Software & Services, Cloud Computing H2020 Project Portfolio

ICT-07 – Advanced Cloud Infrastructures and Services ICT-09 – Tools and Methods for Software Development ICT-35f – Innovation and Entrepreneurship Support - European networks of procurers (European Procurers Platforms) EUJ-1-2014 – Technologies combining big data, internet of things in the cloud

July 2015 Digital Single Market

LEGAL NOTICE By the Commission of the European Union, Communications Networks, Content & Technology Directorate-General, Software & Services, Cloud Unit Neither the European Commission nor any person acting on its behalf is responsible for the use which might be made of the information contained in the present publication. The European Commission is not responsible for the external web sites referred to in the present publication. The views expressed in this publication are those of the authors and do not necessarily reflect the official European Commission view on the subject. © European Union, 2015 Reproduction is authorised provided the source is acknowledged.

Table of Contents Introduction. .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

4

Aligned. .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

10

AppHub. .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

12

Arcadia. .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

14

Beacon. .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

16

CHOReVOLUTION. . Clarus. .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

18

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

20

CloudLightning . . CloudSocket. .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

22

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

24

CloudTeams. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 CloudWATCH2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Cyclone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 DICE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 ENTICE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 ESCUDO-CLOUD. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 HOLA CLOUD. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 HyVar. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 iKaaS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 INPUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 IOStack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 MIKELANGELO. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 MUSA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 PaaSword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 PICSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 RAPID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 RePhrase. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 SERECA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 SLA-Ready . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 SLALOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 SSICLOPS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 SUNFISH. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 SUPERCLOUD. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 SWITCH. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

4

Introduction The first Work Programme of Horizon 2020 invited proposals for Research and Innovation projects in the areas of cloud computing (ICT-07) and software technologies (ICT-09). In addition, innovation and entrepreneurship support in the context of cloud computing was addressed in ICT35f through the creation of a network of procurers that will define an innovation procurement roadmap. Finally, a coordinated call with Japan (EUJ-1) focused on technologies combining big data and the Internet of Things in the cloud. Altogether, the selected projects represent a critical mass of research and innovation activities to keep Europe at the forefront of the developments in cloud computing and software technologies.

ICT-07 - Advanced Cloud Infrastructures and Services Through this call, cloud computing is being transformed by new requirements such as heterogeneity of resources and devices, software-defined data centres and cloud networking, security, and the rising demands for better quality of user experience. Cloud computing research is being oriented towards new computational and data management models (at both infrastructure and services levels). These models respond to the advent of faster and more efficient machines, rising heterogeneity of access modes and devices, demand for low energy solutions, widespread use of big data, federated clouds and secure multi-actor environments including public administrations. The aim is to develop infrastructures, methods and tools for high performance, adaptive cloud applications and services that go beyond current capabilities, strengthening the competitive position of European industry, including SMEs on a time horizon beyond 2018. This should build on European strengths in telecoms and mobile infrastructures as well as software applications and services. In line with the H2020 Work Programme, ICT -07 sought proposals for projects in the following areas:

Research and innovation actions (RIA) 1. High performance heterogeneous cloud infrastructures 2. Federated cloud networking 3. Dynamic configuration, automated provisioning and orchestration of cloud resources 4. Automated discovery and composition of services 5. Cloud security Innovation Actions (IA)  Platforms for trusted cloud systems: collaborative development, adaptation and testing of open source software for innovative and trusted cloud-based services Coordination and support actions (CSA)  Support the definition of common reference models for SLAs in the cloud  Support to the adoption of cloud infrastructures and services (legal, economic and social factors)  Support collaboration among research projects  Support dissemination, exploitation and "road mapping"

5

Analysis of portfolio of projects retained for funding The 16 RIAs retained are: CloudLightning, MUSA, SUNFISH, IOSTACK, PaaSword, CloudSocket, MIKELANGELO, SUPERCLOUD, ENTICE, INPUT, RAPID, SSICLOPS, BEACON, ESCUDO, SERECA and CLARUS.







 



  

CloudLightning propose to extend the current work on promoting access power efficient heterogeneous resources by shifting the deployment and optimization effort from the consumer to the software stack running on the cloud infrastructure and to build a cloud management and delivery infrastructure based on these principles. The main objective of MUSA is to support the security-intelligent lifecycle management of distributed applications over heterogeneous cloud resources, through a security framework that includes: security-by-design mechanisms to allow application self-protection at runtime, and methods and tools for the integrated security assurance in both the engineering and operation of multi-cloud applications. The SUNFISH project aims to provide a specific and new solution to face these issues. SUNFISH will enable the secure federation of private clouds based on the Public Sector needs: federated private clouds belonging to different Public Sector Entities will be able to share data and services transparently, while maintaining required security levels. IOSTACK plans to build an open Software-defined Storage platform for Big Data Analytics. PaaSword propose to introduce a holistic data privacy and security by design framework enhanced by sophisticated context-aware policy access models and robust policy access, decision, enforcement and governance mechanisms, which will enable the implementation of secure and transparent Cloud-based applications and services that will maintain a fully distributed and totally encrypted data persistence layer, and, thus, will foster customers' data protection, integrity and confidentiality. CloudSocket introduces the concept “Business Process as a Service” BPaaS that fulfils the business process needs, packages this BPaaS as “extended Cloudlets” that are autonomously deployable and include adaptive rules to appropriately react in a multi-cloud environment by keeping SLAs and process-based billing. The vision of MIKELANGELO is to improve responsiveness, agility and security of the virtual infrastructure through packaged applications, using lean guest operating system OSv and superfast hypervisor SuperKVM. SUPERCLOUD proposes a new security and dependability infrastructure management paradigm through the definition and development of a Virtual Private Cloud. The ENTICE proposal is focused on developing technology for management of virtual machine images in federated cloud environment.

6

     



The INPUT proposal aims at designing a novel infrastructure and paradigm to support Future Internet personal cloud services in a more scalable and sustainable way and with innovative added-value capabilities. RAPID proposes to enable the execution of CPU/memory intensive tasks on low power devices (smart phones, tablets, wearable devices …) by using the offloading of the CPU/GPU/memory intensive activities to specialized “accelerators” connected in a secured way. The SSICLOPS proposal focuses on techniques for the management of federated private cloud infrastructures, in particular cloud networking techniques (within software-defined data centres and across wide-area networks). BEACON addresses a relevant problem of deployment of applications and resources in a federated cloud-network. ESCUDO focuses on cloud security with the main objective to allow data owners to maintain full control over their data in the cloud and proposes to solve data access, current security issues, as well as data sharing and the manipulation of data by users. SERECA aims to remove technical impediments to secure cloud computing, and thereby encourage greater uptake of cost-effective and innovative cloud solutions in Europe. It proposes to develop secure enclaves, a new technique that exploits secure commodity CPU hardware for cloud deployments, empowering applications to ensure their own security without relying on public cloud operators. CLARUS aims to develop a gateway-based solution for secure storage and processing of data in a cloud.

Two IA proposals CloudTeams and CYCLONE are retained.  The aim of the CloudTeams proposal is clear: to provide a cloud based development platform, using existing technology, that supports and improves the communication with, and the involvement of the users.  The CYCLONE proposal aims at realising software and tools that will facilitate the deployment, management, and use of complex, multi-cloud applications, as well as to enhance end-to-end security, access management and network management. Five CSA proposals SLA-Ready, AppHub, SLALOM, CLOUDWATCH2 and HOLA CLOUD are retained.  SLA-Ready plans to deliver a reference model for Cloud SLAs, a set of best-practices and services to support cloud customers in the use of cloud SLAs through their life cycle.  The aim of AppHub is to support the market outreach strategies of EU-supported open source projects by launching AppHub, the European open source market place. AppHub is a service platform that will help the market to seamlessly identify, position and implement the software outcomes of these projects.  SLALOM is a support action tackling the complexity of cloud computing SLAs and contracts through standardisation of the SLA and contract terms and a reference model for SLA management. In doing so it will support the adoption of cloud (SLA complexity is an identified barrier to adoption) and support the exploitation of results from the cloud and SLA research communities, effectively by factoring in advances from the research sector into the SLALOM legal and technical models which will be promoted as industry standards. The project will involve interaction with policy makers, cloud providers, research projects and cloud adopters from various areas  CloudWATCH2 supports EU R&D on cloud computing, software, services across the full innovation lifecycle & the move to market, promoting technology advancements, supporting OS software re-usability through clustering, championing standards for interoperability & security, providing a roadmap on the cloud market structure to encourage transparent pricing & offering educational services on risk management & legal issues to lower adoption barriers for SMEs & public administration.  HOLA CLOUD will initiate an advanced conference series producing and revising an annual technology roadmap and providing an efficient venue for the members of the community to meet and exchange results and ideas for the future. To lower the barriers for industrial take-up, in particular with SMEs, HOLA CLOUD will organise a Hackademy for companies to create solutions to their problems together with the best European experts in the field.

7

ICT-09 - Tools and Methods for Software Development The quality levels required for complex and critical systems, for example those relating to reliability, resilience and automatic adaptation, still represent a major challenge given current software development methods and tools. Breakthroughs in this area could significantly improve the growth and competitiveness of the European industry and encourage faster innovation cycles. They could also foster a more competitive EU software industry, especially in the sector of large and interoperable software systems for industrial and public sector applications. Proposals are expected to cover one or both of the themes identified below: 

Software tools and methods for large, complex and data-intensive systems



Software architectures and tools for highly distributed applications

Analysis of the retained proposal portfolio The following proposals were retained: DICE, HyVar, ALIGNED, SWITCH, ARCADIA, CHOReVOLUTION, RePhrase.

The proposals DICE, ALIGNED and RePhrase all address theme 1 exclusively. DICE will define a novel MDD methodology that can describe data and data-intensive technologies in cloud applications. A quality engineering tool chain offering simulation, verification, and numerical optimisation will leverage these extensions to drive the early design stages of the application development and guide software quality evolution. ALIGNED propose to develop an aligned and novel methodology with software tools that will be instantiated as a unified meta-model, covering software and data engineering lifecycles. The proposal further plans to develop and validate models, methods and supporting tools. The RePhrase proposal focuses on software tools and methods for multi-core, parallel, large, complex and data-intensive systems. ARCADIA is the one proposal that addresses theme 2 exclusively; it aims at designing and validating a framework for development and management of reconfigurable, highly distributed applications and infrastructures. The rest of the retained proposals HyVar, CHOReVOLUTION and SWITCH address both themes 1 and 2. HyVar proposes a development framework for continuous and individualized evolution of distributed software applications running on remote devices in heterogeneous environments. CHOReVOLUTION focuses on research in choreography modelling, synthesis, adaptation, service bus, security, and cloud; and with the innovation focus on industrial validation, development support and integration platform. The SWITCH proposal aims to develop software methods and tools for the management of time-critical cloud applications over their entire lifecycle.

8

ICT-35f - Innovation and Entrepreneurship Support - European networks of procurers (European Procurers Platforms) The challenge is to improve the framework conditions of the European ICT innovation ecosystem so that it offers the best conditions for innovators to capture the full potential of innovation to transform ideas to the market for sustaining growth and jobs. European networks of procurers (European Procurers Platforms) The objective is to support the creation of European wide networks of procurers that define together an innovation procurement roadmap, identifying shared procurement needs in the near term (relevant for PPI) as well as mid-to-long term (relevant for PCP) in areas of common European interest. PICSE is one of the retained proposals and its main goal is to set up a European Procurers’ Platform capable of raising the level of understanding of issues in the procurement of cloud services. EUJ-1-2014 - Technologies combining big data, internet of things in the cloud Big data, internet of things are trends which will influence and impact the future development of cloud computing systems. Information gathering, processing and computing of massive amounts of data generated from and delivered to highly distributed devices (e.g. sensors and actuators) creates new challenges, especially for services and data hosted and executed across borders including EU and Japan. These requirements will impact the underlying cloud infrastructure requiring efficient management of very large sets of globally distributed non-structured or semi-structured data that could be produced at very high rates (i.e. big data). A multi-cloud service platform supported by broadband networks needs to handle all these challenges and appear to the application environment as one uniform platform. The focus of the joint research is the development of innovative global cloud platform technologies to meet the new challenges of big data, mobile and IoT. It should address requirements from business and industrial applications, such as robotics or factory automation and/or societal applications, such as health management for an aging society. The retained proposal iKaaS will facilitate the creation and provisioning of new added value services through the Cloud ecosystem that will be developed, thus making it possible for various business players to enter the Cloud and IoT world. Clusters of European projects on Software & Services and Cloud Computing Since March 2015, the European Commission services (DG CONNECT, Software and Services, Cloud Unit) have actively encouraged the creation of clusters of research and innovation projects. The main goal of clustering of projects is to create an environment where the projects funded by the European Union research and innovation programmes (in particular, the recipients of FP7 and H2020 grants) can interact, exchange information and find synergies among themselves. The identification of four relevant topics and corresponding cluster coordinators was indeed a bottomup process driven by the partners of interested projects, though facilitated by the Unit Software and Services, Cloud. Each cluster has set their own specific goals, though all of them focused on collaboration among project members on technical aspects as well as on the identification of trends in the relevant markets and on engaging in innovative ways to address such trends. Please visit the clusters website for more details: https://eucloudclusters.wordpress.com/2015/05/11/eu-projects-clusters/    

Software Engineering for Services and Applications Inter-cloud Challenges, Expectations and Issues New Approaches for Infrastructure Services Data Protection, Security and Privacy in the Cloud

9

Aligned

ALIGNED will allow European data and software engineering industries to exploit new opportunities in web data by developing models, methods and tools for engineering information systems that use big data.

AT A GLANCE Project title:

Aligned - Quality-centric Software and Data Engineering

Project coordinator: Trinity College Dublin (IE)

Partners from:

Trinity College Dublin (IE); University of Oxford (UK); Universität Leipzig (DE); Semantic Web Company GmbH (AU); Wolters Kluwer Deutschland GmbH (DE, PL); Adam Mickiewicz University, Poznan (PL)

Duration:

02/2015 - 01/2018

Total cost: 4,000,000 €

EC Contribution: 4,000,000 €

Programme:

H2020-ICT-2014-1

Further information: www.aligned-project.eu

Context and motivation The rapid growth of web data creates demand for software engineering methods which can build and maintain applications that extract, process and publish this data. ALIGNED will develop new models, methods and tools for engineering information systems based on co-evolving software and web data.

Challenge Currently, software and data engineering lifecycles are disconnected and separate. The tools, techniques, and lifecycles of both can easily fall out of sync, hindering innovation and making quality assurance difficult. These systems often require extensive customisation to reflect changes in user requirements, organisational policies, and the structure and interpretation of the data they hold. This customisation is expensive and errorprone. Large, complex software and data systems mean that exhaustive testing is necessary before any new feature can be added to the existing design. As software and data changes during their lifecycles, engineers are forced into a choice between expensive modification and continued operation with an inefficient design.

10

Solution

application development and knowledge management platform provision will be able to use this suite to improve the integrity, robustness and reliability of their systems. ALIGNED will ensure the availability of innovative tools for handling complex software systems, which will provide a significant productivity increase in the development, testing, verification, deployment and maintenance of dataintensive systems and highly distributed applications.

ALIGNED will create a combined software and data engineering meta-model that captures the data lifecycle, domain knowledge, and design intentions. This meta-model will allow users to describe their software and data engineering projects. From this meta-model, ALIGNED will create tools for software and data engineering of data-intensive systems. The software tools will use this model to produce software design models, transformations that generate or configure data-intensive applications. The data tools will use the meta-model to produce data development models including data quality and integrity constraints, data test frameworks, data curation workflows and data transformations. In addition, collaboration or process tools will help to integrate the outputs of both engineering processes. ALIGNED will develop methods for using these meta-models and tools as part of a software and data engineering process, with an emphasis upon techniques for ensuring data quality and integrity, as well as software security and reliability.

ALIGNED will provide targeted impacts on each of our four use cases. For the Semantic Web Company’s PoolParty product, ALIGNED will produce tools to manage schema complexity and assist software and data co-evolution. ALIGNED will help streamline the Wolters Kluwer JURION content pipeline, improve searching, and reduce errors in data transformation. The Seshat Global History Databank will gain tools to validate data, improve data collection, and for experts to aggregate data into analyses. ALIGNED will produce tools to assist communities with changing datasets and to map unstructured to structured data for DBpedia.

These tools and processes will improve the way in which users handle integrated data and software engineering. Users will be able to automatically detect mismatches between their software and data engineering efforts. Automated correctness checking tools will ensure that data remains compliant with schemas throughout its lifecycle. Automatic generation of tools and widgets will reduce the necessity of investing large amounts of time and energy in customisation. Mass participation tools will allow the generation and curation of large and complex high-quality datasets at lower costs in time and effort than previously. Expert-level tools will allow users to build analyses on top of these datasets, reconciling complex and conflicting data and transforming it into authoritative interpretations. Visualisation and display tools will allow for quick and easy publication of these datasets and analyses in comprehensible formats for non-expert users to consume and use.

Figure1: ALIGNED use cases and tools

Expected impact Aligned

ALIGNED will provide a comprehensive suite of tools and methodologies for combined software and data engineering. These tools and methodologies will reduce customisation costs and increase agility. Consumers in fields such as data-intensive 2/2

11

AppHub

AppHub, the European Open Source Market Place, provides a neutral distribution channel for trustworthy software developed by EU-supported projects and open source industry in general.

AT A GLANCE Project title:

AppHub - The European Open Source Market Place

Project coordinator: Fraunhofer FOKUS (DE)

Partners from: OW2 Consortium (FR), UshareSoft (FR)

Duration:

01/2015 - 12/2016

Total cost:

Context and motivation Open source software is the generic name for both a legal construct to share intellectual property and an approach to cooperative software development. While this approach has demonstrated its ability to produce world-class software, the potential benefits and efficiencies of open source are not, however, always achieved, indeed, far from it. Publishing code is not enough to develop a community of developers and only a minority of open source projects actually make it to stardom. This is certainly why open source remains a challenge for many IT professionals who still prefer to see the downside of open source.

850,000 €

Challenge

EC Contribution:

In North America, open source is a market strategy. The North American industry dominates the software industry. Open source being an avatar of the software industry, it is also dominated by the NorthAmerican software vendors. In Europe, open source is a collaborative process. Probably over 50% of collaborative projects with financial contribution from the European Commission deliver their results under an open source license. But because the European software industry is not dominant, most stakeholders do not see open source as a market growth

850,000 €

Programme:

H2020-ICT-2014-1

Further information:

www.apphub.eu.com/ twitter.com/#!/apphub_eu www.linkedin.com/groups?gid=8235784

12

strategy but only as an efficient way to develop software and share intellectual property. They see open source as a collaboration process and they ignore its strategic value. For this reason, open source raises scepticism as to its potential market impact and most projects remain independent, non-organized, and run the risk to be bypassed by the market and, ultimately forgotten.

store, and to deploy them in various cloud infrastructures.

