{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T19:42:23Z","timestamp":1757619743854,"version":"3.44.0"},"publisher-location":"Cham","reference-count":83,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030176006"},{"type":"electronic","value":"9783030176013"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-17601-3_3","type":"book-chapter","created":{"date-parts":[[2019,4,16]],"date-time":"2019-04-16T19:24:23Z","timestamp":1555442663000},"page":"99-147","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Securing Emergent IoT Applications"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5814-7406","authenticated-orcid":false,"given":"Prabhakaran","family":"Kasinathan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jorge","family":"Cuellar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,4,14]]},"reference":[{"key":"3_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"407","DOI":"10.1007\/3-540-63139-9_48","volume-title":"Application and Theory of Petri Nets 1997","author":"WMP van der Aalst","year":"1997","unstructured":"van der Aalst, W.M.P.: Verification of workflow nets. In: Az\u00e9ma, P., Balbo, G. (eds.) ICATPN 1997. LNCS, vol. 1248, pp. 407\u2013426. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-63139-9_48"},{"issue":"1","key":"3_CR2","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1016\/0166-3615(94)90031-0","volume":"25","author":"WMP van der Aalst","year":"1994","unstructured":"van der Aalst, W.M.P.: Putting high-level Petri nets to work in industry. Comput. Ind. 25(1), 45\u201354 (1994). https:\/\/doi.org\/10.1016\/0166-3615(94)90031-0","journal-title":"Comput. Ind."},{"key":"3_CR3","unstructured":"AIOTI: The Alliance for the Internet of Things Innovation (2018). https:\/\/aioti.eu\/. Accessed Dec 2018"},{"key":"3_CR4","unstructured":"Antonakakis, M., et al.: Understanding the Mirai Botnet. In: 26th USENIX Security Symposium, pp. 1092\u20131110 (2017). https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/antonakakis"},{"key":"3_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1007\/3-540-61770-1_27","volume-title":"Computer Security \u2014 ESORICS 1996","author":"V Atluri","year":"1996","unstructured":"Atluri, V., Huang, W.-K.: An authorization model for workflows. In: Bertino, E., Kurth, H., Martella, G., Montolivo, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 44\u201364. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-61770-1_27"},{"issue":"2\/3","key":"3_CR6","doi-asserted-by":"publisher","first-page":"209","DOI":"10.3233\/JCS-2000-82-307","volume":"8","author":"V Atluri","year":"2000","unstructured":"Atluri, V., Huang, W.: A Petri net based safety analysis of workflow authorization models. J. Comput. Secur. 8(2\/3), 209\u2013240 (2000). http:\/\/content.iospress.com\/articles\/journal-of-computer-security\/jcs113","journal-title":"J. Comput. Secur."},{"key":"3_CR7","doi-asserted-by":"publisher","first-page":"533","DOI":"10.4236\/jsea.2016.910036","volume":"9","author":"A Bahga","year":"2016","unstructured":"Bahga, A., Madisetti, V.K.: Blockchain platform for industrial internet of things. J. Softw. Eng. Appl. 9, 533\u2013546 (2016). https:\/\/doi.org\/10.4236\/jsea.2016.910036","journal-title":"J. Softw. Eng. Appl."},{"key":"3_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"494","DOI":"10.1007\/978-3-319-70278-0_31","volume-title":"Financial Cryptography and Data Security","author":"M Bartoletti","year":"2017","unstructured":"Bartoletti, M., Pompianu, L.: An empirical analysis of smart contracts: platforms, applications, and design patterns. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 494\u2013509. