MODES

Model-Driven Evolution for Secured System
Projet ANR JCJC
Approval no 23-CE25-0011
Start: 2024
End: 2028

MODES focus on the secure evolution of complex software-intensive systems (e.g., smart factories, Cloud, IoT and AI based systems) that operate in uncertain, ever-changing environments. Any system may need to review its security with respect to a set of evolution events. Including: the emergence of new functional and non-functional requirements; execution context changes; configuration changes; Dealing with such evolution events in the aforementioned complex systems require a switch from the opportunistic and isolated evolution of system artefacts (architecture models, threat models, change management policies, formal verification models, etc.) to a process of planned evolution able to take into account the system as a whole. MODES fill this gap by proposing a new model-based evolution process capable of synchronizing security-related changes across the different artefacts representing a system, calculate impacts with respect to security properties and propose countermeasures.
 

Under the interest of introducing efficiency and cost-effectiveness, Information and Communication Technologies have been integrated in many different environments, including critical ones (i.e., environments where a system failure regarding its missions, business operations, safety and/or security would have severe adverse impacts that range from data loss to even loss of life). This integration makes systems prone to a wider range of security issues and consequently, Research and Industry efforts have been directed at enhancing the security of these systems by integrating existing security mechanisms (controls), developing new ones and advocating for secure-by-construction development processes. Unfortunately, systems are far from being static. E.g., vulnerabilities may be discovered after the system is deployed or the system modified on required maintenance/evolution phases. 

Objective 

The high level objective of the MODES project is to allow for systems to be updated to better fulfill their missions while maintaining their security properties. MODES will boast security of software systems by helping them securely evolve and adapt to different types of evolution events. 

method used

MODES is a Model-Driven Engineering (MDE) approach that considers the systems at a high level of abstraction as a set of heterogeneous models. MODES proposes the transformation of security requirements and polices in multi-model security consistency rules.  Indeed, we can see the evolution problem at hand as an special instance of the multi-model  consistency management problem, which consist in maintaining the consistency among a set of related artefacts as they evolve. As an example, with our solution, a confidentiality requirement together with an access-control policy (i.e., a set of rules associating user to permissions on resources) and a set of models representing the system will yield a number of consistency rules assuring the confidentiality property holds in the models as determined by the policy. Changes breaking these consistency rules will be immediately flagged as security threats upon model validation. 
 

Projet MODES

Project team 

Coordinator : Salvador Martínez. Associate Professor - IMT Atlantique Brest
 

Permanent researchers:
Antoine Beugnard, Full Professor  - IMT-Atlantique, Brest
Fabien Dagnat, Associate Professor (HDR) - IMT-Atlantique, Brest
Jean-Christophe Bach, Associate Professor - IMT-Atlantique, Brest
    
Post-Doctoral researchers:
Sylvain Guerin, IMT-Atlantique from mars 2024 to August 2024

Ph.D Students :
Yanis Allouch. IMT-Atlantique (started un January 2025)
 

Expected results

The main scientific impact of the MODES project will be the creation of a new framework and process permitting, under the presence of changes, the safe evolution of the diverse artifacts used in the development of modern (e.g., heterogeneous, cyber-physical, mass-customizable) software intensive systems. The objective of this process is to maintain the security of the system w.r.t. defined security goals or properties. This is a notable contribution to both the model-driven engineering and the security fields with applications in emerging domains such as industry of the future and the construction and evolution of Digital Twins. Additionally, besides security, MODES results may lead to the opening of new research lines related with the definition and evaluation of domain specific consistency rules on multi-model environments (e.g., for energy efficiency optimization).

Contacts

Project leader : Salvador MARTINEZ

from the Computer Science department

Project challenges
/en/research-innovation/issues/digital
Digital transition
Sustainable Development Goals
ODD 9 : industrie, innovation et infrastructure
SDG 9: Industry, Innovation and Infrastructure
ODD 12 : Consommation et production responsables
SDG 12: Responsible Consumption and Production
The project website
Site MODES

Project news

Caroline Cao
Industry of the future: a new 'Chaire' (research collaboration) headed by Caroline CAO
UniSA delegation
Special focus on our collaboration with the University of South Australia (UniSA)