Towards Run-Time Verification of Compositions in the Web of Things using Complex Event Processing

Following the vision of the Internet of Things, physical world entities are integrated into virtual world things. Things are expected to become active participants in business and social processes. Then, the Internet of Things could benefit from the Web Service architecture like today’s Web does, so Future ser-vice-oriented Internet things will offer their functionality via service-enabled in-terfaces. In previous work, we demonstrated the need of considering the behav-iour of things to develop applications in a more rigorous way, and we proposed a lightweight model for representing such behaviour. Our methodology relies on the service-oriented paradigm and extends the DPWS profile to specify the order with which things can receive messages. We also proposed a static verifi-cation technique to check whether a mashup of things respects the behaviour, specified at design-time, of the composed things. However, a change in the be-haviour of a thing may cause that some compositions do not fulfill its behaviour anymore. Moreover, given that a thing can receive requests from instances of different mashups at run-time, these requests could violate the behaviour of that thing, even though each mashup fulfills such behaviour, due to the change of state of the thing. To address these issues, we present a proposal based on me-diation techniques and complex event processing to detect and inhibit invalid invocations, so things only receive requests compatible with their behaviour.Work partially supported by projects TIN2008-05932, TIN2012-35669, CSD2007-0004 funded by Spanish Ministry MINECO and FEDER; P11-TIC-7659 funded by Andalusian Government; and Universidad de Málaga, Campus de Excelencia Internacional Andalucía Tec

A metaobject architecture for fault-tolerant distributed systems : the FRIENDS approach

The FRIENDS system developed at LAAS-CNRS is a metalevel architecture providing libraries of metaobjects for fault tolerance, secure communication, and group-based distributed applications. The use of metaobjects provides a nice separation of concerns between mechanisms and applications. Metaobjects can be used transparently by applications and can be composed according to the needs of a given application, a given architecture, and its underlying properties. In FRIENDS, metaobjects are used recursively to add new properties to applications. They are designed using an object oriented design method and implemented on top of basic system services. This paper describes the FRIENDS software-based architecture, the object-oriented development of metaobjects, the experiments that we have done, and summarizes the advantages and drawbacks of a metaobject approach for building fault-tolerant system

Cross-Layer Adaptive Feedback Scheduling of Wireless Control Systems

There is a trend towards using wireless technologies in networked control systems. However, the adverse properties of the radio channels make it difficult to design and implement control systems in wireless environments. To attack the uncertainty in available communication resources in wireless control systems closed over WLAN, a cross-layer adaptive feedback scheduling (CLAFS) scheme is developed, which takes advantage of the co-design of control and wireless communications. By exploiting cross-layer design, CLAFS adjusts the sampling periods of control systems at the application layer based on information about deadline miss ratio and transmission rate from the physical layer. Within the framework of feedback scheduling, the control performance is maximized through controlling the deadline miss ratio. Key design parameters of the feedback scheduler are adapted to dynamic changes in the channel condition. An event-driven invocation mechanism for the feedback scheduler is also developed. Simulation results show that the proposed approach is efficient in dealing with channel capacity variations and noise interference, thus providing an enabling technology for control over WLAN.Comment: 17 pages, 12 figures; Open Access at http://www.mdpi.org/sensors/papers/s8074265.pd

Safer in the Clouds (Extended Abstract)

We outline the design of a framework for modelling cloud computing systems.The approach is based on a declarative programming model which takes the form of a lambda-calculus enriched with suitable mechanisms to express and enforce application-level security policies governing usages of resources available in the clouds. We will focus on the server side of cloud systems, by adopting a pro-active approach, where explicit security policies regulate server's behaviour.Comment: In Proceedings ICE 2010, arXiv:1010.530

