Skip to main content

Verification and Validation Methods for a Trust-by-Design Framework for the IoT

Part of the Lecture Notes in Computer Science book series (LNCS,volume 13383)


The development of an Internet of Things (IoT) entity is a difficult process that can be performed following a System Development Life Cycle (SDLC). Two important phases of a SDLC process are verification and validation (V &V). Moreover, if we want to guarantee that trust is considered through the SDLC we have to implement it since the first phases and verify and validate its implementation during V &V. Verification usually is defined as “the system has been built right”, on the other hand validation refers to the fact that “the right system has been built”. Concerning trust, following our methodologies we can state that we can verify that “the trusted IoT entity has been built” and validate that “the right trusted IoT entity has been built”. In this paper, we propose a methodology to verify and validate requirements related to a trusted IoT entity. Following the methodology, it is possible to check if the requirements elicited in the early phases of the SDLC have been implemented in the developed functionalities. These final phases will be fundamental in order to achieve trust in the developed IoT entity.


  • Trust
  • SysML
  • UML
  • Internet of Things (IoT)
  • System Development Life Cycle (SDLC)

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD   79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions


  1. 1.


  1. Ackerman, A.F., Buchwald, L.S., Lewski, F.H.: Software inspections: an effective verification process. IEEE Softw. 6(3), 31–36 (1989)

    CrossRef  Google Scholar 

  2. Alonso-Nogueira, A., Estévez-Fernández, H., García, I.: JREM: an approach for formalising models in the requirements phase with JSON and NoSQL databases. Int. J. Comput. Inf. Eng. 11(3), 353–358 (2017)

    Google Scholar 

  3. Arthur, J.D., Dabney, J.B.: Applying standard independent verification and validation (IV &V) techniques within an agile framework: is there a compatibility issue? In: 2017 Annual IEEE International Systems Conference (SysCon), pp. 1–5. IEEE (2017)

    Google Scholar 

  4. Arthur, J.D., Nance, R.E.: Independent verification and validation: a missing link in simulation methodology? In: Proceedings Winter Simulation Conference, pp. 230–236. IEEE (1996)

    Google Scholar 

  5. Čolaković, A., Hadžialić, M.: Internet of things (IoT): a review of enabling technologies, challenges, and open research issues. Comput. Netw. 144, 17–39 (2018)

    CrossRef  Google Scholar 

  6. Edition, F.: Ieee guide-adoption of the project management institute (pmi®) standard a guide to the project management body of knowledge (pmbok® guide) (2011)

    Google Scholar 

  7. Erickson, J.: Trust metrics. In: International Symposium on Collaborative Technologies and Systems, CTS 2009, pp. 93–97. IEEE (2009)

    Google Scholar 

  8. Fagan, M.: Design and code inspections to reduce errors in program development. In: Broy, M., Denert, E. (eds.) Software Pioneers, pp. 575–607. Springer, Heidelberg (2002).

    CrossRef  Google Scholar 

  9. Fernandez-Gago, C., Moyano, F., Lopez, J.: Modelling trust dynamics in the internet of things. Infor. Sci. 396, 72–82 (2017)

    CrossRef  Google Scholar 

  10. Ferraris, D., Daniel, J., Fernandez-Gago, C., Lopez, J.: A segregated architecture for a trust-based network of internet of things. In: 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC) (CCNC 2019). Las Vegas, USA, January 2019

    Google Scholar 

  11. Ferraris, D., Fernandez-Gago, C.: TrUStAPIS: a trust requirements elicitation method for IoT. Int. J. Inf. Securi. 19, 1–17 (2019)

    Google Scholar 

  12. Ferraris, D., Fernandez-Gago, C., Lopez, J.: A trust by design framework for the internet of things. In: NTMS’2018 - Security Track (NTMS 2018 Security Track). Paris, France, February 2018

    Google Scholar 

  13. Ferraris, D., Fernandez-Gago, C., Lopez, J.: A model-driven approach to ensure trust in the IoT. Hum.-Cent. Comput. Inf. Sci. 10(1), 1–33 (2020)

    CrossRef  Google Scholar 

  14. Food, U., Administration, D., et al.: Guideline on general principles of process validation. US FDA, Rockville (1987)

    Google Scholar 

  15. Haskins, C., Forsberg, K., Krueger, M., Walden, D., Hamelin, D.: Systems engineering handbook. In: INCOSE (2006)

    Google Scholar 

  16. Hoffman, L.J., Lawson-Jenkins, K., Blum, J.: Trust beyond security: an expanded trust model. Commun. ACM 49(7), 94–101 (2006)

    CrossRef  Google Scholar 

  17. Katz, P., Campbell, C.: FDA 2011 process validation guidance: process validation revisited. J. GXP Compliance 16(4), 18 (2012)

    Google Scholar 

  18. Linhares, M.V., de Oliveira, R.S., Farines, J.M., Vernadat, F.: Introducing the modeling and verification process in SysML. In: 2007 IEEE Conference on Emerging Technologies and Factory Automation (EFTA 2007), pp. 344–351. IEEE (2007)

    Google Scholar 

  19. Marche, C., Nitti, M.: Can we trust trust management systems? IoT 3(2), 262–272 (2022)

    CrossRef  Google Scholar 

  20. Nkuba, C.K., Kim, S., Dietrich, S., Lee, H.: Riding the IoT wave with VFuzz: discovering security flaws in smart homes. IEEE Access 10, 1775–1789 (2021)

    CrossRef  Google Scholar 

  21. Pavlidis, M.: Designing for trust. In: CAiSE (Doctoral Consortium), pp. 3–14 (2011)

    Google Scholar 

  22. Ponsard, C., Ramon, V.: Survey of automation practices in model-driven development and operations. Tech. rep, EasyChair (2022)

    Google Scholar 

  23. Roman, R., Najera, P., Lopez, J.: Securing the internet of things. Computer 44(9), 51–58 (2011)

    CrossRef  Google Scholar 

Download references


This work has been supported by the Spanish Ministry of Science and Innovation Project SecureEDGE (PID2019-110565RB-I00), by the Regional Ministry of Economic Transformation, Industry, Knowledge and Universities of Andalusia SAVE (P18-TP-3724) and by the EU H2020-SU-ICT-03-2018 Project No. 830929 CyberSec4Europe ( Moreover, we thank Huawei Technology for their support. This work reflects only the authors view and the Research Executive Agency is not responsible for any use that may be made of the information it contains.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Davide Ferraris .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2022 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ferraris, D., Fernandez-Gago, C., Lopez, J. (2022). Verification and Validation Methods for a Trust-by-Design Framework for the IoT. In: Sural, S., Lu, H. (eds) Data and Applications Security and Privacy XXXVI. DBSec 2022. Lecture Notes in Computer Science, vol 13383. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-10683-5

  • Online ISBN: 978-3-031-10684-2

  • eBook Packages: Computer ScienceComputer Science (R0)