Software-based systems are becoming increasingly long-living. This was demonstrated strikingly with the occurrence of the year 2000 bug, which occurred because software had been in use for far longer than its expected lifespan. At the same time, software-based systems are getting increasingly security-critical since software now pervades the whole critical infrastructures dealing with critical data of both nations and also private individuals. There is therefore a growing demand for more assurance and more verified security properties of IT systems both during development and at deployment time, in particular also for long living systems. Yet a long lived system also needs to be flexible, to adapt to changes and adjust to evolving requirements, usage and attack models. However, using today’s system engineering techniques we are forced to trade flexibility for assurance or vice versa.

Our objective is thus to develop techniques and tools that ensure "lifelong" compliance to evolving security, privacy and dependability requirements for a long-running evolving software system. This is challenging because these requirements are not necessarily preserved by system evolution.

The project will develop techniques, tools, and processes that support design techniques for evolution, testing, verification, re-configuration and local analysis of evolving software. The project results will be applied and evaluated in particular in the industrial application domains of mobile devices, digital homes, and large scale air traffic management which all offer both great research challenges and long-term business opportunities.

Concrete achievements will include the following:

• An architectural blueprint and an integrated security process for lifelong adaptable systems that acts as a common frameworks for all the techniques and tools delivered in this project.
• A requirements engineering methodology that supports dealing with the fact that in long-living systems, both the requirements and the implemented systems will change after the initial development has finished.
• A security modelling notation for modeling adaptive security designs, together with formally founded automated security analysis tools.
• A IT security risk assessment approach targeted at lifelong adaptable systems with associated tool-support.
• Techniques and tools to verify adaptive security requirements when performing on-device software updates.
• A model-based testing approach that supports automated testing of evolving systems for security requirements.

The results are continuously validated jointly with key industry players.