IST logo

DeFINE logo large










Initial Steps


Related Projects





(Dependability Foundations for Information infrastructures
- Network of Excellence)

18 November 2002

Here we provide a first expansion of what was said about the proposed DeFINE NoE in the document “Dependability in Framework Programme 6”, of 4 November 2002. As that document explained, the DeFINE Network of Excellence (NoE) will have a broad ranging program of long term research, and of development of educational and training materials, aimed at providing long-term foundations for future European industrial activity.

DeFINE will:

(i) contribute to the development of a coherent set of theories and rigorous methods that will serve as foundations for the establishment and exploitation of truly dependable global information infrastructures, and of appropriate educational material,

(ii) work on a broad range of dependability attributes, in co-operation wherever possible with NoEs that are concentrating on particular attributes (e.g., security and safety), and others working on such topics as software engineering, distributed and embedded systems, etc.,

(iii) investigate a broad range of dependability technologies, addressing a full range of technical and human-machine interaction fault types, both accidental and malicious.

This will involve fundamental research of both a technical and socio-technical nature, with inter-disciplinary links to several other fields, such as risk assessment, immunology, psychology, ergonomics, sociology, economics, forensics, complex system theory, cognitive sciences, etc.

In conformance with the very essence of NoEs, DeFINE will be aimed at integrating research capacities in dependability. The integration process that has already begun within a core partnership over a series of FP4 and FP5 projects has to be extended in order:

(i) to increase the resources devoted to solving what has become evident as a ‘dependability gap’ between (legitimate) expectations and reality,

(ii) that European research in dependability strengthens its already prominent position in the world research in the domain.

The fulfillment of these aims will provide far-reaching bases for DeSIRE, an IP that is being defined jointly with DeFINE.

An FP6 NoE has to define a Joint Program of Activities (JPA) as a collective vehicle for achieving the objectives of the NoE. According to the published working documents , the JPA has several components: (i) a set of integrating activities, (ii) a program of jointly executed research integrated by its participants to support the network goals, and (iii) a set of activities to spread the excellence. Integrating activities will comprise in particular: (i) adaptation of the participants' research activities in order to strengthen their complementarity and (ii) development and utilisation of electronic information and communication means, and development of virtual and interactive working methods. The integration of these various activities will be best achieved via the sharing of research tools, platforms and infrastructures, and also the exchange of personnel.

The jointly executed research programme largely conditions the integration and spreading of excellence activities. As a consequence, this document is mainly dedicated to the jointly executed research (JER). Its aim is to present, at a very high level, a tentative definition of DeFINE. The integrating and spread of excellence activities will be addressed progressively together with the refinement of the JER programme.

This initial attempt at defining the components of the research programme is based on: (i) our vision of technical challenges our society is or will be faced with in the next five to ten years and (ii) a careful examination of the Expressions of Interest (EoIs) received from the technical and scientific community in response to the invitation for submission sent beginning of October. Needless to say, our aim has also been to ensure that they are in total harmony with the FP6, IST 2003-2004 Work-programme.


There is no need to stress that information infrastructures are becoming central to all of our every day activities. Moreover, it is widely recognized that their role will keep increasing. Information infrastructures make use of communication media, and mobile and wireless systems are becoming pervasive. The increasing number of interconnected systems greatly increases the human involvement required for system maintenance and reconfiguration; such concerns lead to the notion of proactive systems (also referred to as autonomic or adaptable systems), in which even complex tuning and maintenance procedures are automated so as to reduce human intervention and to increase overall dependability. Information infrastructures rely on embedded systems such as those used in satellites or mobile systems providing communication support. Information infrastructures are usually interconnected with critical infrastructures such as those providing power, transportation, and vital human services. Finally, such systems are administrated, operated and used by individuals whose interaction with them might introduce additional sources of failure besides benefiting from human skills.

Hence, the dependability of information infrastructures (i) is affected by the dependability of mobile, proactive and embedded systems, and (ii) affects the dependability of other critical infrastructures.

The above paragraphs have helped introducing the first class of the JER components, the central topics: a) open information infrastructures, b) mobile computing and wireless communications, c) proactive computing, d) embedded systems, and e) critical infrastructure interdependencies.

In turns, progress on these topics has to rely on progress in dependability technologies, namely a) rigorous design, aimed at fault prevention, b) verification and validation, that enable fault removal, c) fault tolerance, and d) system evaluation in order to perform fault forecasting. The dependability technologies constitute the second class of the JER components.

