For more than 2 years, the National Institute of Informatics (NII), in Japan, has been a key member of the M-Sec consortium, supporting the development and testing of a technology that intends to support our cities to become smarter and, at the same time, more cyber secure. Meet the team and work behind NII, their role in the M-Sec Project and where will they go next
We spoke with Takafumi Komoto, researcher, to know more about the National Institute of Informatics (NII)’s role in the Project.
1. Takafumi, thank you so much for agreeing with this interview. Please briefly present yourself and the institution you work at.
I used to work as a system engineer at IT company in Japan, and I am a researcher at the Information Systems Architecture Science Research Division in the National Institute of Informatics now.
The National Institute of Informatics (NII), founded in 2000, is an inter-university research institute corporation and a research organization of information and systems. The mission of this unique national academic research institute is to “create future value” in the new academic field of informatics.
2. Why have you and the National Institute of Informatics decided to join the M-Sec Project?
Based on that background, M-Sec project will enhance our opportunity for studying upcoming informatics movement, such as IoT security. By leveraging research outcomes, we can support creating future value where high security, networks are well balanced.
We provide a security requirements modeling support tool for a misuse case diagram that enables the creation of a diagram by embedding the element of the security knowledge. An application engineer, not a security engineer, can define new security countermeasures for the threats identified by creating a misuse case diagram.
3. Can you also present the team that works with you for the M-Sec Project?
Professor Nobukazu Yoshioka and me are the main members at M-Sec project in NII.
4. What has been the main role of the National Institute of Informatics at the M-Sec Project and have you been able to achieve all you have set for? What were your and your team’s main challenges?
NII is the Japan-side leader of WP3 “Requirements, architecture, hyper connected smart city” along with responsibility on Task3.1 “System level and User level Requirements analysis” , and Tsk4.3 “Application security”, given its expertise in secure software engineering.
We have been able to provide “the Security Analysis Tool (SAT)” that an application engineer can define new security countermeasures for the threats identified by creating a misuse case diagram.
5. Looking back on what you and your team have done in the scope of the M-Sec Project, what are your main takeaways?
The Security Analysis Tool (SAT). SAT supports security requirement analysis by reusing typical threats and their mitigation approaches stored in a knowledge base. SAT is implemented as a plugin of astah* (an UML modeling tool developed by Change Vision, Inc.).
6. With only a few months until the end of the project, on what major developments do you and your team still need to focus? Do you feel confident?
We will continue to improve the Security Analysis Tool (SAT) to make it easier to use. We believe that this is feasible together with other partners.
7. Did you find this experience of participating in an EU-JP partnership rewarding?
It is a good opportunity for us to learn about a secure smart city system. We will continue to analyse security requirements at secure IoT systems.