This document proposes an extension of the ArchiMate enterprise architecture framework to model multi-agent systems for critical infrastructure governance. The authors develop a responsibility-driven policy concept and metamodel layers to represent agent behavior and organizational policies across technical, application, and organizational layers. The approach is illustrated through a case study of a financial transaction processing system.
This document proposes a metamodel for modeling reputation-based multi-agent systems using an adaptation of the ArchiMate enterprise architecture modeling framework. It describes a case study applying this metamodel to model an electrical distribution critical infrastructure system. Key elements of the metamodel include:
- Representing agents and their behaviors through policies that integrate both behavior and trust components
- Modeling trust relationships between agents using a reputation-based trust model
- Illustrating the metamodel layers and components on a system that detects weather alerts and broadcasts messages to the public through various channels like SMS or social media
Framework for developed simple architecture enterprise fdsaecsandit
In This article presents a framework for develop de Architecture enterprise based on the
articulation of emerging paradigms for architecture development of information enterprise [1].
The first one comes from the agile methods and it is inspired on the Scrum model which aim to
simplify the complex task of developing a quality software, the second the processes models
whose are oriented the development of Architectures Enterprise as Zachman and TOGAF in a
paradigm of the Model Driven and principles de reference de architecture de Software form the
paradigms Generation (MDG), these approaches are integrated eventually leading to the
formulation and presentation of an framework for developed simple architecture enterprise –
FDSAE- The goal is to present a simple, portable, understandable terms enabling, modeling
and design business information architecture in any organizational environment, in addition to
this, there are important aspects related to the unified Modeling Language UML 2.5 and the
Business Process Modeling BPMn that become tools to obtain the products in the FDSAE
Framework, This framework is an improved version of Framework MADAIKE [2] developed by
the same authors.
The IT-GRC platform is a solution that is based on
the paradigm of distributed systems, based on multi-agent systems
(MAS) in its different parts namely the user interface, the static
and dynamic configuration of the organization management
profiles, the choice of the best repository and the processing of
processes, it takes advantage of the autonomy and learning aspect
of ADMs as well as their high-level communication and
coordination. However, these technological components are
difficult to manipulate, or users lack the necessary skills to use
them correctly. In this situation, the modeling of a communication
architecture is necessary, in order to adapt the functionalities of
the platform to the needs of the users. To help achieve these goals,
it is necessary to develop a functional and intelligent
communication architecture, adaptable and able to provide a
support framework, allowing access to system functionalities
regardless of physical and time constraints.
A Framework for Engineering Enterprise Agilityrahmanmokhtar
This document presents a framework for engineering enterprise agility that uses ontologies, viewpoints, and agent-based middleware. The framework aims to enable enterprises to meaningfully share and communicate information between distributed systems. It proposes an architecture with components that utilize HTTP and integrate ontologies, viewpoints, and agent-middleware using open standards to promote semantic interoperability. The framework is intended to support the growth and agility of heterogeneous distributed enterprise systems.
The document discusses key concepts in software design engineering including:
- Design should implement requirements from analysis and be understandable.
- Qualities like modularity, appropriate data structures, and independent components improve design.
- Fundamental concepts like abstraction, architecture, patterns, and modularity compartmentalize a design.
- Design principles guide creating a design that is traceable, reusable, and accommodates change.
Graph-Based Algorithm for a User-Aware SaaS Approach: Computing Optimal Distr...IJERA Editor
As a tool to exploit economies of scale, Software as a Service cloud models promote Multi-Tenancy which is the notion of sharing instances among a large group of tenants. However, Multi-Tenancy only satisfies requirements that are common to all tenants as well as the fact that tenants themselves hesitate about sharing. In a try to solve this problem, the present paper propose a User-Aware approach for Software as a Service models using Rich-Variant Components. The main contribution of this approach is a framework summarized in a graphbased algorithm enabling deduction of an optimal distribution of instances on application's tenants. To illustrate and evaluate the framework, the approach is applied on a Software as a Service Application for private school management
Model-Driven Mechanism in Information Systems and Enterprise EngineeringMountriver TY Yu
This document discusses model-driven mechanisms and their applications in information systems and enterprise engineering. It defines a model-driven system as one where all or part of the functions and behaviors are controlled by models at runtime. Model-driven mechanisms allow independence, timeliness and evolvability of models. Examples of model-driven systems include software systems, databases, and complex systems like businesses and human cognition. The document proposes model-driven enterprise information systems and architectural frameworks to fill gaps in traditional enterprise engineering and better bridge business and IT.
The document discusses object-oriented analysis and design (OOAD). It states that OOAD is a process of creating abstractions to meet system requirements independently of the programming language. Objects encapsulate state and behavior and communicate via message passing. While OOAD may increase development time, it facilitates reuse, maintenance, and verification. The document also discusses OO principles, the iterative analysis-design-implementation process, object-oriented analysis to identify classes and objects, and techniques for OOAD like use cases, domain modeling, CRC cards, and UML.
This document proposes a metamodel for modeling reputation-based multi-agent systems using an adaptation of the ArchiMate enterprise architecture modeling framework. It describes a case study applying this metamodel to model an electrical distribution critical infrastructure system. Key elements of the metamodel include:
- Representing agents and their behaviors through policies that integrate both behavior and trust components
- Modeling trust relationships between agents using a reputation-based trust model
- Illustrating the metamodel layers and components on a system that detects weather alerts and broadcasts messages to the public through various channels like SMS or social media
Framework for developed simple architecture enterprise fdsaecsandit
In This article presents a framework for develop de Architecture enterprise based on the
articulation of emerging paradigms for architecture development of information enterprise [1].
The first one comes from the agile methods and it is inspired on the Scrum model which aim to
simplify the complex task of developing a quality software, the second the processes models
whose are oriented the development of Architectures Enterprise as Zachman and TOGAF in a
paradigm of the Model Driven and principles de reference de architecture de Software form the
paradigms Generation (MDG), these approaches are integrated eventually leading to the
formulation and presentation of an framework for developed simple architecture enterprise –
FDSAE- The goal is to present a simple, portable, understandable terms enabling, modeling
and design business information architecture in any organizational environment, in addition to
this, there are important aspects related to the unified Modeling Language UML 2.5 and the
Business Process Modeling BPMn that become tools to obtain the products in the FDSAE
Framework, This framework is an improved version of Framework MADAIKE [2] developed by
the same authors.
The IT-GRC platform is a solution that is based on
the paradigm of distributed systems, based on multi-agent systems
(MAS) in its different parts namely the user interface, the static
and dynamic configuration of the organization management
profiles, the choice of the best repository and the processing of
processes, it takes advantage of the autonomy and learning aspect
of ADMs as well as their high-level communication and
coordination. However, these technological components are
difficult to manipulate, or users lack the necessary skills to use
them correctly. In this situation, the modeling of a communication
architecture is necessary, in order to adapt the functionalities of
the platform to the needs of the users. To help achieve these goals,
it is necessary to develop a functional and intelligent
communication architecture, adaptable and able to provide a
support framework, allowing access to system functionalities
regardless of physical and time constraints.
A Framework for Engineering Enterprise Agilityrahmanmokhtar
This document presents a framework for engineering enterprise agility that uses ontologies, viewpoints, and agent-based middleware. The framework aims to enable enterprises to meaningfully share and communicate information between distributed systems. It proposes an architecture with components that utilize HTTP and integrate ontologies, viewpoints, and agent-middleware using open standards to promote semantic interoperability. The framework is intended to support the growth and agility of heterogeneous distributed enterprise systems.
The document discusses key concepts in software design engineering including:
- Design should implement requirements from analysis and be understandable.
- Qualities like modularity, appropriate data structures, and independent components improve design.
- Fundamental concepts like abstraction, architecture, patterns, and modularity compartmentalize a design.
- Design principles guide creating a design that is traceable, reusable, and accommodates change.
Graph-Based Algorithm for a User-Aware SaaS Approach: Computing Optimal Distr...IJERA Editor
As a tool to exploit economies of scale, Software as a Service cloud models promote Multi-Tenancy which is the notion of sharing instances among a large group of tenants. However, Multi-Tenancy only satisfies requirements that are common to all tenants as well as the fact that tenants themselves hesitate about sharing. In a try to solve this problem, the present paper propose a User-Aware approach for Software as a Service models using Rich-Variant Components. The main contribution of this approach is a framework summarized in a graphbased algorithm enabling deduction of an optimal distribution of instances on application's tenants. To illustrate and evaluate the framework, the approach is applied on a Software as a Service Application for private school management
Model-Driven Mechanism in Information Systems and Enterprise EngineeringMountriver TY Yu
This document discusses model-driven mechanisms and their applications in information systems and enterprise engineering. It defines a model-driven system as one where all or part of the functions and behaviors are controlled by models at runtime. Model-driven mechanisms allow independence, timeliness and evolvability of models. Examples of model-driven systems include software systems, databases, and complex systems like businesses and human cognition. The document proposes model-driven enterprise information systems and architectural frameworks to fill gaps in traditional enterprise engineering and better bridge business and IT.
The document discusses object-oriented analysis and design (OOAD). It states that OOAD is a process of creating abstractions to meet system requirements independently of the programming language. Objects encapsulate state and behavior and communicate via message passing. While OOAD may increase development time, it facilitates reuse, maintenance, and verification. The document also discusses OO principles, the iterative analysis-design-implementation process, object-oriented analysis to identify classes and objects, and techniques for OOAD like use cases, domain modeling, CRC cards, and UML.
The document discusses architectural design and organizational models for software systems. It describes key considerations in architectural design such as functional and non-functional requirements that influence design decisions. It also summarizes common system organization models including the repository model, client-server model, and layered model. The document provides examples of each model and discusses their advantages and disadvantages.
The document discusses key concepts in software design including abstraction, architecture, patterns, modularity, information hiding, and functional independence. It explains that software design is an iterative process that transforms requirements into a blueprint for constructing the software through design models, data structures, system architecture, interfaces, and components. Good software design exhibits qualities like being bug-free, suitable for its intended purpose, and a pleasurable user experience.
This document proposes a conceptual trusted incident reaction architecture based on a multi-agent system. The architecture is designed to dynamically and flexibly react to security incidents across an enterprise network. It incorporates the concept of trust into the decision-making process for determining and deploying appropriate security responses. The architecture is illustrated using a case study of a medical application distributed across buildings, a campus, and metropolitan area networks.
