4,306 research outputs found
Architecture-based Evolution of Dependable Software-intensive Systems
This cumulative habilitation thesis, proposes concepts for (i) modelling and analysing dependability based on architectural models of software-intensive systems early in development, (ii) decomposition and composition of modelling languages and analysis techniques to enable more flexibility in evolution, and (iii) bridging the divergent levels of abstraction between data of the operation phase, architectural models and source code of the development phase
Software in the Manufacturing Industry: A Review of Security Challenges and Implications
Software defines digital infrastructures in the manufacturing industry, connecting services and computation resources to machines and devices. These infrastructures aim at increased flexibility, scalability, and a wider application portfolio for automated manufacturing processes. At the same time, the complexity of securing software increases dramatically. Threats to confidentiality, integrity, and availability of software can result in critical losses for automated industrial production and impact manufacturing companies. In order to map existing and emerging security challenges, we present the results of a hermeneutic literature review structured along abstraction levels and vertical integration of software. Based on this structure, we derive implications for academia and practice focused on operators, developers, and security auditors of digital infrastructures. Thereby, we discuss courses of action mapped to software security black boxes, infrastructure heterogeneity, and the adaptation of security for operational usage
Navigating the IoT landscape: Unraveling forensics, security issues, applications, research challenges, and future
Given the exponential expansion of the internet, the possibilities of
security attacks and cybercrimes have increased accordingly. However, poorly
implemented security mechanisms in the Internet of Things (IoT) devices make
them susceptible to cyberattacks, which can directly affect users. IoT
forensics is thus needed for investigating and mitigating such attacks. While
many works have examined IoT applications and challenges, only a few have
focused on both the forensic and security issues in IoT. Therefore, this paper
reviews forensic and security issues associated with IoT in different fields.
Future prospects and challenges in IoT research and development are also
highlighted. As demonstrated in the literature, most IoT devices are vulnerable
to attacks due to a lack of standardized security measures. Unauthorized users
could get access, compromise data, and even benefit from control of critical
infrastructure. To fulfil the security-conscious needs of consumers, IoT can be
used to develop a smart home system by designing a FLIP-based system that is
highly scalable and adaptable. Utilizing a blockchain-based authentication
mechanism with a multi-chain structure can provide additional security
protection between different trust domains. Deep learning can be utilized to
develop a network forensics framework with a high-performing system for
detecting and tracking cyberattack incidents. Moreover, researchers should
consider limiting the amount of data created and delivered when using big data
to develop IoT-based smart systems. The findings of this review will stimulate
academics to seek potential solutions for the identified issues, thereby
advancing the IoT field.Comment: 77 pages, 5 figures, 5 table
Towards Digital Twin-enabled DevOps for CPS providing Architecture-Based Service Adaptation & Verification at Runtime
Industrial Product-Service Systems (IPSS) denote a service-oriented (SO) way
of providing access to CPS capabilities. The design of such systems bears high
risk due to uncertainty in requirements related to service function and
behavior, operation environments, and evolving customer needs. Such risks and
uncertainties are well known in the IT sector, where DevOps principles ensure
continuous system improvement through reliable and frequent delivery processes.
A modular and SO system architecture complements these processes to facilitate
IT system adaptation and evolution. This work proposes a method to use and
extend the Digital Twins (DTs) of IPSS assets for enabling the continuous
optimization of CPS service delivery and the latter's adaptation to changing
needs and environments. This reduces uncertainty during design and operations
by assuring IPSS integrity and availability, especially for design and service
adaptations at CPS runtime. The method builds on transferring IT DevOps
principles to DT-enabled CPS IPSS. The chosen design approach integrates,
reuses, and aligns the DT processing and communication resources with DevOps
requirements derived from literature. We use these requirements to propose a
DT-enabled self-adaptive CPS model, which guides the realization of DT-enabled
DevOps in CPS IPSS. We further propose detailed design models for
operation-critical DTs that integrate CPS closed-loop control and
architecture-based CPS adaptation. This integrated approach enables the
implementation of A/B testing as a use case and central concept to enable CPS
IPSS service adaptation and reconfiguration. The self-adaptive CPS model and DT
design concept have been validated in an evaluation environment for
operation-critical CPS IPSS. The demonstrator achieved sub-millisecond cycle
times during service A/B testing at runtime without causing CPS operation
interferences and downtime.Comment: Final published version appearing in 17th Symposium on Software
Engineering for Adaptive and Self-Managing Systems (SEAMS 2022
- …