The Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS) is an EC co-funded project that aims at constituting and integrating a long lasting research community on engineering secure software-based services and systems. The new roadmap and research agenda was published in February 2013. It also contains recommendations on the main research issues to tackle, including the focus on eHealth systems that consider security and privacy by design as foundational aspects.

As a matter of fact, eHealth is an area of rapid innovation, but designing the secure services for emergent eHealth solutions requires a large amount of effort and the collaboration of stakeholders with different views on security and privacy requirements.

The main motto behind NESSoS is "prevention is better than cure'', indeed we can reduce the number of vulnerabilities in Future Internet services by having security and privacy “by design”, that is right from the early phase of engineering lifecycle.

Current examples of the work being done within NESSoS in the area of eHealth include the development of tools for all phases of the development lifecycle, from the identification of privacy threats and requirement analysis, over the automatic generation of secure-by-design eHealth services from declarative models, to the run-time assurance of security compliance, even when changes in the process or in the requirements occur.

Security competes with flexibility and with availability in many particular situations. Thus NESSoS offers dynamic supervision and enforcement of trade-off policies, allowing for instance controlled access to resources in spite of known security threats, acceptable under some conditions in order to avoid life-threatening situations, use of work-flow models to describe the dynamics of a Patient-Monitoring Work-Flows, verification of work-flows with declarative authorisation policies that include revocation and delegation, and the automatic generation of orchestration of sub-systems, satisfying among others separation of duties requirements and secure recording of events.

Also, NESSoS is interested to data-related aspects, like the smart content generation via sensors that continuously monitor the physical activity or the nutritional intake, and the aggregation and use of data, for instance to recommend personalised insulin dosages.

Methods and tools from NESSoS are already being experimented in the context of several industrial solutions, such as yourEHRM from Atos and Soarian and Syngo from Siemens.

For more details, see and

You can also still contribute to the NESSoS roadmap by filling the on-line survey accessible from the web site.