Deliverables
A report will be delivered that explains the validation and traceability to code techniques developed in T2.3. It will be accompanied by a prototype that implements these techniques.
Qualification and certification of deployed Service - PrototypeIn this deliverable a prototype for qualification and certification of deployed Service will be developed, as well as the efficacy of the certification scheme will be tested and evaluated.
Security indicators and analytics - report and prototypeAn analytics tool implementing the described resilience indicators will be delivered as a prototype.
Detectors for model extraction - prototypeThe implemented DevBot and detectors will be delivered as a prototype.
Validated tool for automated correctionsThis deliverable consists of the validated and improved version of the prototype tool from D3.3. We also provide a manual validation report of the tool.The demonstration parts of software prototypes will be made available to boost replication whereas for the other parts (including source code) the consortium will identify a suitable intellectual property management strategy and misuses prevention strategy so that they will be made available as confidential annexes or disseminated to the Open Source Community.
Run-time access based control -- report and prototypeModels from T4.2 will be used to detect anomalous components, which will be automatically isolated by a prototype tool. A set of fingerprint models will be created and analyzed. The usability of these fingerprints and models for automatic security controls will be tested and evaluated.The demonstration parts of software prototypes will be made available to boost replication whereas for the other parts (including source code) the consortium will identify a suitable intellectual property management strategy and misuses prevention strategy so that they will be made available as confidential annexes or disseminated to the Open Source Community.
Final tool chain for risk assessment and integrated delta evaluationThis deliverable will include the tools along the overall pipe for evaluation and certification developed in T5.3: the delta evaluation tools for source code integrated by SLAB and the overall risk assessment monitor and testbed of indicators developed by EU-VRi.
Prototype for learning state machine models from MOSS component logs during run-timeA prototype for learning state machine models from MOSS component logs during run-time will be developed.
Dev-time vs run-time model comparison techniques - report and prototypeA report will be delivered that describes the techniques used to link code to states and identify mismatches between design and run-time models. A plugin component will be built for DevBot that visualizes the models and mismatches for developers, and guides that developer to the relevant code.
Preliminary tool chain for delta evaluation and verification of softwareThis deliverable will include the first version of the integrated tool chain for delta evaluation of open source software developed in T5.3 and will be made available for use in T6.5. pilot task.
Preliminary tool and updated methodology for indicator-based risk assessmentThis deliverable will include the first version of the customized indicator-based tool of T5.3 and a final version of the updated methodology developed in T5.1.A draft version will be available for review at M15.
This final report will include a description of the results of the advisory board meetings relevant stakeholders engagement activities including the final conference event The deliverable will report on the liaison activities carried out by consortium with regards to other relevant EU initiatives
Exploitation strategyThis report will present the exploitation strategy defined by the project partners including exploitation perspectives envisaged individually and jointly by the partners a qualitative assessment of the expected impacts The report will contain a plan for the use of knowledge and IPR management
Recommendations for cybersecurity certification and Policy MakingA White Paper will identify key enablers for cybersecurity certification and major policy recommendations for decision makers to use AssureMOSS findings in support of Security European Strategies
Validation report for the project impact on the threat scenariosThis is the overall validation report of the impact of the AssureMOSS toolchain on the scenarios identified by T54The demonstration parts of software prototypes will be made available to boost replication whereas for the other parts including source code the consortium will identify a suitable intellectual property management strategy and misuses prevention strategy so that they will be made available as confidential annexes or disseminated to the Open Source Community
Methodologies and Algorithms for qualification, certification, and learning from deployed ServiceThe set of performance measures to be evaluated for the security qualification and certification tool of virtualized workloads will be defined Modern state machine algorithms will be adapted to capture the behavior of MOSS components T42 Methods for dealing with timing and metrics from WP2 need to be developed This is the joint deliverable of the methodological contribution of T41 and T42
AssureMOSS Integrated Toolflow Evaluation and Demonstration PlanThis deliverable will provide a coherent framework for the execution of the demonstrations to be run in T63 T64 and T65 also defining KPIs for the evaluation of the toolflow
Detectors for model extraction - reportThe preliminary concepts for the architecture of the DevBot and detectors along with security model detectors as developed in T21 will be described in a report The security indicators and analytics concepts developed in T22 will be described in a report
Innovation management planThis report will present the innovation management strategy defined by the partners to handle the project outcomes as well as the activities performed in this domain during the project implementation and the perspective ones to be implemented behind the project completion
