adfa, p. 1, 2015. © Springer-Verlag Berlin Heidelberg 2015 RT-SPDM: Real-time Security, Privacy & Dependability Management of Heterogeneous Systems Konstantinos Fysarakis 1 , George Hatzivasilis 1 , Ioannis Askoxylakis 2 , and Harry Man- ifavas 3 1 Dept. of Electronic & Computer Engineering, Technical University of Crete, Greece {kfysarakis, gchatzivasilis}@isc.tuc.gr 2 FORTH asko@ics.forth.gr 3 Dept. of Informatics Engineering, Technological Educational Institute of Crete, Greece harryman@ie.teicrete.gr Abstract. The need to manage embedded systems, brought forward by the wider adoption of pervasive computing, is particularly vital in the context of secure and safety-critical applications. This work presents RT-SPDM, a framework for the real-time management of devices populating ambient environments. The pro- posed framework utilizes a formally validated approach to reason the composa- bility of heterogeneous embedded systems, evaluate their current security, pri- vacy and dependability levels based on pre-defined metrics, and manage them in real-time. An implementation of Event Calculus is used in the Jess rule engine in order to model the ambient environment context and the rule-based management procedure. The reasoning process is modeled as an agent’s behavior and applied on an epistemic multi-agent reasoner for ambient intelligence applications. Agents monitor distinct embedded systems and are deployed as OSGi bundles to enhance the real-time management of embedded devices. A Service Oriented Ar- chitecture is adopted, through the use of the Devices Profile for Web Services standard, in order to provide seamless interaction between the framework’s enti- ties, which exchange well-formed information, determined by the OASIS CAP standard. Proof-of-concept implementations of all entities are developed, also in- vestigating user-friendly GUIs for both the front-end and back-end of the frame- work. A preliminary performance evaluation on typical embedded devices con- firms the viability of the proposed approach. Keywords: SOAs, DPWS, event calculus, formal methods, security validation, metrics composition, JADE, Jess, OSGi, policy-based access control, 1 Introduction Advances in computing and communication technologies have enabled a new reality where interconnected computing systems, in various forms, permeate our environ- ments, aiming to enhance all aspects of our everyday lives. These significant changes did not leave the industrial and enterprise environments unaffected, with ubiquitous