Distributed Systems, Software Engineering and Middleware - DiSSEM group

Computer Science Department of Telecom SudParis

New paper “Process mining approach for multi-cloud SLA reporting” at IEEE Big Data 2023

Authors: Jeremy Mechouche, Mohamed Sellami, Zakaria Maamar, Roua Touihri, and Walid Gaaloul


Cloud consumers’ requirements possess an inherent dynamic nature, characterized by fluctuating needs in reliability and high-availability relative to their workload. To satisfy these requirements, service reconfiguration strategies are put in place ensuring first, adaptable service provisioning and second, compliance with the agreed-upon Service Level Agreements (SLAs) between consumers and providers. However, deviations between SLAs and “real” observed behaviours could occur even after triggering reconfiguration strategies. Additionally, as organizations increasingly embrace multi-cloud environments, careful consideration must be given to the inherent challenges that arise in this requirements satisfaction. In this paper, we represent these strategies as state machines used to report their conformance to collected logs which track what really happened at run-time. The collected logs are processed to construct state machines suitable for conformance checking. Experiments demonstrating the technical doability of using conformance checking to detect deviations between SLAs and logs, along with verifying the suitability of reconfiguration strategies, are also discussed in the paper.

New paper “Bringing privacy, security and performance to the Internet of Things using IOTA and usage control”

Bringing privacy, security and performance to the Internet of Things using IOTA and usage control
by Nathanaël Denis, Sophie Chabridon and Maryline Laurent

Annals of Telecoms, jan. 2024

hal.science link

The Internet of Things (IoT) is bringing new ways to collect and analyze data to develop applications answering or anticipating users’ needs. These data may be privacy-sensitive, requiring ecient privacypreserving mechanisms. The IoT is a distributed system of unprecedented scale, creating challenges for performance and security. Classic blockchains could be a solution by providing decentralization and strong security guarantees. However, they are not ecient and scalable enough for large scale IoT systems, and available tools designed for preserving privacy in blockchains, e.g. coin mixing, have a limited eect due to high transaction costs and insucient transaction rates. This article provides a framework based on several technologies to address the requirements of privacy, security and performance of the Internet of Things. The basis of the framework is the IOTA technology, a derivative of blockchains relying on a directed acyclic graph to create transactions instead of a linear chain. IOTA improves distributed ledger performance by increasing transaction throughput as more users join the network, making the network scalable. As IOTA is not designed for privacy protection, we complement it with privacy-preserving mechanisms: merge avoidance and decentralized mixing. Finally, privacy is reinforced by introducing usage control mechanisms for users to monitor the use and dissemination of their data. A Proof of Concept is proposed to demonstrate the feasibility of the proposed framework. Performance tests are conducted on this Proof of Concept, showing the framework can work on resource-constrained devices and within a reasonable time. The originality of this contribution is also to integrate an IOTA node within the usage control system, to support privacy as close as possible to the objects that need it.

New paper “Integrating Usage Control Into Distributed Ledger Technology for Internet of Things Privacy”

Integrating Usage Control Into Distributed Ledger Technology for Internet of Things Privacy
by Nathanaël Denis, Maryline Laurent and Sophie Chabridon

IEEE Internet of Things Journal, Volume: 10, Issue: 22, jun. 2023

arXiv link

The Internet of Things (IoT) brings new ways to collect privacy-sensitive data from billions of devices. Well-tailored distributed ledger technologies (DLTs) can provide high transaction processing capacities to IoT devices in a decentralized fashion. However, privacy aspects are often neglected or unsatisfying, with a focus mainly on performance and security. In this article, we introduce decentralized usage control mechanisms to empower IoT devices to control the data they generate. Usage control defines obligations, i.e., actions to be fulfilled to be granted access, and conditions on the system in addition to data dissemination control. The originality of this article is to consider the usage control system as a component of distributed ledger networks, instead of an external tool. With this integration, both technologies work in synergy, benefiting their privacy, security, and performance. We evaluated the performance improvements of integration using the IOTA technology, particularly suitable due to the participation of small devices in the consensus. The results of the tests on a private network show an approximate 90% decrease of the time needed for the usage control system to push a transaction and make its access decision in the integrated setting, regardless of the number of nodes in the network.