Expected impact • Better connect EU-supported open source projects with users. The AppHub marketplace will reduce barriers to open source adoption and will make it easy for potential users and integrators to deploy and run the software produced by EU-supported open source projects on many different cloud service providers' platforms. • Improved market readiness and reputation of EU-supported open source projects. AppHub will provide EU-supported projects with a full service support that will make them better prepared for market acceptance. • Stronger EU community to support the growth of EUsupported open source project. AppHub will improve community support for EU-supported open source projects and for EU-generated open source software in general. • Build global visibility and build market position of EU-supported open source projects. AppHub will help enhancing the global recognition of EU open source projects through improved community support, better open source management of open source projects, and greater ease of access to the software. EU-generated open source software in general promoted through AppHub will gain greater visibility and a better market position.

Solution

AppHub

The aim of the AppHub project is to support the market outreach strategies of EU-supported open source by launching AppHub, the European open source market place. AppHub is a service platform that will help the market to seamlessly identify, position and implement the software outcomes of these projects. The partners that will develop, run and promote AppHub over this twoyear project and beyond combine unparalleled expertise in open source community management, EU research projects and a breakthrough technology in software asset management. AppHub will be based on three interrelated services: • The AppHub Directory allows placing software assets as part of a reference architecture and thus identifying rapidly ways to compose various open source assets into a service architecture. • The AppHub Factory lets users build and maintain full software stacks as templates using a visual "point and click" interface or APIs. • The AppHub Marketplace provides users with self-service access to prepackaged business and IT applications via a customizable, white-labelled app

2/2

13

ARCADIA The development, configuration and operation of Highly Distributed Applications’ entail many and multi-faceted challenges. The ARCADIA project is to provide a novel reconfigurable by design Highly Distributed Applications’ development paradigm over programmable Infrastructure.

AT A GLANCE Project title:

ARCADIA - A Novel Reconfigurable By Design Highly Distributed Applications Development Paradigm Over Programmable Infrastructure

Project coordinator:

Insight Centre for Data Analytics, National University of Ireland (IE)

Partners from:

National University of Ireland, Galway (IE), Stiftelsen Sintef (NO), Technische Universitat Berlin (DE), Consorzio Nazionale Interuniversitario Per Le Telecomunicazioni (IT), Univerza V Ljubljani (SI), Gioumpitek Meleti Schediasmos Ylopoiisi Kai Polisi Ergon Pliroforikis Etaireia Periorismenis Efthynis (EL), Wings Ict Solutions Information & Communication Technologies Epe EL Aditess Advanced Intergrated Technology Solutions & Services Ltd (CY), Maggioli Spa (IT)

Duration:

01/2015 - 12/2017

Total cost: 3,543,864 €

EC Contribution: 3,543,864 €

Programme: H2020-ICT-2014-1

Further information: http://www.arcadia-framework.eu

Context and motivation European software sector employs more than 2.75 million people and creates added value of €180B that is projected to grow to €383.5B by 2020 – a growth rate that is twice the projected growth of the overall economy in the EU27 region. Furthermore, as stated in the Networked European Software and Service Initiative (NESSI) at the position paper “Strategic Research and Innovation Agenda”, the global cloud market is forecasted to reach a size of up to 250 billion € in 2020 with Software-as –aService (SaaS) having by far the biggest share.

Challenge The evolution of the software development industry must be considered in the context of the challenges that are associated with the Future Internet ecosystem. Within such an ecosystem, open programmable networks is envisaged to enable the provision of a plethora of innovation opportunities for software industry as well as SMEs since high‐ quality services and revenue streams can be introduced more quickly and at lower risk while keeping the network reliable and secure and improving its utilization and operational efficiency. It is argued that the “Future Internet” software will be the critical infrastructure on which all other critical infrastructures will depend. By 2020, it is expected that software intensive real time systems should be executable on shared hardware and easily connectable to the outside world, while new scientific foundations, system design methodologies, development processes

14

and tools have to be developed to create the technical solutions tackling the challenges posed by system complexity in the embedded systems domain. Furthermore, software entities that have the ability to collaborate and spontaneously search for new design solutions in an autonomous and decentralized fashion have to be designed and implemented. Key research challenges also include the design and deployment of innovative software development tools and methods that facilitate the implementation of reliable and resilient systems that support automatic adaptation mechanisms. Such systems have the potential to improve the growth and competitiveness of the European software industry and facilitate the design and development of novel applications (e.g. highly distributed applications, business critical applications).

on building software entities that have the ability to collaborate and spontaneously search for new design solutions in an autonomous and decentralized fashion and thus reduce the management overhead and complexity, increasing in parallel the margin for productivity gains at macro level. ARCADIA components, tools and overall approach will be validated and evaluated using three use cases spanning diverse functionalities and domains, ensuring in this way the applicability of the provided solutions in the Future Internet world as well as their adoption by the EU industry.

Solution ARCADIA will overcome the challenges mentioned by taking advantage of the reconfigurable by design development paradigm targeted at the design of highly distributed applications over programmable infrastructure. The approach followed in ARCADIA ensures the optimal use of the available resources based on the existing policies as well as the optimal runtime configuration in application and infrastructural level, based on orchestration provided by distributed collaboration of the Smart Controllers. ARCADIA’s reference implementation and developed toolkits are going to facilitate application developers to design and develop infrastructuralagnostic applications and lead to the evolvement of novel and innovative paradigms for the deployment of advanced applications, boosting in this way the competitiveness of the software development industry.

Expected impact ARCADIA

The adoption of ARCADIA components, software paradigm and mechanisms will lead to the availability of novel ways for application development by exploiting the capacities of the programmable infrastructure. ARCADIA approach focuses

152 / 2

BEACON

BEACON

The BEACON project aims to integrate network virtualization and service function chaining into heterogeneous Cloud federations. Research and development activities are based on existing open source projects OpenDayLight, OpenNebula and OpenStack.

Context and motivation AT A GLANCE Project title:

BEACON - Enabling Federated Cloud Networking

Project coordinator: CETIC (BE)

Partners from:

Complutense University of Madrid (ES), Flexiant (U.K.), IBM Haifa (IL), Lufthansa Systems (DE), OpenNebula Systems (ES), University of Messina (IT)

Duration:

02/2015 - 07/2017

Total cost: 3,570,250 €

EC Contribution: 3,570,250 €

Programme:

H2020-ICT-2014-1

Further information: www.beacon-project.eu @BEACON_Project j.mp/beaconprojectgroup facebook.com/beaconprojecteu

Cloud federation enables cloud providers to collaborate and share their resources to create a large virtual pool of resources at multiple network locations. Different types of federation architectures for clouds and datacenters have been proposed and implemented (e.g. cloud bursting, cloud brokering or cloud aggregation) with different levels of resource coupling and interoperation among the cloud resources, from loosely coupled, typically involving different administrative and legal domains, to tightly coupled federation, usually spanning multiple datacenters within an organization. In both situations, an effective, agile and secure federation of cloud networking resources is key to impact the deployment of federated applications.

Challenge There is a strong industry demand for automated solutions to federate cloud network resources, and to derive the integrated management cloud layer that enables an efficient and secure deployment of resources and services independent of their location across distributed infrastructures. From big companies and large cloud providers interested in unifying and consolidating multiple datacenters or cloud sites to SMEs building hybrid cloud configurations, federated cloud networking is needed to support the automated deployment of applications across different clouds and datacenters. Many big companies (e.g. banks, hosting companies,

16

etc.) and also many large Government institutions maintain several distributed datacenters or server farms, for example to serve multiple geographically distributed offices, to implement HA (High Availability), or to guarantee server proximity to the end user. Federated cloud networking is needed to unify and consolidate datacenters in a virtual way, so that different distributed datacenters can be exposed as a single cloudlike virtual datacenter, and networks of different datacenters can be interconnected in a virtual overlay.

existing open source projects OpenDayLight, OpenDOVE, OpenNebula and OpenStack. These open source projects already have significant user communities.

BEACON architecture

Some large cloud providers offer different, geographically dispersed regions, so that users can choose to deploy their infrastructures and services in one particular region attending to different criteria, such as proximity, prices, or available resources. Usually these regions are isolated from other regions inside the same provider, to achieve fault tolerance and stability, and there is no interaction or cooperation between them. Federated cloud networking is needed to support distributed services, and provide the overlay networks needed to interconnect servers on different regions, so freeing the service administrator from manually configuring these remote connections.

Expected impact BEACON technology eases the deployment of multi-cloud applications, especially for SMEs. BEACON also allows secure deployments thanks to firewall templating, authentication and vulnerability scanning. This paradigm improves the competitiveness of SMEs in IT, datacenters and cloud providers because it can increase their computing and storage capacity on an on-demand basis at a reduced cost.

Solution The main goal of this project is to define and implement a federated cloud network framework that enables the provision of federated cloud infrastructures, with special emphasis on intercloud networking and security issues, to support the automated deployment of applications and services across different clouds and datacenters. One of the key points of this project is that it is fully driven by real industry uses cases proposed by different cloud actors, such as cloud providers, cloud technology developers, and cloud user companies and institutions that are represented by the different partners of the project consortium.

BEACON

BEACON will deliver a homogeneous virtualization layer on top of heterogeneous underlying physical networks, computing and storage infrastructures, enabling automated federation of applications across different clouds and datacenters. The research and development activities of the BEACON solution are based on 2/2

17

Automated Synthesis of Dynamic and Secured Choreographies for the Future Internet

CHOReVOLUTION

CHOReVOLUTION develops a technology based on dynamic choreographies that automatically compose and coordinate heterogenous distributed software services to enable applications supporting large numbers of service providers and consumers of different shapes and forms in the context of the Future Internet, the Internet of Things and Smart Mobility.

AT A GLANCE

Project title: Project title

 Automated Synthesis of Dynamic and Secured  Choreographies for the Future Internet.

Projects coordinator Projects coordinator

          THALES Group, France 

Partners Cefriel (IT) from: Partners

INRIA (FR)   OW2 Consortium (FR)  Softeco (IT)  Tirasa (IT)  Viktoria (SE)  Duration  01/2015 - 12/2017

Duration: Total cost/EC Contribution:  3,057,549 € / 3,057,549 €

Total cost/EC Contribution: Programme 

H2020-ICT 9-2014: Tools and Methods for Software Development

Programme:            Further information

 Web Site: www.chorevolution.eu Further information: Twitter: twitter.com/CHOR_eVOLUTION  LinkedIn: w  ww.linkedin.com/groups?gid=8238562

   

Context and motivation                                    

Challenge                                                                                                                                   



AT A GLANCE

                     

Solution

                                                                                                                                                                          

Expected impact                                                                                                                                 









CLARUS

CLARUS will develop a secure framework for the storage and processing of data outsourced to the cloud. It will improve trust in cloud computing services by giving users control over outsourced data with monitoring and audit services.

AT A GLANCE Project title:

CLARUS - A Framework for User Centred Privacy and Security in the Cloud

Project coordinator:

Universitat Rovira i Virgili (ES)

Partners from:

Montimage (FR), AKKA (FR), KU Leuven (BE), OFFIS (DE), TRUST-IT (UK), THALES (FR), EURECOM (FR),Royal Holloway (UK), Fundació Clínic (ES)

Duration:

01/2015 - 12/2017

Total cost: 4,193,549 €

EC Contribution: 4,193,549 €

Programme:

H2020-ICT-2014-1

Further information: http://www.clarussecure.eu

Context and motivation Traditional cloud security has been based on assurance to customers that cloud providers follow sound security practices. As a result, current security mechanisms are commonly located within the cloud platform, hence compelling customers to trust cloud providers. However, customers might be reluctant to outsource sensitive data due to lack of control over data storage and management. To reach its full potential, cloud computing needs solid security mechanisms that enhance trust in cloud computing by allowing cloud customers a greater control on the security and privacy of their data.

Challenge The CLARUS project seeks to enhance trust in cloud computing services by developing a secure framework for the storage and processing of data outsourced to the cloud that allows end users to monitor, audit and control the stored data without impairing the functionality and cost-saving benefits of cloud services. CLARUS endeavors to take a holistic security and privacy-by-design approach, in order to obtain an attack-tolerant framework.

20

Solution

Expected impact

The CLARUS solution is envisioned as a proxy located in a domain trusted by the end user (e.g., a server in her company’s intranet, a plug-in in the user’s device) that implements security and privacy-enabling features towards the cloud service provider.

The beneficiaries of the CLARUS solution will be potential cloud customers like companies, public organisations and egovernment administrations, which could thereby be motivated to embrace the benefits of trusted cloud services while retaining full control over any potentially sensitive data they outsource to the cloud. Cloud providers will also benefit from an agnostic trust-enabling solution like CLARUS that will open new market opportunities with a broader range of users.

To enhance privacy, CLARUS will implement a set of privacy-enabling mechanisms to ensure that the user’s sensitive data are properly protected before they are outsourced to the cloud. Protection will be provided in a way that cloud service functionalities are still preserved, even those that require performing operations (e.g., queries, transformations, calculations) on the protected data. To achieve that, CLARUS will rely on and innovate over the current state of the art on functionality-preserving cryptographic (e.g., (partially) homomorphic encryption, searchable encryption, etc.) and non-cryptographic data protection techniques (e.g., data anonymisation, document redaction, data splitting and merging, private information retrieval, etc.), with a special focus on preserving the benefits associated with cloud services (functionality, costeffectiveness, efficiency, etc.).

A customer category comes from the healthcare sector, which will gain from more transparent standardised auditable and controllable cloud services. CLARUS will offer security and privacy-enabling mechanisms to ensure that the patient records are properly protected before outsourcing to the cloud service provider. This means they can now leverage the full capabilities of cloud computing for processing and storing medical records while preserving the privacy of the patients’ data. In the long term, initiatives like CLARUS can pave the way to developing more transparent, standardised, auditable and controllable cloud services, which will be beneficial for all stakeholders.

To enhance trust, CLARUS will also implement a set of auditing services, so that users can directly supervise how data are being protected and outsourced to the cloud. To enhance security, CLARUS will also develop an attack-tolerant framework, so that potential security breaches within the cloud can be dynamically detected and appropriate mitigation measures can be activated on-line.

-

CLARUS

In this way, the user’s privacy, security and trust can be significantly enhanced with respect to current cloud security solutions both regarding honest-but-curious cloud providers and potential attackers (insiders as well as outsiders), while still preserving cloud functionalities (within the Platformas-a-Service, Infrastructure-as-a-Service and Software-as-a-Service models). CLARUS will demonstrate its achievements in two case studies, one related to healthcare records and the other to georeferenced data. 2/2

21

CloudLightning

CloudLightning will create a new way of provisioning heterogeneous cloud resources to deliver cloud services. This new self-organising system will make the cloud more accessible to cloud consumers and provide cloud service providers with power-efficient, scalable management of their cloud infrastructures.

AT A GLANCE Project title:

CloudLightning – Self-organising, Selfmanaging Heterogeneous Cloud.

Project coordinator: University College Cork (IE)

Partners from:

Norwegian University of Science and Technology (NO), Institute e-Austria Timisoara (RO), Dublin City University (IE), Centre for Research and Technology Hellas (GR), Maxeler Technologies Limited (UK), Intel (IE), Democritus University Of Thrace (GR)

Duration:

02/2015 - 01/2018

Total cost: 3,954,050 €

EC Contribution: 3,934,425 €

Programme:

H2020-ICT-2014-1

Further information:

Website: http://cloudlightning.eu/ Twitter: @_cloudlightning

Context and motivation CloudLightning proposes to create a new way of provisioning heterogeneous cloud resources to deliver services, specified by the Enterprise IT Decision Maker, using a bespoke service description language. Due to the evolving complexity of modern heterogeneous clouds, CloudLightning proposes to build a system based on principles of self-management and selforganisation. Service descriptions, provided by the Enterprise IT Decision Maker, will result in the cloud evolving to deliver the required services. The selforganising behaviour built into, and exhibited by, the cloud infrastructure will result in the formation of a number of potential resource coalitions capable of meeting the service needs. These coalitions will typically be composed of heterogeneous components and thus the quality of service that each could deliver will differ. The Enterprise IT Decision Maker will choose from these offerings and the successful coalition will be commissioned to deliver the service. An important objective in creating this system is to remove, from the Enterprise IT Decision Maker, the burden of low-level service provisioning, optimisation and orchestration and to vest it in the collective response of the individual resource elements comprising the cloud infrastructure. A related objective is to locate decisions pertaining to resource usage with the individual resource 22

components, where optimal decisions can be made. Currently, successful service delivery relies heavily on the over-provisioning of resources by the Cloud Service Provider. CloudLightning will address this inefficient use of resources and consequently will deliver savings to the Cloud Service Provider and the Enterprise IT Decision Maker in terms of reduced power consumption and improved service delivery, with hyperscale systems particularly in mind. In the CloudLightning scenario it is expected that the ultimate End User experience will not be adversely affected.

Challenge

Expected impact

Exploiting different architectures such as graphics processing units, many integrated cores and data flow engines, in a heterogeneous cloud environment, poses significant challenges.

Expected impacts for European cloud service providers that adopt the CloudLightning delivery model include: •

Moreover, to efficiently exploit heterogeneous resources in order to reduce application development effort, make optimisations easier, and simplify service deployment, requires a re-evaluation of the traditional approach to service delivery.

increased competitiveness resulting from providing a differentiated solution with those currently available in the market; operational savings (that may be passed to cloud consumers; greater accessbility to cloud computing will facilitate the consumption of cloud resources generating competitive advantage.

• •

Solution The CloudLightning solution comprises the following elements:

• •

a declarative approach to service provision; the introduction of decentralised self-management; and the exploitation of heterogeneous resources.

The CloudLightning solution will be demonstrated in three application domains – (i) genome processing, (ii) oil and gas exploration, and (iii) ray tracing.

In addition to contributing to competitivess in EU enterprises, greater server utilisation resulting from CloudLightning deployments will result in less energy consumption and associated energy savings, a strategic objective for European society and industry and can contribute to the 20/20/20 climate energy targets.

2/2

23

CloudLightning

•

Enterprise IT departments using CloudLightning-enabled cloud services will benefit through: • increased accessibility to heterogeneous processing resources; • greater choice within the market resulting from the portability of the declarative service descriptions; • greater energy efficiency and reduction in associated costs; • reduced development, deployment and optimisation effort.