The document discusses key principles of software design including data design, architectural design, user interface design, abstraction, refinement, modularity, software architecture, control hierarchy, structural partitioning, software procedure, and information hiding. These principles provide a foundation for correctly designing software and translating analysis models into implementable designs.
Presenting an Excusable Model of Enterprise Architecture for Evaluation of R...Editor IJCATR
The document presents a method for creating an executable model of enterprise architecture diagrams to evaluate reliability. It transforms UML collaboration diagrams into colored Petri nets using an algorithm. This allows simulation of the diagrams to identify potential reliability issues early in the planning process. It aims to avoid high costs of implementation by improving architectural artifacts. The key steps are:
1) Using C4ISR framework and UML diagrams to describe enterprise architecture.
2) Transforming collaboration diagrams to colored Petri nets using a algorithm that represents messages as transitions and senders/receivers as places.
3) Annotating the Petri net model with reliability data to enable simulation and evaluation of reliability.
Service Oriented & Model Driven ArchitecturesPankaj Saharan
The document discusses a seminar on combining Service-Oriented Architectures (SOA) and Model Driven Architectures (MDA). It first provides an overview of SOA and MDA individually, including their goals and characteristics. It then analyzes the similarities and differences between the two approaches when combining them. Some benefits are improved productivity and lower costs, while challenges include defining models and transformations between levels of abstraction. Overall, the document concludes that combining SOA with MDA's model-driven approach can provide benefits like business agility if key issues like semantics and metadata modeling are adequately addressed.
The document provides an overview of several agent-oriented software engineering methodologies, including GAIA, INGENIAS, MaSE, PASSI, Prometheus, Tropos, and ADEM. It discusses the concepts and properties supported by each methodology, their modeling approaches and notations, development lifecycles, and their pragmatic considerations in terms of available resources and tooling. The methodologies generally support common multi-agent concepts but provide different levels of guidance, modeling support, and tooling throughout the development process.
The document summarizes a literature review on design patterns for multi-agent systems. It finds that patterns are commonly documented using templates that describe the problem, context, and solution. Patterns can be classified along dimensions of inspiration, abstraction, focus, and granularity. Many patterns are inspired by nature, society, or human behaviors. While applied to a variety of domains, opportunities remain to document patterns for emerging systems like cloud computing. Standardizing pattern documentation and developing tools to support pattern usage could help practitioners apply these design best practices.
Jobst Landgrebe The HL7 Services Aware Interoperability Framework (SAIF)Barry Smith
The document summarizes the Health Level 7 (HL7) approach to semantic interoperability and its Services Aware Interoperability Framework (SAIF). It finds that HL7's previous approach using the Reference Information Model (RIM) failed due to disconnection from users, lack of proper foundations, and technical issues. It also finds that the SAIF does not meet the needs of an interoperability framework and will not overcome HL7's crisis because it fails to realize necessary principles, has an inconsistent architecture, and cannot be instantiated. The authors recommend replacing SAIF with a new approach based on fundamental reassessment and using existing standards.
The document discusses system engineering and modeling. It describes the key elements of a computer-based system as software, hardware, people, databases, and documentation/procedures. It also outlines the hierarchy of system modeling from the system level down to individual components. Business process engineering focuses on using models to understand enterprise goals and information needs. System architectures must be designed based on data, applications, and technology infrastructure to meet business objectives.
Multiagent Based Methodologies have become an
important subject of research in advance Software Engineering.
Several methodologies have been proposed as, a theoretical
approach, to facilitate and support the development of complex
distributed systems. An important question when facing the
construction of Agent Applications is deciding which
methodology to follow. Trying to answer this question, a
framework with several criteria is applied in this paper for the
comparative analysis of existing multiagent system
methodologies. The results of the comparative over two of them,
conclude that those methodologies have not reached a sufficient
maturity level to be used by the software industry. The
framework has also proved its utility for the evaluation of any
kind of Multiagent Based Software Engineering Methodology
This document summarizes four architectural patterns for context-aware systems: WCAM, Event-Control-Action, Action, and architectural pattern for context-based navigation. It discusses examples, problems addressed, solutions, structures, and benefits of each pattern. The patterns are examined to determine which can best overcome complexity and be more extensible for context-aware systems.
The document discusses criteria for modularization in software design. It defines modules as named entities that can contain instructions, processing logic, and data structures. Modularization aims to minimize coupling between modules and maximize cohesion within modules. Strong coupling like content coupling is undesirable, while data and stamp coupling are more desirable. Cohesion within a module is best when elements are functionally related to a single function. Additional criteria for modularization include hiding design decisions and isolating machine dependencies.
This document proposes enhancements to the Role-Based Access Control (RBAC) model by integrating the concept of responsibility. It summarizes the existing RBAC model and user-role/permission-role assignment processes. It then presents a responsibility model built around three concepts: an employee's obligations derived from responsibilities, the rights required to fulfill obligations, and the employee's commitment to fulfill obligations. The paper argues RBAC could be improved by incorporating acceptance of responsibility within the role assignment process. It proposes integrating the responsibility model with RBAC to address identified weaknesses and modeling the integrated model using the OWL ontology language.
Multi-agent systems can be viewed as a software architecture style consisting of autonomous components called agents. The agents interact through message passing according to a predefined protocol. There are different organizational styles for multi-agent systems including hierarchical, flat, subsumption, and modular organizations. Effective multi-agent systems require specially designed communication protocols that fit the agent architecture, organization, and tasks. Standard communication languages and protocols are increasingly used to facilitate conversations between agents from different systems.
Alignment of remmo with rbac to manage access rights in the frame of enterpri...christophefeltus
The document proposes aligning a Responsibility metamodel (ReMMo) with the Role-Based Access Control (RBAC) model to better manage access rights based on employee responsibilities within an enterprise architecture. It first defines the ReMMo to represent business responsibilities and related access rights. ReMMo is then integrated with the ArchiMate enterprise architecture framework. Finally, the paper proposes aligning ReMMo and RBAC and provides a reference model for engineering access rights based on aligning business roles, responsibilities, and RBAC roles. This approach uses responsibility as a pivot to integrate business and application layer access rights requirements.
This document discusses an approach to assembling software products using a product line approach. It presents a separation continuum that separates concerns both vertically (from abstract to implementation layers) and horizontally (between human-facing and machine-facing aspects). An application assembly approach is then discussed where a product line architecture is tied to this separation continuum, allowing high productivity by reusing pre-built software assets to realize new product lines. The approach aims to facilitate experimentation in building large-scale application assembly capabilities.
Enhancing the ArchiMate® Standard with a Responsibility Modeling Language for...Iver Band
In this paper, we describe an innovative approach for aligning the
business layer and the application layer of ArchiMate to ensure
that applications manage access rights consistently with enterprise
goals and risk tolerances. The alignment is realized by using the
responsibility of the employees, which we model using ReMoLa.
The main focus of the alignment targets the definition and the
assignment of the access rights needed by the employees
according to business specification. The approach is illustrated
and validated with a case study in a municipal hospital in
Luxembourg.
A Methodology For Large-Scale E-Business Project ManagementApril Smith
This document proposes an environment-based methodology for managing large-scale e-business projects. The methodology defines six working environments - development, integration, pre-production, production, demonstration, and software repository - that represent increasing stages of stability for a software product. It describes the tasks and migration processes between environments. The methodology aims to systematically guide e-business project management according to an organization's needs and resources.
DESIGN AND DEVELOPMENT OF BUSINESS RULES MANAGEMENT SYSTEM (BRMS) USING ATLAN...ijcsit
The document describes the design and development of a Business Rules Management System (BRMS) using the ATL and Eclipse Sirius frameworks. It proposes a new "Target Ecore meta model" to improve the structure and management of business rules. The system allows business rules to be modeled and transformed from their current format into an object-oriented format using ATL model transformations. This provides improved modularity, scalability and extensibility of the rules compared to the original structure. A case study demonstrates transforming an example business rule from a software package based on the proposed approach.
Towards a Docker-based architecture for open multi-agent systemsIAESIJAI
In open multi-agent systems (OMAS), heterogeneous agents in different environments or models can migrate from one system to another, taking their attributes and knowledge and increasing developing complexity compared to conventional multi-agent systems (MAS). Furthermore, the complexity of opening may be due to the uncertainties and dynamic behavior that the change of agents entails, needing to formulate techniques to analyze this complexity and understand the system’s global behavior. We used Docker to approach these problems and make the architecture flexible to handle distinct types of programming languages and frameworks of agents. This paper presents a Docker-based architecture to aid OMAS development, acting on agent migration between different models running in heterogeneous hardware and software scenarios. We present a simulation scenario with NetLogo’s Open Sugarscape 2 Constant Growback and JaCaMo’s Gold Miners to verify the proposal’s feasibility
The document discusses architectural design and organizational models for software systems. It describes key considerations in architectural design such as functional and non-functional requirements that influence design decisions. It also summarizes common system organization models including the repository model, client-server model, and layered model. The document provides examples of each model and discusses their advantages and disadvantages.
The document discusses key concepts in software design including abstraction, architecture, patterns, modularity, information hiding, and functional independence. It explains that software design is an iterative process that transforms requirements into a blueprint for constructing the software through design models, data structures, system architecture, interfaces, and components. Good software design exhibits qualities like being bug-free, suitable for its intended purpose, and a pleasurable user experience.
This document proposes a conceptual trusted incident reaction architecture based on a multi-agent system. The architecture is designed to dynamically and flexibly react to security incidents across an enterprise network. It incorporates the concept of trust into the decision-making process for determining and deploying appropriate security responses. The architecture is illustrated using a case study of a medical application distributed across buildings, a campus, and metropolitan area networks.
The document discusses key principles of software design including data design, architectural design, user interface design, abstraction, refinement, modularity, software architecture, control hierarchy, structural partitioning, software procedure, and information hiding. These principles provide a foundation for correctly designing software and translating analysis models into implementable designs.
Presenting an Excusable Model of Enterprise Architecture for Evaluation of R...Editor IJCATR
The document presents a method for creating an executable model of enterprise architecture diagrams to evaluate reliability. It transforms UML collaboration diagrams into colored Petri nets using an algorithm. This allows simulation of the diagrams to identify potential reliability issues early in the planning process. It aims to avoid high costs of implementation by improving architectural artifacts. The key steps are:
1) Using C4ISR framework and UML diagrams to describe enterprise architecture.
2) Transforming collaboration diagrams to colored Petri nets using a algorithm that represents messages as transitions and senders/receivers as places.
3) Annotating the Petri net model with reliability data to enable simulation and evaluation of reliability.
