Skip to main content

A software-defined architecture for control of IoT cyberphysical systems


Based on software-defined principles, we propose a holistic architecture for cyberphysical systems (CPS) and internet of things (IoT) applications, and highlight the merits pertaining to scalability, flexibility, robustness, interoperability, and cyber security. Our design especially capitalizes on the computational units possessed by smart agents, which may be utilized for decentralized control and in-network data processing. We characterize the data flow, communication flow, and control flow that assimilate a set of components such as sensors, actuators, controllers, and coordinators in a systemic programmable fashion. We specifically aim for distributed and decentralized decision-making by spreading the control over several hierarchical layers. In addition, we propose a middleware layer to encapsulate units and services for time-critical operations in highly dynamic environments. We further enlist a multitude of vulnerabilities to cyberattacks, and integrate software-defined solutions for enabling resilience, detection and recovery. In this purview, several controllers cooperate to identify and respond to security threats and abnormal situations in a self-adjusting manner. Last, we illustrate numerical simulations in support of the virtues of a software-defined design for CPS and IoT.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15


  1. We use deterministic linear time-invariant systems with no loss in generality for simplicity of exposition. For the same reason, we assume an undirected communication graph.


  1. Al-Ayyoub, M., Jararweh, Y., Benkhelifa, E., Vouk, M., Rindos, A.: A novel framework for software defined based secure storage systems. Simul. Modell. Pract. Theory 77, 407–423 (2016)

    Google Scholar 

  2. Alur, R., Courcoubetis, C., Halbwachs, N., Henzinger, T.A., Ho, P.H., Nicollin, X., Olivero, A., Sifakis, J., Yovine, S.: The algorithmic analysis of hybrid systems. Theor. Comput. Sci. 138(1), 3–34 (1995)

    MathSciNet  Article  Google Scholar 

  3. Cardenas, A.A., Amin, S., Sastry, S.: Secure control: towards survivable cyber-physical systems. In: 28th IEEE International Conference on Distributed Computing Systems Workshops (ICDCS), pp. 495–500 (2008)

  4. Darabseh, A., Al-Ayyoub, M., Jararweh, Y., Benkhelifa, E., Vouk, M., Rindos, A.: SDSecurity: A software defined security experimental framework. In: IEEE International Conference on Communication Workshop (ICCW), pp. 1871–1876 (2015)

  5. Darabseh, A., Al-Ayyoub, M., Jararweh, Y., Benkhelifa, E., Vouk, M., Rindos, A.: SDStorage: A software defined storage experimental framework. In: IEEE International Conference on Cloud Engineering (IC2E), pp. 341–346 (2015)

  6. Darabseh, A., Freris, N.: A software defined architecture for cyberphysical systems. In: 4th IEEE International Conference on Software Defined Systems (SDS), pp. 54–60 (2017)

  7. Darabseh, A., Freris, N., Jararweh, Y., Al-Ayyoub, M.: SDCache: Software defined data caching control for cloud services. In: 4th IEEE International Conference on Future Internet of Things and Cloud (FiCloud) (2016)

  8. De Oliveira, R., Shinoda, A., Schweitzer, C., Rodrigues Prete, L.: Using Mininet for emulation and prototyping software-defined networks. In: IEEE Colombian Conference on Communications and Computing (COLCOM), pp. 1–6 (2014)

  9. Duan, X., Freris, N., Cheng, P.: Secure clock synchronization under collusion attacks. In: Proceedings of the 54th Allerton Conference on Communication, Control and Computing, pp. 1142–1148 (2016)

  10. Fawzi, H., Tabuada, P., Diggavi, S.: Secure estimation and control for cyber-physical systems under adversarial attacks. IEEE Trans. Autom. Control 59(6), 1454–1467 (2014)

    MathSciNet  Article  Google Scholar 

  11. Fontes, R.R., Afzal, S., Brito, S.H., Santos, M.A., Rothenberg, C.E.: Mininet-WiFi: Emulating software-defined wireless networks. In: 11th International Conference on Network and Service Management (CNSM), pp. 384–389 (2015)

  12. Freris, N., Borkar, V., Kumar, P.R.: A model-based approach to clock synchronization. In: Proceedings of the 48th IEEE Conference on Decision and Control (CDC), pp. 5744–5749 (2009)

  13. Freris, N., Graham, S., Kumar, P.R.: Fundamental limits on synchronizing clocks over networks. IEEE Trans. Autom. Control 56(6), 1352–1364 (2011)

    MathSciNet  Article  Google Scholar 

  14. Freris, N., Kowshik, H., Kumar, P.R.: Fundamentals of large sensor networks: connectivity, capacity, clocks, and computation. Proc. IEEE 98(11), 1828–1846 (2010)

    Article  Google Scholar 

  15. Freris, N., Öçal, O., Vetterli, M.: Compressed sensing of streaming data. In: Proceedings of the 51st Allerton Conference on Communication, Control and Computing, pp. 1242–1249 (2013)

  16. Freris, N., Patrinos, P.: Distributed computing over encrypted data. In: Proceedings of the 54th Allerton Conference on Communication, Control and Computing, pp. 1116–1122 (2016)

  17. Freris, N., Zouzias, A.: Fast distributed smoothing of relative measurements. In: 51st IEEE Conference on Decision and Control (CDC), pp. 1411–1416 (2012)