CloudSocket CloudSocket implements a layered approach to bridge the semantic distance from business processes to workflow configurations in order to enable Business Processes as a Service in the Cloud (BPaaS).

AT A GLANCE Project title:

CloudSocket - Business and IT-Cloud Alignment using a Smart Socket

Project coordinator:

BOC Asset Management GmbH (AT)

Partners:

BOC Asset Management GMBH (AT), ATOS Spain SA (ES), SC Ymens Teamnet SRL (RO), Fhoster s.r.l.(IT), Baden-Wurttemberg: Connected E.V. (DE), Mathema SRL (IT), Universitaet ULM (DE), Foundation For Research And Technology Hellas (EL), Fachhochschule Nordwestschweiz (CH)

Duration:

01/2015 - 12/2017

Total cost: 4,084,850 €

EC Contribution: 4,084,850 €

Programme:

H2020-ICT-2014-1

Further information:

Context and motivation Cloud computing has been proven to offer flexible IT solutions. Although large enterprises may benefit from this technology by educating their IT departments, SMEs are dramatically falling behind in cloud usage and hence lose the ability to efficiently adapt their IT to their business needs. The reason for this is that they are concentrating on their core business and rarely have the possibility to deal with the complexity of business and IT alignment. This situation may tend to the EU having a disadvantage compared to global competition.

Challenge Our primary targets are SMEs that are currently excluded from using the cloud due a lack of in-house capability and high entry barriers. These barriers come in the form of a gap between pragmatic, legally influenced, well-defined business processes and a gigantic marketplace of numerous offerings of cloud services that rarely consider the business needs of an entrepreneur but focus on technical requirements. Startups and SMEs typically focus on their core business. Hence, several business processes, such as customer relations and campaigning, administrative issues on

www.cloudsocket.eu

24

registration, IT services including after sales support, are necessary for business success but cannot be sufficiently supported by IT from those organizations. Business Processes in the Cloud enable brokers who act as a public or private organisations offering cloud-based delivery of those business processes to support start-ups, entrepreneurs and SMEs.

by defining self-adaptive workflows in a multi-Cloud environment. Furthermore, the service management and monitoring, which is necessary for features such as billing, is also performed on the business process level to enable the reflection of Quality of Business Processes. (3) Public services: CloudSocket aims to provide business solutions to SMEs, which can be offered in an open and interoperable form. A particular focus is on startups which do not want to invest in their own IT infrastructure but concentrate on the development of their business. IT services need to be adapted according to the changes and evolution of the organisation and business.

Solution The overall idea of the CloudSocket project can be expressed as “The Smart Cloud Business Process Broker”, comprising of discovery, orchestration, deployment and execution of services in the cloud. Through these phases CloudSocket lifts the level of integration from the technical to the business level by a model-based approach. A detailed analysis of the business requirements based on the phases - plan, model, manage and measure - is common in business and IT-alignment. On a business level we have models such as business processes, rules or cases, which need alignment with models on an IT level such as workflows, SLA and architectures.

CloudSocket comprises four phases, each phase supported by a corresponding building block: (a) the design environment to describe business processes, business requirements and workflows (b) the allocation environment linking deployable workflows with concrete sercies, (c) the execution environment that executes and monitors the workflow as well as (d) the evaluation environment that lifts key performance indicators back to the business level.

CloudSocket aims to realise this vision by: (1) supporting the extraction of businessand IT-experts’ knowledge in a human and machine interpretable format and enable smart integration and translation between business and IT models, (2) providing smart and intelligent tools to align business requirements to cloud offerings, (3) supporting model-driven and knowledge supported resource allocation of Cloud-based workflows, (4) enabling intelligent execution of models within a smart and adaptive BPaaS middleware and (5) reflecting process monitoring results from Cloud level to business level thanks to semantic enrichment and conceptual analytics. The CloudSocket characterized by:

offerings

Expected impact Through the possibility for public or private organisation to become a Business Process as a Service broker, it is expected to create impact by (a) establishing a novel business model as well as (b) create new cloud offering for start-ups, entrepreneurs and SMEs that are not yet in the cloud.

are

CloudSocket

(1) Knowledge-based Approach: For bridging the gap between business needs and cloud offerings by abstracting from technical details and presenting cloud monitoring results at the business level. (2) Business Process in the Cloud: For dealing with end to end Business Processes as a Service, which are deployed 2/2

25

CloudTeams CloudTeams realizes a Collaborative Software Development Framework based on a Trusted, Secure Cloud-based Pool of Users that brings together the software development community and the prospective users in a win-win relationship.

AT A GLANCE

AT A GLANCE Project title CloudTeams Collaborative Software DevelProject -title:

opment Framework based onSoftware a Trusted,DevelSeCloudTeams - Collaborative cure Cloud-based Pool of Users opment Framework based on a Trusted, Secure Cloud-based Pool of Users

Project coordinator Fraunhofer Institute for Applied Information Projects coordinator

Technology (DE) for Applied Information FraunhoferFIT Institute Technology FIT (DE), Prof. Wolfgang Prinz

Partners

National Technical University of Athens (GR), Partner: FZI Forschungszentrum Informatik (DE), National Technical University of Athens (GR), SINGULARLOGIC (GR), Yazilim Sanayicileri FZI Forschungszentrum Informatik (DE), Dernegi (TR), Booreiland (NL)Sanayicileri SINGULARLOGIC (GR),V.O.F. Yazilim Dernegi (TR), Booreiland V.O.F. (NL) Duration

03/2015 - 02/2017

Project Number: Total 644617cost 2,088,851.61 €

Duration: EC Contribution 24 months €1,892,881.00 Total cost: €2,088,851.61 Programme EC Contribution: H2020-ICT-2014-1 €1,892,881.00

Website Programme: www.cloudteams.eu H2020-ICT-2014-1

Website:

www.cloudteams.eu

Context and Motivation Due to the numerous open source projects and the available cloud-based services (IaaS, Paas, SaaS), the costs for software development and deployment start to decrease. At the same time, the competition in the software industry increases because of the lower entry barriers. Thus the need to bring software developer teams closer to the customer during the software development process becomes vital for the success of software products.

Challenge CloudTeams provides the environment where software teams interact with prospective customers, test their developments and collaboratively develop business models for software solutions. Taking into consideration the need for rapid prototyping, the multidisciplinarity of software teams, and the increasing use of cloud-based deployment environments, CloudTeams integrates the tools and interfaces in one overall platform to speed up the development process itself.

Solution CloudTeams realizes a collaborative software development platform to support both software teams and end users:

26

developer teams are provided with the necessary tools, unified under a simple, meaningful platform for collaboration with customers, and

b)

prospective users upload, sync and manage their personal data and interests, and permit CloudTeams to analyse and represent their activity. This enables software teams to find trustful end-users to co-develop better software solutions under several rewards.

show the power of the project on wellestablished companies, with common software cycles. It will show the impact of tools on boosting innovation, building a user community, increasing acceptance and customers’ value through the process. CloudTeams in Growing Businesses will collaborate with YASAD’s members and well established startup organizations, to test its impact and value in software teams that apart from new products look for establishing their business models.

The CloudTeams Platform is the interface of software development teams to collaborate and manage the whole development process. It enables teams to connect their third party services with external tools, setup a software development project, build the prototype, and deploy the solution with cloud hosting services.

Expected Impact CloudTeams aspires to bring together all stakeholders involved in the value chain of developing commercially viable software tools and platforms. Carefully orchestrated showcases highlight the soundness and the technological and business potential of the proposed concepts, tools and services. With regards to its business impact, CloudTeams has a two-fold focus, and a clear view and strategy of how this impact will be brought across:

Complementarily, the platform provides a software project management component that integrates existing services for task allocation, a testing and trust framework to ensure that the user requirements are met, and an analytics framework that identifies the users’ activity profiles to enhance the decision process of software teams. In parallel the CloudTeams Platform continuously retrieves feedback from and interacts with the enrolled users.

 CloudTeams improves the innovation capacity and the integration of new knowledge to strengthen the competitiveness and growth of companies by developing innovative solutions, and by meeting the needs of European and global markets. CloudTeams aims to actively involve the customers, who constitute the most significant stakeholders in this value chain.

The CloudTeams User Community is a sustainable community of users who control their data across different third-party services and provide information on their activity through their avatars to the development teams at any stage of the software development cycle, ranging from idea generation to beta testing. The CloudTeams Platform promotes participation of endusers in the different stages of the software life cycle by employing communitybuilding practices, such as sharing, rating and commenting, but also by striking up competition through publishing the achievements of the most active users. CloudTeams introduces an award system for giving different types of incentives, as well as a gamification engine for popular projects and inspirational users.

 CloudTeams promotes the adoption of the developed approach as a nextgeneration software engineering methodology, through intense dissemination of the project’s outcomes towards targeted stakeholders, reaching out to international audiences within and beyond EU.

Validation and Results Assessment

CloudTeams in Established Businesses will run at least two cases in the context of SILO’s products and YASAD’s members, to

Figure 1: CloudTeams Solution

2/2

27

Title of the publication

a)

CloudWATCH2

CloudWATCH2 takes a pragmatic approach to market uptake and sustainable competitiveness for the wider uptake of new cloud services and products from European research and innovation initiatives. CloudWATCH2 helps R&I initiatives to overcome challenging issues like standards and pricing to maximise the socio-economic impact of this new cloud ecosystem.

AT A GLANCE Project title:

CloudWATCH2 - Think Cloud Services for Government, Business and Research

Project coordinator: Trust-IT Services (UK)

Partners from:

Trust-IT Services (UK), University of Oxford e-Research Centre (UK), Cloud Security Alliance EMEA (UK), Strategic Blue Services (UK), ICT Legal Consulting (IT)

Duration:

09/2015 - 08/2017

Total cost: 585,000 €

EC Contribution: 585,000 €

Programme: H2020-ICT-2014-1

Further information: http://www.cloudwatchhub.eu/

Context and motivation One of the objectives of the Digital Single Market Strategy is creating long-term growth potential. Europe needs a digital market that allows new business models to flourish, start-ups to grow and industry to innovate and compete on a global scale. The European Commission’s programme for Software, Services and Cloud gives companies and research institutions the freedom to innovate technically in cloud computing. This is how European research and innovation initiatives bring continuous improvements and deliver services and solutions with increasing value for the digital single market.

Challenge For European industry and citizens to make the most of the digital economy we need to tackle the most challenging issues. In the cloud R&I space, these challenges include issues such as standards, transparent pricing and better uptake of new services. European Research and Innovation (R&I) projects need to think strategically, looking at technology and pricing as part of the same equation. While challenging, interoperable cloud services play a very

28

important role in extending the market and in bringing business benefits to both the supply and demand sides. Results from projects need to have an impact on the market if they are to become truly sustainable. This is where CloudWATCH2 comes into play. CloudWATCH2 brings together highly specialised experts in standardisation, security, legal aspects and pricing to help ensure European R&I takes to market the best possible products and services. Ultimately, this has significant benefits not only for small- and mediumsized enterprises (SMEs) but also public services.

transferred into guidance documents and standards. Risk management and legal guides to the cloud for private and public organisations to lower barriers and ensure a trusted European cloud market.

Expected impact Industry 4.0 is about digital innovation in products, processes and business models. CloudWATCH2 provides a set of services to capture the value of European R&I initiatives in the digital single market and ultimately benefit Industry 4.0 as a central pillar of the European economy. Europe must innovate at the technological level and demonstrate tangible business value. CloudWATCH2 services will play a key role in this. Firstly, by showing how the market can become more efficient, more competitive and bring savings to consumers; and secondly by supporting EU R&I projects to think strategically and look at technology and market uptake as equally important.

Solution CloudWATCH2 takes a pragmatic approach to market uptake and sustainable competitiveness for wider uptake and commercial exploitation. It provides a set of services to help European R&I initiatives capture the value proposition and business case as key to boosting the European economy. CloudWATCH2 services include:

CloudWATCH2

A cloud market structure roadmap with transparent pricing to enable R&I projects to chart exploitation paths in ways they had not previously considered, or help them avoid approaches that would not have been successful. Mapping the EU cloud ecosystem of products, services and solutions emerging from EU R&I projects. Identifying software champions and best practices in mitigating risks associated with open source projects, and ultimately, enable faster time-to-value and commercialisation. Concertation for clustering and convergence on common themes and challenges. Re-use of technologies will also be of paramount importance. Promoting trusted & secure services through roadshows and deep dive training sessions. Giving R&I initiatives a route to users at major conferences or in local ICT clusters. A portfolio of standards for interoperability and security that can facilitate the realisation of an ecosystem of interoperable services for Europe. Cloud interoperability testing in an international developer-oriented and hands-on environment. Findings will be

2/2

29

Cyclone CYCLONE project aims to provide software and tools that facilitate the deployment, management, and use of complex, multi-cloud applications; enhance the end-to-end security and network management of those applications.

AT A GLANCE Project title:

CYCLONE - Complete Dynamic Multi-cloud Application Management

Context and motivation

Partners:

Interoute Spa (IT), Sixsq Sarl (CH), QSC AG (DE), Technische Universitaet Berlin (DE), Fundacio Privada i2CAT (ES), Universiteit Van Amsterdam (NL), Cnrs - Centre National De La Recherche Scientifique (FR)

Application service providers (ASPs) develop, deploy, and maintain complex computing platforms within multiple cloud infrastructures to improve resilience, responsiveness and elasticity of their applications. CYCLONE project targets ASPs, providing them with software and tools that: (a) facilitate the deployment, management, and use of their complex, multi-cloud applications; (b) enhance the end-to-end security and network management of those applications.

Duration:

Challenge

Project coordinator: Interoute SPA (IT)

01/2015 – 12/2017

Total cost: 3,840,000 €

EC Contribution: 3,840,000 €

Programme: H2020-ICT-2014-1

Further information: http://www.cyclone-project.eu/

Concretely, CYCLONE will: • Improve cloud services in the Infrastructure-as-a-Service (IaaS) layer by integrating network services into the cloud offering for a direct control over virtual machine network accessibility, intra-site data access, and inter-site data transfers. • Develop tools that provide enhanced functionality for cloud providers that agree to federate their resources, such as dynamic allocation of bandwidth between cloud providers and common authentication mechanisms. • Provide tools for application developers to automate the placement of service components, scale resources toward a full-featured Platform-as-aService (PaaS) offering.

30

that is tailored to their application’s needs. Federated Cloud Networking. CYCLONE incorporates and improves the OpenNaaS to allow dynamic allocation of high-bandwidth channels inside and between data centers. Dynamic Configuration, Provisioning, and Orchestration of Cloud Resources. CYCLONE extends SlipStream to allow the selection and provisioning of resources based on user-defined algorithms. Automated Discovery and Service Composition. SlipStream provides a common interface to discover applications and services that have been created and shared by other users of the system. Cloud Security. End-to-end security to allow ASPs to minimize the exposure of their applications and enhance their security.

•

Develop mechanisms to more easily deploy and manage applications and, thus, maintain Software-as-a-Service (SaaS) systems. • Provide software that allows developers to ensure the end-to-end, secure use of data within their application as well as secured access to remote data sources. • Demonstrate that the CYCLONE software meets the needs of concrete academic and commercial use cases, while providing frequent, productionquality releases of that software. To realize this, CYCLONE integrates and improves mature, open-source components, such as StratusLab, OpennNaaS, SlipStream and TCTP.

•

•

•

Solution

•

The project’s primary goal is to provide the software for a production-quality platform that facilitates the deployment and management of complex, cloud-based applications. CYCLONE will work on • Federated identity management and end-to-end secure data management • Deployment and management of complex services with resource tuning that permits real-time response of the system • Dynamic allocation of high-bandwidth, inter-site connections • Ability to provide high-level, generalized features to applications that can be easily incorporated into application deployments CYCLONE will integrate partner’s established cloud solutions for managing software-defined networking, application deployment, cloud security and access management into a holistic cloud action and resource model. Two flagship applications areas have been selected to guide the initial development of the CYCLONE tools: an academic cloud platform and associated services for bioinformatics research and a commercial deployment for smart grids in the energy sector.

CYCLONE innovations can be summed up in a) Easier multi-cloud deployment; b) Inclusion of networking as a first-class cloud resource; c) Ease of deploying (and customizing) the optimal level of security, placement algorithms, scaling algorithms, and monitoring. With CYCLONE, users can flawlessly use a variety of public and private cloud resources, and cloud providers can provide advanced services and get a competitive advantage in the IaaS, PaaS and SaaS market.

Key research and innovation challenges in CYCLONE are briefly summarized in the following major areas. • High Performance Heterogeneous Cloud Infrastructures. CYCLONE software allows users to aggregate cloud resources from both private and public providers to build a cloud platform 2/2

31

CYCLONE

Expected impact

Dice DICE will define a quality-aware model-driven framework for developing Big data applications. The project will offer a novel UML profile and tools to help software designers continuously enhance quality of data-intensive software systems, focusing on reliability, efficiency and safety characteristics.

AT A GLANCE

Context

Imperial College of Science, Technology and Medicine (UK)

Recent years have seen the rapid growth of interest for cloud applications built on top of Big data technologies such as MapReduce/Hadoop, NoSQL databases, cloud-based storage, and stream processing systems. However, there is a shortage of models, methods and tools to analyze, predict and guarantee efficiency, reliability and safety in data-intensive software systems.

Partners from:

Objectives

Project title:

DICE - Developing Data-Intensive Cloud Applications with Iterative Quality Enhancements

Project coordinator:

Politecnico di Milano (IT), Institute e-Austria Timisoara (RO), XLAB (SL), Flexiant Limited (UK), Athens Technology Center (GR), PRODEVELOP (ES), Netfective Technology (FR), Universidad de Zaragoza (ES)

Duration:

02/2015 – 01/2018

Total cost: 3,950,000 €

EC Contribution: 3,950,000 €

Programme:

H2020-ICT-2014-1

Further information: http://www.dice-h2020.eu Twitter: @diceh2020

DICE will define a novel framework for quality-driven development of Big data applications. The DICE methodology will cover quality assessment, architecture enhancement, continuous testing and agile delivery, relying on principles of the emerging DevOps paradigm. Specifically, DICE aims at: • Tackling skill shortages and learning curves in quality-driven development and Big data technologies through open source development tools, models, and methods. • Shortening the time to market for data-intensive applications that meet quality requirements, reducing costs for independent software vendors (ISVs) and increasing value for endusers. • Reducing the number and the severity of quality incidents by iteratively

32

learning the quality-levels at runtime of the application at runtime, feeding this information back to developers. To achieve these goals, DICE will offer a model-driven engineering (MDE) framework for Big data applications based on UML. The framework will feature a quality engineering tool chain for simulation and verification of efficiency (cost and performance), reliability, and safety properties of the application. Using a DevOps-inspired approach, the DICE framework will deeply analyze monitoring data collected during testing and operation with the goal of automatically identifying quality anomalies and anti-patterns in the architecture design. This will help developers to understand the root-causes of quality incidents. The DICE framework will be evaluated in three industrial demonstrators in the areas of news and media, maritime operations, and legacy egovernment software systems.

and recipes supporting delivery, configuration, continuous integration, quality- and unit-testing. A summary view of the project methodology is shown below, highlighting in red some of the key components of the framework and the main innovations compared to standard MDE approaches.

