Securing Emergent IoT Applications

  • Prabhakaran KasinathanEmail author
  • Jorge Cuellar
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11430)


Attacks on IoT, Cyber-Physical-Systems (CPS), and other computing systems are evolving rapidly. As a result, IoT devices used in critical infrastructures such as energy, health-care, and water supply systems are vulnerable to attacks. A successful attack on such safety-critical infrastructures may have life-threatening consequences. On the other hand, existing security mechanisms are not enough to protect constrained IoT devices. Therefore, we need better security mechanisms and tools to manage and protect IoT devices from malicious use.

In emerging paradigms like Internet-of-Things (IoT) platforms, Industry 4.0, collaborative portals, and many others, we deal with a multi-tenant architecture. In a multi-tenant architecture, the owners want to secure their own integrity, confidentiality, and functionality goals without being concerned about the goals of other entities. In this paper, we present a framework to negotiate, compromise, and inter-operate between different services or platforms to fulfill a purpose. Furthermore, to ensure correct and safe operation of IoT systems, we must assure that the integrity of the underlying systems and processes is properly executed as intended i.e., the processes cannot be changed in an unauthorized way.

In this paper, we present our Petri Net based workflow specification and enforcement framework to realize workflow-aware access control and to protect the process integrity of IoT applications. The Petri Net models are amenable to formal verification. The resulting workflows have other properties such as the ability to recover from error conditions. In addition, we present a method to achieve distributed access control and accountability integrated with our framework. We allow practitioner-friendly tools to collect requirements and goals to design secure IoT systems and processes. Finally, we present a guide to implement our framework with existing development environments and validate the methodology using concrete use case scenarios.



We thank Professor Jonathan P. Bowen for his suggestions and reviewing this article.


