@inproceedings {INPROC-2019-40,
author = {Karoline Saatkamp and Christoph Krieger and Frank Leymann and Julian Sudendorf and Michael Wurster},
title = {{Application Threat Modeling and Automated VNF Selection for Mitigation using TOSCA}},
booktitle = {2019 International Conference on Networked Systems (NetSys)},
publisher = {IEEE},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--6},
type = {Workshop-Beitrag},
month = {Oktober},
year = {2019},
isbn = {10.1109/NetSys.2019.8854524},
keywords = {Threat Modeling; VNF; STRIDE; TOSCA},
language = {Englisch},
cr-category = {D.2.2 Software Engineering Design Tools and Techniques},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {In the era of Internet of Things (IoT) the interconnectedness of devices, and
thus the need to protect them against threats increased. The widely used threat
modeling method STRIDE can be used to identify the system's vulnerabilities and
to determine appropriate mitigation solutions. In connected environments,
especially the network layer plays a critical role in achieving security. Based
on the Network Functions Virtualization (NFV) concept, network functions can be
virtualized and provisioned on standard IT hardware. Virtualized Network
Functions (VNFs) increase the flexibility of the provisioning, and thus
security network functions, such as firewalls, can be easily deployed. However,
in a complex distributed system it is time-consuming, error-prone, and for
application architects even not possible to identify and provision the required
security functions. For the orchestration and management of applications the
TOSCA modeling language can be used to describe the application's components
and their relations in a deployment model. The standard was mainly developed
for cloud applications but was extended to the network layer. In this paper, we
present a TOSCA-based approach for threat modeling based on STRIDE that
facilitates the automated VNF selection and injection into TOSCA deployment
models. The feasibility of our approach is validated by an extension of the
TOSCA modeling tool Winery.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-40&engl=0}
}
@inproceedings {INPROC-2019-34,
author = {K{\'a}lm{\'a}n K{\'e}pes and Uwe Breitenb{\"u}cher and Frank Leymann and Karoline Saatkamp and Benjamin Weder},
title = {{Deployment of Distributed Applications Across Public and Private Networks}},
booktitle = {Proceedings of the 23rd IEEE International Enterprise Distributed Object Computing Conference (EDOC)},
address = {Paris},
publisher = {IEEE},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {236--242},
type = {Konferenz-Beitrag},
month = {Oktober},
year = {2019},
issn = {2325-6354},
doi = {10.1109/EDOC.2019.00036},
language = {Englisch},
cr-category = {D.4.4 Operating Systems Communications Management,
D.2.11 Software Engineering Software Architectures,
D.2.9 Software Engineering Management},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {The growing usage of software and hardware in our everyday lives has lead to
paradigms such as Cloud Computing, Edge Computing, and the Internet of Things.
The combination of these paradigms results in distributed and heterogeneous
target environments: components of an application often need to be deployed in
different environments such as clouds, private data centers, and small devices.
This makes the deployment of distributed applications a complex and error-prone
challenge as deployment systems have to (i) support cloud deployments, (ii)
determine the location of physical resources, (iii) cope with security
mechanisms preventing inbound communication, and (iv) use hardware-constrained
devices. In this paper, we present an approach for the automated deployment of
distributed applications on heterogeneous target environments consisting of
public and private clouds, and devices. We especially tackle the issue of
deploying components in environments having restricted inbound communication
capabilities. We prototypically implemented and compared our approach based on
a smart home scenario using TOSCA and the OpenTOSCA Ecosystem.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-34&engl=0}
}
@inproceedings {INPROC-2019-33,
author = {Lukas Harzenetter and Uwe Breitenb{\"u}cher and Frank Leymann and Karoline Saatkamp and Benjamin Weder and Michael Wurster},
title = {{Automated Generation of Management Workflows for Applications Based on Deployment Models}},
booktitle = {2019 IEEE 23rd International Enterprise Distributed Object Computing Conference (EDOC)},
publisher = {IEEE},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {216--225},
type = {Konferenz-Beitrag},
month = {Dezember},
year = {2019},
doi = {10.1109/EDOC.2019.00034},
language = {Englisch},
cr-category = {D.0 Software General},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {To automate the deployment of applications several deployment technologies have
been developed. However, the management of deployed applications is only
partially covered by existing approaches: While management functionalities such
as scaling components or changing their configurations are covered directly by
cloud providers or configuration management technologies such as Chef, holistic
management processes that affect multiple components probably deployed in
different environments cannot be automated using these approaches. For example,
testing all deployed components and their communication or backing up the
entire application state that is scattered across different components requires
custom management logic that needs to be implemented manually, $\backslash$eg using
scripts. However, a manual implementation of such management processes is
error-prone, time-consuming, and requires immense technical expertise.
