{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,15]],"date-time":"2026-05-15T12:25:10Z","timestamp":1778847910764,"version":"3.51.4"},"reference-count":42,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2020,12,1]],"date-time":"2020-12-01T00:00:00Z","timestamp":1606780800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2020,12,14]],"date-time":"2020-12-14T00:00:00Z","timestamp":1607904000000},"content-version":"vor","delay-in-days":13,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Hum. Cent. Comput. Inf. Sci."],"published-print":{"date-parts":[[2020,12]]},"abstract":"Abstract<\/jats:title>\n The Internet of Things (IoT) is a paradigm that permits smart entities to be interconnected anywhere and anyhow. IoT opens new opportunities but also rises new issues. In this dynamic environment, trust is useful to mitigate these issues. In fact, it is important that the smart entities could know and trust the other smart entities in order to collaborate with them. So far, there is a lack of research when considering trust through the whole System Development Life Cycle (SDLC) of a smart IoT entity. In this paper, we suggest a new approach that considers trust not only at the end of the SDLC but also at the start of it. More precisely, we explore the modeling phase proposing a model-driven approach extending UML and SysML considering trust and its related domains, such as security and privacy. We propose stereotypes for each diagram in order to give developers a way to represent trust elements in an effective way. Moreover, we propose two new diagrams that are very important for the IoT: a traceability diagram and a context diagram. This model-driven approach will help developers to model the smart IoT entities according to the requirements elicited in the previous phases of the SDLC. These models will be a fundamental input for the following and final phases of the SDLC.<\/jats:p>","DOI":"10.1186\/s13673-020-00257-3","type":"journal-article","created":{"date-parts":[[2020,12,14]],"date-time":"2020-12-14T19:02:56Z","timestamp":1607972576000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["A model-driven approach to ensure trust in the IoT"],"prefix":"10.1186","volume":"10","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3035-3774","authenticated-orcid":false,"given":"Davide","family":"Ferraris","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Carmen","family":"Fernandez-Gago","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Javier","family":"Lopez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,12,14]]},"reference":[{"issue":"9","key":"257_CR1","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1109\/MC.2011.291","volume":"44","author":"R Roman","year":"2011","unstructured":"Roman R, Najera P, Lopez J (2011) Securing the internet of things. Computer 44(9):51\u201358","journal-title":"Computer"},{"key":"257_CR2","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1016\/j.ins.2017.02.039","volume":"396","author":"C Fernandez-Gago","year":"2017","unstructured":"Fernandez-Gago C, Moyano F, Lopez J (2017) Modelling trust dynamics in the internet of things. Inf Sci 396:72\u201382. https:\/\/doi.org\/10.1016\/j.ins.2017.02.039","journal-title":"Inf Sci"},{"key":"257_CR3","doi-asserted-by":"crossref","unstructured":"Erickson J (2009) Trust metrics. In: International symposium on collaborative technologies and systems, 2009. CTS\u201909, IEEE, New York, pp 93\u201397","DOI":"10.1109\/CTS.2009.5067467"},{"key":"257_CR4","unstructured":"Levien RL (2002) Attack resistant trust metrics. PhD thesis, University of California at Berkeley"},{"issue":"4","key":"257_CR5","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1109\/COMST.2000.5340804","volume":"3","author":"T Grandison","year":"2000","unstructured":"Grandison T, Sloman M (2000) A survey of trust in internet applications. IEEE Commun Surv Tutorials 3(4):2\u201316","journal-title":"IEEE Commun Surv Tutorials"},{"issue":"7","key":"257_CR6","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1145\/1139922.1139924","volume":"49","author":"LJ Hoffman","year":"2006","unstructured":"Hoffman LJ, Lawson-Jenkins K, Blum J (2006) Trust beyond security: an expanded trust model. Commun ACM 