IoT@run-time: a model-based approach to support deployment and self-adaptations in IoT systems

Today, most Internet of Things (IoT) systems leverage edge and fog computing to meet increasingly restrictive requirements and improve quality of service (QoS). Although these multi-layer architectures can improve system performance, their design is challenging because the dynamic and changing IoT environment can impact the QoS and system operation. In this thesis, we propose a modeling-based approach that addresses the limitations of existing studies to support the design, deployment, and management of self-adaptive IoT systems. We have designed a domain specific language (DSL) to specify the self-adaptive IoT system, a code generator that generates YAML manifests for the deployment of the IoT system, and a framework based on the MAPE-K loop to monitor and adapt the IoT system at runtime. Finally, we have conducted several experimental studies to validate the expressiveness and usability of the DSL and to evaluate the ability and performance of our framework to address the growth of concurrent adaptations on an IoT system.Hoy en día, la mayoría de los sistemas de internet de las cosas (IoT, por su sigla en inglés) aprovechan la computación en el borde (edge computing) y la computación en la niebla (fog computing) para cumplir requisitos cada vez más restrictivos y mejorar la calidad del servicio. Aunque estas arquitecturas multicapa pueden mejorar el rendimiento del sistema, diseñarlas supone un reto debido a que el entorno de IoT dinámico y cambiante puede afectar a la calidad del servicio y al funcionamiento del sistema. En esta tesis proponemos un enfoque basado en el modelado que aborda las limitaciones de los estudios existentes para dar soporte en el diseño, el despliegue y la gestión de sistemas de IoT autoadaptables. Hemos diseñado un lenguaje de dominio específico (DSL) para modelar el sistema de IoT autoadaptable, un generador de código que produce manifiestos YAML para el despliegue del sistema de IoT y un marco basado en el bucle MAPE-K para monitorizar y adaptar el sistema de IoT en tiempo de ejecución. Por último, hemos llevado a cabo varios estudios experimentales para validar la expresividad y usabilidad del DSL y evaluar la capacidad y el rendimiento de nuestro marco para abordar el crecimiento de las adaptaciones concurrentes en un sistema de IoT.Avui dia, la majoria dels sistemes d'internet de les coses (IoT, per la sigla en anglès) aprofiten la informàtica a la perifèria (edge computing) i la informàtica a la boira (fog computing) per complir requisits cada cop més restrictius i millorar la qualitat del servei. Tot i que aquestes arquitectures multicapa poden millorar el rendiment del sistema, dissenyar-les suposa un repte perquè l'entorn d'IoT dinàmic i canviant pot afectar la qualitat del servei i el funcionament del sistema. En aquesta tesi proposem un enfocament basat en el modelatge que aborda les limitacions dels estudis existents per donar suport al disseny, el desplegament i la gestió de sistemes d'IoT autoadaptatius. Hem dissenyat un llenguatge de domini específic (DSL) per modelar el sistema d'IoT autoadaptatiu, un generador de codi que produeix manifestos YAML per al desplegament del sistema d'IoT i un marc basat en el bucle MAPE-K per monitorar i adaptar el sistema d'IoT en temps d'execució. Finalment, hem dut a terme diversos estudis experimentals per validar l'expressivitat i la usabilitat del DSL i avaluar la capacitat i el rendiment del nostre marc per abordar el creixement de les adaptacions concurrents en un sistema d'IoT.Tecnologies de la informació i de xarxe

Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems, cyber risk at the edge

The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture

Trends in Smart City Development

This report examines the meanings and practices associated with the term 'smart cities.' Smart city initiatives involve three components: information and communication technologies (ICTs) that generate and aggregate data; analytical tools which convert that data into usable information; and organizational structures that encourage collaboration, innovation, and the application of that information to solve public problems