Expected Impact DICE will deliver innovative development methods and tools to strengthen the competitiveness of small and medium European ISVs in the market of businesscritical data-intensive applications. The barriers that DICE will break are the shortage of methods to express data-aware quality requirements in model-driven development and the ability to consistently bring these requirements forward throughout the tool-chain of quality analysis, testing, and deployment. Tackling these barriers will realize the breakthrough of accelerating the development of business-critical dataintensive applications, by fostering shorter development, deployment and testing cycles. This will increase the competitiveness of the European software engineering industry, especially of small and medium ISVs that cannot afford dedicated quality teams.

Solution

The DICE framework will feature several novel models, methods and tools: • DICE profile: a MDE profile to develop Big data applications and annotate their quality requirements; • DICE IDE: an integrated development environment to accelerate coding and application design; • Quality analysis tools: a set of tools for quality-aware decision-making via simulation, verification and numerical optimization methods; • Iterative quality enhancement tools: an engine that will continuously detect quality outliers from monitoring data and provide recommendations on possible architectural enhancements. • Deployment and testing tools: tools

DICE

End-users of DICE will be primarily software engineers and architects in small and medium ISVs with knowledge of UML, but without advanced expertise in quality engineering. The goal is to put these endusers in condition to perform advanced quality engineering of Big data products.

2/2

33

ENTICE

In this project, we research and create a novel Virtual Machine repository and operational environment for federated Cloud infrastructures.

AT A GLANCE Project title:

ENTICE - Decentralized Repositories for Transparent and Efficient Virtual Machine Operations

Project coordinator: Universitaet Innsbruck (AT)

Partners from:

Universitaet Innsbruck (AT), Magyar Tudomanyos Akademia Szamitastechnikai Es Automatizalasi Kutatointezet (HU), Univerza V Ljubljani (SI), Flexiant Limited (UK), Wellness Telecom Sl (ES), Deimos Castilla La Mancha S.L. (ES)

Duration:

02/2015 – 01/2018

Total cost: 2,767,565 €

EC Contribution:

Context and motivation Virtualization is a key technology in Cloud computing that allows users to run multiple virtual machines (VM) with their own application environment on top of physical hardware. Virtualization enables scaling up and down of applications by elastic on-demand provisioning of VMs in response to their variable load to achieve increased utilisation efficiency at a lower operational cost, while guaranteeing the desired level of Quality of Service (QoS, such as response time) to the end-users. Typically, VMs are created using provider specific templates (so-called VM images) that are stored in proprietary repositories, leading to provider lock-in and hampering portability or simultaneous usage of multiple federated Clouds. In this context, optimisation at the level of the VM images is needed both by the applications and by the underlying Cloud providers for improved resource usage, operational costs, elasticity, storage use, and other desired QoS-related features.

2,767,565 €

Challenge

Programme:

We identify in this project five critical barriers that prevent many users from industry, business and academia to effectively use Cloud resources and

H2020-ICT-2014-1

Further information: www.entice-project.eu

34

virtualised environments for their computing and data processing needs: (i) anual, error-prone and time consuming VM image creation, (ii) onolithic VM images with large deployment and migration overheads, (iii) roprietary un-optimised VM repositories, (iv) nelastic resource provisioning, and (v) ack of information to support effective VM image optimisation.

across Cloud infrastructures and without provider lock-in, in order to finally fulfill M the promises that virtualization technology has failed to deliver so far. M

Expected impact

Existing research mostly focuses on preoptimising algorithms, which are not applicable to already available VM images. P With its VM synthesiser, ENTICE will extend preoptimising approaches so that image dependency descriptions are mostly I automatically generated. The project will also introduce new comprehensive postoptimising algorithms so that existing L VM images can be automatically adapted to dynamic Cloud environments. ENTICE project aims to achieve a major breakthrough in simplified, storageefficient and cost-effective creation, usage, and portability of VM images to dramatically improve elasticity and load balancing across federated Cloud infrastructures. ENTICE will reach far beyond existing systems by its unique and highly ambitious goal to distribute VM images across Cloud infrastructures for multiple possibly conlicting optimisation objectives including performance and QoSrelated goals, operational costs, and storage from which applications and Cloud providers can benefit. In the following we describe the most important research challenges that must be addressed to bring the current state-of-the-art to a new innovation level.

Solution

ENTICE

In this project, we will research and create a novel VM repository and operational environment named ENTICE for federated Cloud infrastructures aiming to: (i) Simplify the creation of lightweight and highly optimised VM images tuned for functional descriptions of applications; (ii) Automatically decompose and distribute VM images based on multiobjective optimisation (performance, economic costs, storage size, and QoS needs) and a knowledge base and reasoning infrastructure to meet application runtime requirements; and (iii) Elastic auto-scale applications on Cloud resources based on their fluctuating load with optimised VM interoperability

2/2

35

ESCUDO-CLOUD

ESCUDO-CLOUD empowers data owners as first class citizens of the cloud. ESCUDO-CLOUD provides effective and deployable solutions allowing data owners to maintain control over their data when relying on Cloud Service Providers (CSPs) for data storage, processing, and management, without scarifying on functionality.

AT A GLANCE Project title:

ESCUDO-CLOUD - Enforceable Security in the Cloud to Uphold Data Ownership

Project coordinator:

Università degli Studi di Milano (IT)

Partners from:

Universita Degli Studi Di Milano (IT), British Telecommunications Public Limited Company* (UK), Emc Information Systems International (IE), IBM Research GMBH (CH), SAP AG (DE), Technische Universitaet Darmstadt (DE), Universita' Degli Studi Di Bergamo (IT), Wellness Telecom Sl (ES)

Duration:

01/2015 – 12/2017

Total cost: 4,822,750 €

EC Contribution: 3,827,000 €

Programme:

H2020-ICT-2014 – 1

Further information: http://www.escudo-cloud.eu

Context and motivation Cloud computing is increasingly a necessary strategically ICT infrastructure component for European companies to successfully compete in the world-wide economy. The advantages of renting ICT infrastructures, platforms, and services, with easy access to scalability and elasticity, are driving an ever-accelerating transfer toward the cloud of data and applications. Unfortunately, such a convenience comes at the price of the data owners losing control over their data, hence leaving them potentially exposed.

Challenge Today, users placing data in the cloud need to put complete trust that the Cloud Service Providers (CSPs) will correctly manage the outsourced information. As a matter of fact, all CSPs apply security measures in the services they offer, but these measures either assume full trust in the CSP and allow it to have full access to the data, or greatly limit the functionality that the CSP is able to offer in accessing the outsourced data. ESCUDO-CLOUD will provide protection guarantees giving the data owners both full control and cloud functionality for their data in the cloud.

36

Solution

Expected impact

The goal of ESCUDO-CLOUD is to empower data owners as first class citizens of the cloud. This goal will be achieved by providing enforceable security, that is, techniques wrapping the data to provide a layer of protection to the eyes of the storing/processing CSP itself, setting the trust boundary at the client side, which means assuming correct and trusted behavior only by the client.

ESCUDO-CLOUD, empowering users with control over data, will remove possible concerns that today may limit cloud adoption, enabling users to rely on the cloud with confidence for a variety of applications and data. ESCUDO-CLOUD will be beneficial to both data owners and CSPs. Data owners will be enabled to outsource their data while maintaining control over them, with the ability to regulate access to them and share them with other users in a selective way and with assurance that their data will remain protected from the CSPs. Data owners will then be able to rely on CSPs and use their services for a wider range of applications. This will benefit both companies as well as individual users.

To reach this ambitious goal, ESCUDOCLOUD will develop modular solutions and will tackle the security problems from different angles and perspectives. In particular, it will consider four dimensions that help in defining the challenges to be tackled: security properties (confidentiality, integrity, availability); sharing requirements (access by data owners, selective sharing with other users/owners); access requirements (upload/ download, fine-grained retrieval, write operations); cloud architectures (single cloud provider, multi cloud and federated cloud).

CSPs will significantly benefit, in addition to the increased market penetration that robust data ownership would provide, from reduced regulatory risks, audit costs, and general security threats that they would have to face in the absence of such protection. Freeing providers from the worries of protecting data, ESCUDOCLOUD will allow them to even handle the data outside their own control. For instance, it will enable a provider itself to rely on other services for outsourcing storage and computation, behaving as a broker providing a virtualized cloud service, without worrying about the possible improper exposure of user information, which is guaranteed to be self-protected. This will benefit both larger as well as smaller players in the market.

These dimensions, with their different configurations, correspond to different scenarios and challenges to be addressed. ESCUDO-CLOUD will tackle these issues and challenges with a gradual approach and will provide modular techniques and tools that can be applied as needed in different environments. In particular, ESCUDO-CLOUD will guide the structure of the work based on sharing requirements and cloud architectural assumptions (which define the three main scenarios of reference, addressed in the technical work packages of the project) and, within them, it will investigate how to guarantee security properties and satisfy access requirements.

ESCUDO-CLOUD

ESCUDO-CLOUD will produce innovation on a wide front. Concretely, it will provide advanced and novel technical solutions and software tools for empowering data owners to fully enjoy cloud services while maintaining control over their data. The work will also seek deployment of existing techniques and consideration of existing standards. This will ensure practical applicability and compatibility with existing technologies. The main results of the project will then be a family of modular techniques and associated software implementations, comprising the ESCUDO-CLOUD middleware, deployed in real environments. 2/2

37

HOLA CLOUD HOLA CLOUD targets to establish effective mechanisms for efficient collaboration among the members of the software, services and Cloud computing community building on a decade of experiences, and extends this collaboration to stakeholders who can turn the community knowledge into sustainable economic growth. Through a completely new take on scientific collaborations, researchers in the field will be given the opportunity not only to present their results, but they will be pushed to look into the future.

AT A GLANCE Project title:

HOLA CLOUD - Effective collaboration for European R&D and Innovation in software, services and Cloud computing: Knowledge discovery and Roadmapping

Project coordinator: RTDI (ES)

Partners from:

UIO (NO), NTUA (GR), Linknovate (ES), Promoter (IT), EuroCRIS (NL), UULM (DE), RTDI (ES)

Duration:

01/2015 - 12/2016

Total cost: 793,463 €

EC Contribution: 793,463 €

Programme:

H2020-ICT-2014 – 1

Further information: www.holacloud.eu

Context and motivation Collaboration is the way to move forward faster and further. But Collaboration is not about “sitting together in the same boat”, it is about “rowing together in the same direction”. Collaboration means working with each other to do a task and to achieve shared goals, by sharing knowledge, learning and building consensus. Effective collaboration in R&D and Innovation benefits both the individuals (researchers, professionals…) and organisations involved. Through collaboration, partners learn about each other's expertise, share knowledge and gain an appreciation of different professional cultures. Collaborative activity can lead to a better understanding of the ways in which research can add value and offer insights to key issues of concern for policy and practice. Effective collaboration is therefore, much deeper than just networking, and in order to become a reality for R&D European projects in the areas of software, services and cloud computing (and any other area) it requires that: 1. People really get to know each other, meaning they really know what the other is working on, and what his/her R&D results and achievements are being; 2. Awareness is raised on joint knowledge, which is more than just adding what

38

the individuals or projects are discovering or developing, since synergies must be leveraged;

researchers achieved it.

HOLA CLOUD builds on this basis, which we have experienced first-hand, since we have been active members in the community of R&D projects on the areas of software, services and cloud computing for more than 10 years. HOLA CLOUD agglutinates the lessons we have learnt and experiences we have acquired during this time, putting them together with a deeper understanding and analysis of what effective collaboration should be looking like for these areas, and how it could best be implemented.

and

who

The searchable knowledge repository and these services will be integrated into

HOLA CLOUD on-line platform (www.holaportal.eu). 3. To enable effective collaboration amongst researchers, experts and projects in the area, setting them to work together in an innovative roadmapping exercise based on co-authoring paradigms.

We aim to support collaboration among research projects in the areas of software, services and cloud computing, including support to common dissemination and exploitation activities, and roadmapping. Our purpose is to do it:

For this purpose, we will organise an annual Scientific Conference called Cloud Forward, bringing together experts from industry and academia to consider the future of and beyond Cloud Computing.

1. Effectively, focused in key needed action points identified from past experiences of the partners.

The conference will provide the scientific community a dedicated forum for discussing innovative architectures and services in the area of distributed computing (through the Distributed and CLOUD computing track), as well as new technologies beyond CLOUDs, requirements and future goals (through the COMPLETE computing track). The conference will focus both on research and development efforts in the domain of CLOUDs, and in future scenarios and technologies that exploit CLOUD computing as a utility, such as Internet of Things.

2. Efficiently, oriented towards the achievement of concrete results and outcomes. projects

UE,

This will be achieved by deploying added-value on-line services, such as detection and analysis of research trends, Journals Development and dynamic researchers’ collaboration based on non-declared, semanticallyinferred relationships.

Challenge

offering

the

2. To raise awareness on joint knowledge, which is more than just adding what the individuals or projects are discovering or developing, since synergies must be leveraged.

3. People are put to work together in a common task for a shared goal: improving European R&D and Innovation in the area.

3. Valuably, service.

in

useful

4. Sustainably, leveraging collaboration beyond project lifetime.

Solution We will achieve our project aim by fulfilling the following objectives: 1. To increase visibility of projects (results) and people (researchers, experts) to other projects and people in the same area, as well as to other stakeholders, by making it easy, fast and accurate to discover knowledge and knowledgeholders (“in-one-click”).

HOLA CLOUD

For this purpose, we will continue our past efforts to create a sustainable knowledge repository from R&D or Innovation projects in the area, and radically increase the searchability of documents generated by EU projects and expert search experience, unveiling work that has been previously done by 2/2

39

HyVar HyVar HyVar

HyVar proposes proposes a a development development framework framework for for continuos continuos and and individualized individualized HyVar evolution of distributed distributed software applications running onand remote devices in in evolution of software applications on remote devices HyVar proposes a development framework forrunning continuos individualized heterogeneous environments processes. heterogeneous environments processes. evolution of distributed software applications running on remote devices in HyVar proposesenvironments a development framework for continuos and individualized heterogeneous processes. evolution of distributed software applications running on remote devices in heterogeneous environments processes.

AT A GLANCE AT A GLANCE Project title: AT Hybrid A GLANCE for HyVar -- Scalable HyVar Scalable Hybrid Variability Variability for Project title:

Distributed Evolving Software Systems Distributed Evolving Software Systems HyVar - Scalable Hybrid Variability for Distributed Evolving Project title:Software Systems Project coordinator: HyVar - Scalable Hybrid Variability for Santer S.p.A. Distributed Software Systems Santer Reply ReplyEvolving S.p.A. (IT) (IT) Project coordinator: Santer Reply S.p.A. (IT)

Partnerscoordinator: from: Project S.p.A (IT), Santer Reply S.p.A. (IT) University S.p.A (IT), University of of Torino Torino Partners from: (IT), Technical University of (IT), Technical University of Braunschweig Braunschweig Santer Reply S.p.A (IT), University of Torino (DE), University of Oslo (NO), Atbrox (DE), University of Oslo (NO), Atbrox (NO), (NO), (IT), Technical University of Braunschweig Partners from: Magneti Marelli S.p.A. Magneti Marelli S.p.A. (IT) (DE), University of (IT), Oslo(IT) (NO), Atbrox (NO), Santer Reply S.p.A University of Torino Magneti MarelliUniversity S.p.A. (IT)of Braunschweig (IT), Technical Duration: (DE), University of Oslo (NO), Atbrox (NO), 02/2015 – Magneti Marelli S.p.A. (IT) 02/2015 – 01/2018 01/2018 Duration: 02/2015 – 01/2018

Duration: Total cost: 2,793,870 € 02/2015 2,793,870 €01/2018 Total –cost: 2,793,870 €

Total cost: EC Contribution: 2,793,870 € 2,793,870 € EC Contribution: 2,793,870 €

Programme: EC Contribution: H2020-ICT-2014-1 2,793,870 € H2020-ICT-2014-1 Programme: H2020-ICT-2014-1

Further information: Programme: www.hyvar-project.eu/hyvar/ H2020-ICT-2014-1 www.hyvar-project.eu/hyvar/ Further information: www.hyvar-project.eu/hyvar/

Further information: www.hyvar-project.eu/hyvar/

Context and motivation Context and motivation

The The goal goal of of HyVar HyVar is is a a development development framework for continuous and framework forHyVar continuous and highly highly Context motivation The goal ofand is a development individualized of distributed individualized evolution of and distributed framework for evolution continuous highly software aim is software applications. The aim is to to The goal applications. of HyVar is The aof development individualized evolution distributed support the enterprises that manufacture, support the enterprises that framework for continuous and software applications. The manufacture, aim highly is to operate or maintain those systems to operate the or enterprises maintain those systems to individualized evolution distributed support thatofmanufacture, efficiently manage frequent and sudden efficiently manage frequent and sudden software The systems aim is to operate orapplications. maintain those varying events and situations, as varying events andfrequent situations, such as support the enterprises that manufacture, efficiently manage and such sudden frequently software frequently changing designs and software operate orchanging maintain those and systems to varying events and designs situations, such as patches configuration, agility is patches to to a achanging configuration, where agility is efficiently manage frequent and software sudden frequently designswhere and required. Our vision is that state-of-the-art required.to Our vision that where state-of-the-art varying events andissituations, such as patches a configuration, agility is structuring concepts for from structuring concepts for variability from frequently changing designs and software required. Our vision is thatvariability state-of-the-art research software product lines can be researchtoon ona concepts software product linesagility can be patches configuration, where is structuring for variability from combined with cutting edge industrial combined with cutting edge industrial required. Oursoftware vision isproduct that state-of-the-art research on lines can be technology for evolution and technology with for software software evolution and structuring concepts for variability from combined cutting edge industrial incremental analysis techniques from incremental analysis techniques from research on software product lines can be technology for software evolution and research formal methods. research on on with formal methods. combined cutting edge industrial incremental analysis techniques from technology for software research on formal methods.evolution and Challenge incremental analysis techniques from research on formal methods. Challenge We We target target a a breakthrough breakthrough in in the the development and maintenance of development and maintenance of large, Challenge We target a breakthrough in large, the complex, distributed, data-intensive complex, highly highly distributed, data-intensive development and maintenance of large, and applications. and business-critical business-critical applications. We target breakthrough in the complex, highlya distributed, data-intensive In order make this In business-critical order to to and make this breakthrough breakthrough development maintenance of large, and applications. possible three steps must possible the following three steps must be be complex, highly distributed, In orderthe tofollowing make this data-intensive breakthrough achieved: achieved: and business-critical possible the followingapplications. three steps must be 1. Development of Domain Specific 1. Development of a athis Domain Specific In order to make breakthrough achieved: Variability Language (DSVL) and Variability Language (DSVL) and possible the following steps must be 1. Development of athree Domain Specific achieved: Variability Language (DSVL) and 1. Development of a Domain Specific Variability Language (DSVL) and

40

methodology that makes it possible to encompass hybrid variability and unanticipated evolution of Multi Software Product Lines (MSPL) in production. 2. Development of a cloud infrastructure that enables scalable hybrid feature reconfiguration for highly customized remote devices. 3. Development of an over-the-air updating that supports secure and efficient updates of the system of systems represented by the ECUs on a car.

reliability and resilience of the distributed application instances.

