Advertisement

Securing Emergent IoT Applications

  • Prabhakaran KasinathanEmail author
  • Jorge Cuellar
Chapter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11430)

Abstract

Attacks on IoT, Cyber-Physical-Systems (CPS), and other computing systems are evolving rapidly. As a result, IoT devices used in critical infrastructures such as energy, health-care, and water supply systems are vulnerable to attacks. A successful attack on such safety-critical infrastructures may have life-threatening consequences. On the other hand, existing security mechanisms are not enough to protect constrained IoT devices. Therefore, we need better security mechanisms and tools to manage and protect IoT devices from malicious use.

In emerging paradigms like Internet-of-Things (IoT) platforms, Industry 4.0, collaborative portals, and many others, we deal with a multi-tenant architecture. In a multi-tenant architecture, the owners want to secure their own integrity, confidentiality, and functionality goals without being concerned about the goals of other entities. In this paper, we present a framework to negotiate, compromise, and inter-operate between different services or platforms to fulfill a purpose. Furthermore, to ensure correct and safe operation of IoT systems, we must assure that the integrity of the underlying systems and processes is properly executed as intended i.e., the processes cannot be changed in an unauthorized way.

In this paper, we present our Petri Net based workflow specification and enforcement framework to realize workflow-aware access control and to protect the process integrity of IoT applications. The Petri Net models are amenable to formal verification. The resulting workflows have other properties such as the ability to recover from error conditions. In addition, we present a method to achieve distributed access control and accountability integrated with our framework. We allow practitioner-friendly tools to collect requirements and goals to design secure IoT systems and processes. Finally, we present a guide to implement our framework with existing development environments and validate the methodology using concrete use case scenarios.

Notes

Acknowledgements

We thank Professor Jonathan P. Bowen for his suggestions and reviewing this article.