Self-managed Workflows for Cyber-physical Systems

Workflows are a well-established concept for describing business logics and processes in web-based applications and enterprise application integration scenarios on an abstract implementation-agnostic level. Applying Business Process Management (BPM) technologies to increase autonomy and automate sequences of activities in Cyber-physical Systems (CPS) promises various advantages including a higher flexibility and simplified programming, a more efficient resource usage, and an easier integration and orchestration of CPS devices. However, traditional BPM notations and engines have not been designed to be used in the context of CPS, which raises new research questions occurring with the close coupling of the virtual and physical worlds. Among these challenges are the interaction with complex compounds of heterogeneous sensors, actuators, things and humans; the detection and handling of errors in the physical world; and the synchronization of the cyber-physical process execution models. Novel factors related to the interaction with the physical world including real world obstacles, inconsistencies and inaccuracies may jeopardize the successful execution of workflows in CPS and may lead to unanticipated situations. This thesis investigates properties and requirements of CPS relevant for the introduction of BPM technologies into cyber-physical domains. We discuss existing BPM systems and related work regarding the integration of sensors and actuators into workflows, the development of a Workflow Management System (WfMS) for CPS, and the synchronization of the virtual and physical process execution as part of self-* capabilities for WfMSes. Based on the identified research gap, we present concepts and prototypes regarding the development of a CPS WFMS w.r.t. all phases of the BPM lifecycle. First, we introduce a CPS workflow notation that supports the modelling of the interaction of complex sensors, actuators, humans, dynamic services and WfMSes on the business process level. In addition, the effects of the workflow execution can be specified in the form of goals defining success and error criteria for the execution of individual process steps. Along with that, we introduce the notion of Cyber-physical Consistency. Following, we present a system architecture for a corresponding WfMS (PROtEUS) to execute the modelled processes-also in distributed execution settings and with a focus on interactive process management. Subsequently, the integration of a cyber-physical feedback loop to increase resilience of the process execution at runtime is discussed. Within this MAPE-K loop, sensor and context data are related to the effects of the process execution, deviations from expected behaviour are detected, and compensations are planned and executed. The execution of this feedback loop can be scaled depending on the required level of precision and consistency. Our implementation of the MAPE-K loop proves to be a general framework for adding self-* capabilities to WfMSes. The evaluation of our concepts within a smart home case study shows expected behaviour, reasonable execution times, reduced error rates and high coverage of the identified requirements, which makes our CPS~WfMS a suitable system for introducing workflows on top of systems, devices, things and applications of CPS.:1. Introduction 15 1.1. Motivation 15 1.2. Research Issues 17 1.3. Scope & Contributions 19 1.4. Structure of the Thesis 20 2. Workflows and Cyber-physical Systems 21 2.1. Introduction 21 2.2. Two Motivating Examples 21 2.3. Business Process Management and Workflow Technologies 23 2.4. Cyber-physical Systems 31 2.5. Workflows in CPS 38 2.6. Requirements 42 3. Related Work 45 3.1. Introduction 45 3.2. Existing BPM Systems in Industry and Academia 45 3.3. Modelling of CPS Workflows 49 3.4. CPS Workflow Systems 53 3.5. Cyber-physical Synchronization 58 3.6. Self-* for BPM Systems 63 3.7. Retrofitting Frameworks for WfMSes 69 3.8. Conclusion & Deficits 71 4. Modelling of Cyber-physical Workflows with Consistency Style Sheets 75 4.1. Introduction 75 4.2. Workflow Metamodel 76 4.3. Knowledge Base 87 4.4. Dynamic Services 92 4.5. CPS-related Workflow Effects 94 4.6. Cyber-physical Consistency 100 4.7. Consistency Style Sheets 105 4.8. Tools for Modelling of CPS Workflows 106 4.9. Compatibility with Existing Business Process Notations 111 5. Architecture of a WfMS for Distributed CPS Workflows 115 5.1. Introduction 115 5.2. PROtEUS Process Execution System 116 5.3. Internet of Things Middleware 124 5.4. Dynamic Service Selection via Semantic Access Layer 125 5.5. Process Distribution 126 5.6. Ubiquitous Human Interaction 130 5.7. Towards a CPS WfMS Reference Architecture for Other Domains 137 6. Scalable Execution of Self-managed CPS Workflows 141 6.1. Introduction 141 6.2. MAPE-K Control Loops for Autonomous Workflows 141 6.3. Feedback Loop for Cyber-physical Consistency 148 6.4. Feedback Loop for Distributed Workflows 152 6.5. Consistency Levels, Scalability and Scalable Consistency 157 6.6. Self-managed Workflows 158 6.7. Adaptations and Meta-adaptations 159 6.8. Multiple Feedback Loops and Process Instances 160 6.9. Transactions and ACID for CPS Workflows 161 6.10. Runtime View on Cyber-physical Synchronization for Workflows 162 6.11. Applicability of Workflow Feedback Loops to other CPS Domains 164 6.12. A Retrofitting Framework for Self-managed CPS WfMSes 165 7. Evaluation 171 7.1. Introduction 171 7.2. Hardware and Software 171 7.3. PROtEUS Base System 174 7.4. PROtEUS with Feedback Service 182 7.5. Feedback Service with Legacy WfMSes 213 7.6. Qualitative Discussion of Requirements and Additional CPS Aspects 217 7.7. Comparison with Related Work 232 7.8. Conclusion 234 8. Summary and Future Work 237 8.1. Summary and Conclusion 237 8.2. Advances of this Thesis 240 8.3. Contributions to the Research Area 242 8.4. Relevance 243 8.5. Open Questions 245 8.6. Future Work 247 Bibliography 249 Acronyms 277 List of Figures 281 List of Tables 285 List of Listings 287 Appendices 28