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70278-0_31"},{"key":"3_CR9","doi-asserted-by":"publisher","unstructured":"Basin, D., Burri, S.J., Karjoth, G.: Optimal workflow-aware authorizations. In: ACM Symposium on Access Control Models and Technologies (SACMAT 2012), pp. 93\u2013102 (2012). https:\/\/doi.org\/10.1145\/2295136.2295154","DOI":"10.1145\/2295136.2295154"},{"issue":"1","key":"3_CR10","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1145\/300830.300837","volume":"2","author":"E Bertino","year":"1999","unstructured":"Bertino, E., Ferrari, E., Atluri, V.: The specification and enforcement of authorization constraints in workflow management systems. ACM Trans. Inf. Syst. Secur. 2(1), 65\u2013104 (1999). https:\/\/doi.org\/10.1145\/300830.300837","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"3_CR11","doi-asserted-by":"publisher","DOI":"10.1093\/toxsci\/kft059","volume-title":"Computer Security: Art and Science","author":"M Bishop","year":"2002","unstructured":"Bishop, M.: Computer Security: Art and Science. Addison-Wesley, Boston (2002). https:\/\/doi.org\/10.1093\/toxsci\/kft059. https:\/\/books.google.de\/books?id=b4gcswEACAAJ"},{"key":"3_CR12","doi-asserted-by":"publisher","unstructured":"Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. Technical report, IETF, May 2014. https:\/\/doi.org\/10.17487\/rfc7228","DOI":"10.17487\/rfc7228"},{"key":"3_CR13","doi-asserted-by":"publisher","unstructured":"Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the 16th ACM conference on Computer and communications security - CCS 2009, p. 400. ACM Press, New York (2009). https:\/\/doi.org\/10.1145\/1653662.1653711","DOI":"10.1145\/1653662.1653711"},{"key":"3_CR14","doi-asserted-by":"publisher","first-page":"2292","DOI":"10.1109\/ACCESS.2016.2566339","volume":"4","author":"K Christidis","year":"2016","unstructured":"Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the internet of things. IEEE Access 4, 2292\u20132303 (2016). https:\/\/doi.org\/10.1109\/ACCESS.2016.2566339. http:\/\/ieeexplore.ieee.org\/document\/7467408\/","journal-title":"IEEE Access"},{"key":"3_CR15","doi-asserted-by":"publisher","unstructured":"Compagna, L., dos Santos, D.R., Ponta, S.E., Ranise, S.: Aegis: automatic enforcement of security policies in workflow-driven web applications. In: Proceedings of ACM on Conference on Data and Application Security and Privacy - CODASPY 2017, pp. 321\u2013328 (2017). https:\/\/doi.org\/10.1145\/3029806.3029813","DOI":"10.1145\/3029806.3029813"},{"key":"3_CR16","unstructured":"Cuellar, J., Kasinathan, P., Calvo, D.: Privacy-enhanced-tokens (PAT) profile for ACE. Technical report, IETF (2018). https:\/\/datatracker.ietf.org\/doc\/draft-cuellar-ace-pat-priv-enhanced-authz-tokens\/"},{"key":"3_CR17","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1007\/978-3-662-53357-4_6","volume-title":"Financial Cryptography and Data Security","author":"Kevin Delmolino","year":"2016","unstructured":"Delmolino, K., Arnett, M., Kosba, A.E., Miller, A., Shi, E.: Step by step towards creating a safe smart contract: lessons and insights from a cryptocurrency lab. IACR Cryptology ePrint Archive 2015, 460 (2015). https:\/\/doi.org\/10.1007\/978-3-662-53357-4_6. https:\/\/eprint.iacr.org\/2015\/460.pdf"},{"issue":"8","key":"3_CR18","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1145\/360933.360975","volume":"18","author":"EW Dijkstra","year":"1975","unstructured":"Dijkstra, E.W.: Guarded commands, nondeterminacy and formal derivation of programs. Commun. ACM 18(8), 453\u2013457 (1975). https:\/\/doi.org\/10.1145\/360933.360975","journal-title":"Commun. ACM"},{"key":"3_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"374","DOI":"10.1007\/3-540-65306-6_20","volume-title":"Lectures on Petri Nets I: Basic Models","author":"J Esparza","year":"1998","unstructured":"Esparza, J.: Decidability and complexity of Petri net problems\u2014an introduction. In: Reisig, W., Rozenberg, G. (eds.) ACPN 1996. LNCS, vol. 1491, pp. 374\u2013428. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/3-540-65306-6_20"},{"key":"3_CR20","unstructured":"Ethereum: Solidity\u2014Solidity (2018). https:\/\/solidity.readthedocs.io\/en\/develop\/. Accessed Aug 2018"},{"key":"3_CR21","unstructured":"Ethereum: What Are Smart Contracts - EthereumWiki (2018). http:\/\/www.ethereumwiki.com\/ethereum-wiki\/smart-contracts\/. Accessed Mar 2018"},{"key":"3_CR22","unstructured":"European Union (EU): EU GDPR Information Portal (2018). https:\/\/www.eugdpr.org\/. Accessed July 2018"},{"key":"3_CR23","doi-asserted-by":"publisher","DOI":"10.1016\/B978-0-12-374379-4.X0001-X","volume-title":"A Practical Guide to SysML","author":"S Friedenthal","year":"2008","unstructured":"Friedenthal, S., Moore, A., Steiner, R.: A Practical Guide to SysML, 3rd edn. Morgan Kaufmann, San Francisco (2008). https:\/\/doi.org\/10.1016\/B978-0-12-374379-4.X0001-X","edition":"3"},{"key":"3_CR24","unstructured":"Gerdes, S., Bergmann, O., Bormann, C., Selander, G., Seitz, L.: Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE) (2018). https:\/\/tools.ietf.org\/html\/draft-ietf-ace-dtls-authorize-03. Accessed Mar 2018"},{"key":"3_CR25","doi-asserted-by":"crossref","unstructured":"Hardt, D.: The OAuth 2.0 Authorization Framework (2012). https:\/\/tools.ietf.org\/html\/rfc6749. Accessed Dec 2017","DOI":"10.17487\/rfc6749"},{"key":"3_CR26","doi-asserted-by":"publisher","unstructured":"Harney, H., Muckenhirn, C.: Group Key Management Protocol (GKMP) Specification, July 1997. https:\/\/doi.org\/10.17487\/rfc2093","DOI":"10.17487\/rfc2093"},{"key":"3_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1007\/978-3-540-40022-6_14","volume-title":"Petri Net Technology for Communication-Based Systems","author":"R Heckel","year":"2003","unstructured":"Heckel, R.: Open Petri nets as semantic model for workflow integration. In: Ehrig, H., Reisig, W., Rozenberg, G., Weber, H. (eds.) Petri Net Technology for Communication-Based Systems. LNCS, vol. 2472, pp. 281\u2013294. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-40022-6_14"},{"key":"3_CR28","doi-asserted-by":"publisher","unstructured":"Huang, W.K., Atluri, V.: SecureFlow: a secure web-enabled workflow management system. In: Proceedings of the Fourth ACM Workshop on Role-Based Access Control - RBAC 1999, pp. 83\u201394 (1999). https:\/\/doi.org\/10.1145\/319171.319179","DOI":"10.1145\/319171.319179"},{"key":"3_CR29","unstructured":"IBM: Energy-Blockchain Labs and IBM Create Carbon Credit Management Platform Using Hyperledger Fabric on the IBM Cloud, pp. 2\u20133. IBM Press Release (2017). https:\/\/www-03.ibm.com\/press\/us\/en\/pressrelease\/51839.wss"},{"key":"3_CR30","unstructured":"IBM: Hyperledger Fabric \u2013 Hyperledger (2018). https:\/\/www.hyperledger.org\/projects\/fabric. Accessed Aug 2018"},{"key":"3_CR31","unstructured":"IBM: Hyperledger-Smart Contract Language \u2013 Chaincode (2018). https:\/\/hyperledger-fabric.readthedocs.io\/en\/release-1.2\/blockchain.html. Accessed Aug 2018"},{"key":"3_CR32","unstructured":"IETF ACE Working Group: Authentication and Authorization for Constrained Environments (ACE) (2017). https:\/\/datatracker.ietf.org\/doc\/draft-ietf-ace-oauth-authz\/. Accessed Dec 2017"},{"key":"3_CR33","doi-asserted-by":"publisher","unstructured":"Jamal, M., Zafar, N.A.: Transformation of activity diagram into coloured Petri nets using weighted directed graph. In: 2016 International Conference on Frontiers of Information Technology (FIT), pp. 