Marco Mori

Perpetual Assurances for Self-Adaptive Systems

Providing assurances for self-adaptive systems is challenging. A primary underlying problem is uncertainty that may stem from a variety of different sources, ranging from incomplete knowledge to sensor noise and uncertain behavior of humans in the loop. Providing assurances that the self-adaptive system complies with its requirements calls for an enduring process spanning the whole lifetime of the system. In this process, humans and the system jointly derive and integrate new evidence and arguments, which we coined perpetual assurances for self-adaptive systems. In this paper, we provide a background framework and the foundation for perpetual assurances for self-adaptive systems. We elaborate on the concrete challenges of offering perpetual assurances, requirements for solutions, realization techniques and mechanisms to make solutions suitable. We also present benchmark criteria to compare solutions. We then present a concrete exemplar that researchers can use to assess and compare approaches for perpetual assurances for self-adaptation.

On the impact of emergent properties on SoS security

Cyber security is becoming more and more relevant with the advent of System of Systems (SoSs). The latter are large scale systems made of independent and autonomous Constituent Systems which interoperate to achieve higher level goals also with the intervention of humans. Providing security in a cyber-physical SoS means, among other features, forecasting and anticipating evolving SoS functionalities and consequently detecting emerging phenomena resulting from the interactions among entailed Constituent Systems. This paper clarifies the relations occurring among SoS evolution, emergence phenomena and security requirements. We show how to enact an evolution step by means of changing SoS functionalities and how to perform the threat analysis consequently. An illustrative scenario in the Smart City domain shows how to dynamically generate security guarantees according to the evolving SoS thus supporting the enactment of mitigation strategies from SoS administrators.

A Holistic Viewpoint-Based SysML Profile to Design Systems-of-Systems

In recent decades more and more efforts have been devoted in supporting the design of Systems-of-Systems (SoSs). These systems are composed of autonomous Constituent Systems (CSs) which are integrated together to achieve a higher level goal that cannot be achieved by any of its CSs in isolation. Designing such an SoS is a multidisciplinary problem which involves considering emergent phenomena, assuring the achievement of dependability and security requirements, guaranteeing system responsiveness, supporting dynamicity and evolution and multi-criticality of provided services. We believe that a first step towards a viable design approach is to provide a conceptual model of SoSs which captures SoS concepts (e.g., methods, characteristics, and technologies related to SoSs) and their inter-relationships. Such a conceptual model should enhance the understandability of SoSs to stakeholders and provide the basis for further automated analysis. In this context, the AMADEOS European project is bringing together researchers and practitioners to provide the support to design SoSs starting from the definition of a domain specific ontology serving as a vocabulary for SoSs. Our contribution consists of semi-formalizing the key SoS concepts and relationships defined in AMADEOS adopting a SysML visual modeling language. We propose a SysML profile for SoSs and we show its applicability in a Smart Grid scenario.

Systems‐of‐systems modeling using a comprehensive viewpoint‐based SysML profile

In recent years, more and more efforts have been devoted in supporting the design of systems‐of‐systems (SoS). Designing such systems is a multidisciplinary problem which involves considering emergent phenomena, assuring the achievement of dependability/security requirements, guaranteeing system responsiveness, and supporting dynamicity/evolution and multicriticality of provided services. A first step towards a viable design approach is to provide a conceptual model of SoS which captures SoS concepts, and their interrelationships aiming at enhancing the understandability of SoS to stakeholders and providing the basis for further automated analysis. In this context, the AMADEOS European project is bringing together researchers and practitioners to provide the support to design SoS starting from the definition of a domain specific ontology serving as a vocabulary for SoS. Our contribution consists in the modeling of the key SoS concepts and relationships defined in AMADEOS adopting a systems modeling language visual modeling language. We propose a systems modeling language profile for SoS, and we show its applicability in a Smart Grid scenario. We show how to use the profile in a model‐driven engineering process to support different types of analyses, and we discuss how to integrate the profile in a user‐friendly model‐driven engineering tool for SoS rapid modeling, validation, code‐generation, and simulation.