Expected impact By mastering distributed software variability in connection with virtualization and evolution in the engineering of applications, HyVar has the potential to significantly improve the growth and competitiveness of the European industry and to encourage faster product innovation cycles. In HyVar, this technology push from European research meets a user pull from industry. In particular the HyVar approach will enable to dramatically decrease the maintenance costs of software and will enable remote patching and updating of highly distributed software applications currently impossible to address with conventional techniques. The demonstration will be executed on a real-world scenario of connected cars, challenging the tool onto a secure, reliable and efficient adaptation of software toward highly distributed onboard systems. The results can be then applied also to other sectors such as home automation, environmental control, surveillance camera, remote healthcare devices and many more.

Solution HyVar goes beyond the state-of-the-art by proposing hybrid variability; i.e., the automatic generation and deployment of software updates combines the variability model describing possible software configurations with sensor data collected from the device. HyVar's scalable cloud infrastructure will elastically support monitoring and customization for numerous application instances. Software analysis will exploit the structure of the variability models. Upgrades will be seamless and sufficiently nonintrusive to enhance the user quality experience, without compromising the robustness,

HyVar

Figure 1 - HyVar Architecture

2/2

41

iKaaS iKaaS iKaaS – (intelligent Knowledge-as-a-Service), develops an intelligent, privacy preserving and secure Smart City Platform based on a Big Data resource and iKaaS – (intelligent develops intelligent, privacy an analytics engineKnowledge-as-a-Service), built atop heterogeneous cloud an platforms with data preserving andInternet secure Smart City(IoT) Platform based on a Big Data resource and collected from of Things deployments. an analytics engine built atop heterogeneous cloud platforms with data collected from Internet of Things (IoT) deployments.

Context and motivation

AT A GLANCE A GLANCE ProjectAT title:

iKaaS - intelligent Knowledge as a Service

Project title: iKaaS - intelligent Knowledge as a Service Project coordinator:

Institute for Communication Systems, University of coordinator: Surrey (UK), Project KDDI R&D Inc. Systems, (JP) Institute forLaboratories Communication University of Surrey (UK), KDDI R&D Laboratories Inc. (JP) Partners: University of Surrey (UK), Wings (GR), ATOS (ES), CreateNET (IT), Innotec21 (DE), Partners: University (FI), EMT (ES),(GR), ATOS University of of Oulu Surrey (UK), Wings Ayuntamiento De Madrid (ES), (ES), CreateNET (IT), Innotec21 (DE), DG de Ordenación e inspección (ES), University of Oulu (FI), EMT (ES), KDDI R&D Labs KDDI Research Ayuntamiento De(JP), Madrid (ES), Institute (JP), Kokusai Kogyo Co. Ltd (JP), DG de Ordenación e inspección (ES), Riken (JP), Hitachi (JP), Tohoku University KDDI R&D Labs (JP), KDDI Research (JP) Institute (JP), Kokusai Kogyo Co. Ltd (JP), Riken (JP), Hitachi (JP), Tohoku University (JP) Duration: 10/2014 - 09/2017

Duration: - 09/2017 Total cost:10/2014 1,554,750 € Total cost: 1,554,750 € EC Contribution: 1,554,750 € EC Contribution: 1,554,750 € Programme: H2020-EUJ-2014 Programme: H2020-EUJ-2014 Further information:

iKaaS forms part of the EU-Japan joined

research programme and focusses on the Further information:

integration IoTof and technologies iKaaS formsofpart theCloud EU-Japan joined to facilitate scalability and that research programme andservices focusses onare the aware of their operational situation. integration of IoT and Cloud technologies to facilitate scalability and services that are http://ikaas.com/ aware of their operational situation.

Context motivation Most aspectsand of how we will live in future

will be influenced by data about the Most aspects of how we behaviour will live inand future situations we are in, our our will be influenced dataor about the physical, emotional, by social economic situations wesoare in, our behaviour and our state. Using much personal information physical, emotional, socialand or only economic bears a huge responsibility if the state. Using soand much personal information mechanisms systems handling data bears a huge and only if and the will do so inresponsibility a privacy preserving mechanisms and systems data secure and trusted manner,handling such systems will prevail. do so At in the a privacy preserving same time, there willand be secure and trusted such systems vast amounts of datamanner, to be handled, and to will same time, will be be prevail. able toAt the exploit this there barrage of vast amounts of data toanalytic be handled, to information, proper toolsandand be able to this barrage of approaches will exploit be needed. information, proper analytic tools and approaches will be needed. Challenge

Challenge The Internet of Things (IoT) concept is

based on the pervasive presence of a The Internet of around Things us (IoT) is variety of things withconcept active or based the pervasive of a passive on sensory and presence identification variety of things around or capabilities, such asus with RFIDactive tags, passive sensory identification environment sensors,and actuators, mobile capabilities, such can as interact RFID andtags, phones; all of which coenvironment sensors, actuators, mobile operate with each other. The ubiquity of phones; all of facilitates which canthe interact and cosuch devices gathering of operate with each other. The ubiquity of vast amounts of time sequence data and such devices of provides the facilitates possibilitythe forgathering interaction vast amounts of time sequence between computing systems and data usersand to provides the inpossibility support tasks daily live. for interaction between computing usersare to The extremely large systems amountsand of data support in daily typicallytasks stored andlive. analysed in cloud The extremely Many large amounts of data are environments. disconnected efforts typically stored and of analysed in cloud towards the merger IoT and environments. Many disconnected efforts paradigms are already taking place and yet towards the merger of IoT and cloud paradigms are already taking place and yet

http://ikaas.com/

42

for various reasons, vast quantities of potentially correlated data are not analysed in correlated contexts. The (justifiable) fear about privacy and security of personal information sensed through ubiquitous devices and analysed on public clouds hinders user adoption. The lack of credible heterogeneous multi-cloud environments is a barrier for integrated data analysis. Legal issues both private and public sector complicate matters further especially data ownership, legal compatibility and the absence of crossborder co-ordination. Solutions that provide data analysis and make decisions about what action/actuations should be done, are needed. However these decisions need to be informed, must take into account sensing information as well as the privacy related issues and policy/regulations that apply in the service deployment area.

sensing devices and objects,(ii) the communication needs for the execution of real�time services, and(iii) massive data processing storage. The iKaaS platform will be applied and validated through trial experiments, with smart city scenarios, involving (smart, secure, real�time, dependable) IoT applications (addressing business as well as societal aspects), in both Europe and Japan. Trial sites in Tago-Nihi (Japan) and in Madrid (Spain) will be used to showcase the large scale deployment and use of the iKaaS platform.

Expected impact iKaaS will facilitate the creation and provisioning of new added value services through the Cloud ecosystem that will be developed, thus making it possible for various business players to enter the Cloud and IoT world. Extending the Cloud by adding IoT, increases the overall range of services that can be provided; Cloud services become location and situation aware while IoT services can gain by exploiting Cloud features. Cooperation between the members of the iKaaS consortium will have an impact to Japanese and European industry in that iKaaS conducts a strategically joint research and service prototyping for Cloud�based IoT.

Solution iKaaS investigates and will develop a Big Data resource and an analytics engine that will be built on top of a multi-cloud infrastructure. The engine will be fed with large scale data sets collected from heterogeneous sensing networks and data sources. The data sources are as diverse as cyber-physical systems, wearable sensors, but also including social-networks and crowd- sourced information and data. iKaaS sees the data and analytics engine – which forms essentially a knowledgebase – as the fundamental building block for cross-border business-to-government (B2G), business-to-business (B2B) and business-to-consumer (B2C) applications. The range of applications this engine will support includes lifestyle recommendations, future city planning, location-and behaviour-specific targeted services, but also academic research and analysis. Concerning the cloud aspects, iKaaS specifies an open architectural framework for bringing the cognitive IoT into the Cloud. The aim of this is to realize Ubiquitous Connected Objects for Reconfigurable Cloud Ecosystems. The iKaaS outcome will be a framework for Everything as a Service with consolidated IoT resource sharing and network and devices accessibility, enhanced scalability, flexibility and interoperability, targeted to (i) coping with data coming from a large number of heterogeneous, distributed

iKaaS

iKaaS concept – local and global clouds

2/2

43

INPUT The INPUT Project will design and develop an innovative framework to vertically integrate personal cloud services into the network edge, close to the endusers and better integrated with their heterogeneous network access technologies thanks to a wide adoption of SDN and NFV paradigms.

Context and motivation AT A GLANCE Project title:

INPUT - In-Network Programmability for next-generation personal cloUd service supporT

Project coordinator: CNIT (IT)

Partners from:

CNIT (IT), Ericsson Telecomunicazioni (IT), UBITECH (EL), Dublin City University (IE), HOP Ubiquitous (ES), Infocom (IT), Cosmote Kinites Tilepikoinoneis (EL), Telecom Italia (IT), Julius-Maximilians Universitaet Wuerzburg (DE).

Duration:

The continuous growth of Internet content and applications has resulted in ever more demanding requirements of energy consumption, data storage capacity and data transfer speed. In order to cope with the limited resources of “small” user devices, there have been significant developments the migration of applications and services to “cloud” paradigms, which move most of the computational and storage weight to large-scale powerful datacenters. The potential of these new paradigms are not being exploited to the full due to limitations of the foundations of the “cloud” are sapped by the underlying networking technologies and infrastructures, which are too ossified and obsolete to provide a suitable support for the Future Internet.

01/2015 – 12/2017

Challenge

Total cost:

The INPUT technologies will enable nextgeneration cloud applications to go beyond classical service models (i.e., IaaS, PaaS, and SaaS), and even to replace physical smart devices, usually placed in users’ homes (e.g., network-attached storage servers, set-top-boxes, video recorders, home automation control units, etc.) or deployed around for monitoring purposes (e.g., sensors), with their “virtual images,” providing them to users “as a Service.”

3,108,001 €

EC Contribution: 3,108,001 €

Programme: H2020-ICT-2014-1

Website:

www.input-project.eu

44

Virtual images are meant to realize smarter, always and everywhere accessible, performance-unlimited virtual devices into the cloud. Virtual images can be applied both to fully dematerialized physical devices and provide all their functionalities by the cloud, and to add potentially infinite smartness to devices with performanceand functionality-constrained hardware platforms. Virtual and physical SDs will be made available to users at any time and at any place by means of virtual cloudpowered Personal Networks, which will constitute an underlying secure and trusted service model. These Personal Networks will provide users with the perception of always being in their home LAN with their own (virtual and physical) devices, independently from their location.

Virtual Smart Devices

Personal Network

Service_Apps

User_Apps

End-user

Home Network

NBI Network and Service Mgmt SBI (SDN/NFV) In-Network Programmability

Edge Network Device

DC_Apps

Data Center

Expected impact

To achieve these ultimate objectives, the INPUT Project will overcome current limitations on the cloud service design due to the underlying obsolete network paradigms and technologies, by: • introducing computing and storage capabilities to edge network devices (i.e. the “in-network” programmability) in order to allow users/telecom operators to create/manage private clouds “in the network”; • moving cloud services closer to end-users and smart devices, in order both to avoid pointless network infrastructure and datacenter overloading, and to provide lower latency reactiveness to services; • enabling personal and federated cloud services to natively and directly integrate themselves with the networking technologies close to end-user SDs in order to provide new service models (e.g., Personal Networks). • assessing the validity of the proposed innetwork cloud computing model through appropriately designed use cases and related proof-of-concept implementations. INPUT will foster future-proof Internet infrastructures that will be “smarter,” fully virtualized, power vs. performance optimized, and vertically integrated with cloud computing, with a clear impact on operating and capital expenses of Telecoms, of service providers, and of end-users. In this respect, INPUT will extend the programmability of network devices to make them able to host cloud applications, which will cooperate with those in users’ terminals and datacenters to realize the cloud services.

INPUT will provide an innovative framework to vertically integrate personal cloud services into the network edge, close to the end-users and better integrated with their heterogeneous network access technologies thanks to a wide adoption of SDN and NFV paradigms. This framework will allow the following impacts on end-user cloud QoE: • Reduced latency (of a factor up to 50% ) for high-performance delay-sensitive cloud application. • A fully virtualized and personalized environment thanks to the Virtual Personal Network services that will allow endusers to have access to their virtual and physical resources in any place and at any time. • A better integration of cloud services beyond the heterogeneity of smart device operating systems thanks to both the Personal Network and the Smart Device virtual image paradigms, which will provide a well-standardized and familiar environment to users like in their home LANs, with well-known and widespread protocols like DLNA, UPnP, etc. • The possibility of instantiating cloudpowered virtual images of Smart Devices to totally replace physical set-top-boxes in the users’ homes, or to increase the smartness and extend the functionality of physical devices (e.g., sensors) beyond their hardware capabilities.

INPUT

Solution

2/2

45

IOStack

The main objective of IOStack is to create a Software-defined Storage toolkit for Big Data on top of the OpenStack platform. IOStack will enable efficient execution of virtualized analytics applications over virtualized storage resources thanks to flexible, automated, and low cost data management models based on software-defined storage (SDS).

AT A GLANCE Project title:

IOStack - Software-defined Storage for Big Data

Project coordinator: Universitat Rovira i Virgili (ES)

Partners from:

IBM Israel Science & Technology Ltd. (IL), Institut Eurecom (FR), Barcelona Supercomputing Center (ES), Mpstor (IE), Idiada (ES), GridPocket (FR), Arctur (SI)

Duration:

01/2015 – 12/2017

Total cost: 3,318,000 €

EC Contribution: 3,318,000 €

Programme:

H2020 - Call 1 – ICT 7

Web Page:

Facing the Age of Big Data The challenges of Big Data have been described in terms of “three Vs”: volume, velocity, and variety. Volume is Big Data’s primary attribute, as terabytes or even petabytes of data are generated by companies in the course of doing business. Unfortunately, conventional information technologies are not effective because Big Data is large, and difficult to manage and extract value from. Its management involves the administration of large volumes of data while ensuring high levels of data quality and accessibility by Big Data Analytics applications.

Analytics-as-a-Service To drive an ecosystem of SMEs for Big Data in Europe, the commoditization (i.e., *-as-a-service) of Big Data platforms is a fundamental issue. Handling Big Data requires new technological improvements, tools and skills that allow developers to easily create applications that can take advantage of Big Data back-ends.

http://iostack.eu

46

The limitations of nowadays’ Big Data tools to deliver Analytics-as-a-Service are: storage and computation are not disaggregated which prevents the dynamic orchestration of different resources; they are not optimized to provide performance considering the orchestration and cooperation of different layers of the I/O stack; and they do not consider deployment strategies of virtualized resources to make the most out of the existing virtualized infrastructure considering different tradeoffs like cost reduction or performance.

Apache Hadoop and Apache Spark, which enable users to define both batch and latency-sensitive analytics. This objective includes the design of scalable algorithms that strive at optimizing a service-wide objective function (e.g., optimize performance, minimize cost) under different workloads.

Expected impact

IOStack Platform

To enhance competitiveness of European companies, promoting the creation of Value from Big Data is basic. The IOStack project can definitely be one of the catalysts in this process.

The IOStack project aims to improve the consumability of Cloud storage for Big Data thanks to flexible, automated, and cost-effective data management models built upon Software-defined Storage (SDS). Particularly, IOStack will put the emphasis on creating an open SDS platform that provides Big-Data Cloud analytics at low cost, but also efficient and policy-driven access to big data volumes from computing platforms.

Specifically, IOStack aims at (i) strengthening the competitiveness and growth of companies by developing innovations that meet the needs of European and global markets; (ii) Provide Big Data Analytics as a Service for SMEs and Public Institutions; (iii) Promotion of the reuse of open source software solutions in Cloud environments. In fact, many of these points will be shown with our use case companies.

The IOStack platform is composed by:

Finally, these objectives will be materialized thanks to the IOStack platform: an open Software-defined Storage (SDS) platform for Big Data Analytics. The IOStack platform will be constructed on top of OpenStack Stack Swift, Openstack Sahara and Hadoop open source projects in order to leverage their massive communities. Through this platform, IOStack will demonstrate the dynamic provision of virtualized storage resources and their orchestration with heterogeneous Big Data Analytics computations from multiple tenants to enable Analytics-as-a-Service.

Storage and compute disaggregation and virtualization: This requires the creation a virtual model for compute, storage and networking that allows orchestration tools to manage resources in an efficient manner. We will provide policy-based provisioning tools so that the provisioning of virtual components for the analytics platform is made according to the set of QoS policies. SDS Services for Analytics: The objective is to define, design, and build a stack of SDS data services enabling virtualized analytics services with improved performance and usability. Among these services we include native object store analytics that will allow running analytics close to the data without taxing initial migration, data reduction services, specialized persistent caching mechanisms, advanced prefetching, and data placement.

IOStack

Orchestration and deployment of big data analytics services: The objective is to design and build efficient deployment strategies for virtualized analytic-as-aservice instances (both ephemeral and permanent). In particular, the focus of this work is on data-intensive systems such as 2/2

47

MIKELANGELO

The MIKELANGELO project aims to disrupt the whole virtual infrastructure stack, by focusing on optimization of virtual machines and I/O and delivering a high performing technology stack, covering applications and deployments in cloud, high performance and big data computing.

