Joseph Loyall

Raytheon BBN Technologies | BBN · Intelligent Software and Systems

Airborne sensor platforms are becoming increasingly significant for both civilian and military operations; yet, at present, their sensors are typically idle for much of their flight time, e.g., while the sensor-equipped platform is in transit to and from the locations of sensing tasks. The sensing needs of many other potential information consumers...

As cyber defenses become more dynamic, it is ever more important to contrast the security benefits gained by adding a defense to a distributed system with the cost that defense incurs. Although proactive defenses, such as Moving Target Defenses, can increase the resilience of distributed systems, their incorrect deployment frequently results in cyb...

The cyber security exposure of resilient systems is frequently described as an attack surface. A larger surface area indicates increased exposure to threats and a higher risk of compromise. Ad-hoc addition of dynamic proactive defenses to distributed systems may inadvertently increase the attack surface. This can lead to cyber friendly fire, a cond...

The cyber security exposure of resilient systems is frequently described as an attack surface. A larger surface area indicates increased exposure to threats and a higher risk of compromise. Ad-hoc addition of dynamic proactive defenses to distributed systems may inadvertently increase the attack surface. This can lead to cyber friendly fire, a cond...

To make appropriate, timely decisions in the field, Situational Awareness (SA) needs to be conveyed in a decentralized manner to the users at the edge of the network as well as at operations centers. Sharing real-time SA efficiently between command centers and operational troops poses many challenges, including handling heterogeneous and dynamic ne...

The effectiveness of ground-based, wireless tactical data networks is often constrained by limitations such as communication range and line-of-sight. SATCOM is not always available because it is relatively expensive and highly contended. Data ferrying is an alternative method of data transfer in which data is uploaded from one network to a manned o...

Fault tolerance and survivability are important aspects of many business-critical and mission-critical systems but it is still difficult to assess how well fault tolerance techniques work. Ensuring fault tolerance in military communication systems is particularly important due to the inevitability of hardware failure, data corruption, or service in...

Today's cyber defenses and cyber defenders face de-termined and diverse adversaries, who can study all aspects of deployed systems including networks, hosts, and the applications running on them, in order to find exploitable vulnerabilities and to devise attack vectors that exploit the detected vulnerabilities. The conflict between cyber attackers...

Mobile devices performing mission-critical functions at the tactical edge, such as those employed by first responders, military personnel, and law enforcement, operate in environments that are vastly different from enterprise computing environments. In spite of the differences in resource availability, threat models, vulnerabilities, information fo...

Continuous quantitative assessment is critical for security, correctness, performance, and scalability in distributed information sharing environments. Current approaches to quantitative assessment suffer from a number of shortcomings including limited coverage, tight integration with functional code, and off-line evaluation, which limits their use...

This issue of IEEE Software discusses where the mobile computing has brought us today and where it could be taking us in the future. It provides a glimpse into the near future of mobile computing by focusing on proximate software challenges coupled with promising techniques, infrastructure, and research from academia, government, and industry. The...

Mobile devices performing mission-critical functions at the tactical edge, such as those employed by first re-sponders, military personnel, and law enforcement, operate in environments that are vastly different from enterprise computing environments. In spite of the differences in resource availability, threat models, vulnerabilities, information f...

Current sensor collection capabilities produce an incredible amount of data that needs to be processed, analyzed, and distributed in a timely and efficient manner. Information Management (IM) services supporting a publish-subscribe and query paradigm can be a powerful general purpose approach to enabling this information exchange between decoupled...

Transport Layer Security (TLS) and its precursor Secure Sockets Layer (SSL) are the most widely deployed protocol to establish secure communication over insecure Internet Protocol (IP) networks. Providing a secure session layer on top of TCP, TLS is frequently the first defense layer encountered by adversaries who try to cause loss of confidentiali...

Transport Layer Security (TLS) and its precursor Secure Sockets Layer (SSL) are the most widely deployed protocol to establish secure communication over insecure Internet Protocol (IP) networks. Providing a secure session layer on top of TCP, TLS is frequently the first defense layer encountered by adversaries who try to cause loss of confidentiali...

