Security Management Framework for the Internet of Things

The increase in the design and development of wireless communication technologies offers multiple opportunities for the management and control of cyber-physical systems with connections between smart and autonomous devices, which provide the delivery of simplified data through the use of cloud computing. Given this relationship with the Internet of Things (IoT), it established the concept of pervasive computing that allows any object to communicate with services, sensors, people, and objects without human intervention. However, the rapid growth of connectivity with smart applications through autonomous systems connected to the internet has allowed the exposure of numerous vulnerabilities in IoT systems by malicious users. This dissertation developed a novel ontology-based cybersecurity framework to improve security in IoT systems using an ontological analysis to adapt appropriate security services addressed to threats. The composition of this proposal explores two approaches: (1) design time, which offers a dynamic method to build security services through the application of a methodology directed to models considering existing business processes; and (2) execution time, which involves monitoring the IoT environment, classifying vulnerabilities and threats, and acting in the environment, ensuring the correct adaptation of existing services. The validation approach was used to demonstrate the feasibility of implementing the proposed cybersecurity framework. It implies the evaluation of the ontology to offer a qualitative evaluation based on the analysis of several criteria and also a proof of concept implemented and tested using specific industrial scenarios. This dissertation has been verified by adopting a methodology that follows the acceptance in the research community through technical validation in the application of the concept in an industrial setting.O aumento no projeto e desenvolvimento de tecnologias de comunicação sem fio oferece múltiplas oportunidades para a gestão e controle de sistemas ciber-físicos com conexões entre dispositivos inteligentes e autônomos, os quais proporcionam a entrega de dados simplificados através do uso da computação em nuvem. Diante dessa relação com a Internet das Coisas (IoT) estabeleceu-se o conceito de computação pervasiva que permite que qualquer objeto possa comunicar com os serviços, sensores, pessoas e objetos sem intervenção humana. Entretanto, o rápido crescimento da conectividade com as aplicações inteligentes através de sistemas autônomos conectados com a internet permitiu a exposição de inúmeras vulnerabilidades dos sistemas IoT para usuários maliciosos. Esta dissertação desenvolveu um novo framework de cibersegurança baseada em ontologia para melhorar a segurança em sistemas IoT usando uma análise ontológica para a adaptação de serviços de segurança apropriados endereçados para as ameaças. A composição dessa proposta explora duas abordagens: (1) tempo de projeto, o qual oferece um método dinâmico para construir serviços de segurança através da aplicação de uma metodologia dirigida a modelos, considerando processos empresariais existentes; e (2) tempo de execução, o qual envolve o monitoramento do ambiente IoT, a classificação de vulnerabilidades e ameaças, e a atuação no ambiente garantindo a correta adaptação dos serviços existentes. Duas abordagens de validação foram utilizadas para demonstrar a viabilidade da implementação do framework de cibersegurança proposto. Isto implica na avaliação da ontologia para oferecer uma avaliação qualitativa baseada na análise de diversos critérios e também uma prova de conceito implementada e testada usando cenários específicos. Esta dissertação foi validada adotando uma metodologia que segue a validação na comunidade científica através da validação técnica na aplicação do nosso conceito em um cenário industrial

Ami-deu : un cadre sémantique pour des applications adaptables dans des environnements intelligents

