Fog Computing and Blockchain for Massive IoT Deployment

Abstract: The expected exponential growth of IoT devices in future years arises management issues to be resolved. Cloud computing may not be adequate for a massive scale while fog computing brings the ability to manage the distribution of controllability and manageability. Besides, such decentralized architecture is not sufficient to handle sensitive transactions, blockchain-based technology has raised hypes in implementing applications in trust-less environments. This paper proposes a blockchain-based architecture for scalable control of IoT devices. Moreover, smart contracts are developed to facilitate the ledger update process. Experimental results show that the proposed architecture is capable of providing trust on-demand changes with a negligible effect on IoT resources.

Formal Modeling and Verification of Blockchain Consensus Protocol for IoT Systems
  • Authors: Abdelhakim Baouya, Salim Chehida, Saddek Bensalem, and Marius Bozga
  • Location: The 19th International Conference on Intelligent Software Methodologies, Tools and Techniques, Tools and Techniques (SOMET 2020), held in Kitakyushu, JAPAN.
  • eBook: Frontiers in Artificial Intelligence and Applications, Volume 327: Knowledge Innovation Through Intelligent Software Methodologies, Tools and Techniques

Abstract: Many industrials consider blockchain as a technology breakthrough for cybersecurity, with use cases ranging from cryptocurrency system to smart contracts, and so forth. While IoT systems employ a lightweight communication protocol between physical objects, blockchain may ensure safe information gathering. Unfortunately, the mixture of both technologies has yet to be formally investigated regarding the consensus algorithm. In this paper, statistical model checking is applied to provide quantitative answers on whether the modeled system satisfies safety and liveness properties expressed in LTL temporal logic.

Applied Statistical Model Checking for a Sensor Behavior Analysis

Abstract: The analysis of sensors’ behavior becomes one of the essential challenges due to the growing use of these sensors for making a decision in IoT systems. The paper proposes an approach for a formal specification and analysis of such behavior starting from existing sensor traces. A model that embodies the sensor measurements over the time in the form of stochastic automata is built, then temporal properties are feed to Statistical Model Checker to simulate the learned model and to perform analysis. LTL properties are employed to predict sensors’ readings in time and to check the conformity of sensed data with the sensor traces in order to detect any abnormal behavior.

Exploration of Impactful Countermeasures on IoT Attacks


Risks mitigation in IoT based systems is one of the recent challenges in both academia and industry. In this work, we propose an approach based on the attack-defense tree to assess the relevant countermeasures for protecting IoT infrastructure.

To this end, an attack strategy exploration tool built on the top of the statistical model checker and genetic algorithm is used to select high impactful countermeasures. From that result, defense strategies are highlighted while a compromise guarantee between successful attacks, the cost incurred and the time to perform a sequence of attack actions. We report experiments applied over IoT network attacks.

End-to-end security validation of IoT systems based on digital twins of end-devices
  • Authors : Laurent Maillet-Contoz, Emmanuel Michel, Mario Diaz Nava, Paul-Emmanuel Brun, Kévin Leprêtre, Guillemette Massot
  • Location: Virtual Event – 3rd June 2020 – 2020 Global Internet of Things Summit (GIoTS) – 3rd Workshop on Internet of Things Security and Privacy (WISP)


While the number of digital services is increasing faster and faster, those services rely more and more on IoT systems to collect data and perform data analysis, eventually using AI techniques. In this context, devices are part of the “root of trust” and need to be secured in order to ensure high quality and trusted digital services.

This paper presents an approach to facilitate the integration, verification and then the functional validation of the security into devices based on modeling and simulation. This approach allows reducing the cost impact of adding security layer to physical devices.

BRAIN-IoT: Paving The Way For Next-Generation Internet of Things

Abstract: Nowadays, the adoption of the Internet of Things is drastically increasing in different domains and is contributing to the fast digitalization of several different critical sectors. In the near future, next generation of IoT-based systems will become more complex to be designed and managed. An opportunity for the development of flexible smart IoT-based systems that drive the business decision-making is to take more precise and accurate decisions at the right time, collecting real-time IoT generated data. This involves a set of challenges including the complexity of IoT-based systems and the management of large-scale systems scalability. With respect to these challenges, we propose to automate the management of IoT-based systems mainly based on an autonomic computing approach; these systems should implement cognitive capabilities that allow them learning and generating decisions at the right time. Consequently, we propose a model-driven methodology for designing smart IoT-based systems…

Privacy awareness for IoT platforms: BRAIN-IoT approach
  • Authors: Mohammad Rifat Ahmmad RASHID, Davide CONZON, Xu TAO and Enrico FERRERA
  • Published in: the book “Security and Privacy in Internet of Things: Challenges and Solutions”
  • Pages: 24 – 43