In today's world, connectivity is increasingly taken for granted. Wireless networks, cell towers, and satellites provide ubiquitous connectivity through a number of devices. However, in austere locations constant connectivity cannot be assumed, e.g., due to the remoteness of the area, due to a disaster or combat situation, or due to insecurity or l...

Information Management (IM) services provide a powerful capability for military operations, enabling managed information exchange based on the characteristics of the information that is needed and the information that is available, rather than on explicit knowledge of the information consumers, producers, and repositories. To be usable in tactical...

An increasing number of military systems are being developed using service orientation. Some of the features that make service orientation appealing, like loose coupling, dynamism and composition-oriented system construction, make securing service-based systems more complicated. We have been developing technologies for Advanced Protected Services (...

Force protection capabilities have emerged as necessary for operations such as Village Stability Operations and Forward Operating Base security. Current Force Protection Kits include a rich set of sensors that can be monitored from a core operator station. This paper describes ongoing research to extend the reach of Force Protection capabilities as...

We present a content network architecture for a cluster of satellites flying in low Earth orbit. The cluster uses a dynamic wireless network to interconnect the satellites and has an intermittent link to the ground. Even though a cluster of satellites fly in formation, their relative positions can vary widely, and occasionally the cluster can dispe...

We present a workflow for the design and production of biological networks from high-level program specifications. The workflow is based on a sequence of intermediate models that incrementally translate high-level specifications into DNA samples that implement them. We identify algorithms for translating between adjacent models and implement them a...

Network-centric information systems are increa-singly called upon to support complex tasks and missions that serve multiple communities of interest. As a result, existing capabilities are exposed as services in a service-oriented system, and newer capabilities are derived by discovering and composing available services. While service-orientation en...

Although IP and its overlying protocols, such as TCP and UDP, are ubiquitous, they were originally designed for point-to-point connections between computers in reasonably fixed locations. They are less suited to mobile networks and broadcast communications. In this paper, we present an alternative to IP that is based on a publish-subscribe approach...

Disadvantaged wireless communications, such as those in fractionated spacecraft systems, need real-time, reliable, and fault tolerant information dissemination from information producers (such as sensors) to information consumers (such as information exploitation, analysis, or command and control systems). Such systems are well-suited to the publis...

SUMMARYSOA middleware has emerged as a powerful and popular distributed computing paradigm because of its high-level abstractions for composing systems and encapsulating platform-level details and complexities. Control of some details encapsulated by SOA middleware is necessary, however, to provide managed QoS for SOA systems that require predictab...

Publish-subscribe-based Information Management (IM) services provide a key enabling technology for net-centric operations. This paper describes technology for Quality of Service (QoS) and Internet-Protocol-based Airborne Networking features for IM services. Enhancing IM services with airborne networking features improves effectiveness in combined t...

SOA middleware has emerged as a powerful and popular distributed computing paradigm because of its high-level abstractions for composing systems and encapsulating platform-level details and complexities. Control of some details encapsulated by SOA middleware is necessary, however, to provide managed QoS for SOA systems that require predictable perf...

We describe an ontology for resource sharing in integrated systems. We call this ontology the "Resource Sharing Ontology." This ontology addresses one of the main challenges for system and service integration: the management of resource sharing interactions. These interactions, whether explicit or implicit, are difficult to model and manage, but th...

Information Management (IM) services need lifecycle management, i.e., determining how long persistent information is retained locally and when it is moved to accommodate new information. This is important when bridging IM services from enterprise to tactical environments, which can have limited onboard storage and be in highly dynamic situations wi...

Information Management (IM) services support the discovery, brokering, and dissemination of mission-critical information based on the information's content and characteristics. IM services support the dissemination of future information (through subscriptions) and past information (through queries) regardless of its source. To be useful across ente...

Wireless networking is moving toward the adoption of IP protocols and away from the multitude of special-purpose tac- tical radios traditionally in the hands of emergency personnel, mili- tary personnel, and law enforcement. The adoption of standards, such as IP multicast, has facilitated this. IP multicast also enables recovering some of the advan...