  1. 1.
    van der Aalst, W.M.P.: Verification of workflow nets. In: Azéma, P., Balbo, G. (eds.) ICATPN 1997. LNCS, vol. 1248, pp. 407–426. Springer, Heidelberg (1997). Scholar
  2. 2.
    van der Aalst, W.M.P.: Putting high-level Petri nets to work in industry. Comput. Ind. 25(1), 45–54 (1994). Scholar
  3. 3.
    AIOTI: The Alliance for the Internet of Things Innovation (2018). Accessed Dec 2018
  4. 4.
    Antonakakis, M., et al.: Understanding the Mirai Botnet. In: 26th USENIX Security Symposium, pp. 1092–1110 (2017).
  5. 5.
    Atluri, V., Huang, W.-K.: An authorization model for workflows. In: Bertino, E., Kurth, H., Martella, G., Montolivo, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 44–64. Springer, Heidelberg (1996). Scholar
  6. 6.
    Atluri, V., Huang, W.: A Petri net based safety analysis of workflow authorization models. J. Comput. Secur. 8(2/3), 209–240 (2000). Scholar
  7. 7.
    Bahga, A., Madisetti, V.K.: Blockchain platform for industrial internet of things. J. Softw. Eng. Appl. 9, 533–546 (2016). Scholar
  8. 8.
    Bartoletti, M., Pompianu, L.: An empirical analysis of smart contracts: platforms, applications, and design patterns. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 494–509. Springer, Cham (2017). Scholar
  9. 9.
    Basin, D., Burri, S.J., Karjoth, G.: Optimal workflow-aware authorizations. In: ACM Symposium on Access Control Models and Technologies (SACMAT 2012), pp. 93–102 (2012).
  10. 10.
    Bertino, E., Ferrari, E., Atluri, V.: The specification and enforcement of authorization constraints in workflow management systems. ACM Trans. Inf. Syst. Secur. 2(1), 65–104 (1999). Scholar
  11. 11.
    Bishop, M.: Computer Security: Art and Science. Addison-Wesley, Boston (2002). Scholar
  12. 12.
    Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. Technical report, IETF, May 2014.
  13. 13.
    Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the 16th ACM conference on Computer and communications security - CCS 2009, p. 400. ACM Press, New York (2009).
  14. 14.
    Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the internet of things. IEEE Access 4, 2292–2303 (2016). Scholar
  15. 15.
    Compagna, L., dos Santos, D.R., Ponta, S.E., Ranise, S.: Aegis: automatic enforcement of security policies in workflow-driven web applications. In: Proceedings of ACM on Conference on Data and Application Security and Privacy - CODASPY 2017, pp. 321–328 (2017).
  16. 16.
    Cuellar, J., Kasinathan, P., Calvo, D.: Privacy-enhanced-tokens (PAT) profile for ACE. Technical report, IETF (2018).
  17. 17.
    Delmolino, K., Arnett, M., Kosba, A.E., Miller, A., Shi, E.: Step by step towards creating a safe smart contract: lessons and insights from a cryptocurrency lab. IACR Cryptology ePrint Archive 2015, 460 (2015). Scholar
  18. 18.
    Dijkstra, E.W.: Guarded commands, nondeterminacy and formal derivation of programs. Commun. ACM 18(8), 453–457 (1975). Scholar
  19. 19.
    Esparza, J.: Decidability and complexity of Petri net problems—an introduction. In: Reisig, W., Rozenberg, G. (eds.) ACPN 1996. LNCS, vol. 1491, pp. 374–428. Springer, Heidelberg (1998). Scholar
  20. 20.
    Ethereum: Solidity—Solidity (2018). Accessed Aug 2018
  21. 21.
    Ethereum: What Are Smart Contracts - EthereumWiki (2018). Accessed Mar 2018
  22. 22.
    European Union (EU): EU GDPR Information Portal (2018). Accessed July 2018
  23. 23.
    Friedenthal, S., Moore, A., Steiner, R.: A Practical Guide to SysML, 3rd edn. Morgan Kaufmann, San Francisco (2008). Scholar
  24. 24.
    Gerdes, S., Bergmann, O., Bormann, C., Selander, G., Seitz, L.: Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE) (2018). Accessed Mar 2018
  25. 25.
    Hardt, D.: The OAuth 2.0 Authorization Framework (2012). Accessed Dec 2017
  26. 26.
    Harney, H., Muckenhirn, C.: Group Key Management Protocol (GKMP) Specification, July 1997.
  27. 27.
    Heckel, R.: Open Petri nets as semantic model for workflow integration. In: Ehrig, H., Reisig, W., Rozenberg, G., Weber, H. (eds.) Petri Net Technology for Communication-Based Systems. LNCS, vol. 2472, pp. 281–294. Springer, Heidelberg (2003). Scholar
  28. 28.
    Huang, W.K., Atluri, V.: SecureFlow: a secure web-enabled workflow management system. In: Proceedings of the Fourth ACM Workshop on Role-Based Access Control - RBAC 1999, pp. 83–94 (1999).
  29. 29.