181\u2013186. IEEE, December 2016. https:\/\/doi.org\/10.1109\/FIT.2016.041. http:\/\/ieeexplore.ieee.org\/document\/7866750\/","DOI":"10.1109\/FIT.2016.041"},{"key":"3_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"248","DOI":"10.1007\/BFb0046842","volume-title":"Petri Nets: Central Models and Their Properties","author":"K Jensen","year":"1987","unstructured":"Jensen, K.: Coloured Petri nets. In: Brauer, W., Reisig, W., Rozenberg, G. (eds.) Petri Nets: Central Models and Their Properties. LNCS, vol. 254, pp. 248\u2013299. Springer, Heidelberg (1987). https:\/\/doi.org\/10.1007\/BFb0046842"},{"key":"3_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"342","DOI":"10.1007\/3-540-53863-1_31","volume-title":"Advances in Petri Nets 1990","author":"K Jensen","year":"1991","unstructured":"Jensen, K.: Coloured Petri nets: a high level language for system design and analysis. In: Rozenberg, G. (ed.) ICATPN 1989. LNCS, vol. 483, pp. 342\u2013416. Springer, Heidelberg (1991). https:\/\/doi.org\/10.1007\/3-540-53863-1_31"},{"key":"3_CR36","series-title":"Monographs in Theoretical Computer Science. An EATCS Series","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-03241-1","volume-title":"Coloured Petri Nets - Basic Concepts, Analysis Methods and Practical Use","author":"K Jensen","year":"1996","unstructured":"Jensen, K.: Coloured Petri Nets - Basic Concepts, Analysis Methods and Practical Use. Monographs in Theoretical Computer Science. An EATCS Series, vol. 1, 2nd edn. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/978-3-662-03241-1","edition":"2"},{"issue":"3\u20134","key":"3_CR37","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1007\/s10009-007-0038-x","volume":"9","author":"K Jensen","year":"2007","unstructured":"Jensen, K., Kristensen, L.M., Wells, L.: Coloured Petri nets and CPN tools for modelling and validation of concurrent systems. STTT 9(3\u20134), 213\u2013254 (2007). https:\/\/doi.org\/10.1007\/s10009-007-0038-x","journal-title":"STTT"},{"key":"3_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1007\/3-540-45800-X_32","volume-title":"$$\\ll $$UML$$\\gg $$ 2002 \u2014 The Unified Modeling Language","author":"J J\u00fcrjens","year":"2002","unstructured":"J\u00fcrjens, J.: UMLsec: extending UML for secure systems development. In: J\u00e9z\u00e9quel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412\u2013425. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45800-X_32"},{"key":"3_CR39","unstructured":"Kasinathan, P., Cu\u00e9llar, J.: Securing the integrity of workflows in IoT. In: Proceedings of the 2018 International Conference on Embedded Wireless Systems and Networks, EWSN 2018, Madrid, Spain, 14\u201316 February 2018, pp. 252\u2013257 (2018). http:\/\/dl.acm.org\/citation.cfm?id=3234908"},{"key":"3_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-98989-1_1","volume-title":"Computer Security","author":"P Kasinathan","year":"2018","unstructured":"Kasinathan, P., Cuellar, J.: Workflow-aware security of integrated mobility services. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11099, pp. 3\u201319. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-98989-1_1"},{"key":"3_CR41","doi-asserted-by":"publisher","unstructured":"Knorr, K.: Dynamic access control through Petri net workflows. In: 16th Annual Computer Security Applications Conference (ACSAC 2000), New Orleans, Louisiana, USA, 11\u201315 December 2000, pp. 159\u2013167 (2000). https:\/\/doi.org\/10.1109\/ACSAC.2000.898869","DOI":"10.1109\/ACSAC.2000.898869"},{"key":"3_CR42","unstructured":"Krebs, B., BMW: connected mobility lab \u2013 center digitization.bayern (2017). https:\/\/zentrum-digitalisierung.bayern\/connected-mobility-lab\/. Accessed