Samir Ouchani - Academia.edu (original) (raw)
Papers by Samir Ouchani
The Journal of Supercomputing
Lecture Notes in Computer Science, 2021
2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS), 2020
Journal of Ambient Intelligence and Humanized Computing, 2022
Procedia Computer Science, 2022
ACM Transactions on Cyber-Physical Systems, 2021
Industrial cyber-physical systems (ICPS) are heterogeneous inter-operating parts that can be phys... more Industrial cyber-physical systems (ICPS) are heterogeneous inter-operating parts that can be physical, technical, networking, and even social like agent operators. Incrementally, they perform a central role in critical and industrial infrastructures, governmental, and personal daily life. Especially with the Industry 4.0 revolution, they became more dependent on the connectivity by supporting novel communication and distance control functionalities, which expand their attack surfaces that result in a high risk for cyber-attacks. Furthermore, regarding physical and social constraints, they may push up new classes of security breaches that might result in serious economic damages. Thus, designing a secure ICPS is a complex task, since this needs to guarantee security and harmonize the functionalities between the various parts that interact with different technologies. This article highlights the significance of cyber-security infrastructure and shows how to evaluate, prevent, and mit...
2020 IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA), 2020
Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both indus... more Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both industry and academia. Such systems have proven particularly complex and provide considerable challenges to master their design and ensure their functionalities. In this paper, we intend to tackle some of these challenges related to the security and the resilience of CPS at the design level. We initiate a CPS modeling approach to specify such systems structure and behaviors, analyze their inherent properties and to overcome threats in terms of security and correctness. In this initiative, we consider a CPS as a network of entities that communicate through physical and logical channels, and which purpose is to achieve a set of tasks expressed as an ordered tree. Our modeling approach proposes a combination of the Coq theorem prover and the Maude rewriting system to ensure the soundness and correctness of CPS design. The introduced solution is illustrated through an automobile manufacturing case study.
2020 IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA), 2020
Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both indus... more Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both industry and academia. Such systems have proven particularly complex and provide considerable challenges to master their design and ensure their functionalities. In this paper, we intend to tackle some of these challenges related to the security and the resilience of CPS at the design level. We initiate a CPS modeling approach to specify such systems structure and behaviors, analyze their inherent properties and to overcome threats in terms of security and correctness. In this initiative, we consider a CPS as a network of entities that communicate through physical and logical channels, and which purpose is to achieve a set of tasks expressed as an ordered tree. Our modeling approach proposes a combination of the Coq theorem prover and the Maude rewriting system to ensure the soundness and correctness of CPS design. The introduced solution is illustrated through an automobile manufacturing case study.
2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA), 2019
One of the main challenges in the development process of secure systems is how to detect as early... more One of the main challenges in the development process of secure systems is how to detect as early as possible the system's vulnerabilities and weaknesses, and also how to quantify the severity of attacks through them. In this paper, we rely on the concept of attack surfaces to implement a secure cyber physical system in Java. Attack surfaces can be sometimes detected automatically, regarding the used language, by matching them against known attacks still is a step apart. Further, systems and attacks are not usually modeled with compatible formalism. This paper develops a modeling framework that automates the whole process by generating attacks for cyber physical systems. First, we formalize a system using UML class and activity diagrams. Further, we use UML to develop a meta language for cyber physical systems, cyber attacks, and cyber counter measures. The framework instantiates the dependent-application diagrams for the domain/application in test, searches for the existing attack surfaces; then it generates the possible attacks that might exploit the found vulnerabilities/weaknesses. Further the proposed framework generates the proper java code for the composition counter measures, attacks, and CPS models.
Model and Data Engineering, 2019
Indoor environments play a main role on people living, work, social life, and health. Especially,... more Indoor environments play a main role on people living, work, social life, and health. Especially, recent statistics show that people who are often most susceptible to the adverse health effects tend to spend more time indoors. To overcome these issues, modern rooms are well equipped with different kind of connected objects (IoT) in order to facilitate the life of inhabitants and to manage better the indoor environment by automatically controlling the indoors problems (humidity, temperature, noise, light ...) with respect to the experts recommendations and inhabitants hopes. So, the quality of indoor living depends mainly on the environments properties, their precise measurements through IoT, and how safely manage and control them. In this context, we propose a smart living framework covering a global architecture of smart rooms and their related components (sensors, actuator, server. . .), and also a management system for a secure communication network respecting the existing safety and security standards. Further, we present the appropriate semantics for each part of the framework in the form of state machines. Further, we ensure the functional correctness of the proposed framework by implementing the developed state machines in the validation and verification tool Uppaal, where it gives us a satisfactory result for different scenarios.
