Research Projects

Current Projects

Past Projects

DISIEM - Diversity Enhancements for SIEMs

The project aims to provide improvements to Security Information and Event Management (SIEM) systems based on diversity related technology. More specifically, the project wants to (1) enhance the quality of events collected using a diverse set of sensors and novel anomaly detectors, (2) add support for collecting infrastructure-related information from open source intelligence data available on diverse sources from the internet, (3) create new ways for visualising the information collected in the SIEM and provide high-level security metrics and models for improving security-related decision project, and (4) allow the use of multiple storage clouds for secure long-term archival of the raw events feed to the SIEM. Given the high costs of deployment of SIEM infrastructures, all these enhancements will be developed in a SIEM-independent way, as extensions to currently available systems, and will be validated through the deployed in three large-scale production environments.

Start date: September 1, 2016

Duration: 3 years

Total award amount: 3,4 MEuros

Sponsoring body: European Commission's H2020 Work Programme (EU H2020-DS-2015-1: 700692)

Official web site: http://www.disiem-project.eu

 

IRCoC - Intelligent Resilience for Cloud-of-Clouds Services

The project aims to make significant advances on the use of a Cloud-of-Cloud (CoC) for storage, coordination and execution of critical services, enabling organizations and individuals to benefit from the clouds without requiring complete trust on any single provider.

Start date: July 1, 2016

Duration: 3 years

Total award amount: 100 KEuros

Sponsoring body: FCT (PTDC/EEI-SCR/6970/2014)

 

Resilient Supervision and Control in Smart Grids

SCADA (Supervisory Control and Data Acquisition) systems have a prominent role in the management of critical infrastructures. They are used in the monitoring and control of equipment in several different industries, such as the Energy sector. In this project of researcher exchange of FCUL (Portugal) and PUPCR/Inmetro (Brazil) the objective is to embrace the following challenge: to collaborate in the design and development of advanced security mechanisms to be integrated in a next-generation SCADA system, with the goal of assuring correct behaviour in spite of the presence of a diverse range of faults, both of accidental and/or malicious nature. The teams involved present a complementary set of skills and experience in building this type of solutions, and therefore this collaboration may yield important scientific achievements with practical industrial impact. On the other hand, the participation of young researchers will help foster new projects of advanced learning.

Start date: January 1, 2016

Duration: 2 years

Total award amount: support for mobility of researchers between Portugal-Brazil

Sponsoring body: FCT/CAPES

 

SUPERCLOUD - User-Centric Management of Security and Dependability in Cloud of Clouds

The project will develop new security and dependability infrastructure management paradigms with the objective of providing: self-service security, related to the implementation of a cloud architecture that gives users the flexibility to define their own protection requirements and instantiate policies accordingly; self-managed security, for the development of an autonomic security management framework that operates seamlessly over compute, storage and network layers, and across provider domains to ensure compliance with security policies; resilience, through the implementation of a resource management framework that composes provider-agnostic resources in a robust manner using primitives from diverse cloud providers. The SUPERCLOUD solutions will be validated with real-world use cases in the healthcare domain, ranging from deploying a distributed medical imaging platform to running a full laboratory information system.

Start date: February 1, 2015

Duration: 3 years

Total award amount: 5,4 MEuros

Sponsoring body: European Commission's H2020 Work Programme (EU H2020-ICT-2014-1: 643964)

Official web site: http://www.supercloud-project.eu

 

SEGRID: Security for smart Electricity GRIDs

The project main objective is to enhance the protection of smart electrical grids against cyber-attacks. SEGRID does this by applying a risk management analysis approach to a number of smart grid use cases (the SEGRID use cases), which will define security requirements and determine gaps in current security technologies, standards and regulations. The identified gaps and the analysis itself will give input to the enhancement of risk assessment methodologies and the development of novel security measures for smart grids.