Dissemination and communication plan and report 1This report will include the strategic approach for dissemination and communication of project information and results the matrix of target audiences and stakeholders the evidences of the tools and materials envisaged for dissemination purposes eg project website project logo flyers and brochures social media profiles and KPIs that will be used to monitor the effectiveness of the envisaged dissemination activities this set of information will be included in the first release of D72 M6 to orient the activities of all partners All partners will provide inputs to this report and UNIVIE will edit it
Report on Stakeholders' Engagement and Liaising with other EC Initiatives 1This first version of the report will include a description of the results of the advisory board meetings relevant stakeholders engagement activities including the final conference event The deliverable will report on the liaison activities carried out by consortium with regards to other relevant EU initiativesA draft version will be available for review at M15
AssureMOSS Pilots: Plan & Preliminary ReportThis document will provide a description of the plans for the implementation of the three demonstrations run in T63 T64 and T65 SAP will be responsible to provide the plans and the preliminary report for the activities carried out in T63 THALES will be responsible to provide the plans and the preliminary report for the activities carried out in T64 SLAB will be responsible to provide the plans and the preliminary report for the activities carried out in T65
Risk Management and preparation to Software Certification based on the AssureMOSS frameworkLeveraging the outcomes of the two pilots T63 and T64 and of the showcase T65 this deliverable will provide an integrated view of how the AssureMOSS suite can be leveraged to ensure an effective management of the risks associated with software design development and deployment fostering thus a highly efficient approach toward software certification
Dissemination and communication plan and report 2Second release of the report including strategic approach for dissemination and communication of project information and results the matrix of target audiences and stakeholders the evidences of the tools and materials envisaged for dissemination purposes and KPIs This report will be turned into a draft dissemination highlights report The idea of this dissemination highlights report is to provide a snap summary of the most interesting scientific results and insights in magazine style ie understandable and interesting for interested practioners This report will include highlights of the major scientific results from all partners and will be edited by UNIVIE As an appendix the report will also include a summary of other relevant dissemination activities as a brief summary and the disseminationrelated KPIs again provided by all partners and edited by UNIVIE including an assessment of the target audience reached through these activities and of the disseminationrelated KPIs achieved to be used in the periodic reportA draft version will be available for review at M15
Final Exploitation strategyThis final report will present the final exploitation strategy defined by the project partners including exploitation perspectives envisaged individually and jointly by the partners a qualitative assessment of the expected impacts The report will contain a plan for the use of knowledge and IPR management
Final Dissemination and communication plan and reportFinal dissemination highlights report The idea of this dissemination highlights report is to provide a snap summary of the most interesting scientific results and insights in magazine style ie understandable and interesting for interested practioners This report will include highlights of the major scientific results from all partners and will be edited by UNIVIE As an appendix the report will also include a summary of other relevant dissemination activities as a brief summary and the disseminationrelated KPIs again provided by all partners and edited by UNIVIE including an assessment of the target audience reached through these activities and of the disseminationrelated KPIs achieved to be used in the periodic report
Source code representation methodsThis deliverable describes novel approaches to learning representations of source code changes leveraging large corpora of annotated samples that are either readily available or that can be extracted using the toolkit of Task 62
Methodology for Incremental and Continuous Certification Scheme of softwareThis deliverable will include the methodology process and algorithms for delta evaluation and delta verification of source code to achieve a continuous recertification scheme developed in T52
Methodology for Risk IndicatorsA preliminary version of the methodology developed in Task T51 to be consumed by other partners and external stakeholder for a preliminary validation
This will be the final demonstration of the three pilots of WP6. SAP will be responsible to provide the report for the activities carried out in T6.3. THALES will be responsible to provide report for the activities carried out in T6.4. SLAB will be responsible to provide the report for the activities carried out in T6.5.
Final release of Repository mining toolkit and datasetThis deliverable will provide the final release of the toolkit to mine source code repositories and of a dataset to be used in WP3 and WP6.
Repository mining toolkit and datasetThis deliverable will include both a toolkit to mine source code repositories, possibly in combination with other sources of related information (e.g., bug tracking systems, mailing list archives, pull request trails, and the like), and a dataset obtained applying the toolkit and that can be used for the other tasks of in WP3 and WP6.A draft version will be available for review at M15.
The public website will include the description of the project the consortium main deliverables and news about the project It will be continuously updated during the project life time and a closed version will be maintained for the 3 years following the end of the project
Publications
Author(s):
Rocío Cabrera Lozoya, Arnaud Baumann, Antonino Sabetta & Michele Bezzi
Published in:
SN Computer Science, 2021, ISSN 2661-8907
Publisher:
Springer Nature
DOI:
10.1007/s42979-021-00566-z
Author(s):
Fabio Massacci; Trent Jaeger; Sean Peisert
Published in:
IEEE SECURITY & PRIVACY, vol 19, iss 2, 2021, ISSN 1540-7993
Publisher:
IEEE Computer Society
DOI:
10.1109/msec.2021.3050433
Author(s):
Ntentos, E., Zdun, U., Plakidas, K. et al.
