Activities

Past activites

Current projects

VEDLIoT: Very Efficient Deep Learning in IoT
Sponsoring body: EU-H2020
Project Number: 957197
Partners: Univ. of Bielefeld (DE), EMBEDL AB (SE), Chalmers (SE), Siemens (DE), Christmann (DE), Université de Neuchâtel (CH), Universität Osnabrück (DE), VEONEER (SE), Göteborgs Universitet (SE), RISE Research Institutes of Sweden (SE), FCiências.ID (PT), Antmicro (PL)
Budget: 8M€ (FCiências.ID: 370.3K€)
Start date: November 1, 2020
Duration: 3 years

The ever increasing performance of computer systems in general and IoT systems, in particular, delivers the capability to solve increasingly challenging problems, pushing automation to improve the quality of our life. This triggers the need for a next-generation IoT architecture, satisfying the demand for key sectors like transportation (e.g. self-driving cars), industry (e.g. robotization or predictive maintenance), and our homes (e.g. assisted living). Such applications require building systems of enormous complexity, so that traditional approaches start to fail. The amount of data collected and processed is huge, the computational power required is very high, and the algorithms are too complex allowing for the computation of solutions within the tight time constraints. In addition, security, privacy, or robustness for such systems becomes a critical challenge. An enabler that aims at delivering the required keystone is VEDLIoT, a Very Efficient Deep Learning IoT platform. Instead of traditional algorithms, artificial intelligence (AI) and deep learning (DL) are used to handle the large complexity. Due to the distributed approach, VEDLIoT allows dividing the application into smaller and more efficient components and work together in large collaborative systems in the Internet of Things (IoT), enabling AI-based algorithms that are distributed over IoT devices from edge to cloud. In terms of hardware, VEDLIoT offers a platform, the Cognitive IoT platform, leveraging European technology, which can be easily configured to be placed at any level of the compute continuum starting from the sensor nodes and then edge to cloud. Driven by use cases in the key sectors of automotive, industrial, and smart homes, the platform is supported by cross-cutting aspects satisfying security and robustness. Overall, VEDLIoT offers a framework for the Next Generation Internet based on IoT devices required for collaboratively solving complex DL applications across a distributed system.

ADMORPH: Towards Adaptively Morphing Embedded Systems
Sponsoring body: EU-H2020
Project Number: 871259
Partners: University of Amsterdam (NL), Thales Nederland (NL), SYSGO (FR), University of Luxembourg (LU), Lund University (S), United Technologies Research Center (IRL), Q-media (CZ), FCiências.ID (PT)
Budget: 4.5M€ (FCiências.ID: 414.6K€)
Start date: January 1, 2020
Duration: 3 years

Due to the increasing performance demands of mission- and safety-critical Cyber Physical Systems (of Systems) – after this referred to as CPS(oS) – these systems exhibit a rapidly growing complexity, manifested by an increasing number of (distributed) computational cores and application components connected via complex networks. However, with the growing complexity and interconnectivity of these systems, the chances of hardware failures as well as disruptions due to cyber-attacks will also quickly increase. System adaptivity, foremost in terms of dynamically remapping of application components to processing cores, represents a promising technique to fuse fault- and intrusion tolerance with the increasing performance requirements of these mission- and safety-critical CPS(oS). In the ADMORPH project, we evaluate this hypothesis using a novel, holistic approach to the specification, design, analysis and runtime deployment of adaptive, i.e., dynamically morphing, mission- and safety-critical CPS(oS) that are robust against both component failures and cyber-attacks. To this end, we will address four aspects that are instrumental for the realization of these adaptively morphing systems: (i) the formal specification of adaptive systems; (ii) adaptivity methods like strategies for maintaining safe and secure control of CPS(oS); (iii) analysis techniques for adaptive systems to, e.g., perform timing verification of adaptive systems to avoid timing violations after system reconfigurations; and (iv) run-time systems for adaptive systems that realize the actual run-time system reconfigurations to achieve fault and intrusion tolerance. The developed methodologies, methods and tools will be evaluated using three industrial use cases taken from the radar surveillance systems, autonomous operations for aircrafts, and transport management systems domains.

AQUAMON: Dependable Monitoring with Wireless Sensor Networks in Water Environments
Sponsoring body: FCT
Project Number: PTDC/CCI-COM/30142/2017
Partners: FCiências.ID, FEUP, LNEC
Budget: 239.760,43€ (FCiências.ID: 76.362,50€)
Start date: October 1, 2018
Duration: 3 years

Continuous monitoring of aquatic environments using water sensors is important for several applications related to the prevention of accidents, to water resources and aquaculture management and recreational activities. Thus, it is fundamental to ensure the quality of the monitoring data in order to avoid false alarms or ignoring relevant events.
However, operating these sensors in the water environment presents several challenges with clear consequences on data quality. For instance, sensors are constantly being subjected to factors that directly interfere with data quality, such as potentially strong currents and debris accumulation, and communication with sensors, affected by waves and more interferences.
AQUAMON will develop a dependable monitoring platform for application in aquatic environments using wireless sensor networks, addressing some of these challenges. In particular, it will address data communication quality problems over water surfaces, due to waves and propagation characteristics over a water surface, transmission predictability, due to shared medium access contention, and data quality, caused by faults that affect both sensors and communication, creating data errors and data loss.