    IBM: Energy-Blockchain Labs and IBM Create Carbon Credit Management Platform Using Hyperledger Fabric on the IBM Cloud, pp. 2–3. IBM Press Release (2017).
  30. 30.
    IBM: Hyperledger Fabric – Hyperledger (2018). Accessed Aug 2018
  31. 31.
    IBM: Hyperledger-Smart Contract Language – Chaincode (2018). Accessed Aug 2018
  32. 32.
    IETF ACE Working Group: Authentication and Authorization for Constrained Environments (ACE) (2017). Accessed Dec 2017
  33. 33.
    Jamal, M., Zafar, N.A.: Transformation of activity diagram into coloured Petri nets using weighted directed graph. In: 2016 International Conference on Frontiers of Information Technology (FIT), pp. 181–186. IEEE, December 2016.
  34. 34.
    Jensen, K.: Coloured Petri nets. In: Brauer, W., Reisig, W., Rozenberg, G. (eds.) Petri Nets: Central Models and Their Properties. LNCS, vol. 254, pp. 248–299. Springer, Heidelberg (1987). Scholar
  35. 35.
    Jensen, K.: Coloured Petri nets: a high level language for system design and analysis. In: Rozenberg, G. (ed.) ICATPN 1989. LNCS, vol. 483, pp. 342–416. Springer, Heidelberg (1991). Scholar
  36. 36.
    Jensen, K.: Coloured Petri Nets - Basic Concepts, Analysis Methods and Practical Use. Monographs in Theoretical Computer Science. An EATCS Series, vol. 1, 2nd edn. Springer, Heidelberg (1996). Scholar
  37. 37.
    Jensen, K., Kristensen, L.M., Wells, L.: Coloured Petri nets and CPN tools for modelling and validation of concurrent systems. STTT 9(3–4), 213–254 (2007). Scholar
  38. 38.
    Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002). Scholar
  39. 39.
    Kasinathan, P., Cuéllar, J.: Securing the integrity of workflows in IoT. In: Proceedings of the 2018 International Conference on Embedded Wireless Systems and Networks, EWSN 2018, Madrid, Spain, 14–16 February 2018, pp. 252–257 (2018).
  40. 40.
    Kasinathan, P., Cuellar, J.: Workflow-aware security of integrated mobility services. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11099, pp. 3–19. Springer, Cham (2018). Scholar
  41. 41.
    Knorr, K.: Dynamic access control through Petri net workflows. In: 16th Annual Computer Security Applications Conference (ACSAC 2000), New Orleans, Louisiana, USA, 11–15 December 2000, pp. 159–167 (2000).
  42. 42.
    Krebs, B., BMW: connected mobility lab – center (2017). Accessed Oct 2018
  43. 43.
    Linhares, M.V., da Silva, A.J., de Oliveira, R.S.: Empirical evaluation of SysML through the modeling of an industrial automation unit. In: 2006 IEEE Conference on Emerging Technologies and Factory Automation, pp. 145–152. IEEE, September 2006.
  44. 44.
    Lodderstedt, T., Basin, D., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002). Scholar
  45. 45.
    Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS 2016, pp. 254–269. ACM Press, New York (2016).
  46. 46.
    Merlin, P.M., Farber, D.J.: Recoverability of communication protocols-implications of a theoretical study. IEEE Trans. Commun. (1976). Scholar
  47. 47.
    Miessler, D., Smith, C., Haddix, J.: OWASP Internet of Things Top Ten Project (2014). Accessed Dec 2017Google Scholar
  48. 48.
    Modelio – Open Source Tool: Modelio – the open source modeling tool. Accessed Aug 2018
  49. 49.
    Morimoto, S.: A survey of formal verification for business process modeling. In: Bubak, M., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2008. LNCS, vol. 5102, pp. 514–522. Springer, Heidelberg (2008). Scholar
  50. 50.
    Mortensen, K.H.: Automatic code generation method based on coloured Petri net models applied on an access control system. In: Nielsen, M., Simpson, D. (eds.) ICATPN 2000. LNCS, vol. 1825, pp. 367–386. Springer, Heidelberg (2000). Scholar
  51. 51.
    Murata, T.: Petri nets: properties, analysis and applications. Proc. IEEE 77(4), 541–580 (1989). Scholar
  52. 52.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). Accessed Oct 2018
  53. 53.
    Özsu, M.T., Valduriez, P.: Principles of Distributed Database Systems, 3rd edn. Springer, New York (2011). Scholar
  54. 54.
    Petri, C.A.: Communication with automata (1966).
  55. 55.
    Pohl, K.: Requirements Engineering: An Overview. RWTH, Fachgruppe Informatik, Aachen (1996). Scholar
  56. 56.
    Pommereau, F.: SNAKES: a flexible high-level Petri nets library (tool paper). In: Devillers, R., Valmari, A. (eds.) PETRI NETS 2015. LNCS, vol. 9115, pp. 254–265. Springer, Cham (2015). Scholar
  57. 57.