49(7):94\u2013101","journal-title":"Commun ACM"},{"key":"257_CR7","unstructured":"Pavlidis M (2011) Designing for trust. In: CAiSE (Doctoral Consortium), pp. 3\u201314"},{"key":"257_CR8","doi-asserted-by":"crossref","unstructured":"Ferraris D, Fernandez-Gago C, Lopez J (2018) A trust by design framework for the internet of things. In: NTMS\u20192018\u2014Security Track (NTMS 2018 Security Track), Paris, France","DOI":"10.1109\/NTMS.2018.8328674"},{"issue":"1","key":"257_CR9","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1186\/s13673-019-0183-8","volume":"9","author":"V Mohammadi","year":"2019","unstructured":"Mohammadi V, Rahmani AM, Darwesh AM, Sahafi A (2019) Trust-based recommendation systems in internet of things: a systematic literature review. Human Centric Comput Inf Sci 9(1):21","journal-title":"Human Centric Comput Inf Sci"},{"issue":"1","key":"257_CR10","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/s10207-019-00446-x","volume":"19","author":"B Shayesteh","year":"2020","unstructured":"Shayesteh B, Hakami V, Akbari A (2020) A trust management scheme for IOT-enabled environmental health\/accessibility monitoring services. Int J Inf Secur 19(1):93\u2013110","journal-title":"Int J Inf Secur"},{"issue":"1","key":"257_CR11","first-page":"155","volume":"25","author":"B Bordel","year":"2019","unstructured":"Bordel B, Alcarria R, Martin D, Sanchez-Picot A (2019) Trust provision in the internet of things using transversal blockchain networks. Intell Autom Soft Comput 25(1):155\u2013170","journal-title":"Intell Autom Soft Comput"},{"issue":"1","key":"257_CR12","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s13673-019-0205-6","volume":"10","author":"Y Lee","year":"2020","unstructured":"Lee Y, Rathore S, Park JH, Park JH (2020) A blockchain-based smart home gateway architecture for preventing data forgery. Human Centric Comput Inf Sci 10(1):1\u201314","journal-title":"Human Centric Comput Inf Sci"},{"key":"257_CR13","volume-title":"Unified modeling language reference manual","author":"J Rumbaugh","year":"2004","unstructured":"Rumbaugh J, Jacobson I, Booch G (2004) Unified modeling language reference manual. The Pearson Higher Education, London"},{"key":"257_CR14","volume-title":"A practical gide to SysML: the systems modeling language","author":"S Friedenthal","year":"2014","unstructured":"Friedenthal S, Moore A, Steiner R (2014) A practical gide to SysML: the systems modeling language. Morgan Kaufmann, Burlington"},{"key":"257_CR15","unstructured":"Marsh SP (1994) Formalising trust as a computational concept. PhD thesis, Department of Computing Science and Mathematics, University of Stirling"},{"key":"257_CR16","doi-asserted-by":"crossref","unstructured":"Blaze M, Feigenbaum J, Lacy J (1996) Decentralized trust management. In: Proceedings 1996 IEEE symposium onSecurity and privacy, 1996. IEEE, New York, pp 164\u2013173.","DOI":"10.1109\/SECPRI.1996.502679"},{"key":"257_CR17","doi-asserted-by":"crossref","unstructured":"Uddin MG, Zulkernine M (2008) Umltrust: towards developing trust-aware software. In: Proceedings of the 2008 ACM symposium on applied computing, ACM, New York, pp 831\u2013836","DOI":"10.1145\/1363686.1363875"},{"issue":"1","key":"257_CR18","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1016\/j.ress.2004.08.005","volume":"89","author":"J G\u00f3rski","year":"2005","unstructured":"G\u00f3rski J, Jarz\u0119bowicz A, Leszczyna R, Miler J, Olszewski M (2005) Trust case: justifying trust in an it solution. Reliabil Eng Syst Saf 89(1):33\u201347","journal-title":"Reliabil Eng Syst Saf"},{"key":"257_CR19","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/s10207-019-00438-x","volume":"19","author":"D Ferraris","year":"2019","unstructured":"Ferraris D, Fernandez-Gago C (2019) Trustapis: a trust requirements elicitation method for IOT. Int J Inf Secur 19:111\u2013127","journal-title":"Int J Inf Secur"},{"key":"257_CR20","volume-title":"Secure systems development with UML","author":"J J\u00fcrjens","year":"2005","unstructured":"J\u00fcrjens J (2005) Secure systems development with UML. Springer, Berlin"},{"key":"257_CR21","doi-asserted-by":"crossref","unstructured":"Basin D, Doser J, Lodderstedt T (2003) Model driven security for process-oriented