Context and motivation AT A GLANCE Project title:

MIKELANGELO - MIcro KErneL virtualizAtioN for hiGh pErfOrmance cLOud and hpc systems

Project coordinator:

XLAB, Razvoj programske opreme in svetovanje d.o.o. (SI)

Partners from:

XLAB Razvoj Programske Opreme In Svetovanje D.O.O. (SI), Universitaet Stuttgart (DE), IBM Israel Science and Technology LTD (IL), INTEL Performance Learning Solutions Limited (IE), Gesellschaft Fur Wissenschaftliche Datenverarbeitung MBH Gottingen (DE), Pipistrel Podjetje Za Alternativnoletalstvo Doo Ajdovscina (SI), Cloudius Systems (IL), Ben-Gurion University Of The Negev (IL), Huawei Technologies Duesseldorf GmbH (DE)

Duration: 01/2015 - 12/2017 Total cost: 5,993,419 € EC Contribution: 5,993,419 € Programme: H2020-ICT-2014-1

The current Cloud architecture includes layers that unnecessarily add to the complexity of Cloud systems, hampering its efficiency (from responsiveness, reliability aspects) and security. Also, there are components of virtualization, that haven't been addressed appropriately in terms of optimization - e.g., virtualized I/O. Finally, there are problems in management of virtualized environments that currently simply don't allow for flexible and unified use of diverse resources (e.g., HPC systems).

Challenge The technical challenge of MIKELANGELO is to significantly improve responsiveness, agility and security of virtual infrastructure through packaged applications, using lean guest operating system (OSv) and superfast hypervisor based on KVM (dubbed sKVM), thus solving the remaining obstacle in the virtualization technology and achieving nearly bare-metal performance. On the other hand, raw technical excellence is to be translated into a successful evangelisation and exploitation story, building on and exploiting open source software. The ultimate challenge of MIKELANGELO is to generate the widespread uptake, awareness and

Further information: www.mikelangelo-project.eu/

48

economic benefits for its creators, users and wider technical community.

Open Source Declaration, guaranteeing high amount of Open Source Software outputs. It brings together major technical players from the field and is aiming for unification of traditionally separated infrastructures (e.g., high-performance computing and cloud) under one software stack. Given the stated facts, the direct beneficiaries are HPC centres (traditionally strong in EU), SMEs (majority of EU companies), public administrations (more and more relying on internal cloud infrastructure) and finally, academia. The main impacts of MIKELANGELO are in significantly more efficient Cloud infrastructure, significantly more flexible HPC infrastructure, both with increased security on virtualisation levels. The means to achieve the above mentioned impacts consist of thorough demonstration, openness of development, continuous updates of the project’s technology base and finally, strong focus towards business exploitation.

Solution

MIKELANGELO

To achieve the main goal of faster I/O in virtualized environments, we first address the KVM hypervisor and use more efficient paravirtualized I/O model. Second, we address the overhead introduced with the general purpose guest operating system and replace it with one specialized for the Cloud – in the case of MIKELANGELO, an open source library operating system OSv is the perfect choice. Although optimizations of the I/O stack are specific for both, hypervisor and guest operating system, MIKELANGELO will provide the optimization for an integrated solution utilising benefits of improved sKVM and OSv. This will make the I/O even more efficient as well as lead towards standardization of inter-virtual machine communication through shared memory mechanisms. Benefits of a specialized guest operating system are not only more efficient I/O but also reduction of virtual machine operating system footprint and boot up time. The overhead will be further minimized by prepackaging of applications with the guest operating system environment. The goal is to incur minimum overhead penalty in cases of fast set-up/tear-down scenarios – true elasticity. Traditional trade-off between speed and security is that fast means insecure and secure means slow. To be relevant, MIKELANGELO will advance the secured I/O in the hypervisor and provide secure way of data distribution among guests. It will also integrate with security services implemented on the IaaS level. With all the building blocks for efficient virtualization in place, MIKELANGELO will address the management of the applications on the IaaS level. This results in support to various scenarios for application orchestration with I/O minimization at its core. Initial integration is planned with OpenStack. The final output of MIKELANGELO is a virtualization environment with minimum I/O overhead, yet retaining the crucial features of resource isolation provided by the hypervisor.

Expected impact The MIKELANGELO project builds on Open Source Software, with an internal 2/2

49

MUSA The main goal of the MUSA project is to support the security-intelligent lifecycle management of distributed applications over heterogeneous cloud resources, through a security framework that includes: security-by-design mechanisms to allow application self-protection at runtime, and methods and tools for the integrated security assurance in both the engineering and operation of multi-cloud applications.

Context and motivation AT A GLANCE Project title:

MUSA - Multi-cloud Secure Applications

Project coordinator:

Fundación Tecnalia Research & Innovation (ES)

Partners from:

Centro Regionale Information e Communication Technology (IT), CA Technologies Development Spain SAU (ES), Montimage (FR), AIMES Grid Services (UK), Lufthansa Systems (DE), TTY-säätiö (FI)

Duration:

01/2015 - 12/2017

Total cost: 3,574,190 €

EC Contribution: 3,574,190 €

Programme:

H2020-ICT-2014-1

Further information: http://www.musa-project.eu/

Companies are reluctant to adopt cloud computing because of the difficulty in evaluating the trade-off between cloud benefits and the additional security risks and privacy issues it may bring. Secure cloud environments are even more challenging today due to the increase of heterogeneous cloud ecosystems. The most challenging applications in this type of ecosystems are those that are able to maximise the benefits of the combination of the cloud resources in use: multi-cloud applications.

Challenge

Multi-cloud application solutions have to deal with the security of the individual components as well as with the overall application security. Even if each of the cloud service providers offers own security controls, the multi-cloud application has to ensure integrated security across the whole composition. Therefore, the overall security depends on the security properties of the application components, which in turn depend on the security properties offered by the cloud resources they exploit. There are a number of major challenges in the path of the MUSA project: • Enable the security aware design of distributed applications over heterogeneous cloud resources. • Automatic discovery and decision support system of combinations of cloud services that best match the 50

•

required balance between security and functional properties. Security assurance though continuous monitoring and integrated methods in both engineering and operation of multi-cloud applications.

platform packaged as a SaaS product offering the monitoring, notification and enforcement services. MUSA assurance platform combines monitoring and enforcement services in the central SaaS with security libraries embedded on the distributed components.

Solution

Expected impact

The MUSA framework will support the integration of the security within the whole multi-cloud application lifecycle. To achieve this purpose, MUSA will provide: 1. Support to integrated multi-cloud secure applications lifecycle management. MUSA framework will define a set of best practices and guidelines for the integrated management of SbD mechanisms in multicloud secure applications lifecycle. Based on DevOps and agile methodologies’ principles, these practices will seek to improve the collaboration between development and operations teams, and therefore minimize the inconsistencies and risks in the application security properties management. 2. Support to multi-cloud secure applications design. MUSA framework will deliver an integrated development environment (IDE) for multi-cloud secure applications, which will include: a security requirements specification tool for multicloud applications, based on multi-cloud SLA definition and composition; a tool for the design of the breakdown of multi-cloud application into components based on the combination of functional, business and security properties that the multi-cloud application should offer; a tool for the design of the provisioning and the deployment configuration of the needed heterogeneous cloud resources at multiple cloud layers; and security libraries to be embedded in the multi-cloud application without modifying the programming model. These libraries will be inserted into the multi-cloud application components at design time and will be the responsible for ensuring the overall security at runtime. 3. Support to multi-cloud secure applications deployment. MUSA will provide a secure multi-cloud deployment tool that offers distributed deployment service based on the dynamic selection of the cloud service providers that match with the application risk analysis, the subsequent security requirements as well as functional and business needs. 4. Support to multi-cloud secure applications runtime. MUSA framework will also deliver a security assurance

MUSA

The data security incidents in multi-cloud applications will be reduced through the assurance of a secure behaviour of individual cloud-based components and the overall application, even if the data are processed and/or stored by untrustworthy or opaque cloud providers. And the MUSA related stakeholders will benefit as follows. The cloud consumers’ trust on clouds will be enhanced by providing them with tools for expressing their security needs and keeping them informed on the security and performance faults of the multiple cloud services in use. Application developers will have a tool that allow them model the multi-cloud application based on the functional and security features to be offered in the SLA, as well as embed in the application components mechanisms to enforce the security at runtime. System operators will be able to automatically discover and select the best cloud service combinations that get most out of cloud by balancing performance and security. Service administrators will be able to assure the secure behaviour of multi-cloud applications and minimize the security risks while keeping the users informed. This way MUSA will enable securityintelligent lifecycle of multi-cloud applications.

2/2

51

PaaSword

Although enterprises recognize the compelling economic and operational benefits of running applications and services in the Cloud, security and data privacy concerns are the main barriers in Cloud adoption. The EU research & innovation project PaaSword has been addressing these challenges since Jan 1st 2015.

AT A GLANCE Project title:

PaaSword - A Holistic Data Privacy and Security by Design Platform-as-a Service Framework Introducing Distributed Encrypted Persistence in Cloud-based Applications

Project coordinator: CAS Software AG (DE)

Partners from:

CAS Software AG (DE), SICS Swedish ICT AB (SE), Karlsruhe Institute of Technology (DE), Institute of Communications and Computer Systems (GR), INTRASOFT INTERNATIONAL SA (LU), South East European Research Centre (GR), SixSq Sàrl (CH), UBITECH (GR), SIEMENS SRL (RO) and SingularLogic Cyprus Ltd (CY)

Duration:

01/2015 – 12/2017

Total cost: 4,461,513 €

EC Contribution: 3,984,575 €

Programme: ICT - 07 - 2014 - 1

Further information:

Context and motivation In order to unlock valuable business benefits of Cloud Computing, security and data privacy concerns the main barriers in cloud adoption must be effectively addressed in a holistic way. PaaSword aims at strengthen the trust of individuals and corporate customers in cloud services to increasing the adoption rate of cloudbased solutions. The focus is on safeguarding both corporate and personal data for cloud infrastructures and storage services. The project is addressing the current major data security challenges, posed by the Cloud Security Alliance, and provides essential knowledge to organizations that wish to securely migrate to the cloud.

Challenge Current cloud applications and storage volumes often leave information at risk to theft, unauthorized exposure or malicious manipulation. The most critical target is the data persistency layer and the database itself. To remedy this problem, PaaSword introduces a holistic data privacy and security by design framework with main aim to protect users’ sensitive data stored in the cloud. The framework is based on a searchable encryption scheme enhanced with sophisticated contextaware access control mechanisms. An

http://paasword.eu

52

Solution PaaSword extends the Cloud Security Alliance's cloud security principles by capitalizing on recent innovations in virtual database middleware technologies that introduce a scalable secure cloud database abstraction layer with sophisticated data distribution and encryption methods. The implementation of enterprise security governance in cloud environments is supported by a novel approach towards context-aware access control mechanisms that incorporate dynamically changing contextual information into access control policies and context-dependent access rights to data stored in the cloud. Finally, PaaSword supports developers of cloud applications through code annotation techniques that allow specifying an appropriate level of protection for the application's data. Applicability, usability, effectiveness and value of the PaaSword concepts are proven through their integration in industrial, real-life services and applications.

Expected Results   

PaaSword framework Reference architecture Searchable encryption scheme for secure queries Policy access & context-aware security models Policy enforcement middleware IDE plug-in PaaSword demonstrators

   

Expected impact PaaSword directly addresses one of the most critical issues with security of cloud technologies. It maximizes the trust of individuals and corporate customers in cloud applications and services, as well as enhances the ability of the European software and Cloud Computing industry to deliver them. PaaSword is expected to enable European enterprises to unlock valuable business, economic and operational benefits of migrating to the cloud. It aims to attract new groups of customers and thus unlock significant economic growth and impact. Thus, PaaSword will accelerate the adoption of Cloud Computing and further improve the competitive position of cloud providers. Five demonstrators will prove PaaSword's potential in PaaS, Public sector, Logistics chain, CRM and ERP related use cases.

PaaSword

innovative approach for key management maximizes customers' control over their data. Thus, PaaSword leverages security and trust of cloud infrastructures and services and ensures protection, privacy and integrity of the data stored in the cloud.

53

PICSE

PICSE, Procurement Innovation for Cloud services in Europe, aims to investigate new ways of procuring cloud-based services for public research organisations.

Context and motivation AT A GLANCE Project title:

PICSE – Procurement Innovation for Cloud Services in Europe

Project coordinator: CERN (CH)

Partners from:

CERN (CH), CSA (UK), Trust-IT Services (UK)

Duration:

10/2014 - 03/2016

Total cost: 500,000 €

EC Contribution: 500,000 €

Programme:

H2020-ICT-2014-1

Further information: http://www.picse.eu/

The delivery of Information and Communication Technology (ICT) services is fundamentally changing the way we live and work. Cloud-based services are replacing traditional local - or on-premises - software and infrastructure installations for many public sector organisations. This applies to government but also to public research organisations, including libraries, which address big data challenges and the need for additional computing capacity. While technology service options continue to evolve, procurement processes and policies have remained firmly rooted in traditional practices that are no longer efficient or cost-effective.

Challenge PICSE is an outcome of the Helix Nebula initiative, of which all three PICSE partners (CERN as the Coordinator, CSA & Trust-IT Services) are members. The work achieved by the Helix Nebula initiative during its two-year pilot phase showed that cloud services are suitable for scientific workloads performed by public research organisations. These organisations are now prepared to consider procuring commercial cloud services on a significant scale.

54

For public research organisations and libraries of all sizes to take advantage of the best cloud services, a more flexible and agile procurement process must be created and implemented.

organisations that have already used cloud services to compare their experiences with best practices. Public organisations can find innovative procurement instruments (e.g. Pre-Commercial Procurement and Procurement of Public Innovation) and understand how to overcome the barriers they are currently encountering in cloud service procurement. By bringing together stakeholders from the public sector, including public research organisations, libraries, governements and public funding agencies, PICSE will create A European platform that addresses and advances public procurement of cloud.

Solution The PICSE Procurers’ Platform will give access to a unique repository of information supporting the move from outright purchase of ICT hardware to commercial cloud services ‘pay-per-use’ models. Based on an initial set of use cases from the science domain, PICSE is a unique repository of information supporting a network of procurers, promoting the cloud service market and helping procurers understand the implications of the work being achieved under the cloud computing strategy. PICSE is also creating an agile and innovative procurement model for public research organisations and libraries. The model will be become an easy-to –use web based tool, the so called PICSE procurement Wizard, that will provide guidelines for the purchase of cloud services. The PICSE procurement wizard will align with a self-assessment tool that procurers and IT managers, within public research organisations, can use to assess the gaps of their internal procedures and skills to purchase cloud services. Through a set of cross-border case studies and surveys, PICSE will identify key financial, and legal constraints impacting business development and procurement and provide a range of best practices that address those barriers. The initial focus will be on the public research domain and libraries, across Europe and beyond. Finally, PICSE will set out a realistic roadmap of future procurement based on the levels of ambition for adopting cloud services over the next five years.

Expected impact

PICSE

The new PICSE procurement model and the related user friendly tools will become a reference point for procurers and IT managers from public research institutions new to cloud technology. The tools will enhance their knowledge about cloud, and help them understand existing gaps in their internal procurement processes. PICSE will offer a unique source of information for public research 2/2

55

RAPID RAPID targets a novel heterogeneous CPU-GPU multi-level Cloud acceleration focusing on applications running on embedded systems found on low-power devices, such as smartphones, notebooks, tablets, wearable devices, robots, cars, etc. The project takes advantage of abundant mobile computation power and ubiquitous highspeed networks to provide a distributed heterogeneous acceleration infrastructure that can change the future of mobile applications.

AT A GLANCE Project title:

RAPID - Heterogeneous Secure Multi-level Remote Acceleration Service for Low-Power Integrated Systems and Devices

Project coordinator:

Foundation for Research and TechnologyHellas (GR)

Partners from:

Foundation for Research and TechnologyHellas (GR), Sapienza University of Rome (IT), Atos Spain SA (SP), Queen’s University Belfast (UK), Herta Security SL (SP), SingularLogic SA (GR), University of Naples “Parthenope” (IT)

Duration:

01/2015 – 12/2017

Total cost: 2,023,800 €

EC Contribution: 2,023,800 €

Programme:

H2020 ICT-07-2014 - 1

Further information: www.rapid-project.eu @RAPID_H2020

Context

Cloud computing, as a technology trend, has caught up fast in recent years by providing more and more services to end users in a reliable and efficient manner At the same time, embedded systems are becoming more and more powerful while mobile applications are becoming more and more performance and power hungry pushing the boundaries of devices’ capabilities to the limits, specially noticeable in old devices. Cloud computing seems to be an attractive solution to this challenge, however, the overhead in energy and response time involved in transmitting data via wireless networks may be greater than the offloading savings.

Challenge

RAPID tackles this challenge by taking advantage of high-performance accelerators and high-bandwidth networks proposing a secure unified model, where almost any device or infrastructure can operate as an accelerated entity and/or as an accelerator serving other less powerful devices in a secure way. RAPID also offers a registration mechanisms, which permits the accelerated entity to automatically find and connect to nearby accelerators with the required resources.

56

Solution

(SLAs) and license policies are employed to serve multiple accelerated applications efficiently on heterogeneous Cloud infrastructures. An easy-to-use task-based programming model will be defined while a novel runtime will automatically offload and execute the tasks transparently to the programmer.

Following our approach, compute or storage intensive tasks are seamlessly offloaded from the low-power devices to more powerful heterogeneous accelerators, supporting multiple virtual CPUs and GPUs.

Impact

The RAPID acceleration mechanism mainly consists of the following three entities:

RAPID will open many new innovation opportunities to service providers by introducing Acceleration as a Service, a novel heterogeneous multi-level Cloudbased service. Application developers, be they scientists, engineers, system administrators or developers, all need a simpler user experience in order to access Cloud resources. For the first time, Cloud resources will be used easily and efficiently by any application developer that uses the RAPID programming model and thus it will have widespread adaptation, permitting service providers to enter many other domains.

Acceleration Client: This is a runtime library, which is employed by a locally accelerated application in order to find nearby accelerators, decide whether the tasks defined by the application developer should be executed locally or offloaded remotely. Acceleration Compiler: The software developer specifies the tasks that may be executed remotely using a simple code annotation. The Acceleration Compiler will offer a source-to-source compilation platform in order to transform the application code into an equivalent code that uses the runtime functions of the Acceleration Client. This compiler essentially bridges the gap between the RAPID programming model and the Acceleration Client.

Moreover, RAPID opens the door of GPUbased computation in the Cloud. Amazon and Microsoft already support GPUs in their Clouds, but they are mainly used for rendering. Using recent NVIDIA’s hardware assisted GPU technology, RAPID will be the first to utilize efficiently Cloud GPUs in many other domains such as gaming, antivirus, augmented reality, face and speech recognition, movement detection, biometrics and CCTV.

