SERVICES
In the Services theme, we work on models and mechanisms for systematically designing trustworthy services that are realized by the complex cooperation of human and artificial agents. This work comprises the challenges of understanding the social contexts for which services are designed, aligning services at all times with these contexts, and building service-supported complex sociotechnical systems with the interoperation of autonomous components. Because of the nature of these challenges, the research on models and mechanisms is grounded in cutting edge ontology-driven conceptual modeling. First, we research models (and model-building support) for service engineering, by investigating how we can systematically engineer computational domain representations to support people in solving problems in those domains, and how we can use these representations in model-driven design approaches for services. Results from this research are applied in requirements engineering, enterprise modeling and architectural design. Second, we research mechanisms for service implementations, by improving system interoperability in heterogeneous environments and investigating the use of context data to automate adaptive interoperability and service delivery Through interoperability the capabilities and data from individual systems can be combined to offer richer services, while the use of context data potentially allows the delivery of ‘smart’ services that better satisfy situation-dependent user needs. This research directly benefits from results of the first-mentioned research direction, by applying model-based and ontology-driven approaches in the design. Relevant projects in these research directions include CLiCKS (NWO and TKI Dinalog), DASLOGIS (NWO, TKI Dinalog), C4Yourself (TKI-LSH), EFFES (with SAP Netherlands), FOREST (with Bertelsmann AG, Germany), TET (with Apollo-Vredestein), e-Waste (with Saxion and Circulus-Berkel), OERMUUF (University of Wuhan, China), SAVEVICT (with the European Cybercrime Center), and Agile-NFR (with Agile Holland).
CYBERSECURITY
Our research covers the complete range of steps necessary to develop secure solutions for the real world, starting from the analysis of existing attacks and vulnerabilities and their proper modelling, to the engineering of targeted protection, mitigation, detection, and response solutions, all the way to the implementation of prototypes and proof-of-concepts, combined with extensive evaluation. In each of these steps, we are paying explicit attention to the demands imposed by the socio-economic context and the involved human factor, which can be part of the threat and part of the solution at the same time.
We aim for real, tangible societal and economic impact. To ensure this, our research is very much use-inspired and largely driven by real-world challenges. We focus our research on challenges from three application domains:
- Health and healthcare industry: Patient data and other medical data is extremely sensitive and brings about particular data security challenges, for instance due to its structure, size, and the fact it is typically distributed over many different parties. This makes the health and healthcare industry one of our key application domains.
- Software and Internet industry: Digital data is typically processed by software and communicated and shared via the Internet. Because of this, the software and Internet industry form the backbone of the data-driven economy, which makes it an important application domain for our research.
- Cybersecurity industry: The third major application domain of our research is the cybersecurity industry itself. Since we research existing and develop new security solutions, many of our research questions are motivated by shortcomings of existing security solutions and real-world challenges posed by the cybersecurity industry.
We are committed to perform open and well-documented research to ease reproducibility, reusability, and collaboration to allow for effective knowledge transfer. Key components in this approach are, next to publishing our research at the top security conferences and journals, the release of open source tools and datasets. We follow the well-established guidelines in our community for responsible disclosure of previously unknown vulnerabilities and collaborate with vendors to design suitable patches or mitigations. Furthermore, to ensure innovation lands in society, we support startups in their infancy and also target the creation of new businesses from scratch.