Abstract
The world has been witnessing a proliferation of Internet of Things (IoT) applications in the last decade thanks to the growing awareness of the opportunities they can bring in various domains. However, the widespread adoption of IoT technologies highlights the importance of ensuring the correctness of these applications, which can have an impact on their security and reliability. The work presented in this paper contributes to the efforts addressing the verification in IoT. In this work, we are particularly interested in IoT applications developed using Node-RED, which despite being one of the most used tools by the IoT community still lacks attention when it comes to formal verification of its applications’ correctness and security.
We therefore propose a first step towards a formal approach based on the formalization of IoT applications modeled with Node-RED flows that permits their formal verification. This step consists in formally defining Node-RED concepts and proposing a semantically equivalent Petri net model that would serve as a starting point for the development of a model-checker for Node-RED applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
In the following, we denote by x.y the element y of the tuple x.
- 2.
To develop this use case, we used the healthcare case study in [16]; where we changed the factories ensuring cardiovascular diseases and the type of alerts sent to the patients in case of danger.
References
Adhikari, R.: Webcam maker takes FTC’s heat for internet-of-things security failure. https://www.technewsworld.com/story/78891.html
Blanchard, A., Kosmatov, N., Loulergue, F.: Ghosts for lists: a critical module of Contiki verified in Frama-C. In: Dutle, A., Muñoz, C., Narkawicz, A. (eds.) NFM 2018. LNCS, vol. 10811, pp. 37–53. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-77935-5_3
Blanchard, A., Kosmatov, N., Loulergue, F.: Logic against ghosts: comparison of two proof approaches for a list module. In: Hung, C., Papadopoulos, G.A. (eds.) Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing, SAC 2019, Limassol, Cyprus, 8–12 April 2019, pp. 2186–2195. ACM (2019)
Blanchard, A., Loulergue, F., Kosmatov, N.: Towards full proof automation in Frama-C using auto-active verification. In: Badger, J.M., Rozier, K.Y. (eds.) NFM 2019. LNCS, vol. 11460, pp. 88–105. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-20652-9_6
Fortas, A., Kerkouche, E., Chaoui, A.: Formal verification of IoT applications using rewriting logic: an MDE-based approach. Sci. Comput. Program. 222, 102859 (2022)
Haddad, S., Ilié, J.-M., Klai, K.: Design and evaluation of a symbolic and abstraction-based model checker. In: Wang, F. (ed.) ATVA 2004. LNCS, vol. 3299, pp. 196–210. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30476-0_19
Hughes, D.J.D., Shmatikov, V.: Information hiding, anonymity and privacy: a modular approach. J. Comput. Secur. 12(1), 3–36 (2004)
Larson, S.: FDA confirms that St. Jude’s cardiac devices can be hacked. https://money.cnn.com/2017/01/09/technology/fda-st-jude-cardiac-hack/
Loulergue, F., Blanchard, A., Kosmatov, N.: Ghosts for lists: from axiomatic to executable specifications. In: Dubois, C., Wolff, B. (eds.) TAP 2018. LNCS, vol. 10889, pp. 177–184. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-92994-1_11
Mangano, F., Duquennoy, S., Kosmatov, N.: Formal verification of a memory allocation module of Contiki with Frama-C: a case study. In: Cuppens, F., Cuppens, N., Lanet, J.-L., Legay, A. (eds.) CRiSIS 2016. LNCS, vol. 10158, pp. 114–120. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54876-0_9
Ouchani, S.: Ensuring the functional correctness of IoT through formal modeling and verification. In: Abdelwahed, E.H., Bellatreche, L., Golfarelli, M., Méry, D., Ordonez, C. (eds.) MEDI 2018. LNCS, vol. 11163, pp. 401–417. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-00856-7_27
Petri, C.A.: Concepts of net theory. In: Mathematical Foundations of Computer Science: Proceedings of Symposium and Summer School, Strbské Pleso, High Tatras, Czechoslovakia, 3–8 September 1973, pp. 137–146 (1973)
Peyrard, A., Kosmatov, N., Duquennoy, S., Lille, I., Raza, S.: Towards formal verification of Contiki: analysis of the AES-CCM* modules with Frama-C. In: Giustiniano, D., Koutsonikolas, D., Banchs, A., Mingozzi, E., Chowdhury, K.R. (eds.) Proceedings of the 2018 International Conference on Embedded Wireless Systems and Networks, EWSN 2018, Madrid, Spain, 14–16 February 2018, pp. 264–269. Junction Publishing, Canada/ ACM (2018)
Souri, A., Norouzi, M.: A state-of-the-art survey on formal verification of the internet of things applications. J. Serv. Sci. Res. 11(1), 47–67 (2019)
Technology, I.E.: Node-red (2020). https://nodered.org
Zrelli, R., Yeddes, M., Hadj-Alouane, N.B.: Checking and enforcing security through opacity in healthcare applications. In: Braubach, L., et al. (eds.) ICSOC 2017. LNCS, vol. 10797, pp. 161–173. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-91764-1_13
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Garfatta, I., Souid, N.E., Klai, K. (2024). Towards Formal Verification of Node RED-Based IoT Applications. In: Ben Hedia, B., Maleh, Y., Krichen, M. (eds) Verification and Evaluation of Computer and Communication Systems. VECoS 2023. Lecture Notes in Computer Science, vol 14368. Springer, Cham. https://doi.org/10.1007/978-3-031-49737-7_7
Download citation
DOI: https://doi.org/10.1007/978-3-031-49737-7_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-49736-0
Online ISBN: 978-3-031-49737-7
eBook Packages: Computer ScienceComputer Science (R0)