Design and analysis of self-protection : Adaptive security for software-intensive systems

Today’s software landscape features a high degree of complexity, frequent change and many uncertainties. Cyber-attacks are a common occurrence and their consequences are often severe, thus, systems that are able to dynamically defend themselves from attacks are highly needed. Such systems are called self-protecting systems and aim to autonomously identify, analyse and mitigate threats by adapting their structure and behavior at runtime. This research project will contribute towards providing software-intensive systems with self-protection or adaptive-security capabilities. We enhance the security of architecture-based self-adaptive systems by equipping them with (proactive and reactive) self-protection capabilities as well as attack monitoring. Moreover, we provide a framework that allows an open, decentralized system system to mitigate security threats and self-organize to maximize the average trust between the system entities while maintaining their security policies. © 2021 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0)