Approach & Methods

Through the materialization of the concepts of "Security and Dependability Pattern" and "Integration Schemes", SERENITY will capture the expertise of security engineers, making it available for automated processing, complemented by mechanisms for monitoring the systems’ behaviour and integrated in a common framework. The automation is essential in the highly dynamic environments. SERENITY will provide support for the dynamic supervision and adaptation of security of systems to changes in AmI ecosystems.

The foundations of an integrated, solid, flexible and practical security and dependability framework for AmI ecosystems lies on two key innovations in the approach : Patterns and Integration Schemes and Run-time support. Both factors are mutually dependent and necessary. The former defines security requirements and mechanisms that address them, and also contextual assumptions underpinning the solutions and their interdependencies. The latter allows the dynamic adaptation and evolution of those solutions.

SERENITY differentiates security requirements and mechanisms at three basic layers : Business and organisational ; workflow and services ; and network and devices. This distinction will reflect the typical layers of systems architecture that SERENITY wants to address, the diversity of responsibility for providing security measures, and the conceptual models at which security requirements and mechanisms can be specified.

Patterns and Integration Schemes
The first key innovation of SERENITY lies it its security and dependability patterns that are precise specifications of validated security mechanisms materialised as files containing models that could be described using languages to capture the expertise of security engineers with the objective of being used by automated means. Security and dependability patterns include a precise behavioural description, references to the security and dependability properties provided, constraints on the context required for deployment, information describing how to adapt and monitor the mechanism, and trust mechanisms. Security and dependability patterns, along with the formal characterisation of their behaviour and semantics, are the basic building blocks of security and dependability mechanisms that will enable the provision of security and dependability over a wide range of heterogeneous AmI ecosystems. SERENITY’s integration schemes specify ways for systematically combining security and dependability patterns into systems composed of dynamically collaborating elements that operate in mobile, heterogeneous, and highly dynamic ICT infrastructures.

Run-time support
The second key innovation of SERENITY will be the computer aided run-time proactive and reactive support for identification of potential threats and attacks of implemented security solutions. In addition, the timely adaptation of attacked or under-threat applications, and the amendment of security and dependability patterns and integration schemes will address weaknesses identified during their deployment through appropriate evolution mechanisms.

Layered approach
The layering of the approach meets the interests of the parties involved (businesses and people, service provider, network provider) and allows to state and enforce requirements where they origin. Its deployment and runtime monitoring mechanisms capture both the evolution of AmI Ecosystems and the fact that not all critical situations can be predicted and prevented. Finally, the SERENITY results are offered through a framework that can be adapted to the needs and utilised by different businesses and industries, thus enabling them to optimise their contribution to the security and dependability of an AmI Ecosystem according to their individual needs.