systems. In: Proceedings of the eighth ACM symposium on access control models and technologies, ACM, New York, pp 100\u2013109","DOI":"10.1145\/775412.775425"},{"key":"257_CR22","doi-asserted-by":"crossref","unstructured":"Lodderstedt T, Basin D, Doser J (2002) Secureuml: a uml-based modeling language for model-driven security. In: International conference on the unified modeling language. Springer, Berlin, pp 426\u2013441","DOI":"10.1007\/3-540-45800-X_33"},{"key":"257_CR23","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1016\/j.infsof.2018.04.007","volume":"100","author":"PX Mai","year":"2018","unstructured":"Mai PX, Goknil A, Shar LK, Pastore F, Briand LC, Shaame S (2018) Modeling security and privacy requirements: a use case-driven approach. Inf Softw Technol 100:165\u2013182","journal-title":"Inf Softw Technol"},{"issue":"1","key":"257_CR24","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/s10207-019-00445-y","volume":"19","author":"P Aufner","year":"2020","unstructured":"Aufner P (2020) The iot security gap: a look down into the valley between threat models and their implementation. Int J Inf Secur 19(1):3\u201314","journal-title":"Int J Inf Secur"},{"key":"257_CR25","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1016\/j.ins.2017.08.063","volume":"421","author":"S Rathore","year":"2017","unstructured":"Rathore S, Sharma PK, Loia V, Jeong Y-S, Park JH (2017) Social network security: issues, challenges, threats, and solutions. Inf Sci 421:43\u201369","journal-title":"Inf Sci"},{"key":"257_CR26","doi-asserted-by":"crossref","unstructured":"Vraalsen F, Lund MS, Mahler T, Parent X, St\u00f8len K (2005) Specifying legal risk scenarios using the coras threat modelling language. In: International conference on trust management. Springer, Berlin, pp 45\u201360","DOI":"10.1007\/11429760_4"},{"key":"257_CR27","doi-asserted-by":"crossref","unstructured":"Dimitrakos T, Ritchie B, Raptis D, St\u00f8len K (2002) Model-based security risk analysis for web applications: the coras approach. In: Proceedings of the EuroWeb. Citeseer","DOI":"10.14236\/ewic\/EW2002.6"},{"key":"257_CR28","doi-asserted-by":"crossref","unstructured":"Hussein M, Zulkernine M (2006) Umlintr: a uml profile for specifying intrusions. In: 13th annual IEEE international symposium and workshop on engineering of computer based systems, 2006. ECBS 2006, IEEE, New York, pp 8","DOI":"10.1109\/ECBS.2006.70"},{"issue":"4","key":"257_CR29","first-page":"975","volume":"16","author":"JCS Sicato","year":"2020","unstructured":"Sicato JCS, Singh SK, Rathore S, Park JH (2020) A comprehensive analyses of intrusion detection system for iot environment. J Inf Process Syst 16(4):975\u2013990","journal-title":"J Inf Process Syst"},{"key":"257_CR30","doi-asserted-by":"crossref","unstructured":"Maskani I, Boutahar J, El\u00a0Houssa\u00efni SEG (2018) Modeling telemedicine security requirements using a sysml security extension. In: 2018 6th international conference on multimedia computing and systems (ICMCS), IEEE, New York, pp 1\u20136","DOI":"10.1109\/ICMCS.2018.8525939"},{"key":"257_CR31","unstructured":"Apvrille L, Roudier Y (2013) Sysml-sec: A sysml environment for the design and development of secure embedded systems. APCOSEC, Asia-Pacific Council on Systems Engineering, pp 8\u201311"},{"key":"257_CR32","doi-asserted-by":"crossref","unstructured":"Harrand N, Fleurey F, Morin B, Husa KE (2016) Thingml: a language and code generation framework for heterogeneous targets. In: Proceedings of the ACM\/IEEE 19th international conference on model driven engineering languages and systems, pp 125\u2013135","DOI":"10.1145\/2976767.2976812"},{"issue":"2","key":"257_CR33","doi-asserted-by":"publisher","first-page":"557","DOI":"10.2298\/CSIS160110016M","volume":"14","author":"O Mavropoulos","year":"2017","unstructured":"Mavropoulos O, Mouratidis H, Fish A, Panaousis E, Kalloniatis C (2017) A conceptual model to support security analysis in the internet of things. Comput Sci Inf Syst 14(2):557\u2013578","journal-title":"Comput Sci Inf Syst"},{"key":"257_CR34","doi-asserted-by":"crossref","unstructured":"Moyano F, Fernandez-Gago C, Lopez J (2012) A conceptual framework for trust models. In: 9th international conference on