CINI Presentation Francesca Matarese SESM Naples, 20th December 2011

N APLES, 20 TH D ECEMBER 2011 ::.. Research Team VER – Francesca MatareseER – Gabriella Carrozza ER – Aniello Napolitano ER - Przemyslaw Osocha (new recruited) Research Team is composed by one VER and three ERs.

N APLES, 20 TH D ECEMBER 2011 ::.. Secondments During the first half of the project, SESM researchers made secondments towards FCTUC and CINI for a total of 9 person-months: 2 months at CINI and 7 months at FCTUC. The VER within the team have spent 1,75 months as secondments, while the remaining 7,25 months are secondments performed by ERs. VER-1 (Ms. Francesca Matarese)SESMCINI/UoN 0,5 VER-1 (Ms. Francesca Matarese)SESMFCTUC 0,25 ER-2 (dr. Gabriella Carrozza)SESMCINI/UoN 0,5 ER-2 (dr. Gabriella Carrozza)SESMFCTUC 0,25 ER-3 (dr. Aniello Napolitano)SESMFCTUC 1110,5 1

N APLES, 20 TH D ECEMBER 2011 ::.. Secondments During the first half of the project, SESM researchers made secondments towards FCTUC and CINI for a total of 9 person-months: 2 months at CINI and 7 months at FCTUC. The VER within the team have spent 1,75 months as secondments, while the remaining 7,25 months are secondments performed by ERs. We didn’t spend all the planned budget for the first half of the project. Few secondment periods have been moved to third year. Monthly living and mobility allowance (A) Travel allowance (B) Career exploratory allowance (C) Contribution to the participation expenses of eligible researchers (D) Contribution to the research/ training/tran sfer of knowledge programme expenses (E) Contribution to the organisation of international conferences, workshops and events (F) Management activities (including audit certification) (G) Contribution to overheads (H) Other types of eligible expenses / specific conditions (I) Total Year , , , ,000, , , ,71 Year , ,000, ,000, , , ,37 VER-1 (Ms. Francesca Matarese)SESMCINI/UoN 0,5 VER-1 (Ms. Francesca Matarese)SESMFCTUC 0,25 ER-2 (dr. Gabriella Carrozza)SESMCINI/UoN 0,5 ER-2 (dr. Gabriella Carrozza)SESMFCTUC 0,25 ER-3 (dr. Aniello Napolitano)SESMFCTUC 1110,5 1

N APLES, 20 TH D ECEMBER 2011 ::.. ToK to support SESM research activities

N APLES, 20 TH D ECEMBER 2011 ::.. ToK to support SESM research activities SESM is involved in several activities that concern the assessment of availability and reliability (e.g. safety) of software and middleware for Air Navigation Service (ANS) systems. The following projects are of particular interest at the moment: Further development of FP6 SWIM-SUIT (System Wide Information Management Supported by Innovative Technologies) project SESAR (Single European Sky ATM Research) WP10.1 ATC System and Supervision Definition (Project ATC Systems Supervision focuses on the monitoring, control and recovery of the whole ATC infrastructure ) WP12.1 Overall Airport Systems Specification (Project ATC Systems Supervision focuses on the problem of redefining airports supervision principles and processes according to a service oriented perspective, in order to ensure that the provided airport services are always delivered with the required QoS levels); Safety and Security Assessment of ANS systems pSHIELD ARTEMIS project, related to Security, Privacy and Dependability of Embedded Systems

N APLES, 20 TH D ECEMBER 2011 ::.. Past/Current Activities Activities supported by Critical STEP and conducted by SESM involve FCTUC and CINI. Hosting/ Visiting Activities CINI-SESMMonitoring and diagnostic techniques of failures into large and distributed systems (A.Bovenzi, G.Carrozza) SESM-CINIAutomatic Robustness Testing for DDS compliant products (G.Carrozza, A.Napolitano, C.Esposito, A.Bovenzi) FCTUC-SESMSW Fault Injection tool for Java (J.Duraes, A.Napolitano SESM-FCTUCSecurity threats modelling; maturity model for security (J.Fonseca, F.Matarese) Intrusion Detection System for dB (J.Fonseca, A.Napolitano) Automatic robustness testing of complex web-services (WSRTesting tool) (M.Vieira, G.Carrozza, N.Laranjeiro, A.Napolitano) Automatic reconfiguration mechanisms for ES dependability (J.Cunha, P.Osocha)

