@INPROCEEDINGS{SigComm:2020:iLab-Home, author = {Pahl, Marc-Oliver}, title = {iLab@Home: Hands-On Networking Classes without Lab Access}, booktitle = {Sigcomm 2020 Education}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_SigComm_iLab_at_home.pdf}}

@INPROCEEDINGS{SigComm:2020:iLab-Home, author = {Pahl, Marc-Oliver}, title = {iLab@Home: Hands-On Networking Classes without Lab Access}, booktitle = {Sigcomm 2020 Education}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_SigComm_iLab_at_home.pdf}}

@INPROCEEDINGS{ETFA:2020:OpenSource_OPC-UA, author = {Mühlbauer, Nikolas and Kirdan, Erkin and Pahl, Marc-Oliver and Carle, Georg}, title = {Open-Source OPC UA Security and Scalability}, booktitle = {ETFA 2020}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_ETFA_Open-Source_OPC-UA.pdf}}

@INPROCEEDINGS{ETFA:2020:OpenSource_OPC-UA, author = {Mühlbauer, Nikolas and Kirdan, Erkin and Pahl, Marc-Oliver and Carle, Georg}, title = {Open-Source OPC UA Security and Scalability}, booktitle = {ETFA 2020}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_ETFA_Open-Source_OPC-UA.pdf}}

@INPROCEEDINGS{ISCC:2020:Group-Key, author = {Piccoli, Alessandro and Pahl, Marc-Oliver and Wüstrich, Lars}, title = {Group Key Management in Constraint IoT Settings}, booktitle = {IEEE ISCC 2020}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_ISCC_Group-Key.pdf}}

@INPROCEEDINGS{ISCC:2020:Group-Key, author = {Piccoli, Alessandro and Pahl, Marc-Oliver and Wüstrich, Lars}, title = {Group Key Management in Constraint IoT Settings}, booktitle = {IEEE ISCC 2020}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_ISCC_Group-Key.pdf}}

@INPROCEEDINGS{ISCC:2020:Deep_Replace_Domain, author = {Lübben, Christian and Pahl, Marc-Oliver and Khan, Mohammad Irfan}, title = {Using Deep Learning to Replace Domain Knowledge}, booktitle = {IEEE ISCC 2020}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_ISCC_Deep_Domain_Knowledge.pdf}}

@INPROCEEDINGS{ISCC:2020:Deep_Replace_Domain, author = {Lübben, Christian and Pahl, Marc-Oliver and Khan, Mohammad Irfan}, title = {Using Deep Learning to Replace Domain Knowledge}, booktitle = {IEEE ISCC 2020}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_ISCC_Deep_Domain_Knowledge.pdf}}

@INPROCEEDINGS{ISCC:2020:Security_Taxonomy, author = {Wüstrich, Lars and Pahl, Marc-Oliver and Liebald, Stefan}, title = {An extensible IoT Security Taxonomy}, booktitle = {IEEE ISCC 2020}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_ISCC_Security_Taxonomy.pdf}}

@INPROCEEDINGS{ISCC:2020:Security_Taxonomy, author = {Wüstrich, Lars and Pahl, Marc-Oliver and Liebald, Stefan}, title = {An extensible IoT Security Taxonomy}, booktitle = {IEEE ISCC 2020}, year = {2020}, webpdf = {https://s2labs.org/download/publications/2020_ISCC_Security_Taxonomy.pdf}}

@article{pahl:2019:Commag, author = {Pahl, Marc-Oliver}, title = {Learning by Teaching: Professional Skills and New Technologies for University Education}, journal = {{IEEE} Communications Magazine}, volume = {57}, number = {11}, pages = {74--80}, year = {2019}, url = {https://doi.org/10.1109/MCOM.001.1900248}, doi = {10.1109/MCOM.001.1900248}, timestamp = {Wed, 27 Nov 2019 08:28:22 +0100}, biburl = {https://dblp.org/rec/bib/journals/cm/Pahl19}, bibsource = {dblp computer science bibliography, https://dblp.org}, webpdf = {https://s2labs.org/download/publications/2019_Commag_LearningByTeaching.pdf}}

