Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tuesday October 25, 2005 Preview SoBeNeT- II project.

Published byOswin Gilmore Modified over 9 years ago

Similar presentations

Presentation on theme: "Tuesday October 25, 2005 Preview SoBeNeT- II project."— Presentation transcript:

1 Tuesday October 25, 2005 Preview SoBeNeT- II project

2 Tuesday November 14, 2006 2 Agenda 16:00hIntroduction and project status 17:00hDiscussion: feedback and opportunities for validation 17:15h Preview of the SoBeNeT-II project 17:50hConclusion and wrap-up 18:00hInformal gathering and drinks

3 Tuesday November 14, 2006 3 The new project in a nutshell Natural follow-up of SoBeNeT project  Strategic, fundamental research for enabling secure software (IWT SBO)  Specific accents and focused efforts  Verification upgraded to become one of the project’s cornerstones (Towards “assurance”) Project consortium is identical  DistriNet, COSIC, Ubizen (Cybertrust)  Increased level of collaboration User group is continued –anyway!!!  Evolving group driven by collaborations, interests, company priorities

4 Tuesday November 14, 2006 4 Project structure and work plan 4 or 5 major tracks  Software development technologies for security  Software engineering for security  Techniques to protect sensitive parts in secure software  Assurance: Verification of security requirements and Attestation  Monitoring and management technology

5 Tuesday November 14, 2006 5 Security middleware Component Models Operating systems systems security Applications: drivers and validation means From SoBeNeT E-financeE-healthE-publishing SEC SODA Integrated approach to develop and deploy secure software Programming language technology Secure Software Engineering (Process, Artifacts, Automation…) Secure Deployment (Monitoring and management) Assurance ( verification, trusted computing, sealing…) 2 tracks

6 Tuesday November 14, 2006 6 Discussion 1/4 Software development technologies will focus on  State-of-the art programming languages  Standard platforms.NET WS* J2EE Not on traditional C/C++ programming Based on majority of the user group

7 Tuesday November 14, 2006 7 Discussion 2/4 Software engineering will focus on  Architecture driven design  Increased Automation (MDD)  Also address: Introducing metrics (hard) Broadening set of requirements (track 5) Not on Agile methods Backed by majority of the user group

8 Tuesday November 14, 2006 8 Discussion 3/4 Introduce efforts towards assurance  Attestation  Verification  WIN-WIN COSIC DISTRINET  Sealing Less relevant for the user group? Yet essential for world class results in the long run…

9 Tuesday November 14, 2006 9 Discussion 4/4 “Shielding and interception” has evolved to become secure deployment.  Includes focus on business management  Introduces new types of requirements Ability to do forensics Practice of audit, business continuity  Hence great synergy with track on secure software engineering Long term vision: integration with the overall life cycle management of security (methodology to be public – backed by Cybertrust)

10 Tuesday October 25, 2005 Track level details

11 Tuesday November 14, 2006 11 Track 1: software development technology (DistriNet) WP1: Identification of critical vulnerability classes  Ongoing monitoring of vulnerability trends  Proactive analysis of new technologies (e.g., AOSD, AJAX) WP2: Programming models  Definition of methodology for designing programming models  Supporting compositions of programming models WP3: Component models and composition  Component contracts  Load-time and run-time contract checking  Extending support for advanced composition (AOSD, DSL’s)  Secure composition of aspects WP4: Validation for web application and services  Demonstrate combinations of programming models for web applications  Define a library of reusable, composeable security services

12 Tuesday November 14, 2006 12 Track 2: Software engineering (DistriNet, Ubizen) WP1: Enablers  Supporting SoA security requirements  Creating security metrics  Up-to-date overview of vulnerabilities and requirements WP2: Architecture driven development  Architecture definition (method, patterns)  Feature interaction for security  Traceability of architectural decisions  Maintaining architectural integrity  Supporting architectural consistency WP3: Model driven development  Definition of notations that enable transformation and verification  Definition of DSL’s for specific security concerns  Exploration of transformation techniques  Support for traceability (from requirements to implementation)  Property-preserving refinements (e.g., for security principles)