References

  1. 1.
    van der Aalst, W.M.P.: Verification of workflow nets. In: Azéma, P., Balbo, G. (eds.) ICATPN 1997. LNCS, vol. 1248, pp. 407–426. Springer, Heidelberg (1997).  https://doi.org/10.1007/3-540-63139-9_48CrossRefGoogle Scholar
  2. 2.
    van der Aalst, W.M.P.: Putting high-level Petri nets to work in industry. Comput. Ind. 25(1), 45–54 (1994).  https://doi.org/10.1016/0166-3615(94)90031-0CrossRefGoogle Scholar
  3. 3.
    AIOTI: The Alliance for the Internet of Things Innovation (2018). https://aioti.eu/. Accessed Dec 2018
  4. 4.
    Antonakakis, M., et al.: Understanding the Mirai Botnet. In: 26th USENIX Security Symposium, pp. 1092–1110 (2017). https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/antonakakis
  5. 5.
    Atluri, V., Huang, W.-K.: An authorization model for workflows. In: Bertino, E., Kurth, H., Martella, G., Montolivo, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 44–64. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-61770-1_27CrossRefGoogle Scholar
  6. 6.
    Atluri, V., Huang, W.: A Petri net based safety analysis of workflow authorization models. J. Comput. Secur. 8(2/3), 209–240 (2000). http://content.iospress.com/articles/journal-of-computer-security/jcs113CrossRefGoogle Scholar
  7. 7.
    Bahga, A., Madisetti, V.K.: Blockchain platform for industrial internet of things. J. Softw. Eng. Appl. 9, 533–546 (2016).  https://doi.org/10.4236/jsea.2016.910036CrossRefGoogle Scholar
  8. 8.
    Bartoletti, M., Pompianu, L.: An empirical analysis of smart contracts: platforms, applications, and design patterns. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 494–509. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70278-0_31CrossRefGoogle Scholar
  9. 9.
    Basin, D., Burri, S.J., Karjoth, G.: Optimal workflow-aware authorizations. In: ACM Symposium on Access Control Models and Technologies (SACMAT 2012), pp. 93–102 (2012).  https://doi.org/10.1145/2295136.2295154
  10. 10.
    Bertino, E., Ferrari, E., Atluri, V.: The specification and enforcement of authorization constraints in workflow management systems. ACM Trans. Inf. Syst. Secur. 2(1), 65–104 (1999).  https://doi.org/10.1145/300830.300837CrossRefGoogle Scholar
  11. 11.
    Bishop, M.: Computer Security: Art and Science. Addison-Wesley, Boston (2002).  https://doi.org/10.1093/toxsci/kft059. https://books.google.de/books?id=b4gcswEACAAJCrossRefGoogle Scholar
  12. 12.
    Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. Technical report, IETF, May 2014.  https://doi.org/10.17487/rfc7228
  13. 13.
    Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the 16th ACM conference on Computer and communications security - CCS 2009, p. 400. ACM Press, New York (2009).  https://doi.org/10.1145/1653662.1653711
  14. 14.
    Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the internet of things. IEEE Access 4, 2292–2303 (2016).  https://doi.org/10.1109/ACCESS.2016.2566339. http://ieeexplore.ieee.org/document/7467408/CrossRefGoogle Scholar
  15. 15.
    Compagna, L., dos Santos, D.R., Ponta, S.E., Ranise, S.: Aegis: automatic enforcement of security policies in workflow-driven web applications. In: Proceedings of ACM on Conference on Data and Application Security and Privacy - CODASPY 2017, pp. 321–328 (2017).  https://doi.org/10.1145/3029806.3029813
  16. 16.
    Cuellar, J., Kasinathan, P., Calvo, D.: Privacy-enhanced-tokens (PAT) profile for ACE. Technical report, IETF (2018). https://datatracker.ietf.org/doc/draft-cuellar-ace-pat-priv-enhanced-authz-tokens/
  17. 17.
    Delmolino, K., Arnett, M., Kosba, A.E., Miller, A., Shi, E.: Step by step towards creating a safe smart contract: lessons and insights from a cryptocurrency lab. IACR Cryptology ePrint Archive 2015, 460 (2015).  https://doi.org/10.1007/978-3-662-53357-4_6. https://eprint.iacr.org/2015/460.pdfCrossRefGoogle Scholar
  18. 18.
    Dijkstra, E.W.: Guarded commands, nondeterminacy and formal derivation of programs. Commun. ACM 18(8), 453–457 (1975).  https://doi.org/10.1145/360933.360975MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Esparza, J.: Decidability and complexity of Petri net problems—an introduction. In: Reisig, W., Rozenberg, G. (eds.) ACPN 1996. LNCS, vol. 1491, pp. 374–428. Springer, Heidelberg (1998).  https://doi.org/10.1007/3-540-65306-6_20CrossRefzbMATHGoogle Scholar
  20. 20.
    Ethereum: Solidity—Solidity (2018). https://solidity.readthedocs.io/en/develop/. Accessed Aug 2018
  21. 21.
