicating that even for complex workflows and large sets of secure service composition patterns verification can be performed efficiently.
International Journal of Cooperative Information Systems, 2006
This paper presents a framework for monitoring the compliance of systems composed of Web-services... more This paper presents a framework for monitoring the compliance of systems composed of Web-services with requirements set for them at runtime. This framework assumes systems composed of Web-services which are co-coordinated by a service composition process expressed in BPEL and uses event calculus to specify the requirements to be monitored. These requirements may include behavioral properties of a system which are automatically extracted from the specification of its composition process in BPEL and/or assumptions that system providers can specify in terms of events extracted from this specification.
Test and Analysis of Web Services
In this paper, we present a framework that we have developed to support the monitoring of service... more In this paper, we present a framework that we have developed to support the monitoring of service level agreements. The agreements that can be monitored by this framework are expressed in an extension of WS-Agreement that we propose. The main characteristic of the proposed extension is that it uses an event calculus based language, called EC-Assertion, for the specification of the service guarantee terms in a service level agreement that need to be monitored at runtime. The use of EC-Assertion for specifying service guarantee terms provides a well-defined semantics to the specification of such terms and a formal reasoning framework for assessing their satisfiability. The paper describes also an implementation of the framework and the results of a set of experiments that we have conducted to evaluate it.
Lecture Notes in Computer Science
In this paper we describe a framework that supports the dynamic configuration, adaptation and mon... more In this paper we describe a framework that supports the dynamic configuration, adaptation and monitoring of systems that need to guarantee specific security and dependability (S&D) properties whilst operating in distributed settings. The framework is based on patterns providing abstract specifications of implementation solutions that can be used by systems in order to achieve specific S&D properties. The focus herein will be on the monitoring aspects of the framework which allow it to adapt to violations of the S&D requirements and changes to the current context.
Proceedings of the 2nd international conference on Service oriented computing, 2004
This paper proposes a framework for monitoring the compliance of systems composed of web-services... more This paper proposes a framework for monitoring the compliance of systems composed of web-services with requirements set for them. This framework assumes systems composed of web-services that are coordinated by a service composition process expressed in BPEL4WS and uses event calculus to specify the properties to be monitored. The monitorable properties may include behavioural properties of a system which are automatically extracted from the specification of its composition process in BPEL4WS and/or assumptions that system providers can specify in terms of events extracted from this specification.
2012 IEEE Ninth International Conference on Services Computing, 2012
With the increased awareness of security and safety of services in on-demand distributed service ... more With the increased awareness of security and safety of services in on-demand distributed service provisioning (such as the recent adoption of Cloud infrastructures), certification and compliance checking of services is becoming a key element for service engineering. Existing certification techniques tend to support mainly design-time checking of service properties and tend not to support the run-time monitoring and progressive certification in the service execution environment. In this paper we discuss an approach which provides both design-time and runtime behavioural compliance checking for a services architecture, through enabling a progressive event-driven model-checking technique. Providing an integrated approach to certification and compliance is a challenge however using analysis and monitoring techniques we present such an approach for ongoing compliance checking.
Advances in Information Security, 2009
The SERENITY monitoring framework offers mechanisms for diagnosing the causes of violations of se... more The SERENITY monitoring framework offers mechanisms for diagnosing the causes of violations of security and dependability (S&D) properties and detecting potential violations of such properties, called "threats". Diagnostic information and threat detection are often necessary for deciding what an appropriate reaction to a violation is and taking pre-emptive actions against predicted violations, respectively. In this chapter, we describe the mechanisms of the SERENITY monitoring framework which generate diagnostic information for violations of S&D properties and detecting threats.