Furthermore, dependability technologies and central topics will be sustained by research activities on global issues related to basic dependability concepts, dependability policy and cognitive ergonomics. The extremely fruitful existing framework for basic concepts has to be updated, and the relationship between dependability and security deserves to be elaborated. Dependability research needs to relate not just to commercial and societal needs and to technology developments, but also to the world of government and multi-national industry policy-making. Finally, the role of humans in the exploitation of computing systems is all too often reduced to its negative side, i.e., as fault generators. Integrating the positive contribution of human operators is needed; furthermore, a cognitive ergonomics approach to the design process is needed. Hence the pervasive role we view for this domain in the activities of the NoE, and thus its positioning as a global issue.

As a consequence of the above, the content of the planned research activities can be presented according to three complementary viewpoints: (i) the dependability technologies, (ii) the central topics and (iii) the global issues.

The following figure summarizes this view of the currently identified activities for the network.

All types of faults will be taken into consideration: hardware and software faults, human-machine interaction faults including intrusions and malicious acts by corrupt insiders.

Components of the DeFINE programme of jointly executed research

The Pisa workshop will be the starting event for defining the programme of the JER. We however give some further indications on the dependability technologies and the central topics, as an elaboration on the rationale presented beforehand.

Dependability technologies

These technologies are grouped in four classes:

  • Rigorous design, including all development activities aiming at preventing the occurrence or the introduction of faults (i.e., developing systems in such a way as to avoid design and implementation faults, and to prevent faults from occurring during operation). Rigorous design technologies comprise for example formal specification and security policies.
  • Verification & validation, including static analyses, model-checking and testing.
  • Fault tolerance, to ensure that a system provides a service fulfilling the system function despite all classes of faults, with emphasis on malicious faults.
  • System evaluation, that includes evaluation of system performance and dependability measures based on modelling and simulation, controlled experiments, and field measurements.

Central topics

The development of the various dependability technologies will target the following central topics:

  • Open information infrastructures: the main issues relate to security and high availability of large-scale distributed infrastructures that should be able to cope with both malicious and accidental faults, and that are increasingly based on de-facto global industry standards. With this respect, the impact of open-source software components needs to be elaborated (both as solutions and problems).
  • Mobile computing and wireless communications: it is expected that an increasing number of systems will include portable devices and wireless communications. New sources of failures such as temporary failure of radio links and interference should be taken into account in addition to the more “classical” accidental and malicious faults. Mobile systems interact with fixed infrastructures. The challenge is to improve the performance, dependability, and adaptive capabilities of the overall information infrastructure including wireless communications and mobile systems.
  • Proactive computing: the challenge is to build proactive systems that regulate themselves and reduce the involvement of humans, whether these be administrators, operators or end-users. Humans can thus concentrate on the main tasks instead of dedicating unnecessary effort to tasks that can be performed by the computers.
  • Embedded systems: embedded systems are interconnected to cooperate for distributed task accomplishment. In information infrastructures, it is essential to integrate additional embedded systems (i.e., expand the infrastructures), improve and upgrade existing embedded systems without decreasing the overall dependability. The challenge is not only to ensure that the embedded system functions correctly but also to ensure that it operates correctly in interaction with the whole, evolving, information infrastructure.
  • Critical infrastructure interdependencies: the information technology revolution has led to substantially interconnected and interdependent infrastructures, leaving reduced margins for tolerable error in these infrastructures. The challenge is to assess the survivability of critical infrastructures under all conditions (change of environment, failures of components, malicious attacks). This can be achieved through measurements and experimentation as well as via modelling and simulation approaches at various levels: strategic business level, organisational level, cyber level, physical level, etc.

The Structure of DeFINE

The progressive definition of the JPA will address its various components as well as their interactions, that should guide the identification of the structure of DeFINE.

The aim of the joint research activities of DeFINE is to contribute to the development of a coherent set of theories and rigorous methods that will serve as foundations for the establishment and exploitation of truly dependable global information infrastructures. Hence, it is likely that the dependability technologies will play a central role in the structure of the NoE, and are equally likely to provide synchronization with DeSIRE.


This document has been prepared as an additional input to the discussions to be held at the upcoming DeSIRE/DeFINE Workshop (Pisa, 25-27 November). We must re-iterate that the above discussion is aimed merely at conveying in somewhat more detail than hitherto the general aims and intended style of the proposed DeFINE NoE, not at pre-empting decisions regarding its final definition, detailed preparation of which will start after the Workshop.

Karama Kanoun
Jean-Claude Laprie


Adelard logo

ISTI logo

JRC logo

LAAS logo

Newcastle logo

Last update 21 Oct 2002
Brian Randell