14th European Dependable Computing Conference
10-14 September 2018
Iasi, Romania
Tutorials
Model-driven Dependability Forecasting of Software Systems
Simona Bernardi, José Merseguer (Universidad de Zaragoza, Spain) and Dorina C. Petriu (Carleton University, Canada)
(Tuesday, September 11, 14:00)
During the last two decades, a major challenge for the researchers working on modeling and evaluation
of computer-based systems has been the assessment of system Non Functional Properties (NFP), such as
performance, schedulability, dependability or security. We can say that this is still an open research
challenge today, although considerable progress has been made and different approaches have been
developed, which are of interest not only to researchers, but also to practitioners in the field.
In this tutorial, we consider the dependability as NFP and we introduce the overall model-driven
approach for the dependability forecasting of software systems, that relies on on building traditional
formal models for dependability analysis (such as Fault Trees, Markov Chains, Petri Nets or Bayesian
Networks) from system descriptions based on the Unified Modeling Language (UML).
In particular, we focus on two main aspects of the approach: the (meta-)modeling and model-to-model
transformation aspects. Concerning the (meta-)modeling aspect, we present a lightweight method for the
definition of a Dependability Domain Specific Modeling Language (D-DSML), which is based on UML
profiling, and show the application of the D-DSML on a case study from the literature.
In respect of the model-to-model transformation, we consider two concrete methods that generate two
different target dependability models from different software model views (structural and behavioral ones).
We conclude the tutorial by summing up the strengthnesses and weaknesses of this approach and the open
research issues in this field.
SCONE: Secure Container Technology & Secrets Management
André Martin (TU Dresden, Germany)
(Tuesday, September 11, 16:00)
The main aim of SCONE is to make securing your application and secrets as easy as possible using modern Trusted Execution environments. Switching to SCONE is simple since applications do not need to be modified. Moreover, we provide a tight integration with Docker Swarm and in the near future with Kubernetes. SCONE provides applications with secrets in a secure fashion:
- secure configuration files and transparent injections of secrets
- secure environment variables
- secure command line arguments
- adversaries - even those who have already gained root access,
- the operating system - even if compromised,
- the hypervisor - even if compromised, and
- the cloud provider, and
- evil maids - despite having physical access to the host.