Therefore, we propose an approach that enables automatically generating
executable management workflows based on the declarative deployment model of an
application. This significantly reduces the effort for automating holistic
management processes as no manual implementation is required. We validate the
practical feasibility of the approach by a prototypical implementation based on
the TOSCA standard and the OpenTOSCA ecosystem.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-33&engl=0}
}
@inproceedings {INPROC-2019-11,
author = {Karoline Saatkamp and Uwe Breitenb{\"u}cher and Michael Falkenthal and Lukas Harzenetter and Frank Leymann},
title = {{An Approach to Determine \& Apply Solutions to Solve Detected Problems in Restructured Deployment Models Using First-Order Logic}},
booktitle = {Proceedings of the 9th International Conference on Cloud Computing and Services Science (CLOSER 2019)},
publisher = {SciTePress},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {495--506},
type = {Konferenz-Beitrag},
month = {Mai},
year = {2019},
isbn = {978-989-758-365-0},
doi = {10.5220/0007763204950506},
keywords = {deployment model; pattern; logic programming; pattern-based solution; model adaptation; TOSCA},
language = {Englisch},
cr-category = {C.2.4 Distributed Systems,
D.2.2 Software Engineering Design Tools and Techniques,
D.2.12 Software Engineering Interoperability,
K.6 Management of Computing and Information Systems},
ee = {http://closer.scitevents.org/},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {New paradigms such as edge computing opened up new opportunities for
distributing applications to meet use-case-specific requirements. For
automating the deployment of applications, deployment models can be created
that describe the application structure with its components and their
relations. However, the distribution is often not known in advance and, thus,
deployment models have to be restructured. This can result in problems that
have not existed before, e.g., components previously deployed in the same
network were distributed, but security mechanisms are missing. Architecture
patterns can be used to detect such problems, however, patterns describe only
generic technology-independent solutions, which cannot automatically be applied
to applications. Several concrete technologies exist that implements the
pattern. Which solutions are applicable to a particular application is
determined by, e.g., its hosting environment or used communication protocol.
However, the manual effort to determine and implement appropriate solutions is
immense. In this work, we present an approach to automate (i) the determination
of solutions for an application using first-order logic and (ii) the adaptation
of its deployment model accordingly. To validate the practical feasibility, we
present a prototype using the cloud standard TOSCA and the logic programming
language PROLOG.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-11&engl=0}
}
@inproceedings {INPROC-2018-44,
author = {Michael Zimmermann and Uwe Breitenb{\"u}cher and Jasmin Guth and Sibylle Hermann and Frank Leymann and Karoline Saatkamp},
title = {{Towards Deployable Research Object Archives Based on TOSCA}},
booktitle = {Papers From the 12th Advanced Summer School of Service-Oriented Computing (SummerSoC 2018)},
publisher = {IBM Research Division},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {31--42},
type = {Konferenz-Beitrag},
month = {Oktober},
year = {2018},
keywords = {Research Object; Reusability; Reproducibility; Deployment Model; TOSCA},
language = {Englisch},
cr-category = {C.2.4 Distributed Systems,
D.2.7 Software Engineering Distribution, Maintenance, and Enhancement,
H.3.7 Digital Libraries},
ee = {https://www.2018.summersoc.eu/},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {In science, reproducibility means that a scientific experiment can be repeated
by another scientist with the same result. This is of particular importance to
verify the results as well as to show the usefulness and reusability for
further research. However, the exclusive publication of the research results in
a scientific journal is usually not sufficient. In addition to research
results, also research data as well as research software need to be published
and made public available in order to enable researcher to gain new insights
and thus advance research. However, the reproducibility and reusability of
research data and research software typically is hindered by several barriers.
