Category: Events

10th of May, at 16h30, Zane Bicevska will give a presentation on the research conducted at the Faculty of Computing of the University of Latvia
Location: G4.1

Bio
Dr. Zane Bicevska is a professor at the University of Latvia, and a dean of the Faculty of Computing. She holds a PhD in Computer Science from the University of Latvia and a master degree in Economics from the J.W.Goethe University of Frankfurt am Main (Germany). She has also studied computer science at the University of Buffalo, USA. Dr. Bicevska has more than 20 years of experience in the field of computer science and software engineering, and she is also acting as an enterpreneur in IT industry.Dr. Bicevska is an expert in software engineering, software quality, software testing, and project management. She teaches project management and software testing to bachelor and master level students at the University of Latvia, and  has published more than 40 research articles in international journals and has presented her work at various international conferences.

26th of April, at 16h00, Charles Gonçalves will give a presentation entitled“Intrusion Injection for Virtualized Systems: Concepts and Approach” 
Location: G4.1

Bio
Charles F. Gonçalves received a B.Sc. and an M.Sc. degree in computer science from the Federal University of Minas Gerais (UFMG) Brazil. He is currently pursuing a Ph.D. degree in Informatics Engineering at the University of Coimbra (UC). He is a Software and System Engineering (SSE) Group member in the CISUC and also from the SPEC Research Security Benchmarking Working Group. His interests include Virtualization Security, Security Benchmarking, Data Processing, and Software Development. 

Abstract
Virtualization is drawing attention due to countless benefits, leaving  Hypervisors with the paramount responsibility for performance, dependability, and security. However, while there are consolidated approaches to assessing the performance and dependability of virtualized systems,  solutions to assess security are very limited. Key difficulties are evaluating the system in the presence of unknown attacks and vulnerabilities and comparing the security attributes of different systems and configurations when an intrusion occurs. 
In this talk, we will discuss the concept  of intrusion injection for virtualized environments, which consists of directly driving the system into the erroneous states that mimic the ones resulting from actual intrusions (in the same way errors are injected to mimic the effects of residual faults).

20th of April, at 13h00, Antônio Fröhlich will give a presentation entitled“SmartData: a Data-centric Approach to the Design of Safety-Critical Systems” 
Location: G4.1

Bio
Antônio Augusto Fröhlich is a full professor at the Federal University of Santa Catarina (UFSC), where he leads the Software and Hardware Integration Laboratory (LISHA) since 2001. He holds a PhD in Computer Engineering from the Technical University of Berlin (2001) and was a visiting researcher at the University of Paderborn (2007), at the University of California, Irvine (2016) and at the University of Luxembourg (2017). He has coordinated several research and innovation projects in connected, secure and intelligent embedded systems, including the ALTATV Digital TV Platform, the CIA² research network on Smart Cities and the Internet of Things, the Smart Campus project at UFSC and Smart Grid projects with partner industries. In 2022, he was a founding member of UFSC’s Research Center for Cyber-physical Systems Security (SecCPS), currently acting as Executive Director.

Abstract
Data is at the core of the design of modern Safety-Critical Systems. Data is no longer only sensed and processed in the context of the control loops of such systems. It is also secured, stored, and transmitted for the sake of the decision-making processes required for higher levels of autonomy. The task-centered strategies traditionally used to design critical systems consistently support scheduling analysis and verification of tasks execution times, as long as periods, deadlines and execution time estimates are known, but mostly ignore the flow of data across the various components in the system and often assume that data generation time is constant and can be fully encapsulate in the execution time of tasks. A Data-driven approach to the design of such systems can more promptly accommodate requirements such as data freshness, redundant data sources, operational safety, and AI-readiness. It also facilitates the design of mechanisms to monitor, and eventually override, non-deterministic components such as the neural networks commonly used in autonomous systems. In this talk, we present the SmartData concept, which was conceived at LISHA/UFSC to handle these design issues. The talk addresses aspects of domain decomposition, scheduling, communication, formal property specification and verification, and component overriding. The Autonomous Vehicle being built at UFSC lays a case background for the talk.