Service Oriented & Model Driven ArchitecturesPankaj Saharan
The document discusses a seminar on combining Service-Oriented Architectures (SOA) and Model Driven Architectures (MDA). It first provides an overview of SOA and MDA individually, including their goals and characteristics. It then analyzes the similarities and differences between the two approaches when combining them. Some benefits are improved productivity and lower costs, while challenges include defining models and transformations between levels of abstraction. Overall, the document concludes that combining SOA with MDA's model-driven approach can provide benefits like business agility if key issues like semantics and metadata modeling are adequately addressed.
The document provides an overview of several agent-oriented software engineering methodologies, including GAIA, INGENIAS, MaSE, PASSI, Prometheus, Tropos, and ADEM. It discusses the concepts and properties supported by each methodology, their modeling approaches and notations, development lifecycles, and their pragmatic considerations in terms of available resources and tooling. The methodologies generally support common multi-agent concepts but provide different levels of guidance, modeling support, and tooling throughout the development process.
The document summarizes a literature review on design patterns for multi-agent systems. It finds that patterns are commonly documented using templates that describe the problem, context, and solution. Patterns can be classified along dimensions of inspiration, abstraction, focus, and granularity. Many patterns are inspired by nature, society, or human behaviors. While applied to a variety of domains, opportunities remain to document patterns for emerging systems like cloud computing. Standardizing pattern documentation and developing tools to support pattern usage could help practitioners apply these design best practices.
Jobst Landgrebe The HL7 Services Aware Interoperability Framework (SAIF)Barry Smith
The document summarizes the Health Level 7 (HL7) approach to semantic interoperability and its Services Aware Interoperability Framework (SAIF). It finds that HL7's previous approach using the Reference Information Model (RIM) failed due to disconnection from users, lack of proper foundations, and technical issues. It also finds that the SAIF does not meet the needs of an interoperability framework and will not overcome HL7's crisis because it fails to realize necessary principles, has an inconsistent architecture, and cannot be instantiated. The authors recommend replacing SAIF with a new approach based on fundamental reassessment and using existing standards.
The document discusses system engineering and modeling. It describes the key elements of a computer-based system as software, hardware, people, databases, and documentation/procedures. It also outlines the hierarchy of system modeling from the system level down to individual components. Business process engineering focuses on using models to understand enterprise goals and information needs. System architectures must be designed based on data, applications, and technology infrastructure to meet business objectives.
Multiagent Based Methodologies have become an
important subject of research in advance Software Engineering.
Several methodologies have been proposed as, a theoretical
approach, to facilitate and support the development of complex
distributed systems. An important question when facing the
construction of Agent Applications is deciding which
methodology to follow. Trying to answer this question, a
framework with several criteria is applied in this paper for the
comparative analysis of existing multiagent system
methodologies. The results of the comparative over two of them,
conclude that those methodologies have not reached a sufficient
maturity level to be used by the software industry. The
framework has also proved its utility for the evaluation of any
kind of Multiagent Based Software Engineering Methodology
This document summarizes four architectural patterns for context-aware systems: WCAM, Event-Control-Action, Action, and architectural pattern for context-based navigation. It discusses examples, problems addressed, solutions, structures, and benefits of each pattern. The patterns are examined to determine which can best overcome complexity and be more extensible for context-aware systems.
The document discusses criteria for modularization in software design. It defines modules as named entities that can contain instructions, processing logic, and data structures. Modularization aims to minimize coupling between modules and maximize cohesion within modules. Strong coupling like content coupling is undesirable, while data and stamp coupling are more desirable. Cohesion within a module is best when elements are functionally related to a single function. Additional criteria for modularization include hiding design decisions and isolating machine dependencies.
This document proposes enhancements to the Role-Based Access Control (RBAC) model by integrating the concept of responsibility. It summarizes the existing RBAC model and user-role/permission-role assignment processes. It then presents a responsibility model built around three concepts: an employee's obligations derived from responsibilities, the rights required to fulfill obligations, and the employee's commitment to fulfill obligations. The paper argues RBAC could be improved by incorporating acceptance of responsibility within the role assignment process. It proposes integrating the responsibility model with RBAC to address identified weaknesses and modeling the integrated model using the OWL ontology language.
Multi-agent systems can be viewed as a software architecture style consisting of autonomous components called agents. The agents interact through message passing according to a predefined protocol. There are different organizational styles for multi-agent systems including hierarchical, flat, subsumption, and modular organizations. Effective multi-agent systems require specially designed communication protocols that fit the agent architecture, organization, and tasks. Standard communication languages and protocols are increasingly used to facilitate conversations between agents from different systems.
Alignment of remmo with rbac to manage access rights in the frame of enterpri...christophefeltus
The document proposes aligning a Responsibility metamodel (ReMMo) with the Role-Based Access Control (RBAC) model to better manage access rights based on employee responsibilities within an enterprise architecture. It first defines the ReMMo to represent business responsibilities and related access rights. ReMMo is then integrated with the ArchiMate enterprise architecture framework. Finally, the paper proposes aligning ReMMo and RBAC and provides a reference model for engineering access rights based on aligning business roles, responsibilities, and RBAC roles. This approach uses responsibility as a pivot to integrate business and application layer access rights requirements.
This document discusses an approach to assembling software products using a product line approach. It presents a separation continuum that separates concerns both vertically (from abstract to implementation layers) and horizontally (between human-facing and machine-facing aspects). An application assembly approach is then discussed where a product line architecture is tied to this separation continuum, allowing high productivity by reusing pre-built software assets to realize new product lines. The approach aims to facilitate experimentation in building large-scale application assembly capabilities.
Enhancing the ArchiMate® Standard with a Responsibility Modeling Language for...Iver Band
In this paper, we describe an innovative approach for aligning the
business layer and the application layer of ArchiMate to ensure
that applications manage access rights consistently with enterprise
goals and risk tolerances. The alignment is realized by using the
responsibility of the employees, which we model using ReMoLa.
The main focus of the alignment targets the definition and the
assignment of the access rights needed by the employees
according to business specification. The approach is illustrated
and validated with a case study in a municipal hospital in
Luxembourg.
A Methodology For Large-Scale E-Business Project ManagementApril Smith
This document proposes an environment-based methodology for managing large-scale e-business projects. The methodology defines six working environments - development, integration, pre-production, production, demonstration, and software repository - that represent increasing stages of stability for a software product. It describes the tasks and migration processes between environments. The methodology aims to systematically guide e-business project management according to an organization's needs and resources.
DESIGN AND DEVELOPMENT OF BUSINESS RULES MANAGEMENT SYSTEM (BRMS) USING ATLAN...ijcsit
The document describes the design and development of a Business Rules Management System (BRMS) using the ATL and Eclipse Sirius frameworks. It proposes a new "Target Ecore meta model" to improve the structure and management of business rules. The system allows business rules to be modeled and transformed from their current format into an object-oriented format using ATL model transformations. This provides improved modularity, scalability and extensibility of the rules compared to the original structure. A case study demonstrates transforming an example business rule from a software package based on the proposed approach.
Towards a Docker-based architecture for open multi-agent systemsIAESIJAI
In open multi-agent systems (OMAS), heterogeneous agents in different environments or models can migrate from one system to another, taking their attributes and knowledge and increasing developing complexity compared to conventional multi-agent systems (MAS). Furthermore, the complexity of opening may be due to the uncertainties and dynamic behavior that the change of agents entails, needing to formulate techniques to analyze this complexity and understand the system’s global behavior. We used Docker to approach these problems and make the architecture flexible to handle distinct types of programming languages and frameworks of agents. This paper presents a Docker-based architecture to aid OMAS development, acting on agent migration between different models running in heterogeneous hardware and software scenarios. We present a simulation scenario with NetLogo’s Open Sugarscape 2 Constant Growback and JaCaMo’s Gold Miners to verify the proposal’s feasibility
This document provides an overview of software architectures and architectural structures. It discusses different types of architectural structures, including module structures, component-and-connector structures, and allocation structures. Module structures focus on modules and their relationships, component-and-connector structures examine runtime components and connectors, and allocation structures show how software elements map to environments. The document then examines specific architectural structures like modules, layers, classes, processes, repositories, and deployment. It emphasizes that an architect should focus on a few key structures like logical, process, development, and physical views to validate that the architecture meets requirements.
The document discusses the challenges of managing complex and interconnected IT environments. It proposes using an architectural model and management platform to address these challenges. The solution involves three steps: 1) Creating a unified model of the entire IT environment across four levels. 2) Leveraging the model to optimize systems and ensure compliance. 3) Using the model to support future implementations, modernizations and growth. The model provides visibility, insights and a baseline for strategic alignment of IT assets with business needs.
This document discusses and compares several agent-assisted methodologies for developing multi-agent systems:
- It reviews Gaia, HLIM, PASSI, and Tropos methodologies, outlining their key models and phases. Gaia focuses on analysis and design, HLIM models internal and external agent behavior, and PASSI and Tropos incorporate UML modeling.
- It then proposes a new MAB methodology intended to address shortcomings of existing approaches. MAB includes requirements, analysis, design, and implementation phases and models such as use case maps and agent roles.
- Finally, it concludes that agent technologies represent a promising approach for developing complex software systems, but that matching methodologies to problem domains and developing princip
1. Why Event-Driven Microservices _ Building Event-Driven Microservices.pdfRajeevKumarSingh87
This document discusses communication structures in traditional computing architectures and how they influence system design. It explains that in traditional systems, if a team needs to implement a new but related business requirement, they may add it to their existing monolithic service rather than creating a new microservice, due to difficulties sharing data and a lack of processes for independent service ownership. The document argues that these issues stem from poor data communication between systems.
An Overview of Workflow Management on Mobile Agent TechnologyIJERA Editor
This document discusses mobile agent technology for workflow management. It provides an overview of current research on using mobile agents to automate business processes across distributed systems. The document summarizes several related works on topics like inter-organizational workflows, mobile agent communication, coordination techniques, and workflow partitioning and scheduling algorithms. It aims to improve methods for designing and implementing prototype models for mobile agent-based workflow management systems.
Is The Architectures Of The Convnets ) For Action...Sheila Guy
The document discusses enterprise architecture (EA), which is defined as a conceptual blueprint that defines the structure and operation of an organization. The purpose of EA is to understand how an organization can most effectively achieve its current and future objectives. Some key benefits of EA include taking a holistic approach, ensuring consistency when delivering solutions to business problems, and aligning business and IT strategies to effectively use IT assets and support the organization's goals. EA is similar to city planning in providing an overall framework and context.