Opening up Magpie via semantic services

Magpie is a suite of tools supporting a ‘zero-cost’ approach to semantic web browsing: it avoids the need for manual annotation by automatically associating an ontology-based semantic layer to web resources. An important aspect of Magpie, which differentiates it from superficially similar hypermedia systems, is that the association between items on a web page and semantic concepts is not merely a mechanism for dynamic linking, but it is the enabling condition for locating services and making them available to a user. These services can be manually activated by a user (pull services), or opportunistically triggered when the appropriate web entities are encountered during a browsing session (push services). In this paper we analyze Magpie from the perspective of building semantic web applications and we note that earlier implementations did not fulfill the criterion of “open as to services”, which is a key aspect of the emerging semantic web. For this reason, in the past twelve months we have carried out a radical redesign of Magpie, resulting in a novel architecture, which is open both with respect to ontologies and semantic web services. This new architecture goes beyond the idea of merely providing support for semantic web browsing and can be seen as a software framework for designing and implementing semantic web applications

IRS III: a platform and infrastructure for creating WSMO based semantic web services

The IRS project has the overall aim of supporting the automated or semi-automated construction of semantically enhanced systems over the inter-net. IRS-I supported the creation of knowledge intensive systems structured acording to the UPML framework and IRS-II integrated the UPML framework with web service technologies. In this paper we describe IRS-III. Within IRS-III we have now incorporated and extended the WSMO ontology. Our extensions to WSMO include the addition of input and output roles to goals and web services and a new type of mediator. As well as summarizing our additions to WSMO we outline the architecture of IRS-III and the associated interfaces

S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX

Function-as-a-Service (FaaS) is a recent and already very popular paradigm in cloud computing. The function provider need only specify the function to be run, usually in a high-level language like JavaScript, and the service provider orchestrates all the necessary infrastructure and software stacks. The function provider is only billed for the actual computational resources used by the function invocation. Compared to previous cloud paradigms, FaaS requires significantly more fine-grained resource measurement mechanisms, e.g. to measure compute time and memory usage of a single function invocation with sub-second accuracy. Thanks to the short duration and stateless nature of functions, and the availability of multiple open-source frameworks, FaaS enables non-traditional service providers e.g. individuals or data centers with spare capacity. However, this exacerbates the challenge of ensuring that resource consumption is measured accurately and reported reliably. It also raises the issues of ensuring computation is done correctly and minimizing the amount of information leaked to service providers. To address these challenges, we introduce S-FaaS, the first architecture and implementation of FaaS to provide strong security and accountability guarantees backed by Intel SGX. To match the dynamic event-driven nature of FaaS, our design introduces a new key distribution enclave and a novel transitive attestation protocol. A core contribution of S-FaaS is our set of resource measurement mechanisms that securely measure compute time inside an enclave, and actual memory allocations. We have integrated S-FaaS into the popular OpenWhisk FaaS framework. We evaluate the security of our architecture, the accuracy of our resource measurement mechanisms, and the performance of our implementation, showing that our resource measurement mechanisms add less than 6.3% latency on standardized benchmarks

A Role-Based Approach for Orchestrating Emergent Configurations in the Internet of Things

The Internet of Things (IoT) is envisioned as a global network of connected things enabling ubiquitous machine-to-machine (M2M) communication. With estimations of billions of sensors and devices to be connected in the coming years, the IoT has been advocated as having a great potential to impact the way we live, but also how we work. However, the connectivity aspect in itself only accounts for the underlying M2M infrastructure. In order to properly support engineering IoT systems and applications, it is key to orchestrate heterogeneous 'things' in a seamless, adaptive and dynamic manner, such that the system can exhibit a goal-directed behaviour and take appropriate actions. Yet, this form of interaction between things needs to take a user-centric approach and by no means elude the users' requirements. To this end, contextualisation is an important feature of the system, allowing it to infer user activities and prompt the user with relevant information and interactions even in the absence of intentional commands. In this work we propose a role-based model for emergent configurations of connected systems as a means to model, manage, and reason about IoT systems including the user's interaction with them. We put a special focus on integrating the user perspective in order to guide the emergent configurations such that systems goals are aligned with the users' intentions. We discuss related scientific and technical challenges and provide several uses cases outlining the concept of emergent configurations.Comment: In Proceedings of the Second International Workshop on the Internet of Agents @AAMAS201