14th of April, at 14h00, Alexandru Iosup will give a presentation entitled“Massivizing Graph Processing: The Science, Design, and Engineering of a Complex Ecosystem” 
Location: A5.4

Bio
Dr.ir. Alexandru Iosup is a full professor at Vrije Universiteit Amsterdam (VU), a high-quality research university in the Netherlands. He is the tenured chair of the Massivizing Computer Systems research group at the VU and visiting researcher at TU Delft. He is also elected chair of the SPEC-RG Cloud Group. His work in distributed systems and ecosystems includes over 150 peer-reviewed articles with high scientific impact, and has applications in cloud computing, big data, scientific and business-critical computing, and online gaming. His research has received prestigious recognition, including membership in the (Young) Royal Academy of Arts and Sciences of the Netherlands, the Netherlands ICT Researcher of the Year award, and a PhD from TU Delft. His leadership and innovation in education led to various awards, including the prestigious Netherlands Higher-Education Teacher of the Year. He has received a knighthood for cultural and scientific merits. Contact Alexandru at A.Iosup@vu.nl or @AIosup, or visit http://atlarge.science/aiosup

Abstract
Wherever we turn, our society is digital. Digital data and digitalized processes are becoming critical for science and engineering, decision-making and business-critical operations, and online education and gaming. An emerging building block of digitalization in the 21st century, graph representation of both real and digital states, is becoming common in practice. At societal and even global scale, these digital elements depend, often transparently from the perspective of their clients, on the effective inter-operation of efficient computer systems into large ecosystems, managed largely without a developer and even client input. However successful until now, we cannot take these ecosystems for granted: the core does not rely on sound principles of science and design, and there are warning signs about the scalability, dependability, and sustainability of engineering operations. This is the challenge of massivizing computer systems, and, as the focus here, of massivizing graph processing. 
In this talk, inspired by the recently started EU project Graph Massivizer [1], and by our experience with distributed computer systems for over 15 years, we focus on understanding, deploying, scaling, and evolving graph-processing ecosystems successfully. We explain GraphMassivizer’s ambitious, comprehensive research program that aims to develop a serverless, sustainable, graph processing platform, with applications to sustainable ICT infrastructure, AI/ML, FinTech, and Industry 4.0. We posit that we can address the fundamental challenges of massivizing graph processing by focusing on computer ecosystems rather than merely on (individual, small-scale) computer systems. We showcase diverse results in massivizing graph processing, including (1) a reference architecture, and a resource management and scheduling framework, that can span the computing continuum, (2) the design and development of graph processing engines, and (3) the development of a benchmark and performance analysis framework that led to a fundamental performance result. 
The session will be interactive, so bring over your questions, comments, and curiosity. We will have a team with diverse professional backgrounds ready to answer them. Thank you for joining!
[1] Graph Massivizer website: https://graph-massivizer.eu/

12th of March at 16h00, Anamta Khan and Jessica Castro  will give two short presentations, to promote discussion on two relevant ongoing or disruptive topics. Afterwards, there will be a social gathering where everyone can talk freely on whatever subjects they like.
Location: G4.1

Anamta Khan – “A Machine Learning driven Fault Tolerance Mechanism for UAVs’ Flight Controller” 

Bio
Anamta Khan is a PhD student in the SSE group at DEI. She obtained her Master’s and Bachelor’s degrees in Computer Science from the Institute of Business Administration (IBA) in Karachi. Her research focus since 2021 has been on creating a safer airspace with maximum and efficient utilization of drones. She utilizes fault injection in a simulation-based environment to identify vulnerabilities and their impact, and then uses machine learning-based techniques to address them.

Abstract
Unmanned Aerial Vehicles (UAVs), similar to other robotic systems, are susceptible to various hazards (e.g., software or hardware failures or security attacks) that may hinder mission completion and compromise safety by violating the separation minima (i.e., the minimum distance that must be maintained between UAVs in order to ensure safe and efficient operations). To address this issue, this paper proposes a new machine learning-based fault-tolerant mechanism for UAV flight controllers that tolerates GPS-related hazards and improves safety. Machine learning models were built using 884,410 data records from 1,985 flight logs collected from the PX4 public repository. The trained models are used to predict the expected position of the UAV during a mission, and separation minima are used as a threshold to detect the GPS hazards by comparing it with the distance between two consecutive position values. When a hazard is detected (i.e., the distance is higher than separation minima), the predicted values by machine learning models are fed into the position estimator (i.e., EKF) of the flight controller. To evaluate the effectiveness of this approach, validation experiments were conducted on several realistically defined missions while being exposed to different types of failure conditions (e.g., Noise and GPS failure), both with and without using the proposed fault-tolerant mechanism. The results show a remarkable reduction in the safety violations from 94 to 1 (violation of the separation minima counts), indicating a significant improvement in safety. Additionally, the proposed mechanism demonstrated a notable improvement in the distance covered and duration of the flight mission in failure conditions, demonstrating its ability to mitigate faults effectively. These findings support the effectiveness of the proposed fault tolerance mechanism in enhancing UAV mission performance by improving safety and tolerating issues caused by GPS.