The document discusses the General Endeavor Management (GEM) approach for managing enterprises. GEM views an enterprise as a single dynamic subsystem within a larger environment. It provides a methodology for moving an enterprise from its current "As-Is" state to a desired "To-Be" state through planning, execution, monitoring, and adjustment. GEM can support management at various scales from organizations to groups of nations. It aims to reduce complexity and inconsistency in enterprise management.
Tech challenges in a large scale agile projectHarald Soevik
1. The document discusses three major technical challenges faced in a large-scale Java project that adopted Scrum methodology: modularization, testing environments, and declaratively representing domain knowledge.
2. For modularization, the project struggled with creating an optimal structure that balanced complexity, coupling, and cohesion across modules. Testing multiple environments provided benefits but also challenges in maintenance and automation.
3. Representing domain knowledge declaratively aimed to separate knowledge from implementation, but specific issues are not discussed in the summary due to a missing portion of the original text.
This document discusses implementing the MAP framework within the GERAM framework. MAP defines the roles and deliverables of a software architect, while GERAM is a meta-framework for enterprise architectures. The document argues that by mapping MAP to GERAM, it provides a common ontology for software architects across different enterprise architecture and software development frameworks. It describes how MAP and GERAM can be implemented using three layers (M0-M3), with MAP defining the meta-ontological concepts and processes that can then be customized for specific companies or software processes.
Towards to an Agent-Oriented Modeling and Evaluating Approach for Vehicular S...Zac Darcy
1) The document proposes an agent-oriented meta-model for modeling and evaluating vehicular systems security.
2) It extends the existing Extended Gaia meta-model to build a new meta-model suited for modeling transportation problems.
3) The new meta-model adds concepts like functional requirement, non-functional requirement, agent model, and organization model to allow modeling of transportation system requirements and behaviors.
Towards to an agent oriented modeling and evaluating approach for vehicular s...Zac Darcy
Agent technology is a software paradigm that permits to implement large and complex distributed
applications. In order to assist the development of multi-agent systems, agent-oriented methodologies
(AOM) have been created in the last years to support modeling more and more complex applications in
many different domains. By defining in a non-ambiguous way concepts used in a specific domain, Meta
modeling may represent a step towards such interoperability. In the Transport domain, this paper propose
an agent-oriented meta-model that provides rigorous concepts for conducting transportation system
problem modeling. The aim is to allow analysts to produce a transportation system model that precisely
captures the knowledge of an organization so that an agent-oriented requirements specification of the
system-to-be and its operational corporate environment can be derived from it. To this end, we extend and
adapt an existing meta-model, Extended Gaia, to build a meta-model and an adequate model for
transportation problems. Our new agent-oriented meta-model aims to allow the analyst to model and
specify any transportation system as a multi-agent system. Based on the proposed meta-model, we proposes
an approach for modeling and evaluating the Transportation System based on Stochastic Activity Network
(SAN) components. The proposed process is based on seven steps from “Recognition” phase to
“Quantitative Analysis” phase. These analyzes are based on the Dependability models which are built
using the formalism Stochastic Activity Network. A real case study of Urban Public Transportation System
has been conducted to show the benefits of the approach.
1
45
Table of Contents
Introduction3
Need for technology-based solutions3
Infrastructure Automation Tools4
Implementation4
The Central Theory: Organizational Management and Memory4
Organizational Management4
Organizational Memory4
Need of Data Archival And Storage5
Data Storage.5
Types of Storage.6
Data Archival9
Data Archival Process9
Archiving principles12
Data Management Systems12
Enterprise Resource Planning Systems (ERP systems) for data integration.13
Microservices.15
Properties of Monolithic.17
Conclusion22
References24
Introduction
Technology is considered vital in today's globalized world. Especially in terms of business, information technology has both quantifiable and unquantifiable benefits. It is essential to communicate with customers and stakeholders regularly and necessary for communicating quickly and clearly. It helps in implementing business operations efficiently and effectively, also. A business with robust technological capacity creates new opportunities for a company to stay ahead of the competition and grow eventually (Rangus & Slavec, 2017). Consequently, it also makes dynamic teams that can interact from anywhere in the world—furthermore, technology aids in understanding the business needs and managing and securing confidential and critical data.Need for technology-based solutions
The need for data recovery, active and continuous data processing by its life cycle of significance and utility for research, scientific and educational purposes (Bukari Zakaria & Mamman, 2014). The acknowledgment that information is an organization's key asset since late, decisively affecting its profitability, has contributed to some comprehensive corporate memory approaches. The key causes of competitive advantage are corporate memory and organizational learning ability (C. Priya, 2011). Hence the main obstacle is the effectiveness of information management while ensuring the consistency of training facilities.
Organizations need robust technology-based solutions. Thus, software developers have developed and deployed various forms of overtime architectures that enable software products to become resource-effective and usable. Some architectures implement their frameworks in either one layer or various layers or levels (Suresh, 2012). It is understood that ERP implementation efficiency of ERP implementations is influenced by the rise or excess of a certain degree of capability in the volume of data to process (Johansson, 2012). In the last couple of decades, new architectures have been created with creativity that offers optimum solutions. Thus, the microservices architecture is gaining room and becoming part of the technological, financial, and advertising decision-making process. Microservices replace monolithic, tightly dispersed system-focused applications with an independent operation (Vrîncianu, Anica-Popa, & Anica-Popa, 2009).Infrastructure Automation Tools
One issue as microservices are applied is that any s ...
1
45
Table of Contents
Introduction3
Need for technology-based solutions3
Infrastructure Automation Tools4
Implementation4
The Central Theory: Organizational Management and Memory4
Organizational Management4
Organizational Memory4
Need of Data Archival And Storage5
Data Storage.5
Types of Storage.6
Data Archival9
Data Archival Process9
Archiving principles12
Data Management Systems12
Enterprise Resource Planning Systems (ERP systems) for data integration.13
Microservices.15
Properties of Monolithic.17
Conclusion22
References24
Introduction
Technology is considered vital in today's globalized world. Especially in terms of business, information technology has both quantifiable and unquantifiable benefits. It is essential to communicate with customers and stakeholders regularly and necessary for communicating quickly and clearly. It helps in implementing business operations efficiently and effectively, also. A business with robust technological capacity creates new opportunities for a company to stay ahead of the competition and grow eventually (Rangus & Slavec, 2017). Consequently, it also makes dynamic teams that can interact from anywhere in the world—furthermore, technology aids in understanding the business needs and managing and securing confidential and critical data.Need for technology-based solutions
The need for data recovery, active and continuous data processing by its life cycle of significance and utility for research, scientific and educational purposes (Bukari Zakaria & Mamman, 2014). The acknowledgment that information is an organization's key asset since late, decisively affecting its profitability, has contributed to some comprehensive corporate memory approaches. The key causes of competitive advantage are corporate memory and organizational learning ability (C. Priya, 2011). Hence the main obstacle is the effectiveness of information management while ensuring the consistency of training facilities.
Organizations need robust technology-based solutions. Thus, software developers have developed and deployed various forms of overtime architectures that enable software products to become resource-effective and usable. Some architectures implement their frameworks in either one layer or various layers or levels (Suresh, 2012). It is understood that ERP implementation efficiency of ERP implementations is influenced by the rise or excess of a certain degree of capability in the volume of data to process (Johansson, 2012). In the last couple of decades, new architectures have been created with creativity that offers optimum solutions. Thus, the microservices architecture is gaining room and becoming part of the technological, financial, and advertising decision-making process. Microservices replace monolithic, tightly dispersed system-focused applications with an independent operation (Vrîncianu, Anica-Popa, & Anica-Popa, 2009).Infrastructure Automation Tools
One issue as microservices are applied is that any s ...
Similar to Organizational security architecture for critical infrastructure (20)
Multi-Agent System (MAS) monitoring solutions are designed for a plethora of usage topics. Existing approach mostly used cloned back-end architectures while front-end monitoring interface tends to constitute the real specificity of the solution. These interfaces are recurrently structured around three dimensions: access to informed knowledge, agent’s behavioural rules, and restitution of real-time states of specific system sector. In this paper, we propose prototyping a sector-agnostic MAS platform (Smart-X) which gathers in an integrated and independent platform all the functionalities required to monitor and to govern a wide range of sector specific environments. For illustration and validation purposes, the use of Smart-X is introduced and explained with a smart-mobility case study.
This document provides an agenda and overview for a joint workshop on security modeling hosted by the ArchiMate Forum and Security Forum. The workshop aims to identify opportunities to improve the conceptual and visual modeling of enterprise information security using TOGAF and ArchiMate. The agenda includes introductions, a research spotlight on strengthening role-based access control with responsibility modeling, an open discussion on complementing TOGAF and ArchiMate with enhanced security modeling, and identifying next steps. The workshop purpose is to enable better security architecture decisions and drive usage of TOGAF and ArchiMate for security architecture.
Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate® to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended case study at the Hospital Center in Luxembourg.
This document proposes an innovative systemic approach to risk management across interconnected sectors. It suggests using enterprise architecture models to manage cross-sector risks in Luxembourg's complex ICT ecosystem. The approach would provide regulators an overview of all players and systems, as well as models of different sectors to analyze collected data and risks at a national level, fostering accurate and reactive risk mitigation across economic domains.
This document proposes extending the HL7 standard with a responsibility perspective to better manage access rights to patient health records. It presents the ReMMo responsibility metamodel, which defines actors' responsibilities and associated access rights. The paper aims to align ReMMo with the HL7-based eSanté healthcare platform model in Luxembourg to semantically enhance access controls based on users' real responsibilities rather than just roles. It will first map concepts between the two models, then evaluate the alignment through a prototype applying inference rules.
This document presents a study that aims to develop and validate a responsibility model to improve IT governance. It analyzes concepts of responsibility from literature and frameworks like COBIT. The researchers developed a responsibility model with key concepts like obligation, accountability, right, and commitment. They then compare this model to COBIT's representation of responsibility to identify areas for potential enhancement, like adding concepts that COBIT lacks. The document illustrates how the responsibility model could be used to refine COBIT's process for identifying system owners and their responsibilities.
This document proposes an innovative approach called SIM (Secure Identity Management) that aims to make access management policies closer aligned with business objectives. It does this in two ways:
1) By focusing the policy engineering process on business goals and responsibilities defined in processes, using concepts from the ISO/IEC 15504 standard. This links capabilities and accountabilities to process outcomes and work products.
2) By defining a multi-agent system architecture to automate the deployment of policies across heterogeneous IT components and devices. The agents provide autonomy and ability to adapt rapidly according to context.
