Internet of Things (IoT) enabled infrastructures, products, and services are revolutionising the way businesses and societies engage and operate. Billions of devices, small and large, are predicted to be connected via Internet over the coming years. These devices and the systems built upon them will be generating huge amount of data and information that would be leveraged for providing different products and services. One of the core components of such systems will be Internet of Things Search Engines (IoTSE) because without customised search engines, it is not possible to detect and use devices, sensors and actuators, that form the IoT systems. Hence, it is important to understand various concepts, technologies, and aspects of IoTSE, which is a complicated and relatively immature research topic. The diversity of IoT systems and the content they generate poses a significant challenge to advance the R&D for IoTSE. To fill this gap, we have produced an article to help easily understand the concepts, classification, and open issues for IoTSE. We are glad to share that this article has been accepted in the ACM Communication magazine, which is one of the top venue for ICT publications. This is the pre-print copy of the article, whose abstract below can provide a brief about the content of the article. Read More »Internet of Things Search Engine: Concepts, Classification, and Open Issues
It was a great pleasure to visit the Secure Systems Group at the Aalto University of Finland. I was hosted by Professor N. Asokan, the leader of the group and a leading authority on different… Read More »Building and Leveraging Design Spaces for Architecting Contemporary Software Systems
Continuous Software Engineering has been gaining signifiant momentum in terms of widespread adoption among large and small Software houses. This paradigm shift is based on the promise of early, frequent delivery and deployment of software features and continuous feedback on the usefulness and adoption of the features. One of the key challenging area of practice for continuous software engineering is architecting – Software development teams are expected to adopt new conceptualisation and designing approaches and design decision making processes – for example, moving from monolithic to micro services. Given the significant challenges of architectural issues in DevOps, it is important to build and share evidence-based body of knowledge about practices and processes for architectural support in Continuous Software Engineering. We have undertaken a significant research program on this topic and one of our comprehensive pieces of of work has just been accepted in a premier Software Engineering journal with the title of, An Empirical Study of Architecting for Continuous Delivery and Deployment, following is the abstract copied from the paper for the readers of this blog. The paper’s pre-print copies will be available soon. Read More »Architecting for Continuous Delivery and Deployment
We are continuously progressing on the plan for strengthening our capabilities in Cyber Security. To achieve this goal, we have been not only building internal capabilities but also forming and leveraging strategic collaborations. Out of one of our recent collaborations, with Giannis and Rami, in the areas of Cyber Security has resulted a high quality piece of work that has been accepted in a highly profile journal, ACM Computing Survey. The abstract of this paper is below and can provide some useful insights to the potential readers of this work. We are hoping that this piece of work will lead to systematic classification and comparison of architectural level Cyber Security Solutions and develop and evaluate new techniques, approaches, and tools for designing and evaluating security centric large scale distributed systems. Below is the abstract from the paper.Read More »Our New Work on Self-Adaptive Security for large-scale Open Environments
With regards to our work on Cyber Security, we have recently successfully completed a collaborative piece fo work with researchers from Security Lancaster, University of Lancaster, UK. Our collaborative work was focused on identifying and understanding Data Exfiltration: External Vectors and Countermeasures and has been accepted in Journal of Network and Computer Applications with the following title and abstract. The pieces of paper provide an extensive literature review that is expected to be leveraged for understanding the key external attack vectors and the countermeasures and the areas for future research.
“Data Exfiltration: A Review of External Attack Vectors and Countermeasures”Read More »Data Exfiltration: External Attack Vectors and Countermeasures
The ongoing collaboration with the Maritime Division of Defence and Science Technology Group (DST) has resulted in another very useful piece of work that we are very glad to share through this blog. We have been conducting a series of Research and Development (R&D) projects with the same group in the Maritime Division of DST for evaluating technological solutions for building secure and scalable private clouds for mission critical systems. Given the increasing adopting of containerised solutions, our collaborators were interested in evaluating Docker for secure and scale private cloud – that means both security and scalability are the key quality attributes for their domain. Ben Ramsey from my team led the efforts of carrying out this work that has resulted in a detailed technical report. We believe that this technical report will be very useful for anyone interested in knowing about the security and scalability aspects of container technologies like Docker when used for building a private cloud infrastructure. Here is the report titled, Evaluating Docker for Secure and Scalable Private Cloud with Container Technologies, and the abstract has been copied from the report below:Read More »Evaluating Docker for Secure and Scalable Private Cloud with Container Technologies
With the increasing trend of adopting containerised solution for cloud-based infrastructures, it is becoming increasingly important to pay appropriate attention to the security risks that usually characterise virtualised solutions using container technologies such as Docker. We have recently finished another successful project with our collaborators from Defence Science and Technology Group (DST). This project was focused on identifing and understanding the isolation mechanisms used for containerised technologies. We are glad to share the technical report on this topic with those who are interested in building and operating containerised security-sensitive private cloud. The title of the report is, Understanding Container Isolation Mechanisms for Building Security-Sensitive Private Cloud, and abstract of the report has been copied from the report below for ease of access. This project has been carried out with Ben Ramsey. Read More »Understanding Container Isolation Mechanisms for Security-Sensitive Private Cloud
The increasing amount of literature on Continuous Integration (CI), Continuous Delivery (CDE), and Continuous Deployment (CD) has stimulated the need and desire of secondary studies. Recently, there have been several reviews published on CI, CDE, and CD, mostly in Software Engineering journal. Whilst these reviews have made important contributions to the body of knowledge about CI, CDE, CD, there was no significant effort to perform an integrated review of these three practices areas, which are so much intertwined that it is critically important that the key pieces of work on these topics are reviewed in an integrated fashion. Such an integrated review is expected to provide the researchers and practitioners with a 360 degree view on the approaches, tools, and challenges in these areas. We have tried to address this need through a Systematic Literature Review (SLR), Continuous Integration, Delivery and Deployment: A Systematic Review on Approaches, Tools, Challenges, which has been recently published in IEEE Access. We are really excited to have this work done as it would fill important gaps left by other secondary studies on these important topics. Our review also critically comparing the existing reviews and our work that is an important part of progressing the state of the art in an emerging area. I’m copying/pasting the abstract for the readers’ interests as a teaser leading to a full read of the article. We also welcome comments.
We are going to complete the implementation of our redeveloped Bachelor of Engineering (Software) degree program in 2017. As part of the full implementation of the redeveloped degree, we will be adding two new courses… Read More »A New Course on Requirements Engineering