Therefore, this work intends to first provide an overview of the current
situation and issues in this particular topic and furthermore sketch our vision
of standards-based Research Object Archives containing scientific publications,
software, data, metadata and licenses in order to tackle the existing problems.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-44&engl=0}
}
@inproceedings {INPROC-2018-33,
author = {Karoline Saatkamp and Uwe Breitenb{\"u}cher and Oliver Kopp and Frank Leymann},
title = {{Application Scenarios for Automated Problem Detection in TOSCA Topologies by Formalized Patterns}},
booktitle = {Papers From the 12th Advanced Summer School of Service-Oriented Computing (SummerSOC 2018)},
publisher = {IBM Research Division},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {43--53},
type = {Konferenz-Beitrag},
month = {Oktober},
year = {2018},
keywords = {Cloud Computing Patterns; Formalization; Prolog; TOSCA},
language = {Englisch},
cr-category = {C.2.4 Distributed Systems,
D.2.7 Software Engineering Distribution, Maintenance, and Enhancement,
K.6 Management of Computing and Information Systems},
ee = {https://www.2018.summersoc.eu/},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware;
Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-33&engl=0}
}
@inproceedings {INPROC-2018-25,
author = {Karoline Saatkamp and Uwe Breitenb{\"u}cher and K{\'a}lm{\'a}n K{\'e}pes and Frank Leymann and Michael Zimmermann},
title = {{OpenTOSCA Injector: Vertical and Horizontal Topology Model Injection}},
booktitle = {Service-Oriented Computing - ICSOC 2017 Workshop},
publisher = {Springer International Publishing},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {LNCS},
volume = {10797},
pages = {379--383},
type = {Demonstration},
month = {Januar},
year = {2018},
isbn = {10.1007/978-3-319-91764-1},
keywords = {TOSCA; Deployment Model; Completion Automation},
language = {Englisch},
cr-category = {D.2.2 Software Engineering Design Tools and Techniques,
D.2.9 Software Engineering Management},
ee = {http://www.icsoc.spilab.es/},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-25&engl=0}
}
@inproceedings {INPROC-2017-67,
author = {Karoline Saatkamp and Uwe Breitenb{\"u}cher and Frank Leymann and Michael Wurster},
title = {{Generic Driver Injection for Automated IoT Application Deployments}},
booktitle = {Proceedings of the 19th International Conference on Information Integration and Web-based Applications \& Services; Salzburg, Austria, December 4-6, 2017},
editor = {Maria Indrawan-Santiago and Ivan Luiz Salvadori and Matthias Steinbauer and Ismail Khalil and Gabriele Anderst-Kotsis},
publisher = {ACM},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {320--329},
type = {Konferenz-Beitrag},
month = {Dezember},
year = {2017},
isbn = {10.1145/3151759.3151789},
keywords = {IoT Application Deployment; Drivers; Programming Model; TOSCA},
language = {Englisch},
cr-category = {D.2.2 Software Engineering Design Tools and Techniques,
D.2.13 Software Engineering Reusable Software},
ee = {http://www.iiwas.org/conferences/iiwas2017/},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2017-67&engl=0}
}
@inproceedings {INPROC-2017-56,
author = {Michael Zimmermann and Uwe Breitenb{\"u}cher and Michael Falkenthal and Frank Leymann and Karoline Saatkamp},
title = {{Standards-based Function Shipping - How to use TOSCA for Shipping and Executing Data Analytics Software in Remote Manufacturing Environments}},
booktitle = {Proceedings of the 2017 IEEE 21st International Enterprise Distributed Object Computing Conference (EDOC 2017)},
publisher = {IEEE Computer Society},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {50--60},
type = {Konferenz-Beitrag},
month = {Oktober},
year = {2017},
doi = {10.1109/EDOC.2017.16},
language = {Englisch},
cr-category = {D.2.13 Software Engineering Reusable Software},
ee = {http://edoc2017.ca/},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {The increasing amount of gathered sensor data in Industry 4.0 allows
comprehensive data analysis software that creates value-adding opportunities.
