Standardization in cyber-physical systems: the ARUM case

Cyber-physical systems concept supports the realization of the Industrie 4.0 vision towards the computerization of traditional industries, aiming to achieve intelligent and reconfigurable factories. Standardization assumes a critical role in the industrial adoption of cyber-physical systems, namely in the integration of legacy systems as well as the smooth migration from existing running systems to the new ones. This paper analyses some existing standards in related fields and presents identified limitations and efforts for a wider acceptance of such systems by industry. A special attention is devoted to the efforts to develop a standard-compliant service-oriented multi-agent system solution within the ARUM project.info:eu-repo/semantics/publishedVersio

GRIDKIT: Pluggable overlay networks for Grid computing

A `second generation' approach to the provision of Grid middleware is now emerging which is built on service-oriented architecture and web services standards and technologies. However, advanced Grid applications have significant demands that are not addressed by present-day web services platforms. As one prime example, current platforms do not support the rich diversity of communication `interaction types' that are demanded by advanced applications (e.g. publish-subscribe, media streaming, peer-to-peer interaction). In the paper we describe the Gridkit middleware which augments the basic service-oriented architecture to address this particular deficiency. We particularly focus on the communications infrastructure support required to support multiple interaction types in a unified, principled and extensible manner-which we present in terms of the novel concept of pluggable overlay networks

Remote monitoring of industrial frequency converters

Frequency converters are sometimes mounted at places, in which they have the most processing power of the surrounding devices. Often the remote monitoring of frequency converters has been implemented in an external programmable logic controller PC which is connected to the Internet. Sometimes it is not reasonable to use an extra computer at the location, which means the remote connection should be directly connectible to the frequency converter. This master’s thesis studies the possibility to use SOAP for a remote connection, established from the frequency converter to an external database server. The objective is to create a remote monitoring connection which is easily deployable for the end user. The implementation considers compatibility issues with firewalls, proxy servers and NAT routers.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

Continuous Deployment of Trustworthy Smart IoT Systems.

While the next generation of IoT systems need to perform distributed processing and coordinated behaviour across IoT, Edge and Cloud infrastructures, their development and operation are still challenging. A major challenge is the high heterogeneity of their infrastructure, which broadens the surface for security attacks and increases the complexity of maintaining and evolving such complex systems. In this paper, we present our approach for Generation and Deployment of Smart IoT Systems (GeneSIS) to tame this complexity. GeneSIS leverages model-driven engineering to support the DevSecOps of Smart IoT Systems (SIS). More precisely, GeneSIS includes: (i) a domain specific modelling language to specify the deployment of SIS over IoT, Edge and Cloud infrastructure with the necessary concepts for security and privacy; and (ii) a [email protected] engine to enact the orchestration, deployment, and adaptation of these SIS. The results from our smart building case study have shown that GeneSIS can support security by design from the development (via deployment) to the operation of IoT systems and back again in a DevSecOps loop. In other words, GeneSIS enables IoT systems to keep up security and adapt to evolving conditions and threats while maintaining their trustworthiness.The research leading to these results has received funding from the European Commission’s H2020 Programme under grant agreement numbers 780351 (ENACT)

NetServ: Reviving Active Networks

In 1996, Tennenhouse and Wetherall proposed active networks, where users can inject code modules into network nodes. The proposal sparked intense debate and follow-on research, but ultimately failed to win over the networking community. Fifteen years later, the problems that motivated the active networks proposal persist. We call for a revival of active networks. We present NetServ, a fully integrated active network system that provides all the necessary functionality to be deployable, addressing the core problems that prevented the practical success of earlier approaches. We make the following contributions. We present a hybrid approach to active networking, which combines the best qualities from the two extreme approaches — integrated and discrete. We built a working system that strikes the right balance between security and performance by leveraging current technologies. We suggest an economic model based on NetServ between content providers and ISPs. We built four applications to illustrate the model

A survey and classification of software-defined storage systems

The exponential growth of digital information is imposing increasing scale and efficiency demands on modern storage infrastructures. As infrastructure complexity increases, so does the difficulty in ensuring quality of service, maintainability, and resource fairness, raising unprecedented performance, scalability, and programmability challenges. Software-Defined Storage (SDS) addresses these challenges by cleanly disentangling control and data flows, easing management, and improving control functionality of conventional storage systems. Despite its momentum in the research community, many aspects of the paradigm are still unclear, undefined, and unexplored, leading to misunderstandings that hamper the research and development of novel SDS technologies. In this article, we present an in-depth study of SDS systems, providing a thorough description and categorization of each plane of functionality. Further, we propose a taxonomy and classification of existing SDS solutions according to different criteria. Finally, we provide key insights about the paradigm and discuss potential future research directions for the field.This work was financed by the Portuguese funding agency FCT-Fundacao para a Ciencia e a Tecnologia through national funds, the PhD grant SFRH/BD/146059/2019, the project ThreatAdapt (FCT-FNR/0002/2018), the LASIGE Research Unit (UIDB/00408/2020), and cofunded by the FEDER, where applicable