Best paper “SmartSPEC: Customizable Smart Space Datasets via Event-Driven Simulations” at PERCOM 2022

Authors: Andrew Chio, Daokun Jiang, Peeyush Gupta, Georgios Bouloukakis, Roberto Yus, Sharad Mehrotra and Nalini Venkatasubramanian

Mark Weiser Best Paper Award (sponsored by Elsevier Pervasive and Mobile Computing)

This paper presents SmartSPEC, an approach to generate customizable smart space datasets using sensorized spaces in which people and events are embedded. Smart space datasets are critical to design, deploy and evaluate robust systems and applications to ensure cost-effective operation and safety/comfort/convenience of the space occupants. Often, real-world data is difficult to obtain due to the lack of fine-grained sensing; privacy/security concerns prevent the release and sharing of individual and spatial data. SmartSPEC is a smart space simulator and data generator that can create a digital representation (twin) of a smart space and its activities. SmartSPEC uses a semantic model and ML-based approaches to characterize and learn attributes in a sensorized space, and applies an event-driven simulation strategy to generate realistic simulated data about the space (events, trajectories, sensor datasets, etc). To evaluate the realism of the data generated by SmartSPEC, we develop a structured methodology and metrics to assess various aspects of smart space datasets, including trajectories of people and occupancy of spaces. Our experimental study looks at two real-world settings/datasets: an instrumented smart campus building and a city-wide GPS dataset. Our results show that the trajectories produced by SmartSPEC are 1.4x to 4.4x more realistic than the best synthetic data baseline when compared to real-world data, depending on the scenario and configuration.

Keywords: smart space, sensor, simulation, trajectory

New paper “Analysis of the Impact of Interaction Patterns and IoT Protocols on Energy Consumption of IoT Consumer Applications” at DAIS 2022

Authors: Rodrigo Canek, Pedro Borges, and Chantal Taconet

DAIS 2022 paper

Nowadays, it is estimated that half the connected devices are related to the Internet of Things (IoT). The IoT paradigm contributes to the increase of the Information Technology energy demand. The energy demand is due on one side to the huge number of IoT devices, and on the other side to the plethora of IoT end user applications consuming
data produced by those devices. However, taking into account energy consumption in the development of such applications, consuming data produced by IoT devices is still challenging. There is a lack of knowledge on what are the best practises to develop green IoT applications. The work presented in this paper aims to raise the awareness of application designers concerning the impact of the choice of IoT protocols and interaction patterns on the energy consumption of the applications. For this purpose, we have experimentally analysed the energy consumption of HTTP and MQTT, which are two of the most popular, mature and stable protocols for IoT consumer applications. For the HTTP protocol, we have studied both the publish-subscribe and the request-reply interaction patterns. For MQTT, we have studied the publish-subscribe interaction pattern with the three available Quality of Services. We also examine the impact of message payload on energy consumption. The results show that the publish/subscribe interaction pattern has lower energy consumption (around 92% less) than the synchronous interaction pattern and HTTP consumes 20% more energy than the MQTT protocol for the publish/subscribe interaction pattern. Finally, we have shown that the payload has a low impact on energy consumption having a 9% overhead on payloads ranging from 24 to 3120 bytes

Keywords: Middleware, Internet of Things applications, IoT protocols Interaction patterns, IoT Platforms, Energy Consumption, Green IT

New paper “Conformance checking for autonomous multi-cloud SLA management and adaptation” at Journal of Supercomputing

Authors: Jeremy Mechouche, Roua Touihri, Mohamed Sellami and Walid Gaaloul

Link: https://link.springer.com/article/10.1007/s11227-022-04363-0


Satisfying cloud customers’ requirements, i.e., respecting an agreed-on service level agreement (SLA), is not a trivial task in a multi-cloud context. This is mainly due to divergent SLA objectives among the involved cloud service providers and hence divergent reconfiguration strategies to enforce them. In this paper, we propose a hierarchical representation of multi-cloud SLAs: sub-SLAs associated with a system’s components deployed on distinct cloud service providers and global-SLA associated with the whole system. We also enrich these SLA representations with state machines reflecting reconfiguration strategies defined by cloud customers. Then, we propose an autonomous multi-cloud resource orchestrator based on the MAPE-K adaptation control loop to enforce them and to avoid SLA violations. Finally, in order to check the conformity of this enforcement with defined multi-cloud SLA, we propose an approach for multi-cloud SLA reporting inspired by conformance checking techniques. An implementation of the approach is presented in the paper and illustrates the approach feasibility.

New paper “Towards higher-level description of SLA-aware reconfiguration strategies based on state-machine” at ICEBE’2021

Authors: Jeremy Mechouche, Roua Touihri, Mohamed Sellami and Walid Gaaloul


High number of European projects and international initiatives show an increased interest in the multi-cloud paradigm. One key need identified in these studies is an SLA-driven service model for multi-cloud environment. While offering a multi-cloud application, cloud consumer define reconfiguration strategies to avoid violating SLAs established with their customers. In this context, this paper presents an approach for enriching multi-cloud SLA representations with reconfiguration strategies. Advantages of this approach are twofold: (i) simplify SLA administration and (ii) limit SLA violations caused by reconfiguration strategies. We represent reconfiguration strategies based on state-machine formalism. Furthermore, we define thresholds to guarantee their compliance with multi-cloud SLAs and anticipate SLA violations. An implementation of the approach is presented in the paper and illustrates how these thresholds are computed.