    Ethereum: What Are Smart Contracts - EthereumWiki (2018). http://www.ethereumwiki.com/ethereum-wiki/smart-contracts/. Accessed Mar 2018
  22. 22.
    European Union (EU): EU GDPR Information Portal (2018). https://www.eugdpr.org/. Accessed July 2018
  23. 23.
    Friedenthal, S., Moore, A., Steiner, R.: A Practical Guide to SysML, 3rd edn. Morgan Kaufmann, San Francisco (2008).  https://doi.org/10.1016/B978-0-12-374379-4.X0001-XCrossRefGoogle Scholar
  24. 24.
    Gerdes, S., Bergmann, O., Bormann, C., Selander, G., Seitz, L.: Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE) (2018). https://tools.ietf.org/html/draft-ietf-ace-dtls-authorize-03. Accessed Mar 2018
  25. 25.
    Hardt, D.: The OAuth 2.0 Authorization Framework (2012). https://tools.ietf.org/html/rfc6749. Accessed Dec 2017
  26. 26.
    Harney, H., Muckenhirn, C.: Group Key Management Protocol (GKMP) Specification, July 1997.  https://doi.org/10.17487/rfc2093
  27. 27.
    Heckel, R.: Open Petri nets as semantic model for workflow integration. In: Ehrig, H., Reisig, W., Rozenberg, G., Weber, H. (eds.) Petri Net Technology for Communication-Based Systems. LNCS, vol. 2472, pp. 281–294. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-40022-6_14CrossRefzbMATHGoogle Scholar
  28. 28.
    Huang, W.K., Atluri, V.: SecureFlow: a secure web-enabled workflow management system. In: Proceedings of the Fourth ACM Workshop on Role-Based Access Control - RBAC 1999, pp. 83–94 (1999).  https://doi.org/10.1145/319171.319179
  29. 29.
    IBM: Energy-Blockchain Labs and IBM Create Carbon Credit Management Platform Using Hyperledger Fabric on the IBM Cloud, pp. 2–3. IBM Press Release (2017). https://www-03.ibm.com/press/us/en/pressrelease/51839.wss
  30. 30.
    IBM: Hyperledger Fabric – Hyperledger (2018). https://www.hyperledger.org/projects/fabric. Accessed Aug 2018
  31. 31.
    IBM: Hyperledger-Smart Contract Language – Chaincode (2018). https://hyperledger-fabric.readthedocs.io/en/release-1.2/blockchain.html. Accessed Aug 2018
  32. 32.
    IETF ACE Working Group: Authentication and Authorization for Constrained Environments (ACE) (2017). https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-authz/. Accessed Dec 2017
  33. 33.
    Jamal, M., Zafar, N.A.: Transformation of activity diagram into coloured Petri nets using weighted directed graph. In: 2016 International Conference on Frontiers of Information Technology (FIT), pp. 181–186. IEEE, December 2016.  https://doi.org/10.1109/FIT.2016.041. http://ieeexplore.ieee.org/document/7866750/
  34. 34.
    Jensen, K.: Coloured Petri nets. In: Brauer, W., Reisig, W., Rozenberg, G. (eds.) Petri Nets: Central Models and Their Properties. LNCS, vol. 254, pp. 248–299. Springer, Heidelberg (1987).  https://doi.org/10.1007/BFb0046842CrossRefGoogle Scholar
  35. 35.
    Jensen, K.: Coloured Petri nets: a high level language for system design and analysis. In: Rozenberg, G. (ed.) ICATPN 1989. LNCS, vol. 483, pp. 342–416. Springer, Heidelberg (1991).  https://doi.org/10.1007/3-540-53863-1_31CrossRefGoogle Scholar
  36. 36.
    Jensen, K.: Coloured Petri Nets - Basic Concepts, Analysis Methods and Practical Use. Monographs in Theoretical Computer Science. An EATCS Series, vol. 1, 2nd edn. Springer, Heidelberg (1996).  https://doi.org/10.1007/978-3-662-03241-1CrossRefzbMATHGoogle Scholar
  37. 37.
    Jensen, K., Kristensen, L.M., Wells, L.: Coloured Petri nets and CPN tools for modelling and validation of concurrent systems. STTT 9(3–4), 213–254 (2007).  https://doi.org/10.1007/s10009-007-0038-xCrossRefGoogle Scholar
  38. 38.
    Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45800-X_32CrossRefzbMATHGoogle Scholar
  39. 39.
    Kasinathan, P., Cuéllar, J.: Securing the integrity of workflows in IoT. In: Proceedings of the 2018 International Conference on Embedded Wireless Systems and Networks, EWSN 2018, Madrid, Spain, 14–16 February 2018, pp. 252–257 (2018). http://dl.acm.org/citation.cfm?id=3234908
  40. 40.
    Kasinathan, P., Cuellar, J.: Workflow-aware security of integrated mobility services. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11099, pp. 3–19. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-98989-1_1CrossRefGoogle Scholar
  41. 41.
    Knorr, K.: Dynamic access control through Petri net workflows. In: 16th Annual Computer Security Applications Conference (ACSAC 2000), New Orleans, Louisiana, USA, 11–15 December 2000, pp. 159–167 (2000).  https://doi.org/10.1109/ACSAC.2000.898869
  42. 42.
    Krebs, B., BMW: connected mobility lab – center digitization.bayern (2017). https://zentrum-digitalisierung.bayern/connected-mobility-lab/. Accessed Oct 2018
