Security Management Framework for the Internet of Things

The increase in the design and development of wireless communication technologies offers multiple opportunities for the management and control of cyber-physical systems with connections between smart and autonomous devices, which provide the delivery of simplified data through the use of cloud computing. Given this relationship with the Internet of Things (IoT), it established the concept of pervasive computing that allows any object to communicate with services, sensors, people, and objects without human intervention. However, the rapid growth of connectivity with smart applications through autonomous systems connected to the internet has allowed the exposure of numerous vulnerabilities in IoT systems by malicious users. This dissertation developed a novel ontology-based cybersecurity framework to improve security in IoT systems using an ontological analysis to adapt appropriate security services addressed to threats. The composition of this proposal explores two approaches: (1) design time, which offers a dynamic method to build security services through the application of a methodology directed to models considering existing business processes; and (2) execution time, which involves monitoring the IoT environment, classifying vulnerabilities and threats, and acting in the environment, ensuring the correct adaptation of existing services. The validation approach was used to demonstrate the feasibility of implementing the proposed cybersecurity framework. It implies the evaluation of the ontology to offer a qualitative evaluation based on the analysis of several criteria and also a proof of concept implemented and tested using specific industrial scenarios. This dissertation has been verified by adopting a methodology that follows the acceptance in the research community through technical validation in the application of the concept in an industrial setting.O aumento no projeto e desenvolvimento de tecnologias de comunicação sem fio oferece múltiplas oportunidades para a gestão e controle de sistemas ciber-físicos com conexões entre dispositivos inteligentes e autônomos, os quais proporcionam a entrega de dados simplificados através do uso da computação em nuvem. Diante dessa relação com a Internet das Coisas (IoT) estabeleceu-se o conceito de computação pervasiva que permite que qualquer objeto possa comunicar com os serviços, sensores, pessoas e objetos sem intervenção humana. Entretanto, o rápido crescimento da conectividade com as aplicações inteligentes através de sistemas autônomos conectados com a internet permitiu a exposição de inúmeras vulnerabilidades dos sistemas IoT para usuários maliciosos. Esta dissertação desenvolveu um novo framework de cibersegurança baseada em ontologia para melhorar a segurança em sistemas IoT usando uma análise ontológica para a adaptação de serviços de segurança apropriados endereçados para as ameaças. A composição dessa proposta explora duas abordagens: (1) tempo de projeto, o qual oferece um método dinâmico para construir serviços de segurança através da aplicação de uma metodologia dirigida a modelos, considerando processos empresariais existentes; e (2) tempo de execução, o qual envolve o monitoramento do ambiente IoT, a classificação de vulnerabilidades e ameaças, e a atuação no ambiente garantindo a correta adaptação dos serviços existentes. Duas abordagens de validação foram utilizadas para demonstrar a viabilidade da implementação do framework de cibersegurança proposto. Isto implica na avaliação da ontologia para oferecer uma avaliação qualitativa baseada na análise de diversos critérios e também uma prova de conceito implementada e testada usando cenários específicos. Esta dissertação foi validada adotando uma metodologia que segue a validação na comunidade científica através da validação técnica na aplicação do nosso conceito em um cenário industrial

