Addressing Security Properties in Systems of Systems: Challenges and Ideas

  • Miguel Angel OliveroEmail author
  • Antonia Bertolino
  • Francisco José Dominguez-Mayo
  • María José Escalona
  • Ilaria Matteucci
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11732)


Within growing pervasive information systems, Systems of Systems (SoS) emerge as a new research frontier. A SoS is formed by a set of constituent systems that live on their own with well-established functionalities and requirements, and, in certain circumstances, they must collaborate to achieve a common mission. In this scenario, security is one crucial property that needs to be considered since the early stages of SoS lifecycle. Unfortunately, SoS security cannot be guaranteed by addressing the security of each constituent system separately. The aim of this paper is to discuss the challenges faced in addressing the security of SoS and to propose some research ideas centered around the notion of a mission to be carried out by the SoS.


Mission-oriented modeling and testing Security System of Systems 



This work has been partially supported by the GAUSS National Research Project (MIUR, PRIN 2015, Contract 2015KWREMX) and by the Spanish Ministry of Economy and Competitiveness (POLOLAS, TIN 2016-76956-C3-2-R).


  1. 1.
    Richardson, J.D., Wheeler, T.J.: An object oriented methodology integrating design, analysis, modelling, and simulation of systems of systems. In: 4th Annual Conference on AI, Simulation and Planning in High Autonomy Systems, pp. 238–244 (1993)Google Scholar
  2. 2.
    Bodeau, D.J.: System-of-systems security engineering. In: Proceedings of the 10th Annual Computer Security Applications Conference, pp. 228–235 (1994)Google Scholar
  3. 3.
    Nielsen, C.B., Larsen, P.G., Fitzgerald, J., Woodcock, J., Peleska, J.: Systems of systems engineering: basic concepts, model-based techniques, and research directions. ACM Comput. Surv. (CSUR) 48(2), 18 (2015)CrossRefGoogle Scholar
  4. 4.
    Liu, S.: Employing system of systems engineering in China’s emergency management. IEEE Syst. J. 5(2), 298–308 (2011)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Silva, E., Batista, T., Oquendo, F.: A mission-oriented approach for designing system-of-systems. In: SoSE, pp. 346–351 (2015)Google Scholar
  6. 6.
    Silva, E., Cavalcante, E., Batista, T., Oquendo, F., Delicato, F.C., Pires, P.F.: On the characterization of missions of systems-of-systems. In: European Conference on Software Architecture Workshops, p. 26. ACM (2014)Google Scholar
  7. 7.
    van Lamsweerde, A.: Goal-oriented requirements engineering: a guided tour. In: Proceedings of the Fifth IEEE International Symposium on Requirements Engineering, pp. 249–262 (2001)Google Scholar
  8. 8.
    Chiprianov, V., Falkner, K., Gallon, L., Munier, M.: Towards modelling and analysing non-functional properties of systems of systems. In: SOSE, pp. 289–294 (2014)Google Scholar
  9. 9.
    Ki-Aries, D., Faily, S., Dogan, H., Williams, C.: Assessing system of systems security risk and requirements with OASoSIS. In: ESPRE, pp. 14–20. IEEE (2018)Google Scholar
  10. 10.
    Olivero, M.A., Bertolino, A., Dominguez-Mayo, F.J., Escalona, M.J., Matteucci, I.: Security assessment of systems of systems. In: SESoS (2019)Google Scholar
  11. 11.
    Bianchi, T., Santos, D.S., Felizardo, K.R.: Quality attributes of systems-of-systems: a systematic literature review. In: SESoS 2015, pp. 23–30 (2015)Google Scholar
  12. 12.
    Guariniello, C., DeLaurentis, D.: Communications, information, and cyber security in systems-of-systems: assessing the impact of attacks through interdependency analysis. Procedia Comput. Sci. 28, 720–727 (2014). CSER 2014CrossRefGoogle Scholar
  13. 13.
    Halfond, W.G.J., Choudhary, S.R., Orso, A.: Penetration testing with improved input vector identification. In: Proceedings of the 2nd International Conference on Software Testing Verification and Validation, ICST 2009, pp. 346–355 (2009)Google Scholar
  14. 14.
    Dahmann, J.S., Baldwin, K.J.: Understanding the current state of US defense systems of systems and the implications for systems engineering. In: SysCon 2008, pp. 99–105 (2008)Google Scholar
  15. 15.
    Horton, J.D., et al.: The cascade vulnerability problem. J. Comput. Secur. 2(4), 110–116 (1993)Google Scholar
  16. 16.
    Cohn, M.: User Stories Applied: For Agile Software Development. Addison-Wesley Profession, Boston (2004)Google Scholar
  17. 17.
    Beizer, B.: Black-box testing: techniques for functional testing of software and systems (1995)Google Scholar
  18. 18.
    Shanmugam, B., Idris, N.B.: Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks. In: 2009 ICSCPR, pp. 212–217 (2009)Google Scholar
  19. 19.
    Tian-yang, G., Yin-sheng, S., You-yuan, F.: Research on software security testing. World Acad. Sci. Eng. Technol. 69, 647–651 (2010)Google Scholar
  20. 20.
    Bacudio, A.G., Yuan, X., Chu, B.T.B., Jones, M.: An overview of penetration testing. Int. J. Netw. Secur. Appl. 3, 19–38 (2011)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Istituto di Scienza e Tecnologie dell’InformazioneConsiglio Nazionale delle RicerchePisaItaly
  2. 2.Web Engineering and Early Testing (IWT2) Research GroupUniversidad de SevillaSevilleSpain
  3. 3.Computer Languages and System DepartmentUniversidad de SevillaSevilleSpain
  4. 4.Istituto di Informatica e TelematicaConsiglio Nazionale delle RicerchePisaItaly

Personalised recommendations