  18. Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of things (IoT): a vision, architectural elements, and future directions. Future Gener. Comput. Syst. 29(7), 1645–1660 (2013)

    Article  Google Scholar 

  19. Gungor, V.C., Hancke, G.P.: Industrial wireless sensor networks: Challenges, design principles, and technical approaches. IEEE Trans. Ind. Electron. 56(10), 4258–4265 (2009)

    Article  Google Scholar 

  20. Gupta, P., Kumar, P.R.: The capacity of wireless networks. IEEE Trans. Inf. Theory 46(2), 388–404 (2000)

    MathSciNet  Article  Google Scholar 

  21. Hou, I.H., Borkar, V., Kumar, P.R.: A theory of QoS for wireless. In: IEEE INFOCOM, pp. 486–494 (2009)

  22. Jain, R., Paul, S.: Network virtualization and software defined networking for cloud computing: a survey. IEEE Commun. Mag. 51(11), 24–31 (2013)

    Article  Google Scholar 

  23. Jararweh, Y., Al-Ayyoub, M., Darabseh, A., Benkhelifa, E., Rindos, A.: Software defined cloud: survey, system and evaluation. Future Gener. Comput. Syst. 58, 56–74 (2016)

    Article  Google Scholar 

  24. Jararweh, Y., Al-Ayyoub, M., Darabseh, A., Benkhelifa, E., Vouk, M., Rindos, A.: SDIoT: a software defined based internet of things framework. J. Ambient Intell. Hum. Comput. 6(4), 453–461 (2015)

    Article  Google Scholar 

  25. Kim, K.D., Kumar, P.R.: Architecture and mechanism design for real-time and fault-tolerant etherware for networked control. In: Proceeding of the 17th IFAC World Congress, pp. 9421–9426 (2008)

    Article  Google Scholar 

  26. Kim, K.D., Kumar, P.R.: Cyber-physical systems: a perspective at the centennial. Proc. IEEE 100(Special Centennial Issue), 1287–1308 (2012)

    Article  Google Scholar 

  27. Kim, K.D., Kumar, P.R.: Real-time middleware for networked control systems and application to an unstable system. IEEE Trans. Control Syst. Technol. 21(5), 1898–1906 (2013)

    Article  Google Scholar 

  28. Lee, E.A.: Cyber physical systems: design challenges. In: 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), pp. 363–369 (2008)

  29. Lee, E.A., Seshia, S.A.: Introduction to Embedded Systems: A Cyber-Physical Systems Approach. MIT Press, Cambridge (2011)

    MATH  Google Scholar 

  30. Mitola, J.: Cognitive radio—an integrated agent architecture for software defined radio. Ph.D. thesis, Royal Institute of Technology (KTH) (2000)

  31. Rajkumar, R.R., Lee, I., Sha, L., Stankovic, J.: Cyber-physical systems: the next computing revolution. In: Proceedings of the 47th Design Automation Conference, pp. 731–736 (2010)

  32. Satchidanandan, B., Kumar, P.R.: Dynamic watermarking: active defense of networked cyber-physical systems. Proc. IEEE 105(2), 219–240 (2017)

    Article  Google Scholar 

  33. Sopasakis, P., Freris, N., Patrinos, P.: Accelerated reconstruction of a compressively sampled data stream. In: 24th European Signal Processing Conference (EUSIPCO) (2016)

  34. Srikant, R., Ying, L.: Communication Networks: An Optimization, Control, and Stochastic Networks Perspective. Cambridge University Press, Cambridge (2013)

    Book  Google Scholar 

  35. Vlachos, M., Freris, N., Kyrillidis, A.: Compressive mining: fast and optimal data mining in the compressed domain. VLDB J. 24(1), 1–24 (2014)

    Article  Google Scholar 

  36. Wette, P., Draxler, M., Schwabe, A., Wallaschek, F., Zahraee, M., Karl, H.: Maxinet: distributed emulation of software-defined networks. In: IFIP Networking Conference, pp. 1–9 (2014)

  37. Yampolskiy, M., Horvath, P., Koutsoukos, X.D., Xue, Y., Sztipanovits, J.: Taxonomy for description of cross-domain attacks on CPS. In: Proceedings of the 2nd ACM International Conference on high confidence networked systems, pp. 135–142 (2013)

  38. Zoumpoulis, S., Vlachos, M., Freris, N., Lucchese, C.: Right-protected data publishing with provable distance-based mining. IEEE Trans. Knowl. Data Eng. 26(8), 2014–2028 (2014)

    Article  Google Scholar 

  39. Zouzias, A., Freris, N.: Randomized extended Kaczmarz for solving least squares. SIAM J. Matrix Anal. Appl. 34(2), 773–793 (2013)

    MathSciNet  Article  Google Scholar 

  40. Zouzias, A., Freris, N.: Randomized gossip algorithms for solving Laplacian systems. In: Proceedings of the 14th European Control Conference (ECC), pp. 1920–1925 (2015)

Download references


This work was supported in part by the Center for Cyber Security at New York University Abu Dhabi.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Nikolaos M. Freris.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Darabseh, A., Freris, N.M. A software-defined architecture for control of IoT cyberphysical systems. Cluster Comput 22, 1107–1122 (2019).

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI:


  • Software defined systems (SDSys)
  • Internet of things (IoT)
  • Cyberphysical systems (CPS)
  • Distributed systems
  • Decentralized control
  • Cyber security
  • Middleware