Acceleration Server: This software receives tasks from Acceleration Clients and other Acceleration Servers, executes them and returns the results. Two versions of the Acceleration Server are defined: the Plain and the Enhanced. The Plain Acceleration Server executes all incoming tasks locally. The Enhanced Acceleration Server uses the Acceleration Client library in order to decide, for each incoming task, if it should be executed locally or forwarded to another Acceleration Server.

Within the RAPID Project the first public acceleration Cloud service will become available and commercially exploitable!

RAPID

RAPID Architecture Novel scheduling algorithms, admission control policies, Service Level Agreements 2/2

57

RePhrase The RePhrase project aims to produce new software engineering tools, techniques and methodologies for developing data-intensive applications in C++, targeting heterogeneous multicore/manycore systems that combine CPUs and GPUs into a coherent parallel platform.

AT A GLANCE Project title:

RePhrase - Refactoring Parallel Heterogeneous Applications – a Software Engineering Approach.

Project coordinator: University of St Andrews (UK)

Partners from:

University of St Andrews (UK), Programming Research Ltd (ES), University Carlos III of Madrid (ES), CIBERSAM, Madrid (ES), University of Pisa (IT), Software Competence Centre Hagenberg GmbH (SCCH) (AU), EvoPro Ltd (HU), IBM Research, Haifa (IL)

Duration:

04/2015 - 03/2018

Total cost: 3,574,027 €

EC Contribution: 3,574,027 €

Programme:

H2020-ICT-2014-1

Further information: http://www.rephrase-ict.eu

Context and motivation Heterogeneous multicore/manycore systems are becoming ubiquitous. Such systems combine CPUs, GPUs etc. into coherent highlyparallel, and energy-efficient, systems. Dataintensive applications are one of the most important and commonly encountered classes of industrial application. They are often potentially highly parallel and are a clear match to emerging heterogeneous parallel systems. Near-future data-intensive applications will thus need to consider large-scale parallelism as an essential part of their design and development. RePhrase aims to dramatically simplify this process over the state-of-the-art using a flexible semi-automated approach that will be built around emerging pattern-based parallel programming technology.

Challenge Typical state-of-the-art development methodologies treat parallelism as an after-thought, deploying, for example, inappropriate concurrency techniques that are tedious, errorprone and lacking scalability or portability to new computer architectures. Developing parallel software is still seen as a specialist activity, and strong software engineering principles are rarely applied. What is needed is a new software development approach that is simple enough to be followed by applications developers, but which is flexible and robust enough to deal with highly complex parallel hardware and systems, as required for e.g. dataintensive applications.

58

Solution

Expected impact

In order to resolve the challenges of software development for heterogeneous parallel systems, a number of key technical problems must be addressed.

The RePhrase project directly targets the expected impacts for ICT-09-2014 as follows:

• RePhrase will provide a significant productivity increase in the development, testing, verification, deployment and maintenance of parallel systems.

• We must develop an effective software engineering methodology for parallel dataintensive programming that enables the programmer to “think parallel”.

• RePhrase will impact availability and market take-up of innovative tools directly, through the production of new and innovative tools for parallel systems.

• We must support this methodology with good inter-operable tools that expose the programmer to the necessary issues related to parallelism, but that do not unnecessarily overload them with complexity.

• RePhrase will provide evidence of potential for productivity gains in the production of parallel, data-intensive software.

• We must develop ways to help with the identification and structuring of parallelism, and with the necessary modifications of sequential code that allow parallelism to be introduced.

The impact of the project will be enhanced by the inclusion of a major software development company (IBM), by the involvement of 2 SMEs (Programming Research Ltd and EvoPro) and an industrially-focused research organisation (SCCH), by engagement with leading standards bodies (e.g. the C++ committee and MISRA), and by the inclusion of leading relevant European experts on parallelism and software engineering.

• We must provide ways to map parallel software to the target hardware platforms. • We must provide mechanisms that allow parallel software to be modified/reengineered to support software evolution and new hardware platforms. • We must provide mechanisms that support automatic adaptation in the presence of multiple applications and changing hardware availability. • We must provide mechanisms to significantly ease or even automate the discovery of typical bugs that are encountered in programming parallel dataintensive systems. • We must identify standards for patternbased parallel programming, and develop tools that automatically check the code for compliance with these standards Key to this is the RePhrase software development methodology, which will: i) develop a process;

new

requirements

capture

Initial app

Requirements Capture Pattern DSL

DSL Refactoring

Program Shaping/Pattern Discovery

Spec + Patter n struct .

Design Pattern Implementations

Refactoring

Patter n app

Implementation Testing, Failure/Violation Detection

Quality Assurance Coding Standards

Testing/Verification Refine d app

ii) exploit emerging pattern-based parallel programming and refactoring technology for parallel programming, so addressing key issues in design and implementation; iii) develop adaptivity mechanisms to deal with issues of deployment on heterogeneous platforms; and

Reqs

Static Mapping/ Adaptive Compilation Execu table

Deployment

CPU

CPU

GP U

GP U

RePhrase

iv) develop new parallel testing, verification and debugging techniques to deal with correctness and extra-functional concerns.

CPU

2/2

59

SERECA

Cloud security is of immediate concern to organisations that must comply with strict confidentiality and integrity policies. More broadly, security has emerged as a commercial imperative for cloud computing across a wide range of markets. The lack of adequate security guarantees is becoming the primary barrier to the broad adoption of cloud computing.

AT A GLANCE Project title:

SERECA - Secure Enclaves for REactive Cloud Applications

Project coordinator:

Technische Universität Dresden - Institute of Systems Architecture (DE)

Partners from:

Technische Universität Braunschweig (DE), Imperial College London (UK), Epsilon S.r.l. (IT), Red Hat (IE), jClarity (UK), Ente per lo Sviluppo dell’Irrigazione e la Trasformazione Fondiaria in Puglia, Lucania ed Irpinia (IT)

Duration:

03/2015 - 02/2018

Total cost: 3,834,340 €

EC Contribution: 3,834,340 €

Programme: H2020-ICT-2014-1

Further information: http://www.serecaproject.eu

Context and motivation A growing segment of the software application market is attempting to move to the cloud, bringing with it a rather different set of requirements as compared to traditional cloud applications. The segment includes much of the future of large-scale computing: the Internet of Things (IoT), Cyber-Physical Systems (CPS), augmented reality, gaming, computer-mediated social interaction, and the like. These applications tend to be interactive, data intensive, and location dependent, often involving highly sensitive societal and personal information.

Challenge The innovative approach to cloud security pursued in the SERECA project leverages the emergence of a new and promising technology, secure CPU hardware, which promises to enable a new generation of secure applications by basing trust in hardware mechanisms offered by commodity CPUs. The main technical challenges facing the SERECA project will be to (i) integrate this new technology within a standard cloud platform; (ii) extend it for use in a highly distributed multi-data-centre computing environment; and (iii) develop effective, low-effort application development and management techniques for secure cloud 60

applications exploiting hardware mechanisms. The innovations we envision are challenging to attain, but if successful will help place Europe at the forefront of secure cloud operations. Concretely, we distil our goals for the project into the following four objectives:

reality, gaming, computer-mediated social interaction, and the like. These applications are highly interactive, data intensive, and distributed, often involving extremely sensitive societal and personal information. SERECA is validating its results through the development of two innovative and challenging industry-led use cases. One concerns the monitoring of a civil water supply network, a critical infrastructure targeted by malicious attacks. The other concerns a commercial software-as-aservice (SaaS) application for analysing the performance of cloud-deployed applications. Such a service collects sensitive performance metrics about live usage, assets that must be protected from industrial espionage and other criminal activities.

1. Substantially improve the state-ofthe-art in cloud security for interactive, latency-sensitive applications by developing innovative and effective mechanisms to enforce data integrity, availability, confidentiality, and localisation based on secure CPU hardware. 2. Seamlessly integrate the new security features into the standard cloud stack and its expected characteristics of scalability, elasticity, and availability so as to encourage easy application migration to the cloud without also compromising application responsiveness nor complicating application management. 3. Convincingly validate and demonstrate the benefits of our approach by applying it to realistic and demanding industrial use cases. 4. Widely promote and disseminate the innovative outcomes of the project by influencing the standards and best practices that will lead to broad adoption by European industry.

Expected impact

Solution The Secure Enclaves for REactive Cloud Applications (SERECA) project aims to remove technical impediments to secure cloud computing, and thereby encourage greater uptake of cost-effective and innovative cloud solutions in Europe. It proposes to develop secure enclaves, a new technique that exploits secure commodity CPU hardware for cloud deployments, empowering applications to ensure their own security without relying on public cloud operators. Secure enclaves additionally support regulatory-compliant data localisation by allowing applications to securely span multiple cloud data centres. Although secure enclaves are a general mechanism, SERECA focuses on a particularly important and rapidly growing class of applications: reactive applications for the Internet of Things (IoT), CyberPhysical Systems (CPS), augmented

Secure communication. All communication between secure enclaves of the same application is encrypted automatically. Each application has its own encryption key service, which is realised by a set of distributed secure enclaves.

2/2

61

SERECA

We expect SERECA to become the enabling technology for a new breed of applications that combine high security standards with low-latency requirements. Given the challenging combination of security and performance, there are no adequate solutions based on today’s cloud technology that could satisfy both to a reasonable degree. By providing tangible evidence that “cloudification” of such a critical infrastructure service is possible, SERECA will pave the way to the adoption of cloud computing technology for secure infrastructure services at a wide scale. For demonstrations to be effective, they will be done as part of real-world deployments. i.e., we will install real sensors on real systems, and we will process real collected data during normal system operation.

SLA-Ready

SLA-Ready is about giving European companies a clearer path to use of cloud services with practical guides, and a social marketplace. This service-oriented approach will encourage them to carefully plan their journey and make it strategic through an informed, stepping-stone approach, so the cloud and applications grow with their business.

AT A GLANCE Project title:

SLA-Ready – Making Cloud SLAs readily usable in the EU private sector

Project coordinator: Trust-IT Services (UK)

Partners from:

Trust-IT Services (UK), Cloud Security Alliance (UK), Darmstadt Technical University (DE), Arthur’s Legal (NL), Numergy (FR)

Duration:

01/2015 - 12/2016

Total cost: 679,936 €

EC Contribution: 679,936 €

Programme: H2020-ICT-2014-1

Further information: http://www.sla-ready.eu/

Context and motivation Privacy, data security, provider lock-in, lack of standardisation, and jurisdictional issues relating to applicable law and law enforcement access to data are the biggest perceived barriers to the use of cloud services by prospective customers, especially SMEs. By offering a deep dive into service level agreements (SLAs) as a key part of a cloud service contract between a cloud service provider and a cloud service customer, SLA-Ready will give pain relief to European businesses, especially small and medium-sized enterprises (SMEs).

Challenge

Building the Digital Single Market means revitalising European industry with a strong focus on cloud computing and the data economy. The on-going evolution of cloud computing will radically transform business processes and bring about the most sweeping changes to the structure of the global economy since the Industrial Revolution. The most enthusiastic adopters of cloud computing should be small and mediumsized enterprises (SMEs), the life blood of the European economy. But lack of knowledge about cloud services is the main reason why more SMEs are not using the cloud as much as expected. “Take-it-orleave-it” standard contracts are commonly 62

used, being an optimal cost-saving solution for providers. However, this is not always the best option for the customer who may find it difficult to fully understand what is being claimed for the cloud service.

SLA-Ready works towards negotiated metrics for companies of all sizes so this is no longer the preserve of large customers with more bargaining power. SLA-Ready focuses on standardised terminology, metrics and templates so firms can compare services, indicate security requirements and monitor performance and security levels. SLA-Ready therefore also ensures that SME concerns around security and privacy issues become priorities in Cloud SLAs. Ultimately, this will radically change the way SMEs currently approach Cloud service contracts. SLA-Ready is contributing to realising the European Cloud Computing Strategy. Partners are experts in the Cloud Select Industry Group – Subgroup on service level agreements (C-SIG SLA) that was set up by the European Commission DG CONNECT to develop standardised guidelines. As it is very important to ensure maximum impact at the international level, the C-SIG Subgroup is contributing to ISO/IEC 19086 with concrete input and presenting the European position. Partners are also contributing to related work on Cloud SLAs undertaken by the U.S. National Institute of Standards and Technology (NIST), thereby driving common priorities.

Solution

SLA-Ready aims to change this through a service-driven approach specifically designed for SMEs to help them understand and compare SLAs across different cloud service providers. SLAReady builds on expert work in Europe on SLAs with the aim of improving the uptake of cloud by the European private sector, especially SMEs. SLA-Ready is driving a common understanding of service level agreements for cloud services with greater standardisation and transparency so firms can make an informed decision on what services to use, what to expect and what to trust. The SLA-READY Services: A social, agnostic marketplace with practical guides for SMEs informing users how to carefully plan their journey and make it strategic. Best practices, real-world use cases, tutorials and a business guide to SLAs will help SMEs take an informed, stepping-stone approach, so the cloud and applications grow with their business. Analysing current landscape by identifying SLA requirements covering technolgical, socio-economic and legal aspects. Improving uptake of cloud computing through greater clarity by producing a common SLA reference model. This will incorporate consistent and common vocabularies, commonly understood service level objectives (SLOs),service metrics/measurements, best practices and standard templates. Improve the competitive position of Europe in the cloud sector through global collaboration, contributing to standards bodies and influencing cloud service providers in their provision of SLAs.

Expected impact

SLA-Ready

A Cloud SLA is one of the most important contracts SMEs will ever sign. SLA-Ready tools and services enable SMEs to navigate Cloud SLAs more effectively, which is crucial if they are to fully benefit from cloud services. 2/2

63

SLALOM

SLALOM is ready to use Cloud SLAs. SLALOM will take theory to practice, providing a trusted verifiable starting point for providers and business users to negotiate SLAs for doing business in the Cloud in a simple, fair and transparent way.

Context and motivation AT A GLANCE Project title:

SLALOM - Service Level Agreement Legal & Open Model Terms

Project coordinator: ATOS (ES)

Partners from:

ATOS Spain (ES), Bird and Bird (IT), National Technical University of Athens (GR) University of Pireaeus (GR), Cloud Industry Forum (UK)

Duration:

01/2015 - 06/2016

Total cost: 702,813 €

EC Contribution: 702,813 €

Programme: H2020-ICT-2014-1

Further information: http://slalom-project.eu/ @CloudSLAlom bit.ly/SLALOMinanutshell

Industry analysts repeatedly point to uncertainty around legal issues as a major barrier to cloud adoption. Questions such as who owns my data when I place it in the cloud? What happens if the service provider goes bust? What happens to my applications and data if I miss a payment? Which jurisdiction governs my contract? are all common and legitimate questions posed by businesses every day, and these issues are the tip of the iceberg. Furthermore trying to compare providers can become complex when metrics are not uniformly defined. Without like-for-like comparisons, it is difficult to determine the true value proposition on offer. Groups at European and International scale, such as the European Cloud Partnership and ISO are working towards the standardization of cloud SLAs, debating the share of responsibilities between the actors and identifying critical issues that should be addressed. SLALOM is going further, by generating an open and ready-to-use set of model SLA contractual terms and technical specifications for metrics. Adopters will have significant assurance because of using a trustworthy base, which

64

is practical, fair, and understandable, while saving time and resources.

create the starting point for Cloud Service Providers and Adopters to negotiate Cloud SLAs for doing business in the Cloud in a simple, fair and transparent way.

Challenge

One of the most important problems for Cloud adoption is uncertainty around cloud contracts and SLAs (Jurisdiction, liability, service definition, small print, etc.), which leads to risk and lack of adoption. SLALOM aims to tackle different challenges and expects to address some of the top problems for potential adopters of Cloud services (Adopters -public administrations, large companies, and SMEs; Cloud Service Providers; Legal Profession -either providing services or expert groups influencing the practice on Cloud SLAs: Legal firms and Profession influencers; Policy Makers; Standardization bodies; Scientific Community and Researchers). the

following

Expected impact SLALOM will impact on both the cloud industry and market - both providers and adopters; and the research community advancing cloud computing and SLA capabilities. Impact on the market:

top

- SLALOM will reduce or eliminate the most important barriers of cloud adoption (legal barriers, including liability, responsibility, data protection confidentiality, applicable law and intellectual property) by establishing the commonly accepted and comprehensive contract model specifying clear conditions for these aspects.

- Lack of knowledge about what are fair and reasonable contractual terms and conditions related to service levels. - Lack of knowledge about how service levels need to be specified technically to provide meaningful protection for adopters.

- Standardizing contract terms and conditions in Europe will encourage competition on price and value differentiation, which will leverage the creation of leaner, more differentiated companies are more competitive in the global marketplace.

- Lack of resources – financial and personnel – to be able to research the issues. - Lack of clout to get some cloud service providers to offer fair and balanced provisions.

Impact on cloud research:

One of our most important goals is pursue consensus among adopters and providers, and create a practical reference for doing business in the cloud. SLALOM takes a collaborative approach by contacting real market stakeholders, closing the gap between cloud adopters and providers:

- By evaluating value and demand of research lines in the market and factoring research developments into the SLALOM terms, the project will pave the way for result adoption. - By translating market demands to research lines will assure alignment of both research offering and market demands.

- Cloud Service Providers can base their own SLA contractual clauses and technical specifications on the SLALOM recommendations.

Summarizing the main benefits:

- Cloud Adopters will identify use of SLALOM to mean trustworthy and fair service level contractual terms and technical specifications.

Practical Understandable Cloud SLAs are not simple, but SLALOM is. We establish the baseline to allow you focus only on what matters so you can make the safe jump into the SLALOM provides cloud! guidance for the use of its

Solution

model terms and specifications saving time and money .

We work hand in hand with legal experts; institutions that are driving the uptake of recommendations both by cloud providers and consumers such as the EC, standards organizations, and industry associations to

Make your life simpler. Forget about SLA uncertainty. SLALOM provides practical templates for SLA contractual clauses and technical specifications. Slalom gives you a trusted verifiable starting point for service providers and adopters to negotiate with its guidance materials and its flexible framework built on top of ISO, which can be adapted to suit a variety of requirements and verticals .

Safe & Fair Compete on value. Take it or leave it is not an option. SLALOM’s model terms and specifications are designed to be fair and balanced, not giving hidden advantage to either providers or adopters. Consensus between all stakeholders and promotion of safe and fair models’ is needed . We are aligned with organizations that are driving the uptake of recommendations both by cloud providers and consumers such as EC, standards organizations, and industry associations .