The approach was prototyped using open source components and aims to improve how access rights are defined according to business needs and deployed across an organization
This document proposes a methodological approach for specifying services and analyzing service compliance considering the responsibility dimension of stakeholders. The approach includes a product model and process model. The product model has three layers: an informational layer describing service context and concepts, an organizational layer describing business rules and roles, and a responsibility dimension layer linking the two. The process model outlines steps for service architects to identify context, define concepts and rules, specify services, and analyze compliance. The approach is illustrated with an example of managing access rights for sensitive healthcare data exchange between organizations.
This document discusses integrating responsibility aspects into service engineering for e-government. It proposes a multi-layered approach including an ontological layer defining legal concepts, an organizational layer describing roles and stakeholders, an informational layer representing data structures and integrity constraints, and a technical layer representing IT components. A responsibility meta-model is also introduced to align responsibilities across these layers and facilitate interoperability between services that share data. The approach aims to ensure service compliance and manage risks associated with e-government services.
1) The document proposes a dynamic approach for assigning functions and responsibilities to agents in a multi-agent system for critical infrastructure management.
2) The approach uses an agent's reputation, which is based on past performance, to determine which agents receive which responsibilities as crisis situations change over time.
3) Assigning responsibilities dynamically based on reputation allows the system to continue operating effectively if an agent becomes isolated or has reduced capabilities during a crisis.
This document proposes a responsibility modeling language (ReMoLa) to align access rights with business process requirements. ReMoLa is a responsibility-centered meta-model that integrates concepts from the business and technical layers, with the concept of employee responsibility bridging the two. It incorporates four types of obligations from the COBIT framework to refine employee responsibilities and better assign access rights. ReMoLa maps responsibilities to roles in the RBAC model to leverage its advantages for access right management while ensuring responsibilities align with business tasks and employee commitment.
The document describes the NOEMI assessment methodology, which was developed as part of a research project to help very small enterprises (VSEs) improve their IT practices. The methodology aims to assess VSEs' IT capabilities in order to facilitate collaborative IT management across organizations. It was designed to be aligned with common IT standards like ISO/IEC 15504 and ITIL, but adapted specifically for VSEs. The methodology has been tested through several case studies with VSEs in Luxembourg, with promising results.
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It summarizes key access control models and discusses how they address concepts like capability, accountability, and commitment. The document also reviews engineering methods and how they incorporate responsibility considerations. The overall goal is to orient further research towards a new policy model and engineering method that more fully addresses stakeholder responsibility.
This document summarizes an experimental prototype of the OpenSST protocol for secured electronic transactions. OpenSST was developed to achieve high security, simplicity in software engineering, and compatibility with existing standards. The prototype uses OpenSST for the authorization portion of electronic payments in an e-business clearing solution. It describes the OpenSST message format and types, and discusses how OpenSST is implemented in the prototype's three-element architecture of an OpenSST proxy, reverse proxy, and server.
This document proposes an automatic reaction strategy for critical infrastructure SCADA systems. It defines a three-layer metamodel for modeling SCADA components and two types of policies (cognitive and permissive) that govern component behavior. It then presents a two-phase method for identifying these policies from the SCADA architecture and formalizing them to support an automatic reaction strategy. This strategy is modeled as an integral part of the SCADA architecture using the defined metamodel and policy identification method. It includes organizational and application layers with main actors, strategies, and components that realize the reaction policies based on expected automation levels.
This document discusses the NOEMI model, a collaborative management model for ICT processes in SMEs. The model was developed by the Centre Henri Tudor and tested with a cluster of 8 partner SMEs. Key aspects of the model include defining ICT activities across 5 domains, assessing each SME's capabilities, and having an operational team manage activities for the cluster under a coordination committee. The experiment showed improved cost control, management, and partner satisfaction compared to alternatives like outsourcing or hiring individual IT staff. The research is now ready for market transfer as the successful model is adopted long-term by participating SMEs.
More from Luxembourg Institute of Science and Technology (20)
Remote Sensing and Computational, Evolutionary, Supercomputing, and Intellige...University of Maribor
Slides from talk:
Aleš Zamuda: Remote Sensing and Computational, Evolutionary, Supercomputing, and Intelligent Systems.
11th International Conference on Electrical, Electronics and Computer Engineering (IcETRAN), Niš, 3-6 June 2024
Inter-Society Networking Panel GRSS/MTT-S/CIS Panel Session: Promoting Connection and Cooperation
https://www.etran.rs/2024/en/home-english/
Authoring a personal GPT for your research and practice: How we created the Q...Leonel Morgado
Thematic analysis in qualitative research is a time-consuming and systematic task, typically done using teams. Team members must ground their activities on common understandings of the major concepts underlying the thematic analysis, and define criteria for its development. However, conceptual misunderstandings, equivocations, and lack of adherence to criteria are challenges to the quality and speed of this process. Given the distributed and uncertain nature of this process, we wondered if the tasks in thematic analysis could be supported by readily available artificial intelligence chatbots. Our early efforts point to potential benefits: not just saving time in the coding process but better adherence to criteria and grounding, by increasing triangulation between humans and artificial intelligence. This tutorial will provide a description and demonstration of the process we followed, as two academic researchers, to develop a custom ChatGPT to assist with qualitative coding in the thematic data analysis process of immersive learning accounts in a survey of the academic literature: QUAL-E Immersive Learning Thematic Analysis Helper. In the hands-on time, participants will try out QUAL-E and develop their ideas for their own qualitative coding ChatGPT. Participants that have the paid ChatGPT Plus subscription can create a draft of their assistants. The organizers will provide course materials and slide deck that participants will be able to utilize to continue development of their custom GPT. The paid subscription to ChatGPT Plus is not required to participate in this workshop, just for trying out personal GPTs during it.
Immersive Learning That Works: Research Grounding and Paths ForwardLeonel Morgado
We will metaverse into the essence of immersive learning, into its three dimensions and conceptual models. This approach encompasses elements from teaching methodologies to social involvement, through organizational concerns and technologies. Challenging the perception of learning as knowledge transfer, we introduce a 'Uses, Practices & Strategies' model operationalized by the 'Immersive Learning Brain' and ‘Immersion Cube’ frameworks. This approach offers a comprehensive guide through the intricacies of immersive educational experiences and spotlighting research frontiers, along the immersion dimensions of system, narrative, and agency. Our discourse extends to stakeholders beyond the academic sphere, addressing the interests of technologists, instructional designers, and policymakers. We span various contexts, from formal education to organizational transformation to the new horizon of an AI-pervasive society. This keynote aims to unite the iLRN community in a collaborative journey towards a future where immersive learning research and practice coalesce, paving the way for innovative educational research and practice landscapes.
Or: Beyond linear.
Abstract: Equivariant neural networks are neural networks that incorporate symmetries. The nonlinear activation functions in these networks result in interesting nonlinear equivariant maps between simple representations, and motivate the key player of this talk: piecewise linear representation theory.
Disclaimer: No one is perfect, so please mind that there might be mistakes and typos.
dtubbenhauer@gmail.com
Corrected slides: dtubbenhauer.com/talks.html
The ability to recreate computational results with minimal effort and actionable metrics provides a solid foundation for scientific research and software development. When people can replicate an analysis at the touch of a button using open-source software, open data, and methods to assess and compare proposals, it significantly eases verification of results, engagement with a diverse range of contributors, and progress. However, we have yet to fully achieve this; there are still many sociotechnical frictions.
Inspired by David Donoho's vision, this talk aims to revisit the three crucial pillars of frictionless reproducibility (data sharing, code sharing, and competitive challenges) with the perspective of deep software variability.
Our observation is that multiple layers — hardware, operating systems, third-party libraries, software versions, input data, compile-time options, and parameters — are subject to variability that exacerbates frictions but is also essential for achieving robust, generalizable results and fostering innovation. I will first review the literature, providing evidence of how the complex variability interactions across these layers affect qualitative and quantitative software properties, thereby complicating the reproduction and replication of scientific studies in various fields.
I will then present some software engineering and AI techniques that can support the strategic exploration of variability spaces. These include the use of abstractions and models (e.g., feature models), sampling strategies (e.g., uniform, random), cost-effective measurements (e.g., incremental build of software configurations), and dimensionality reduction methods (e.g., transfer learning, feature selection, software debloating).
I will finally argue that deep variability is both the problem and solution of frictionless reproducibility, calling the software science community to develop new methods and tools to manage variability and foster reproducibility in software systems.
Exposé invité Journées Nationales du GDR GPL 2024
When I was asked to give a companion lecture in support of ‘The Philosophy of Science’ (https://shorturl.at/4pUXz) I decided not to walk through the detail of the many methodologies in order of use. Instead, I chose to employ a long standing, and ongoing, scientific development as an exemplar. And so, I chose the ever evolving story of Thermodynamics as a scientific investigation at its best.
Conducted over a period of >200 years, Thermodynamics R&D, and application, benefitted from the highest levels of professionalism, collaboration, and technical thoroughness. New layers of application, methodology, and practice were made possible by the progressive advance of technology. In turn, this has seen measurement and modelling accuracy continually improved at a micro and macro level.
Perhaps most importantly, Thermodynamics rapidly became a primary tool in the advance of applied science/engineering/technology, spanning micro-tech, to aerospace and cosmology. I can think of no better a story to illustrate the breadth of scientific methodologies and applications at their best.
Current Ms word generated power point presentation covers major details about the micronuclei test. It's significance and assays to conduct it. It is used to detect the micronuclei formation inside the cells of nearly every multicellular organism. It's formation takes place during chromosomal sepration at metaphase.
Phenomics assisted breeding in crop improvementIshaGoswami9
As the population is increasing and will reach about 9 billion upto 2050. Also due to climate change, it is difficult to meet the food requirement of such a large population. Facing the challenges presented by resource shortages, climate
change, and increasing global population, crop yield and quality need to be improved in a sustainable way over the coming decades. Genetic improvement by breeding is the best way to increase crop productivity. With the rapid progression of functional
genomics, an increasing number of crop genomes have been sequenced and dozens of genes influencing key agronomic traits have been identified. However, current genome sequence information has not been adequately exploited for understanding
the complex characteristics of multiple gene, owing to a lack of crop phenotypic data. Efficient, automatic, and accurate technologies and platforms that can capture phenotypic data that can
be linked to genomics information for crop improvement at all growth stages have become as important as genotyping. Thus,
high-throughput phenotyping has become the major bottleneck restricting crop breeding. Plant phenomics has been defined as the high-throughput, accurate acquisition and analysis of multi-dimensional phenotypes
during crop growing stages at the organism level, including the cell, tissue, organ, individual plant, plot, and field levels. With the rapid development of novel sensors, imaging technology,
and analysis methods, numerous infrastructure platforms have been developed for phenotyping.
