Abstract
This chapter describes SERENITY’s approach to runtime monitoring and the framework that has been developed to support it. Runtime monitoring is required in SERENITY in order to check for violations of security and dependability properties which are necessary for the correct operation of the security and dependability solutions that are available from the SERENITY framework. This chapter discusses how such properties are specified and monitored. The chapter focuses on the activation and execution of monitoring activities using S&D Patterns and the actions that may be undertaken following the detection of property violations. The approach is demonstrated in reference to one of the industrial case studies of the SERENITY project.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Adler I et al (1989) An Implementation of Karmarkar's Algorithm for Linear Programming. Mathematical Programming, 44: 297–335
Lazarevic A, Kumar V, Srivastava J (2006) Intrusion Detection: A Survey. Massive Computing, In: Kumar V, Srivastava J, Lazarevic A (eds), Managing Cyber Threats: Issues, Approaches and Challenges, Springer, ISBN 0387242260
Armenteros A, Garcia L, Muñoz A, Maña A (2008) Realising the Potential of SERENITY in Emerging AmI Ecosystems: Implications and Challenges. In: Spanoudakis G, Maña A, Kokolakis S (eds) Security and Dependability for Ambient Intelligence, Information Security Series, Springer
Avizienis A, Larpie C, Randell B (2001). Fundamental Concepts of Dependability. LAAS-CNRS, Tech. Rep. N01145.
Baresi L, Guinea S (2005) Dynamo: Dynamic Monitoring of WS-BPEL Processes. Proceedings of 3rd International Conference On Service Oriented Computing, Amsterdam, The Netherlands.
Campbell A, Safavi-Naini R, Pleasants A (1992) Partial Belief and Probabilistic Reasoning in the Analysis of Secure Protocols. Proceedings of 5th IEEE Computer Security Foundations Workshop, 84–91. IEEE Computer Society Press.
Chatzigiannakis V, Androulidakis G, Grammatikou M, Maglaris B (2004) A Distributed Intrusion Detection Prototype using Security Agents. Proceedings of HP Open View University Association (HPOVUA)
Chatzigiannakis V, Androulidakis G, Grammatikou M, Maglaris B (2004) An Architectural Framework for Distributed Intrusion Detection using Smart Agents. Proceedings of SAM04, Las Vegas
Chen F, Rosu G (2003) Towards Monitoring-Oriented Programming: A Paradigm Combining Specification and Implementation. In Electronic Notes in Theoretical Computer Science, 89(2), Elsevier Science B.V.
Denning D (1987) An Intrusion-Detection Model. IEEE Transactions on Software Engineering, 13(2): 222–232.
Gale D (2007) Linear programming and the simplex method. Notices of the AMS, 54(3):364–369.
Ghezzi C, Guinea S (2007) Runtime Monitoring in Service Oriented Architectures. In: Baresi L and di Nitto E. (eds), Test and Analysis of Web Services, Springer, 237–264, 2007.
Gudkov V, Johnson J (2002) Multidimensional Network Monitoring for Intrusion Detection. CoRR: Cryptography and Security/0206020
Havelund K, Roşu G (2004) An Overview of the Runtime Verification Tool Java PathExplorer. Form. Methods Syst. Des. 24, 189–215.
Barringer H, Rydeheard D, Gabbay D (2007) A Logical Framework for Monitoring and Evolving Software Components. Proceedings of 1st Joint IEEE/IFIP Symposium on Theoretical Aspects of Computer Science (TASE07), Shanghai.
Howard B, Dov G, Rydeheard D, (2007) From Runtime Verification to Evolvable Systems. 7th International Workshop on Runtime Verification
Kloukinas C, Mahbub K, Spanoudakis G (2007) Evaluation of V1 of Dynamic Validation Prototype, Deliverable A4.D3.2, SERENITY Project, http://www.serenity-forum.org/IMG/pdf/A4.D3.2_Evaluation_of_v1_of_dynamic_validation_prototype_v.-2.pdf, Accessed 9 December 2008
Mahbub K, Spanoudakis G. (2004) A Framework for Requirements Monitoring of Service Based Systems. Proceedings of 2nd International Conference on Service Oriented Computing, NY, USA.