With the increasing adaptation of Internet of Things (IoT) platforms in decentralized cloud environments, more focus given towards facilitating the privacy awareness building upon goals set by current European Union (EU) General Data Protection Regulation (GDPR) regulations. Therefore, it is necessary to empower the end users (both private and corporate) of IoT platforms with the capability of deciding which combination of self-hosted or cloud-oriented IoT systems are most suitable to handle the personal data they generate and own as well as with the ability to change the existing (or pre-set) configurations at any time. Furthermore, adaptation of GDPR regulations in IoT platforms is challenging as there are needs for significant efforts to integrate privacy policies in a programmatic way to: (i) increase awareness of users about which data is collected, where it is transmitted, by whom, etc.; (ii) provide controls to enable users to notify such aspects, being at the same time aware of how such a decision affects the quality of the IoT services provided in that IoT platform. BRAIN-IoT project focuses on complex scenarios where actuation and control are cooperatively supported by populations of IoT systems. The breakthrough targeted by BRAIN-IoT is to provide solutions to embed privacy-awareness and privacy control features in IoT solutions. In this work, the authors explore the following key areas: (a) privacy awareness in IoT systems using GDPR regulations and BRAIN-IoT platform, and (b) propose a conceptual framework for Privacy Impact Assessment (PIA) using privacy principles presented in GDPR regulations. The proposed privacy awareness framework is cross-platform, so it is suitable to support a wide number of heterogeneous IoT systems, deployed by corporate and private users.

Integración de Herramientas de Gestión de los Sistemas de Agua Urbana en sistemas IoT Descentralizados
  • Authors: Diego Fernández, Ricardo Váquez, Román Maceiras y Adriel Regueira.
  • Location: JIA 2019 | Línea Temática MD


In this article, the authors present the results of testing a solution that could allow the integration of sensor systems and platforms within the EMALCSA infrastructure, identifying correlations between the obtained values ​​and the existing platforms and infrastructure. For this purpose, the framework developed in BRAIN-IoT is implemented, to enable interoperability between the current management and control system with other existing IoT platforms and open-source initiatives in a decentralized manner. The distributed nature of the IoT makes it necessary for the BRAIN-IoT platform to ensure good security practices and with privacy and data integrity policies.

BRAIN-IoT: Model-Based Framework for Dependable Sensing and Actuation in Intelligent Decentralized IoT System
  • Authors: Davide Conzon, Mohammad Rifat Ahmmad Rashid, Xu Tao, Angel Soriano, Robotnik Automation, Richard Nicholson, Enrico Ferrera
  • Published in: 2019 4th International Conference on Computing, Communications and Security (ICCCS)


Modern applications in the Smart Building and Industry 4.0 scenarios will be complex software ecosystems with strict requirements of geographic distribution, heterogeneity, dynamic evolution, security and privacy protection, highly more challenging than the ones required by the current environments. Two of the main challenges arising in the current Internet Of Things scenarios, i.e., the Smart Building one, are, on one side, the requirement of interconnecting several heterogeneous platforms and smart Things in the same environment and, on the other side, the need to be able to evolve the complex software ecosystem deployed, reacting automatically and at runtime to environmental changes, without the human intervention. To address these challenges, BRAIN-IoT establishes a framework and methodology supporting smart cooperative behaviour in fully de-centralized, composable and dynamic federations of heterogeneous Internet of Things platforms. In this way, BRAIN-IoT enables smart autonomous behaviour in Internet of Things scenarios, involving heterogeneous sensors and actuators autonomously cooperating to execute complex, dynamic tasks. Furthermore, BRAIN-IoT enables dynamically deploying and orchestrating distributed applications, allowing the automatic installation and replacement of smart behaviours reacting to environmental changes and User events. Finally, BRAIN-IoT provides a set of components that guarantee the security and privacy protection of the data exchanged using the solution. BRAIN-IoT is a general purpose solution that aims at being adaptable for heterogeneous scenarios, from Service Robotics to Critical Infrastructure Management. This paper introduces a Smart Building use case of the solution, which allows highlighting the advantages given by BRAIN-IoT in such scenario.

Dynamic fog computing platform for event-driven deployment and orchestration of distributed Internet of Things applications


The next generation of Smart City and Industry 4.0 applications will be geographically distributed, heterogeneous, co-evolving software ecosystems, significantly more sophisticated than the current Enterprise or Cloud compute environments. To be economically sustainable and achieve solution longevity, these software ecosystems must be operationally simple, cost effective to maintain over extended periods of time, and able to cost effectively adapt to both changing environmental conditions and service requirements. This paper presents the BRAIN-IoT Federation, a distributed and highly modular federated environment that addresses these sustainability, longevity and adaptability challenges by leveraging OSGi – the Open Standard for Software Modularity. With a focus on Operational simplicity, BRAIN-IoT federation enables the dynamic deployment, orchestration and monitoring of distributed applications and uniquely, automatically installing new behaviours in response to environment triggers and User events. To show how, through the use of OSGi components and standards, it is possible to build a software solution able to address all the challenges presented by the modern scenarios, in terms of agility and adaptability, this work presents an use case study related to the use of robots for last-mile delivery of parcels. Over the next few years this field promises to provide high cost savings and reduction of the environmental impact, allowing to reduce the traffic caused by parcels delivering. An exploration of how the BRAIN-IoT federation is applicable to such environment, enabling robots adapt to changing and diverse Internet of Things environments, will be presented in the paper.