Describing and Interpreting an Immersive Learning Case with the Immersion Cub...Leonel Morgado
Current descriptions of immersive learning cases are often difficult or impossible to compare. This is due to a myriad of different options on what details to include, which aspects are relevant, and on the descriptive approaches employed. Also, these aspects often combine very specific details with more general guidelines or indicate intents and rationales without clarifying their implementation. In this paper we provide a method to describe immersive learning cases that is structured to enable comparisons, yet flexible enough to allow researchers and practitioners to decide which aspects to include. This method leverages a taxonomy that classifies educational aspects at three levels (uses, practices, and strategies) and then utilizes two frameworks, the Immersive Learning Brain and the Immersion Cube, to enable a structured description and interpretation of immersive learning cases. The method is then demonstrated on a published immersive learning case on training for wind turbine maintenance using virtual reality. Applying the method results in a structured artifact, the Immersive Learning Case Sheet, that tags the case with its proximal uses, practices, and strategies, and refines the free text case description to ensure that matching details are included. This contribution is thus a case description method in support of future comparative research of immersive learning cases. We then discuss how the resulting description and interpretation can be leveraged to change immersion learning cases, by enriching them (considering low-effort changes or additions) or innovating (exploring more challenging avenues of transformation). The method holds significant promise to support better-grounded research in immersive learning.
ESPP presentation to EU Waste Water Network, 4th June 2024 “EU policies driving nutrient removal and recycling
and the revised UWWTD (Urban Waste Water Treatment Directive)”
mô tả các thí nghiệm về đánh giá tác động dòng khí hóa sau đốt
Organizational security architecture for critical infrastructure
1. 1
Jonathan Blangenois‡†
, Guy Guemkam†Ґ
, Christophe Feltus†
, Djamel Khadraoui†
†
Public Research Centre Henri Tudor, Luxembourg-Kirchberg, Luxembourg
‡
University of Namur, Namur, Belgium
Ґ
Laboratoire LIP6, Université de Pierre et Marie Curie, Paris, France
christophe.feltus@tudor.lu
Abstract
The governance of critical infrastructures requires a
fail-safe dedicated security management organization.
This organization must provide the structure and mecha-
nisms necessary for supporting the business processes
execution, including: decision-making support and the
alignment of this latter with the application functions and
the network components. Most research in this field fo-
cuses on elaborating the SCADA system which embraces
components for data acquisition, alert correlation and
policy instantiation. At the application layer, one of the
most exploited approaches for supporting SCADA is
built up on multi-agent system technology. Notwith-
standing the extent of existing work, no model allows to
represent these systems in an integrated manner and to
consider different layers of the organization. Therefore,
we propose an innovative version of ArchiMate®
for
multi-agent purpose with the objective to enrich the
agent society collaboration and, more particularly, the
description of the agent’s behavior. Our work is has been
illustrated in the context of a critical infrastructure in the
field of a financial acquiring/issuing mechanism for card
payments.
Keywords: Critical infrastructure governance, ArchiMate®
,
Multi-agent System, Alignment, Case study, Financial
sector.
1. Introduction
Most research in the field of critical infrastructure
focuses on elaborating the SCADA system [18] [19]
which embraces the following three functions: data ac-
quisition at RTU level, alert correlation, policy instantia-
tion and deployment [20], each of the latter being opera-
tionalized with different technologies, protocols or
methods. These reaction tools are in practice operation-
alized at different layers of the management of the infra-
structure security, from the very technical layer, to the
application layer, up to the organizational layer. One of
the most exploited approaches for supporting critical
infrastructure is the use of agents [21]. Agents are indeed
perfectly adapted to operating in critical situation due to
their ability of being autonomous, open to all types of
technology. Most of the work related to agents tends to
consider that agents evolve and are organized in systems.
There exist some models for representing how these
agents are organized at a high level, models for repre-
senting how they are spread in the networks, models for
representing how they communicate with each other, and
so forth. As far as we know, there exist no model that
integrates all of the above dimensions and supports the
management and the governance of the MAS for crisis
situations. We do believe that such an integrated model
could have many advantages like e.g. a strong alignment
between the business processes that support crisis man-
agement and the technology that supports it, a knowledge
of the impact of actions from one layer to another, a de-
cision support that allows figuring out which action on a
component has the most influence on a set of other
components, to identify the most critical component for
an infrastructure, to align the agent system with the cor-
porate objective and to tailor it accordingly, and so on.
Enterprise architecture models are frameworks that allow
to represent the information system (IS) of companies in
(or on a set of) schemas. They underwent major im-
provements during the first decade of the 21st
century
and some outstanding frameworks were developed since,
such as ArchiMate®
[11], the Zachman framework [12],
or TOGAF [13]. These models are traditionally struc-
tured in layers that correspond to different levels of the
organizations’ IS. The business layer, for instance, mod-
els the concepts that exist at the business layer, such as
the processes, the employees, their business roles, etc.
and that are supported or represented by IT application
layers. At this application layer, the concepts of the IS
that are modelled are the applications, the databases, or
for instance, the application data. The advantages of
these models are that they allow improving the connec-
tions between the concepts from each layer and, thereby,
allow a better integration and an enhanced support of
decision making processes. Up to now, crisis manage-
ment has never been represented through the middle of
enterprise architecture. This representation could provide
many advantages, such as a better integration of the cri-
sis management functions, from their definition up to
their deployment. Notwithstanding the many advantages
Organizational Security Architecture for Critical Infrastructure
2. 2
of this representation, we are confronted with the man-
agement of heterogeneous and distributed architecture
which calls for a rethinking of the distribution of the se-
curity procedures between both: human and software
autonomous entities [21]. Although having been handled
by human employees for a long time, the organisational
policies of complex systems, nowadays, need to be
shared with intelligent software items, often perceived as
being more adapted for action in critical situations. These
policies are deployed considering the responsibility [23]
of the agent for autonomous acting in open, distributed
and heterogeneous environments, whether in connection
or not with an upper authority. Acknowledging this situ-
ation, we are forced to admit that software agents are no
longer to be considered only as basic software compo-
nents deployed to support business activities, but that
they are responsible [17], such as the business actors, for
playing some kind of “business role”, and for performing
“business tasks” accordingly. In view of this, acquiring
an innovative enterprise architecture framework that al-
low to represent the behavioural policies of such agents
appears fully justified and required by the practitioners,
especially the ones engaged in the management of those
critical infrastructures.
In this paper, we propose to explore ArchiMate®
, an en-
terprise Architecture framework, and to redraw its struc-
ture in order to fit in with agent software actors’ specific-
ities. The main focus concerns the design and the con-
sideration of responsibility driven policies (RDP) [16]
which are centric concepts related to the activation of
agents’ behaviours. The paper is structured as follows,
after having sighted the related works concerning enter-
prise architecture models in Section 2, we review and
model the concept of policy that represents the engine of
the agent modelling framework in Section 3. Section 4
explains layer by layer the entire metamodel and illus-
trates the different components. In Section 5 we present a
case study which illustrates the exploitation of the en-
hanced ArchiMate®
for Multi-agent System. Finally,
Section 6 concludes the paper.
2. State of the art and related works
Literature explains methodologies for modelling
Multi-agent System (MAS) and environment as a one
layer model and gives complete solutions or frameworks.
Gaia[1] is a framework for the development of agent
architectures based on a lifecycle approach (require-
ments, analysis, conceptualization and implementation).
Furthermore, AUML[6] and MAS-ML[2] are extensions
of the UML language for the modelling of MAS but are
no longer existing following the release of UML 2.0 by
the OMG [14] supporting MAS. Prometheus[7] defines a
metamodel of the application layer and allows to gener-
ate organizational diagrams, roles diagrams, classes’
diagrams, sequences diagrams and so forth. It permits to
generate codes, but does not provide links between dia-
grams and therefore makes it difficult to use for align-
ment purposes or with other languages (e.g. MOF [3],
Dsml4mas[5]). Globally, we observe that these solutions
aim at modelling the application layer of MAS. CAR-
BA[15] provides a dynamic architecture for MAS similar
to the middleware CORBA, which is based on the role
played by the agent. This approach introduces a concept
of Interface and Service which is similar to the one in
ArchiMate®
that we reused in our proposal.
We observed that agent systems for critical infrastructure
(CI) are organized in a way close to the enterprises sys-
tem, our idea is to analyse how an enterprise architecture
model may be slightly reworked and adapted to MAS.
Therefore, we decided to use ArchiMate®
which has the
following advantage of being supported by the Open
Group1
which has a large community and proposes a
uniform structure for modelling enterprise architecture.
Another advantage of ArchiMate®
is its use of a clear
link to existing modelling languages like UML. With
regard to this, we think that it is relevant to provide a
lean and simple structure compliant with the new version
of UML to model any MAS. As a conclusion of our state
of the art, we acknowledge the many other models or
frameworks which provide solutions for modelling MAS
whether they are compliant with other modeling lan-
guages or not. As far as we know, no existing approach
provides a multiple layer view or an integrated view of
these layers.
3. Policy Concept and Metamodel Core
Our goal in modelling the multi-agent system into an
architecture Metamodel is to provide system architects
and developers with the tools for creating their own mul-
ti-agent system including the notions of Agents Policy.
As explained in Section 2, we have selected the Archi-
Mate®
language to gives multiple layered view of a mul-
ti-agent system using policies.
Figure 1 : Responsibility Driven Policy(RDP)
In order to create this Metamodel, we realized a spe-
cialization of the original ArchiMate®
Metamodel for
1
http://www.opengroup.org/archimate/
3. 3
agent architecture. Firstly, we redefined the Core of the
metamodel (Figure 1) in order to figure out the concept
of Policy. The Core represents the handling of Passive
Structures by Active Structures during the realization of
Behaviours. For the Active Structures and the Behaviour
the Core differentiates external concepts which represent
how the architecture is being seen by the external con-
cept (as a Service provider attainable by an Interface),
and the internal concept which is composed of Structure
Elements (Roles, Components) and linked to a Policy
Execution concept. Passive Structures contains Object
(Data Object, Organizational Object, Artefacts …) that
represents information of the architecture.
