Real-time Security & Dependability monitoring: Make it a bundle

Security & Dependability (SEC&DEP) monitoring has definitely become a number one priority, since it is understood that it is the pre-requisite for allowing system operation to continue also in the presence of faults and/or attacks. Since effective remediation requires that the right actions be taken at the right time, in order for SEC&DEP monitoring to be really useful, the results of the monitoring process must be made available in a timely fashion, i.e. in (near) real-time. A plethora of technologies exists, that individually represent a (potentially) effective building block of a real-time SEC&DEP monitoring facility, but - regrettably - they very much lack integration. We claim that a significant advancement in the convergence of such technologies is needed. While recently some achievements have been made, much is yet to be done. In this paper, we briefly review the current State Of The Art (SOTA) of technologies that can be used to implement a real-time SEC&DEP monitoring facility, with two objectives: 1) perform a gap analysis, i.e. point out the major limitations of such technologies, and 2) identify the main avenues towards effective SEC&DEP monitoring.