Revisiting the Glue of BIP
  • Author: Jacques Combaz
  • Location: April 2019, MeTRID 2019: 2nd International workshop on Methods and Tools for Rigorous System Design
The modeling language and the associated tools for the analysis
  • Author: Saddek Bensalem
  • Location: February 2019, Dagstuhl-Seminar 1908, “Verification and Synthesis of Human-Robot Interaction”


IoT European Security and Privacy Projects: Integration, Architectures and Interoperability
  • Authors: E. Ferrera, C.Pastrone et al.
  • Category: Book chapter in “Next Generation Internet of Things, Distributed Intelligence at the Edge and Human Machine-to-Machine Cooperation, 2018”
  • Pages 209-221


The chapter presents an overview of the eight that are part of the European IoT Security and Privacy Projects initiative (IoT-ESP) addressing advanced concepts for end-to-end security in highly distributed, heterogeneous and dynamic IoT environments. The approaches presented are holistic and include identification and authentication, data protection and prevention against cyber-attacks at the device and system levels. The projects present architectures, concepts, methods and tools for open IoT platforms integrating evolving sensing, actuating, energy harvesting, networking and interface technologies. Platforms should provide connectivity and intelligence, actuation and control features, linkage to modular and ad-hoc cloud services, The IoT platforms used are compatible with existing international developments addressing object identity management, discovery services, virtualisation of objects, devices and infrastructures and trusted IoT approaches.

  • Statistical Model Checking BIP tool [link is missing]
    • Saddek Bensalem
    • June 2019, Workshop on Trustworthy Embedded Software organized by Huawei
  • Rigorous System Design: The BIP framework [link is missing]
    • Saddek Bensalem
    • November 2019, Proposed lectures to the Doctoral School (EMSTII) of UGA.
    • Duration: 12 hours
    • Number of PhD students : around 15.
  • Virtual Twins: Modeling trends and challenges ahead [link is missing]
  • End-to-end security for IoT [link is missing]
    • Paul-Emmanuel Brun, AIRBUS CyberSecurity
    • Published in IoTSec Open Access Book
  • Privacy awareness, risk assessment and control measures in IoT platforms: BRAIN-IoT approach [link is missing]
    • Mohammad Rifat Ahmmad Rashid, Xu Tao, Davide Conzon, and Enrico Ferrera
    • Published in IoTSec Open Access Book
  • Risk Assessment in IoT Case Study: Collaborative Robots System [link is missing]
  • Model-Based Methodology and Framework for Design and Management of Next-Gen IoT Systems [link is missing]
  • A Cross-Platform Communication Mechanism for ROS-Based Cyber-Physical System [link is missing]

D7.5 – Updated Advertising Community Engagement materials and Results
D6.3 – Phase 1 Integration and Evaluation Framework
D6.2 – Lab-scale Evaluations
D5.4 – Updated Threat modelling and Security assessment of target scenarios solutions
D5.3 – Initial enablers for Privacy awareness and control
D5.2 – Initial AAA layer for IoT cross platform models
D4.3 – Initial BRAIN-IoT Marketplace Business Dynamics
D4.2 – Initial Deployment and operation enablers
D3.4 – Initial Tools for dependable Smart Behaviour
D3.3 – Initial Enablers for dynamic distribution of IoT behaviour
D3.2 – Initial AI and ML features for smart behaviour and actuation
D2.5 – Updated Architecture and Test Sites Specifications
D2.4 – Updated Visions Scenarios Use Cases and Innovations
D7.3 Initial Advertising, Community Engagement materials and Results

The main objective of work package 7 is to create awareness and adoption of the BRAIN-IoT project within the targeted communities defined by deliverables D7.4 & D7.1, i.e.: Research Communities, Developer Communities (Early adopters and Late adopters), Solution makers, End users and the general public

This report documents the initial efforts and results of the project in term of advertising and community engagement. It follows the dissemination strategy defined in D7.1.
In this document, a list of the press releases, articles, social media tools and available contents will be presented, as well as a brief summary of the events in which the project has participated.

