Addressing Security Properties in Systems of Systems: Challenges and Ideas

Within growing pervasive information systems, Systems of Systems (SoS) emerge as a new research frontier. A SoS is formed by a set of constituent systems that live on their own with well-established functionalities and requirements, and, in certain circumstances, they must collaborate to achieve a common mission. In this scenario, security is one crucial property that needs to be considered since the early stages of SoS lifecycle. Unfortunately, SoS security cannot be guaranteed by addressing the security of each constituent system separately. The aim of this paper is to discuss the challenges faced in addressing the security of SoS and to propose some research ideas centered around the notion of a mission to be carried out by the SoS.

[1]  Ilaria Matteucci,et al.  Security Assessment of Systems of Systems , 2019, 2019 IEEE/ACM 7th International Workshop on Software Engineering for Systems-of-Systems (SESoS) and 13th Workshop on Distributed Software Development, Software Ecosystems and Systems-of-Systems (WDES).

[2]  Flávio Oquendo,et al.  A mission-oriented approach for designing system-of-systems , 2015, 2015 10th System of Systems Engineering Conference (SoSE).

[3]  Norbik Bashah Idris,et al.  Improved Intrusion Detection System Using Fuzzy Logic for Detecting Anamoly and Misuse Type of Attacks , 2009, 2009 International Conference of Soft Computing and Pattern Recognition.

[4]  Deborah J. Bodeau System-of-systems security engineering , 1994, Tenth Annual Computer Security Applications Conference.

[5]  Shiyong Liu,et al.  Employing system of systems engineering in China's emergency management , 2010, 2010 IEEE International Systems Conference.

[6]  T. J. Wheeler,et al.  An object oriented methodology integrating design, analysis, modelling, and simulation of systems of systems , 1993, 1993 4th Annual Conference on AI, Simulation and Planning in High Autonomy Systems.

[7]  Jan Peleska,et al.  Systems of Systems Engineering , 2015 .

[8]  J.S. Dahmann,et al.  Understanding the Current State of US Defense Systems of Systems and the Implications for Systems Engineering , 2008, 2008 2nd Annual IEEE Systems Conference.

[9]  Bradford G. Nickerson,et al.  The Cascade Vulnerability Problem , 1993, J. Comput. Secur..

[10]  Xiaohong Yuan,et al.  An Overview of Penetration Testing , 2011 .

[11]  Vanea Chiprianov,et al.  Towards modelling and analysing non-functional properties of systems of systems , 2014, 2014 9th International Conference on System of Systems Engineering (SOSE).

[12]  Katia Romero Felizardo,et al.  Quality Attributes of Systems-of-Systems: A Systematic Literature Review , 2015, 2015 IEEE/ACM 3rd International Workshop on Software Engineering for Systems-of-Systems.

[13]  Paulo F. Pires,et al.  On the Characterization of Missions of Systems-of-Systems , 2014, ECSAW '14.

[14]  Shamal Faily,et al.  Assessing System of Systems Security Risk and Requirements with OASoSIS , 2018, 2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE).

[15]  Axel van Lamsweerde,et al.  Goal-Oriented Requirements Engineering: A Guided Tour , 2001, RE.

[16]  Cesare Guariniello,et al.  Communications, Information, and Cyber Security in Systems-of-Systems: Assessing the Impact of Attacks through Interdependency Analysis , 2014, CSER.

[17]  Gu Tian-yang,et al.  Research on Software Security Testing , 2010 .

[18]  Boris Beizer,et al.  Black Box Testing: Techniques for Functional Testing of Software and Systems , 1996, IEEE Software.

[19]  Alessandro Orso,et al.  Penetration Testing with Improved Input Vector Identification , 2009, 2009 International Conference on Software Testing Verification and Validation.