As companies often cannot implement such software by themselves and as they
typically don't want to give their data to external scientists, they commission
them to build the required software in order to execute it locally. However,
installing, configuring, and running complex third party software on another
company's infrastructure and linking them to local data sources challenges the
responsible administrators due to an immense technical complexity. Moreover,
standards-based approaches for automation are missing. In this paper, we
present three TOSCA-based deployment modelling approaches for function shipping
that enable modelling data analysis software in a way that enables (i) its
automated deployment and execution in a remote, foreign IT infrastructure
including (ii) the wiring with the data sources that need to be processed in
this environment. We validate the practical feasibility of the presented
modelling approaches by a case study from the domain of manufacturing, which is
based on the open-source TOSCA ecosystem OpenTOSCA, which provides a modelling
tool, a runtime, as well as a self-service portal for TOSCA.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2017-56&engl=0}
}
@inproceedings {INPROC-2017-25,
author = {Karoline Saatkamp and Uwe Breitenb{\"u}cher and Oliver Kopp and Frank Leymann},
title = {{Topology Splitting and Matching for Multi-Cloud Deployments}},
booktitle = {Proceedings of the 7th International Conference on Cloud Computing and Services Science (CLOSER 2017)},
publisher = {SciTePress},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {247--258},
type = {Konferenz-Beitrag},
month = {April},
year = {2017},
isbn = {978-989-758-243-1},
keywords = {Application Deployment; Distribution; Splitting; Cloud Computing; TOSCA},
language = {Englisch},
cr-category = {G.0 Mathematics of Computing General,
H.0 Information Systems General},
ee = {http://closer.scitevents.org},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware;
Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {For automating the deployment of applications in cloud environments, a variety
of deployment automation technologies have been developed in recent years.
These technologies enable specifying the desired deployment in the form of
deployment models, which can be automatically executed. However, changing
internal or external conditions often lead to strategical decisions that must
be reflected in all deployment models of a company’s IT. Unfortunately, while
creating such deployment models is difficult, adapting them is even harder as
typically a variety of technologies must be replaced. In this paper, we present
the Split and Match Method that enables splitting a deployment model following
a manually specified distribution on the business layer. The method also
enables automatically deploying the resulting model without the need for a
manual intervention and, thus, significantly eases reflecting strategical
decisions on the technical deployment layer. We present a formalization and
algorithms to automate the steps of the method. Moreover, we validate the
practical feasibility of the presented concepts by a prototype based on the
TOSCA standard and the OpenTOSCA ecosystem.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2017-25&engl=0}
}
@article {ART-2019-17,
author = {Michael Wurster and Uwe Breitenb{\"u}cher and Michael Falkenthal and Christoph Krieger and Frank Leymann and Karoline Saatkamp and Jacopo Soldani},
title = {{The Essential Deployment Metamodel: A Systematic Review of Deployment Automation Technologies}},
journal = {SICS Software-Intensive Cyber-Physical Systems},
publisher = {Springer},
type = {Artikel in Zeitschrift},
month = {August},
year = {2019},
doi = {10.1007/s00450-019-00412-x},
language = {Englisch},
cr-category = {C.0 Computer Systems Organization, General,
C.2.4 Distributed Systems,
D.1 Programming Techniques,
D.2 Software Engineering},
contact = {Michael Wurster wurster@iaas.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {In recent years, a plethora of deployment technologies evolved, many following
a declarative approach to automate the delivery of software components. Even if
such technologies share the same purpose, they differ in features and supported
mechanisms. Thus, it is difficult to compare and select deployment automation
technologies as well as to migrate from one technology to another. Hence, we
present a systematic review of declarative deployment technologies and
introduce the essential deployment metamodel (EDMM) by extracting the essential
