Leonardo Mostarda

DALICA: Agent-Based Ambient Intelligence for Cultural-Heritage Scenarios

Villa Adriana is an enormous archaeological area where ancient artifacts and modern technology have found an unexpected equilibrium. The old artifacts are huge stone monuments; the modern technology includes PDAs and signals from the Galileo satellite combined with intelligent software agents. As part of the European CUSPIS project (Cultural Heritage Space Identification System, www. cuspis-project.info), we exploited intelligent agents for two ambient-intelligence scenarios applicable to Villa Adriana. One scenario involves cultural assets fruition-the possibility of accessing and enjoying cultural assets. This scenario concerns the dissemination of information about cultural assets; for example, users can visit a museum or archaeological site and receive on their mobile devices appropriate, personalized information about that place. The other scenario involves cultural assets monitoring, which concerns securely transporting cultural assets from the owner organization to a renter organization and back.

Synthesis of correct and distributed adaptors for component-based systems: an automatic approach

Building a distributed system from third-party components introduces a set of problems, mainly related to compatibility and communication. Our approach to solve these problems is to build an adaptor which forces the system to exhibit only a set of safe or desired behaviors. By exploiting an abstract and partial specification of the global behavior that must be enforced, we automatically build a centralized adaptor. It mediates the interaction among components by both performing the specified behavior and, simultaneously, avoiding possible deadlocks. However in a distributed environment it is not always possible or convenient to insert a centralized adaptor. In contrast, building a distributed adaptor might increase the applicability of the approach in a real-scale context. In this paper we show how it is possible to automatically generate a distributed adaptor by exploiting an approach to the definition of distributed IDS (Intrusion Detection Systems) filters developed by us to increase security measures in component based systems. Firstly, by taking into account a high level specification of the global behavior that must be enforced, we synthesize a behavioral model of a centralized adaptor that allows the composed system to only exhibit the specified behavior and, simultaneously, avoid possible unspecified deadlocks. This model represents a lower level specification of the global behavior that is enforced by the adaptor. Secondly, by taking into account the synthesized adaptor model, we generate a set of component filters that validate the centralized adaptor behavior by simply looking at local information. In this way we address the problem of mechanically generating correct and distributed adaptors for real-scale component-based systems.

A policy-based publish/subscribe middleware for sense-and-react applications

Abstract: With the inclusion of actuators on wireless nodes, Wireless Sensor Networks (WSNs) are starting to change from sense-and-report platforms to sense-and-react platforms. Applications for such platforms are characterised by actuator nodes that are able to react to data collected by sensor nodes. Sensor and actuator nodes use a variety of interactions, for example, intra-node, inter-node (1-hop to n-hop), and global (all nodes). As a result, the functionality that coordinates the activities of the different nodes towards common goals has to be efficiently distributed in the WSN itself. In addition, multiple sense-and-react applications are being deployed within the same WSN, with each application characterised by different requirements and constraints. The design and implementation of these applications is becoming an increasingly complex task that would benefit from new approaches. In this article, we describe a novel middleware that separates the interaction behaviour of sense-and-react WSN applications from the components that implement the basic functionalities (sensing, reacting, computation, storage). This is achieved using policies that govern the interaction behaviour of sense-and-react WSN applications. The middleware is composed of a Policy Manager, a Publish/Subscribe Broker, and a set of Extensions that reside on each node. The broker manages subscription information, while extensions provide mechanisms orthogonal to the publish/subscribe core including diffusion protocols, data communication protocols, and data encryption. We conduct a detailed evaluation of the performance of our framework and show that the framework is close to TinyOS in performance but leads to more explicit and flexible application designs.

Synthesis of decentralized and concurrent adaptors for correctly assembling distributed component-based systems

Building a distributed system from third-party components introduces a set of problems, mainly related to compatibility and communication. Our existing approach to solve such problems is to build a centralized adaptor which restricts the systems behavior to exhibit only deadlock-free and desired interactions. However, in a distributed environment such an approach is not always suitable. In this paper, we show how to automatically generate a distributed adaptor for a set of black-box components. First, by taking into account a specification of the interaction behavior of each component, we synthesize a behavioral model for a centralized glue adaptor. Second, from the synthesized adaptor model and a specification of the desired behavior that must be enforced, we generate one local adaptor for each component. The local adaptors cooperatively behave as the centralized one restricted with respect to the specified desired interactions.

Distributed Orchestration of Pervasive Services

Pervasive systems are increasingly being designed using a service-oriented approach where services are distributed across wireless devices of varying capabilities. Service orchestration is a simple and popular method to coordinate web-based services but introduces a single point of failure and lacks the flexibility to cope with the greater variability of pervasive environments. Choreography in contrast advocates explicitly modelling systems as interacting peers that conform to rules of interaction. Choreography offers greater reliability and flexibility but leads to systems that are much harder to validate. In this paper we describe a novel intermediate approach, where given a logically centralised service orchestration, we automatically generate a distributed implementation that correctly enforces the orchestration behaviour. Our system handles all the synchronisation and consensus issues and ensures correctness. The system also incorporates a number of abstractions for grouping pervasive peers and coordinating pervasive peer-to-peer interactions.