Secondly, the concept of Policy was defined in ac-
cordance with our specialization of the ArchiMate®
Metamodel. The proposed representation is composed of
three concepts defining the Policy (Figure 2):
Figure 2 : Policy concept
1. Event: Events are defined as something done by a
Structure Element that generates an execution of a Policy.
2. Context: Context symbolises a configuration of
Passive Structure that allows the Policy to be executed
(e.g. a security level, value for an object, and so forth).
3. Responsibility: Responsibility [9][17] is defined as a
state assigned to an Agent (human or software) to signify
him its obligations and rights in a specific context.
Thereby, responsibilities correspond to a set of behav-
iours that have to be performed by Structure Elements.
This behaviour can use Object from Passive Structure or
modify their values.
With these three concepts, we structured the Respon-
sibility driven Policy as an execution of a set of Respon-
sibilities in a specific Context and in response to an
Event.
Compared to the original ArchiMate®
language model,
we modified the headline of the Business Layer into Or-
ganizational Layer. The organizational view corresponds
more to our vision of an agent and allows the considera-
tion of multi-agent systems as an organization which is
relevant to policy rules.
Concepts and colours were taken from the original
ArchiMate®
Metamodel, except for Organizational
Function and the Application Function which were re-
placed by the Organizational Policy concept and the
Application Policy concept. Through the Policy concept
we show that each operation done by the agent can be
transferred into a Policy execution. Although in Archi-
Mate®
there is a semantic difference between the appli-
cation and the user who exploits the application, in our
model and in the agent world, there is an exact corre-
spondence between both. This results in the fact that the
concept of agent is not managed at the organizational
layer, thus by human operators, but that the latter tends
to consider the role as a set of entities managed by an
existing application. Hence, the metamodel ArchiMate®
for multi-agent system is structured in three layers:
1. The Organizational Layer offers products and ser-
vices to external customers, which are realized in the
organization by organizational processes performed by
Organizational Roles according to Organizational Poli-
cies.
2. The Application Layer supports the organizational
layer with Application Services which are realized by
Applications according to Application Policies.
3. The Technology Layer offers Infrastructure Ser-
vices needed to run applications, realized by computer and
communication hardware and system software.
Figure 3 represents the different domains covered by the
metamodel in relation to these layers.
Figure 3 : Metamodel structure
Based on this analysis, we defined the Organizational
Policy as:
The set of rules that defines the organizational
Responsibilities and governs the execution, by
the Organization domain, of behaviours that
serve the Product domain in response to a Pro-
cess domain occurred in a specific context, sym-
bolized by a configuration of the Information
domain.
And we defined the Application Policy as:
The set of rules that defines the application Re-
sponsibilities and governs the execution, by the
Application domain, of behaviours that serve the
Data domain to achieve the application strategy.
4. Agent System Metamodel
As explained in the previous Section, the metamodel
is a specialization of the original ArchiMate®
Metamod-
el. The next paragraphs delineate the concept from Ar-
chiMate®
illustrating each layer of the metamodel while
considering in parallel the concept of Policy.
Event Context Responsibilities
4. 4
4.1. Organizational Layer
The Organizational layer highlights the organizational
processes and their links to the Application layer. At first
the Organizational layer is defined by an Organizational
Role (e.g. Alert Detection Agent). This role, accessible
from the outside through an Organizational Interface,
performs behaviour on the basis of the organization's
Policy (Organizational Policy) associated with the role.
Then, the agent is able to, depending on its role interact
with other roles in order to perform behaviour; this is
symbolized by the concept of Role Collaboration. Or-
ganizational Policies are behavioural components of the
organization whose goals are to achieve an Organiza-
tional Service to a role depending on Events. Organiza-
tional Services are contained in Products accompanied
by Contracts. Contracts are formal or informal specifica-
tions of the rights and obligations associated with a
Product. Values are defined as an appreciation of a Ser-
vice or a Product that the Organization attempts to pro-
vide or acquire. The Organizational Objects define units
of information that relate to an aspect of the organiza-
tion.
4.2. Application Layer
The Application layer is used to represent the Applica-
tion Components and their interactions with the Applica-
tion Service derived from the Organizational Policy of
the Organizational layer. The concept of the components
in the metamodel is very similar to the components con-
cept of UML and allows representing any part of the
program. Components use Data Object which is a mod-
elling concept of objects and object types of UML. In-
terconnection between components is modelled by the
Application Interface in order to represent the availabil-
ity of a component to the outside (implementing a part or
all of the services defined in the Application Service).
The concept of Collaboration from the Organizational
layer is present in the Application layer as the Applica-
tion Collaboration and can be used to symbolize the co-
operation (temporary) between components for the real-
ization of behaviour. Application Policy represents the
behaviour that is carried out by the components.
4.3. Technical Layer
Technical layer is used to represent the structural as-
pect of the system and highlights the links between the
Technical layer and the Application layer and how phys-
ical pieces of information called Artifacts are produced
or used. The main concept of the Technical layer is the
Node which represents a computational resource on
which Artefacts can be deployed and executed. The Node
can be accessed by other Node or by components of the
Application layer. A Node is composed of a Device and a
System Software. Devices are physical computational
resources, where Artefacts are deployed when the System
Software represents a software environment for types of
components and objects. Communication between the
Nodes of the Technology layer is defined logically by the
Communication Path and physically by the Network.
4.4. Inter-Layer Link
The complete Metamodel (Figure 6) is the union of the
three layers. As shown below, new connections between
the layers have appeared. For the Passive structure (Fig-
ure 4) we see that Artefact of the Technical Layer realiz-
es Data Object of the Application Layer which realizes
Organizational Object of the Organizational layer.
Figure 4 : Passive structure connections
Behaviour element (Figure 5) layers show that the
Application Service uses the Organizational Policy to
determine the services it proposes. In the same way, the
Technical layer bases his Infrastructure Service on the
Application Policy of the Application layer.
Figure 5 : Behaviour element connections
Concerning the Active Structure connection (Figure 7),
the Role concept determines, along with the Application
Component, the Interface provided in the Application
layer. Also, the Interface of the Technical layer is based
on the components of the Application layer.
4.5. Policy modelling
The organizational and the application policies
may, afterwards, be modelled as follows:
4.5.1. Organizational Policy
In the Organizational Layer, Organizational Pol-
icy can be represented as an UML Use Case [14] where
concepts of Roles represent the Actors which have re-
sponsibilities in the Use Case, and the Collaboration
concepts show the connections between them. Con-
cepts of Products, Value and Organizational Service
provide the Goal of the Use Case. Pre and Post condi-
tions model the context of the Use Case and are sym-
bolized in the Metamodel as the Event concept (Pre-
condition) and the Organizational Object (Pre/Post
condition).
5. 5
4.5.2. Application Policy
The Application Policy from the Application
Layer is defined in Section 3 as the realisation of Re-
sponsibilities by the Application domain in a configura-
tion of the Data domain. UML provides support for
modelling the behaviour performed by the Application
domain as Sequence Diagram. Configuration of the Data
domain can be expressed as Preconditions of the Se-
quence Diagram and symbolized by the execution of a
test-method on the lifeline of the diagram.
Figure 6 : ArchiMate®
metamodel for MAS
Figure 7 : Active structure connections
5. Case study in Financial CI
The case study concerns the reaction mechanism (Fig.
8) that aims at adapting the ciphering of the data accord-
ing to the bank’s interface whenever an alert occurs. This
mechanism is judged extremely critical for financial in-
stitutions since the corruption of card payment mecha-
nisms may paralyze an entire State if fraud happens. In
previous work [8], a MAS architecture was proposed in
order to support risk assessment for real time deci-
sion-making processes. The clearing mechanism associ-
ated to this architecture denotes all activities from the
time is a transaction is made until it is settled. This
Section introduces the core components of the reaction
mechanism. Agents are disseminated on three layers
corresponding to the clearing mechanism (custom-
er/issuer, acquiring/issuing processing, see Figure 8 and
Figure 9) and they retrieve information from probes lo-
cated at the network layer and representing different
values: network traffic, DoS attack (denial-of-service
attack, an attempt to make a computer resource unavail-
able to its intended users), suspicious connection at-
tempts, and so forth.
The architecture introduced and adapted from [16] is
composed of a set of agents with coordinated goals for
crisis management. Their roles were created to define the
architecture of agents with the ability to monitor devices
and report warnings to intelligent agents who make deci-
sions. This set of agents is composed of:
• The ACE Agent’s responsibilities are to collect,
aggregate and analyse network information coming from
probes deployed over the network and customer node.
Confirmed alerts are sent to the Policy Instantiation En-
gine (PIE).
• The PIE Agent’s responsibilities are to receive a
confirmed alert from the ACE, set the severity level and
the extent of the network response (depending on the
alert layer). The PIE instantiates high level alert messag-
es which have to be deployed. Finally, the high level
alert messages are transferred to the Reaction Deploy-
ment Point (RDP).
• The RDP Agent’s responsibilities is composed of
two modules. The Cryptography Analysis (CA) is in
charge of analysing the keys previously instantiated by
the PIE. Therefore, the Crypto Status stores required
properties for a secure asymmetric key so that the CA
module is able to check the eligibility of the newly re-
ceived key which will be deployed. Concretely, the CA
checks the key strength to see if the key has not been
used or revoked and tests if the cryptographic key is not
badly generated (modulus-factorization, etc.). The sec-
ond module, the Component Configuration Mapper, se-
lects the appropriate communication channel. In this
Section, we instantiated the metamodel related to an
ACE Agent as is it defined in previous work [8].
5.1. ACE Organizational layer
In the Organizational layer of the ACE Agent (Figure 10)
we represented the monitoring aspect separately from the
transaction aspect.
6. Figure 8 : Acquiring/Issuing process and association with the agents’ reaction architecture
We called a transaction a communication of infor-
mation from one agent to another (e.g. ACE sends alert
to PIE), and then we considered the monitoring as the
representation of information from an external device.
Figure 9 : Detailed agents architecture
Firstly, the Organizational Role of the ACE was rep-
resented as a Collaboration of the PIE Role and the De-
vice Role. Each Role of the Collaboration communicates
with the ACE through a proper Organizational Interface,
one for the monitoring and another one for the transac-
tion. ACE Role provides two Organizational Services
depending on only one Organizational Policy which is
dealing with two Events respectively for the monitoring
and the transaction. Secondly, the two Organizational
Services provided by the ACE agent were regrouped into
a correlation service symbolized by the Product concept.