Published in:
Computing, Issue 103, 2021, Page(s) 2521–2551, ISSN 0010-485X
Publisher:
Springer Verlag
DOI:
10.1007/s00607-021-01002-z
Author(s):
Linghui Luo, Felix Pauck, Goran Piskachev, Manuel Benz, Ivan Pashchenko, Martin Mory, Eric Bodden, Ben Hermann, Fabio Massacci
Published in:
IEEE Empirical Software Engineering, 2021, ISSN 0098-5589
Publisher:
Institute of Electrical and Electronics Engineers
DOI:
10.1007/s10664-021-10013-5
Author(s):
Francesco Minna; Agathe Blaise; Filippo Rebecchi; Balakrishnan Chandrasekaran; Fabio Massacci
Published in:
IEEE Security & Privacy ( Volume: 19, Issue: 5, Sept.-Oct. 2021), 2021, ISSN 1540-7993
Publisher:
IEEE Computer Society
DOI:
10.1109/msec.2021.3094726
Author(s):
Ntentos E., Zdun U., Plakidas K., Geiger S.
Published in:
Service-Oriented Computing. ICSOC 2021., 2021, Page(s) 188-203, ISBN 978-3-030-91430-1
Publisher:
Springer
DOI:
10.1007/978-3-030-91431-8_12
Author(s):
Patric Genfer, Uwe Zdun
Published in:
Software Architecture. ECSA 2021., Issue vol 12857, 2021, Page(s) 207-222, ISBN 978-3-030-86043-1
Publisher:
Springer
DOI:
10.1007/978-3-030-86044-8_15
Author(s):
Ivan Pashchenko, Riccardo Scandariato, Antonino Sabetta, Fabio Massacci
Published in:
2021 IEEE/ACM 43rd International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER), 2021, Page(s) 91-95, ISBN 978-1-6654-0140-1
Publisher:
IEEE
DOI:
10.1109/icse-nier52604.2021.00027
Author(s):
Duc-Ly Vu, Ivan Pashchenko, Fabio Massacci
Published in:
2021 IEEE/ACM International Workshop on Automated Program Repair (APR), 2021, Page(s) 9-10, ISBN 978-1-6654-4472-9
Publisher:
IEEE
DOI:
10.1109/apr52552.2021.00009
Author(s):
Tamás Viszkok, Péter Hegedűs, Rudolf Ferenc
Published in:
Proceedings of the 16th International Conference on Software Technologies (ICSOFT 2021), 2021
Publisher:
ScitePress
DOI:
10.5220/0010558501850195
Author(s):
Amirreza Bagheri, Péter Hegedűs
Published in:
Proceedings of the 14th International Conference on the Quality of Information and Communications Technology (QUATIC 2021), 2021, Page(s) 267-281, ISBN 978-3-030-85347-1
Publisher:
Springer
DOI:
10.1007/978-3-030-85347-1_20
Author(s):
Duc-Ly Vu, Fabio Massacci, Ivan Pashchenko, Henrik Plate, Antonino Sabetta
Published in:
Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021, Page(s) 780-792, ISBN 9781450385626
Publisher:
ACM
DOI:
10.1145/3468264.3468592
Author(s):
Tamás Aladics, Judit JászRudolf Ferenc
Published in:
Proceedings of the 21st International Conference on Computational Science and its Applicationsdings of (ICCSA 2021), 2021, Page(s) 382-397, ISBN 978-3-030-87007-2
Publisher:
Springer
DOI:
10.1007/978-3-030-87007-2_27
Author(s):
Fabio Massacci, Ivan Pashchenko
Published in:
2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE), 2021, Page(s) 1386-1397, ISBN 978-1-6654-0296-5
Publisher:
IEEE
DOI:
10.1109/icse43902.2021.00125
Author(s):
Serena Elisa Ponta; Wolfram Fischer; Henrik Plate; Antonino Sabetta
Published in:
2021 IEEE International Conference on Software Maintenance and Evolution (ICSME), 2021, Page(s) 555-558
Publisher:
IEEE
DOI:
10.26226/morressier.613b5418842293c031b5b612
Author(s):
Fabio Massacci, Ivan Pashchenko
Published in:
IEEE Security & Privacy, Issue 19/3, 2021, Page(s) 58-62, ISSN 1540-7993
Publisher:
IEEE Computer Society
DOI:
10.1109/msec.2021.3065627
Searching for OpenAIRE data...
There was an error trying to search data from OpenAIRE
No results available