Open Access

Julia Rauscher

• We are living in a connected world. In line with this trend, more and more devices have to be connected and communicate automatically. Through these new requirements the IoT emerged. The usage in industry, smart cities and agriculture are only a few of the widely spread application fields. Next to these, the healthcare area is able to take advantage of this technology trend in form of the IoT-WD. The potential of IoT-WD is recognized by more and more stakeholders. Ambient assisted living (AAL), telecare including remote vital data monitoring and personalized wellbeing approaches, e.g. recommendations of fitness trackers, are only a couple of the possibilities for health-conscious people to take advantage of the IoT-WD. All these functions are made possible by the conjunction and cooperation of so-called things. However, next to above named advantages, IoT is endangered to include new safety and security risks since connected things bring hidden dependencies, and thus, possibleWe are living in a connected world. In line with this trend, more and more devices have to be connected and communicate automatically. Through these new requirements the IoT emerged. The usage in industry, smart cities and agriculture are only a few of the widely spread application fields. Next to these, the healthcare area is able to take advantage of this technology trend in form of the IoT-WD. The potential of IoT-WD is recognized by more and more stakeholders. Ambient assisted living (AAL), telecare including remote vital data monitoring and personalized wellbeing approaches, e.g. recommendations of fitness trackers, are only a couple of the possibilities for health-conscious people to take advantage of the IoT-WD. All these functions are made possible by the conjunction and cooperation of so-called things. However, next to above named advantages, IoT is endangered to include new safety and security risks since connected things bring hidden dependencies, and thus, possible dangerous impacts. Especially, IoT-WD has to deal with health-endangering vulnerabilities. Those range from manipulation of intimate data to life-imperiling endangerments of exactly those with a higher need of care, like infants or seniors. Thus, an identification and elimination of safety and security vulnerabilities as early as possible is essential. Since 50% of security flaws arise during the design phase, architecture approaches are needed to offer timely identification and prevention of negative impacts on human beings. IoT systems consist of many components, some of which are very small but nevertheless provide important functions, resulting in complex system models. A manual check for dangerous or harmful design decisions in these models is tedious and would include outdated data, because the monitoring process would be highly time-consuming. Since each IoT system is different, a unified and automated way to make review approaches universally applicable is needed. For this purpose, a unified IoT(-WD) meta model and an IoT layered architecture is developed with which IoT architectures can be modeled and analyzed on a reusable level. The meta model contains wellbeing specific components to optimally depict the critical areas, but focuses on modeling of safety and security relevant system aspects and is accordingly based on known IoT safety and security challenges. As mentioned above, weaknesses often arise in the design phase, in form of so-called design flaws, which could already be noticed at this point but often only become apparent in the fully implemented live system. Since expert knowledge is often not or only temporarily available during the system development lifecycle issues are not caught early on. For this challenge this dissertation develops a Pattern Recognition Framework (PRF) to present a by design approach for a structured and semi-automated flaw identification process which focuses on pattern respectively anti-pattern based expert knowledge preservation. Linked to this is the assessment of identified flaws, as without further analyses prevention or mitigation is not possible. Since impacts can be complex and ramified, the process has to be automated as well. An analysis cycle is presented to show the technical and quantitative impact of potential design flaws including wellbeing information for assessment. In addition, the cycle offers a design decision method to weigh up possible countermeasures and to plan an optimized architecture including the required new services. In order to benefit from already successful architecture analysis approaches, IoT usable analysis steps are abstracted and adapted for this purpose. Finally, the approach of this dissertation is undergoing a three-part evaluation: Related work-based, case study-based and scenario-based. It is evaluated whether the individual approach steps not only cover the current State-of-the-Art but also extend it. Accordingly, it is ensured that no aspects are omitted. An AAL use case, which includes a smart home for the elderly, applies the different steps of the approach by identifying and assessing design flaws to evaluate applicability. A generated performance use case is considered to demonstrate the scalability in large complex models. The scenario-based evaluation includes examination of quality characteristics adaptability, expandability, scalability and reusability.…