Lecture Notes in Computer Science, 2014
This paper presents an approach that we have developed to support the design of secure service ba... more This paper presents an approach that we have developed to support the design of secure service based applications in BPEL. The approach is based on the use of secure service composition patterns, which are proven to preserve composition level security properties if the services that are composed according to the pattern satisfy other properties individually. The secure service composition patterns are used for two purposes: (a) to analyse whether a given workflow fragment satisfies a given security property, and (b) to generate compositions of services that could substitute for individual services within the workflow that cause the violation of the security properties. Our approach has been implemented in a tool that is based on Eclipse BPEL Designer.
IEEE International Conference on Services Computing (SCC 2007), 2007
Service discovery has been recognised as an important aspect of service oriented computing. This ... more Service discovery has been recognised as an important aspect of service oriented computing. This is even more the case when developing service centric systems in which software systems are constructed based on the identification and composition of web services that together can fulfil the functionality of the system being developed. In this paper we present a framework that supports the discovery of services that can provide the functionality and satisfy the properties and constraints of service-based systems during their design phase. Our framework makes use of linear composition of service operations in which more than one web service operations can be combined to fulfil a functionality of the system when no single operation can be identified. The discovery process is based on a graph-matching algorithm. A prototype tool has been developed to demonstrate and evaluate the framework.
International Conference on Web Services, 2005
This paper describes a framework supporting the run- time monitoring of requirements for systems ... more This paper describes a framework supporting the run- time monitoring of requirements for systems implemented as compositions of web-services specified in BPEL. The requirements that can be monitored are specified in event calculus. The paper presents an overview of the framework and describes the architecture and implementation of a tool that we have developed to operationalise it. It also presents
Proceedings of the 2007 ACM symposium on Applied computing, 2007
Runtime monitoring is performed during system execution to detect whether the system's behaviour ... more Runtime monitoring is performed during system execution to detect whether the system's behaviour deviates from that described by requirements. To support this activity we have developed a monitoring framework that expresses the requirements to be monitored in event calculus-a formal temporal first order language. Following an investigation of how this framework could be used to monitor security requirements, in this paper we propose patterns for expressing three basic types of such requirements, namely confidentiality, integrity and availability. These patterns aim to ease the task of specifying confidentiality, integrity and availability requirements in monitorable forms by non-expert users. The paper illustrates the use of these patterns using examples of an industrial case study.
2008 The Third International Conference on Internet Monitoring and Protection, 2008
The development of dependable mobile P2P systems is an inherently challenging task since such sys... more The development of dependable mobile P2P systems is an inherently challenging task since such systems may operate in largely uncontrolled environments and may engage new peers or lose existing ones without any form of centralised control. In these circumstances, dependability and security can be enhanced through the runtime monitoring (a.k.a. dynamic verification) of the compliance of the system behaviour against specific dependability and security properties and the execution of control in cases where properties are violated. In this paper we present a framework for the dynamic verification and control of mobile P2P systems, which uses peer-specific monitoring policies to specify application-level properties. The deployment of this framework for monitoring system behaviour adds an extra layer of security and dependability checking, which is independent from checks performed directly by the P2P system that is being monitored. Thus, it makes the system more fault-tolerant and enables event logging that could be used for further analysis and prevention of attacks.
Proceedings. 19th International Conference on Automated Software Engineering, 2004.
This paper proposes a framework for run-time monitoring of the compliance of systems composed of ... more This paper proposes a framework for run-time monitoring of the compliance of systems composed of web-services with requirements set for them. The framework assumes systems composed of web-services which are coordinated by a service composition process expressed in BPEL4WS and uses event calculus to specify the requirements to be monitored. These requirements include behavioural properties of the system which are automatically extracted from the specification of its composition process in BPEL4WS and/or assumptions that system providers can specify in terms of events extracted from this specification. Requirements are checked using a variant of techniques for checking integrity constraints against temporal deductive databases.
IEEE International Conference on Web Services (ICWS 2007), 2007
In this paper we describe a platform that supports context aware runtime service discovery. The p... more In this paper we describe a platform that supports context aware runtime service discovery. The platform supports service discovery based on structural and behavioural service models as well as complex context related service discovery conditions which are specified in a newly introduced query language. During discovery, context information is obtained through a uniform scheme of calling "context operations" and is subsequently used in the evaluation of service discovery queries.