parts that are supported by all these technologies. Thereby, the EDMM enables a
common understanding of declarative deployment models by facilitating the
comparison, selection, and migration of technologies. Moreover, it provides a
technology-independent baseline for further deployment automation research.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2019-17&engl=0}
}
@article {ART-2019-09,
author = {Karoline Saatkamp and Uwe Breitenb{\"u}cher and Oliver Kopp and Frank Leymann},
title = {{Method, formalization, and algorithms to split topology models for distributed cloud application deployments}},
journal = {Computing},
publisher = {Springer Wien},
pages = {1--21},
type = {Artikel in Zeitschrift},
month = {April},
year = {2019},
isbn = {10.1007/s00607-019-00721-8},
keywords = {Application deployment; Distribution; Splitting; Multi-cloud; TOSCA},
language = {Englisch},
cr-category = {D.2.2 Software Engineering Design Tools and Techniques},
ee = {https://link.springer.com/article/10.1007/s00607-019-00721-8},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware;
Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {For automating the deployment of applications in cloud environments, a variety
of technologies have been developed in recent years. These technologies enable
to specify the desired deployment in the form of deployment models that can be
automatically processed by a provisioning engine. However, the deployment
across several clouds increases the complexity of the provisioning. Using one
deployment model with a single provisioning engine, which orchestrates the
deployment across the clouds, forces the providers to expose low-level APIs to
ensure the accessibility from outside. In this paper, we present an extended
version of the split and match method to facilitate the division of deployment
models to multiple models which can be deployed by each provider separately.
The goal of this approach is to reduce the information and APIs which have to
be exposed to the outside. We present a formalization and algorithms to
automate the method. Moreover, we validate the practical feasibility by a
prototype based on the TOSCA standard and the OpenTOSCA ecosystem.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2019-09&engl=0}
}
@article {ART-2019-03,
author = {Karoline Saatkamp and Uwe Breitenb{\"u}cher and Oliver Kopp and Frank Leymann},
title = {{An approach to automatically detect problems in restructured deployment models based on formalizing architecture and design patterns}},
journal = {SICS Software-Intensive Cyber-Physical Systems},
publisher = {Springer Berlin Heidelberg},
pages = {1--13},
type = {Artikel in Zeitschrift},
month = {Februar},
year = {2019},
doi = {10.1007/s00450-019-00397-7},
keywords = {Topology-based deployment model; Patterns; Problem detection; TOSCA; Logic programming, Prolog},
language = {Englisch},
cr-category = {C.2.4 Distributed Systems,
D.2.2 Software Engineering Design Tools and Techniques,
D.2.12 Software Engineering Interoperability,
K.6 Management of Computing and Information Systems},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware;
Universit{\"a}t Stuttgart, Institut f{\"u}r Architektur von Anwendungssystemen},
abstract = {For the automated deployment of applications, technologies exist which can
process topology-based deployment models that describes the application's
structure with its components and their relations. The topology-based
deployment model of an application can be adapted for the deployment in
different environments. However, the structural changes can lead to problems,
which had not existed before and prevent a functional deployment. This includes
security issues, communication restrictions, or incompatibilities. For example,
a formerly over the internal network established insecure connection leads to
security problems when using the public network after the adaptation. In order
to solve problems in adapted deployment models, first the problems have to be
detected. Unfortunately, detecting such problems is a highly non-trivial
challenge that requires deep expertise about the involved technologies and the
environment. In this paper, we present (i) an approach for detecting problems
in deployment models using architecture and design patterns and (ii) the
automation of the detection process by formalizing the problem a pattern solves
in a certain context. We validate the practical feasibility of our approach by
a prototypical implementation for the automated problem detection in TOSCA
topologies.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2019-03&engl=0}
}