lnu.sePublications
Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 28) Show all publications
Skandylas, C., Khakpour, N. & Andersson, J. (2020). Self-Adaptive Trust-aware Decentralized Information Flow Control, extended version.
Open this publication in new window or tab >>Self-Adaptive Trust-aware Decentralized Information Flow Control, extended version
2020 (English)Report (Other academic)
Abstract [en]

Modern software systems and their corresponding architectures are decentralized, distributed, and dynamic. As a consequence, decentralized mechanisms are also required to ensure security in such architectures. Decentralized Information Flow Control (DIFC) is a mechanism to control information flow in distributed systems. However, DIFC mechanisms require the resolution of specific centralized control and trust issues.In this paper, we propose an adaptive, trust-aware, decentralized information flow approach that incorporates trust in DIFC for decentralized systems. We employ decentralized feedback loops to enable decentralized control and adaptive trust assignments. In our approach, adaptivity mitigates two aspects of systems dynamics that cause uncertainty:  the ever-changing nature of trust and the system openness. We formalize our trust-aware DIFC model and instantiate two decentralized feedback loop architectures to implement it.

Publisher
p. 18
Keywords
Self-Adaptation, Decentralized Information Flow Control, Trust, Decentralized Feedback Loop
National Category
Computer Sciences
Research subject
Computer and Information Sciences Computer Science, Computer Science
Identifiers
urn:nbn:se:lnu:diva-94775 (URN)
Available from: 2020-05-15 Created: 2020-05-15 Last updated: 2020-05-20Bibliographically approved
Zeller, S., Khakpour, N., Weyns, D. & Deogun, D. (2020). Self-protection against business logic vulnerabilities. In: 15th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS@ICSE 2020): . Paper presented at 15th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS@ICSE 2020, Seoul, South Korea, October 5-11, 2020 (pp. 1-7). IEEE
Open this publication in new window or tab >>Self-protection against business logic vulnerabilities
2020 (English)In: 15th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS@ICSE 2020), IEEE, 2020, p. 1-7Conference paper, Published paper (Refereed)
Place, publisher, year, edition, pages
IEEE, 2020
National Category
Computer Sciences
Research subject
Computer and Information Sciences Computer Science, Computer Science
Identifiers
urn:nbn:se:lnu:diva-93173 (URN)
Conference
15th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS@ICSE 2020, Seoul, South Korea, October 5-11, 2020
Projects
PROSSES
Available from: 2020-03-27 Created: 2020-03-27 Last updated: 2020-05-27
Khakpour, N., Klein, J. & Sirjani, M. (2019). A formal model to integrate behavioral and structural adaptations in self-adaptive systems. In: Hossein Hojjat & Mieke Massink (Ed.), Hossein Hojjat & Mieke Massink (Ed.), Fundamentals of software engineering: 8th International conference, FSEN 2019, Tehran, Iran, May 1-3, 2019, Revised selected papers. Paper presented at 8th International Conference on Fundamentals of Software Engineering, FSEN 2019 (pp. 3-19). Paper presented at 8th International Conference on Fundamentals of Software Engineering, FSEN 2019. Springer, 11761
Open this publication in new window or tab >>A formal model to integrate behavioral and structural adaptations in self-adaptive systems
2019 (English)In: Fundamentals of software engineering: 8th International conference, FSEN 2019, Tehran, Iran, May 1-3, 2019, Revised selected papers / [ed] Hossein Hojjat & Mieke Massink, Springer, 2019, Vol. 11761, p. 3-19Chapter in book (Refereed)
Abstract [en]

An approach for modelling adaptive complex systems should be flexible and scalable to allow a system to grow easily, and should have a formal foundation to guarantee the correctness of the system behavior. In this paper, we present the architecture, and formal syntax and semantics of HPobSAM which is a model for specifying behavioral and structural adaptations to model large-scale systems and address re-usability concerns. Self-adaptive modules are used as the building blocks to structure a system, and policies are used as the mechanism to perform both behavioral and structural adaptations. While a self-adaptive module is autonomous to achieve its local goals by collaborating with other self-adaptive modules, it is controlled by a higher-level entity to prevent undesirable behavior. HPobSAM is formalized using a combination of algebraic, graph transformation-based and actor-based formalisms.

