Multi-model run-time security analysis - April 2016

Public Audience
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

PI(s): Jurgen Pfeffer
Co-PI(s): David Garlan, Bradley Schmerl

1) HARD PROBLEM(S) ADDRESSED (with short descriptions)

• Composability through multiple semantic models (here, architectural, organizational, and behavioral), which provide separation of concerns, while supporting synergistic benefits through integrated analyses.
• Scalability to large complex distributed systems using architectural models.
• Resilient architectures through the use of adaptive models that can be used at run-time to predict, detect and repair security attacks.
• Predictive security metrics by adapting social network-based metrics to the problem of architecture-level anomaly detection.

2) PUBLICATIONS

Hemank Lamba, Thomas J. Glazier, Bradley Schmerl, Javier Camara, David Garlan and Jurgen Pfeffer. A Model-based Approach to Anomaly Detection in Software Architectures.. Poster at Symposium and Bootcamp on the Science of Security (HotSoS), 2016.

Javier Camara, David Garlan, Gabriel A. Moreno and Bradley Schmerl. Evaluating Trade-Offs of Human Involvement in Self-Adaptive Systems. In Ivan Mistrik, Nour Ali, John Grundy, Rick Kazman and Bradley Schmerl editors, Managing Trade-Offs in Self-Adaptive Systems, Elsevier, 2016. To appear.

3) KEY HIGHLIGHTS

We have developed the first version of software to convert software architecture descriptions into network descriptions that are suitable to simulation in social network analysis and simulation.