Software Engineering and Formal Methods. SEFM 2020 Collocated Workshops, 2021
ADTrees (Attack-Defense Trees) are graphical security modeling tools used to logically represent ... more ADTrees (Attack-Defense Trees) are graphical security modeling tools used to logically represent attack scenarios along with their corresponding countermeasures in a user-friendly way. Many researchers nowadays use ADTrees to represent attack scenarios and perform quantitative as well as qualitative security assessment. Among all different existing quantitative security assessment techniques, CTMCs (Continuous Time Markov Chains) have been attractively adopted for ADTrees. ADTrees are usually transformed into CTMCs, where traditional stochastic quantitative analysis approaches can be applied. For that end, the correct transformation of an ADTree to a CTMC requires that each individual element of an ADTree should have its correct and complete representation in the corresponding CTMC. In this paper, we mainly focus on modeling countermeasures in ADTrees using CTMCs. The existing CTMC-model does not provide a precise and complete modeling capability, in particular, when cascaded-countermeasures are used. Cascaded-countermeasures occur when an attacker and a defender in a given ADTree recursively counter each other more than one time in a given branch of the tree. We propose the notion of tokenized-CTMC to construct a new CTMC-model that can precisely model and represent countermeasures in ADTrees. This new CTMC-model allows to handle cascaded-countermeasure scenarios in a more comprehensive way.
2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), 2020
The increasing proliferation of Cyber-Physical Systems (CPS) in industry and academia bring resea... more The increasing proliferation of Cyber-Physical Systems (CPS) in industry and academia bring researchers to work on CPS architectures and models seeking for enhancing the performance and gaining the full potential of the system. This work aims to provide a holistic view of the initiatives done during the last five years in modeling and designing CPS. We define three major classes of CPS covering Smart Healthcare, Smart Manufacturing, and Smart City. We also provide a review of the recent developed architectures and models for each class. Based on the surveyed literature, we identified many open issues and we suggested possible future research directions.
Last decade recognizes a high job demand, more specialized trainings with very oriented jobs offe... more Last decade recognizes a high job demand, more specialized trainings with very oriented jobs offers. This situation makes hiring and recruitments officers in the difficulty to select and find easily the appropriate candidate as well for candidates to choose the best practices and trainings to find later a respectable position. This work aims to help all actors in the job sector by modeling the Product Lifecycle Management (PLM) competencies and analyzing the demands especially in industry 4.0. First, the enterprises needs, in terms of skills, are identified through various job offers distributed on online media. Job offers are structured according to profile, geolocation and required competencies, etc. Then, the analysis is based on information retrieval and text mining through a statistical measure used to evaluate how important a competence to a job offer in a given collection. This contribution applies the Term Frequency Inverse Document Frequency (TF-IDF) to determine what skill...
Journal of Frontiers of Computer Science and Technology, 2008
Model and Data Engineering, 2021
The homes are dangerous environments like outside since it contains risks affect on the life of t... more The homes are dangerous environments like outside since it contains risks affect on the life of the inhabitant (humidity, temperature, noise, light, etc.), especially with the increase of the attention on smart homes and buildings in the previous few years where studies focused on the IoT domain exclude partially these risks. Smart homes/buildings are equipped with IoT objects that capture the conflicting changes in a controlled manner and introduce actions that stop or declare the existing threats. A mechanism that guarantees to the inhabitant a stable and comfortable life is more than mandatory. In this context, we propose a global approach that defines the architecture of a smart home/building by formalizing the main nodes (sensors, actuator, server, etc.) and the technologies that bind them. Further, we define the characteristics and the functioning of nodes by a formal representation in the form of state machines, the applicable norms to build a secure environment, and further ...
Applied Intelligence, 2021
Lecture Notes in Computer Science, 2016
Studies in Computational Intelligence, 2010
The Unified Modeling Language UML 2.0 plays a central role in modern software engineering, and it... more The Unified Modeling Language UML 2.0 plays a central role in modern software engineering, and it is considered as the de facto standard for modeling software architectures and designs. Todays systems are becoming more and more complex, and very difficult to deal with. The main difficulty arises from the different ways in modelling each component and the way they interact with each others. At this level of software modeling, providing methods and tools that allow early detection of errors is mandatory. In this paper, a verification methodology of a composition of UML behavioural diagrams (State Machine, Activity Diagram, and Sequence Diagram) is proposed. Our main contribution is the systematic construction of a semantic model based on a novel composition operator. This operator provides an elegant way to define the combination of different kind of UML diagrams. In addition, this operator posses a nice property which allows to handle the verification of large system efficiently. To demonstrate the effectiveness of our approach, a case study is presented.
