Application Centric Development in the Internet of Things

The Internet of Things (IoT) landscape is growing at a fast pace. In 2018, there were already 6.1 billion IoT devices which reflects 33 percent of the internet connected machines. Cisco estimates that the amount will grow to 14.7 billion connected IoT devices in 2023, or 50 percent of the connected devices. Despite the large amount of connected devices, a fully connected environment is not realistic in the near future. Almost every device comes with its own dedicated application. Communication between devices of different vendors, often based on different technologies, is a huge challenge.

Standardization efforts aim at circumventing this so-called vendor lock-in trap. However, the IoT Standards landscape is highly fragmented and evolves continuously. Hence, compliance with a particular standard seriously restricts the IoT device technologies that can be inserted in practice. Others apply device centric development for integrating devices from possible different vendors in the same application. Integrating new devices is then expensive as the entire software development cycle has to be re-run.

Moreover, IoT devices evolve at a fast pace degrading the attractiveness of many IoT applications over time. Also, the amount of sensors and actuators that are rolled out within a single IoT ecosystem may increase exponentially. Hence, sustainable IoT applications must cope with rapidly evolving hardware. Adaptability becomes a key concern when developing IoT applications. 

Finally, many IoT applications, although often called smart, lack intelligence. At best, they embrace automation. Applying automatic device configuration, connection management, and user support for solving connectivity issues, is a complex endeavor for application developers. Likewise, integrating and enforcing policies in an IoT application is complex. Moreover, the dynamic nature of IoT systems complicates the development of applications that properly handle changes in the environment.

This PhD presents application centric development as an alternative approach to tackle the vendor lock-in and maintainability problems in advanced IoT ecosystems. 

Firstly, a layered architecture is proposed that supports the design of advanced IoT ecosystems. Applying the architectural principles results in IoT applications that can easily cope with new technologies that come to the market. On its turn, this increases the lifetime and offers various infrastructural alternatives to end-users. Both an Android and JavaScript framework are implemented to validate the approach. The inner workings of these frameworks are demonstrated by means of the development of an ambient assisted living (AAL) environment. 

The second part of this PhD shows that an early-stage ontological effort incorporating the application domain as well as infrastructural conceptualizations and relations can facilitate the development and management of IoT applications within verticals. Developers can now define application behavior in terms of application-domain conceptualizations, after which infrastructural feedback can automatically be extracted.

A last part presents a platform-independent middleware that simplifies the development of actual smart applications. The middleware hosts a modular, event-based logic reasoner, developed in Prolog, communicating with the underlying IoT framework. It not only supports basic automation, but also holds functionality for automatic device and connection management, access control and an abstraction module that decouples the applications from the underlying infrastructure. Moreover, the middleware leverages the actual benefits of Prolog, through complex querying and inference capabilities. This part also takes a closer look at a structural approach that brings access control to logic programming, called ACoP.
It allows to constrain access to the knowledge base. The approach supports the use of impure predicates to prevent unauthorized side effects. The solution supports fine-grained access control using both deny and allow list strategies. 
Overhead is limited to defining access rules. The flexibility in expressing these rules allows to realize different access control mechanisms including role based, relationship based and attribute based access control. A prototype meta-interpreter in Prolog validates the presented approach. 

This thesis finally explores validation paths targeting software integrators, and proposes both guidelines and software development tools.