Start date: October 1, 2014

Duration: 3 years

Total award amount: 3,4 MEuros

Sponsoring body: European Commission's FP7-SEC Work Programme (FP7-607109)

Official web site: http://www.segrid.eu

 

ParIS: Partnership in Information Security

The goal of the project is to establish a consortium of higher education and research organisations active in, or aiming at being active in, the strategic area of security and trust in telecommunications, and to prepare a roadmap and a strategy for the preparation, and the launch at a later stage, of a Joint Master Degree in Security (JMD). The project will also create opportunities for joint actions, such as the organisation of joint Intensive Study Programmes in Security, encouraged to give lectures and conferences at other participating institutions, experiment the different teaching methods, while providing at the same time an appropriate context for additional added values, for instance joint research projects.

Start date: October 1, 2014

Duration: 3 years

Total award amount: 150 KEuros

Sponsoring body: European Commission's Erasmus+ Programme (H2020)

Official web site: http://paris.uni.lu/

 

BiobankCloud: Scalable, Secure Storage of Biobank Data

BiobankCloud will develop a cloud-computing platform as a service (PaaS) for Biobanking. The platform will provide security, storage, data-intensive tools and algorithms, and support for allowing Biobanks to share data with one another, all within the existing regulatory frameworks for Biobanking. The research challenges include: the definition of the regulatory framework and data model for Biobank data sharing; the development of a scalable, highly available storage infrastructure; data-intensive tools and workflows for aligning, clustering, aggregating, compressing and anonymizing sequence data; a security platform that ensures data confidentiality, data integrity, and data access auditing; the inter-connection of Biobanks, while also leveraging the storage and processing capacity of public clouds; and the integration of these components as a PaaS.

Start date: December 1, 2012

Duration: 3 years

Total award amount: 2 MEuros

Sponsoring body: European Commission's FP7 ICT Work Programme (FP7-317871)

Official web site: http://www.biobankcloud.eu/

 

MASSIF - MAnagement of Security information and events in Service InFrastructures

The main objective of MASSIF is to achieve a signicant advance in the area of Security Information and Event Management (SIEM). On the base of proper multi-level event correlation, MASSIF will provide innovation techniques in order to enable the detection of upcoming security threats and trigger remediation actions even before the occurrence of possible security incidences. Thus, MASSIF will develop a new generation SIEM framework for service infrastructures supporting intelligent, scalable, and multi-level/multi-domain security event processing and predictive security monitoring.

Such service-level SIEM involves the modelling and formal validation of security, including trusted computing concepts, architecture for dependable and resilient collection of service events, supported by an extremely scalable and performant event collection and processing framework, in the context of service-level attack models.

Start date: October 1, 2010

Duration: 3 years

Total award amount: 6 MEuros

Sponsoring body: European Commission's FP7 ICT Work Programme (FP7-257475)

Official web site: http://www.massif-project.eu

 

SITAN - Services for Intrusion Tolerant Ad Hoc Networks

The project will create a toolbox of distributed services that can be employed in the construction of wireless ad hoc applications, simplifying their design and development, and automatically assuring tolerance to both accidental faults and attacks. To fulfill this objective, it will be necessary to investigate new distributed protocols and models, which are able to capture the inherent characteristics of the environment, and explore them to enhance the performance and resilience of the system.

Start date: April 1, 2011

Duration: 3 years

Total award amount: 131 KEuros

Sponsoring body: FCT (PTDC/EIA-EIA/113729/2009)

Official web site: http://asc.di.fct.unl.pt/SITAN

 

DIVERSE - Diversity for Intrusion Tolerant Systems

This project studies mechanisms that allow the inclusion of diversity (mainly at software level) in a replicated system, in a way that prevents common vulnerabilities from occurring across multiple replicas. The project also has a strong component about the evaluation of the proposed solutions, and the creation of methodologies and tools that support the discovery of vulnerabilities in different kinds of software components.