Hosting/ Visiting Activities CINI-SESMMonitoring and diagnostic techniques of failures into large and distributed systems (A.Bovenzi, G.Carrozza) SESM-CINIAutomatic Robustness Testing for DDS compliant products (G.Carrozza, A.Napolitano, C.Esposito, A.Bovenzi) FCTUC-SESMSW Fault Injection tool for Java (J.Duraes, A.Napolitano SESM-FCTUCSecurity threats modelling; maturity model for security (J.Fonseca, F.Matarese) Intrusion Detection System for dB (J.Fonseca, A.Napolitano) Automatic robustness testing of complex web-services (WSRTesting tool) (M.Vieira, G.Carrozza, N.Laranjeiro, A.Napolitano) Automatic reconfiguration mechanisms for ES dependability (J.Cunha, P.Osocha) N APLES, 20 TH D ECEMBER 2011 ::.. Past/Current Activities Activities supported by Critical STEP and conducted by SESM involve FCTUC and CINI. -To make the monitoring and diagnostic stages feasible against the failures of sub-components such as data distribution systems and application server, involved heavy into aforementioned projects; -Definition of suitable metrics and supervision system requirements for tailoring the performance of above tools on SESM’s needs mainly addressed to increase the reliability of those applications that make use of COTS components. -Definition of a set of fault locations and fault triggers to emulate high-level failures.

Hosting/ Visiting Activities CINI-SESMMonitoring and diagnostic techniques of failures into large and distributed systems (A.Bovenzi, G.Carrozza) SESM-CINIAutomatic Robustness Testing for DDS compliant products (G.Carrozza, A.Napolitano, C.Esposito, A.Bovenzi) FCTUC-SESMSW Fault Injection tool for Java (J.Duraes, A.Napolitano SESM-FCTUCSecurity threats modelling; maturity model for security (J.Fonseca, F.Matarese) Intrusion Detection System for dB (J.Fonseca, A.Napolitano) Automatic robustness testing of complex web-services (WSRTesting tool) (M.Vieira, G.Carrozza, N.Laranjeiro, A.Napolitano) Automatic reconfiguration mechanisms for ES dependability (J.Cunha, P.Osocha) N APLES, 20 TH D ECEMBER 2011 ::.. Past/Current Activities Activities supported by Critical STEP and conducted by SESM involve FCTUC and CINI. -Definition of a fault injection approach for data distribution systems by mans of invalid inputs to the middleware API; -Development of a proper tool, which allows to access the robustness degree of middleware’s compliant with DDS standard (Java Fault Injection Tool – JFIT); -Investigation on the proper workload and triggers.

Hosting/ Visiting Activities CINI-SESMMonitoring and diagnostic techniques of failures into large and distributed systems (A.Bovenzi, G.Carrozza) SESM-CINIAutomatic Robustness Testing for DDS compliant products (G.Carrozza, A.Napolitano, C.Esposito, A.Bovenzi) FCTUC-SESMSW Fault Injection tool for Java (J.Duraes, A.Napolitano SESM-FCTUCSecurity threats modelling; maturity model for security (J.Fonseca, F.Matarese) Intrusion Detection System for dB (J.Fonseca, A.Napolitano) Automatic robustness testing of complex web-services (WSRTesting tool) (M.Vieira, G.Carrozza, N.Laranjeiro, A.Napolitano) Automatic reconfiguration mechanisms for ES dependability (J.Cunha, P.Osocha) N APLES, 20 TH D ECEMBER 2011 ::.. Past/Current Activities Activities supported by Critical STEP and conducted by SESM involve FCTUC and CINI. -Development of tools and techniques for conducting effective robustness testing, ranging from operating systems to software components (e.g., web services, Java Messaging Services). These tools are of particular relevance in the context of the web services and DDS that support the SWIM-BOX. -Investigation on the applicability of robustness testing in the context of safety assessment of COTS and old legacy SW components (for which the source code is not available).

