Research Interests
Engineering Self-protecting cyber-physical systems
The aim of this research is to develop self-protecting cyber-physical systems (CPS) that are able to continuously protect assets from harm even when security goals, the system itself and/or the operating environment change at runtime. The topology of the system operating environment (e.g., structure of the physical and cyber space, network topology) can provide security-relevant contextual characteristics that may affect self-protection decisions.
Relevant Publications
1) "On the Interplay Between Cyber and Physical Spaces for Adaptive Security." Christos Tsigkanos, Liliana Pasquale, Carlo Ghezzi, and Bashar Nuseibeh. IEEE Transactions on Dependable and Secure Computing, Vol. 15, no.3, pp.446-480, 2018. <PDF>
2) "Topology Aware Access Control of Cyber-Physical Spaces" Liliana Pasquale, Carlo Ghezzi, Edoardo Pasi, Christos Tsigkanos, Menouer Boubekeur, Blanca Florentino, Tarik Hadzic, Bashar Nuseibeh. IEEE Computer, Vol. 50, no. 7, pp. 54-63, 2017. <PDF>
3) "Requirements-Driven Adaptive Security: Protecting Variable Assets at Runtime." Mazeiar Salehie, Liliana Pasquale, Inah Omoronyia, Raian Ali, Bashar Nuseibeh. In Proceedings of the 20th International Requirements Engineering Conference (RE 2012), Chicago, IL, USA, May 24-28, pp. 111-120, IEEE Computer Society, 2012. <PDF>
Engineering Forensic-Ready Systems
This research is aimed to design and develop "forensic-ready" cyber-physical systems that can store in advance data that may be relevant to diagnose potential security incidents. To achieve this aim it is also important to understand how incidents occur and share this information across different organizations.
Relevant Publications
1) "Incidents Are Meant for Learning, Not Repeating: Sharing Knowledge About Security Incidents in Cyber-Physical Systems." Faeq Alrimawi, Liliana Pasquale, Nobukazu Yoshioka, Deepak Mehta, Bashar Nuseibeh. IEEE Transactions on Software Engineering . In Press, 2020. <PDF>
2) "On the Automated Management of Security Incidents in Smart Spaces." Faeq Alrimawi, Liliana Pasquale, and Bashar Nuseibeh. IEEE Access, Vol 7, pp. 111513-111527, 2019. <PDF>
3) "Towards forensic-ready software systems." Liliana Pasquale, Dalal Alrajeh, Claudia Peersman, Thein Than Tun, Bashar Nuseibeh, Awais Rashid. In Proceedings of the 40th International Conference on Software Engineering (ICSE) - New Ideas and Emerging Results Track (NIER), pp. 9-12, ACM, 2018. <PDF>
4) "On Evidence Preservation Requirements for Forensic-ready Systems." Dalal Alrajeh, Liliana Pasquale, Bashar Nuseibeh. In Proceedings of the 11th Joint Meeting on Foundations of Software Engineering (ESEC/FSE 2017), Paderborn, Germany, September 4-8, pp. 559--569, ACM, 2017. <PDF>
Software Compliance
This research is aimed to design, develop and verify software systems that ensure compliance with existing regulations and standards.
Relevant Publications
1) ""The Grace Period Has Ended": An Approach to Operationalize GDPR Requirements." Vanessa Ayala-Rivera, Liliana Pasquale. In Proceedings of the 26th International Requirements Engineering Conference (RE 2018), pp. 136-146, IEEE Computer Society, 2018. <PDF>
2) "Towards Adaptive Compliance." Jesus Garcia-Galan, Liliana Pasquale, George Grispos, Bashar Nuseibeh. In Proceedings of the 11th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS 2016), Austin, Texas, USA, May 17-18, pp. 108--114, ACM, 2016. <PDF>