D7.2 Project Website

This deliverable documents the activities related to the website of the Brain-IoT project,  the main tool to communicate project results to scientists, scholars, professionals, the interested public and other stakeholders. More specifically, it aims at providing a project introduction as well as continuous updates on project results. The website is designed using the WordPress Content Management System (CMS), as it naturally supports the combination of static pages with blog entries that are continuously added. WordPress also provides an editorial system that supports the coordination of inputs from the different partners and collaborators of the project.

D7.1 Communication and Dissemination Strategy

This document defines the project‘s outreach strategy including an effective communication plan. The strategy is intended to optimize dissemination of project knowledge and results to scientific, open source and industrial communities, companies and public organizations. This document will identify the main stakeholders‘ communities to be mobilized by the project and for each define the best media, events, and publications to target.

This document will be a living document throughout the project regularly updated to take count of strategy evolutions. The evolution of the strategy will be visible in the next deliverables D7.3, D7.5 and D7.6 which will present an update of the Advertising, Community Engagement materials and Results.

This document is split in three main sections:

  • How we identify our customers, describing the projects’ efforts to identify the dissemination and exploitations targets, i.e. the project “customers”.
  • The Dissemination strategy outlining the dissemination activities carried out by the BRAIN-IoT project partners.
  • The Eclipse IoT Proposal explaining the benefits in joining an open source community like the Eclipse Foundation and explaining the steps the BRAIN-IoT project proposal has to go through to be sustainable in this open source community.
D6.1 Data Management Plan

The purpose of this document is to present the initial Data Management Plan (DMP) of the BRAIN-IoT project and to provide the guidelines for maintaining the DMP during the project.

The Data Management Plan methodology approach adopted for the compilation of D6.1 has been based on the updated version of the “Guidelines on FAIR Data Management in Horizon 2020 version 3.0 released on 26 July 2016 by the European Commission Directorate – General for Research & Innovation”. It defines how data in general and research data in particular will be handled during the research project and will make suggestions for the after-project time. It describes what data will be collected, processed or generated within the scope of the project, what methodologies and standards shall be followed during the collection process, whether and how these data shall be shared and/or made open for the evaluation needs, and how they shall be curated and preserved.

All BRAIN-IoT data will be handled according to EU Data protection and Privacy regulation and the General Data Protection Regulation (GDPR).

D3.1 Initial data and capabilities models for cross-platform interoperability

Deliverable D3.1 is aiming to design a BRAIN-IoT modelling language IoT-ML which allows to virtualize concrete physical world devices including also complex system such as autonomous robots and critical control devices, as well as data and capabilities models for cross-platform interoperability. The main challenge in this work is to design a IoT Modelling language which can embrace multiple domains. The framework designed could provide the capability to model several different aspects, meaning it could support several individual modelling approaches as well as modelling languages.

D4.1 Initial discovery, search, composition and orchestration enablers

This document explores how BRAIN-IoT approaches the requirements of initial device discovery, search, composition and orchestration in a manner that addresses these non-functional challenges. The proposed approach is sufficiently flexible to deal with any foreseeable runtime use case and this document maps out a strategy to deliver this. However, it should also be noted that current BRAIN-IoT Use Case(s) will be subsets of these generalised behaviours.

D5.1 Initial Threat modelling and Security assessment

This document reports on the initial threat modeling and security assessment of the BRAIN-IoT proposed scenarios and the followed security methodology which is based on known threats analyzed by international initiatives undergoing in the EU and worldwide. Starting from the scenarios and architectural solutions defined by WP2, the authors performed an initial analysis considering intentional threats that may result in BRAIN-IoT services to be compromised or disrupted.

D2.2 Initial Architecture and PoC Specifications

This document represents the first iteration of the BRAIN-IoT architecture with focus on: i) identifying BRAIN-IoT things and platforms, ii) defining initial set of requirements, iii) defining initial version of the BRAIN-IoT reference architecture, iv) identifying BRAIN-IoT relevant technologies, v) defining Proof-of-Concept specifications.

The reference architecture and the requirement list in this deliverable will be revised, extended and refined in the next iteration.

D2.1 Initial Visions, Scenarios and Use Cases

Initial version of the vision, application scenarios and use cases in which the results of the BRAIN-IoT project will be demonstrated. D2.1 work has been conducted using domain analysis and brainstorming sessions involving relevant stakeholders and use case analyses. This document reports on the iterative process of ideation which resulted in the definition of: 1) the workflow of the workbench, 2) an initial set of relevant stakeholders, 3) the communication flow between them, and 4) the initial set of use cases.

The official BRAIN-IoT flyer and poster are available below, please feel free to download them!

BRAIN-IoT Architecture poster (V2 – Oct. 2019)
BRAIN-IoT Architecture poster (V1 – July 2019)
BRAIN-IoT Brochure
Critical Infrastructure Management – Distribution Deposits Infrastructure
Critical Infrastructure Management – Drinking Water Treatment Station
Critical Infrastructure Management – Cecebre Damn
Official Poster