Place, publisher, year, edition, pages
Springer, 2019
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 11761
National Category
Computer Sciences
Research subject
Computer and Information Sciences Computer Science, Computer Science
Identifiers
urn:nbn:se:lnu:diva-93171 (URN)10.1007/978-3-030-31517-7_1 (DOI)9783030315160 (ISBN)9783030315177 (ISBN)
Conference
8th International Conference on Fundamentals of Software Engineering, FSEN 2019
Projects
PROSSES
Available from: 2020-03-27 Created: 2020-03-27 Last updated: 2020-04-02Bibliographically approved
Caporuscio, M., Flammini, F., Khakpour, N., Singh, P. & Thornadtsson, J. (2019). Smart-troubleshooting connected devices: Concept, challenges and opportunities. Future generations computer systems
Open this publication in new window or tab >>Smart-troubleshooting connected devices: Concept, challenges and opportunities
Show others...
2019 (English)In: Future generations computer systems, ISSN 0167-739X, E-ISSN 1872-7115Article in journal (Refereed) Epub ahead of print
Abstract [en]

Today’s digital world and evolving technology has improved the quality of our lives but it has also come with a number of new threats. In the society of smart-cities and Industry 4.0, where many cyber-physical devices connect and exchange data through the Internet of Things, the need for addressing information security and solve system failures becomes inevitable. System failures can occur because of hardware failures, software bugs or interoperability issues. In this paper we introduce the industry-originated concept of “smart-troubleshooting” that is the set of activities and tools needed to gather failure information generated by heterogeneous connected devices, analyze them, and match them with troubleshooting instructions and software fixes. As a consequence of implementing smart-troubleshooting, the system would be able to self-heal and thus become more resilient. This paper aims to survey frameworks, methodologies and tools related to this new concept, and especially the ones needed to model, analyze and recover from failures in a (semi)automatic way. Smart-troubleshooting has a relation with event analysis to perform diagnostics and prognostics on devices manufactured by different suppliers in a distributed system. It also addresses management of appropriate product information specified in possibly unstructured formats to guide the troubleshooting workflow in identifying fault–causes and solutions. Relevant research is briefly surveyed in the paper in order to highlight current state-of-the-art, open issues, challenges to be tackled and future opportunities in this emerging industry paradigm.

Place, publisher, year, edition, pages
Elsevier, 2019
Keywords
Resilience; Dependability; Fault-tolerance; Self-healing; Self-repair; Diagnostics; Prognostics; Event correlation; Log analytics; Embedded systems; Cyber-physical systems; Internet of Things
National Category
Computer Sciences
Research subject
Computer and Information Sciences Computer Science, Computer Science
Identifiers
urn:nbn:se:lnu:diva-89173 (URN)10.1016/j.future.2019.09.004 (DOI)
Projects
Smart-Troubleshooting in the Connected Society (DISA SEED funding)
Available from: 2019-09-17 Created: 2019-09-17 Last updated: 2020-04-20
Khakpour, N., Skandylas, C., Goran, S. N. & Weyns, D. (2019). Towards secure architecture-based adaptations. In: 2019 IEEE/ACM 14th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS): . Paper presented at 2019 IEEE/ACM 14th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS), Montreal, Canada, May 25-26, 2019 (pp. 114-125). IEEE
Open this publication in new window or tab >>Towards secure architecture-based adaptations
2019 (English)In: 2019 IEEE/ACM 14th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS), IEEE, 2019, p. 114-125Conference paper, Published paper (Refereed)
Abstract [en]

As any software system, a self-adaptive system is subject to security threats. However, applying self-adaptation may introduce additional threats. So far, little research has been devoted to this important problem. In this paper, we propose an approach for vulnerability analysis of architecture-based adaptations in self-adaptive systems using threat modeling and analysis techniques. To this end, we specify components' vulnerabilities and the system architecture formally and generate an attack model that describes the attacker's strategies to attack the system by exploiting different vulnerabilities. We use a set of security metrics to quantitatively assess the security risks of adaptations based on the produced attack model which enables the system to consider security aspects while choosing an adaptation to apply to the system. We automate and incorporate our approach into the Rainbow framework, allowing for secure architectural adaptations at runtime. To evaluate the effectiveness of our approach, we apply it on a simple document storage system and on the ZNN system.

