SERENITY DAY IN BRUSSELS - June 17th, 2009
Thon City Centre Hotel, Brussels 1210 |
Current
practices for developing secure systems are still closer to art than to
an engineering discipline. Security is still treated as an add-on and
is therefore not integrated into software development practices and
tools. Experienced security artisans are still the key to achieving
acceptable levels of security.
Several
approaches and research strands have tried to address this situation in
order to introduce rigour and engineering approaches in the treatment
of security aspects in information systems, mainly focusing on the
development phases. Traditionally, the term security engineering has
been used to denote partial approaches that cover only small parts of
the processes that are required in order to create a secure system,
like modelling, verification, programming, etc. Even in the cases that
the approach is closer to a methodology, and has achieved a certain
level of maturity, the key concepts and workflows are highly influenced
by the way had been treated by the security artisans. Therefore, one
finds in the literature that the main books about security engineering
describe threat-based engineering approaches.
Today,
the current trend towards distributed and open systems has revealed the
important limitations of current threat-based security engineering
approaches. In particular, threat-based security engineering creates
systems that are very context-dependent, and therefore, fail to address
the needs of the future open and distributed systems paradigms. The
main problems that the new computing paradigms introduce are the high
levels of heterogeneity, dynamism and autonomy, as well as the large
scale. The result is that engineers have to deal with runtime
situations that are unpredictable at design time. The SERENITY Day will
introduce the SERENITY model of secure and dependable systems and will
show how it supports the creation of secure and dependable systems for
these new computing paradigms. Additionally we will present the
SERENITY integrated engineering processes as the backbone of a new
security engineering discipline.
The
main drawbacks of current approaches is that they fail to provide a
reasonable support for systematic engineering since the identification,
characterization and specification of the protection goals and the
related threats as well as the selection of appropriate mechanisms and
countermeasures depends on the experience of the engineers.
Consequently, these approaches represent only minor improvements over
the security craftsmanship era. However, they have been used for some
time with uneven results. The SERENITY Day is planned as a forum to
discuss this aspect and will advocate a change of paradigm based on the
definition of integrated processes with well-defined goals and
interfaces that combine the different techniques, methodologies and
tools to support the engineering of secure systems.
We expect to produce as outcomes of this event the following specific results:
• |
Dissemination
of the SERENITY Model and Processes among high-level representatives
from academia, industry and government institutions.
|
• |
Creation of a "Security Engineering Manifesto" advocating the establishment of Security as an Engineering discipline; and
|
• |
Kickstarting
the production of a new "Security Engineering BOK (Body of Knowledge)"
that provides a map of techniques, methodologies and tools along with
their relation and their role in the new security engineering processes.
|
Serenity Day Programme and agenda
SESSION |
SCHEDULE |
TITLE |
DURATION |
S0a. |
9:00-9:15 |
Welcome and Introduction: Jacques Bus, Head of Trust and Security Unit DG INFSO: MEDIA European Commission |
15 min |
S0b. |
9:15-9:30 |
Presentation, objectives and procedures |
15 min |
S1. |
9:30-10:30 |
Presentations of Serenity |
1 hour |
B1. |
10:30-11:00 |
Coffee Break
Demos**: Communication, Air Traffic Management, e-Health... |
30 min |
S2a. |
11:00-12:30 |
| State of disciplines I: |
| Speakers: |
• |
Security properties and Security Requirements Fabio
Martinelli, CNR, Italy
|
• |
Formal models and Static Verification, Jorge Cuellar,
Siemens
|
• |
Secure Processes and security-aware SW
engineering:
Eduardo Fernandez Medina,
UCLM (Castilla la Mancha)
|
• |
HW-SW Security: Jean Jacques Quisquater, UCLouvain |
• |
Crypto: Bart Preneel, KU
Leuven
|
• |
Agent oriented SW Engineering for Security
Modelling:
Haris Mouratidis, U of East
London
|
• |
Language based security: to be
confirmed
|
|
1 hour and
30 min |
B2. |
12:30-13:30 |
Lunch Break and Demos** |
1 hour |
S2b. |
13:30-14:30 |
| State of disciplines II: |
| Speakers: |
• |
Industry View:
compliance Volkmar Lotz, SAP
Research
|
• |
Industry view: integration Matthias
Schunder, IBM Zurich |
• |
Security Patterns: Markus Schumacher, Virtual Forge (Germany)
|
| Authors' slide presentations (excused
as speakers): |
• |
Security Modelling: Jan
Jurjens, Open University UK
|
• |
Industry view: integration, Aljosa Pasic, Atos Research
Spain
|
• |
ID management and security: Antonio F. Skarmeta,
University of
Murcia
|
• |
Security-aware software
engineering, Ernesto Damiani,
University of
Milan, Italy
|
• |
Software protection, Yoram Ofek,
University of Trento,
Italy
|
|
1 hour |
S3. |
14:30-15:15 |
Joint Discussion |
45 min |
S4. |
15:15-16:15 |
Elaboration of the "Security Engineering Manifesto" and "Sec. Eng. BOK (Body of Knowledge)" phase 1 |
1 hour |
B3. |
16:15-16:45 |
Coffee Break and Demos** |
30 min |
|
16:45-17:45 |
Elaboration of the "Security Engineering Manifesto" and "Sec. Eng. BOK (Body of Knowledge)" phase 2 |
1 hour |
S5 |
After 17:45 |
Rump session, follow up initiatives and networking, Demos... |
free |
** Demos:
• Communication Prototype Demo: Telefonica
• Air Traffic Management, ATM Coordination Tool (ATC) Demo: Deep Blue and Engineering Informatica (Italy)
• Smart Home Poster/Demo: U of Trento
|
|
|