Security Engineering for Lifelong Evolvable Systems

Stiftelsen for industiell og teknisk forsking ved Norges Tekniske Hogskole

The SINTEF Group is the largest independent research organisation in Scandinavia. Every year, SINTEF supports the development of 2000 or so Norwegian and overseas companies via our research and development activity. SINTEF has approximately 2000 employees primarily situated in Trondheim and Oslo. About 40% of our researchers hold doctorates. The SINTEF Group is structured into several research divisions, which have been defined in terms of value chains and industrial market clusters.

SINTEF Information and Communication Technology (ICT) is one of 7 research divisions within the SINTEF Group. SINTEF ICT offers integrated research-based knowledge via access to a broad platform of technology and competence in ICT. SINTEF ICT has 260 employees, and is divided into 9 research departments. SINTEF ICT provides research-based expertise, services and products ranging from micro technology, communication and software technology, computational software, information systems and security and safety.

Work ranges from simple technical analysis to complete systems.

The participation in the project will be from the department for Cooperative and Trusted Systems (CTS) in SINTEF ICT. CTS provides research-based expertise in model-driven development, quality and security technology, and user-centred development. CTS has lead several national research and development projects and played a leading role in several IST projects such as ACE-GIS, ATHENA, COMBINE, CORAS, ELLECTRA-WeB, INTEROP, MAPPER, MASTER, MODELPLEX, MODELWARE, S3MS, SODIUM, SWING, TRUSTCOM and S3MS.

CTS was responsible for the technical management in the EU funded CORAS project (IST-2000-25031) which developed a computerised framework for model based security analysis. The CORAS results have been taken further both at the national level, and at the European level within the FP6 IP TrustCoM. We have industrial experience with security risk analysis in such diverse domains as process industry and web-applications, and experience with legal risk analysis and trust analysis. Current research also includes specification analysis of security policies.

Key personnel:

Ketil Stølen is Chief Scientist and Group Leader at SINTEF CTS. Since 1998 he is also a Professor in computer science at the University of Oslo. Stølen has broad experience from basic research (4 years at Manchester University; 5 ears at Munich University of Technology, 9 years at the University of Oslo) as well as applied research (1 year at the Norwegian Defense Research Establishment; 3 years at the OECD Halden Reactor Project; 8 years at SINTEF). He did his PhD "Development of Parallel Programs on Shared Data-structures" at Manchester University on a personal fellowship granted by the Norwegian Research Council for Science and the Humanities. At Munich University of Technology his research focused on the theory of refinement and rules for compositional and modular system development - in particular, together with Manfred Broy he designed the Focus method. At the OECD Halden Reactor Project he was responsible for software development projects involving the use of state-of-the-art CASE-tool technology for object-oriented modelling. He led several research activities concerned with the modelling and dependability-analysis of safety-critical systems. He has broad experience from research projects - nationally as well as internationally - and from the management of research projects. From 1992-96 he was project-leader Sonderforschungsbereich 342 "Methodik des Entwurfs verteilter Systeme" at Munich University of Technology. From 2001-03 he was the technical manager of the EU-project CORAS which had 11 partners and a total budget of more than 5 million EURO... He is currently the manager of three major Norwegian research project funded by the Research Council of Norway. His current research group contains eight PhD-students in addition to ordinary researchers.