{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:34:45Z","timestamp":1750221285853,"version":"3.41.0"},"reference-count":54,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2018,6,13]],"date-time":"2018-06-13T00:00:00Z","timestamp":1528848000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"ERC","award":["291652 (ASAP)"],"award-info":[{"award-number":["291652 (ASAP)"]}]},{"name":"SFI","award":["13\/RC\/2094"],"award-info":[{"award-number":["13\/RC\/2094"]}]},{"name":"QNRF NPRP","award":["5-079-1-018"],"award-info":[{"award-number":["5-079-1-018"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Cyber-Phys. Syst."],"published-print":{"date-parts":[[2018,7,31]]},"abstract":"<jats:p>As the number, complexity, and heterogeneity of connected devices in the Internet of Things (IoT) increase, so does our need to secure these devices, the environment in which they operate, and the assets they manage or control. Collaborative security exploits the capabilities of these connected devices and opportunistically composes them to protect assets from potential harm. By dynamically composing these capabilities, collaborative security implements the security controls that satisfy both security and non-security requirements. However, this dynamic composition is often hampered by the heterogeneity of the devices available in the environment and the diversity of their behaviours. In this article, we present a systematic, tool-supported approach for collaborative security where the analysis of requirements drives the opportunistic composition of capabilities to realise the appropriate security control in the operating environment. This opportunistic composition is supported through a combination of feature modelling and mediator synthesis. We use features and transition systems to represent and reason about capabilities and requirements. We formulate the selection of the optimal set of features to implement adequate security control as a multi-objective constrained optimisation problem and use constraint programming to solve it efficiently. The selected features are then used to scope the behaviours of the capabilities and thereby restrict the state space for synthesising the appropriate mediator. The synthesised mediator coordinates the behaviours of the capabilities to satisfy the behaviour specified by the security control. Our approach ensures that the implemented security controls are the optimal ones, given the capabilities available in the operating environment. We demonstrate the validity of our approach by implementing a feature-driven mediation for collaborative security tool and applying it to a collaborative robots case study.<\/jats:p>","DOI":"10.1145\/3134843","type":"journal-article","created":{"date-parts":[[2018,6,15]],"date-time":"2018-06-15T14:18:30Z","timestamp":1529072310000},"page":"1-25","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":9,"title":["Feature-Driven Mediator Synthesis"],"prefix":"10.1145","volume":"2","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6124-9622","authenticated-orcid":false,"given":"Amel","family":"Bennaceur","sequence":"first","affiliation":[{"name":"The Open University, Milton Keynes, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thein Than","family":"Tun","sequence":"additional","affiliation":[{"name":"The Open University, Milton Keynes, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Arosha K.","family":"Bandara","sequence":"additional","affiliation":[{"name":"The Open University, Milton Keynes, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yijun","family":"Yu","sequence":"additional","affiliation":[{"name":"The Open University, Milton Keynes, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bashar","family":"Nuseibeh","sequence":"additional","affiliation":[{"name":"The Open University and Lero\u2014The Irish Software Research Centre"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,6,13]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2444095"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2016.2560919"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2010.05.010"},{"key":"e_1_2_1_4_1","volume-title":"Proceedings of the of the 3rd International Conference on Theoretical Computer Science (TCS\u201904)","author":"Baier Christel","year":"2004","unstructured":"Christel Baier , Marcus Gr\u00f6\u00dfer , Martin Leucker , Benedikt Bollig , and Frank Ciesinski . 2004 . Controller synthesis for probabilistic systems . In Proceedings of the of the 3rd International Conference on Theoretical Computer Science (TCS\u201904) . 493--506. Christel Baier, Marcus Gr\u00f6\u00dfer, Martin Leucker, Benedikt Bollig, and Frank Ciesinski. 