  43. 43.
    Linhares, M.V., da Silva, A.J., de Oliveira, R.S.: Empirical evaluation of SysML through the modeling of an industrial automation unit. In: 2006 IEEE Conference on Emerging Technologies and Factory Automation, pp. 145–152. IEEE, September 2006.  https://doi.org/10.1109/ETFA.2006.355190. http://ieeexplore.ieee.org/document/4178305/
  44. 44.
    Lodderstedt, T., Basin, D., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45800-X_33CrossRefzbMATHGoogle Scholar
  45. 45.
    Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS 2016, pp. 254–269. ACM Press, New York (2016).  https://doi.org/10.1145/2976749.2978309
  46. 46.
    Merlin, P.M., Farber, D.J.: Recoverability of communication protocols-implications of a theoretical study. IEEE Trans. Commun. (1976).  https://doi.org/10.1109/TCOM.1976.1093424MathSciNetCrossRefzbMATHGoogle Scholar
  47. 47.
    Miessler, D., Smith, C., Haddix, J.: OWASP Internet of Things Top Ten Project (2014). Accessed Dec 2017Google Scholar
  48. 48.
    Modelio – Open Source Tool: Modelio – the open source modeling tool. https://www.modelio.org/. Accessed Aug 2018
  49. 49.
    Morimoto, S.: A survey of formal verification for business process modeling. In: Bubak, M., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2008. LNCS, vol. 5102, pp. 514–522. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-69387-1_58CrossRefGoogle Scholar
  50. 50.
    Mortensen, K.H.: Automatic code generation method based on coloured Petri net models applied on an access control system. In: Nielsen, M., Simpson, D. (eds.) ICATPN 2000. LNCS, vol. 1825, pp. 367–386. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-44988-4_21CrossRefGoogle Scholar
  51. 51.
    Murata, T.: Petri nets: properties, analysis and applications. Proc. IEEE 77(4), 541–580 (1989).  https://doi.org/10.1109/5.24143. http://ieeexplore.ieee.org/document/24143/CrossRefGoogle Scholar
  52. 52.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). https://bitcoin.org/bitcoin.pdf. Accessed Oct 2018
  53. 53.
    Özsu, M.T., Valduriez, P.: Principles of Distributed Database Systems, 3rd edn. Springer, New York (2011).  https://doi.org/10.1007/978-1-4419-8834-8CrossRefGoogle Scholar
  54. 54.
    Petri, C.A.: Communication with automata (1966). http://edoc.sub.uni-hamburg.de/informatik/volltexte/2010/155/
  55. 55.
    Pohl, K.: Requirements Engineering: An Overview. RWTH, Fachgruppe Informatik, Aachen (1996). ftp://ftp8.de.freebsd.org/pub/packages/CREWS/CREWS-96-02.pdfGoogle Scholar
  56. 56.
    Pommereau, F.: SNAKES: a flexible high-level Petri nets library (tool paper). In: Devillers, R., Valmari, A. (eds.) PETRI NETS 2015. LNCS, vol. 9115, pp. 254–265. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-19488-2_13CrossRefzbMATHGoogle Scholar
  57. 57.
    Rahim, M., Boukala-Ioualalen, M., Hammad, A.: Petri nets based approach for modular verification of SysML requirements on activity diagrams. In: Proceedings of the International Workshop on Petri Nets and Software Engineering (PNSE), Tunis, Tunisia, 23–24 June 2014, pp. 233–248 (2014). http://ceur-ws.org/Vol-1160/paper14.pdf
  58. 58.
    Reisig, W.: Petri Nets: An Introduction. EATCS Monographs on Theoretical Computer Science, vol. 4. Springer, Heidelberg (1985).  https://doi.org/10.1007/978-3-642-69968-9CrossRefzbMATHGoogle Scholar
  59. 59.
    Reisig, W.: A Primer in Petri Net Design. Springer Compass International. Springer, Heidelberg (1992).  https://doi.org/10.1007/978-3-642-75329-9CrossRefzbMATHGoogle Scholar
  60. 60.
    Reisig, W.: Understanding Petri Nets – Modeling Techniques, Analysis Methods, Case Studies. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-33278-4CrossRefzbMATHGoogle Scholar
  61. 61.
    Sadeghi, A.R., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. In: Proceedings of the 52nd Annual Design Automation Conference on - DAC 2015, pp. 1–6. ACM Press, New York (2015).  https://doi.org/10.1145/2744769.2747942
  62. 62.
    Sandhu, R.S., Samarati, P.: Access control: principles and practice. IEEE Commun. Mag. 32(9), 40–48 (1994).  https://doi.org/10.1109/35.312842. http://ieeexplore.ieee.org/document/312842/CrossRefGoogle Scholar
  63. 63.
    Schaller, R.: Moore’s law: past, present and future. IEEE Spectr. 34(6), 52–59 (1997).  https://doi.org/10.1109/6.591665CrossRefGoogle Scholar
  64. 64.
    Seitz, L., Gerdes, S., Selander, G., Mani, M., Kumar, S.: Use cases for authentication and authorization in constrained environments (2016). ISSN 2070-1721. https://tools.ietf.org/html/rfc7744
