| 1. |
- Afzal, Wasif, et al.
(författare)
-
The MegaM@Rt2 ECSEL Project : MegaModelling at Runtime — Scalable Model-Based Framework for Continuous Development and Runtime Validation of Complex Systems
- 2017
-
Ingår i: The 2017 Euromicro Conference on Digital System Design DSD'17. - 9781538621462
-
Konferensbidrag (refereegranskat)abstract
- A major challenge for the European electronic industry is to enhance productivity while reducing costs and ensuring quality in development, integration and maintenance. Model-Driven Engineering (MDE) principles and techniques have already shown promising capabilities but still need to scale to support real-world scenarios implied by the full deployment and use of complex electronic components and systems. Moreover, maintaining efficient traceability, integration and communication between two fundamental system life-time phases (design time and runtime) is another challenge facing scalability of MDE. This paper presents an overview of the ECSEL project entitled "MegaModelling at runtime -- Scalable model-based framework for continuous development and runtime validation of complex systems" (MegaM@Rt2), whose aim is to address the above mentioned challenges facing MDE. Driven by both large and small industrial enterprises, with the support of research partners and technology providers, MegaM@Rt2 aims to deliver a framework of tools and methods for: 1) system engineering/design & continuous development, 2) related runtime analysis and 3) global model & traceability management, respectively. The diverse industrial use cases (covering domains such as aeronautics, railway, construction and telecommunications) will integrate and apply such a framework that shall demonstrate the validation of the MegaM@Rt2 solution.
|
|
| 2. |
- Ismaeel, Khaled, et al.
(författare)
-
Security Requirements as Code : Example from VeriDevOps Project
- 2021
-
Ingår i: 2021 IEEE 29th International Requirements Engineering Conference Workshops (REW). - 9781665418980 ; , s. 357-363
-
Konferensbidrag (refereegranskat)abstract
- This position paper presents and illustrates the concept of security requirements as code – a novel approach to security requirements specification. The aspiration to minimize code duplication and maximize its reuse has always been driving the evolution of software development approaches. Object-Oriented programming (OOP) takes these approaches to the state in which the resulting code conceptually maps to the problem that the code is supposed to solve. People nowadays start learning to program in the primary school. On the other hand, requirements engineers still heavily rely on natural language based techniques to specify requirements. The key idea of this paper is: artifacts produced by the requirements process should be treated as input to the regular object-oriented analysis. Therefore, the contribution of this paper is the presentation of the major concepts for the security requirements as the code method that is illustrated with a real industry example from the VeriDevOps project.
|
|
| 3. |
- Saadatmand, Mehrdad, et al.
(författare)
-
Message from ITEQS 2023 Workshop Chairs
- 2023
-
Ingår i: Proceedings - 2023 IEEE 16th International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2023. - : Institute of Electrical and Electronics Engineers Inc.. ; , s. XIX-
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)
|
|
| 4. |
- Sadovykh, Andrey, et al.
(författare)
-
Model-Based System Engineering in Practice : Document Generation - MegaM@Rt2 Project Experience
- 2018
-
Ingår i: CEE-SECR '18 Proceedings of the 14th Central and Eastern European Software Engineering Conference Russia. - New York, NY, USA : ACM. - 9781450361767
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- MegaM@Rt2 project is a collaborative initiative of the ECSEL Joint Undertaking under Horizon 2020 EU programme. The project regroups 26 partners from 6 different European countries who jointly address challenges of engineering modern cyber-physical systems by using model-based engineering methods. Since it is a model-based project, we adopted a similar approach for dealing with requirements analysis, architecture, design, roadmap planning and development status checking. In these tasks, document generation methods were particularly useful to create a set of "live" reference specifications and contractual reports. We believe that these methods perfectly demonstrate relevant benefits of the model-based approach and are applicable to many other contexts. Document generation has several challenges, since the produced documents should address several goals and target different audience. Hence, we describe this approach in detail in this paper in the form of an experience report.In essence, the MegaM@Rt2 project had a rather trivial task to document inception phase of the project. The challenge arises from the scale of the project, we had to deal with hundreds of requirements from completely different users, hundreds of features of 29 tools, which had to be mapped to those requirements in order to analyze a gap and devise a roadmap for a consistent tool chain. With limited resource on technical coordination we had to be extremely efficient and thus we adopted a model-based approach that we describe in this paper. The paper should be helpful to project managers and architects who wish to discuss on model-based approaches from a practical side.
|
|
| 5. |
- Sadovykh, Andrey, et al.
(författare)
-
NLP-based Testing and Monitoring for Security Checking
- 2022
-
Ingår i: TESTING SOFTWARE AND SYSTEMS, ICTSS 2021. - : SPRINGER INTERNATIONAL PUBLISHING AG. - 9783031046735 ; , s. 235-237
-
Konferensbidrag (refereegranskat)abstract
- VeriDevOps aims at bringing together fast and cost-effective security verification through formal modelling and verification, as well as test generation, selection, execution and analysis capabilities to enable companies to deliver quality systems with confidence in a fast-paced DevOps environment. Security requirements are intended to be processed using NLP advanced algorithms in order to deliver formal specifications of security properties to be checked during development and operation of a system under test.
|
|
| 6. |
- Sadovykh, Andrey, et al.
(författare)
-
VeriDevOps : Automated Protection and Prevention to Meet Security Requirements in DevOps
- 2021
-
Ingår i: Design, Automation and Test in Europe Conference, DATE, 2021. - 9783981926354 ; , s. 1330-1333
-
Konferensbidrag (refereegranskat)abstract
- Current software development practices are increasingly based on using both COTS and legacy components which make such systems prone to security vulnerabilities. The modern practice addressing ever changing conditions, DevOps, promotes frequent software deliveries, however, verification methods artifacts should be updated in a timely fashion to cope with the pace of the process. VeriDevOps, Horizon 2020 project, aims at providing a faster feedback loop for verifying the security requirements and other quality attributes of large scale cyber-physical systems. VeriDevOps focuses on optimizing the security verification activities, by automatically creating verifiable models directly from security requirements formulated in natural language, using these models to check security properties on design models and then generating artefacts such as, tests or monitors that can be used later in the DevOps process. The main drivers for these advances are: Natural Language Processing, a combined formal verification and model-based testing approach, and machine-learning-based security monitors. VeriDevOps is in its initial stage - the project started on 1.10.2020 and it will run for three years. In this paper we will present the major conceptual ideas behind the project approach as well as the organizational settings.
|
|