Oct 2018"},{"key":"3_CR43","doi-asserted-by":"publisher","unstructured":"Linhares, M.V., da Silva, A.J., de Oliveira, R.S.: Empirical evaluation of SysML through the modeling of an industrial automation unit. In: 2006 IEEE Conference on Emerging Technologies and Factory Automation, pp. 145\u2013152. IEEE, September 2006. https:\/\/doi.org\/10.1109\/ETFA.2006.355190. http:\/\/ieeexplore.ieee.org\/document\/4178305\/","DOI":"10.1109\/ETFA.2006.355190"},{"key":"3_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/3-540-45800-X_33","volume-title":"$$\\ll $$UML$$\\gg $$ 2002 \u2014 The Unified Modeling Language","author":"T Lodderstedt","year":"2002","unstructured":"Lodderstedt, T., Basin, D., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: J\u00e9z\u00e9quel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426\u2013441. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45800-X_33"},{"key":"3_CR45","doi-asserted-by":"publisher","unstructured":"Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS 2016, pp. 254\u2013269. ACM Press, New York (2016). https:\/\/doi.org\/10.1145\/2976749.2978309","DOI":"10.1145\/2976749.2978309"},{"key":"3_CR46","doi-asserted-by":"publisher","DOI":"10.1109\/TCOM.1976.1093424","author":"PM Merlin","year":"1976","unstructured":"Merlin, P.M., Farber, D.J.: Recoverability of communication protocols-implications of a theoretical study. IEEE Trans. Commun. (1976). https:\/\/doi.org\/10.1109\/TCOM.1976.1093424","journal-title":"IEEE Trans. Commun."},{"key":"3_CR47","unstructured":"Miessler, D., Smith, C., Haddix, J.: OWASP Internet of Things Top Ten Project (2014). Accessed Dec 2017"},{"key":"3_CR48","unstructured":"Modelio \u2013 Open Source Tool: Modelio \u2013 the open source modeling tool. https:\/\/www.modelio.org\/. Accessed Aug 2018"},{"key":"3_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"514","DOI":"10.1007\/978-3-540-69387-1_58","volume-title":"Computational Science \u2013 ICCS 2008","author":"S Morimoto","year":"2008","unstructured":"Morimoto, S.: A survey of formal verification for business process modeling. In: Bubak, M., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2008. LNCS, vol. 5102, pp. 514\u2013522. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-69387-1_58"},{"key":"3_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"367","DOI":"10.1007\/3-540-44988-4_21","volume-title":"Application and Theory of Petri Nets 2000","author":"KH Mortensen","year":"2000","unstructured":"Mortensen, K.H.: Automatic code generation method based on coloured Petri net models applied on an access control system. In: Nielsen, M., Simpson, D. (eds.) ICATPN 2000. LNCS, vol. 1825, pp. 367\u2013386. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44988-4_21"},{"issue":"4","key":"3_CR51","doi-asserted-by":"publisher","first-page":"541","DOI":"10.1109\/5.24143","volume":"77","author":"T Murata","year":"1989","unstructured":"Murata, T.: Petri nets: properties, analysis and applications. Proc. IEEE 77(4), 541\u2013580 (1989). https:\/\/doi.org\/10.1109\/5.24143. http:\/\/ieeexplore.ieee.org\/document\/24143\/","journal-title":"Proc. IEEE"},{"key":"3_CR52","unstructured":"Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). https:\/\/bitcoin.org\/bitcoin.pdf. Accessed Oct 2018"},{"key":"3_CR53","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4419-8834-8","volume-title":"Principles of Distributed Database Systems","author":"MT \u00d6zsu","year":"2011","unstructured":"\u00d6zsu, M.T., Valduriez, P.: Principles of Distributed Database Systems, 3rd edn. Springer, New York (2011). https:\/\/doi.org\/10.1007\/978-1-4419-8834-8","edition":"3"},{"key":"3_CR54","unstructured":"Petri, C.A.: Communication with