Network of Excellence on Engineering Secure Future Internet Software Services and Systems
Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS)
Das Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS) zielt auf die Errichtung eines dauerhaften Forschungs-Verbundes im Bereich des Software-Engineerings von sicheren, softwarebasierten Diensten und Systemen.
Innerhalb des Nessos-Entwicklungsprozesses erfolgt die Berücksichtigung der Sicherheit bereits von Anfang. Schon in den frühen Phasen von System-Analyse und -Design wird die Sicherheit systematisch berücksichtigt und so ein Beitrag zur Reduktion von Schwachstellen in Diensten und Systemen geleistet.
Die im Network of Excellence durchgeführte integrierte Forschung ermöglicht neue Ergebnisse: So können einerseits die erforderliche Sicherheit für Dienste im Future-Internet verbessert werden und andererseits Risiken und Kosten der Sicherheit in der Softwareentwicklung als Kriterien für Investitions-Entscheidungen verwendet werden.
NESSoS integriert die beteiligten Forschungseinrichtungen: Die Harmonisierung und Förderung der Forschungsaktivitäten der einzelnen Partner trägt zu einer Steigerung der Excellenz und einer Verbreitung der Forschungsergebnisse bei. Die Kompetenz der Forscher wird darüber hinaus genutzt, um innerhalb Europas eine neue Generation von qualifizierten Forschern und Praktikern im Bereich des Secure Software Engineerings wachsen zu lassen.
NESSoS wird mit industriellen Interessenten zusammenarbeiten, um die Best Practices der Branchen weiterzuentwickeln und ein schnelles
Wachstum der softwarebasierten Service-Systeme im Future Internet zu bewirken.
Die Forschungs-Exzellenz des NESSoS wird zu einem steigenden Vertrauen in das Future Internet beitragen, indem die Sicherheit von Software, Dienstleistungen und Systemen verbessert wird. Diese wird die europäische Wettbewerbsfähigkeit in diesem wichtigen Bereich unterstützen.
Leitung: Prof. Dr. Maritta Heisel, Prof. Dr. Stefan Eicker
Publikationen
- Schwittek, Widura; Schmidt, Holger; Beckers, Kristian; Eicker, Stefan; Faßbender, Stephan; Heisel, Maritta: A Common Body of Knowledge for Engineering Secure Software and Services. In: Proceedings of the 7th International Conference on Availability, Reliability and Security. IEEE, 2012, S. 499-506. doi:10.1109/ARES.2012.31VolltextBIB DownloadKurzfassungDetails
The discipline of engineering secure software and services brings together researchers and practitioners from software, services, and security engineering. This interdisciplinary community is fairly new, it is still not well integrated and is therefore confronted with differing perspectives, processes, methods, tools, vocabularies, and standards. We present a Common Body of Knowledge (CBK) to overcome the aforementioned problems. We capture use cases from research and practice to derive requirements for the CBK. Our CBK collects, integrates, and structures knowledge from the different disciplines based on an ontology that allows one to semantically enrich content to be able to query the CBK. The CBK heavily relies on user participation, making use of the Semantic MediaWiki as a platform to support collaborative writing. The ontology is complemented by a conceptual framework, consisting of concepts to structure the knowledge and to provide access to it, and a means to build a common terminology. We also present organizational factors covering dissemination and quality assurance.
- Schwittek, Widura; Schmidt, Holger; Eicker, Stefan; Heisel, Maritta: Towards a Common Body of Knowledge for Engineering Secure Software and Services. In: Joaquim Filipe, Kecheng Liu (Hrsg.): Proceedings of the International Conference on Knowledge Management and Information Sharing. SciTePress - Science and Technology Publications, Paris 2011, S. 369-374. doi:10.5220/0003666303690374BIB DownloadKurzfassungDetails
Interdisciplinary communities involve people and knowledge from different disciplines in addressing a common challenge. Differing perspectives, processes, methods, tools, vocabularies, and standards are problems that arise in this context. We present an approach to support bringing together disciplines based on a common body of knowledge (CBK), in which knowledge from different disciplines is collected, integrated, and structured. The novelty of our approach is twofold: first, it introduces a CBK ontology, which allows one to semantically enrich contents in order to be able to query the CBK in a more elaborate way afterwards. Second, it heavily relies on user participation in building up a CBK, making use of the Semantic MediaWiki as a platform to support collaborative writing. The CBK ontology is backed by a conceptual framework, consisting of concepts to structure the knowledge, to provide access options to it, and to build up a common terminology. To ensure a high quality of the provided contents and to sustain the community’s commitment, we further present organizational means as part of our approach. We demonstrate our work using the example of a Network of Excellence EU project, which aims at bringing together researchers and practitioners from services computing, security and software engineering.
This research was partially supported by the EU project Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS, ICT-2009.1.4 Trustworthy ICT, Grant No. 256980). See http://www.nessos-project.eu/ for further details.