trust, privacy and security in digital business, TrustBus 2012, vol. 7449 of lectures notes in computer science. Springer, Berlin, pp 93\u2013104","DOI":"10.1007\/978-3-642-32287-7_8"},{"issue":"2","key":"257_CR35","doi-asserted-by":"publisher","first-page":"545","DOI":"10.32604\/cmc.2019.03760","volume":"58","author":"L Kou","year":"2019","unstructured":"Kou L, Shi Y, Zhang L, Liu D, Yang Q (2019) A lightweight three-factor user authentication protocol for the information perception of iot. Comput Mater Continua 58(2):545\u2013565","journal-title":"Comput Mater Continua"},{"issue":"2","key":"257_CR36","doi-asserted-by":"publisher","first-page":"618","DOI":"10.1016\/j.dss.2005.05.019","volume":"43","author":"A J\u00f8sang","year":"2007","unstructured":"J\u00f8sang A, Ismail R, Boyd C (2007) A survey of trust and reputation systems for online service provision. Decis Support Syst 43(2):618\u2013644","journal-title":"Decis Support Syst"},{"key":"257_CR37","doi-asserted-by":"crossref","unstructured":"Ferraris D, Daniel J, Fernandez-Gago C, Lopez J (2019) A segregated architecture for a trust-based network of internet of things. In: 2019 16th IEEE annual consumer communications & networking conference (CCNC) (CCNC 2019), Las Vegas, USA","DOI":"10.1109\/CCNC.2019.8651703"},{"issue":"4","key":"257_CR38","first-page":"797","volume":"15","author":"K Gafurov","year":"2019","unstructured":"Gafurov K, Chung T-M (2019) Comprehensive survey on internet of things, architecture, security aspects, applications, related technologies, economic perspective, and future directions. J Inf Process Syst 15(4):797\u2013819","journal-title":"J Inf Process Syst"},{"issue":"1","key":"257_CR39","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1186\/s13673-019-0190-9","volume":"9","author":"J-H Park","year":"2019","unstructured":"Park J-H, Salim MM, Jo JH, Sicato JCS, Rathore S, Park JH (2019) Ciot-net: a scalable cognitive iot based smart city network architecture. Human Centric Comput Inf Sci 9(1):29","journal-title":"Human Centric Comput Inf Sci"},{"issue":"4","key":"257_CR40","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1007\/s10207-006-0005-7","volume":"5","author":"P Giorgini","year":"2006","unstructured":"Giorgini P, Massacci F, Mylopoulos J, Zannone N (2006) Requirements engineering for trust management: model, methodology, and reasoning. Int J Inf Secur 5(4):257\u2013274","journal-title":"Int J Inf Secur"},{"key":"257_CR41","first-page":"290","volume-title":"Trust modeling and management: from social trust to digital trust","author":"Z Yan","year":"2008","unstructured":"Yan Z, Holtmanns S (2008) Trust modeling and management: from social trust to digital trust. IGI Global, Hershey, pp 290\u2013323"},{"key":"257_CR42","doi-asserted-by":"crossref","unstructured":"Hershey JR, Chen Z, Le\u00a0Roux J, Watanabe S (2016) Deep clustering: discriminative embeddings for segmentation and separation. In: 2016 IEEE international conference on acoustics, speech and signal processing (ICASSP), IEEE, New York, pp 31\u201335","DOI":"10.1109\/ICASSP.2016.7471631"}],"container-title":["Human-centric Computing and Information Sciences"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s13673-020-00257-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s13673-020-00257-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s13673-020-00257-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,7,30]],"date-time":"2021-07-30T12:31:21Z","timestamp":1627648281000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1186\/s13673-020-00257-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12]]},"references-count":42,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,12]]}},"alternative-id":["257"],"URL":"https:\/\/doi.org\/10.1186\/s13673-020-00257-3","relation":{},"ISSN":["2192-1962"],"issn-type":[{"value":"2192-1962","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,12]]},"assertion":[{"value":"20 July 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 December 2020","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 December 2020","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The authors declare that has no competing interests.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"50"}}