2/2

65

SLALOM

We identify problems:

SLALOM provides additional assurance for the uptake of cloud services with templates for SLA legal model terms (legal clauses for Master Service Agreement and SLA) and technical specifications exploiting ISO standards that will set a trustworthy base, which is practical, understandable, while saving time and resources.

SSICLOPS

SSICLOPS will empower enterprises to create and operate high-performance private cloud infrastructures that allow flexible scaling through federation with other private clouds without compromising their service level and security requirements.

AT A GLANCE Project title:

Context and motivation

Aalto-Korkeakoulusaatio (FI)

SSICLOPS will empower enterprises to create and operate high-performance private cloud infrastructures that allow flexible scaling through federation with other private clouds without compromising their service level and security requirements.

Partners from:

Challenge

SSICLOPS - Secure and Scalable Infrastructures for Cloud Operations.

Project coordinator:

Aalto-Korkeakoulusaatio (FI), Martel (CH), NetApp BV (NL), NEC Europe Ltd (UK) Helsingin Yliopisto (FI), RheinischWestfälische Technische Hochschule Aachen(DE), University of Cambridge (UK), Hasso-Plattner-Institut für Softwaresystemtechnik GmbH (DE), Universitatea Politechnica din Bucuresti (RO), F-Secure OYJ (FI), Orange Polska Spa (PL), Telekom Deutschland GmbH (DE)

Duration:

02/2015 – 01/2018

Total cost: 6,937,123 €

EC Contribution: 6,702,748 €

Programme: H2020-ICT-2014-1

Further information: http://www.ssiclops.eu

The SSICLOPS federation will support the efficient integration of clouds, no matter if they are geographically co-located or distributed, belong to the same or different administrative entities or jurisdictions. In all cases, SSICLOPS will deliver maximum performance for intercloud communication, enforce legal and security constraints, and minimize the overall resource consumption. In such a federation, individual enterprises will be able to dynamically scale into and out of their private cloud services, because they dynamically offer their own spare resources (when available) and consume resources from others when needed. This allows to maximize individual infrastructure utilization while minimizing excess capacity needs for each federation member. SSICLOPS-powered private clouds will offer fine-grained monitoring and tuning capabilities along with workload planning and optimization tools to maximize the performance across a broad spectrum of workloads and across a wide operational scale, as we will demonstrate using three highly diverse use cases. The SSICLOPS solution will be based upon state-of-the-art open source products widely used in private cloud

66

deployments today to provide enterprises with full control over their own deployment.

Solution Cloud consumers face a difficult tradeoff: make use of extremely high-performance, scalable, and reliable public clouds, while suffering their substantial negative impact on security and privacy, or develop their own private cloud infrastructure that will lack many of the economies of scale experienced by hyperscale cloud providers. SSICLOPS aims to allow institutional cloud consumers to avoid facing this tradeoff through improvements to the state-of-the-art in private cloud infrastructure, and by providing explicit techniques and tools to overtly address the security-scalability tradeoff space spanning private and public cloud infrastructure. Private and hybrid cloud technology is a key enabler for future ICT growth, especially when deployed in regions of the world with strong data confidentiality, privacy and consumer protection legislation such as the EU. Hyperscaler public clouds have open APIs, but the system software of the cloud infrastructure is proprietary (and carefully – manually – optimized). On the other hand, private and hybrid clouds are usually put together based on open-source components (APIs are public and system software is public). Open source is good for security, transparency, and cost; however, cloud infrastructure assembled only from opensource systems and commodity hardware has a lower degree of integration and optimization compared to the custom code that runs the hyperscalers. That leads to a performance difference, and it can cause feature disparity, creating the undesirable incentive to migrate sensitive data from private to public clouds in search of improved reliability.

The goal of SSICLOPS is to minimize those performance and feature set differences by

SSICLOPS pursues highly ambitious goals that cut across a number of related areas, such as: • Clouds, • Networking and Operating System Infrastructure, • Distributed Computing Platforms, • Securing data in clouds and across clouds, and • Inter-cloud communication and computation.

Expected impact SSICLOPS will develop secure network infrastructure and increase the security levels for intra- and inter- cloud communication. The project will investigate solutions for: • Trusted Federated Cloud Computing (specification and enforcement of security and privacy policies), • Security-Aware Storage and Processing (enabling cloud data processing functions to become security-aware and apply appropriate security measure to sensitive

data), and • Hardened Cloud Data Transport (securing network system platforms and control planes and lightweight/efficient security for (inter-cloud transport). Another focal area for SSICLOPS is performance, reliability and flexibility for intra-and inter-cloud transport.

SSICLOPS

revisiting and re-optimizing the whole software infrastructure used in private clouds

from applications, protocols, operating systems and networking stack and hypervisors. The result will be that private cloud infrastructures gain performance and feature parity with hyperscaler public clouds, a key challenge for cloud infrastructure technology: a recent poll by 451 Research shows that “Technology immaturity is still the major problem, cited by 47% of respondents facing IT roadblocks.” Advances in private cloud technology can be a catalyst for private cloud adoption.

© SSICLOPS Consortium 2015-2018

2/2

67

SUNFISH - SecUre iNFormatIon SHaring in federated heterogeneous private clouds The SUNFISH project aims to reduce the management cost of private clouds owned by Public Administrations, and – beyond pure costs savings – to accelerate the transition to 21st century interoperable and scalable public services, boosting enforcement of the European Digital Single Market.

Project title: AT A GLANCE SUNFISH - SecUre iNFormatIon SHaring in

federated heterogeneous private clouds Project title no: 644666 Grant agreement

SUNFISH - SecUre iNFormatIon SHaring in federated heterogeneous private clouds - Grant Project coordinator agreement no: 644666 MEF – Italian Ministry of Economy and Finance

Project coordinator MEF – Italian Ministry of Economy and Finance Partners from: (IT) The consortium comprises 11 organizations

from 6 countries: Partners fromAustria, Estonia, Israel, Italy, Malta UK.

Ministero e delleTechnology Finanze (IT) Austria –dell’Economia Secure Information Malta Technology Agency (MT) CenterInformation A-SIT Universita DegliUniversity Studi di Roma La Sapienza (IT) Austria - Graz of Technology IBM Israel- Cybernetica - Science and Technology LTD (IL) Estonia Israel - IBM Israel Informationstechnologie – Zentrum fur Sichere Italy - Ministry of Economy and Finance Austria (AT) Italy - Sapienza Università Roma Technische Universitaet Grazdi(AT) Italy PricewaterhouseCoopers University of Southampton (UK) Advisory SpA Malta - Ministry for(MT) Finance Ministry for Finance Malta - Malta Information Technology South East Regional Organinsed Crime Unit (UK) Agency CYBERNETICA AS (EE) UK - University of Southampton PricewaterhouseCoopers Advisory SpACrime (IT) UK - South East Regional Organised Unit Duration

01.2015 – 12.2017

Duration: Total cost (Jan 2015 – Dec 2017) 36 months 4.520.047,50 €

Total cost: EC Contribution € 4.520.047,50

4.520.047,50 € (100%)

EC Contribution: Programme € 4.520.047,50 (100%)

H2020-ICT-2014-1

Programme:

HORIZON 2020 - The EU Framework Programme for Research and Innovation

Context and motivation

The overall problem that SUNFISH is trying to face is the lack of infrastructure and technology allowing Public Sector players to federate their private clouds. SUNFISH will develop and integrate software enabling secure cloud federation as required by the Public Sector. Likewise SUNFISH will improve security in federated “cross-border” clouds, boosting the development of a cloud computing market in sectors where privacy and control of information propagation are essential (e.g., e-government, e-health etc.) while encouraging a better resource utilisation of Public Administration cloud infrastructure. This way three main goals will be achieved: 1. Integrate different clouds assuring information security 2. Greater infrastructure usage efficiency 3. The development of services for EU citizens which use sensitive data shared securely between different private clouds

Challenges

SUNFISH has to deal with several open challenges: Information and data sharing. Egovernment is rapidly moving towards the adoption of private clouds. However, several public entities are facing the challenging problem to integrate the services provided by their private cloud with data and services provided by 68

SUNFISH intends to make a lasting impact by putting users and data owners in full control over how their data is shared, processed, and stored in a federation of private clouds, also addressing the open security challenge. SUNFISH as a “Demonstrating Platform” will make evident how cloud-based services in heterogeneous and multilayered cloud environments might be federated. The three previously mentioned public authorities will test developed solutions with different types of applications, showing how an high level of performance and quality of service can be achieved even with highly secured solutions. The reuse of open source software solutions in cloud environments, is expected to increase thanks to more secure technologies. SUNFISH will generate  Economic value, by reducing investments needed for cloud adoption, and lowering the risk of cyber-attacks which currently generate high economic losses.  Social value, fostering public trust in cloud technologies and increasing their usage, also with innovation spillovers both in public and private bodies  Environmental value, by improving resource exploitation and reducing energy use.

Solution

The SUNFISH project will develop and integrate software enabling secure cloud federation as required by European Public Sector bodies. The secure system for federated private clouds developed through the project will guarantee a high level of safety, a continuous monitoring of inter-cloud communications, and the ability to roll out services cheaply, in a fast, flexible and secure way even between different private clouds. The solution will be developed to be usable by other European Public Organisations, and potentially also by private sector players. The project will achieve this by meeting firstly the specific challenges faced by the Maltese and Italian Ministries of Finance, as well as by the UK Regional Cyber Crime Units, the three SUNFISH selected use cases.

SUNFISH Project

2/2

69

SUNFISH - SecUre iNFormatIon SHaring in federated heterogeneous private clouds

Expected impact

external private clouds. A challenging task in this context is to share information and data when multiple private clouds are involved. This problem is exacerbated in several scenarios where complex security policies cannot be mapped easily to the coarse-grained security models of today’s cloud platforms. Data storage in the cloud is only an acceptable risk if the long-term security and privacy of stored data can be guaranteed. Currently, encryption mechanisms used by cloud platforms are based on traditional cryptographic techniques, and do not allow a fine grained access control that can assure interoperability in federated cloud scenarios. Moreover, data owners have to monitor their provider’s security policies and potentially move their data to a different provider if their requirements are no longer satisfied. Data processing performed by cloud applications may result in the leakage of sensitive user information. For example, if a cloud application requests access to a user’s banking history, it may disclose this data to advertising agencies. For this reason, users who are concerned about data confidentiality either do not use cloud services or explicitly encrypt their data before uploading. This, however, precludes legitimate sharing of data between applications.

SUPERCLOUD

SUPERCLOUD develops new distributed cloud security and dependability infrastructure management paradigms. Our approach is User-Centric for selfservice clouds-of-clouds. We focus on Self-Managed services for self-protecting clouds-of-clouds reduce administration complexity through automation.

AT A GLANCE

Context and motivation

Project title:

SUPERCLOUD aims to support usercentric deployments across multi-clouds, enabling the composition of innovative trustworthy services, to uplift Europe’s innovation capacity and thus improve its competitiveness. SUPERCLOUD will thus build a security management architecture and infrastructure to fulfil the vision of usercentric secure, dependable cloud of clouds.

SUPERCLOUD – User-centric management of security and dependability in clouds of clouds.

Project coordinator:

Technikon Forschungs- und Planungsgesellschaft mbH (AT)

Partners:

Technikon Forschungs- Und Planungsgesellschaft MBH (AT), ORANGE SA (FR), IBM Research GMBH (CH), Fundacao Da Faculdade De Ciencias Da Universidade De Lisboa (PT), Institut Mines-Telecom (FR), Technische Universitaet Darmstadt (DE), PHILIPS Medical Systems Nederland BV (NL), PHILIPS Electronics Nederland B.V. (NL), MAXDATA Software SA (PT)

Duration:

02/2015 - 01/2018

Total cost: 6,863,279 €

EC Contribution: 5,398,280 €

Programme: H2020-ICT-2014 – 1

Further information:

http://www.supercloud-project.eu/

Despite many benefits in terms of business, distributed cloud computing raises many security and dependability concerns. At stake are an increase in complexity and a lack of interoperability between heterogeneous, often proprietary infrastructure technologies.

Challenge Provider-centric clouds currently three major security challenges:

face

Security vulnerabilities in infrastructure layers Each layer (e.g., customer VMs, cloud provider services, provider hypervisor) is extremely vulnerable to attacks. For instance, the hypervisor and its overprivileged Dom0 is a target of choice for

70

attackers due to its complexity. Hence the integrated protection challenges. Lack of flexibility and control in security management Heterogeneity of security components and policies between providers has strong security impacts, with new vulnerabilities due to mismatching APIs and workflows.

multi-cloud storage systems to survive provider-scale failures. Design and realize a multi-cloud network management infrastructure This includes a virtual network abstraction platform that spans multiple heterogeneous clouds and provides resilient Network-as-a-Service to cloud users. It serves as foundation to an autonomic security management framework that provides fine-grained network monitoring and flexible threat management support.

Security administration challenges Manual administration of infrastructure protection is out of reach due to complexity and heterogeneity of its components. Automation of security management is necessary, but lacks today.

Expected impact Self-Service Security The SUPERCLOUD architecture will give users flexibility to define their own protection requirements and instantiate policies accordingly.

Solution The SUPERCLOUD project proposes new security and dependability infrastructure management paradigms that are:

Self-Managed Security The SUPERCLOUD autonomic security management framework will enable to operate seamlessly over compute, storage and network layers, and across provider domains to ensure compliance with security policies.

User-centric In self-service clouds-of-clouds, customers define their own protection requirements and avoid provider lock-ins. Self-managed Self-protecting clouds-of-clouds reduce administration complexity through security automation. Our approach is defining a new distributed architectural plane, the SUPERCLOUD, providing an end-to-end interface both between usercentric and provider-centric views of multiple clouds. Its role will be both to provide a distributed resource abstraction and flexible but unified control for management of security and resilience.

End-to-End Security The proposed trust models and security mechanisms will enable composition of services and trust statements across different administrative provider domains. Resilience The resource management framework will enable to compose provider-agnostic resources in a robust manner using primitives from diverse cloud providers. Healthcare Use Cases The SUPERCLOUD methodology will be validated by testbed integration for realworld use cases in the healthcare domain.

We will: Design and realize a SUPERCLOUD security management infrastructure This autonomic security management infrastructure features a 360° monitoring framework that captures both horizontal (multi-domain) and vertical (cross-layer) dimensions of multi-cloud systems. It monitors resource security and guarantees secure computation, storage and communications, also enabling a continuum of security services.

SUPERCLOUD

Design and realize a data management framework It will rely on cryptographic tools that address multiple aspects including key management for access control, data availability and resilience, secure data computation and verifiability. It will also include a resilience framework allowing implementation of 2/2

71

SWITCH

The SWITCH project (Software Workbench for Interactive, Time Critical and Highly self-adaptive Cloud applications) addresses the urgent industrial need for developing and executing time critical applications in Clouds. SWITCH addresses these problems by providing an interactive and flexible software workbench that can provide the necessary tools to control the lifecycle for rapid development, deployment, management and dynamic reconfiguration of complex distributed time-critical Cloud applications.

AT A GLANCE Project title:

SWITCH - Software Workbench for Interactive, Time Critical and Highly selfadaptive cloud applications

Project coordinator: University of Amsterdam (NL)

Partners from:

Cardiff University (UK), University of Ljubljana (SL), Wellness Telecom (ES), BEIA Consult (RO), MOG Technologies (PT)

Duration:

02/2015 - 01/2018

Total cost: 2,922,500 €

EC Contribution: 2,922,500 €

Programme:

H2020-ICT-2014-1

Further information: www.switch-project.eu

Context and motivation Many industrial applications have highly time-critical requirements for their performance in order to maintain their business value, for instance the application may address Quality of Service (QoS) (e.g. tsunami emergency response time) or quality of experience (QoE) (e.g. delivery of ultra-high definition television, or collaborative business interactions) issues. These applications are often called time critical applications. The SWITCH project addresses the entire life-cycle of timecritical, self-adaptive Cloud applications by developing new middleware and front-end tools to enable users to specify their timecritical requirements for an application interactively using a direct manipulation user interface, deploy their applications and adapt the infrastructure to changing requirements either automatically (using the specified requirements) or by human intervention if desired.

Challenge Time critical applications often involve distributed components, and intensive data communication, for instance applications which address disaster warning issues often include remotely

72

deployed sensors, and many live event television broadcast scenarios require direction of multiple multi outdoor video sources. The development of such applications is usually difficult and costly, because of the high requirements for the runtime environment, and in particular the sophisticated optimisation mechanisms needed for developing and integrating the system components. In the meantime, a Cloud environment provides virtualised, elastic, controllable and quality on demand services for supporting systems like time critical applications. In 2012, Cloud computing was strategically recommended by the European Commission (EC) for boosting productivity in all economy sectors in Europe . However, the engineering method and software tools for developing, deploying and executing classical time critical applications have not yet included the programmability and controllability provided by the Clouds; and the time critical applications cannot yet get the full potential benefits which Cloud technologies could provide.

composition, execution environment customisation, and runtime control, which are normally treated in separated processes, into one optimisation loop based on the time critical requirements.

Expected impact

Solution The SWITCH project addresses these problems by providing an interactive and flexible software workbench that, by using discovery tools at the networking level and QoS requirements from the application level, can provide the tools necessary to control the lifecycle for rapid development, deployment, management and dynamic reconfiguration of complex distributed time-critical cloud applications. In particular, SWITCH provides novel support for defining, optimising and controlling time-critical constraints in programming, testing, deploying and executing the applications. Using a fully responsive web based interface and backend components for coordinating the data flows across the networking infrastructure, the SWITCH workbench can define dynamic application level mappings for the time critical control rules and strategies to be employed on an application-by-application basis. At the core idea of the SWITCH environment, a new development and execution model, an applicationinfrastructure co-programming and control model, will be developed for timecritical Cloud applications. The new model brings together the application

SWITCH application-infrastructure co-programming and control model

2/2

73

SWITCH

The programming and control model, and the software tools developed in the SWITCH project, will make considerable impact on 1) Improving development productivity of time critical Cloud applications. 2) Upgrading industrial technologies of time critical applications to use Cloud infrastructure. 3) Improving deployment efficiency of time critical applications. 4) Reducing operational cost of time critical services. Operating cost for time critical services such as disaster early warning is, on average, 40% of the total system cost, and sometimes can rise to more than 80% in extreme cases. 5) Promoting business competitiveness of Clouds. By 2020, the Clouds technologies will contribute 1% of GDP to the entire EU, about 160 billion euro , of which Software as a Service will be 30-40 billion euro.

For further information European Commission Directorate-General for Communications Networks, Content & Technology Directorate Net Futures Software & Services, Cloud B-1049 Brussels [email protected]