ACMES team

Samovar lab

New paper “Process mining approach for multi-cloud SLA reporting” at IEEE Big Data 2023

Authors: Jeremy Mechouche, Mohamed Sellami, Zakaria Maamar, Roua Touihri, and Walid Gaaloul


Cloud consumers’ requirements possess an inherent dynamic nature, characterized by fluctuating needs in reliability and high-availability relative to their workload. To satisfy these requirements, service reconfiguration strategies are put in place ensuring first, adaptable service provisioning and second, compliance with the agreed-upon Service Level Agreements (SLAs) between consumers and providers. However, deviations between SLAs and “real” observed behaviours could occur even after triggering reconfiguration strategies. Additionally, as organizations increasingly embrace multi-cloud environments, careful consideration must be given to the inherent challenges that arise in this requirements satisfaction. In this paper, we represent these strategies as state machines used to report their conformance to collected logs which track what really happened at run-time. The collected logs are processed to construct state machines suitable for conformance checking. Experiments demonstrating the technical doability of using conformance checking to detect deviations between SLAs and logs, along with verifying the suitability of reconfiguration strategies, are also discussed in the paper.

New paper “Uncovering Implicit Bundling Constraints: Empowering Cloud Network Service Discovery” at ICSOC 2023

Authors: Hayet Brabra, Imen Jerbi, Mohamed Sellami, Walid Gaaloul, and Djamal Zeghlache


Cloud service providers (CSPs) offer their networking services (NSs) in the form of service bundles containing underlying services, not necessarily requested by the users. While service bundling is a common practice in the cloud providing multiple components as a single service, unawareness of this hidden structure of services at design time may limit their portability, compatibility, and interoperability across multiple providers. This calls for service discovery solutions that can identify and reveal such hidden bundling to cloud users so they become aware of the consequences of existing bundling before any deployment stage. This paper presents a new NSs discovery approach that takes into account and makes transparent network services bundling for cloud users.

New paper “Discovering Guard Stage Milestone Models Through Hierarchical Clustering” at CoopIS 2023

Authors: Leyla Moctar M’Baba, Mohamed Sellami, Nour Assy, Walid Gaaloul, and Mohamedade Farouk Nanne


Processes executed on enterprise Information Systems (IS), such as ERP and CMS, are artifact-centric. The execution of these processes is driven by the creation and evolution of business entities called artifacts. Several artifact-centric modeling languages were proposed to capture the specificity of these processes. One of the most used artifact-centric modeling languages is the Guard Stage Milestone (GSM) language. It represents an artifact-centric process as an information model and a lifecycle. The lifecycle groups activities in stages with data conditions as guards. The hierarchy between the stages is based on common conditions. However, existing works do not discover this hierarchy nor the data conditions, as they considered them to be already available. They also do not discover GSM models directly from event logs. They discover Petri nets and translate them into GSM models. To fill this gap, we propose in this paper a discovery approach based on hierarchical clustering. We use invariants detection to discover data conditions and information gain of common conditions to cluster stages. The approach does not rely on domain knowledge nor translation mechanisms. It was implemented and evaluated using a blockchain case study.

New paper “Bringing privacy, security and performance to the Internet of Things using IOTA and usage control”

Bringing privacy, security and performance to the Internet of Things using IOTA and usage control
by Nathanaël Denis, Sophie Chabridon and Maryline Laurent

Annals of Telecoms, jan. 2024 link

The Internet of Things (IoT) is bringing new ways to collect and analyze data to develop applications answering or anticipating users’ needs. These data may be privacy-sensitive, requiring ecient privacypreserving mechanisms. The IoT is a distributed system of unprecedented scale, creating challenges for performance and security. Classic blockchains could be a solution by providing decentralization and strong security guarantees. However, they are not ecient and scalable enough for large scale IoT systems, and available tools designed for preserving privacy in blockchains, e.g. coin mixing, have a limited eect due to high transaction costs and insucient transaction rates. This article provides a framework based on several technologies to address the requirements of privacy, security and performance of the Internet of Things. The basis of the framework is the IOTA technology, a derivative of blockchains relying on a directed acyclic graph to create transactions instead of a linear chain. IOTA improves distributed ledger performance by increasing transaction throughput as more users join the network, making the network scalable. As IOTA is not designed for privacy protection, we complement it with privacy-preserving mechanisms: merge avoidance and decentralized mixing. Finally, privacy is reinforced by introducing usage control mechanisms for users to monitor the use and dissemination of their data. A Proof of Concept is proposed to demonstrate the feasibility of the proposed framework. Performance tests are conducted on this Proof of Concept, showing the framework can work on resource-constrained devices and within a reasonable time. The originality of this contribution is also to integrate an IOTA node within the usage control system, to support privacy as close as possible to the objects that need it.

