Lab of Software Architectures and Information Systems Bruno Rossi brossi@mail.muni.cz Hind Bangui Hind.bangui@mail.muni.cz PV226 Seminar Introduction https://is.muni.cz/auth/el/fi/podzim2023/PV226/index.qwarp • Software Reliability & Software Quality − Mining Software Repositories − Evaluation of source code quality and evolution (e.g., Technical Debt) − Application of Software Reliability Growth Models (SRGMs) and metrics from Open Source Quality Models • Microservices research − Anomaly detection of performance and reliability data − Migration of monoliths to microservices − Reconstructing architecture of microservices for simulators About the hosts - Bruno Rossi • Trust Management in IoT Ecosystems • Human-centric intelligent systems • Trust algorithms • Trust simulators • Trustworthy and resilient human-machine interaction • Ethics&Regulations • Trust in autonomous systems • Explainable and interpretable AI solutions for trustworthy systems • Approaches for resilience and antifragility in IoT Ecosystems About the hosts - Hind Bangui Main Topic: Cybersecurity Other Topics: Trust Management, AI, IoT, Human Behavior / Human-Machine Communication, Critical Infrastructures, Cyber-Physical Systems • Project: • CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence (CZ.02.1.01/0.0/0.0/16_019/0000822) • Definition of Critical Infrastructures (CI): “Organizational and physical structures and facilities of such vital importance to a nation's society and economy that their failure or degradation would result in sustained supply shortages, significant disruption of public safety and security, or other dramatic consequences“. Critical Infrastructure Systems: Digital Transformation • A system is designed to operate in “mostly stable” situations. • Systems are increasingly exposed to unexpected disruptive events. • Frequent keywords in the literature when dealing with disruptions: “disruption”, “disturbance”, “disaster”, “hazard”, “crisis”, “catastrophic or traumatic event”, “failure”, “attack”, “shock”, and “X-Event (extreme event)”. Critical Infrastructure Systems: Digital Transformation • Design strategies to mitigate risks and respond efficiently to risk incidents • Recover a system from sudden shocks, • Reduce the negative consequences of disruptions • Prepare for plausible future scenarios and learn from past experiences. • Prevent risky events from occurring (reducing vulnerability), Critical Infrastructure Systems: Digital Transformation • The COVID-19 pandemic has shocked infrastructure systems in unanticipated ways. • The COVID-19 pandemic represents a call for a major rethinking of how we approach infrastructure. Critical Infrastructure Systems: Digital Transformation Domains Response / Impact Response Underlying technology/ operation Education Widespread closure of educational institutions; access to labs is restricted; projects have been mothballed; fieldwork interrupted Virtual learning environment (online teaching, presentation, assessment, and consultation); convocation online Online video conferencing software, virtual labs on cloud Conferences In-person conferences banned; Online presentation and discussion Video streaming, Virtual conference software Healthcare Overcrowded hospitals, inability to meet the demands on them Contact tracing, forecasting resource requirements, allotment of scare resources based on a patient’s survivability, COVID-19 vaccine development, telehealth (online consultation with a doctor or medical professional); AI, cloud computing, chatbot Industry Closure of some industries Work from home, remote operations, automation and autonomous operation Robots, automation, 3-D printing Digital Transformation during the COVID-19 pandemic Critical Infrastructure Systems: Digital Transformation Domains Response / Impact Response Underlying technology/ operation Government Spike in demands from citizens for assistance, disruption to normal operations Migration to online services Cloud, the Web, Online meeting application Business Closure of business, avoidance of in-person retail shopping Adherence to social distancing, services online, work from home Chatbot, drone delivery, online meeting software, virtual office/desktop, remote access to work Personal life and social interaction Lockdown Indoor activities Phone, audio and video chats, streaming, online gaming Retail Stores closed, only online service, avoidance of retail shopping Online shopping, home delivery The Web, online payment, contactless payment Entertainment Entertainment venues (parks, cinema) closed, sports without spectators Viewing online Audio and video streaming, virtual reality Digital Transformation during the COVID-19 pandemic Critical Infrastructure Systems: Digital Transformation Acceleration of Digital Transformation Suitability of Security Solutions ? Critical Infrastructure Systems: Digital Transformation • Definition of Critical Infrastructures (CI): “Organizational and physical structures and facilities of such vital importance to a nation's society and economy that their failure or degradation would result in sustained supply shortages, significant disruption of public safety and security, or other dramatic consequences“. • CHANGING NATURE OF CRITICALITY • Some industries have been able to shift production from non-essential to essential products. • An Example: Parks are typically considered a non-essential service. However, during COVID-19, parks have proven their value by serving as field hospitals, providing alternative shelters for socially vulnerable groups, and promoting physical, emotional, and mental well-being. Critical Infrastructure Systems: Changing the nature of criticality • Definition of Critical Infrastructures (CI): “Organizational and physical structures and facilities of such vital importance to a nation's society and economy that their failure or degradation would result in sustained supply shortages, significant disruption of public safety and security, or other dramatic consequences“. • CHANGING NATURE OF CRITICALITY • Defining which systems are CI results in a prioritization of resources during extreme events. • Critical infrastructure definitions should account for the changing services and functions of industries during hazards. • Treating criticality as dynamic appears crucial to identifying how to meet basic needs through infrastructure changes as hazards vary. • Thinking about the flexibility of security solutions. Critical Infrastructure Systems: Changing the nature of criticality Humans Internet of Things Human-centered Internet of Things • Human-centered Internet of Things (Human-centric Intelligent Systems, Human-Centric Intelligent Society) Tracking Systems: Privacy & Safety concerns Example 1: Healthcare Tracking Systems: Privacy & Safety concerns • Manage-How-You-Drive (MHYD) is an insurance scheme that considers the physiological and behavioral information of drivers to charge risk-based premiums. • The behavior of a driver can be classified into two categories: • Driving behavior (like braking pressure and braking speed ) • Non-driving behavior, which is a distraction (like smoking and texting on the phone). • The MHYD physiological categories are fatigue and drowsiness, • Identifying fatigue by using biometric sensors to track the facial expressions and eye movements of drivers. Example 2: Insurance Tracking Systems: Privacy & Safety concerns HighIntelligence LowLatency Smart mobility refers to the use of ICT in modern transport technologies to improve urban traffic. Vehicular Ad-hoc Network (VANET) is a typical smart mobility system. VANET comes under the subgroup of conventional Mobile Ad hoc Network (MANET). Tracking Systems: Privacy & Safety concerns Humans Human-Robot Interaction Robotics Internet of Things Internet of Robotic Things Internet of Humans and Robotic Things Human-centered Internet of Things • Human-centered Internet of Things (Human-centric Intelligent Systems, Human-Centric Intelligent Society) • Considering Human-in-the-IoT loop Digital Ecosystems: Social Values • Trust management simulator for Wireless Sensor Networks. • Provide real-time events. • Test the effectiveness of reputation and trust models. • Designed in 2009 • The simulator is implemented using Java. • A node can request resources from the neighboring node or send resources to the requesting node. • The simulator allows the user to adjust several parameters such as the percentage of malicious nodes or the possibility of forming a collusion, among many others. • Main Task: Use new Java frameworks to rebuild the simulator. Trust Management Simulator