13 Tuesday November 14, 2006 13 Track 3: Protection techniques (COSIC) WP1: Self-checking code  State-of-the-art study  Improvements (e.g., mutually checking software guards)  Proof-of-concept / implementation WP2: Self-modifying code  State-of-the-art study  Analysis and attacks  Improvements: code encryption  Implementation WP3: Obfuscation and white-box crypto interaction  Use of random functions to improve obfuscation techniques  Continuation of sobenet1 research WP4: Encrypted code execution and encrypted data processing  Homomorphic encryption

14 Tuesday November 14, 2006 14 Track 4: Verification (COSIC, DistriNet) WP1: Software attestation  Study of the state-of-the art software attestation  Currently only software based  Identification of problems  Research how to use (existing an new) software techniques and hardware to address these problems e.g. use of a TPM to solve the timing problem; use of smartcard WP2: Trusted computing platforms (use of TPM)  How to use trusted computing platforms to enhance software security ….

15 Tuesday November 14, 2006 15 Track 5: Management and monitoring (Ubizen, DistriNet) WP1: Requirements  Audit requirements and solutions  Business management requirements and solutions  Administration requirements and solutions WP2: Deployment architectures WP3: Patterns for software engineering track (ADD)

16 Tuesday October 25, 2005 Discussion Suggestions for improvement, focus, … ?

Download ppt "Tuesday October 25, 2005 Preview SoBeNeT- II project."

Similar presentations

2009 – E. Félix Security DSL Toward model-based security engineering: developing a security analysis DSML Véronique Normand, Edith Félix, Thales Research.

2009 – E. Félix Security DSL Toward model-based security engineering: developing a security analysis DSML Véronique Normand, Edith Félix, Thales Research.
Course: e-Governance Project Lifecycle Day 1

Course: e-Governance Project Lifecycle Day 1
Alternate Software Development Methodologies

Alternate Software Development Methodologies
Guidelines and Tools for ADM

Guidelines and Tools for ADM
WebRatio BPM: a Tool for Design and Deployment of Business Processes on the Web Stefano Butti, Marco Brambilla, Piero Fraternali Web Models Srl, Italy.

WebRatio BPM: a Tool for Design and Deployment of Business Processes on the Web Stefano Butti, Marco Brambilla, Piero Fraternali Web Models Srl, Italy.
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
Reseach in DistriNet (department of computer science, K.U.Leuven) General overview and focus on embedded systems task-force.

Reseach in DistriNet (department of computer science, K.U.Leuven) General overview and focus on embedded systems task-force.
© 2006 IBM Corporation IBM Software Group Relevance of Service Orientated Architecture to an Academic Infrastructure Gareth Greenwood, e-learning Evangelist,

© 2006 IBM Corporation IBM Software Group Relevance of Service Orientated Architecture to an Academic Infrastructure Gareth Greenwood, e-learning Evangelist,
1 MAIS Student Administration Advisory Group Meeting #31 October 4, 2006.

1 MAIS Student Administration Advisory Group Meeting #31 October 4, 2006.
R R R CSE870: Advanced Software Engineering (Cheng): Intro to Software Engineering1 Advanced Software Engineering Dr. Cheng Overview of Software Engineering.

R R R CSE870: Advanced Software Engineering (Cheng): Intro to Software Engineering1 Advanced Software Engineering Dr. Cheng Overview of Software Engineering.
SwE 434. Rational Quality Manager Rational Quality Manager is a collaborative, Web-based tool that offers comprehensive test planning, test construction,

SwE 434. Rational Quality Manager Rational Quality Manager is a collaborative, Web-based tool that offers comprehensive test planning, test construction,
- 1 - Component Based Development R&D SDM 1 2009 Theo Schouten.

- 1 - Component Based Development R&D SDM Theo Schouten.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Product Life Cycle Management Innovation to Execution

Product Life Cycle Management Innovation to Execution
Merlin ITEA Symposium 2006. 2006Merlin Overview2 Problem domain Companies hardly develop embedded products completely on their own Embedded systems need.

Merlin ITEA Symposium Merlin Overview2 Problem domain Companies hardly develop embedded products completely on their own Embedded systems need.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 1 Slide 1 System and Software Engineering.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 1 Slide 1 System and Software Engineering.
Information Technology Audit

Information Technology Audit
Chapter 6– Artifacts of the process

Chapter 6– Artifacts of the process
Effective Methods for Software and Systems Integration

Effective Methods for Software and Systems Integration
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Similar presentations

Ads by Google