Hosting/ Visiting Activities CINI-SESMMonitoring and diagnostic techniques of failures into large and distributed systems (A.Bovenzi, G.Carrozza) SESM-CINIAutomatic Robustness Testing for DDS compliant products (G.Carrozza, A.Napolitano, C.Esposito, A.Bovenzi) FCTUC-SESMSW Fault Injection tool for Java (J.Duraes, A.Napolitano SESM-FCTUCSecurity threats modelling; maturity model for security (J.Fonseca, F.Matarese) Intrusion Detection System for dB (J.Fonseca, A.Napolitano) Automatic robustness testing of complex web-services (WSRTesting tool) (M.Vieira, G.Carrozza, N.Laranjeiro, A.Napolitano) Automatic reconfiguration mechanisms for ES dependability (J.Cunha, P.Osocha) N APLES, 20 TH D ECEMBER 2011 ::.. Past/Current Activities Activities supported by Critical STEP and conducted by SESM involve FCTUC and CINI. -Development of a proper tool for detecting vulnerabilities in the software components, namely in the context of the SWIM-BOX prototype. -Dependability of Embedded Systems through automatic reconfiguration mechanisms

C OIMBRA, 7 TH S EPTEMBER 2010 ::.. New recruited researcher The recruitment process has been started in January 2010, by Francesca Matarese and Gabriella Carrozza. SESM has opened a position for a Critical Systems Engineer, to be recruited at SESM’s premises in Giugliano in Campania, Naples, Italy. Activities to be carried out in 24 months, beginning from September Dr. Przemyslaw Osocha has been selected. He has been involved in research activities related to dependability of Embedded Systems

N APLES, 20 TH D ECEMBER 2011 ::.. Obtained Results (1/2) Performed research activities let SESM to publish the following scientific papers: G. Carrozza, A. Napolitano, A. Strano, A. Bovenzi, S. Celentano, C. Esposito, “Automatic Robustness Evaluation of DDS Compliant Middleware”. Presentation made at the OMG workshop held on 24th March 2011 on robustness testing of a DDS-compliant middleware product. A. Napolitano, G. Carrozza, N. Laranjeiro, and M. Viera, “WSRTesting: Hands-on Solution to Improve Web Services Robustness Testing”, Proc. of 4th Latin-American Symposium on Dependable Computing (LADC), A. Napolitano, G. Carrozza, A. Bovenzi and C. Esposito, “Automatic Robustness Assessment of DDS-Compliant Middleware”, accepted to be presented at the industrial track of the 17th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2011). G. Carrozza, R. Natella, “A Recovery-Oriented Approach for Software Fault Diagnosis in Complex Critical Systems”. Published in the International Journal of Adaptive, Resilient and Autonomic Systems (IJARS), vol. 2, no. 1, 2011 Francesca Matarese, Patrizia Montefusco, José Fonseca, “Looking towards the Single European Sky: a Tailored Security Assessment for Future ATM Systems”, 3rd CEAS Air&Space Conference (CEAS 2011) and 21st AIDAA Congress, San Giorgio Maggiore Island - Venice, Italy, October 24-28, 2011

N APLES, 20 TH D ECEMBER 2011 ::.. Obtained Results (2/2) With the support of Critical STEP, SESM hosted the following events: “Fundamental of Dependability” Seminar, held at the SESM Premises on 13th October 2010 “Testing Day” Workshop, held at the SESM Premises on 9th November 2010 “Robustness Testing” Seminar, held at SESM Premises on 24th November 2011

N APLES, 20 TH D ECEMBER 2011 ::.. How much it is worth Thanks to cooperation with FCTUC and CINI, SESM has enhanced its capability related to: - fault injection and robustness testing  SESM is developing innovative testing methodologies for future certification of mission-critical and real-time systems - dependability of Embedded Systems (ESs)  SESM is introducing SPD metrics in an innovative framework for the design of future ESs - threats and vulnerability modelling of Air Navigation Service software systems  SESM is anticipating, under a methodological point of view, the solution of future security issues in Air Traffic Management without Critical-Step, it would have taken years to reach similar results.

Thank you for your attention N APLES, 20 TH D ECEMBER 2011