New paper “Integrating Usage Control Into Distributed Ledger Technology for Internet of Things Privacy”

Integrating Usage Control Into Distributed Ledger Technology for Internet of Things Privacy
by Nathanaël Denis, Maryline Laurent and Sophie Chabridon

IEEE Internet of Things Journal, Volume: 10, Issue: 22, jun. 2023

arXiv link

The Internet of Things (IoT) brings new ways to collect privacy-sensitive data from billions of devices. Well-tailored distributed ledger technologies (DLTs) can provide high transaction processing capacities to IoT devices in a decentralized fashion. However, privacy aspects are often neglected or unsatisfying, with a focus mainly on performance and security. In this article, we introduce decentralized usage control mechanisms to empower IoT devices to control the data they generate. Usage control defines obligations, i.e., actions to be fulfilled to be granted access, and conditions on the system in addition to data dissemination control. The originality of this article is to consider the usage control system as a component of distributed ledger networks, instead of an external tool. With this integration, both technologies work in synergy, benefiting their privacy, security, and performance. We evaluated the performance improvements of integration using the IOTA technology, particularly suitable due to the participation of small devices in the consensus. The results of the tests on a private network show an approximate 90% decrease of the time needed for the usage control system to push a transaction and make its access decision in the integrated setting, regardless of the number of nodes in the network.

New paper “Request relaxation based-on provider constraints for a capability-based NaaS services discovery” at CAISE 2023

Authors: Imen Jerbi, Hayet Brabra, Mohamed Sellami, Walid Gaaloul, Sami Bhiri, Boualem Benatallah, Djamal Zeghlache, and Olivier Tirat


Network as a Service (NaaS) enables cloud customers to connect their distributed services across multiple clouds without relying exclusively on their infrastructures. The discovery of NaaS services remains challenging not only because of their scale and diversity but also because of the hidden constraints that cloud providers impose on these services at the networking layer. NaaS services are usually offered in the form of service bundles containing underlying services and constraints not requested by the customers. This creates undesirable dependencies and constraints that hamper portability, compatibility and interoperability across providers. The problem of service discovery becomes more challenging when these constraints are the main and first cause that prevents a customer’s request from being fulfilled. Without a mechanism that enables customers to identify these constraints and to adjust their requests accordingly, existing service discovery solutions are likely to fall short. We propose to complement existing service discovery solutions by not only identifying unmatched constraints but also recommending relaxing discovery requests to retrieve optimal and compliant services.

New article “Process mining for Artifact-Centric Blockchain Applications” in the SIMPAT journal

Authors: Leyla Moctar M’Baba, Nour Assy, Mohamed Sellami, Walid Gaaloul and Mohamedade Farouk NANNE


Process mining can provide valuable insights into user behavior, performance, and security for blockchain applications. In return, process mining benefits from the trustworthiness of blockchain data. One obstacle to realizing these benefits is that blockchain data is inadequate for process mining. This issue has been previously explored in literature, but mainly with regards to workflow-centric processes, leaving out the more common artifact-centric applications. This article introduces ACEL (Artifact-Centric Event Log), an extension to the OCEL (Object-Centric Event Log) standard, specifically designed for artifact-centric processes. Additionally, we present a method for extracting ACEL logs from the Ethereum blockchain platform and demonstrate its effectiveness and the perspectives of process discovery through two case studies of public Ethereum applications.