Start date: January 1, 2010

Duration: 3 years

Total award amount: 88.5 KEuros

Sponsoring body: FCT (PTDC/EIA-EIA/100894/2008)

Official web site: http://www.di.fc.ul.pt/~nuno/PROJECTS/DIVERSE/

 

TCLOUDS - Trustworthy Clouds: Privacy and Resilience for Internet-scale Critical Infrastructure

Trustworthy Clouds (TClouds) aims to build a prototype Internet scale ICT infrastructure, which allows virtualized computing, network, and storage resources over the Internet to provide scalability and cost-efficiency. The following objectives contribute to achieving the overall goal: 1) Identifying and addressing the legal and business implications and opportunities of a widespread use of infrastructure clouds, contributing to building a regulatory framework for enabling resilient and privacy-enhanced cross-border infrastructure clouds; 2) Defining an architecture and prototype for securing infrastructure clouds by providing security enhancements that can be deployed on top of commodity infrastructure clouds (as a cloud-of-clouds) and assessing the resilience and privacy benefits of security extensions of existing clouds; 3) Providing resilient middleware for adaptive security on the cloud-of-clouds. The TClouds platform will provide tolerance and adaptability to mitigate security incidents and unstable operating conditions for a range of applications running on such clouds-of-clouds.

Start date: October 1, 2010

Duration: 3 years

Total award amount: 7,5 MEuros

Sponsoring body: European Commission's FP7 ICT Work Programme (FP7-257243)

Official web site: http://www.tclouds-project.eu/

 

REGENESYS - Regeneration of Replicated Systems

The objective of this project is the design, implementation and evaluation of a regeneration system capable of improving the security of replicated systems exposed both to accidental failures (e.g., a replica crash) and malicious attacks (e.g., a virus infection or an intrusion in a server). The approach being followed integrates Byzantine fault-tolerant protocols with the regeneration service to make it intrusion-tolerant. At the same time, the approach is very flexible, supporting planned and unplanned maintenance operations on the replicas.

Start date: January 1, 2010

Duration: 3 years

Total award amount: 73.5 KEuros

Sponsoring body: FCT (PTDC/EIA-EIA/100581/2008)

Official web site: http://regenesys.di.fc.ul.pt/

 

RED - Resilient Database Clusters

The goal of project ReD is to develop a generic, robust, and inexpensive shared-storage cluster from an off-the-shelf RDBMS. The ReD approach is to combine the replication protocol with a specialized copy-on-write volume management system, that holds transient logically independent partial copies, thus masking internal server non-determinism and isolating multiple logical replicas for resilience.

Start date: April 1, 2010

Duration: 2 years

Total award amount: 123.5 KEuros

Sponsoring body: FCT (PTDC/EIA-EIA/109044/2008)

Official web site: http://red.lsd.di.uminho.pt/

 

CMUPORT - CMU-Portugal Research and Education Partnership

CMU-Portugal is a partnership between Carnegie Mellon University and the Portuguese Government through the Ministry of Science, Technology and Higher Education. This partnership has an initial 5-year phase during 2007-11 and is materialized by a joint "Information and Communication Technologies Institute", ICTI, with poles in CMU and in Portugal. LASIGE members are heavily engaged in one of the initiatives of the CMU-PORTUGAL program, Information and Infrastructure Security and Dependability, which is led by FCUL in the program. The Information and Infrastructure Security and Dependability initiative drawing from faculty and researchers at CMU ECE and CS, expects to become internationally visible as a distributed centre of excellence. The project will address the Internet and the Critical Information Infrastructures of the future, and their interpenetration: the dramatic security and dependability problems posed the inevitable fusion between classical Internet and embedded and computer control systems. The proposal features a coordinated set of initiatives: education at the level of MSc and PhD, and joint research. Both the Doctoral and the Masters program confer a dual degree, from CMU and from the University of Lisboa.

Start date: October 27, 2007

Duration: 5 years

Total award amount: 56 MEuros

Sponsoring body: FCT

Official web site: http://cmuportugal.di.fc.ul.pt/

 

CRUTIAL - Critical UTility InfrastructurAL Resilience

The project addresses new networked ICT systems for the management of the electric power grid, in which artifacts controlling the physical process of electricity transportation need to be connected with information infrastructures, through corporate networks (intranets), which are in turn connected to the Internet.