Mahbub K, Spanoudakis G. (2005) Run-time Monitoring of Requirements for Systems Composed of Web-Services: Initial Implementation and Evaluation Experience. Proceedings of 3rd Int. IEEE Conf. on Web Services
Mahbub K, Spanoudakis G, Kloukinas C, (2007). V2 of dynamic validation prototype”. Deliverable A4.D3.3, SERENITY Project, http://www.serenity-forum.org/IMG/pdf/A4.D3.3_-_V2_of_Dynamic_validation_Prototype.pdf. Accessed 9 December 2008
Mahbub K, Spanoudakis G (2007) Monitoring WS-Agreements: An Event Calculus Based Approach. In: Baresi L, and di Nitto E (eds), Test and Analysis of Web Services, Springer
Maña A et al (2006) Security engineering for ambient intelligence: A manifesto. In: Integrating Security and Software Engineering: Advances and Future Vision. Idea Group Publishing, 244–270
NTP, www.ntp.org, Accessed on 9 December 2008
Moser O, Rosenberg F, Dustdar S (2008) Non-intrusive monitoring and service adaptation for WS-BPEL. Proceedings of 17th International Conference on World Wide Web
Zhang Q, Janakiraman R (2001) Indra: A Distributed Approach to Network Intrusion Detection and Prevention. Washington University Technical Report # WUCS-01-30
Li Q (2007) A Dynamic Verification Platform for BPEL Environments. MSc. Thesis, Department of Electrical & Computer Engineering, University of Alberta
Shanahan M.P. (1999) The event calculus explained. In: Artificial Intelligence Today. Volume 1600 of Lecture Notes in Artificial Intelligence. (1999) 409–430
SNORT Intrusion Detection System, www.snort.org, 2004. Accessed 9 December 2008
Spanoudakis G, Kloukinas C, Androutsopoulos K.(2007) Towards security monitoring patterns. Proceedings of ACM Symposium on Applied Computing (SAC07) - Track on Software Verification, Volume 2, Seoul, Korea, 1518–1525
Spanoudakis G, Mahbub K (2006) Non intrusive monitoring of service based systems. Int. J. of Cooperative Information Systems 15: 325–358
Staniford-Chen S, Tung B, Porras P, Kahn C, Schnackenberg D, Feiertag R, Stillman M (1998) The Common Intrusion Detection Framework - Data Formats. IETF, www.watersprings.org/pub/id/ draft-staniford-cidf-data-formats-00.txt, Accessed on 9 December 2008
Stephen E, Hansen, E, Atkins T (1993) Automated System Monitoring and Notification With Swatch. Proceedings of 7th USENIX conference on System administration, Monterey, California, USA, 1993
Tsigritis T, Spanoudakis G, Kloukinas C, Lorenzoli D (2009) Diagnosis and Threat Detection Capabilities of the SERENITY Monitoring Framework. In Spanoudakis G, Maña A, and Kokolakis S (eds), Security and Dependability for Ambient Intelligence, Information Security Series, Springer
van Lamsweerde A (1996) Divergent Views in Goal-Driven Requirements Engineering. Proceedings of Viewpoints '96 – ACM SIGSOFT Workshop of Viewpoints in Software Development
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag US
About this chapter
Cite this chapter
Spanoudakis, G., Kloukinas, C., Mahbub, K. (2009). The SERENITY Runtime Monitoring Framework. In: Kokolakis, S., Gómez, A., Spanoudakis, G. (eds) Security and Dependability for Ambient Intelligence. Advances in Information Security, vol 45. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-88775-3_13
Download citation
DOI: https://doi.org/10.1007/978-0-387-88775-3_13
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-88774-6
Online ISBN: 978-0-387-88775-3
eBook Packages: Computer ScienceComputer Science (R0)