    Rahim, M., Boukala-Ioualalen, M., Hammad, A.: Petri nets based approach for modular verification of SysML requirements on activity diagrams. In: Proceedings of the International Workshop on Petri Nets and Software Engineering (PNSE), Tunis, Tunisia, 23–24 June 2014, pp. 233–248 (2014).
  58. 58.
    Reisig, W.: Petri Nets: An Introduction. EATCS Monographs on Theoretical Computer Science, vol. 4. Springer, Heidelberg (1985). Scholar
  59. 59.
    Reisig, W.: A Primer in Petri Net Design. Springer Compass International. Springer, Heidelberg (1992). Scholar
  60. 60.
    Reisig, W.: Understanding Petri Nets – Modeling Techniques, Analysis Methods, Case Studies. Springer, Heidelberg (2013). Scholar
  61. 61.
    Sadeghi, A.R., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. In: Proceedings of the 52nd Annual Design Automation Conference on - DAC 2015, pp. 1–6. ACM Press, New York (2015).
  62. 62.
    Sandhu, R.S., Samarati, P.: Access control: principles and practice. IEEE Commun. Mag. 32(9), 40–48 (1994). Scholar
  63. 63.
    Schaller, R.: Moore’s law: past, present and future. IEEE Spectr. 34(6), 52–59 (1997). Scholar
  64. 64.
    Seitz, L., Gerdes, S., Selander, G., Mani, M., Kumar, S.: Use cases for authentication and authorization in constrained environments (2016). ISSN 2070-1721.
  65. 65.
    Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., Tschofenig, H.: Authentication and authorization for constrained environments (ACE) using the OAuth 2.0 framework (ACE-OAuth). Technical report, IETF (2018)Google Scholar
  66. 66.
    Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A.: Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146–164 (2015). Scholar
  67. 67.
    van der Stok, P., Kampanakis, P., Kumar, S., Richardson, M., Furuhed, M., Raza, S.: EST over secure CoAP (EST-coaps). Technical report, IETF (2018).
  68. 68.
    Sundmaeker, H., Guillemin, P., Friess, P., Woelfflé, S. (eds.): Vision and Challenges for Realising the Internet of Things. Publications Office of the European Union, Luxembourg (2010).
  69. 69.
    Szabo, N.: Smart contracts: building blocks for digital markets, 1996. EXTROPY: The Journal of Transhumanist Thought (2001).
  70. 70.
    Tandon, L., Fong, P.W.L., Safavi-Naini, R.: HCAP: a history-based capability system for IoT devices. In: Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies, SACMAT 2018, Indianapolis, IN, USA, 13–15 June 2018, pp. 247–258 (2018).
  71. 71.
    TCG WG: TCG guidance for securing resource-constrained devices. Technical report, Trusted Computing Group (TCG) (2017).
  72. 72.
    Thaler, D., Waltermire, D., Housley, R.: Software Updates for Internet of Things (suit) (2018). Accessed Oct 2018
  73. 73.
    The Official OMG SysML site: What Is OMG SysML? (2012). Accessed Apr 2018
  74. 74.
    Tiloca, M., Selander, G., Palombini, F., Park, J.: Secure group communication for CoAP (2018). Accessed Oct 2018
  75. 75.
    Weber, M., Kindler, E.: The Petri net markup language. In: Ehrig, H., Reisig, W., Rozenberg, G., Weber, H. (eds.) Petri Net Technology for Communication-Based Systems. LNCS, vol. 2472, pp. 124–144. Springer, Heidelberg (2003). Scholar
  76. 76.
    Weber, R.H.: Internet of things – new security and privacy challenges. Comput. Law Secur. Rev. 26(1), 23–30 (2010). Scholar
  77. 77.
    WfMC: Workflow Management Coalition (2009). Accessed July 2017
  78. 78.
    Van der Aalst, W.M.P.: The application of Petri nets to workflow management. J. Circuits Syst. Comput. 08(01), 21–66 (1998). Scholar
  79. 79.
    Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. J. Syst. Arch. 55(4), 211–223 (2009). Scholar
  80. 80.
    Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 64–79. Springer, Heidelberg (2007). Scholar
  81. 81.
    Wolter, C., Schaad, A., Meinel, C.: Task-based entailment constraints for basic workflow patterns. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies - SACMAT 2008, p. 51. ACM Press, New York (2008).
  82. 82.
    Woodcock, J., Larsen, P.G., Bicarregui, J., Fitzgerald, J.: Formal methods: practice and experience. ACM Comput. Surv. 41(4), 1–36 (2009). Scholar
  83. 83.
    Zhang, F., Cecchetti, E., Croman, K., Juels, A., Shi, E.: Town Crier: an authenticated data feed for smart contracts. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 270–282. ACM, New York (2016).

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Siemens AG, CT, IT SecurityMunichGermany
  2. 2.University of PassauPassauGermany

Personalised recommendations