CRUTIAL’s innovative approach resides in modeling interdependent infrastructures taking into account the multiple dimensions of interdependencies, and attempting at casting them into new architectural patterns, resilient to both accidental failures and malicious attacks.

Start date: Jan. 1, 2006

Duration: 3 years

Total award amount: 2 MEuros

Sponsoring body: European Commission - IST Programme (IST-FP6-STREP-027513)

Official web site: http://crutial.cesiricerca.it/

 

RESIST - Resilience for Survivability in IST

ReSIST is an NoE that addresses the strategic objective “Towards a global dependability and security framework” of the European Union's FP6 Work Programme for IST (Information Society Technologies), and responds to the stated “need for resilience, self-healing, dynamic content and volatile environments”. ReSIST integrates leading researchers active in the multidisciplinary domains of Dependability, Security, and Human Factors, in order that Europe will have a well-focused coherent set of research activities aimed at ensuring that future “ubiquitous computing systems”, the immense systems of ever-evolving networks of computers and mobile devices which are needed to support and provide Ambient Intelligence (AmI), have the necessary resilience and survivability, despite any residual development and physical faults, interaction mistakes, or malicious attacks and disruptions.

Start date: Jan. 1, 2006

Duration: 3 years

Total award amount: 4.7 MEuros

Sponsoring body: European Commission - IST Programme (IST-4-026764-NOE)

Official web site: http://www.resist-noe.org/

 

RITAS - Randomized Intrusion Tolerance for Asynchronous Systems

In this project we want to develop a stack of protocols capable of tolerating intrusions. Distributed applications composed by a set of cooperating processes running on different nodes, can resort to these protocols for the implementation of interesting tasks. As a result, if applications are organized properly, they can continue to provide useful services even if a malicious adversary controls a number of the processes (and makes them fail in a Byzantine way) or attacks the network.

The types of networks considered in the project (LAN, WAN or Wireless) are particularly difficult to tackle because of their unpredictable timeliness (also called asynchronous systems). A well known result by Fischer et al indicates that consensus can not be deterministically solved in this setting if a single process is allowed to crash. Therefore, to be able to circumvent this result, we will use randomization techniques in the protocols.

Start date: March 1, 2005

End date: December 31, 2007

Total award amount: 50.5 KEuros

Sponsoring body: FCT (POSC/EIA/60334/2004)

Official web site: http://www.di.fc.ul.pt/~nuno/PROJECTS/RITAS/

 

AJECT - Attack Injection on Software Components

Computer security is an important research subject due to our reliance on computer systems for the execution of our everyday life activities. An attack to be executed successfully, and to result in an intrusion, has to be able to explore a vulnerability in the computer system. These vulnerabilities might be located in distinct components, ranging from the processor firmware to some library linked to an application.

In this project we want to study and analyze software vulnerabilities. Modern software is complex, but it will tend to become even more complicated in the future. Therefore, if we want to prevent malicious adversaries from compromising our systems, we need first to get a better understanding about how vulnerabilities are exploited, and then we have to develop tools that will enable us to automatically detect potential software problems.

Start date: May 1, 2005

End date: December 31, 2007

Total award amount: 48.5 KEuros

Sponsoring body: FCT (POSC/EIA/61643/2004)

Official web site: http://www.di.fc.ul.pt/~nuno/PROJECTS/AJECT/

 

MAFTIA: Malicious- and Accidental-Fault Tolerance for Internet Applications

The MAFTIA project will investigate the dependability of large distributed applications thus addressing one of the four key issues of the IST Programme and in particular the main objectives of CPA2. Its major innovation is a comprehensive approach for tolerating both accidental faults and malicious attacks in such systems, including attacks by external hackers and by corrupt insiders. The objectives of the project will evolve under the guidance of an Industrial Advisory Board, representing a cross-section of the industrial organizations which can best exploit MAFTIA's ideas. Board members will provide "use cases" based on actual or planned major systems and on realistic threat scenarios; as the project progresses they will play an ever-increasing role in providing exploitation routes for the results. Deliverables will include demonstrations and prototypes of several accident- and attack-tolerant security mechanisms and services.

