Extending a Multi-Agent Systems Simulation Architecture for Systems-of-Systems Security Analysis

Security is an important concern for software-intensive Systems-of-Systems (SoS). Architectural analysis for SoS secturity assessment should be performed at early stages of development. Such activity could prevent vulnerabilities and avoid potential cascading attack emergent behaviors, i.e., a succession of security vulnerabilities that emerge from individual constituents security fragilities, potentially causing interruption and collapse of SoS operation. Model simulation can prevent these issues by predicting, at design-time, how SoS will behave regarding its reaction to potential attacks. As security is a quality attribute, i.e., a property that comes up from the relation between software parts, software architecture analysis and simulation are an additional support for the prediction of SoS security. However, despite recent advances in such area, few simulation approaches have tackled simulation of secure SoS architectures where the basis of the described models are the SoS behavior or the interactions among the SoS Constituent Systems (CS). The main contribution of this paper is offering a big picture of how recent advances on SoS security analysis via simulations can form a robust framework for SoS security prediction. We argue the pertinence of Multi-Agent Systems (MAS) for SoS simulation due to similarities between MAS and SoS concepts, and we report how MAS simulation enables the visualization of emergent behaviors and how they impact the SoS security. Our results to foster SoS security analysis include (i) an extension of a MAS conceptual model and platform to include security concepts, (ii) a Model-Driven Engineering (MDE) approach that adopts automatic mappings between secure SoS architecture modeled using an existing SysML-based modeling language, namely the SoSSecML, and (iii) a MAS platform to support such analysis.

[1]  Cesare Guariniello,et al.  Communications, Information, and Cyber Security in Systems-of-Systems: Assessing the Impact of Attacks through Interdependency Analysis , 2014, CSER.

[2]  Judith Dahmann 1.4.3 System of Systems Pain Points , 2014 .

[3]  Shukor Abd Razak,et al.  Attacks and security solutions for agent communication in multi-agent systems , 2015 .

[4]  Agostino Poggi,et al.  Developing Multi-agent Systems with JADE , 2007, ATAL.

[5]  Robert K. Abercrombie,et al.  Security Analysis of Smart Grid Cyber Physical Infrastructures Using Game Theoretic Simulation , 2015, 2015 IEEE Symposium Series on Computational Intelligence.

[6]  Cihan H. Dagli,et al.  Simulation for a coevolved system-of-systems meta-architecture , 2016, 2016 11th System of Systems Engineering Conference (SoSE).

[7]  Jamal El Hachem Towards Model Driven Architecture and Analysis of System of Systems Access Control , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[8]  Richard N. Taylor,et al.  A Classification and Comparison Framework for Software Architecture Description Languages , 2000, IEEE Trans. Software Eng..

[9]  Philippe Aniorte,et al.  Challenges in Security Engineering of Systems-of-Systems , 2014 .

[10]  Esmiralda Moradian,et al.  Knowledge Based and Intelligent Information and Engineering Systems Security in Multi-Agent Systems , 2015 .

[11]  Haralambos Mouratidis,et al.  An architectural description language for secure Multi-Agent Systems , 2010, Web Intell. Agent Syst..

[12]  Muhammad Ali Babar,et al.  Model Driven Software Security Architecture of Systems-of-Systems , 2016, 2016 23rd Asia-Pacific Software Engineering Conference (APSEC).

[13]  João Leite,et al.  A Survey of Programming Languages and Platforms for Multi-Agent Systems , 2006, Informatica.

[14]  Judith S. Dahmann,et al.  Security engineering in a system of systems environment , 2013, 2013 IEEE International Systems Conference (SysCon).

[15]  Jakob Axelsson,et al.  Towards safe and secure systems of systems: challenges and opportunities , 2017, SAC.

[16]  Muhammad Ali Babar,et al.  A Model Driven Method to Design and Analyze Secure Architectures of Systems-of-Systems , 2017, 2017 22nd International Conference on Engineering of Complex Computer Systems (ICECCS).

[17]  Andrea Bondavalli,et al.  Towards an understanding of emergence in systems-of-systems , 2015, 2015 10th System of Systems Engineering Conference (SoSE).

[18]  Paolo Giorgini,et al.  Threat Analysis in Goal-Oriented Security Requirements Modelling , 2014, Int. J. Secur. Softw. Eng..

[19]  Robert Cloutier,et al.  2015 Conference on Systems Engineering Research Simulation Approaches for System of Systems: Events-Based versus Agent Based Modeling , 2015 .

[20]  Marco Mori,et al.  On the impact of emergent properties on SoS security , 2016, 2016 11th System of Systems Engineering Conference (SoSE).

[21]  Kalliopi Kravari,et al.  A Survey of Agent Platforms , 2015, J. Artif. Soc. Soc. Simul..

[22]  David Stuart Robertson,et al.  A review of attacks and security approaches in open multi-agent systems , 2012, Artificial Intelligence Review.

[23]  Mark W. Maier,et al.  Architecting Principles for Systems‐of‐Systems , 1996 .

[24]  Flávio Oquendo Architecturally describing the emergent behavior of software-intensive system-of-systems with SosADL , 2017, 2017 12th System of Systems Engineering Conference (SoSE).

[25]  Jan Peleska,et al.  Systems of Systems Engineering , 2015 .

[26]  Tom Mens,et al.  A Taxonomy of Model Transformation , 2006, GRaMoT@GPCE.

[27]  Jakob Axelsson,et al.  A systematic mapping of the research literature on system-of-systems engineering , 2015, 2015 10th System of Systems Engineering Conference (SoSE).

[28]  Ghassan Beydoun,et al.  Generic modelling of security awareness in agent based systems , 2013, Inf. Sci..

[29]  Robert Cloutier,et al.  Simulation Approaches for System of Systems: Events-based versus Agent Based Modeling☆ , 2015 .

[30]  Michel Mamrot,et al.  Use case based approach for an integrated consideration of safety and security aspects for smart home applications , 2016, 2016 11th System of Systems Engineering Conference (SoSE).