Posted by: Andy Tickner | 2nd February 2011

Proof of concept evaluation

AustroControl and KEMEA have evaluated the proof-of-concept software produced in SERSCIS. The evaluation was performed using a simulation of Airport Collaborative Decision Making (A-CDM), a critical ICT infrastructure, as the use case. A-CDM deals with the turn-around of an aircraft at an airport and has direct influence on the performance of the European air traffic network. It is modelled by simulating the airside workflow, which involves actors ranging from Eurocontrol’s central flow-management unit to individual ramp service providers like aircraft catering.

In the evaluation a fault-free case, as well as three degraded or fault scenarios, were applied. The faults comprise:

  • a reduction in the performance of a ramp service provider that without mitigation would lead to substantial delays in aircraft turn-around,
  • a passenger no-show, which requires the already loaded baggage to be searched and off-loaded from the aircraft, and
  • delays in the communication via the central database (called A-CDM Information Sharing Platform) caused by DoS attacks.

These three fault scenarios cover both physical as well as ICT security threats.

The assessment of the system behaviour and the capabilities of the SERSCIS tools was done by Key Performance Indicators (KPI). Those KPIs are directly derived from the business objectives of the stakeholders in the scenario. Using a set of KPIs the behaviour of the system can be monitored effectively and efficiently. Failures of individual services can be detected and – given that mitigation strategies are implemented – their effectiveness can be observed as well.

The evaluation itself consisted of two distinct sets of experiments. The first set, conducted by KEMEA, dealt with the modelling tools in an off-line fashion. This set included examples of causes for the above faults, and some additional cases. In the second set Austro Control used the above-mentioned simulation to do an assessment of the online tools and mechanisms. Both aspects of the evaluation yielded a positive result. The offline tools were successfully used to model the use case and threat scenarios as well as mitigation actions, while the runtime tools were applied to assess the threat mitigation strategy by adaptation. For the runtime part, KPIs allowed both physical and ICT dependability issues to be detected, and both the problems and mitigation strategies to be related directly to their impact on business-level objectives.

Comments Off on Proof of concept evaluation

Posted in Application Case Study

Posted by: Andy Tickner | 1st February 2011

Service management framework and airport emulators released

The service management framework and emulated airport application services have been released and the software is available for download. The application services provided are emulated versions of services available at an airport that are used in the turnaround of an aircraft to prepare it for an outbound flight. A simulation driver is also provided that allows the user to simulate the flight movements necessary to initiate the turnaround. The service management framework allows the user to monitor and manage these application services, by describing service level agreements between the services and by defining policies to initiate management actions.

Comments Off on Service management framework and airport emulators released

Posted in General News

Posted by: Andy Tickner | 24th January 2011

Best paper award at ADAPTIVE 2010

The paper “SERSCIS-Ont: A Formal Metrics Model for Adaptive Service Oriented
Frameworks” was awarded “Best Paper” at the ADAPTIVE 2010 conference.

Comments Off on Best paper award at ADAPTIVE 2010

Posted in General News

Posted by: Andy Tickner | 14th January 2011

Decision Support Tools Updates in Year 2

After releasing initial Proof-of-Concept (PoC) Decision Support Tools (DSTs) to project partners in February 2010, QinetiQ then released a subsequent update in July 2010. This update replaced the example “push” notification of monitoring metrics with a subscription/”pull” method for monitoring metrics that retrieved messages from the main SERSCIS Enterprise Service Bus (ESB). This integration allows SERSCIS-assisted operators to view the metrics associated with System Governance and System Composition components by retrieving run-time reports.

dst_monitoring_diagram

The monitoring framework itself has also been augmented, as well as being integrated with other testbed components. Within the “SERSCIS Monitoring Translator” there is now an additional sub-component that can be configured to calculate new metrics based on monitoring reports. For example, these calculations can be used to take a “request count” and a “success count” and determine a “success rate” without requiring the monitored component to report additional metrics. The “success rate” metric would then provide the operator with a simpler indicator of whether a service is failing to perform as required, instead of manually comparing the two source metrics.

screenshot167

In addition to the monitoring integration, and additional colour set has been added to the main DST application. The colour sets are provided to render entities in the DST in a way that highlights important information to the operator. This new colour set uses configurable thresholds on metric values to highlight in red any entity whose monitored metrics breach the threshold. This new colour set can be used in addition to the previous monitoring colour set, which used the criticality of the message to determine colours.

screenshot166

Finally, the Springboard source-agnostic data search tool has been updated to use the latest version of the OWL API and the HermiT reasoner. These updates allow Springboard to display a wider range of ontologies, as well as improving reasoning speed with HermiT’s ‘hypertableau’ implementation. The Springboard tool itself has also been extended with a new “Class view” for loaded models. This provides operators with a view to help understand the structure of the model that they are viewing, which may allow them to understand new ontologies or prompt their memory of less frequently used ontologies.