Distributed Intrusion Detection Systems for Enhancing Security in Mobile Wireless Sensor Networks

We present an approach to provide Intrusion Detection Systems (IDS) facilities into Wireless Sensors Networks (WSN). WSNs are usually composed of a large number of low power sensors. They require a careful consumption of the available energy in order to prolong the lifetime of the network. From the security point of view, the overhead added to standard protocols must be as light as possible according to the required security level. Starting from the DESERT tool [14, 16, 25] which has been proposed for component-based software architectures, we derive a new framework that permits to dynamically enforce a set of properties of the sensors behavior. This is accomplished by an IDS specification that is automatically translated into few lines of code installed in the sensors. This realizes a distributed system that locally detects violation of the sensors interactions policies and is able to minimize the information sent among sensors in order to discover attacks across the network.

ESCAPE: A Component-Based Policy Framework for Sense and React Applications

Sense-and-react applications are characterised by the fact that actuators are able to react to data collected by sensors and change the monitored environment. With the introduction of nodes sporting actuators, Wireless Sensor Networks (WSNs) are being used for realising such applications. Sensor and actuator nodes are capable of interact locally. As a result, the logic that coordinates the activities of the different nodes towards a common goals has to be embedded in the network itself. In this scenario, the development of applications becomes more complex. In this paper, we present a component-based framework that facilitates the development of sense-and-react applications promoting reuse of code. While applications components are used to implement basic functionalities (sense and reaction) our framework allows the specification of application-domain requirements. Our framework is composed of a Publish/Subscribe Broker, a component-based service layer and a Policy Manager. The broker manages subscriptions information and the service layer provides mechanisms orthogonal to publish/subscribe core (e.g., diffusion protocols, data communication protocols, data encryption, etc.). The novelty of our approach is the introduction of the Policy Manager where policies are enforced. Policies are rules that govern the choices and behaviour of the system. They can be used for specifying which services have to be associated with the broker operations. Moreover, policies can embed rules for coordinating the activities of the different sensors and actuators for reaching the common goals of applications.

Distributed IDSs for enhancing Security in Mobile Wireless Sensor Networks

We present an approach to provide intrusion detection systems (IDS) facilities into wireless sensors networks (WSN). WSNs are usually composed of a large number of low power sensors. They require a careful consumption of the available energy in order to prolong the lifetime of the network. From the security point of view, the overhead added to standard protocols must be as light as possible according to the required security level. Starting from the DESERT tool (P. Inverardi et al., 2005) which has been proposed for component-based software architectures, we derive a new framework that permits to dynamically enforce a set of properties of the sensors behavior. This is accomplished by an IDS specification that is automatically translated into few lines of code installed in the sensors. This realizes a distributed system that locally detects violation of the sensors interactions policies and is able to minimize the information sent among sensors in order to discover attacks over the network

Path Loss Effect on Energy Consumption in a WSN

Energy consumption of nodes is a crucial factor that constrains the networks life time for Wireless Sensor Networks (WSNs). WSNs are composed of small sensors equipped with low-power devices, and have limited battery power supply. The main concern in existing architectural and optimisation studies is to prolong the network lifetime. The lifetime of the sensor nodes is affected by different components such as the microprocessor, the sensing module and the wireless transmitter/receiver. The existing works mainly consider these components to decide on best deployment, topology, protocols and so on. Recent studies have also considered the monitoring and evaluation of the path loss caused by environmental factors. Path loss is always considered in isolation from the higher layers such as application and network. It is necessary to combine path loss computations used in physical layer, with information from upper layers such as application layer for a more realistic evaluation. In this paper, a simulation-based study is presented that uses path-loss model and application layer information in order to predict the network lifetime. Physical environment is considered as well. We show that when path-loss is introduced, increasing the transmission power is needed to reduce the amount of packets lost. This presents a tradeoff between the residual energy and the successful transmission rate when more realistic settings are employed for simulation. It is a challenging task to optimise the transmission power of WSNs, in presence of path loss, because although increasing the transmission power reduces the residual energy, it also reduces the number of retransmissions required.

A distributed intrusion detection approach for secure software architecture

This paper illustrates an approach to add security policies to a component-based system. We consider black-box-components-based applications, where each component can run concurrently in a different domain. The problem we want to face is to detect at run time that a component might start interacting with the other components in an anomalous way trying to subvert the application. This problem cannot be identified statically because we must take into account the fact that a component can be modified for malicious purposes at run time once deployed. We propose a specification-based approach to detect intrusions at architectural level. The approach is decentralized, that is given a global policy for the whole system, i.e. a set of admissible behaviors, we automatically generate a monitoring filter for each component that looks at local information of interest. Filters then suitably communicate in order to carry on cooperatively the validation of the global policy. With respect to centralized monitors, this approach increases performance, security and reliability and allows the supervision of complex applications where no centralized point of information flow exists or can be introduced.