NESSOS
Network of Excellence on Engineering Secure Future
Internet Software Services and Systems
Industry and academic research working together in
secure software and service engineering
Aljosa Pasic, Berlin, 25/0472012, CSP Forum
Applications will need to utilise shared and co-owned
services out of different domains of control that require to
obey separate security policies and ask for diverse
security and dependability qualities
Spot the difference !!!
Secure Systems/software/service vs Security
Systems/software/service
Secure Systems vs Secure Software vs Secure (Softwarebased) Services
Secure coding vs Secure Engineering
Web applications are the #1 focus of hackers:
75% of attacks at Application layer (Gartner)
XSS and SQL Injection are #1 and #2 reported vulnerabilities (Mitre)
Web applications are increasingly relying on services: secure
service
engineering is increasingly more important research topic
Is the composed system secure?
Industry problem NR. 1
Model-Driven
Development
MORE (hidden) Complexity,
MORE (not-hidden) Expectations,
Visual Modeling
MORE Threats etc…BUT
LESS Sec App expertise
3GL Textual Development
Pseudocode - 3GLTextual Modeling
ADD 1
JMP 122
7F 3A
2D FF
Assembler - Textual Development
Machine Code - Binary Development
Time
Industry problems NR. 2, 3 etc
Requirements: how to decompose and validate high level
concepts (compliance, privacy, trust, risk…) and link them to
security requirements and operational events?
Scale: how to reason about millions of events in (near) real time
(streamreasoning)?
Dynamicity: how to model dynamic characteristics of trust,
business etc (e.g. dynamic prioritisation according to dynamic risk
perception) ?
Domains of control (distribution of trust): how to correlate events
from different sources/channels (address new threats) ?
Risk/Cost: how to achieve optimal security (e.g. Context-aware
configurations) at optimal cost?
Assurance: how to establish end-to-end (E2E) and requirements
to operations (R2O) assurance with justifiable evidence?
NESSoS as an answer ?
NESSoS aims at constituting a long lasting initiative
on engineering secure software-based service and systems
Reduce the vulnerabilities in Future Internet Software-based Services
(FISS)
Improve the overall assurance level of FISS
Provide means for a risk/cost based S-SDLC for FISS
NESSoS will contribute to create an active research community
by reducing the existing fragmentation,
by focusing, integrating, harmonizing research agendas of NESSoS
partners
by reducing gap between industry BEST PRACTISE and academic
research
Is this what industry needs ?
Industry gaps
NESSOS proposals
Updated inventory where to store all potential Propose an updated catalogue of threats
and vulnerabilities
attackers and their patterns.
Provide with a security requirements
Few policies for security requirements
framework which will support industrial best
management.
practices
Supply with a Common Body of Knowledge
Lack of security development trainings.
(CBK) which comprises a useful handbook
for practitioners in the area.
Promote involvement of development teams
Security development teams are not usually during design phase by providing new
working environments such as the Service
involved during software design phase.
Development Environment.
Support the use of security and secure
Little consideration of security and secure
coding standards through the Improvement
coding standards.
of industry best practices.
Raise awareness of code review as well as
Few code reviews and test and vulnerability test and vulnerability assessment and
proposed the Framework for Validation of
assessments.
Risk Management Methods.
The big picture for JPA
Do we speak the
same language ?
Noli Turbare Circulos
Meos
Abusus Non
Tollum Usum
Altius Citius Fortius
Abundans Cautela Non Nocet
Seize the opportunity ?
Seize the opportunity: transformation and migration to servicebased applications can go hand in hand with security by
(re)design
Link business to IT: decomposing high level goals to
operational policies, monitor IT events and composing them for
business decision support
Cost optimisation: assurance “on-demand”, tailored to your
application profile, domain or risk appetite, decisions at early
stage of SDLC…
Cybersecurity - preparedness: build less vulnerable
applications
Carrots: Introduce S-SDLC as a “must” in public procurment
Sticks: Sanctions for vulnerable software services
Software Business is NEVER “business as usual”