Journal of Software, 2012
ABSTRACT
The Journal of Supercomputing
Lecture Notes in Computer Science, 2021
2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS), 2020
Journal of Ambient Intelligence and Humanized Computing, 2022
Procedia Computer Science, 2022
ACM Transactions on Cyber-Physical Systems, 2021
Industrial cyber-physical systems (ICPS) are heterogeneous inter-operating parts that can be phys... more Industrial cyber-physical systems (ICPS) are heterogeneous inter-operating parts that can be physical, technical, networking, and even social like agent operators. Incrementally, they perform a central role in critical and industrial infrastructures, governmental, and personal daily life. Especially with the Industry 4.0 revolution, they became more dependent on the connectivity by supporting novel communication and distance control functionalities, which expand their attack surfaces that result in a high risk for cyber-attacks. Furthermore, regarding physical and social constraints, they may push up new classes of security breaches that might result in serious economic damages. Thus, designing a secure ICPS is a complex task, since this needs to guarantee security and harmonize the functionalities between the various parts that interact with different technologies. This article highlights the significance of cyber-security infrastructure and shows how to evaluate, prevent, and mit...
2020 IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA), 2020
Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both indus... more Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both industry and academia. Such systems have proven particularly complex and provide considerable challenges to master their design and ensure their functionalities. In this paper, we intend to tackle some of these challenges related to the security and the resilience of CPS at the design level. We initiate a CPS modeling approach to specify such systems structure and behaviors, analyze their inherent properties and to overcome threats in terms of security and correctness. In this initiative, we consider a CPS as a network of entities that communicate through physical and logical channels, and which purpose is to achieve a set of tasks expressed as an ordered tree. Our modeling approach proposes a combination of the Coq theorem prover and the Maude rewriting system to ensure the soundness and correctness of CPS design. The introduced solution is illustrated through an automobile manufacturing case study.
2020 IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA), 2020
Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both indus... more Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both industry and academia. Such systems have proven particularly complex and provide considerable challenges to master their design and ensure their functionalities. In this paper, we intend to tackle some of these challenges related to the security and the resilience of CPS at the design level. We initiate a CPS modeling approach to specify such systems structure and behaviors, analyze their inherent properties and to overcome threats in terms of security and correctness. In this initiative, we consider a CPS as a network of entities that communicate through physical and logical channels, and which purpose is to achieve a set of tasks expressed as an ordered tree. Our modeling approach proposes a combination of the Coq theorem prover and the Maude rewriting system to ensure the soundness and correctness of CPS design. The introduced solution is illustrated through an automobile manufacturing case study.
2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA), 2019
One of the main challenges in the development process of secure systems is how to detect as early... more One of the main challenges in the development process of secure systems is how to detect as early as possible the system's vulnerabilities and weaknesses, and also how to quantify the severity of attacks through them. In this paper, we rely on the concept of attack surfaces to implement a secure cyber physical system in Java. Attack surfaces can be sometimes detected automatically, regarding the used language, by matching them against known attacks still is a step apart. Further, systems and attacks are not usually modeled with compatible formalism. This paper develops a modeling framework that automates the whole process by generating attacks for cyber physical systems. First, we formalize a system using UML class and activity diagrams. Further, we use UML to develop a meta language for cyber physical systems, cyber attacks, and cyber counter measures. The framework instantiates the dependent-application diagrams for the domain/application in test, searches for the existing attack surfaces; then it generates the possible attacks that might exploit the found vulnerabilities/weaknesses. Further the proposed framework generates the proper java code for the composition counter measures, attacks, and CPS models.
Model and Data Engineering, 2019
Indoor environments play a main role on people living, work, social life, and health. Especially,... more Indoor environments play a main role on people living, work, social life, and health. Especially, recent statistics show that people who are often most susceptible to the adverse health effects tend to spend more time indoors. To overcome these issues, modern rooms are well equipped with different kind of connected objects (IoT) in order to facilitate the life of inhabitants and to manage better the indoor environment by automatically controlling the indoors problems (humidity, temperature, noise, light ...) with respect to the experts recommendations and inhabitants hopes. So, the quality of indoor living depends mainly on the environments properties, their precise measurements through IoT, and how safely manage and control them. In this context, we propose a smart living framework covering a global architecture of smart rooms and their related components (sensors, actuator, server. . .), and also a management system for a secure communication network respecting the existing safety and security standards. Further, we present the appropriate semantics for each part of the framework in the form of state machines. Further, we ensure the functional correctness of the proposed framework by implementing the developed state machines in the validation and verification tool Uppaal, where it gives us a satisfactory result for different scenarios.
