Abstract. Service-oriented computing is an emerging paradigm where services are understood as autonomous, platform-independent computational entities that can be described, published, categorised, discovered, and dynamically assembled for developing massively distributed, interoperable, evolvable systems and applications. The IST-FET Integrated Project SENSORIA aims at developing a novel comprehensive approach to the engineering of service-oriented software systems where foundational theories, techniques and methods are fully integrated in a pragmatic software engineering approach. In this paper we present first ideas for the SENSORIA semantic-based development of service-oriented systems. This includes service-oriented extensions to the UML, a mathematical basis formed by a family of process calculi, a language for expressing context-dependent soft constraints and preferences, qualitative and quantitative analysis methods, and model transformations from UML to process calculi. The results are illustrated by a case study in the area of automotive systems. 1

Abstract. In earlier work, we have introduced Secure Tropos, a requirements engineering methodology that extends the Tropos methodology and is intended for the design and analysis of security requirements. This paper briefly recaps the concepts proposed for capturing security aspects, and presents an implemented graphical CASE tool that supports the Secure Tropos methodology. Specifically, the tool supports the creation of Secure Tropos models, their translation to formal specifications, as well as the analysis of these specifications to ensure that they comply with specific security properties. Apart from presenting the tool, the paper also presents a two-tier evaluation consisting of two case studies and an experimental evaluation of the tool’s scalability.

Security is often compromised by exploiting vulnerabilities in the interface between the organization and the information systems that support it. This reveals the necessity of modeling and analyzing information systems together with the organizational setting where they will operate. In this chapter we address this problem by presenting a modeling language tailored to analyze the problem of security at an organizational level. This language proposes a set of concepts founded on the notions of permission, delegation, and trust. The chapter also presents a semantics for these concepts, based on Datalog. A case study from the bank domain is employed to illustrate the proposed language.

Abstract—Nowadays, security has become one of the most demanded characteristics of information systems. However, the ways to address information systems security still lack consensus and integration. On the one hand, researchers have extended various modelling languages and methods with security-oriented constructs in order to take security concerns into account throughout the development lifecycle. On the other hand, practitioners have developed risk management methods to help estimate the relative importance of security risks and the costeffectiveness of solutions to tackle them. They are mainly driven by security standards that help practitioners assess and improve the security level of their organisations. Obviously, those two families of approaches should be unified so as to maximise the return on investment of implementing security requirements, and thereby align business and information technology concerns related to security. This is the challenge that our research aims to address. This paper presents a research agenda and describes the first steps that were undertaken to achieve it: an alignment of the terminology in the risk management literature and the elaboration of a conceptual model of the risk management domain. Those results will then be inputs for the next phases, which aim to integrate security and risk management concepts in information system development methods.

Abstract. Software-intensive systems become more and more important in our everyday lives. But their increasing complexity makes it difficult to develop and maintain them. This chapter gives an overview of the state of the art of building software-intensive systems and outlines research challenges that have been identified by the InterLink working group “software-intensive systems and new computing paradigms”. 1

This deliverable presents the results of the WP2-Task 2.3 and notably the study and definition of organizational styles. Structures such as joint-venture, pyramidal, structure-in-fives, and arm’s-length have been studied and adapted. We have evaluated the styles and proposed along a number of criteria (the degree of agents autonomy, coordination, reliability, and security) as well as a number of modifications to adapt the methodology for security engineering, datawarehouses, service oriented architecture, and digital libraries.

E-government refers to the introduction of digital technologies into public administrations and it is assuming a pivotal role in many countries, including Italy. In particular, the supply of on-line services by public administrations represents a rapidly expanding phenomenon. The objective of the paper is to support system designer in the development of IT systems that comply with regulations that govern the use of technologies in public administrations. Thus, taking as running example a tax portal and its authentication issues, we look at the general principles and rules that govern institutional sites and portals, as established in the Italian Public Administration Code. We also show how Security Requirements Engineering methodologies can assist system designers in their activities.

Abstract—Software systems are made to evolve in response to changes in their contexts and requirements. As the systems evolve, security concerns need to be analysed in order to evaluate the impact of changes on the systems. We propose to investigate such changes by applying a meta-model of evolving security requirements, which draws on requirements engineering approaches, security analysis, argumentation and software evolution. In this paper, we show how the meta-model can be instantiated using a formalism of temporal logic, called the Event Calculus. The main contribution is a model based approach to argument analysis, supported by a tool which generates templates for formal descriptions of the evolving system. We apply our approach to several examples from an Air Traffic Management case study. Keywords-Security argumentation; Requirements Engineering;