Best paper “SmartSPEC: Customizable Smart Space Datasets via Event-Driven Simulations” at PERCOM 2022

Authors: Andrew Chio, Daokun Jiang, Peeyush Gupta, Georgios Bouloukakis, Roberto Yus, Sharad Mehrotra and Nalini Venkatasubramanian

Mark Weiser Best Paper Award (sponsored by Elsevier Pervasive and Mobile Computing)

This paper presents SmartSPEC, an approach to generate customizable smart space datasets using sensorized spaces in which people and events are embedded. Smart space datasets are critical to design, deploy and evaluate robust systems and applications to ensure cost-effective operation and safety/comfort/convenience of the space occupants. Often, real-world data is difficult to obtain due to the lack of fine-grained sensing; privacy/security concerns prevent the release and sharing of individual and spatial data. SmartSPEC is a smart space simulator and data generator that can create a digital representation (twin) of a smart space and its activities. SmartSPEC uses a semantic model and ML-based approaches to characterize and learn attributes in a sensorized space, and applies an event-driven simulation strategy to generate realistic simulated data about the space (events, trajectories, sensor datasets, etc). To evaluate the realism of the data generated by SmartSPEC, we develop a structured methodology and metrics to assess various aspects of smart space datasets, including trajectories of people and occupancy of spaces. Our experimental study looks at two real-world settings/datasets: an instrumented smart campus building and a city-wide GPS dataset. Our results show that the trajectories produced by SmartSPEC are 1.4x to 4.4x more realistic than the best synthetic data baseline when compared to real-world data, depending on the scenario and configuration.

Keywords: smart space, sensor, simulation, trajectory

New paper “Analysis of the Impact of Interaction Patterns and IoT Protocols on Energy Consumption of IoT Consumer Applications” at DAIS 2022

Authors: Rodrigo Canek, Pedro Borges, and Chantal Taconet

DAIS 2022 paper

Nowadays, it is estimated that half the connected devices are related to the Internet of Things (IoT). The IoT paradigm contributes to the increase of the Information Technology energy demand. The energy demand is due on one side to the huge number of IoT devices, and on the other side to the plethora of IoT end user applications consuming
data produced by those devices. However, taking into account energy consumption in the development of such applications, consuming data produced by IoT devices is still challenging. There is a lack of knowledge on what are the best practises to develop green IoT applications. The work presented in this paper aims to raise the awareness of application designers concerning the impact of the choice of IoT protocols and interaction patterns on the energy consumption of the applications. For this purpose, we have experimentally analysed the energy consumption of HTTP and MQTT, which are two of the most popular, mature and stable protocols for IoT consumer applications. For the HTTP protocol, we have studied both the publish-subscribe and the request-reply interaction patterns. For MQTT, we have studied the publish-subscribe interaction pattern with the three available Quality of Services. We also examine the impact of message payload on energy consumption. The results show that the publish/subscribe interaction pattern has lower energy consumption (around 92% less) than the synchronous interaction pattern and HTTP consumes 20% more energy than the MQTT protocol for the publish/subscribe interaction pattern. Finally, we have shown that the payload has a low impact on energy consumption having a 9% overhead on payloads ranging from 24 to 3120 bytes

Keywords: Middleware, Internet of Things applications, IoT protocols Interaction patterns, IoT Platforms, Energy Consumption, Green IT

New paper “Conformance checking for autonomous multi-cloud SLA management and adaptation” at Journal of Supercomputing

Authors: Jeremy Mechouche, Roua Touihri, Mohamed Sellami and Walid Gaaloul



Satisfying cloud customers’ requirements, i.e., respecting an agreed-on service level agreement (SLA), is not a trivial task in a multi-cloud context. This is mainly due to divergent SLA objectives among the involved cloud service providers and hence divergent reconfiguration strategies to enforce them. In this paper, we propose a hierarchical representation of multi-cloud SLAs: sub-SLAs associated with a system’s components deployed on distinct cloud service providers and global-SLA associated with the whole system. We also enrich these SLA representations with state machines reflecting reconfiguration strategies defined by cloud customers. Then, we propose an autonomous multi-cloud resource orchestrator based on the MAPE-K adaptation control loop to enforce them and to avoid SLA violations. Finally, in order to check the conformity of this enforcement with defined multi-cloud SLA, we propose an approach for multi-cloud SLA reporting inspired by conformance checking techniques. An implementation of the approach is presented in the paper and illustrates the approach feasibility.