5 result(s)
Page Size: 10, 20, 50
Export: bibtex, xml, json, csv
Order by:

CNR Author operator: and / or
Typology operator: and / or
Language operator: and / or
Date operator: and / or
Rights operator: and / or
2020 Conference object Open Access OPEN

EDUFYSoS: A Factory of Educational System of Systems Case Studies
Bertolino A., De Angelis G., Lonetti F., De Oliveira Neves V., Olivero M. A.
We propose a factory of educational System of Systems (SoS) case studies that can be used for evaluating SoS research results, in particular in SoS testing. The factory includes a first set of constituent systems that can collaborate within different SoS architectures to accomplish different missions. In the paper, we introduce three possible SoSs and outline their missions. For more detailed descriptions, diagrams and the source code, we refer to the online repository of EDUFYSoS. The factory is meant to provide an extensible playground, which we aim to grow to include more systems and other missions with the support of the community.Source: IEEE 15th Int. Conf. of System of Systems Engineering (SoSE), Budapest, Ungheria, 2-5/06/2020
DOI: 10.1109/SoSE50414.2020.9130551

See at: ISTI Repository Open Access | DOI Resolver | ieeexplore.ieee.org | CNR People


2019 Conference object Open Access OPEN

Addressing Security Properties in Systems of Systems: Challenges and Ideas
Olivero M. A., Bertolino A., Dominguez-mayo F. J., Escalona M. J., Matteucci I.
Within growing pervasive information systems, Systems of Systems (SoS) emerge as a new research frontier. A SoS is formed by a set of constituent systems that live on their own with well-established functionalities and requirements, and, in certain circumstances, they must collaborate to achieve a common mission. In this scenario, security is one crucial property that needs to be considered since the early stages of SoS lifecycle. Unfortunately, SoS security cannot be guaranteed by addressing the security of each constituent system separately. The aim of this paper is to discuss the challenges faced in addressing the security of SoS and to propose some research ideas centered around the notion of a mission to be carried out by the SoS.Source: SERENE 2019 - 11th International Workshop on Software Engineering for Resilient Systems, pp. 138–146, Napoli, Italy, 17 September, 2019
DOI: 10.1007/978-3-030-30856-8_10

See at: ISTI Repository Open Access | Unknown Repository Restricted | Unknown Repository Restricted | Unknown Repository Restricted | Unknown Repository Restricted | DOI Resolver | link.springer.com | CNR People


2019 Conference object Open Access OPEN

Security assessment of systems of systems
Olivero M. A., Bertolino A., Domínguez Mayo F. J., Escalona M. J., Matteucci I.
Engineering Systems of Systems is one of the new challenges of the last few years. This depends on the increasing number of systems that must interact one with another to achieve a goal. One peculiarity of Systems of Systems is that they are made of systems able to live on their own with well-established functionalities and requirements, and that are not necessarily aware of the joint mission or prepared to collaborate. In this emergent scenario, security is one crucial aspect that must be considered from the very beginning. In fact, the security of a System of Systems is not automatically granted even if the security of each constituent system is guaranteed. The aim of this paper is to address the problem of assessing security properties in Systems of Systems. We discuss the specific security aspects of such emergent systems, and propose the TeSSoS approach, which includes modelling and testing security properties in Systems of Systems and introduces the Red and Blue Requirements Specification concepts.Source: SESoS 2019 - 2019 IEEE/ACM 7th International Workshop on Software Engineering for Systems-of-Systems and WDES 2019 - 13th Workshop on Distributed Software Development, Software Ecosystems and Systems-of-Systems, pp. 62–65, Montreal, Quebec, Canada, 28-28 May, 2019
DOI: 10.1109/SESoS/WDES.2019.00017

See at: ISTI Repository Open Access | Unknown Repository Restricted | Unknown Repository Restricted | Unknown Repository Restricted | Unknown Repository Restricted | Unknown Repository Restricted | Unknown Repository Restricted | Unknown Repository Restricted | DOI Resolver | ieeexplore.ieee.org | CNR People


2020 Article Restricted

MDWA: a model-driven Web augmentation approach--coping with client- and server-side support
Urbieta M., Firmenich S., Bosetti G., Maglione P., Rossi G., Olivero M. A.
Web augmentation is a set of techniques allowing users to define and execute software which is dependent on the presentation layer of a concrete Web page. Through the use of specialized Web augmentation artifacts, the end users may satisfy several kinds of requirements that were not considered by the analysts, developers and stakeholders that built the application. Although some augmentation approaches are contemplating a server-side counterpart (to support aspects such as collaboration or cross-browser session management), the augmentation artifacts are usually purely client-side. The server-side support increases the capabilities of the augmentations, since it may allow sharing information among users and devices. So far, this support is often defined and developed in an ad hoc way. Although it is clear that server-side support brings new possibilities, it is also true that developing and deploying server-side Web applications is a challenging task that end users hardly may handle. This work presents a novel approach for designing Web augmentation applications based on client-side and server-side components. We propose a model-driven approach that raises the abstraction level of both, client- and server-side developments. We provide a set of tools for designing the composition of the core application with new features on the back-end and the augmentation of pages in the front-end. The usability and the value of the produced augmentations have been evaluated through two experiments involving 30 people in total.Source: Software and systems modeling (Print) (2020). doi:10.1007/s10270-020-00779-5
DOI: 10.1007/s10270-020-00779-5

See at: Software & Systems Modeling Restricted | Software & Systems Modeling Restricted | Software & Systems Modeling Restricted | Software & Systems Modeling Restricted | Software & Systems Modeling Restricted | DOI Resolver | link.springer.com | CNR People


2020 Article Restricted

Digital persona portrayal: identifying pluridentity vulnerabilities in digital life
Olivero M. A., Bertolino A., Dominguez-mayo F. J., Escalona M. J., Matteucci I.
The increasing use of the Internet for social purposes enriches the data available online about all of us and promotes the concept of the Digital Persona. Actually, most of us are represented online by more than one identity, what we define here as a Pluridentity. This trend brings increased risks: it is well known that the security of a Digital Persona can be exploited if its data and security are not effectively managed. In this paper, we focus specifically on a new type of digital attack that can be perpetrated by combining pieces of data belonging to one same Pluridentity in order to profile their target. Some victims can be so accurately depicted when looking at their Pluridentity that by using the gathered information attackers can execute very personalized social engineering attacks, or even bypass otherwise safe security mechanisms. We characterize these Pluridentity attacks as a security issue of a virtual System of Systems, whose constituent systems are the individual identities and the humans themselves. We present a strategy to identify vulnerabilities caused by overexposure due to the combination of data from the constituent identities of a Pluridentity. To this end we introduce the Digital Persona Portrayal Metamodel, and the related Digital Pluridentity Persona Portrayal Analysis process that supports the architecting of data from different identities: such model and process can be used to identify the vulnerabilities of a Pluridentity due to its exploitation as a System of Systems. The approach has been validated on the Pluridentities of seventeen candidates selected from a data leak, by retrieving the data of their Digital Personae, and matching them against the security mechanisms of their Pluridentities. After analyzing the results for some of the analyzed subjects we could detect several vulnerabilities.Source: Journal of Information Security and Applications 52 (2020). doi:10.1016/j.jisa.2020.102492
DOI: 10.1016/j.jisa.2020.102492

See at: Journal of Information Security and Applications Restricted | Journal of Information Security and Applications Restricted | Journal of Information Security and Applications Restricted | DOI Resolver | CNR People | www.sciencedirect.com