Parasol: Efficient Parallel Synthesis of Large Model Spaces

Formal analysis is an invaluable tool for software engineers, yet state-of-the-art formal analysis techniques suffer from well-known limitations in terms of scalability. In particular, some software design domains—such as tradeoff analysis and security analysis—require systematic exploration of potentially huge model spaces, which further exacerbates the problem. Despite this present and urgent challenge, few techniques exist to support the systematic exploration of large model spaces. This paper introduces Parasol, an approach and accompanying tool suite, to improve the scalability of large-scale formal model space exploration. Parasol presents a novel parallel model space synthesis approach, backed with unsupervised learning to automatically derive domain knowledge, guiding a balanced partitioning of the model space. This allows Parasol to synthesize the models in each partition in parallel, significantly reducing synthesis time and making large-scale systematic model space exploration for real-world systems more tractable. Our empirical results corroborate that Parasol substantially reduces (by 460% on average) the time required for model space synthesis, compared to state-of-the-art model space synthesis techniques relying on both incremental and parallel constraint solving technologies as well as competing, non-learning-based partitioning methods

SOAR4IoT: Securing IoT Assets with Digital Twins

As more and more security tools provide organizations with cybersecurity capabilities, security analysts are overwhelmed by security events. Resolving these events is challenging due to extensive manual processes, limited financial resources, and human errors. Security Orchestration, Automation, and Response (SOAR) is an established approach to manage security tools and assets. However, SOAR platforms typically integrate traditional IT systems only. Additional considerations are required to deal with the Internet of Things (IoT), its multiple devices and complex networks. Therefore, we adapt SOAR to IoT. We first aggregate existing research and information on SOAR and SOAR platforms. We envision the SOAR4IoT framework, making IoT assets manageable for SOAR via middleware. We implement a prototypical digital twin-based SOAR application integrating IoT assets and security tools to validate our framework. The experimental setup includes two playbooks coping with Mirai and Sybil attacks. Results show feasibility as our SOAR application enables securing IoT assets with digital twins

Methods and Models for Industrial Internet of Things-based Business Process Improvement

Over the last three decades, the Internet of Things (IoT) has gained significant importance and has been implemented in many private, public, and business contexts. Leveraging and combining the IoT's capabilities enables far-reaching transformations and disruptive innovations that are increasingly recognized, especially by industrial organizations. In this regard, the Industrial IoT (IIoT) paradigm has emerged, describing the use of IIoT technology in the industrial domain. One key use of the IIoT is the incremental or radical improvement of business processes. This goal-oriented change of business processes with IIoT technology to accomplish organizational goals more effectively is called IIoT-based Business Process Improvement (BPI). Many use cases demonstrate the benefits of IIoT-based BPI for all types of industrial organizations. However, the interconnection between IIoT and BPI lacks theoretical knowledge and applicable artifacts that support practitioners. Moreover, a significant number of related projects fail or do not achieve the anticipated benefits. This issue has drawn attention in recent scholarly literature, which calls for further research. The dissertation at hand approaches this research gap by extending and advancing existing knowledge and providing valuable contributions to managerial practice. Three critical challenges for conducting IIoT-based BPI projects are addressed in particular: First, the essential characteristics of IIoT-based BPI applications are explored. This enables their classification and a foundational comprehension of the research field. Second, the required capabilities to leverage IIoT for BPI are identified. On this basis, industrial organizations can assess their maturity and readiness for implementing corresponding applications. Third, the identification, specification, and selection of appropriate applications are addressed. These activities enable the successful practical execution of IIoT projects with BPI potential

Methods and Models for Industrial Internet of Things-based Business Process Improvement

Over the last three decades, the Internet of Things (IoT) has gained significant importance and has been implemented in many private, public, and business contexts. Leveraging and combining the IoT's capabilities enables far-reaching transformations and disruptive innovations that are increasingly recognized, especially by industrial organizations. In this regard, the Industrial IoT (IIoT) paradigm has emerged, describing the use of IIoT technology in the industrial domain. One key use of the IIoT is the incremental or radical improvement of business processes. This goal-oriented change of business processes with IIoT technology to accomplish organizational goals more effectively is called IIoT-based Business Process Improvement (BPI). Many use cases demonstrate the benefits of IIoT-based BPI for all types of industrial organizations. However, the interconnection between IIoT and BPI lacks theoretical knowledge and applicable artifacts that support practitioners. Moreover, a significant number of related projects fail or do not achieve the anticipated benefits. This issue has drawn attention in recent scholarly literature, which calls for further research. The dissertation at hand approaches this research gap by extending and advancing existing knowledge and providing valuable contributions to managerial practice. Three critical challenges for conducting IIoT-based BPI projects are addressed in particular: First, the essential characteristics of IIoT-based BPI applications are explored. This enables their classification and a foundational comprehension of the research field. Second, the required capabilities to leverage IIoT for BPI are identified. On this basis, industrial organizations can assess their maturity and readiness for implementing corresponding applications. Third, the identification, specification, and selection of appropriate applications are addressed. These activities enable the successful practical execution of IIoT projects with BPI potential

Security Enumerations for Cyber-Physical Systems

Enumerations constitute a pivotal element of Cyber Threat Intelligence (CTI). References to enumerated artifacts support a universal understanding and integrate threat information. While traditional IT systems and vulnerabilities are covered by security enumerations, this does not apply to Cyber-Physical Systems (CPS). In particular, complexity and interdependencies of components within these systems demand for an extension of current enumerations. Taking on a CPS security management perspective this work identifies deficiencies within the Common Platform Enumeration (CPE) and the Common Vulnerabilities and Exposures (CVE) enumeration. Models for CPS are thus proposed to cover comprehensiveness and usability. A prototype is used to evaluate the feasibility by demonstrating key features of security enumerations for CPS