29th Nov, 2012

SESAR Innovation Days

The SERSCIS project presented a paper at the 2nd SESAR Innovation Days organised by EUROCONTROL and Single European Sky ATM Research in Braunschweig, Germany, on 28th November 2012.

Surridge, M., Chakravarthy, A., Hall-May, M., Chen, X., Nasser, B., Nossal, R. (2012) SERSCIS: Semantic Modelling of Dynamic, Multi-Stakeholder Systems. In: Proceedings of the 2nd SESAR Innovation Days, November 2012, Braunschweig, Germany

Vasilis Tsoulkas of KEMEA will give a keynote presentation at the European Modelling Symposium on Mathematical Modelling and Computer Simulation, 14-16 November 2012. The keynote presentation is called Machine Reasoning for Cyber-Physical Modelling and Protection of Critical Infrastructures: The Serscis Proof of Concept.

Vasilis Tsoulkas from KEMEA will dedicate his invited keynote presentation at the International Conference on Intelligent Systems in the Middle East to SERSCIS project results. The conference will take place at the American University of Science & Technology, Beirut, Lebanon. The conference is scheduled for 2013.

9th Jul, 2012

Farnborough Air Show

IT Innovation is presenting SERSCIS at the Farnborough Air Show this week as part of the University of Southampton’s research and development in aerospace. Southampton has a great deal of expertise in aerospace, including aircraft noise reduction, aerodynamics, advanced materials, design optimisation and many others.

Find our stand in the Innovation Zone.

Download the SERSCIS Farnborough flyer as a PDF.

29th Mar, 2012


KEMEA has presented SERSCIS results at UKSim2012. The paper is called “An Intelligent Fault Monitoring and Risk Management Tool for Complex Critical Infrastructures: The SERSCIS Approach in Air-traffic Surface Control”.

The paper provides novel results on the development of an intelligent risk management and threat monitoring visualization tool. We describe the highly complex task of aircraft management process and the adopted risk assessment and evaluation methodology for the implementation of a threat analysis-monitoring solution in the aircraft surface operations sector. In particular our case study and proof–of–concept prototype concentrates on the technical support and information presentation capacity to decision makers and human-in-the-loop operators for optimizing the dynamic and adaptive behavior of the interconnected ICT systems in an Airport Collaborative Decision making (A-CDM) test case scenario of the European Air Traffic System.

IT Innovation has contributed a chapter to the Handbook of Research on Service-Oriented Systems and Non-Functional Properties: Future Directions published by IGI Global. The chapter is called Semantic Modelling of Resource Dependability for SLA-Based Service Governance.

In this chapter we present a survey of research work related to the semantic modelling of security, semantic SLA modelling, and the current state of the art in SLA-based system governance. Based on this survey, and after observing the essential aspects needed to semantically model an SLA, we first propose a semantic model of resource dependability. This model can be used to semantically encode in SLA the service commitments (to customers) and resource capacity (from suppliers) in terms of usage, performance, and other QoS characteristics that represent non-functional properties. On the basis of this model, we propose a flexible approach to SLA-based system governance that allows for elastic provisioning of resources (by autonomic processes) that meet NFP requirements. This approach can be used to monitor and manage services such that they meet (and continue to meet) agreed levels of QoS.

The SERSCIS Access Modeller (SAM) version 0.9 has been released and is available for download.

The new release of the software includes new features for modelling identity- and role-based access controls. The tutorial has been updated to reflect these new features. Improvements to the tool’s user interface include an object explorer and debugger, which allow interactive exploration of the model.

23rd Aug, 2011

SERSCIS Access Modeller

The SERSCIS Access Modeller (SAM) takes a model of a system (e.g. a set of objects within a computer program or a set of machines on a network) and attempts to verify certain security properties about the system, by exploring all the ways access can propagate through the system.

It is designed to handle dynamic systems (e.g. systems containing factories which may create new objects at runtime) and systems where behaviour of some of the objects is unknown or not trusted.

Once you have a model that meets the goals, it should tell you:

  • what behaviours must be ensured for components you own
  • what behaviours you require of other parties you rely on

Behaviours are defined using a simple Java-like syntax. For example, a simplified ground handler could be modelled as:

class GroundHandler {
    private Object myCatering;

    public GroundHandler(RampService catering) {
        myCatering = catering;

    public GHTask doTurnaround(AcispTask flights) {
        GHTask ghTask = new GHTask(flights, myCatering);
        return ghTask;

SAM converts this into a set of Datalog rules (e.g. “if a GroundHandler’s doTurnaround method may be called with some argument X then a GHTask may be created and it may get access to X”).

Evaluating these rules and the initial configuration gives an upper bound on the possible behaviours of the real system (if something does not happen in the model, and the model is an over-approximation of the real system, then it cannot happen in the real system either).

Untrusted entities can be modelled using the Unknown behaviour. These will perform any action that they can. For example, the screenshot below shows a model containing a ground handler that behaves as defined above (“ghMe”, representing the ground handler doing the modelling), and a group of ground handlers (“ghOthers”, shown in red), representing competing ground handlers. Here, SAM has detected a flaw in the access control policy of the ramp service, which may allow other ground handlers access to this one’s tasks:

Detecting access problems with SAM

Detecting access problems with SAM

For more documentation and installation instructions, see http://www.serscis.eu/sam/.

IT Innovation and Austro Control have published a paper in a special edition of the AMCS journal on Efficient Resource Management for Grid-Enabled Applications. The paper is called Resilient critical infrastructure management with a service oriented architecture: A test case using airport collaborative decision making.

The SERSCIS approach aims to support the use of interconnected systems of services in Critical Infrastructure (CI) applications. The problem of system interconnectedness is aptly demonstrated by ‘Airport Collaborative Decision Making’ (A-CDM). Failure or underperformance of any of the interlinked ICT systems may compromise the ability of airports to plan their use of resources to sustain high levels of air traffic, or to provide accurate aircraft movement forecasts to the wider European air traffic management systems. The proposed solution is to introduce further SERSCIS ICT components to manage dependability and interdependency. These use semantic models of the critical infrastructure, including its ICT services, to identify faults and potential risks and to increase human awareness of them. Semantics allow information and services to be described in a way that makes them understandable to computers. Thus when a failure (or a threat of it) is detected, SERSCIS components can take action to manage the consequences, including changing the interdependency relationships between services. In some cases, the components will be able to take action autonomously, e.g., to manage ‘local’ issues such as the allocation of CPU time to maintain service performance, or the selection of services where there are redundant sources available. In other cases the components will alert human operators so they can take action instead. The goal of this paper is to describe a Service Oriented Architecture (SOA) that can be used to address the management of ICT components and interdependencies in critical infrastructure systems.

The service composition components (service orchestrator) have been released and the software is available for download.

The system composition components allow for the execution of business processes formulated as annotated BPEL workflows. Services are bound to workflow instances dynamically at run-time. This is done by evaluating annotations to identify services that are suitable for handling a late bound service request. Late binding additionally enables the usage of dynamic fault handling strategies like retry, blacklist or switch service.

The framework is based on Apache ServiceMix and Apache ODE. Details of the license and contact data are given in the downloaded software.