automata (1966). http:\/\/edoc.sub.uni-hamburg.de\/informatik\/volltexte\/2010\/155\/"},{"key":"3_CR55","volume-title":"Requirements Engineering: An Overview","author":"K Pohl","year":"1996","unstructured":"Pohl, K.: Requirements Engineering: An Overview. RWTH, Fachgruppe Informatik, Aachen (1996). ftp:\/\/ftp8.de.freebsd.org\/pub\/packages\/CREWS\/CREWS-96-02.pdf"},{"key":"3_CR56","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"254","DOI":"10.1007\/978-3-319-19488-2_13","volume-title":"Application and Theory of Petri Nets and Concurrency","author":"F Pommereau","year":"2015","unstructured":"Pommereau, F.: SNAKES: a flexible high-level Petri nets library (tool paper). In: Devillers, R., Valmari, A. (eds.) PETRI NETS 2015. LNCS, vol. 9115, pp. 254\u2013265. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-19488-2_13"},{"key":"3_CR57","unstructured":"Rahim, M., Boukala-Ioualalen, M., Hammad, A.: Petri nets based approach for modular verification of SysML requirements on activity diagrams. In: Proceedings of the International Workshop on Petri Nets and Software Engineering (PNSE), Tunis, Tunisia, 23\u201324 June 2014, pp. 233\u2013248 (2014). http:\/\/ceur-ws.org\/Vol-1160\/paper14.pdf"},{"key":"3_CR58","series-title":"EATCS Monographs on Theoretical Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-69968-9","volume-title":"Petri Nets: An Introduction","author":"W Reisig","year":"1985","unstructured":"Reisig, W.: Petri Nets: An Introduction. EATCS Monographs on Theoretical Computer Science, vol. 4. Springer, Heidelberg (1985). https:\/\/doi.org\/10.1007\/978-3-642-69968-9"},{"key":"3_CR59","series-title":"Springer Compass International","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-75329-9","volume-title":"A Primer in Petri Net Design","author":"W Reisig","year":"1992","unstructured":"Reisig, W.: A Primer in Petri Net Design. Springer Compass International. Springer, Heidelberg (1992). https:\/\/doi.org\/10.1007\/978-3-642-75329-9"},{"key":"3_CR60","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33278-4","volume-title":"Understanding Petri Nets \u2013 Modeling Techniques, Analysis Methods, Case Studies","author":"W Reisig","year":"2013","unstructured":"Reisig, W.: Understanding Petri Nets \u2013 Modeling Techniques, Analysis Methods, Case Studies. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-33278-4"},{"key":"3_CR61","doi-asserted-by":"publisher","unstructured":"Sadeghi, A.R., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. In: Proceedings of the 52nd Annual Design Automation Conference on - DAC 2015, pp. 1\u20136. ACM Press, New York (2015). https:\/\/doi.org\/10.1145\/2744769.2747942","DOI":"10.1145\/2744769.2747942"},{"issue":"9","key":"3_CR62","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/35.312842","volume":"32","author":"RS Sandhu","year":"1994","unstructured":"Sandhu, R.S., Samarati, P.: Access control: principles and practice. IEEE Commun. Mag. 32(9), 40\u201348 (1994). https:\/\/doi.org\/10.1109\/35.312842. http:\/\/ieeexplore.ieee.org\/document\/312842\/","journal-title":"IEEE Commun. Mag."},{"issue":"6","key":"3_CR63","doi-asserted-by":"publisher","first-page":"52","DOI":"10.1109\/6.591665","volume":"34","author":"R Schaller","year":"1997","unstructured":"Schaller, R.: Moore\u2019s law: past, present and future. IEEE Spectr. 34(6), 52\u201359 (1997). https:\/\/doi.org\/10.1109\/6.591665","journal-title":"IEEE Spectr."