This Product has the objective Value to reduce a crisis
by giving a guarantee of short reaction time represented
by the Contract concept. Finally the Contract was ap-
plied to the Organizational Object for monitoring infor-
mation and transaction information.
5.2. ACE Application layer
For the Application layer of the ACE Agent (Figure 10)
we distinguished between the transaction and the moni-
toring. Application Services for transactions and moni-
toring are, as in the Organizational Policy, linked to only
one Application Policy. To bring afore the collaboration
between the ACE and the Monitored Device, we created
a Collaboration concept named Monitoring Administra-
tion and show that this collaboration is constituted of the
Components of the ACE and the Components of the De-
vice. Device’s components use the Application Monitor-
ing Interface to communicate with the ACE’s compo-
nents, and the ACE’s components are composed of the
Application Monitoring Interface. We used the same
approach for the transaction part and rapidly pointed out
that the ACE’s components are composed of two inter-
faces that serve the two Application Services. Again the
Application layer contains Data Object as Transaction
Messages, and Monitoring Messages used by the differ-
ent Application Components of the layer.
5.3. ACE Technical layer
We found in the Technical layer of the ACE Agent
(Figure 10) another representation of the two collabora-
tors. Transaction and Monitoring Infrastructure are sep-
arated from each other. Both of them have Infrastructure
Service connected to the ACE agent’s Node and an In-
frastructure Interface where the collaborators can inter-
act with it. Each Node is respectively connected to a
Communication Path (represented by a logical Event
Queuing) and uses different Artefacts for communica-
tion. We have intentionally not instantiated Nodes for
readability, but it can easily be understand that an ACE
agent can be deployed on a computer who runs an oper-
ating system. Also, the Network concept is not defined in
our instantiation for the same reason. For example, Mon-
itoring Event Queue between the ACE agent and the De-
vice can be represented as a Network concept, by an
USB, and for the Transaction Event Queue, by an RJ45.
7. 7
Figure 10 : ACE agent model
5.4. ACE Organizational Policy
To illustrate the Organizational Policies of the ACE we
chose to represent the monitoring part of the ACE Role
as an UML Use Case (Figure 11). Monitoring Events are
illustrated in the Use Case as Extension Points and show
their impacts on the responsibilities realized in the Per-
form Monitoring Policy. Roles are presented as Actors,
and Collaborations are highlighted by the different links
between the behaviours.
5.5. ACE Application Policy
Sequences Diagrams were used to represent the respon-
sibilities performed by the Application Domain of the
ACE Agent for the Application Policy: Perform Detec-
tion (Figure 12).
Figure 11 : ACE Monitoring Organizational Policies Use Case
In the Sequence Diagram, the responsibilities of each
component are indicated on its lifeline, and in/out Events
are presented as inter-component methods call. Context
analysis is performed by the component during the exe-
cution of its behaviour.
Figure 12 : Perform Detection – High level Sequence Diagram
6. Conclusions
Aligning crisis management business processes with the
supportive application and technical layers is a crucial
governing activity. Despite the arising need for an inte-
grated alignment between enterprise layers, to date,
SCADA are supported by increasingly used multi-agent
which are particularly appropriate in the context of criti-
cal architecture. Indeed, MAS technology allows en-
hancing the connections between heterogeneous, open
and distributed components which are distributed around
the globe in infrastructure networks. In the state of the
art, we observed a lack of global architecture for model-
ling these MAS. Therefore, our work focused on adapt-
ing ArchiMate®
for a MAS usage. This ArchiMate®
ad-
aptation allowed the structuring of the policy concept
and, thereby, allowed synchronizi the behaviour between
many types of agents, spread over different types of crit-
ical architecture management components such as the
alert correlation engine, the intrusion detection tools, and
so forth. In order to illustrate the possibility of modelling
8. 8
one of these architectures with this enhanced ArchiMate®
for MAS, we modelled a critical architecture for the
management of financial infrastructures dedicated to
credit card management. The modelling brought forth a
clarification of the connection between the synchroniza-
tion of the event that is generated at the level of one
component policy and the one that triggers policies to
another component. Associations between modelling
policies and UML language were also illustrated by the
representation of the Organizational Policy as Use Case
and the representation of Application Policy as Sequence
Diagram.
7. Acknowledgements
The research described in this paper is funded by the
CockpitCI research project within the 7th framework
Programme (FP7) of the European Union (EU) (topic
SEC-2011.2.5-1 – Cyber-attacks against critical infra-
structures – Capability Project).
REFERENCES
[1] Franco Zambonelli, Nicholas R. Jennings, and Michael
Wooldridge. 2003. Developing multiagent systems: The Gaia
methodology. ACM Trans. Softw. Eng. Methodol. 12, 3 (July
2003), 317-370. DOI=10.1145/958961.958963
[2] Viviane Torres da Silva, Ricardo Choren, and Carlos J. P.
de Lucena. 2004. A UML Based Approach for Modeling and
Implementing Multi-Agent Systems. In Proceedings of the
Third International Joint Conference on Autonomous Agents
and Multiagent Systems - Volume 2 (AAMAS '04), Vol. 2.
IEEE Computer Society, Washington, DC, USA, 914-921.
DOI=10.1109/AAMAS.2004.36.
[3] J. J. Gomez-Sanz, J. Pavon, and F. Garijo. 2002. Meta-
models for building multi-agent systems. In Proceedings of the
2002 ACM symposium on Applied computing (SAC '02). ACM,
New York, NY, USA, 37-41.
[4] G. Beydoun, C. Gonzalez-Perez, G. Low, B. Hender-
son-Sellers. 2005. Synthesis of a generic MAS metamodel.
SIGSOFT Softw. Eng. Notes 30, 4 (May 2005), 1-5.
[5] C. Hahn. 2008. A domain specific modeling language for
multiagent systems. In Proceedings of the 7th international joint
conference on Autonomous agents and multiagent systems –
Vol. 1 International Foundation for Autonomous Agents and
Multiagent Systems, Richland, SC, 233-240.
[6] AUML (Agent UML), http://www.auml.org/
[7] Prometheus Methodology. http://www.cs.rmit.edu.au/
agents/SAC2/methodology.html
[8] Guy Guemkam, Christophe Feltus, Cédric Bonhomme,
Pierre Schmitt, Benjamin Gâteau, Djamel. Khadraoui, Zahia.
Guessoum, Financial Critical Infrastructure: A MAS Trusted
Architecture for Alert Detection and Authenticated Transac-
tions, Sixth IEEE Conference on Network Architecture and
Information System Security, La Rochelle, France
[9] Guy Guemkam, Christophe Feltus, Pierre Schmitt, Cedric
Bonhomme, Djamel Khadraoui, and Zahia Guessoum. 2011.
Reputation Based Dynamic Responsibility to Agent As-
signement for Critical Infrastructure. In Proceedings of the 2011
IEEE/WIC/ACM International Conferences on Web Intelli-
gence and Intelligent Agent Technology - Volume 02 (WI-IAT
'11), Vol. 2. IEEE Computer Society, Washington, DC, USA,
272-275. DOI=10.1109/WI-IAT.2011.194
[10] Christophe Feltus, Eric Dubois, Erik Proper, Iver Band,
and Michaël Petit. 2012. Enhancing the ArchiMate® standard
with a responsibility modeling language for access rights man-
agement. In Proceedings of the Fifth International Conference
on Security of Information and Networks (SIN '12). ACM, New
York, NY, USA, 12-19. DOI=10.1145/2388576.2388577
[11] Gustaf Neumann and Mark Strembeck. 2002. A scenar-
io-driven role engineering process for functional RBAC roles. In
Proceedings of the seventh ACM symposium on Access control
models and technologies (SACMAT '02). ACM, New York,
NY, USA, 33-42. DOI=10.1145/507711.507717 M.
[12] Lankhorst. ArchiMate language primer, 2004.
[13] Zachman, John A. 2003. The Zachman Framework For
Enterprise Architecture : Primer for Enterprise Engineering and
Manufacturing By. Engineering, no. July: 1-11.
[14] UML 2 ( http://www.uml.org/)
[15] W. Jiao, Z. Shi, A dynamic architecture for multi-agent
systems, Technology of Object-Oriented Languages and Sys-
tems, 1999. TOOLS 31. pp.253-260, 1999
[16] Cedric Bonhomme, Christophe Feltus, and Michaël Petit.
2011. Dynamic Responsibilities Assignment in Critical Elec-
tronic Institutions - A Context-Aware Solution for in Crisis
Access Right Management. In Proceedings of the 2011 Sixth
International Conference on Availability, Reliability and Secu-
rity (ARES '11). IEEE Computer Society, Washington, DC,
USA, 248-253. DOI=10.1109/ARES.2011.43
[17] Christophe Feltus and Michaël Petit, Building a Respon-
sibility Model Including Accountability, Capability and Com-
mitment, Fourth International Conference on Availability, Re-
liability and Security (“ARES 2009 – The International De-
pendability Conference”), DOI=10.1109/ARES.2009.45
[18] John D. Fernandez and Andres E. Fernandez. 2005.
SCADA systems: vulnerabilities and remediation. J. Comput.
Sci. Coll. 20, 4 (April 2005), 160-168.
[19] B. Miller and D. Rowe. 2012. A survey SCADA of and
critical infrastructure incidents. In Proceedings of the 1st Annual
conference on Research in information technology (RIIT '12).
ACM, New York, NY, USA, 51-56.
[20] J. Lloyd Hieb. 2008. Security Hardened Remote Terminal
Units for Scada Networks. Ph.D. Dissertation. University of
Louisville, Louisville, USA. AAI3308346.
[21] H.-M. Kim, D.-J. Kang, and T.-H. Kim. 2007. Flexible
Key Distribution for SCADA Network using Multi-Agent Sys-
tem. ECSIS Symposium on Bio-inspired, Learning, and Intel-
ligent Systems for Security, IEEE, Washington, USA, 29-34.
[22] Tomomichi Seki, Hideaki Sato, Toshibumi Seki, Tatsuji
Tanaka, and Hadime. Watanabe. 1997. Decentralized Autono-
mous Object-Oriented EMS/SCADA System. In Proceedings of
the 3rd International Symposium on Autonomous Decentralized
Systems (ISADS '97). IEEE Computer Society, Washington,
DC, USA.
[23] Christophe Feltus, Michaël Petit, and Eric Dubois. 2009.
Strengthening employee's responsibility to enhance governance
of IT: COBIT RACI chart case study. In Proceedings of the first
ACM workshop on Information security governance (WISG
'09). ACM, New York, NY, USA, 23-32.
DOI=10.1145/1655168.1655174