In conjunction with the release and integration of other components by other partners, the updated Decision Support components allow an operator to view the state of an operational system by integrating design-time architectures with run-time monitoring information. This run-time information can then be evaluated in light of the system design, the pre-assessed risks and the proposed mitigations to help the user determine the best course of action with improved situational awareness.

Comments Off on Decision Support Tools Updates in Year 2

Posted in Decision Support

Posted by: Andy Tickner | 14th January 2011

Port Safety & Security

The Port of Gijón (PAG) aims to improve the dependability of its ICT and CCTV network that is supporting all management and security services. PAG is certified according to IMO ISPS Code and ISO Standard 28000. Both of these services rely on the availability of the communications network, under any operational condition. However, the continuity of information and communication services cannot currently be assured. SERSCIS will help to overcome the potential lack of network services availability in case of incidents or accidents.

SERSCIS is relevant to PAG and other Ports in the following ways:

Training
PAG holds, together with the Asturias Business School, a Port Management Training Programme. It has a specific unit dedicated to Port Security Management (Module III – Port Management – Unit 12) in which the SERSCIS architecture and approach is included.

Research & Development
PAG is the most active port authority working in European Research in Spain, and one of the principal ports in Europe. Besides SERSCIS, currently we are also working in SAFEPORT, a FP7 Project under the GALILEO sub-programme, which aims to improve the safety of navigation in internal port water seaways as well as berth planning. SERSCIS will be a valuable input and background to ease the participation of PAG in future R&D related projects.

Port Safety
The Port PC & CCTV networks are a critical infrastructure to enable port functioning. SERSCIS will give a fresh approach to improve the general safety layout and architecture of the Port system, and will allow us to share with 4 other Spanish Ports: Bilbao, Barcelona Valencia and Algeciras, which together form the Port Safety and Security Group, a benchmarking group for technology and best practices transfer. We can similarly approach the Port Safety and Security Working Group at ESPO, the European Sea Port Organization based in Brussels, that gather the main 100 European ports.

Port Community
PAG regularly participates in several workshops, seminars and conferences dedicated to Port R&D across Europe. Port Safety and Security is a must, and probably the most important issue today. SERSCIS, along with PORTIDS, ROSES and other safety and security related projects have most recently been presented at the 3rd European Maritime Day in Gijón.

Comments Off on Port Safety & Security

Posted in General News

Posted by: Andy Tickner | 13th January 2011

Service Composition Updates in Year 2

JOANNEUM RESEARCH made proof-of-concept (PoC) service composition components available in July 2010. These components were integrated into a PoC testbed that was evaluated by AustroControl and KEMEA.

In the meantime, the components have also been also enhanced with notification capabilities targeting system governance components and decision support tools, an interface to the system resource registry, an improved service selection algorithm, supporting functionality for the business logic to ease the development of workflows, improved fault handling capabilities, and support for arbitrary binding components.

The main innovation areas of the component can be summarized as follows:

  • Adaptive workflows: In our approach, the leading workflow language Business Process Execution Language (BPEL) is chosen for specifying our workflows. Semantically annotated workflow templates and a modified execution are used to put it into practice.
  • Optimised selection of services: Concrete services are selected at runtime, when needed. For the selection of candidate services, we use a form of simple additive weighting by considering service types and various non-functional parameters such as costs, duration of services, time constraints for a service, and other relevant dependability measures.
  • Consideration of the service workload: For our approach this means the following: the best service among the equivalently ranked service candidates is the one with the smallest average waiting time.
  • Fault handling: Our late service binding approach offers the opportunity to combine dynamic service selection with other fault handling strategies.

The updated service composition component will be integrated into the full validation testbed by June 2011.

Comments Off on Service Composition Updates in Year 2

Posted in System Composition

Posted by: Andy Tickner | 13th January 2011

Service Composition Architecture

The figure below shows the architecture of the service composition component.

service-composition-arch

The software infrastructure consists of an Enterprise Service Bus (Apache ServiceMix), a BPEL Workflow Execution Engine (a customised version of Apache ODE), a Resource Registry (based on the WSO2 Governance Registry and accessed via a registry adapter) and a set of custom built core components. These are:

  • The Workflow Composer selects the concrete services provided by the Resource/Service Registry at runtime. In particular, it implements a ranking mechanism to support this local selection step.
  • It is the Router’s responsibility to forward messages to the appropriate endpoints. For outbound messages, which address an endpoint just by semantic information, the router handles the service binding and ensures the availability of suitable, dynamically created endpoints. For inbound messages it can be configured to route them via a policy enforcement point. It can also apply fault handling strategies in the case of communication faults.
  • The Notification Agent collects notifications and events from various components and produces higher level notifications according to a set of rules. The higher level notifications are then evaluated by decision support and system governance.
  • The Administration component provides interfaces for administering the orchestration components and the set of deployed workflow templates.