},{"key":"3_CR64","unstructured":"Seitz, L., Gerdes, S., Selander, G., Mani, M., Kumar, S.: Use cases for authentication and authorization in constrained environments (2016). ISSN 2070-1721. https:\/\/tools.ietf.org\/html\/rfc7744"},{"key":"3_CR65","unstructured":"Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., Tschofenig, H.: Authentication and authorization for constrained environments (ACE) using the OAuth 2.0 framework (ACE-OAuth). Technical report, IETF (2018)"},{"key":"3_CR66","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1016\/J.COMNET.2014.11.008","volume":"76","author":"S Sicari","year":"2015","unstructured":"Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A.: Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146\u2013164 (2015). https:\/\/doi.org\/10.1016\/J.COMNET.2014.11.008. https:\/\/www.sciencedirect.com\/science\/article\/pii\/S1389128614003971","journal-title":"Comput. Netw."},{"key":"3_CR67","unstructured":"van der Stok, P., Kampanakis, P., Kumar, S., Richardson, M., Furuhed, M., Raza, S.: EST over secure CoAP (EST-coaps). Technical report, IETF (2018). https:\/\/datatracker.ietf.org\/doc\/draft-ietf-ace-coap-est\/"},{"key":"3_CR68","doi-asserted-by":"publisher","unstructured":"Sundmaeker, H., Guillemin, P., Friess, P., Woelffl\u00e9, S. (eds.): Vision and Challenges for Realising the Internet of Things. Publications Office of the European Union, Luxembourg (2010). https:\/\/doi.org\/10.2759\/26127","DOI":"10.2759\/26127"},{"key":"3_CR69","unstructured":"Szabo, N.: Smart contracts: building blocks for digital markets, 1996. EXTROPY: The Journal of Transhumanist Thought (2001). http:\/\/www.fon.hum.uva.nl\/rob\/Courses\/InformationInSpeech\/CDROM\/Literature\/LOTwinterschool2006\/szabo.best.vwh.net\/smart_contracts_2.html"},{"key":"3_CR70","doi-asserted-by":"publisher","unstructured":"Tandon, L., Fong, P.W.L., Safavi-Naini, R.: HCAP: a history-based capability system for IoT devices. In: Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies, SACMAT 2018, Indianapolis, IN, USA, 13\u201315 June 2018, pp. 247\u2013258 (2018). https:\/\/doi.org\/10.1145\/3205977.3205978","DOI":"10.1145\/3205977.3205978"},{"key":"3_CR71","unstructured":"TCG WG: TCG guidance for securing resource-constrained devices. Technical report, Trusted Computing Group (TCG) (2017). https:\/\/trustedcomputinggroup.org\/wp-content\/uploads\/TCG-Guidance-for-Securing-Resource-Constrained-Devices-v1r22.pdf"},{"key":"3_CR72","unstructured":"Thaler, D., Waltermire, D., Housley, R.: Software Updates for Internet of Things (suit) (2018). https:\/\/datatracker.ietf.org\/wg\/suit\/about\/. Accessed Oct 2018"},{"key":"3_CR73","unstructured":"The Official OMG SysML site: What Is OMG SysML? (2012). http:\/\/www.omgsysml.org\/. Accessed Apr 2018"},{"key":"3_CR74","unstructured":"Tiloca, M., Selander, G., Palombini, F., Park, J.: Secure group communication for CoAP (2018). https:\/\/datatracker.ietf.org\/doc\/draft-tiloca-core-multicast-oscoap\/. Accessed Oct 2018"},{"key":"3_CR75","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1007\/978-3-540-40022-6_7","volume-title":"Petri Net Technology for Communication-Based Systems","author":"M Weber","year":"2003","unstructured":"Weber, M., Kindler, E.: The Petri net markup language. In: Ehrig, H., Reisig, W., Rozenberg, G., Weber, H. (eds.) Petri Net Technology for Communication-Based Systems. LNCS, vol. 2472, pp. 124\u2013144. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-40022-6_7"},{"issue":"1","key":"3_CR76","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1016\/J.CLSR.2009.11.008","volume":"26","author":"RH Weber","year":"2010","unstructured":"Weber, R.H.: Internet of things \u2013 new security and privacy challenges. Comput. Law Secur. Rev. 26(1), 23\u201330 (2010). https:\/\/doi.org\/10.1016\/J.CLSR.2009.11.008. https:\/\/www.sciencedirect.com\/science\/article\/pii\/S0267364909001939","journal-title":"Comput. Law Secur. Rev."