As newer software engineering technologies, such as Service-Oriented Architecture (SOA), become the basis for mission-critical systems, they must include security as a foun-dational capability. This paper highlights security concepts relevant to using SOA as a foundation for a Common Operat-ing Environment (COE), i.e., a set of infrastructure and c...

Information Lifecycle Management is a key aspect of Information Management, determining when information should be moved to backing store to free up local, high speed storage for critical information needs. The Value Factor based Information Lifecycle Management (VFILM) project under the Enterprise Information Lifecycle Management contract develope...

As both the DoD and the Intelligence Community (IC) are moving toward service-oriented architecture (SOA), it is important to ensure that SOA-based systems can operate and exchange classified information across domain boundaries in support of net-centric missions. The interplay between SOA and cross domain solutions (CDS) raises a number of challen...

Information exchange across domains is essential for today's asymmetric warfare environment to make mission-critical infor-mation available to war fighters, no matter where it exists and when it becomes available. Dissemination of new information needs to carefully balance the need-to-know by consumers with the responsibility-to-share by providers....

Service-oriented architecture (SOA) middleware has emerged as a powerful and popular distributed computing paradigm due to its high-level abstractions for composing systems and hiding platform-level details. Control of some details hidden by SOA middleware is necessary, however, to provide managed quality of service (QoS) for SOA systems that need...

With the increase of IT assets and attacks against them-along with increased attention to, and concern for, cybersecurity and the survivability of systems-systems assurance assessment has become more important than ever. This article describes a flexible process for assessing systems with respect to security and survivability. We discuss how our ap...

As newer software construction paradigms like service-oriented architecture (SOA) are adopted into systems of critical importance, it becomes imperative that technology and design artifacts exist that can be utilized to raise the resiliency and protection of such systems to a level where they can withstand sustained attacks from well-motivated adve...

This position paper explores the interplay between usability and survi-vability. Survivability is the ability of a system to operate while under attack, while usability is a composite property indicating ease of use and user satisfaction. A survivable system necessarily incorporates multiple security mechanisms, and se-curity and usability sometime...

Most distributed applications are brittle; they work in a limited environment and cannot adapt to changes in this environment. Making these applications less brittle is a complex engineering task that is hard for specific application areas and even harder to generalize. The Quality Objects (QuO) project offers a framework for creating applications...

Warfighters in today's asymmetric engagements need access to mission-critical information no matter when and where it becomes available. Information Management Services (IMSs) based on publish-subscribe-query services have emerged as an important enabler of tactical information dominance in combined tactical and enterprise military situations. IMSs...

Publish-subscribe-query information broker middleware offers great promise to users of pervasive computing systems requiring access to information. However, users of publish-subscribe-query information broker middleware face a challenge in requesting information. The decoupling of publishers and consumers of information means that a user requesting...

Modern warfare relies on dynamic, coalition operations supported by small, agile teams in time sensitive missions. While each member of a coalition may maintain a local information space supporting the activities of its own teams, coalition members must be able to share information to cooperate effectively in dynamic environments and succeed in the...

Information spaces have emerged as a powerful concept for providing managed exchange of information between members of communities of interest (COIs), including information brokering and dissemination by publish-subscribe- query middleware. To support COIs with real-time or critical information exchange requirements, information spaces require qual...

Under the DynRIIC project, we produced results in two primary areas of QoS management for information spaces: architecture and algorithms. In the architecture area, we conceived, designed, and prototyped a multi-layered QoS management architecture suitable for information spaces. The multi-layered QoS management system works alongside the informati...

Exhaustive testing, documentation, code review, and formal methods have been the main approaches for software certification in high confidence cyber-physical systems. Although these methods have been sufficient in the past, continued reliance on these methods is no longer economically feasible for increasingly complex modern, distributed, dynamic s...

Fault tolerance (FT) is a crucial design consideration for mission-critical distributed real-time and embedded (DRE) systems, which combine the real-time characteristics of embedded platforms with the dynamic characteristics of distributed platforms. Traditional FT approaches do not address features that are common in DRE systems, such as scale, he...

In this position paper, we propose an analysis, architecture and design approach to specify and enforce certifiable behavior as a means for meaningful and economically feasible certification argument construction in the context of distributed, adaptable safety-critical software systems. The main components of our approach are: 1.) methods to identi...