A holistic semantic based approach to component specification and retrieval

Component-Based Development (CBD) has been broadly used in software development as it enhances the productivity and reduces the costs and risks involved in systems development. It has become a well-understood and widely used technology for developing not only large enterprise applications, but also a whole spectrum of software applications, as it offers fast and flexible development. However, driven by the continuous expansions of software applications, the increase in component varieties and sizes and the evolution from local to global component repositories, the so-called component mismatch problem has become an even more severe hurdle for component specification and retrieval. This problem not only prevents CBD from reaching its full potential, but also hinders the acceptance of many existing component repository. To overcome the above problem, existing approaches engaged a variety of technologies to support better component specification and retrieval. The existing approaches range from the early syntax-based (traditional) approaches to the recent semantic-based approaches. Although the different technologies are proposed to achieve accurate description of the component specification and/or user query in their specification and retrieval, the existing semantic-based approaches still fail to achieve the following goals which are desired for present component reuse: precise, automated, semantic-based and domain capable.This thesis proposes an approach, namely MVICS-based approach, aimed at achieving holistic, semantic-based and adaptation-aware component specification and retrieval. As the foundation, a Multiple-Viewed and Interrelated Component Specification ontology model (MVICS) is first developed for component specification and repository building. The MVICS model provides an ontology-based architecture to specify components from a range of perspectives; it integrates the knowledge of Component-Based Software Engineering (CBSE), and supports ontology evolution to reflect the continuous developments in CBD and components. A formal definition of the MVICS model is presented, which ensures the rigorousness of the model and supports the high level of automation of the retrieval. Furthermore, the MVICS model has a smooth mechanism to integrate with domain related software system ontology. Such integration enhances the function and application scope of the MVICS model by bringing more domain semantics into component specification and retrieval. Another improved feature of the proposed approach is that the effect of possible component adaptation is extended to the related components. Finally a comprehensive profile of the result components shows the search results to the user from a summary to satisfied and unsatisfied discrepancy details. The above features of the approach are well integrated, which enables a holistic view in semantic-based component specification and retrieval.A prototype tool was developed to exert the power of the MVICS model in expressing semantics and process automation in component specification and retrieval. The tool implements the complete process of component search. Three case studies have been undertaken to illustrate and evaluate the usability and correctness of the approach, in terms of supporting accurate component specification and retrieval, seamless linkage with a domain ontology, adaptive component suggestion and comprehensive result component profile.A conclusion is drawn based on an analysis of the feedback from the case studies, which shows that the proposed approach can be deployed in real life industrial development. The benefits of MVICS include not only the improvement of the component search precision and recall, reducing the development time and the repository maintenance effort, but also the decrease of human intervention on CBD

Enterprise modelling framework for dynamic and complex business environment: socio-technical systems perspective

The modern business environment is characterised by dynamism and ambiguity. The causes include global economic change, rapid change requirements, shortened development life cycles and the increasing complexity of information technology and information systems (IT/IS). However, enterprises have been seen as socio-technical systems. The dynamic complex business environment cannot be understood without intensive modelling and simulation. Nevertheless, there is no single description of reality, which has been seen as relative to its context and point of view. Human perception is considered an important determinant for the subjectivist view of reality. Many scholars working in the socio-technical systems and enterprise modelling domains have conceived the holistic sociotechnical systems analysis and design possible using a limited number of procedural and modelling approaches. For instance, the ETHICS and Human-centred design approaches of socio-technical analysis and design, goal-oriented and process-oriented modelling of enterprise modelling perspectives, and the Zachman and DoDAF enterprise architecture frameworks all have limitations that can be improved upon, which have been significantly explained in this thesis. [Continues.

Knowledge modelling of emerging technologies for sustainable building development

In the quest for improved performance of buildings and mitigation of climate change, governments are encouraging the use of innovative sustainable building technologies. Consequently, there is now a large amount of information and knowledge on sustainable building technologies over the web. However, internet searches often overwhelm practitioners with millions of pages that they browse to identify suitable innovations to use on their projects. It has been widely acknowledged that the solution to this problem is the use of a machine-understandable language with rich semantics - the semantic web technology. This research investigates the extent to which semantic web technologies can be exploited to represent knowledge about sustainable building technologies, and to facilitate system decision-making in recommending appropriate choices for use in different situations. To achieve this aim, an exploratory study on sustainable building and semantic web technologies was conducted. This led to the use of two most popular knowledge engineering methodologies - the CommonKADS and "Ontology Development 101" in modelling knowledge about sustainable building technology and PV -system domains. A prototype system - Photo Voltaic Technology ONtology System (PV -TONS) - that employed sustainable building technology and PV -system domain knowledge models was developed and validated with a case study. While the sustainable building technology ontology and PV -TONS can both be used as generic knowledge models, PV -TONS is extended to include applications for the design and selection of PV -systems and components. Although its focus was on PV -systems, the application of semantic web technologies can be extended to cover other areas of sustainable building technologies. The major challenges encountered in this study are two-fold. First, many semantic web technologies are still under development and very unstable, thus hindering their full exploitation. Second, the lack of learning resources in this field steepen the learning curve and is a potential set-back in using semantic web technologies