Software Engineering and Formal Methods. SEFM 2020 Collocated Workshops, 2021
ADTrees (Attack-Defense Trees) are graphical security modeling tools used to logically represent ... more ADTrees (Attack-Defense Trees) are graphical security modeling tools used to logically represent attack scenarios along with their corresponding countermeasures in a user-friendly way. Many researchers nowadays use ADTrees to represent attack scenarios and perform quantitative as well as qualitative security assessment. Among all different existing quantitative security assessment techniques, CTMCs (Continuous Time Markov Chains) have been attractively adopted for ADTrees. ADTrees are usually transformed into CTMCs, where traditional stochastic quantitative analysis approaches can be applied. For that end, the correct transformation of an ADTree to a CTMC requires that each individual element of an ADTree should have its correct and complete representation in the corresponding CTMC. In this paper, we mainly focus on modeling countermeasures in ADTrees using CTMCs. The existing CTMC-model does not provide a precise and complete modeling capability, in particular, when cascaded-countermeasures are used. Cascaded-countermeasures occur when an attacker and a defender in a given ADTree recursively counter each other more than one time in a given branch of the tree. We propose the notion of tokenized-CTMC to construct a new CTMC-model that can precisely model and represent countermeasures in ADTrees. This new CTMC-model allows to handle cascaded-countermeasure scenarios in a more comprehensive way.
2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), 2020
The increasing proliferation of Cyber-Physical Systems (CPS) in industry and academia bring resea... more The increasing proliferation of Cyber-Physical Systems (CPS) in industry and academia bring researchers to work on CPS architectures and models seeking for enhancing the performance and gaining the full potential of the system. This work aims to provide a holistic view of the initiatives done during the last five years in modeling and designing CPS. We define three major classes of CPS covering Smart Healthcare, Smart Manufacturing, and Smart City. We also provide a review of the recent developed architectures and models for each class. Based on the surveyed literature, we identified many open issues and we suggested possible future research directions.
Last decade recognizes a high job demand, more specialized trainings with very oriented jobs offe... more Last decade recognizes a high job demand, more specialized trainings with very oriented jobs offers. This situation makes hiring and recruitments officers in the difficulty to select and find easily the appropriate candidate as well for candidates to choose the best practices and trainings to find later a respectable position. This work aims to help all actors in the job sector by modeling the Product Lifecycle Management (PLM) competencies and analyzing the demands especially in industry 4.0. First, the enterprises needs, in terms of skills, are identified through various job offers distributed on online media. Job offers are structured according to profile, geolocation and required competencies, etc. Then, the analysis is based on information retrieval and text mining through a statistical measure used to evaluate how important a competence to a job offer in a given collection. This contribution applies the Term Frequency Inverse Document Frequency (TF-IDF) to determine what skill...
Journal of Frontiers of Computer Science and Technology, 2008
Model and Data Engineering, 2021
The homes are dangerous environments like outside since it contains risks affect on the life of t... more The homes are dangerous environments like outside since it contains risks affect on the life of the inhabitant (humidity, temperature, noise, light, etc.), especially with the increase of the attention on smart homes and buildings in the previous few years where studies focused on the IoT domain exclude partially these risks. Smart homes/buildings are equipped with IoT objects that capture the conflicting changes in a controlled manner and introduce actions that stop or declare the existing threats. A mechanism that guarantees to the inhabitant a stable and comfortable life is more than mandatory. In this context, we propose a global approach that defines the architecture of a smart home/building by formalizing the main nodes (sensors, actuator, server, etc.) and the technologies that bind them. Further, we define the characteristics and the functioning of nodes by a formal representation in the form of state machines, the applicable norms to build a secure environment, and further ...
Applied Intelligence, 2021
Lecture Notes in Computer Science, 2016
Studies in Computational Intelligence, 2010
The Unified Modeling Language UML 2.0 plays a central role in modern software engineering, and it... more The Unified Modeling Language UML 2.0 plays a central role in modern software engineering, and it is considered as the de facto standard for modeling software architectures and designs. Todays systems are becoming more and more complex, and very difficult to deal with. The main difficulty arises from the different ways in modelling each component and the way they interact with each others. At this level of software modeling, providing methods and tools that allow early detection of errors is mandatory. In this paper, a verification methodology of a composition of UML behavioural diagrams (State Machine, Activity Diagram, and Sequence Diagram) is proposed. Our main contribution is the systematic construction of a semantic model based on a novel composition operator. This operator provides an elegant way to define the combination of different kind of UML diagrams. In addition, this operator posses a nice property which allows to handle the verification of large system efficiently. To demonstrate the effectiveness of our approach, a case study is presented.
Journal of Software, 2012
ABSTRACT