Place, publisher, year, edition, pages
IEEE, 2019
Series
Software Engineering for Adaptive and Self-Managing Systems, ICSE Workshops, SEAMS, International Workshop on, ISSN 2157-2305, E-ISSN 2157-2321 ; 2019
National Category
Computer Sciences
Research subject
Computer and Information Sciences Computer Science, Computer Science
Identifiers
urn:nbn:se:lnu:diva-93172 (URN)10.1109/SEAMS.2019.00023 (DOI)9781728133683 (ISBN)9781728133690 (ISBN)
Conference
2019 IEEE/ACM 14th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS), Montreal, Canada, May 25-26, 2019
Projects
PROSSES
Available from: 2020-03-27 Created: 2020-03-27 Last updated: 2020-04-02Bibliographically approved
Bagheri, M., Sirjani, M., Khamespanah, E., Khakpour, N., Akkaya, I., Movaghar, A. & Lee, E. A. (2018). Coordinated actor model of self-adaptive track-based traffic control systems. Journal of Systems and Software, 143, 116-139
Open this publication in new window or tab >>Coordinated actor model of self-adaptive track-based traffic control systems
Show others...
2018 (English)In: Journal of Systems and Software, ISSN 0164-1212, E-ISSN 1873-1228, Vol. 143, p. 116-139Article in journal (Refereed) Published
Abstract [en]

Self-adaptation is a well-known technique to handle growing complexities of software systems, where a system autonomously adapts itself in response to changes in a dynamic and unpredictable environment. With the increasing need for developing self-adaptive systems, providing a model and an implementation platform to facilitate integration of adaptation mechanisms into the systems and assuring their safety and quality is crucial. In this paper, we target Track-based Traffic Control Systems (TTCSs) in which the traffic flows through pre-specified sub-tracks and is coordinated by a traffic controller. We introduce a coordinated actor model to design self-adaptive TTCSs and provide a general mapping between various TTCSs and the coordinated actor model. The coordinated actor model is extended to build large-scale self-adaptive TTCSs in a decentralized setting. We also discuss the benefits of using Ptolemy II as a framework for model-based development of large-scale self-adaptive systems that supports designing multiple hierarchical MAPE-K feedback loops interacting with each other. We propose a template based on the coordinated actor model to design a self-adaptive TTCS in Ptolemy II that can be instantiated for various TTCSs. We enhance the proposed template with a predictive adaptation feature. We illustrate applicability of the coordinated actor model and consequently the proposed template by designing two real-life case studies in the domains of air traffic control systems and railway traffic control systems in Ptolemy II.

Place, publisher, year, edition, pages
Elsevier, 2018
Keywords
Self-adaptive systems, Track-based traffic control systems, Model@Runtime, MAPE-K feedback loop, Ptolemy II framework
National Category
Computer and Information Sciences
Research subject
Computer and Information Sciences Computer Science, Computer Science
Identifiers
urn:nbn:se:lnu:diva-77374 (URN)10.1016/j.jss.2018.05.034 (DOI)000438180000009 ()2-s2.0-85048497434 (Scopus ID)
Available from: 2018-08-30 Created: 2018-08-30 Last updated: 2019-08-29Bibliographically approved
Khakpour, N. & Skandylas, C. (2018). Synthesis of a Permissive Security Monitor. In: Lopez, J; Zhou, J; Soriano, M (Ed.), Computer Security - 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, September 3-7, 2018, Proceedings, Part I: . Paper presented at 23rd European Symposium on Research in Computer Security, Barcelona, Spain, September 3-7, 2018 (pp. 48-65). Springer, 11098
Open this publication in new window or tab >>Synthesis of a Permissive Security Monitor
2018 (English)In: Computer Security - 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, September 3-7, 2018, Proceedings, Part I / [ed] Lopez, J; Zhou, J; Soriano, M, Springer, 2018, Vol. 11098, p. 48-65Conference paper, Published paper (Refereed)
Abstract [en]