System-of-Systems to Support Mobile Safety Critical Applications: Open Challenges and Viable Solutions

A dramatic shift in system complexity is occurring, bringing monolithic system designs to be progressively replaced by modular approaches. In the latest years, this trend has been emphasized by the system of systems (SoS) concept, in which a complex system or application is the result of the integration of many independent, autonomous constituent systems (CS), brought together in order to satisfy a global goal under certain rules of engagement. The overall behavior of the SoS, emerging from such complex interactions and dependencies, poses several threats in terms of dependability, timeliness, and security, due to the challenging operating and environmental conditions caused by mobility, wireless connectivity, and the use of off-the-shelf components. Referring to our experience in mobile safety-critical applications gained from three different research projects, in this paper, we illustrate the challenges and benefits posed by the adoption of an SoS approach in designing, developing, and maintaining mobile safety-critical applications, and we report on some possible solutions.

AMADEOS SysML Profile for SoS Conceptual Modeling

In the European Union FP7-610535-AMADEOS project, a conceptual model for Systems of Systems (SoSs) has been conceived to find a common language allowing experts to collaborate on modelling, engineering, and analyzing SoSs (see public deliverable D2.3 “AMADEOS conceptual model - Revised” [1]).

Introducing Meta-Requirements for Describing System of Systems

Complex, evolutionary systems operating in an open world can be seen as a composition of components which interact each other in order to fulfill their requirements. Following this vision, Systems of Systems (SoSs) literature aims at supporting the life of such complex systems taking into account key viewpoints such as emergence, time, mobility, evolution, dynamicity. Although different attempts can be found in the literature to address mostly specific viewpoints separately, it is still missing a unifying approach to analyze the whole set of viewpoints and their relationships, based on the identification of meta-requirements that can be exploited to describe any System of Systems (SoS). To this end, we developed a unifying meta-requirements model to describe SoSs viewpoints and relate them. The model is meant to be used to support the derivation of the requirements for any SoS. This paper introduces the problem, and presents the main notions of the meta-requirements model with the support of a domain-specific scenario.

A Tool for Evolutionary Threat Analysis of Smart Grids

Cyber-security is becoming more and more relevant with the advent of large-scale systems made of independent and autonomous constituent systems that interoperate to achieve complex goals. Providing security in such cyber-physical systems means, among other features, identifying threats generated by novel detrimental behaviors. This paper presents a tool based on a methodology that is intended to support city evolution and energy planning with a focus on threats due to novel and existing interconnections among different components. More in detail, we report a tool demonstration which shows the application of a tool devised to (i) deal with security threats arising due to evolutions in a Smart City - intended as a complex cyber-physical system -, and (ii) consequently perform threat analysis.

Threat Analysis in Systems-of-Systems: An Emergence-Oriented Approach

Cyber-physical Systems of Systems (SoSs) are large-scale systems made of independent and autonomous cyber-physical Constituent Systems (CSs) which may interoperate to achieve high-level goals also with the intervention of humans. Providing security in such SoSs means, among other features, forecasting and anticipating evolving SoS functionalities, ultimately identifying possible detrimental phenomena that may result from the interactions of CSs and humans. Such phenomena, usually called emergent phenomena, are often complex and difficult to capture: the first appearance of an emergent phenomenon in a cyber-physical SoS is often a surprise to the observers. Adequate support to understand emergent phenomena will assist in reducing both the likelihood of design or operational flaws, and the time needed to analyze the relations amongst the CSs, which always has a key economic significance. This article presents a threat analysis methodology and a supporting tool aimed at (i) identifying (emerging) threats in evolving SoSs, (ii) reducing the cognitive load required to understand an SoS and the relations among CSs, and (iii) facilitating SoS risk management by proposing mitigation strategies for SoS administrators. The proposed methodology, as well as the tool, is empirically validated on Smart Grid case studies by submitting questionnaires to a user base composed of 3 stakeholders and 18 BSc and MSc students.

AMADEOS Framework and Supporting Tools

This chapter defines the overall tool-supported “AMADEOS architectural framework”, with its main building blocks and interfaces. It particularly focuses on Structure, Dependability, Security, Emergence, and Multi-criticality viewpoints of an SoS.