Start date: Jan. 1, 2000

Duration: 3 years

Total award amount: 5,1 MEuro

Sponsoring body: European Commission - IST Programme (IST-1999-11583)

Official web site: http://www.maftia.org/

 

COPE: Secure and Reliable Parallel Processing

Throughout the last ten years there has been an considerable evolution in the area of parallel systems and applications. With the ending of the Cold War the available funds for the construction of specialized supercomputers suffered a substantial reduction. Users, however, continued to demonstrate interest in this kind of systems. In fact, there has been an increase on the number of applications that need significant computational capacities. These applications come from the most diverse areas of knowledge, such as medical sciences including genetic engineering, financial modeling, and robotics.

In this project we want to develop solutions that improve the reliability and security of current parallel processing platforms. The hardware architecture that is most commonly found consists on a group of workstations or PCs interconnected by a high-performance network. Application programming can be done using a message-passing platform with a standard interface, such as the Message Passing Interface (MPI).

Start date: April 2, 2002

Duration: 32 months

Total award amount: 35 KEuros

Sponsoring body: FCT (POSI/CHS/39815/2001)

Official web site: http://www.di.fc.ul.pt/~nuno/PROJECTS/COPE/

 

DEFEATS: Distributed Fault and Attack Tolerant Systems Configuration

With the increasing experience with applications running in a large-scale asynchronous network such as the Internet, the need for dependability properties in that environment has become evident. For example, E-commerce services have to be secure, reliable and available. There has been research in those properties for a couple of decades now, but their implementation is still not simple for the average system architect.

Faults in critical systems have been handled by a number of techniques, from prevention to fault tolerance mechanisms based on replication. On the other hand, security is still mostly obtained through prevention, although it is possible to characterize the malicious faults involved in attacks, which can then be handled using fault-tolerance techniques. This issue, attack tolerance, only recently started to receive attention.

The composition of medium/large software systems from smaller components has also been an area of research in the last years. The application of these ideas to configuration of distributed systems and processes is a powerful framework. The basic principle is the separation between systems architecture and computation. Computation is done by the components. The architecture of the system can be defined using configuration languages or graphic tools, and changed using a configuration platform.

Project DEFEATS is concerned with studying a configurable framework to build attack and intrusion tolerant systems.

Start date: Jan. 1, 2001

Duration: 3 years

Total award amount: 29,5 KEuros

Sponsoring body: FCT (POSI/1999/CHS/33996)

Official web site: http://defeats.di.fc.ul.pt/

 

CaberNet: Network of Excellence in Distributed and Dependable Computing Systems

CaberNet aims to co-ordinate and strengthen the research, the research training activities and the industrial linkages of the European research groups. It intends to provide a long-term stable basis for research coloration and a challenging Trans-European environment for research students. Moreover, industrial involvement in CaberNet, whether via membership or affiliation, offers increased and enhanced means of interacting with industry. Members will obtain valuable feedback from industry about their research, and industry will access a known reservoir of competence aimed at technology transfer.

The mission of CaberNet is to coordinate top-ranking European research in distributed and dependable systems, to make that research accessible to governments and industries and to further the quality of education concerning such systems. CaberNet addresses all aspects of the design of networked computer systems. These systems can rangefrom embedded systems used to control an aircraft in flight to globe-spanning applications searching for information on the World-Wide Web. CaberNet will build on its Europe-wide community of research groups in distributed and dependable computing and develop a shared vision of RTD. This shared vision will provide a focus for work that is central to the success of the IST Programme, highlighting our strengths and leading to a coherent presentation of European work in the global marketplace of ideas.

Start date: January 2001

Duration: 39 months

Sponsoring body: European Commission - IST Programme (IST-2000-25088)

Official web site: http://research.cs.ncl.ac.uk/cabernet/www.laas.research.ec.org/cabernet/

 

Back to Nuno Neves' home page