In this paper, we propose a new sound method to synthesize a permissive monitor using boolean supervisory controller synthesis that observes a Java program at certain checkpoints, predicts information flow violations and applies suitable countermeasures to prevent violations. To improve the permissiveness, we train the monitor and remove false positives by executing the program along with its executable model. If a security violation is detected, the user can define sound countermeasures, including declassification to apply in the checkpoints. We implement a tool that automates the whole process and generates a monitor. We evaluate our method by applying it on the Droidbench benchmark and one real-life Android application.

Place, publisher, year, edition, pages
Springer, 2018
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349
National Category
Computer Sciences
Research subject
Computer and Information Sciences Computer Science, Computer Science
Identifiers
urn:nbn:se:lnu:diva-78135 (URN)10.1007/978-3-319-99073-6_3 (DOI)000460205700003 ()2-s2.0-85052194807 (Scopus ID)978-3-319-99073-6 (ISBN)978-3-319-99072-9 (ISBN)
Conference
23rd European Symposium on Research in Computer Security, Barcelona, Spain, September 3-7, 2018
Available from: 2018-10-03 Created: 2018-10-03 Last updated: 2019-08-29Bibliographically approved
Khakpour, N. (2017). Control of Self-adaptation Under Partial Observation: A Modular Approach. In: Antónia Lopes & Rogério de Lemos (Ed.), Software Architecture: 11th European Conference, ECSA 2017, Canterbury, UK, September 11-15, 2017, Proceedings. Paper presented at European Conference on Software Architecture (ECSA), Canterbury, UK, September 11-15, 2017 (pp. 112-119). Springer, 10475
Open this publication in new window or tab >>Control of Self-adaptation Under Partial Observation: A Modular Approach
2017 (English)In: Software Architecture: 11th European Conference, ECSA 2017, Canterbury, UK, September 11-15, 2017, Proceedings / [ed] Antónia Lopes & Rogério de Lemos, Springer, 2017, Vol. 10475, p. 112-119Conference paper, Published paper (Refereed)
Abstract [en]

To realize correct adaptive and reconfigurable systems, we need techniques to assure that the behavior of an adaptive system during dynamic adaptation is correct. In this paper, we propose a modular approach to synthesize a symbolic reconfiguration controller that guides the behavior of a system during adaptation under partial observations. The reconfiguration controller observes the system behavior partially during an adaptation and controls it by allowing/disallowing actions in a way to ensure that a given property is satisfied and a deadlock is avoided.

Place, publisher, year, edition, pages
Springer, 2017
Series
Lecture Notes in Computer Science, ISSN 0302-9743
National Category
Computer and Information Sciences
Research subject
Computer and Information Sciences Computer Science
Identifiers
urn:nbn:se:lnu:diva-78539 (URN)10.1007/978-3-319-65831-5_8 (DOI)000455330300008 ()2-s2.0-85028955128 (Scopus ID)9783319658308 (ISBN)9783319658315 (ISBN)
Conference
European Conference on Software Architecture (ECSA), Canterbury, UK, September 11-15, 2017
Available from: 2018-10-29 Created: 2018-10-29 Last updated: 2019-08-29Bibliographically approved
Bagheri, M., Akkaya, I., Khamespanah, E., Khakpour, N., Sirjani, M., Movaghar, A. & Lee, E. A. (2017). Coordinated actors for reliable self-adaptive systems. In: FACS 2016 : Formal Aspects of Component Software: International Workshop on Formal Aspects of Component Software. Paper presented at 13th International Conference on Formal Aspects of Component Software, FACS 2016; Besancon; France; 19 - 21 October, 2016 (pp. 241-259). Springer
Open this publication in new window or tab >>Coordinated actors for reliable self-adaptive systems
Show others...
2017 (English)In: FACS 2016 : Formal Aspects of Component Software: International Workshop on Formal Aspects of Component Software, Springer, 2017, p. 241-259Conference paper, Published paper (Refereed)
Abstract [en]