Comments Off on Service Composition Architecture

Posted in System Composition

Posted by: Andy Tickner | 11th January 2011

Managing Service Interdependencies

In July 2010, IT Innovation produced proof-of-concept (PoC) service management components that were capable of managing a scenario involving collaborative decision making in an airport environment. These components were integrated into a PoC testbed that has been evaluated by AustroControl and KEMEA.

Since then, IT Innovation has been developing refined service management components that include the following features:

  • a rationalised architecture, with respect to resources (has capacity) and services (uses resources, has no intrinsic capacity);
  • a means to express the relationship between supplier commitments and resource capacity, and to aggregate resource capacity;
  • a means to express the relationship between customer commitments and resource requirements, and to aggregate resource requirements;
  • a means to compare aggregated resource capacity to resource requirements and to initiate management actions that aim to correct any imbalance;
  • a means to encode the triggers in management policies, which are distributed throughout the management layer — all management objects are capable of storing and evaluating policies, which act both on other management objects (e.g. an SLA) and on managed objects (e.g. a service); and
  • a means for the resource manager to store the relevant information (e.g. QoS and QoE data) in a registry that provides a way for application components to find the most appropriate resources to provide a service.

The updated governance components will be integrated into the full validation testbed by June 2011. Through this integration, we anticipate that the full testbed will support scenarios involving context-driven resource optimisation and advanced policy-based management that allows a service provider to exercise control over supply-chain interdependencies.

The figure to the left illustrates these service interdependencies using the example of a Ground Handler offering a Ground Handling service to airlines, which it provides by orchestrating a number of Ramp Services. The relationships between the customer (airline) and the suppliers (ramp services) are captured in service level agreements (SLAs). In the example, the catering service is provided by an external third party, while the cleaning service is provided by the same organisation as the ground handler. However, these can be modelled identically, thereby simplifying the management model. Further details of the service management framework can be found in this paper.

Comments Off on Managing Service Interdependencies

Posted in System Governance

Posted by: Andy Tickner | 15th December 2010

Cybersecurity

IT Innovation attended a CyberSecurity workshop hosted by SIGNATURE at PRIT 2010 in Paris. IT Innovation is a member of SITC, which is part of the SIGNATURE network.

Speakers at the event included representatives from UK Government Office of Cyber Security and Information Assurance, French Government ANSSI, and industry: EADS, Thales and Sophos. The common message that the speakers gave was that an increased threat of cyberterrorism requires a commensurate increase in cyberdefence. However, systems are moving from ‘stovepipes’ to increasingly interconnected systems of systems (SoS). Efficient and effective cyberdefence of SoS requires the trustworthy federation of systems, so that emergency situations detected in the context of one system can be communicated to, understood by and, most importantly, trusted by other dependent systems.

Given the emphasis on cybersecurity, there was significant interest in the results of SERSCIS for managing critical infrastructure ICT interdependencies. Following the release of the Stuxnet worm that targets critical infrastructure (CI), there is an increasing awareness of such viruses that exploit zero-day vulnerabilities, which cannot be prevented on the day of release. Operators of CI are beginning to realise that cyberdefence must focus on describing the nature of their dependencies on other systems. Using SERSCIS would allow operators to monitor local CI as well as system interdependencies for behaviour that is indicative of an attack, so that they can react to it rapidly.

Comments Off on Cybersecurity

Posted in General News

Posted by: Andy Tickner | 22nd November 2010

ADAPTIVE 2010

IT Innovation have published a paper at the 2nd International Conference on Adaptive and Self-adaptive Systems and Applications.

In the Future Internet, programs will run on a dynamically changing collection of services, entailing the consumption of a more complex set of resources including financial resources. The von Neumann model offers no useful abstractions for such resources, even with refinements to address parallel and distributed computing devices. In this paper we detail the specification for a post-von Neumann model of metrics where program performance and resource consumption can be quantified and encoding of the behaviour of processes that use these resources is possible. Our approach takes a balanced view between service provider and service consumer requirements, supporting service management and protection as well as non-functional specifications for service discovery and composition.

Surridge, M., Chakravarthy, A., Bashevoy, M. and Hall-May, M. (2010) Serscis-Ont: A Formal Metrics Model for Adaptive Service Oriented Frameworks. In: Second International Conference on Adaptive and Self-adaptive Systems and Applications (ADAPTIVE 2010), November 2010, Lisbon, Portugal.

Comments Off on ADAPTIVE 2010

Posted in General News

« Newer Posts - Older Posts »

Categories