An Ontology-based Security Framework for Decision-making in Industrial Systems

Bruno A. Mozzaquatro, Raquel Melo, Carlos Agostinho, Ricardo Jardim-Goncalves


Embedded devices based on emerging technologies of the Internet of Things (IoT) are used to provide resources, business models and opportunities to build potential industrial systems improving manufacturing systems with efficient operations. In this context, IoT networks are dynamic environments and changes are also being increasingly frequent, modifying the environment execution. Nevertheless, severe threats will increase the complexity and difficulty to protect existing vulnerabilities in smart devices of IoT network. In this context, this work proposes an architecture of the ontology-based security framework to decision-making using adaptive security model to improve secure information for the industrial systems. IoTSec ontology contributes to feed the system using queries of contextual information collected in the environment. The main contribution of this approach is validated as an integration with C2NET project to ensure security properties in some critical scenarios.


  1. Abie, H. (2009). Adaptive security and trust management for autonomic message-oriented middleware. Mobile Adhoc and Sensor Systems, 2009. MASS 7809. IEEE 6th International Conference on, pages 810-817.
  2. Aman, W. and Snekkenes, E. (2014). Event driven adaptive security in internet of things. pages 7-15.
  3. Bi, Z., Xu, L. D., and Wang, C. (2014). Internet of things for enterprise systems of modern manufacturing. IEEE Transactions on Industrial Informatics, 10(2):1537- 1546.
  4. Denker, G., Kagal, L., Finin, T., and Paolucci, M. (2003). Security for daml web services : Annotation and matchmaking. pages 335-350.
  5. Dobson, S., Zambonelli, F., Denazis, S., Fernández, A., Ga”iti, D., Gelenbe, E., Massacci, F., Nixon, P., Saffre, F., and Schmidt, N. (2006). A survey of autonomic communications. ACM Transactions on Autonomous and Adaptive Systems, 1(2):223-259.
  6. Elkhodary, A. and Whittle, J. (2007). A survey of approaches to adaptive application security. In Proceedings of the 2007 International Workshop on Software Engineering for Adaptive and Self-Managing Systems, page 16. IEEE Computer Society.
  7. Evesti, A. and Ovaska, E. (2013). Comparison of adaptive information security approaches. ISRN Artificial Intelligence, 2013.
  8. Fenz, S. and Ekelhart, A. (2009). Formalizing information security knowledge. Proceedings of the 4th International Symposium on Information, Computer, and Communications Security - ASIACCS 7809, page 183.
  9. Frye, L., Cheng, L., and Heflin, J. (2012). An ontologybased system to identify complex network attacks. IEEE International Conference on Communications, pages 6683-6688.
  10. García-Crespo, Í., Gómez-Berbís, J. M., Colomo-Palacios, R., and Alor-Hernández, G. (2011). Securontology: A semantic web access control framework. Computer Standards & Interfaces, 33(1):42-49.
  11. Granjal, J., Monteiro, E., and Silva, J. S. (2014). Security in the integration of low-power wireless sensor networks with the internet: A survey. Ad Hoc Networks, 24:264-287.
  12. Gyrard, A., Bonnet, C., and Boudaoud, K. (2014). An ontology-based approach for helping to secure the etsi machine-to-machine architecture. IEEE International Conference on Internet of Things 2014 (iThings).
  13. Habib, K. and Leister, W. (2013). Adaptive security for the internet of things reference model. Norsk informasjonssikkerhetskonferanse (NISK), pages 13-25.
  14. Herzog, A., Shahmehri, N., and Duma, C. (2007). An ontology of information security. Journal of Information Security, 1(4):1-23.
  15. Kalyanpur, A., Pastor, D. J., Battle, S., and Padget, J. A. (2004). Automatic mapping of owl ontologies into java. In SEKE, volume 4, pages 98-103. Citeseer.
  16. Kim, A., Luo, J., and Kang, M. (2005). Security ontology for annotating resources. In On the Move to Meaningful Internet Systems 2005: CoopIS, DOA, and ODBASE, pages 1483-1499.
  17. Laddaga, R. and Robertson, P. (2004). Self adaptive software : A position paper. SELF-STAR: International Workshop on Self-* Properties in Complex Information Systems, 19:31.
  18. Mouratidis, H. (2006). Integrating Security and Software Engineering: Advances and Future Visions: Advances and Future Visions. IGI Global.
  19. Mozzaquatro, B. A., Jardim-goncalves, R., and Agostinho, C. (2015). Towards a reference ontology for security in the internet of things. In IEEE International Workshop on Measurement and Networking, pages 1-6.
  20. Picek, R. and Strahonja, V. (2007). Model driven development-future or failure of software development. In IIS, volume 7, pages 407-413.
  21. Roman, R., Zhou, J., and Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10):2266- 2279.
  22. Shnitko, A. (2003). Adaptive security in complex information systems. In Science and Technology, 2003. Proceedings KORUS 2003. The 7th Korea-Russia International Symposium on, pages 206-210.
  23. Sicari, S., Rizzardi, a., Grieco, L., and Coen-Porisini, a. (2014). Security, privacy and trust in internet of things: The road ahead. Computer Networks, 76:146- 164.
  24. Soylu, A. and De Causmaecker, P. (2009). Merging model driven and ontology driven system development approaches pervasive computing perspective. In Computer and Information Sciences, 2009. ISCIS 2009. 24th International Symposium on, pages 730-735. IEEE.
  25. Stoneburner, G., Goguen A. Y., and Feringa, A. (2002). Sp 800-30. risk management guide for information technology systems.
  26. Undercoffer, J., Joshi, A., and Pinkston, J. (2003). Modeling computer attacks : An ontology for intrusion detection. pages 113-135.
  27. Xu, H., Xiao, D., and Wu, Z. (2009). Application of security ontology to context-aware alert analysis. 2009 Eighth IEEE/ACIS International Conference on Computer and Information Science, pages 171-176.
  28. Xu, L. D., He, W., and Li, S. (2014). Internet of things in industries: A survey. IEEE Transactions on Industrial Informatics, 10(4):2233-2243.
  29. Yan, Z., Zhang, P., and Vasilakos, A. V. (2014). A survey on trust management for internet of things. Journal of Network and Computer Applications, 42(2):120-134.

Paper Citation

in Harvard Style

Mozzaquatro B., Melo R., Agostinho C. and Jardim-Goncalves R. (2016). An Ontology-based Security Framework for Decision-making in Industrial Systems . In Proceedings of the 4th International Conference on Model-Driven Engineering and Software Development - Volume 1: MDE4SI, (MODELSWARD 2016) ISBN 978-989-758-168-7, pages 779-788. DOI: 10.5220/0005853107790788

in Bibtex Style

author={Bruno A. Mozzaquatro and Raquel Melo and Carlos Agostinho and Ricardo Jardim-Goncalves},
title={An Ontology-based Security Framework for Decision-making in Industrial Systems},
booktitle={Proceedings of the 4th International Conference on Model-Driven Engineering and Software Development - Volume 1: MDE4SI, (MODELSWARD 2016)},

in EndNote Style

JO - Proceedings of the 4th International Conference on Model-Driven Engineering and Software Development - Volume 1: MDE4SI, (MODELSWARD 2016)
TI - An Ontology-based Security Framework for Decision-making in Industrial Systems
SN - 978-989-758-168-7
AU - Mozzaquatro B.
AU - Melo R.
AU - Agostinho C.
AU - Jardim-Goncalves R.
PY - 2016
SP - 779
EP - 788
DO - 10.5220/0005853107790788