Self-adaptive systems are systems that automatically adapt in response to environmental and internal changes, such as possible failures and variations in resource availability. Such systems are often realized by a MAPE-K feedback loop, where Monitor, Analyze, Plan and Execute components have access to a runtime model of the system and environment which is kept in the Knowledge component. In order to provide guarantees on the correctness of a self-adaptive system at runtime, the MAPE-K feedback loop needs to be extended with assurance techniques. To address this issue, we propose a coordinated actor-based approach to build a reusable and scalable model@runtime for self-adaptive systems in the domain of track-based traffic control systems. We demonstrate the approach by implementing an automated Air Traffic Control system (ATC) using Ptolemy tool.We compare different adaptation policies on the ATC model based on performance metrics and analyze combination of policies in different configurations of the model. We enriched our framework with runtime performance analysis such that for any unexpected change, subsequent behavior of the model is predicted and results are used for adaptation at the change-point. Moreover, the developed framework enables checking safety properties at runtime. © Springer International Publishing AG 2017.

Place, publisher, year, edition, pages
Springer, 2017
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 10231
Keywords
Air Traffic Control System, Cyber physical system, Model@runtime, Performance analysis, Self-adaptive system
National Category
Software Engineering
Research subject
Computer Science, Software Technology
Identifiers
urn:nbn:se:lnu:diva-64659 (URN)10.1007/978-3-319-57666-4_15 (DOI)000418342500015 ()2-s2.0-85018304749 (Scopus ID)978-3-319-57665-7 (ISBN)978-3-319-57666-4 (ISBN)
Conference
13th International Conference on Formal Aspects of Component Software, FACS 2016; Besancon; France; 19 - 21 October, 2016
Available from: 2017-06-02 Created: 2017-06-02 Last updated: 2018-01-13Bibliographically approved
Khakpour, N., Arbab, F. & Rutten, E. (2016). Synthesizing structural and behavioral control for reconfigurations in component-based systems. Formal Aspects of Computing, 28(1), 21-43
Open this publication in new window or tab >>Synthesizing structural and behavioral control for reconfigurations in component-based systems
2016 (English)In: Formal Aspects of Computing, ISSN 0934-5043, E-ISSN 1433-299X, Vol. 28, no 1, p. 21-43Article in journal (Refereed) Published
Abstract [en]

Correctness of the behavior of an adaptive system during dynamic adaptation is an important challenge to realize correct adaptive systems. Dynamic adaptation refers to changes to both the functionality of the computational entities that comprise a composite system, as well as the structure of their interconnections, in response to variations in the environment, e.g., the load of requests on a server system. In this research, we view the problem of correct structural adaptation as a supervisory control problem and synthesize a reconfiguration controller that guides the behavior of a system during adaptation. The reconfiguration controller observes the system behavior during an adaptation and controls the system behavior by allowing/disallowing actions in a way to ensure that a given property is satisfied and a deadlock is avoided. The system during adaptation is modeled using a graph transition system and properties to be enforced are specified using a graph automaton. We adapt a classical theory of supervisory control for synthesizing a controller for controlling the behavior of a system modeled using graph transition systems. This theory is used to synthesize a controller that can impose both behavioral and structural constraints on the system during an adaptation. We apply a tool that we have implemented to support our approach on a case study involving https servers.

National Category
Computer Systems
Research subject
Computer and Information Sciences Computer Science, Computer Science
Identifiers
urn:nbn:se:lnu:diva-51014 (URN)10.1007/s00165-015-0346-y (DOI)000372262000002 ()2-s2.0-84961155481 (Scopus ID)
External cooperation:
Available from: 2016-03-18 Created: 2016-03-18 Last updated: 2017-11-30Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0002-0377-5595

Search in DiVA

Show all publications