2004. Controller synthesis for probabilistic systems. In Proceedings of the of the 3rd International Conference on Theoretical Computer Science (TCS\u201904). 493--506."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1186\/s13174-015-0027-3"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2593929.2593938"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2014.2364844"},{"volume-title":"Requirements prioritization","author":"Berander Patrik","key":"e_1_2_1_8_1","unstructured":"Patrik Berander and Anneliese Andrews . 2005. Requirements prioritization . In Engineering and Managing Software Requirements, Ayb\u00fcke Aurum and Claes Wohlin (Eds.). Springer , Berlin , 69--94. Patrik Berander and Anneliese Andrews. 2005. Requirements prioritization. In Engineering and Managing Software Requirements, Ayb\u00fcke Aurum and Claes Wohlin (Eds.). Springer, Berlin, 69--94."},{"volume-title":"Robots everywhere&excl","author":"Brooks Rodney","key":"e_1_2_1_9_1","unstructured":"Rodney Brooks . 2009. Robots everywhere&excl ; In Computing Research That Changed the World : Reflections and Perspectives (CRASS\u201909). Article 13, 39 pages. Rodney Brooks. 2009. Robots everywhere&excl; In Computing Research That Changed the World: Reflections and Perspectives (CRASS\u201909). Article 13, 39 pages."},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/2821357.2821384"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2422518.2422522"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2845145"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02161-9_1"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/242223.242257"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.scico.2010.10.005"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2012.86"},{"volume-title":"Proceedings of the 2013 5th International Conference on Cyber Conflict (CyCon\u201913)","author":"Journal Covington M.","key":"e_1_2_1_17_1","unstructured":"M. Journal Covington and R. Carskadden . 2013. Threat implications of the internet of things . In Proceedings of the 2013 5th International Conference on Cyber Conflict (CyCon\u201913) . 1--12. M. Journal Covington and R. Carskadden. 2013. Threat implications of the internet of things. In Proceedings of the 2013 5th International Conference on Cyber Conflict (CyCon\u201913). 1--12."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2430536.2430543"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/1986308.1986320"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2491411.2491445"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2007.70754"},{"key":"e_1_2_1_22_1","volume-title":"Retrieved","author":"HyperCat Consortium","year":"2016","unstructured":"HyperCat Consortium . 2016 . HyperCat - Home . Retrieved May 23, 2018 from http:\/\/www.hypercat.io\/. HyperCat Consortium. 2016. HyperCat - Home. Retrieved May 23, 2018 from http:\/\/www.hypercat.io\/."},{"key":"e_1_2_1_23_1","unstructured":"IERC. 2015. IoT Semantic Interoperability. IERC-European Research Cluster on the Internet of Things.  IERC. 2015. IoT Semantic Interoperability. IERC-European Research Cluster on the Internet of Things."},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/2486788.2486790"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/225014.225016"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/EEE.2005.110"},{"volume-title":"UPnP Design by Example: A Software Designer\u2019s Guide to Universal Plug and Play","author":"Jeronimo Michael","key":"e_1_2_1_28_1","unstructured":"Michael Jeronimo and Jack Weast . 2003. UPnP Design by Example: A Software Designer\u2019s Guide to Universal Plug and Play . Intel Press . Michael Jeronimo and Jack Weast. 2003. UPnP Design by Example: A Software Designer\u2019s Guide to Universal Plug and Play. Intel Press."},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4684-2001-2_9"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360251"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/2486788.2486866"},{"key":"e_1_2_1_33_1","volume-title":"Retrieved","author":"Foundation Linux","year":"2016","unstructured":"Linux Foundation . 2016 . IoTivity: open source software framework . Retrieved May 23, 2018 from https:\/\/www.iotivity.org. Linux Foundation. 2016. IoTivity: open source software framework. Retrieved May 23, 2018 from https:\/\/www.iotivity.org."