},{"key":"3_CR77","unstructured":"WfMC: Workflow Management Coalition (2009). http:\/\/www.wfmc.org\/. Accessed July 2017"},{"issue":"01","key":"3_CR78","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1142\/S021812669800004","volume":"08","author":"WMP Van der Aalst","year":"1998","unstructured":"Van der Aalst, W.M.P.: The application of Petri nets to workflow management. J. Circuits Syst. Comput. 08(01), 21\u201366 (1998). https:\/\/doi.org\/10.1142\/S021812669800004. http:\/\/www.worldscientific.com\/doi\/abs\/10.1142\/S0218126698000043","journal-title":"J. Circuits Syst. Comput."},{"issue":"4","key":"3_CR79","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1016\/J.SYSARC.2008.10.002","volume":"55","author":"C Wolter","year":"2009","unstructured":"Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. J. Syst. Arch. 55(4), 211\u2013223 (2009). https:\/\/doi.org\/10.1016\/J.SYSARC.2008.10.002. https:\/\/www.sciencedirect.com\/science\/article\/pii\/S1383762108001471","journal-title":"J. Syst. Arch."},{"key":"3_CR80","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1007\/978-3-540-75183-0_5","volume-title":"Business Process Management","author":"C Wolter","year":"2007","unstructured":"Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 64\u201379. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-75183-0_5"},{"key":"3_CR81","doi-asserted-by":"publisher","unstructured":"Wolter, C., Schaad, A., Meinel, C.: Task-based entailment constraints for basic workflow patterns. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies - SACMAT 2008, p. 51. ACM Press, New York (2008). https:\/\/doi.org\/10.1145\/1377836.1377844","DOI":"10.1145\/1377836.1377844"},{"issue":"4","key":"3_CR82","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1592434.1592436","volume":"41","author":"J Woodcock","year":"2009","unstructured":"Woodcock, J., Larsen, P.G., Bicarregui, J., Fitzgerald, J.: Formal methods: practice and experience. ACM Comput. Surv. 41(4), 1\u201336 (2009). https:\/\/doi.org\/10.1145\/1592434.1592436","journal-title":"ACM Comput. Surv."},{"key":"3_CR83","doi-asserted-by":"publisher","unstructured":"Zhang, F., Cecchetti, E., Croman, K., Juels, A., Shi, E.: Town Crier: an authenticated data feed for smart contracts. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 270\u2013282. ACM, New York (2016). https:\/\/doi.org\/10.1145\/2976749.2978326","DOI":"10.1145\/2976749.2978326"}],"container-title":["Lecture Notes in Computer Science","Engineering Trustworthy Software Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-17601-3_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,8]],"date-time":"2025-09-08T01:03:33Z","timestamp":1757293413000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-17601-3_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030176006","9783030176013"],"references-count":83,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-17601-3_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"14 April 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SETSS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Summer School on Engineering Trustworthy Software Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Chongqing","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 April 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 April 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"setss2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.swu-rise.net.cn\/SETSS2018\/SETSS2018.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Open","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"100% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1-2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1-2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}