@article{pahl:2019:Commag, author = {Pahl, Marc-Oliver}, title = {Learning by Teaching: Professional Skills and New Technologies for University Education}, journal = {{IEEE} Communications Magazine}, volume = {57}, number = {11}, pages = {74--80}, year = {2019}, url = {https://doi.org/10.1109/MCOM.001.1900248}, doi = {10.1109/MCOM.001.1900248}, timestamp = {Wed, 27 Nov 2019 08:28:22 +0100}, biburl = {https://dblp.org/rec/bib/journals/cm/Pahl19}, bibsource = {dblp computer science bibliography, https://dblp.org}, webpdf = {https://s2labs.org/download/publications/2019_Commag_LearningByTeaching.pdf}}

@MISC{pahl:2019GIRegioPrivacy-video, author = {Pahl, Marc-Oliver}, title = {[Video] Über die Vereinbarkeit von Digitaler Transformation und Privatsphäre im Internet der Dinge}, howpublished = {Invited talk at the German Informatics (GI) society regional group meeting, Jun 3, 2019}, month = {Jun}, year = {2019}, webpdf = {https://youtu.be/qRhzDXwnt-c}, abstract={Die Digitale Transformation ist unumkehrbar, überall und betrifft jeden von uns. Mit den neuen Diensten geht unzertrennbar ein neues Sammeln von Daten einher. Ein smarter Lautsprecher in Ihrem Zuhause kann beispielsweise aktuell nur funktionieren, indem er Ihre Sprache zu einem Anbieter ins Internet hochlädt. Was dann mit Ihren Daten geschieht liegt außerhalb Ihrer Entscheidung.Ausgehend von aktuellen Beispielen aus den Bereichen autonomes Fahren und Industrielles Internet der Dinge (IIoT) werde ich zunächst beispielhaft aufzeigen, wo Gefahren für die Wahrung unserer Privatsphäre lauern. Anschließend werde ich auf die Verantwortung von Informatikern eingehen, ethische Grundsätze zu beachten und zu verinnerlichen wenn sie Anwendungen bereitstellen. Schließlich werde ich Möglichkeiten aufzeigen, wie zukünftige IT Systeme aus verteilten vernetzen Dingen in Zukunft sicherer werden könnten.Ich hoffe auf eine rege Diskussion während und insbesondere nach dem Vortrag zu diesem für uns alle wichtigen Thema.?}}

@MISC{pahl:2019GIRegioPrivacy-video, author = {Pahl, Marc-Oliver}, title = {[Video] Über die Vereinbarkeit von Digitaler Transformation und Privatsphäre im Internet der Dinge}, howpublished = {Invited talk at the German Informatics (GI) society regional group meeting, Jun 3, 2019}, month = {Jun}, year = {2019}, webpdf = {https://youtu.be/qRhzDXwnt-c}, abstract={Die Digitale Transformation ist unumkehrbar, überall und betrifft jeden von uns. Mit den neuen Diensten geht unzertrennbar ein neues Sammeln von Daten einher. Ein smarter Lautsprecher in Ihrem Zuhause kann beispielsweise aktuell nur funktionieren, indem er Ihre Sprache zu einem Anbieter ins Internet hochlädt. Was dann mit Ihren Daten geschieht liegt außerhalb Ihrer Entscheidung.Ausgehend von aktuellen Beispielen aus den Bereichen autonomes Fahren und Industrielles Internet der Dinge (IIoT) werde ich zunächst beispielhaft aufzeigen, wo Gefahren für die Wahrung unserer Privatsphäre lauern. Anschließend werde ich auf die Verantwortung von Informatikern eingehen, ethische Grundsätze zu beachten und zu verinnerlichen wenn sie Anwendungen bereitstellen. Schließlich werde ich Möglichkeiten aufzeigen, wie zukünftige IT Systeme aus verteilten vernetzen Dingen in Zukunft sicherer werden könnten.Ich hoffe auf eine rege Diskussion während und insbesondere nach dem Vortrag zu diesem für uns alle wichtigen Thema.?}}