Cette thèse vise à étendre l’utilisation de l'Internet des objets (IdO) en facilitant le développement d’applications par des personnes non experts en développement logiciel. La thèse propose une nouvelle approche pour augmenter la sémantique des applications d’IdO et l’implication des experts du domaine dans le développement d’applications sensibles au contexte. Notre approche permet de gérer le contexte changeant de l’environnement et de générer des applications qui s’exécutent dans plusieurs environnements intelligents pour fournir des actions requises dans divers contextes. Notre approche est mise en œuvre dans un cadriciel (AmI-DEU) qui inclut les composants pour le développement d’applications IdO. AmI-DEU intègre les services d’environnement, favorise l’interaction de l’utilisateur et fournit les moyens de représenter le domaine d’application, le profil de l’utilisateur et les intentions de l’utilisateur. Le cadriciel permet la définition d’applications IoT avec une intention d’activité autodécrite qui contient les connaissances requises pour réaliser l’activité. Ensuite, le cadriciel génère Intention as a Context (IaaC), qui comprend une intention d’activité autodécrite avec des connaissances colligées à évaluer pour une meilleure adaptation dans des environnements intelligents. La sémantique de l’AmI-DEU est basée sur celle du ContextAA (Context-Aware Agents) – une plateforme pour fournir une connaissance du contexte dans plusieurs environnements. Le cadriciel effectue une compilation des connaissances par des règles et l'appariement sémantique pour produire des applications IdO autonomes capables de s’exécuter en ContextAA. AmI- DEU inclut également un outil de développement visuel pour le développement et le déploiement rapide d'applications sur ContextAA. L'interface graphique d’AmI-DEU adopte la métaphore du flux avec des aides visuelles pour simplifier le développement d'applications en permettant des définitions de règles étape par étape. Dans le cadre de l’expérimentation, AmI-DEU comprend un banc d’essai pour le développement d’applications IdO. Les résultats expérimentaux montrent une optimisation sémantique potentielle des ressources pour les applications IoT dynamiques dans les maisons intelligentes et les villes intelligentes. Notre approche favorise l'adoption de la technologie pour améliorer le bienêtre et la qualité de vie des personnes. Cette thèse se termine par des orientations de recherche que le cadriciel AmI-DEU dévoile pour réaliser des environnements intelligents omniprésents fournissant des adaptations appropriées pour soutenir les intentions des personnes.Abstract: This thesis aims at expanding the use of the Internet of Things (IoT) by facilitating the development of applications by people who are not experts in software development. The thesis proposes a new approach to augment IoT applications’ semantics and domain expert involvement in context-aware application development. Our approach enables us to manage the changing environment context and generate applications that run in multiple smart environments to provide required actions in diverse settings. Our approach is implemented in a framework (AmI-DEU) that includes the components for IoT application development. AmI- DEU integrates environment services, promotes end-user interaction, and provides the means to represent the application domain, end-user profile, and end-user intentions. The framework enables the definition of IoT applications with a self-described activity intention that contains the required knowledge to achieve the activity. Then, the framework generates Intention as a Context (IaaC), which includes a self-described activity intention with compiled knowledge to be assessed for augmented adaptations in smart environments. AmI-DEU framework semantics adopts ContextAA (Context-Aware Agents) – a platform to provide context-awareness in multiple environments. The framework performs a knowledge compilation by rules and semantic matching to produce autonomic IoT applications to run in ContextAA. AmI-DEU also includes a visual tool for quick application development and deployment to ContextAA. The AmI-DEU GUI adopts the flow metaphor with visual aids to simplify developing applications by allowing step-by-step rule definitions. As part of the experimentation, AmI-DEU includes a testbed for IoT application development. Experimental results show a potential semantic optimization for dynamic IoT applications in smart homes and smart cities. Our approach promotes technology adoption to improve people’s well-being and quality of life. This thesis concludes with research directions that the AmI-DEU framework uncovers to achieve pervasive smart environments providing suitable adaptations to support people’s intentions

Charting Past, Present, and Future Research in the Semantic Web and Interoperability