Jessica Castro – “Attack Detection in Microservice Applications” 

Bio
Jessica Castro is a PhD candidate in Informatics Engineering at the University of Coimbra, Portugal. She received a BSc. in Computer Science and an MSc in Informatics from Universidade Federal da Paraíba, Brazil. Her research interests include attack detection, microservices/containerised applications, and self-adaptive systems.

Abstract
A microservices-based architecture decreases the complexity of developing new systems, making them highly scalable and manageable. However, its distributed nature, the high granularity of services, and the large attack surface increase the challenge of securing those systems. We will present the challenges of monitoring and identifying attacks in microservice applications at runtime and how we aim to use logic scoring of preference to calculate scores that allow identifying possible attacks.

29th of March, at 16h00, Gabriel Campos will give a presentation entitled“Towards safe autonomous driving” 
Location: G4.1  (speaker will be remote)

Bio
Gabriel R. Campos is a Technical Expert on Precautionary Safety and Research Manager at Zenseact, where he works on safe planning and decision making for ADAS and AD systems. With a background on control theory, his research interests include safety assurance, behavioural prediction and threat-assessment and decision-making techniques. He has driven and participated to several production and research projects on robotic and autonomous vehicles topics, with a particular emphasis on safety critical systems and collision avoidance techniques. He received his Ph.D. in Automatic Control in 2012 from Grenoble University/Grenoble INP, France. Prior to joining the Zenseact, he was a visiting researcher at KTH, Sweden, as well as a postdoctoral fellow with the Department of Signals and Systems, Chalmers University of Technology, Sweden and the DEIB, Politecnico di Milano, Italy.

Abstract
This talk will focus on Zenseact’s journey towards safe automation solutions. We will provide an overview of our technology and  development platform, and describe some of our concepts and visions regarding the development of autonomous vehicles. We will also provide an overview of our research activities and bring forward some challenges and future research avenues.

8th of March at 16h00, Gonçalo Carvalho and José Pereira will give two short presentations, to promote discussion on two relevant ongoing or disruptive topics. Afterwards, there will be a social gathering where everyone can talk freely on whatever subjects they like.
Location: G4.1

Gonçalo Carvalho – “From the ER+ conceptual model to its logical model” 
Bio
Gonçalo Carvalho has a background in Geography and after a change of field is currently doing his Ph.D. research in Data models for multi-layer systems. His major research interests are in the areas of databases, distributed systems, edge computing, cyber-physical systems, and green computing.

Abstract
Distributed databases and data transformation mechanisms are remarkably relevant for Business Intelligence and Data Analytics. The Entity-Relational (ER) model is fundamental for modeling complex enterprise systems, but has shortcomings. ER+ tackled the representation of multiple database locations and conceptually expressed data transportation and data transformation operations, such as aggregate and line functions, which are standard for data analytics. The new ER+ concepts need a logical representation, which we will introduce in this talk. 

José Pereira – “On the Use of Deep Graph CNN to Detect Vulnerable C Functions and Function Prioritization Techniques” 
Bio
José D’Abruzzo Pereira is a Ph.D. student in Informatics Engineering at the University of Coimbra (UC) and a member of the Software and System Engineering (SSE) group at CISUC. His research interests include security and vulnerability detection, static code analysis, software project management, software quality, and self-adaptive systems. He received a MSc in Information Technology and Software Engineering from the University of Coimbra and Carnegie Mellon University and a BSc. in Computer Science from the State University of Campinas – Brazil (Unicamp). He is also acting as a professor in the Specialization in Software Engineering at the State University of Campinas – Brazil (Unicamp) and as an Invited Assistant Professor at the University of Coimbra.

Abstract
Software vulnerabilities are a problem in most software systems. If left unchecked, they can be exploited by malicious third parties to compromise the system, which can result in hazardous consequences. Over the years, several techniques have been proposed to tackle the problem of automatically detecting vulnerabilities. However, despite the efforts, they usually issue many false alarms, which create a large overhead for the development team to analyze them. In this work, we study the viability of using a static technique (developed initially to classify classes of malware) to detect vulnerable C functions. This technique uses the Control Flow Graph (CFG) of the functions, features related to the structure of the graph, and the code sequence. Different from the malware classification problem, we also extract memory management-related features. A Deep Graph Convolutional Neural Network (DGCNN) processes all of the features. To do that, we use vulnerable and non-vulnerable functions of the open-source Linux Kernel project. Results show that a high recall can be obtained using this approach at the cost of low precision. At this point, a new prioritization mechanism is under development, and it uses Quality Models (QMs) to rank the functions. In addition, a security expert classification will help validate the prioritization mechanism.