New paper “Runtime models and evolution graphs for the version management of microservice architectures” at APSEC 2021

Authors: Yuwei Wang, Denis Conan, Sophie Chabridon, Kavoos Bojnourdi, Jingxuan Ma.

APSEC 2021, https://hal.archives-ouvertes.fr/hal-03419462

Microservice architectures focus on developing modular and independent functional units, which can be automatically deployed, enabling agile DevOps. One major challenge is to manage the rapid evolutionary changes in microservices and perform continuous redeployment without interrupting the application execution. The existing solutions provide limited capacities to help software architects model, plan, and perform version management activities. The architects lack a representation of a microservice architecture with versions tracking. In this paper, we propose runtime models that distinguishes the type model from the instance model, and we build up an evolution graph of configuration snapshots of types and instances to allow the traceability of microservice versions and their deployment. We demonstrate our solution with an illustrative application that involves synchronous (RPC calls) and asynchronous (publish-subscribe) interaction within information systems.

New paper “Automating user-feedback driven requirements prioritization” in Elsevier Information and Software Technology

Authors: Fitsum Meshesha Kifetew, Anna Perini, Angelo Susi, Aberto Siena, Denisse Muñante and Itzel Morales-Ramirez

Information and Software Technology, Elsevier, 2021, 138, https://hal.archives-ouvertes.fr/hal-03277970


Context: Feedback from end users of software applications is a valuable resource in understanding what users request, what they value, and what they dislike. Information derived from user-feedback can support software evolution activities, such as requirements prioritization. User-feedback analysis is still mostly performed manually by practitioners, despite growing research in automated analysis. Objective: We address two issues in automated user-feedback analysis: (i) most of the existing automated analysis approaches that exploit linguistic analysis assume that the vocabulary adopted by users (when expressing feedback) and developers (when formulating requirements) are the same; and (ii) user-feedback analysis techniques are usually experimentally evaluated only on some user-feedback dataset, not involving assessment by potential software developers. Method: We propose an approach, ReFeed, that computes, for each requirement, the set of related user-feedback, and from such user-feedback extracts quantifiable properties which are relevant for prioritizing the requirement. The extracted properties are propagated to the related requirements, based on which ranks are computed for each requirement. ReFeed relies on domain knowledge, in the form of an ontology, helping mitigate the gap in the vocabulary of end users and developers. The effectiveness of ReFeed is evaluated on a realistic requirements prioritization scenario in two experiments involving graduate students from two different universities. Results: ReFeed is able to synthesize reasonable priorities for a given set of requirements based on properties derived from user-feedback. The implementation of ReFeed and related resources are publicly available. Conclusion: The results from our studies are encouraging in that using only three properties of user-feedback, ReFeed is able to prioritize requirements with reasonable accuracy. Such automatically determined prioritization could serve as a good starting point for requirements experts involved in the task of prioritizing requirements Future studies could explore additional user-feedback properties to improve the effectiveness of computed priorities.

New paper “PrioDeX: a Data Exchange middleware for efficient event prioritization in SDN-based IoT systems” in ACM TOIT

Authors: Georgios Bouloukakis, Kyle Benson, Luca Scalzotto, Paolo Bellavista, Casey Grant, Valérie Issarny, Sharad Mehrotra,Ioannis Moscholios, Nalini Venkatasubramanian

ACM Transactions on Internet of Things, In press, https://hal.archives-ouvertes.fr/hal-03171358


Real-time event detection and targeted decision making for emerging mission-critical applications require systems that extract and process relevant data from IoT sources in smart spaces. Oftentimes, this data is heterogeneous in size, relevance, and urgency, which creates a challenge when considering that different groups of stakeholders (e.g., first responders, medical staff, government officials, etc) require such data to be delivered in a reliable and timely manner. Furthermore, in mission-critical settings, networks can become constrained due to lossy channels and failed components, which ultimately add to the complexity of the problem. In this paper, we propose PrioDeX, a cross-layer middleware system that enables timely and reliable delivery of mission-critical data from IoT sources to relevant consumers through the prioritization of messages. It integrates parameters at the application, network, and middleware layers into a data exchange service that accurately estimates end-to-end performance metrics through a queueing analytical model. PrioDeX proposes novel algorithms that utilize the results of this analysis to tune data exchange configurations (event priorities and dropping policies), which is necessary for satisfying situational awareness requirements and resource constraints. PrioDeX leverages Software-Defined Networking (SDN) methodologies to enforce these configurations in the IoT network infrastructure. We evaluate our approach using both simulated and prototype-based experiments in a smart building fire response scenario. Our application-aware prioritization algorithm improves the value of exchanged information by 36% when compared with no prioritization; the addition of our network-aware drop rate policies improves this performance by 42% over priorities only and by 94% over no prioritization.