Effective network-centric warfare requires information exchange with suitable quality of service (QoS) to meet the warfighter's needs. Information delivered too late or with the wrong resolution, form, or precision is insufficient for the user to perform his role in a warfighting scenario. Key characteristics of network-centric warfare environments...

Increasingly, embedded systems are part of larger distributed real-time embedded (DRE) systems in a wide variety of domains, including military command and control (C2), avionics and air traffic control, and medicine and emergency response. DRE systems combine the stringent quality of service (QoS) requirements of traditional closed embedded system...

The ARMS program researched and developed state-of-the-art technologies in dynamic quality of service and resource management, and applied them to the challenges of modern total ship Naval computing platforms. The program was organized in two phases, with Phase 1 concentrating on the research of underlying multi-layered resource management concepts...

Distributed real-time embedded (DRE) systems combine the stringent quality of service (QoS) requirements of embedded systems and the dynamic conditions of distributed systems. In these DRE systems, QoS requirements are often critical, and QoS must be managed end-to-end, from the mission layer down to the resource layer, across competing application...

Distributed, real-time embedded (DRE) systems, such as that being developed under the DARPA Adaptive Reflective Middleware System (ARMS) program, require predictable, controlled real-time behavior. It is a challenge to develop ways to measure and evaluate the quality, or utility, of DRE system performance in the context of the dynamic, unpredictabl...

Computing systems are increasingly distributed, real- time, and embedded (DRE) and must operate under highly unpredictable and changeable conditions. An im- portant and challenging problem for DRE systems is therefore adaptation of behavior and reconfiguration of resources to maintain the best possible application per- formance in the face of chang...

Dynamic resource management is a crucial part of the infrastructure for emerging distributed real-time embedded systems, responsible for keeping mission-critical applications operating and allocating the resources necessary for them to meet their requirements. Because of this, the resource manager must be fault-tolerant, with nearly continuous oper...

Maintaining end-to-end quality of service (QoS) is a challenge in distributed real time embedded systems due to dynamically changing network environments and resource requirements. The authors' middleware QoS management approach encapsulates QoS behaviors as software components. Using the Corba component model, they build these specialized QoS comp...

Dynamic resource management is a crucial part of the infrastructure for emerging mission-critical distributed real-time embedded system. Because of this, the resource manager must be fault-tolerant, with nearly continuous operation. This paper describes an ongoing effort to develop a fault-tolerant multi-layer dynamic resource management capability...

We present a hierarchical control system for the dynamic resource management of a distributed real-time embedded (DRE) system. This DRE is inspired by the DARPA Adap- tive and Reflective Middleware Systems (ARMS) program. The goal of the control system is to simultaneously manage multiple resources and QoS concerns. The control system is scalable a...

Welcome to the Proceedings of the 2005 International Conference on Distributed Objects and Applications (DOA). Some of the world’s most important and critical software systems are based on distribution technologies. For example, distributed objects run critical systems in industries such as telecommunication, manufacturing, finance, insurance, and...

There exist a number of approaches for query processing in Peer-to-Peer information systems that efficiently retrieve relevant information from distributed peers. However, very few of them take into consideration the overlap between peers: as the most popular resources (e.g., documents or files) are often present at most of the peers, a large fract...

IntroductionThe Evolution of MiddlewareComponent Middleware: A Powerful Approach to Building DRE ApplicationsQoS Provisioning and Enforcement with CIAO and QuO QosketsRelated WorkConcluding RemarksBibliography

As computer systems become increasingly internetworked, there is a growing class of distributed realtime embedded (DRE) applications that have characteristics and present challenges beyond those of traditional embedded systems. They involve many heterogeneous nodes and links, shared and constrained resources, and are deployed in dynamic environment...

The ITUA project began with the research goals of using Byzantine fault-tolerant protocols to coordinate adaptation to attacks and exploring the use of unpredictability in adaptive responses to confuse and delay the attacker. These main factors distinguish the ITUA approach; 1) dynamic adaptation - intrusions cause charges in the system, and a surv...