Migration from client/server architecture to internet computing architecture

The Internet Computing Architecture helps in providing a object-based infrastructure that can be used by the application developers to design, develop, and deploy the ntiered enterprise applications and services. For years of distributed application development, the Internet Computing Architecture has helped in providing various techniques and infrastructure software for the successful deployment of various systems, and established a foundation for the promotion of re-use and component oriented development. Object-oriented analysis is at the beginning of this architecture, which is carried through deploying and managing of finished systems. This architecture is multi-platform, multi-lingual, standards-based, and open that offers unparalleled integration capability. And for the development of mission critical systems in record time it has allowed for the reuse of the infrastructure components. This paper provides a detailed overview of the Internet Computing Architecture and the way it is applied to designing systems which can range from simple two-tier applications to n-tier Web/Object enterprise systems. Even for the best software developers and managers it is very hard to sort through alternative solutions in today\u27s business application development challenges. The problems with the potential solutions were not that complex now that the web has provided the medium for large-scale distributed computing. To implement an infrastructure for the support of applications architecture and to foster the component-oriented development and reuse is an extraordinary challenge. Further, to scale the needs of large enterprises and the Web/Internet the advancement in the multi-tiered middleware software have made the development of object-oriented systems more difficult. The Internet Computing Architecture defines a scaleable architecture, which can provide the necessary software components, which forms the basis of the solid middleware foundation and can address the different application types. For the software development process to be component-oriented the design and development methodologies are interwoven. The biggest advantage of the Internet Computing Architecture is that developers can design object application servers that can simultaneously support two- and three-tier Client/Server and Object/Web applications. This kind of flexibility allows different business objects to be reused by a large number of applications that not only supports a wide range of application architectures but also offers the flexibility in infrastructure for the integration of data sources. The server-based business objects are managed by runtime services with full support for application to be partitioned in a transactional-secure distributed environment. So for the environments that a supports high transaction volumes and a large number of users this offers a high scaleable solution. The integration of the distributed object technology with protocols of the World Wide Web is Internet Computing Architecture. Alternate means of communication between a browser on client machine and server machines are provided by various web protocols such as Hypertext Transfer Protocol and Internet Inter-ORB Protocol [NOP]. Protocols like TCP/IP also provides the addressing protocols and packetoriented transport for the Internet and Intranet communications. The recent advancements in the field of networking and worldwide web technology has promoted a new network-centric computing structure. World Wide Web evolves the global economy infrastructure both on the public and corporate Internet\u27s. The competition is growing between technologies to provide the infrastructure for distributed large-scale applications. These technologies emerge from academia, standard activities and individual vendors. Internet Computing Architecture is a comprehensive, open, Network-based architecture that provides extensibility for the design of distributed environments. Internet Computing Architecture also provides a clear understanding to integrate client/server computing with distributed object architectures and the Internet. This technology also creates the opportunity for a new emerging class of extremely powerful operational, collaboration, decision support, and e-commerce solutions which will catalyze the growth of a new networked economy based on intrabusiness, business -to-business (B2B) and business-to-consumer (B2C) electronic transactions. These network solutions would be able to incorporate legacy mainframe systems, emerging applications as well as existing client/server environment, where still most of the world\u27s mission-critical applications run. Internet Computing Architecture is the industry\u27s only cross-platform infrastructure to develop and deploy network-centric, object-based, end-to-end applications across the network. Open and de facto standards are at the core of the Internet computing architecture such as: Hyper Text Transfer Protocol (HTTP)/ Hyper Text Markup Language (HTML)/ Extensible Markup Language (XML) and Common Object Request Broker Architecture (CORBA). It has recognition, as the industry\u27s most advanced and practical technology solution for the implementation of a distributed object environment, including Interface Definition Language (IDL) for languageneutral interfaces and Internet Inter Operability (MOP) for object interoperability. Programming languages such as JAVA provides programmable, extensible and portable solutions throughout the Internet Computing Architecture. Internet Computing Architecture not only provides support, but also enhances ActiveX/Component Object Model (COM) clients through open COM/CORBA interoperability specifications. For distributed object-programming Java has also emerged as the de facto standard within the Internet/Intranet arena, making Java ideally suited to the distributed object nature of the Internet Computing Architecture. The portability that it offers across multi-tiers and platforms support open standards and makes it an excellent choice for cartridge development across all tiers

Reactive Security for SDN/NFV-enabled Industrial Networks leveraging Service Function Chaining

The innovative application of 5G core technologies, namely Software Defined Networking (SDN) and Network Function Virtualization (NFV), can help reduce capital and operational expenditures in industrial networks. Nevertheless, SDN expands the attack surface of the communication infrastructure, thus necessitating the introduction of additional security mechanisms. These major changes could not leave the industrial environment unaffected, with smart industrial deployments gradually becoming a reality; a trend that is often referred to as the 4th industrial revolution or Industry 4.0. A wind park is a good example of an industrial application relying on a network with strict performance, security, and reliability requirements, and was chosen as a representative example of industrial systems. This work highlights the benefit of leveraging the flexibility of SDN/NFV-enabled networks to deploy enhanced, reactive security mechanisms for the protection of the industrial network, via the use of Service Function Chaining. Moreover, the implementation of a proof-of-concept reactive security framework for an industrial-grade wind park network is presented, along with a performance evaluation of the proposed approach. The framework is equipped with SDN and Supervisory Control and Data Acquisition (SCADA) honeypots, modelled on and deployable to the wind park, allowing continuous monitoring of the industrial network and detailed analysis of potential attacks, thus isolating attackers and enabling the assessment of their level of sophistication. Moreover, the applicability of the proposed solutions is assessed in the context of the specific industrial application, based on the analysis of the network characteristics and requirements of an actual, operating wind park

IPv6 Network Mobility

Network Authentication, Authorization, and Accounting has been used since before the days of the Internet as we know it today. Authentication asks the question, “Who or what are you?” Authorization asks, “What are you allowed to do?” And fi nally, accounting wants to know, “What did you do?” These fundamental security building blocks are being used in expanded ways today. The fi rst part of this two-part series focused on the overall concepts of AAA, the elements involved in AAA communications, and highlevel approaches to achieving specifi c AAA goals. It was published in IPJ Volume 10, No. 1[0]. This second part of the series discusses the protocols involved, specifi c applications of AAA, and considerations for the future of AAA