Open Access

The transfer of historically grown monolithic software architectures into modern service-oriented architectures creates a lot of loose coupling points. This can lead to an unforeseen system behavior and can significantly impede those continuous modernization processes, since it is not clear where bottlenecks in a system arise. It is therefore necessary to monitor such modernization processes with an adaptive monitoring concept to be able to correctly record and interpret unpredictable system dynamics. This contribution presents a generic QoS measurement framework for service-based systems. The framework consists of an XML-based specification for the measurement to be performed – the Information Model (IM) – and the QoS System, which provides an execution platform for the IM. The framework will be applied to a standard business process of the German insurance industry, and the concepts of the IM and their mapping to artifacts of the QoS System will be presented. Furtherm ore, design and implementation of the QoS System’s parser and generator module and the generated artifacts are explained in detail, e.g., event model, agents, measurement module and analyzer module.

Service meshes can be seen as an infrastructure layer for microservice-based applications that are specifically suited for distributed application architectures. It is the goal to introduce the concept of service meshes and its use for microservices with the example of an open source service mesh called Istio. This paper gives an introduction into the service mesh concept and its relation to microservices. It also gives an overview of selected features provided by Istio as relevant to the above concept and provides a small sample setup that demonstrates the core features.

Dramatic increases in the number of cyber security attacks and breaches toward businesses and organizations have been experienced in recent years. The negative impacts of these breaches not only cause the stealing and compromising of sensitive information, malfunctioning of network devices, disruption of everyday operations, financial damage to the attacked business or organization itself, but also may navigate to peer businesses/organizations in the same industry. Therefore, prevention and early detection of these attacks play a significant role in the continuity of operations in IT-dependent organizations. At the same time detection of various types of attacks has become extremely difficult as attacks get more sophisticated, distributed and enabled by Artificial Intelligence (AI). Detection and handling of these attacks require sophisticated intrusion detection systems which run on powerful hardware and are administered by highly experienced security staff. Yet, these resources are costly to employ, especially for small and medium-sized enterprises (SMEs). To address these issues, we developed an architecture -within the GLACIER project- that can be realized as an in-house operated Security Information Event Management (SIEM) system for SMEs. It is affordable for SMEs as it is solely based on free and open-source components and thus does not require any licensing fees. Moreover, it is a Self-Contained System (SCS) and does not require too much management effort. It requires short configuration and learning phases after which it can be self-contained as long as the monitored infrastructure is stable (apart from a reaction to the generated alerts which may be outsourced to a service provider in SMEs, if necessary). Another main benefit of this system is to supply data to advanced detection algorithms, such as multidimensional analysis algorithms, in addition to traditional SIEMspecific tasks like data collection, normalization, enrichment, and storage. It supports the application of novel methods to detect security-related anomalies. The most distinct feature of this system that differentiates it from similar solutions in the market is its user feedback capability. Detected anomalies are displayed in a Graphical User Interface (GUI) to the security staff who are allowed to give feedback for anomalies. Subsequently, this feedback is utilized to fine-tune the anomaly detection algorithm. In addition, this GUI also provides access to network actors for quick incident responses. The system in general is suitable for both Information Technology (IT) and Operational Technology (OT) environments, while the detection algorithm must be specifically trained for each of these environments individually.

Intrusion detection systems and other network security components detect security-relevant events based on policies consisting of rules. If an event turns out as a false alarm, the corresponding policy has to be adjusted in order to reduce the number of false positives. Modified policies, however, need to be tested before going into productive use. We present a visual analysis tool for the evaluation of security events and related policies which integrates data from different sources using the IF-MAP specification and provides a “what-if” simulation for testing modified policies on past network dynamics. In this paper, we will describe the design and outcome of a user study that will help us to evaluate our visual analysis tool.

Radioisotope-guided sentinel lymph node dissection (sLND) has shown high diagnostic reliability in prostate (PCa) and other cancers. To overcome the limitations of the radioactive tracers, magnetometer-guided sLND using superparamagnetic iron oxide nanoparticles (SPIONs) has been successfully used in PCa. This prospective study (SentiMag Pro II, DRKS00007671) determined the diagnostic accuracy of magnetometer-guided sLND in intermediate- and high-risk PCa. Fifty intermediate- or high-risk PCa patients (prostate-specific antigen (PSA) >= 10 ng/mL and/or Gleason score >= 7; median PSA 10.8 ng/mL, IQR 7.4–19.2 ng/mL) were enrolled. After the intraprostatic SPIONs injection a day earlier, patients underwent magnetometer-guided sLND and extended lymph node dissection (eLND, followed by radical prostatectomy. SLNs were detected in in vivo and in ex vivo samples. Diagnostic accuracy of sLND was assessed using eLND as the reference. SLNs were detected in all patients (detection rate 100%), with 447 sentinel lymph nodes SLNs (median 9, IQR 6–12) being identified and 966 LNs (median 18, IQR 15–23) being removed. Thirty-six percent (18/50) of patients had LN metastases (median 2, IQR 1–3). Magnetometer-guided sLND had 100% sensitivity, 97.0% specificity, 94.4% positive predictive value, 100% negative predictive value, 0.0% false negative rate, and 3.0% additional diagnostic value (LN metastases only in SLNs outside the eLND template). In vivo, one positive SLN/LN-positive patient was missed, resulting in a sensitivity of 94.4%. In conclusion, this new magnetic sentinel procedure has high accuracy for nodal staging in intermediate- and high-risk PCa. The reliability of intraoperative SLN detection using this magnetometer system requires verification in further multicentric studies.