Protocol for a Systematic Literature Review on Adaptative Middleware Support for IoT and CPS

This protocol defines the procedure to conduct a systematic literature review on adaptive middleware support for the Internet of Things (IoT) and Cyber-physical Systems (CPS). The mentioned concepts deal with smart interactive objects which provide a set of services, but they look into the problem from various perspectives. We especially look into middleware design decisions for reactive/proactive adaptations. Following a systematic literature review (SLR) in the selection procedure, we selected 62 papers among 4,274 candidate studies. To this end, we applied the classification and extraction framework to select and analyze the most influential domain-related information. In addition to the academic database, we took advantage of the use-cases provided by our industrial partners within the CPS4EU 2 project. This document clarifies the primary studies' selection process. The analysis of the studies, discussion, and solution proposals will be presented separately in a journal article

An MDD-based method for building context-aware applications with high reusability

Adding context-awareness capabilities to modern mobile and pervasive computing applications is becoming a mainstream activity in the software engineering community. In this respect, many context models and middleware architectures have been proposed with the aim to provide the developers with tools and abstractions that make it easier to produce context-aware applications. However, current solutions suffer from relatively low reusability and lack ease-of-use. In this paper, we propose a two-layer approach based on model-driven development: at the higher layer we introduce the design of reusable context plug-ins which can be used to monitor low-level context data and to infer higher-level information about the users, their computing infrastructure and their interaction. At the lower layer, the plug-ins themselves are synthesized using more elementary, reusable components. We argue that this development approach provides significant advantages to the developers, as it enables them to design, implement, re-use and maintain the code-base of context-aware apps more efficiently. To evaluate this approach, we demonstrate it in the context of a two-part case-study and assess it both qualitatively and quantitatively

A pluggable middleware architecture for developing context-aware mobile applications

The proliferation of powerful smartphone devices provides a great opportunity for context-aware mobile applications becoming mainstream. However, we argue that conventional software development techniques suffer because of the added complexity required for collecting and managing context information. This paper presents a component-based middleware architecture which facilitates the development and deployment of context-aware applications via reusable components. The main contribution of this approach is the combination of a development methodology with the middleware architecture, which together bring significant value to developers of context-aware applications. Further contributions include the following: The methodology utilizes separation of concerns, thus decreasing the developmental cost and improving the productivity. The design and implementation of context-aware applications are also eased via the use of reusable components, called context plug-ins. Finally, the middleware architecture facilitates the deployment and management of the context plug-ins in a resource-aware manner. The proposed methodology and middleware architecture are evaluated both quantitatively and qualitatively

Towards a unified fraud management and digital forensic framework for mobile applications

Historically, progress in technology development has continually created new opportunities for criminal activities which, in turn, have triggered the need for the development of new security-sensitive systems. Organisations are now adopting mobile technologies for numerous applications to capitalise on the mobile revolution. They are now able to increase their operational efficiency as well as responsiveness and competitiveness and, most importantly, can now meet new, growing customers’ demands. However, although mobile technologies and applications present many new opportunities, they also present challenges. Threats to mobile phone applications are always on the rise and, therefore, compel organisations to invest money and time, among other technical controls, in an attempt to protect them from incurring losses. The computerisation of core activities (such as mobile banking in the banking industry, for example) has effectively exposed organisations to a host of complex fraud challenges that they have to deal with in addition to their core business of providing services to their end consumers. Fraudsters are able to use mobile devices to remotely access enterprise applications and subsequently perform fraudulent transactions. When this occurs, it is important to effectively investigate and manage the cause and findings, as well as to prevent any future similar attacks. Unfortunately, clients and consumers of these organisations are often ignorant of the risks to their assets and the consequences of the compromises that might occur. Organisations are therefore obliged, at least, to put in place measures that will not only minimise fraud but also be capable of detecting and preventing further similar incidents. The goal of this research was to develop a unified fraud management and digital forensic framework to improve the security of Information Technology (IT) processes and operations in organisations that make available mobile phone applications to their clients for business purposes. The research was motivated not only by the increasing reliance of organisations on mobile applications to service their customers but also by the fact that digital forensics and fraud management are often considered to be separate entities at an organisational level. This study proposes a unified approach to fraud management and digital forensic analysis to simultaneously manage and investigate fraud that occurs through the use of mobile phone applications. The unified Fraud Management and Digital Forensic (FMDF) framework is designed to (a) determine the suspicious degree of fraudulent transactions and (b) at the same time, to feed into a process that facilitates the investigation of incidents. A survey was conducted with subject matter experts in the banking environment. Data was generated through a participatory self-administered online questionnaire. Collected data was then presented, analysed and interpreted quantitatively and qualitatively. The study found that there was a general understanding of the common fraud management methodologies and approaches throughout the banking industry and the use thereof. However, while many of the respondents indicated that fraud detection was an integral part of their processes, they take a rather reactive approach when it comes to fraud management and digital forensics. Part of the reason for the reactive approach is that many investigations are conducted in silos, with no central knowledge repository where previous cases can be retrieved for comparative purposes. Therefore, confidentiality, integrity and availability of data are critical for continued business operations. To mitigate the pending risks, the study proposed a new way of thinking that combines both components of fraud management and digital forensics for an optimised approach to managing security in mobile applications. The research concluded that the unified FMDF approach was considered to be helpful and valuable to professionals who participated in the survey. Although the case study focused on the banking industry, the study appears to be instrumental in informing other types of organisations that make available the use of mobile applications for their clients in fraud risk awareness and risk management in general.ComputingM. Sc. (Computing