2014 IEEE International Conference on Services Computing, 2014
In this paper, we introduce a hybrid approach for certifying security properties of cloud service... more In this paper, we introduce a hybrid approach for certifying security properties of cloud services that combines monitoring and testing data. The paper argues about the need for hybrid certification and examines some basic characteristics of hybrid certification models.
Security and Dependability for Ambient Intelligence, 2009
AmI considerations lead us to argue that it is essential for Security and Dependability (S&D) mec... more AmI considerations lead us to argue that it is essential for Security and Dependability (S&D) mechanisms to be able to adapt themselves to renewable context conditions in order to be applied to the ever-changing AmI scenarios. The key for this dynamic adaptation relies on the ability to capture the expertise of S&D engineers in such a way that it can be selected, adapted, used and monitored at runtime by automated means. S&D Artefacts proposed in this chapter represent the core of author's approach to precisely model such expertise in form of semantic descriptions. They adopt an integral methodology covering the complete system life cycle going from S&D Classes, mostly used at development time, to S&D Patterns and S&D Implementations, perfectly suited for deployment and runtime use. This chapter traces the foundations and internals of S&D Artefacts, describing how they
Journal of Systems and Software, 2004
The support for traceability between requirement specifications has been recognised as an importa... more The support for traceability between requirement specifications has been recognised as an important task in the development life-cycle of software systems. In this paper, we present a rule-based approach to support the automatic generation of traceability relations between documents which specify requirement statements and use cases (expressed in structured forms of natural language), and analysis object models for software systems. The generation of such relations is based on traceability rules of two different types of traceability rules. More specifically, we use requirement-to-object-model rules to trace the requirements and use case specification documents to an analysis object model, and inter-requirements traceability rules to trace requirement and use case specification documents to each other. By deploying such rules, our approach can generate four different types of traceability relations. To implement and demonstrate our approach, we have implemented a traceability prototype system. This system assumes requirement and use case specification documents and analysis object models represented in XML. It also uses traceability rules are also represented in an XML-based rule markup language that we have developed for this purpose. This XML-based representation framework makes it easier to deploy our prototype in settings characterised by the use of heterogeneous software engineering and requirements management tools. The developed prototype has been used in a series of experiments that we have conducted to evaluate our approach. The results of these experiments have provided encouraging initial evidence about the plausibility of our approach and are discussed in the paper.
The development of dependable mobile P2P systems is an inherently challenging task since such sys... more The development of dependable mobile P2P systems is an inherently challenging task since such systems may operate in largely uncontrolled environments and may engage new peers or lose existing ones without any form of centralised control. In these circumstances, dependability and security can be enhanced through the runtime monitoring (a.k.a. dynamic verification) of the compliance of the system behaviour against specific dependability and security properties and the execution of control in cases where properties are violated. In this paper we present a framework for the dynamic verification and control of mobile P2P systems, which uses peer-specific monitoring policies to specify application-level properties. The deployment of this framework for monitoring system behaviour adds an extra layer of security and dependability checking, which is independent from checks performed directly by the P2P system that is being monitored. Thus, it makes the system more fault-tolerant and enables event logging that could be used for further analysis and prevention of attacks.
The SERENITY monitoring framework offers mechanisms for diagnosing the causes of violations of se... more The SERENITY monitoring framework offers mechanisms for diagnosing the causes of violations of security and dependability (S&D) properties and detecting potential violations of such properties, called ȁCthreats”. Diagnostic information and threat detection are often necessary for deciding what an appropriate reaction to a violation is and taking pre-emptive actions against predicted violations, respectively. In this chapter, we describe the mechanisms of the SERENITY monitoring framework which generate diagnostic information for violations of S&D properties and detecting threats.