Antti Evesti

Knowledge based quality-driven architecture design and evaluation

Modelling and evaluating quality properties of software is of high importance, especially when our every day life depends on the quality of services produced by systems and devices embedded into our surroundings. This paper contributes to the body of research in quality and model driven software engineering. It does so by introducing; (1) a quality aware software architecting approach and (2) a supporting tool chain. The novel approach with supporting tools enables the systematic development of high quality software by merging benefits of knowledge modelling and management, and model driven architecture design enhanced with domain-specific quality attributes. The whole design flow of software engineering is semi-automatic; specifying quality requirements, transforming quality requirements to architecture design, representing quality properties in architectural models, predicting quality fulfilment from architectural models, and finally, measuring quality aspects from implemented source code. The semi-automatic design flow is exemplified by the ongoing development of a secure middleware for peer-to-peer embedded systems.

The reliability estimation, prediction and measuring of component-based software

Reliability is a key driver of safety-critical systems such as health-care systems and traffic controllers. It is also one of the most important quality attributes of the systems embedded into our surroundings, e.g. sensor networks that produce information for business processes. Therefore, the design decisions that have a great impact on the reliability of a software system, i.e. architecture and components, need to be thoroughly evaluated. This paper addresses software reliability evaluation during the design and implementation phases; it provides a coherent approach by combining both predicted and measured reliability values with heuristic estimates in order to facilitate a smooth reliability evaluation process. The approach contributes by integrating the component-level reliability evaluation activities (i.e. the heuristic reliability estimation, model-based reliability prediction and model-based reliability measuring of components) and the system-level reliability prediction activity to support the incremental and iterative development of reliable component-based software systems. The use of the developed reliability evaluation approach with the supporting tool chain is illustrated by a case study. The paper concludes with a summary of lessons learnt from the case studies.

Architecture and Knowledge-Driven Self-Adaptive Security in Smart Space

Dynamic and heterogeneous smart spaces cause challenges for security because it is impossible to anticipate all the possible changes at design-time. Self-adaptive security is an applicable solution for this challenge. This paper presents an architectural approach for security adaptation in smart spaces. The approach combines an adaptation loop, Information Security Measuring Ontology (ISMO) and a smart space security-control model. The adaptation loop includes phases to monitor, analyze, plan and execute changes in the smart space. The ISMO offers input knowledge for the adaptation loop and the security-control model enforces dynamic access control policies. The approach is novel because it defines the whole adaptation loop and knowledge required in each phase of the adaptation. The contributions are validated as a part of the smart space pilot implementation. The approach offers reusable and extensible means to achieve adaptive security in smart spaces and up-to-date access control for devices that appear in the space. Hence, the approach supports the work of smart space application developers.

Comparison of Adaptive Information Security Approaches

Dynamically changing environments and threat landscapes require adaptive information security. Adaptive information security makes it possible to change and modify security mechanisms at runtime. Hence, all security decisions are not enforced at design-time. This paper builds a framework to compare security adaptation approaches. The framework contains three viewpoints, that is, adaptation, security, and lifecycle. Furthermore, the paper describes five security adaptation approaches and compares them by means of the framework. The comparison reveals that the existing security adaptation approaches widely cover the information gathering. However, the compared approaches do not describe how to decide a method to perform a security adaptation. Similarly, means how to provide input knowledge for the security adaptation is not covered. Hence, these research areas have to be covered in the future. The achieved results are applicable for software developers when selecting a security adaptation approach and for researchers when considering future research items.

Ontology-Based Security Adaptation at Run-Time

This paper describes how software is able to autonomously adapt its security mechanisms based on knowledge from security ontology. Security adaptation is required because a software’s environment changes during run-time. Thus, all security requirements cannot be defined beforehand. To achieve security adaptation, we have combined a security ontology that defines security mechanisms, security objectives, and high level security measurements. The run-time security adaptation utilises this security ontology to adapt security mechanisms or their parameters to fulfil security requirements for each environment and usage situation. The novelty of this approach comes from the utilisation of ontologies and security measurements, which makes adaptation flexible. We validate our security adaptation with a case study in a smart space environment. The case study proves that security adaptation is able to work autonomously without other user actions.

Towards micro architecture for security adaptation

Normally, software development practices concentrate to take all security requirements into account at design-time. Nevertheless, todays software products are intended to be used in mobile, or alternatively, in embedded devices whose environment changes during the applications execution. These kinds of changes occur especially in applications used in smart spaces. This enforces to think security concerns more dynamically. Thus, software has to be aware of its 1) security level in each time, and 2) changes in its environment that can cause security threats. Based on this awareness, software has to change its security mechanisms to fulfil security requirements in the current context. A security measurement is a key factor of this awareness. This work presents a micro-architecture for security adaptation and taxonomy of context information affecting to information security in smart spaces. The security measurement is the essential part of the micro-architecture. In addition, taxonomy describes concepts that have to be monitored in the smart space environment.

Situation-based and self-adaptive applications for the smart environment

Situation-based and self-adaptive applications are the key enablers of smart environments and ecosystems. In those environments, developers and users focus on innovating and making added-value applications, instead of solving the problems of interoperability and complexity of heterogeneous systems. This paper contributes by introducing an innovative adaptation framework for the situation-based and self-adaptive applications of smart environments. The framework embodies a novel architecture, generic ontologies for context, security, and performance management, and dynamic models for performing runtime reasoning and adaptation. The framework is intended for an application developer who is i creating application scenarios, and ii transforming the scenarios into annotated sequence diagrams with the help of the static models of the framework, the ontologies, and the rules defined in them. Thereafter, the application developer iii transforms the annotated application behavior description into the selected rule language, SPARQL. The approach is exemplified through the creation of the GuideMe application, which exploits context, security, and performance information to adapt the service according to the quality requirements and the context of the user, as well as the smart environment, without bothering the end-user.

Towards an abstraction layer for security assurance measurements: (invited paper)

Measurement of any complex, operational system is challenging due to the continuous independent evolution of the components. Security risks introduce another dimension of dynamicity, reflected to risk management and security assurance activities. The availability of different measurements and their properties will vary during the overall system lifecycle. To be useful, a measurement framework in this context needs to be able to adapt to both the changes in the target of measurement and in the available measurement infrastructure. In this study, we introduce a taxonomy-based approach for relating the available and attainable measurements to the measurement requirements of security assurance plans by providing an Abstraction Layer that makes it easier to manage these dynamic features. The introduced approach is investigated in terms of a security assurance case example of firewall functionality in a Push E-mail service system.

Grid and Pervasive Computing Workshops

Printed eBook exclusively available to patrons whose library offers Springer’s eBook Collection.*** ▶ € |

OntoArch Approach for Reliability-Aware Software Architecture Development

24.95 ▶ springer.com/mycopy M. Rautiainen, University of Oulu, Oulu, Finland; T. Korhonen, Aalto University, Helsinki, Finland; E. Mutafungwa, Aalto University, Helsinki, Finland; E. Ovaska, VTT Technical Research Centre of Finland, Oulu, Finland; A. Katasonov, VTT Technical Research Centre of Finland, Oulu, Finland; A. Evesti, VTT Technical Research Centre of Finland, Oulu, Finland; H. Ailisto, VTT Technical Research Centre of Finland, Oulu, Finland; A. Quigley, University of St. Andrews, St. Andrews, United Kingdom; J. Häkkilä, Nokia Research Center, Oulu, Finland; N. Milic-Frayling, Microsoft Research, Cambridge, United Kingdom; J. Riekki, University of Oulu, Oulu, Finland (Eds.) Grid and Pervasive Computing Workshops