SecureChange-eng
Tanszéki projektvezető
professor
Szoba: IB417
Tel.:
+36 1 463-3586 Email: varro (*) mit * bme * hu |
Tanszéki résztvevők
lecturer
Szoba: IB 417 |
PhD student
Szoba: IB414
Tel.:
+36 1 463-3579 Email: hegedusa (*) mit * bme * hu |
deputy head of department, associate professor
Szoba: IB419
Tel.:
+36 1 463-3594 Email: micskeiz (*) mit * bme * hu |
Contact information
Bemutatás
There is growing demand to continuously evolve systems to meet changing business needs, new regulations and policies, novel technologies and computing infrastructures. Unfortunately, the pace of required change affects our ability to ascertain and maintain the quality of a system. Our objective is thus to develop techniques and tools that ensure "lifelong" compliance to security, privacy and dependability requirements for a long-running evolving software system. This is challenging because these requirements are not necessarily preserved by system evolution. The project will develop processes and tools that support design techniques for evolution, testing, verification, re-configuration and local analysis of evolving software. Our focus is on mobile devices and homes, which offer both great research challenges and long-term business opportunities. Concrete achievements will include the following:
- An architectural blueprint and an integrated security process for lifelong adaptable systems that acts as a common framework for all the techniques and tools delivered in this project.
- A requirements engineering methodology that supports dealing with the fact that in long-living systems, both the requirements and the implemented systems will change after the initial development has finished.
- A security modelling notation for modeling adaptive security designs, together with formally founded automated security analysis tools.
- An IT security risk approach able to assess the evolution of risk profiles due to the evolution of either system or attacker model.
- Techniques and tools to verify adaptive security requirements when performing on-device software updates.
- A model-based testing approach that supports automated testing of evolving systems for security requirements.
The results are continuously validated jointly with key industry players.