Requirements-driven mediation for collaborative security

Bennaceur, Amel; Bandara, Arosha K.; Jackson, Michael; Wei, Liu; Montrieux, Lionel; Tun, Thein Than; Yu, Yijun; Nuseibeh, Bashar

doi:10.1145/2593929.2593938

Cited by 11 publications

(7 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The algorithm for mediator synthesis (Algorithm 1) starts by checking the basic configuration where G s is satisfied in the initial states (Lines 1-5). The algorithm then systematically explores the state space of the composition of the projected capabilities (C i for simplicity) to synthesise a mediator (Lines [6][7][8][9][10][11][12][13][14][15][16][17][18][19][20]. This exploration is guided by the selection of a capability whose initial state s 0 k will be further examined (Line 7).…”

Section: Supporting Collaborative Security In the Internet Of Things mentioning

confidence: 99%

“…In the context of cyber-physical systems, we particularly focus on physical security, that is the protection of material assets from physical attacks (e.g., theft) [52]. In a previous position paper [6], we propose collaborative security whereby both the selection and implementation of countermeasures are performed at runtime. In this paper, we propose and elaborate a framework for collaborative security that composes the capabilities of multiple, potentially heterogeneous, devices with variable (configurable) behaviours, in order to satisfy their requirements.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Feature-Driven Mediator Synthesis

Bennaceur

Tun

Bandara

et al. 2018

ACM Trans. Cyber-Phys. Syst.

Self Cite

View full text Add to dashboard Cite

As the number, complexity, and heterogeneity of connected devices in the Internet of Things (IoT) increase, so does our need to secure these devices, the environment in which they operate, and the assets they manage or control. Collaborative security exploits the capabilities of these connected devices and opportunistically composes them in order to protect assets from potential harm. By dynamically composing these capabilities, collaborative security implements the security controls that satisfy both security and non-security requirements. However, this dynamic composition is often hampered by the heterogeneity of the devices available in the environment and the diversity of their behaviours. In this paper we present a systematic, tool-supported approach for collaborative security where the analysis of requirements drives the opportunistic composition of capabilities in order to realise the appropriate security control in the operating environment. This opportunistic composition is supported through a combination of feature modelling and mediator synthesis. We use features and transition systems to represent and reason about capabilities and requirements. We formulate the selection of the optimal set of features to implement adequate security control as a multi-objective constrained optimisation problem and use constraint programming to solve it efficiently. The selected features are then used to scope the behaviours of the capabilities and thereby restrict the state space for synthesising the appropriate mediator. The synthesised mediator coordinates the behaviours of the capabilities to satisfy the behaviour specified by the security control. Our approach ensures that the implemented security controls are the optimal ones given the capabilities available in the operating environment. We demonstrate the validity of our approach by implementing a Feature-driven medIation for Collaborative Security (FICS) tool and applying it to a collaborative robots case study.

show abstract

Section: Supporting Collaborative Security In the Internet Of Things mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Feature-Driven Mediator Synthesis

Bennaceur

Tun

Bandara

et al. 2018

ACM Trans. Cyber-Phys. Syst.

Self Cite

View full text Add to dashboard Cite

show abstract

“…Related to this work in self-adaptive software systems, Bennaceur et al [9] propose a vision to support collaborative security by mediating emerging components in an environment such that the constraints of individual components may be complemented or compensated by another to achieve opportunistic benefit such as availability and resilience. This work adds to the vision that social collaboration could happen among people when their constraints can be formally modeled and reasoned about.…”

Section: Related Workmentioning

confidence: 99%

O2O service composition with social collaboration

Qian

Peng

Sun

et al. 2017

2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)

Self Cite

View full text Add to dashboard Cite

In Online-to-Offline (O2O) commerce, customer services may need to be composed from online and offline services. Such composition is challenging, as it requires effective selection of appropriate services that, in turn, support optimal combination of both online and offline services. In this paper, we address this challenge by proposing an approach to O2O service composition which combines offline route planning and social collaboration to optimize service selection. We frame general O2O service composition problems using timed automata and propose an optimization procedure that incorporates: (1) a Markov Chain Monte Carlo (MCMC) algorithm to stochastically select a concrete composite service, and (2) a model checking approach to searching for an optimal collaboration plan with the lowest cost given certain time constraint. Our procedure has been evaluated using the simulation of a rich scenario on effectiveness and scalability.

show abstract

“…Salehie et al [46] propose an approach in which a runtime model that combines goals, threats, and assets models is used to evaluate the cost and benefit of applying each security control (i.e., the mechanism that needs to be deployed in order to protect assets from harm) and choosing the most appropriate one. Collaborative security [2] uses mediation to implement the appropriate security controls by composing components' capabilities at runtime.…”

Section: E M Rmentioning

confidence: 99%