  65. 65.
    Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., Tschofenig, H.: Authentication and authorization for constrained environments (ACE) using the OAuth 2.0 framework (ACE-OAuth). Technical report, IETF (2018)Google Scholar
  66. 66.
    Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A.: Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146–164 (2015).  https://doi.org/10.1016/J.COMNET.2014.11.008. https://www.sciencedirect.com/science/article/pii/S1389128614003971CrossRefGoogle Scholar
  67. 67.
    van der Stok, P., Kampanakis, P., Kumar, S., Richardson, M., Furuhed, M., Raza, S.: EST over secure CoAP (EST-coaps). Technical report, IETF (2018). https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est/
  68. 68.
    Sundmaeker, H., Guillemin, P., Friess, P., Woelfflé, S. (eds.): Vision and Challenges for Realising the Internet of Things. Publications Office of the European Union, Luxembourg (2010).  https://doi.org/10.2759/26127
  69. 69.
    Szabo, N.: Smart contracts: building blocks for digital markets, 1996. EXTROPY: The Journal of Transhumanist Thought (2001). http://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart_contracts_2.html
  70. 70.
    Tandon, L., Fong, P.W.L., Safavi-Naini, R.: HCAP: a history-based capability system for IoT devices. In: Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies, SACMAT 2018, Indianapolis, IN, USA, 13–15 June 2018, pp. 247–258 (2018).  https://doi.org/10.1145/3205977.3205978
  71. 71.
    TCG WG: TCG guidance for securing resource-constrained devices. Technical report, Trusted Computing Group (TCG) (2017). https://trustedcomputinggroup.org/wp-content/uploads/TCG-Guidance-for-Securing-Resource-Constrained-Devices-v1r22.pdf
  72. 72.
    Thaler, D., Waltermire, D., Housley, R.: Software Updates for Internet of Things (suit) (2018). https://datatracker.ietf.org/wg/suit/about/. Accessed Oct 2018
  73. 73.
    The Official OMG SysML site: What Is OMG SysML? (2012). http://www.omgsysml.org/. Accessed Apr 2018
  74. 74.
    Tiloca, M., Selander, G., Palombini, F., Park, J.: Secure group communication for CoAP (2018). https://datatracker.ietf.org/doc/draft-tiloca-core-multicast-oscoap/. Accessed Oct 2018
  75. 75.
    Weber, M., Kindler, E.: The Petri net markup language. In: Ehrig, H., Reisig, W., Rozenberg, G., Weber, H. (eds.) Petri Net Technology for Communication-Based Systems. LNCS, vol. 2472, pp. 124–144. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-40022-6_7CrossRefzbMATHGoogle Scholar
  76. 76.
    Weber, R.H.: Internet of things – new security and privacy challenges. Comput. Law Secur. Rev. 26(1), 23–30 (2010).  https://doi.org/10.1016/J.CLSR.2009.11.008. https://www.sciencedirect.com/science/article/pii/S0267364909001939MathSciNetCrossRefGoogle Scholar
  77. 77.
    WfMC: Workflow Management Coalition (2009). http://www.wfmc.org/. Accessed July 2017
  78. 78.
    Van der Aalst, W.M.P.: The application of Petri nets to workflow management. J. Circuits Syst. Comput. 08(01), 21–66 (1998).  https://doi.org/10.1142/S021812669800004. http://www.worldscientific.com/doi/abs/10.1142/S0218126698000043CrossRefGoogle Scholar
  79. 79.
    Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. J. Syst. Arch. 55(4), 211–223 (2009).  https://doi.org/10.1016/J.SYSARC.2008.10.002. https://www.sciencedirect.com/science/article/pii/S1383762108001471CrossRefGoogle Scholar
  80. 80.
    Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 64–79. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-75183-0_5CrossRefGoogle Scholar
  81. 81.
    Wolter, C., Schaad, A., Meinel, C.: Task-based entailment constraints for basic workflow patterns. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies - SACMAT 2008, p. 51. ACM Press, New York (2008).  https://doi.org/10.1145/1377836.1377844
  82. 82.
    Woodcock, J., Larsen, P.G., Bicarregui, J., Fitzgerald, J.: Formal methods: practice and experience. ACM Comput. Surv. 41(4), 1–36 (2009).  https://doi.org/10.1145/1592434.1592436CrossRefGoogle Scholar
  83. 83.
    Zhang, F., Cecchetti, E., Croman, K., Juels, A., Shi, E.: Town Crier: an authenticated data feed for smart contracts. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 270–282. ACM, New York (2016).  https://doi.org/10.1145/2976749.2978326

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Siemens AG, CT, IT SecurityMunichGermany
  2. 2.University of PassauPassauGermany

Personalised recommendations