Huge advances in peer-to-peer systems and attempts to develop the semantic web have revealed a critical issue in information systems across multiple domains: the absence of semantic interoperability. Today, businesses operating in a digital environment require increased supply-chain automation, interoperability, and data governance. While research on the semantic web and interoperability has recently received much attention, a dearth of studies investigates the relationship between these two concepts in depth. To address this knowledge gap, the objective of this study is to conduct a review and bibliometric analysis of 3511 Scopus-registered papers on the semantic web and interoperability published over the past two decades. In addition, the publications were analyzed using a variety of bibliometric indicators, such as publication year, journal, authors, countries, and institutions. Keyword co-occurrence and co-citation networks were utilized to identify the primary research hotspots and group the relevant literature. The findings of the review and bibliometric analysis indicate the dominance of conference papers as a means of disseminating knowledge and the substantial contribution of developed nations to the semantic web field. In addition, the keyword co-occurrence network analysis reveals a significant emphasis on semantic web languages, sensors and computing, graphs and models, and linking and integration techniques. Based on the co-citation clustering, the Internet of Things, semantic web services, ontology mapping, building information modeling, bioinformatics, education and e-learning, and semantic web languages were identified as the primary themes contributing to the flow of knowledge and the growth of the semantic web and interoperability field. Overall, this review substantially contributes to the literature and increases scholars’ and practitioners’ awareness of the current knowledge composition and future research directions of the semantic web field. View Full-Tex

An Approach to Automatically Distribute and Access Knowledge within Networked Embedded Systems in Factory Automation

This thesis presents a novel approach for automatically distribute and access knowledge within factory automation systems built by networked embedded systems. Developments on information, communication and computational technologies are making possible the distribution of tasks within different control resources, resources which are networked and working towards a common objective optimizing desired parameters. A fundamental task for introducing autonomy to these systems, is the option for represent knowledge, distributed within the automation network and to ensure its access by providing access mechanisms. This research work focuses on the processes for automatically distribute and access the knowledge.Recently, the industrial world has embraced service-oriented as architectural (SOA) patterns for relaxing the software integration costs of factory automation systems. This pattern defines a services provider offering a particular functionality, and service requesters which are entities looking for getting their needs satisfied. Currently, there are a few technologies allowing to implement a SOA solution, among those, Web Technologies are gaining special attention for their solid presence in other application fields. Providers and services using Web technologies for expressing their needs and skills are called Web Services. One of the main advantage of services is the no need for the service requester to know how the service provider is accomplishing the functionality or where the execution of the service is taking place. This benefit is recently stressed by the irruption of Cloud Computing, allowing the execution of certain process by the cloud resources.The caption of human knowledge and the representation of that knowledge in a machine interpretable manner has been an interesting research topic for the last decades. A well stablished mechanism for the representation of knowledge is the utilization of Ontologies. This mechanism allows machines to access that knowledge and use reasoning engines in order to create reasoning machines. The presence of a knowledge base allows as clearly the better identification of the web services, which is achievable by adding semantic notations to the service descriptors. The resulting services are called semantic web services.With the latest advances on computational resources, system can be built by a large number of constrained devices, yet easily connected, building a network of computational nodes, nodes that will be dedicated to execute control and communication tasks for the systems. These tasks are commanded by high level commanding systems, such as Manufacturing Execution Systems (MES) and Enterprise Resource Planning (ERP) modules. The aforementioned technologies allow a vertical approach for communicating commanding options from MES and ERP directly to the control nodes. This scenario allows to break down monolithic MES systems into small distributed functionalities, if these functionalities use Web standards for interacting and a knowledge base as main input for information, then we are arriving to the concept of Open KnowledgeDriven MES Systems (OKD-MES).The automatic distribution of the knowledge base in an OKD-MES mechanism and the accomplishment of the reasoning process in a distributed manner are the main objectives for this research. Thus, this research work describes the decentralization and management of knowledge descriptions which are currently handled by the Representation Layer (RPL) of the OKD-MES framework. This is achieved within the encapsulation of ontology modules which may be integrated by a distributed reasoning process on incoming requests. Furthermore, this dissertation presents the concept, principles and architecture for implementing Private Local Automation Clouds (PLACs), built by CPS.The thesis is an article thesis and is composed by 9 original and referred articles and supported by 7 other articles presented by the author