Pedro Miguel Machado de Almeida, Measuring Software Diversity through Vulnerability Data, Master/Mestrado em Informática.

Fernando Martins André, Arquitecturas de Plataformas de Serviço, Master/Mestrado em Engenharia Informática, September 2008.

SINO 2008: 4th Portuguese National Conference of Informatics Security in Organizations, Nov 18-19, 2008.

Summary (in portuguese):

A Segurança Informática está na ordem do dia, no que diz respeito à segurança das organizações e indivíduos. Esta conferência constituirá uma excelente oportunidade de reflexão e discussão das diversas questões inerentes à segurança informática, quer na visão da investigação científica, quer como fórum de discussão envolvendo as empresas e instituições, para troca de experiências sobre aspectos teóricos e práticos bem como sobre projectos de I&D e experiências de adopção de diferentes tecnologias e práticas de segurança para sistemas computacionais.

O evento juntará, num fórum aberto de discussão e debate, diferentes especialistas, investigadores, consultores, administradores de sistemas, responsáveis pela segurança e outros representantes das empresas e das diversas instituições.

EDCC-7: 7th European Dependable Computing Conference, May 7-9, 2008.

Summary:

There is an increasing dependency of the society on computing services and their underlying computing systems. This dependency creates strict requirements for the delivered services. These requirements affect to the quality of service, continuous availability, survivability in the advent of catastrophic failures, confidentiality, intrusion tolerance, etc. Dependability is a concept that considers all these cross-cutting concerns and required attributes, such as reliability, availability, safety, and security, as well as human factors.

The 7th European Dependable Computing Conference aims at providing a European-hosted venue for researchers and practioners from all over the world to present and discuss their latest research achievements. Original papers are solicited on theory, techniques, systems, and tools for the design, validation, operation and evaluation of dependable computing systems. All kinds of faults are of interest, from traditional hardware and software faults to accidental and malicious human interactions.

WRAITS 2008: 2nd Workshop on Recent Advances on Intrusion-Tolerant Systems, April 1st, 2008 (in conjunction with the European Conference on Computer Systems – EuroSys 2008).

Summary:

The 2nd Workshop on Recent Advances on Intrusion- Tolerant Systems aims to bring together researchers in the related areas of Intrusion Tolerance, Distributed Trust, Survivability, Byzantine Fault Tolerance, and Resilience. These areas have the purpose of enhancing the Dependability and Security of computer systems by tolerating both malicious faults (attacks, intrusions) and accidental faults. The workshop will be specially interested in “intrusion-tolerant systems”: how to build them? How to evaluate and test their dependability and security? What systems need to be intrusion-tolerant? The workshop will provide a forum for researchers in these areas to present recent results, discuss open problems that still need research, the steps that need to be taken for intrusion-tolerant systems to be deployed in practice, and the target application domains for intrusion tolerance.

From May 2005 until Dec 2007 I’ve worked in the RITAS project, supported by the FCT.

Fábio Souto, Internals of Intrusion-tolerant Firewalls, BSc internship (Co-advised with Alysson Neves Bessani)

Hidden Problems of Asynchronous Proactive Recovery
[paper]
Paulo Sousa, Nuno Ferreira Neves, Paulo Veríssimo
In the Third Workshop on Hot Topics in System Dependability (HotDep’07). Edinburgh, UK, June 2007.

From 2004 until 2007, I’ve worked on my PhD thesis. The main goal was to design a system architecture in which protocols could tolerate, through proactive resilience, any number of arbitrary faults over the lifetime of a system.

The initial PhD work plan is described here. Also available as a presentation.