REDBOOK: Robust hardwarE-based Defences against Buffer Overflows and Other cybersecurity attacKs
Sponsoring body: FCT
Project Number: PTDC/EEI-HAC/31273/2017
Partners: FCiências.ID
Budget: 215,9K€
Start date: October 1, 2019
Duration: 3 years

For decades, numerous vulnerabilities have put computer systems and applications at risk. Several cybersecurity issues have been recurrent, being Buffer Overflows (BOs) vulnerabilities a primary attack method, which nowadays still accounts for more than 25% of the reported attacks. Such a high number clearly shows that classical software-based and compiler-assisted techniques for preventing exploitation of buffer overflow vulnerabilities did not succeed. Existing hardware-based methods (e.g., StackGhost) are too restricted and therefore they are not widely used. This project aims the design of an innovative hardware-based system monitoring architecture, introducing novel non-intrusive observation and runtime verification mechanisms for robust defence against cybersecurity hazards emerging either from accidental faults or from malicious attacks. Technical feasibility will be demonstrated for SPARC (aerospace applications) and ARM (telecommunications, including mobile) platforms.

Past projects

KARYON: Kernel-based ARchitecture for safetY-critical cONtrol
Sponsoring body: EU-FP7
Partners: FCUL (P), Magdeburg University (D), Chalmers University (S), GMV-Skysoft (P), Embraer (BR), SP (S), 4S Group (I)
Budget: 2.74M€ (FFCUL: 454.4K€)
Start date: October 1, 2011
Duration: 3 years

KARYON addresses the problem of finding robust cruising strategies for the vehicles based on strategy information from other vehicles, an estimation of the global system state, and how confident one is about this estimation. This problem is not trivial, since there are no obvious or aprioristic "safe states" or "safe" manoeuvres to do in case of too little, too unreliable, or too inconsistent information about the environment and other vehicles. KARYON will define a system architecture that is based on a small local safety kernel that will prevent dangerous behaviour. Because this is a very small subsystem compared to the overall complex control system, its predictably can be justified. This is essential for guaranteeing overall safety along a set of safety rules. KARYON will further investigate the relevant fault detection concepts, particularly for the sensor systems, needed to show fulfilment of dependability attributes and argue about safety according to safety standards.
Simulation and mixed reality techniques will be developed to validate the approach. KARYON will integrate concepts in advanced event dissemination middleware and in improved simulation and fault-injection tools for assessing the behaviour of autonomous, mobile systems under failure conditions. The project will implement proof-of-concept prototypes and a simulation-based demonstration of the results for scenarios from the automotive and avionics areas, respectively.

TRONE - Trustworthy and Resilient Operations in a Network Environment
Sponsoring body: FCT
Partners: FCUL, FCTUC, Carnegie Mellon University, PT Comunicações
Start date: October, 2010
Duration: 3 years

The leading objective of TRONE is ensuring a seamless and dynamic enforcement of the dependability and security of network services in New Generation Networks. The project will focus on reducing hazards, both proactively, by increasing architecture robustness, and reactively, by improving the means for detection and recovery from anomalous situations like faults and attacks. It will investigate innovative ways to apply fault/failure diagnosis, detection and prevention/tolerance techniques, in symbiosis with automated or semi-automated reconfiguration and adaptation dynamics, in order to preserve stability of network operation against accidents or attacks.

MASSIF - MAnagement of Security information and events in Service Infrastructures
Sponsoring body: EU FP7
Project Number: 257475
Partners: Atos (Coordinator), CINI, Epsilon, Orange Labs, Fraunhofer, FCUL, SPIRAS, Télècom SudParis, AlienVault, T-Systems, UPM, 6CURE
Start date: October, 2010
Duration: 3 years

The main objective of MASSIF (MAnagement of Security information and events in Service Infrastructures) is to achieve a significant advance in the area of SIEM (Security Information and Event Management). On the base of proper multi-level event correlation MASSIF will provide innovation techniques in order to enable the detection of upcoming security threats and trigger remediation actions even before the occurrence of possible security incidences. Thus, MASSIF will develop a new generation SIEM framework for service infrastructures supporting intelligent, scalable, and multi-level/multi-domain security event processing and predictive security monitoring. Such service-level SIEM involves the modelling and formal validation of security, including trusted computing concepts, architecture for dependable and resilient collection of service events, supported by an extremely scalable and high performance event collection and processing framework, in the context of service-level attack models.