},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.5555\/2487336.2487349"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2011.62"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2785733"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2011.112"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SFCS.1977.32"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/75277.75293"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/INM.2015.7140362"},{"key":"e_1_2_1_41_1","volume-title":"Handbook of Constraint Programming","volume":"35","author":"Rossi F.","unstructured":"F. Rossi , P. Van Beek , and T. Walsh . 2006 . Handbook of Constraint Programming , Vol. 35 . Elsevier Science. F. Rossi, P. Van Beek, and T. Walsh. 2006. Handbook of Constraint Programming, Vol. 35. Elsevier Science."},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/RE.2012.6345794"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2014.11.008"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2004.1264860"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884861"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJAOSE.2009.022945"},{"key":"e_1_2_1_47_1","volume-title":"Technical Report. Gartner. Retrieved","author":"van der Meulen Rob","year":"2014","unstructured":"Rob van der Meulen and Janessa Rivera . 2014 . Gartner Says a Typical Family Home Could Contain More Than 500 Smart Devices by 2022 . Technical Report. Gartner. Retrieved May 23, 2018 from http:\/\/www.gartner.com\/newsroom\/id\/2839717. Rob van der Meulen and Janessa Rivera. 2014. Gartner Says a Typical Family Home Could Contain More Than 500 Smart Devices by 2022. Technical Report. Gartner. Retrieved May 23, 2018 from http:\/\/www.gartner.com\/newsroom\/id\/2839717."},{"key":"e_1_2_1_48_1","volume-title":"Requirements Engineering: From System Goals to UML Models to Software Specifications","author":"van Lamsweerde Axel","year":"2009","unstructured":"Axel van Lamsweerde . 2009 . Requirements Engineering: From System Goals to UML Models to Software Specifications . Wiley . Axel van Lamsweerde. 2009. Requirements Engineering: From System Goals to UML Models to Software Specifications. Wiley."},{"key":"e_1_2_1_49_1","first-page":"49","article-title":"From system goals to intruder anti-goals: Attack generation and resolution for security requirements engineering","volume":"3","author":"Lamsweerde Axel Van","year":"2003","unstructured":"Axel Van Lamsweerde , Simon Brohez , Renaud De Landtsheer , and David Janssens . 2003 . From system goals to intruder anti-goals: Attack generation and resolution for security requirements engineering . Proceedings of RHAS 3 (2003), 49 -- 56 . Axel Van Lamsweerde, Simon Brohez, Renaud De Landtsheer, and David Janssens. 2003. From system goals to intruder anti-goals: Attack generation and resolution for security requirements engineering. Proceedings of RHAS 3 (2003), 49--56.","journal-title":"Proceedings of RHAS"},{"key":"e_1_2_1_50_1","volume-title":"Protecting Your Home From Afar With a Robot. The New York Times. Retrieved","author":"Wayner Peter","year":"2010","unstructured":"Peter Wayner . 2010. Protecting Your Home From Afar With a Robot. The New York Times. Retrieved November 2010 from http:\/\/www.nytimes.com\/2010\/11\/04\/technology\/personaltech\/04basics.html. Peter Wayner. 2010. Protecting Your Home From Afar With a Robot. The New York Times. Retrieved November 2010 from http:\/\/www.nytimes.com\/2010\/11\/04\/technology\/personaltech\/04basics.html."},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.5555\/648253.752541"},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.121508"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/244795.244801"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2015.04.065"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/2555611"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2004.11"}],"container-title":["ACM Transactions on Cyber-Physical Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3134843","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3134843","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:11:25Z","timestamp":1750212685000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3134843"}},"subtitle":["Supporting Collaborative Security in the Internet of Things"],"short-title":[],"issued":{"date-parts":[[2018,6,13]]},"references-count":54,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2018,7,31]]}},"alternative-id":["10.1145\/3134843"],"URL":"https:\/\/doi.org\/10.1145\/3134843","relation":{},"ISSN":["2378-962X","2378-9638"],"issn-type":[{"type":"print","value":"2378-962X"},{"type":"electronic","value":"2378-9638"}],"subject":[],"published":{"date-parts":[[2018,6,13]]},"assertion":[{"value":"2016-07-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2017-08-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2018-06-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}