CloudFIT - Fault and Intrusion Tolerance for Cloud Computing
Sponsoring body: FCT
Project Number: PTDC/EIA-CCO/108299/2008
Partners: FCUL
Start date: January, 2010
Duration: 2 years

Cloud computing has gained strong popularity in the past years. Cloud architectures typically combine a potentially large number of heterogeneous, loosely coupled and geographically dispersed computers connected via the Internet to form a single unified system that hosts service applications. Cloud architectures make it difficult to apply traditional security approaches. For example, global management policies are difficult to enforce when clouds cross administrative boundaries. At the same time, software complexity is steadily increasing, making it practically infeasible to guarantee the absence of security vulnerabilities in it. As a consequence, implementing dependable services in a cloud faced by malicious attacks is a challenging task. Intrusion tolerance is a paradigm that allows implementing services in a way that they can correctly provide their functionality in spite of malicious intrusions in some of the cloud nodes.
The objective of this project is to define an infrastructure for intrusion-tolerant services in a cloud environment. In order to achieve this goal, we use intrusion-tolerant replication, which allows tolerating intrusions in a subset of the replicas.

CMU-PT partnership at FCUL
Partners: Carnegie Mellon University, FCUL
Start date: August, 2007
Duration: 5 years

The program has a duration of 5 years, divided in two phases. Besides community building actions, two exploratory projects are defined for the first phase (2 years): P1 - Security and Dependability of Large-scale Computer Systems; P2 - Secure Systems-of-Embedded-Systems. Focused projects, with a duration of 3 years, are to be defined at the end of phase 1.

HIDENETS - HIghly DEpendable ip-based NETworks and Services
Sponsoring body: European Commission - IST Programme
Project number: IST-FP6-STREP-26979
Total award amount: 2.500.000 Euro
Coordinator: AAU
Partners: AAU, BME, Carmeq, Fujitsu-Siemens, LAAS, Telenor, FCUL, WMC, UNIFI
Start date: January 1, 2006
Duration: 3 years

The aim of HIDENETS was to develop and analyze end-to-end resilience solutions for distributed applications and mobility-aware services in ubiquitous communication scenarios. Technical solutions were developed for applications with critical dependability requirements in the context of selected use-cases of ad-hoc car-to-car communication with infrastructure service support.

TACID - Timely ACID Transactions in DBMS
Sponsoring body: FCT
Project Number: POSC/EIA/61568/2004
Total award amount: 54,500 Euro
Coordinator: FCTUC
Partners: FCTUC, FCUL
Start date: August 20, 2005
Duration: 2 years

The main goal of the project was to investigate ways to add timeliness properties to the typical ACID transactions. Three transaction classes were considered: 1. With no temporal requirements: i.e., ACID transactions 2. With restrict temporal requirements: for this class the database users will be able to specify a time frame in which the transaction has to be concluded to succeed. In this class, the system must provide timing failure detection, including in distributed transaction environments. 3. With probabilistic temporal requirements: in this class the transactions are always executed independently of time frame specified by the user. However, a probability for the execution of a given transaction on that time frame will be provided.

CORTEX - CO-operating Real-time senTient objects: architecture and EXperimental evaluation
Sponsoring bodies: European Commission - IST Programme
Project Number: IST-2000-26031
Total award amount: 2,094,000 Euro
Coordinator: FCUL
Partners: FCUL, T.C.D., Univ. Lancaster, Univ. Ulm
Start date: April 2001
Duration: 3 years

The key objective of CORTEX was to explore the fundamental theoretical and engineering issues necessary to support the use of sentient objects to construct large-scale proactive applications and thereby to validate the use of sentient objects as a viable approach to the construction of such applications.

MICRA - A Model for the Development of MIssion CRitical Applications
Sponsoring bodies: FCT
Project Number: PRAXIS/P/EEI/12160/1998
Total award amount: 39,500 Euro
Coordinator: FCUL
Partners: FCUL, DSG/UC
Start date: September 1999
Duration: 2 years

The objective of this project was the definition of a model suitable for mission-critical applications, considering timing fault-tolerance in the context of real-time systems as the crucial aspect to address. In this project we developed what we called a Timing Failure Detector, with the ability to perfectly detect all timing failures.

DEAR-COTS: Distributed Embedded Architectures using Commercial Off-The-Shelf Components
Sponsoring bodies: FCT
Project Number: PRAXIS/P/EEI/14187/1998
Total award amount: 38,750 Euro
Coordinator: FCUL
Partners: FCUL, IST, ISEP, FEUP
Start date: October 1999
Duration: 2 years

The main purpose of the DEAR-COTS project was the specification of an architecture based on the use of commercial off-the-shelf (COTS) components, able to support distributed computer controlled systems where safety and timeliness were major requirements.

DINAS - DQS: Design and Implementation of CNMA-based Networks for CIME Applications in SMEs
Sponsoring bodies: Esprit
Coordinator: Intracom
Partners: Intracom, Intrasoft, IPK-Berlin, INESC, Hyperion
Start date: October 1992
Duration: 2 years

Several ESPRIT projects have produced architectures and technologies for the interconnection of nodes in distributed systems: protocols, communication stacks. Some of these technologies have not solved all the problems encountered in their target environments: - the difficulty of integrating with efficiency different cell network technologies; - the lack of integration of cell networks with high-speed backbones such as FDDI; - the achievement of reliable real-time operation, namely in the input/output part of the system.

The objective of DINAS was to address these problems in the scope of a distributed quality control application in a large-scale factory setting. Technology emerging from the ESPRIT project CNMA was used in the project, being complemented with custom developments or other off-the-shelf components when necessary.