@MISC{pahl:2019GIRegioPrivacy-slides, author = {Pahl, Marc-Oliver}, title = {[Slides] Über die Vereinbarkeit von Digitaler Transformation und Privatsphäre im Internet der Dinge}, howpublished = {Invited talk at the German Informatics (GI) society regional group meeting, Jun 3, 2019}, month = {Jun}, year = {2019}, webpdf = {https://s2labs.org/download/slides/2019/2019-06-03_GI_Regionalgruppe_ZiemlichBesteFreunde_pahl.pdf}, abstract={Die Digitale Transformation ist unumkehrbar, überall und betrifft jeden von uns. Mit den neuen Diensten geht unzertrennbar ein neues Sammeln von Daten einher. Ein smarter Lautsprecher in Ihrem Zuhause kann beispielsweise aktuell nur funktionieren, indem er Ihre Sprache zu einem Anbieter ins Internet hochlädt. Was dann mit Ihren Daten geschieht liegt außerhalb Ihrer Entscheidung.Ausgehend von aktuellen Beispielen aus den Bereichen autonomes Fahren und Industrielles Internet der Dinge (IIoT) werde ich zunächst beispielhaft aufzeigen, wo Gefahren für die Wahrung unserer Privatsphäre lauern. Anschließend werde ich auf die Verantwortung von Informatikern eingehen, ethische Grundsätze zu beachten und zu verinnerlichen wenn sie Anwendungen bereitstellen. Schließlich werde ich Möglichkeiten aufzeigen, wie zukünftige IT Systeme aus verteilten vernetzen Dingen in Zukunft sicherer werden könnten.Ich hoffe auf eine rege Diskussion während und insbesondere nach dem Vortrag zu diesem für uns alle wichtigen Thema.}}

@MISC{pahl:2019GIRegioPrivacy-slides, author = {Pahl, Marc-Oliver}, title = {[Slides] Über die Vereinbarkeit von Digitaler Transformation und Privatsphäre im Internet der Dinge}, howpublished = {Invited talk at the German Informatics (GI) society regional group meeting, Jun 3, 2019}, month = {Jun}, year = {2019}, webpdf = {https://s2labs.org/download/slides/2019/2019-06-03_GI_Regionalgruppe_ZiemlichBesteFreunde_pahl.pdf}, abstract={Die Digitale Transformation ist unumkehrbar, überall und betrifft jeden von uns. Mit den neuen Diensten geht unzertrennbar ein neues Sammeln von Daten einher. Ein smarter Lautsprecher in Ihrem Zuhause kann beispielsweise aktuell nur funktionieren, indem er Ihre Sprache zu einem Anbieter ins Internet hochlädt. Was dann mit Ihren Daten geschieht liegt außerhalb Ihrer Entscheidung.Ausgehend von aktuellen Beispielen aus den Bereichen autonomes Fahren und Industrielles Internet der Dinge (IIoT) werde ich zunächst beispielhaft aufzeigen, wo Gefahren für die Wahrung unserer Privatsphäre lauern. Anschließend werde ich auf die Verantwortung von Informatikern eingehen, ethische Grundsätze zu beachten und zu verinnerlichen wenn sie Anwendungen bereitstellen. Schließlich werde ich Möglichkeiten aufzeigen, wie zukünftige IT Systeme aus verteilten vernetzen Dingen in Zukunft sicherer werden könnten.Ich hoffe auf eine rege Diskussion während und insbesondere nach dem Vortrag zu diesem für uns alle wichtigen Thema.}}

@INPROCEEDINGS{Seeg1906:Rule,AUTHOR={Jan Seeger and Arne {Br{\"o}ring} and Marc-Oliver Pahl and Ermin Sakic},TITLE="{Rule-Based} Translation of {Application-Level} {QoS} Constraints into{SDN} Configurations for the {IoT}",BOOKTITLE="2019 European Conference on Networks and Communications (EuCNC): NetworkSoftwarisation (NET) (EuCNC2019 - NET)",ADDRESS="Valencia, Spain",DAYS=17,MONTH=jun,YEAR=2019,KEYWORDS="SDN; IoT; Semantics; QoS",ABSTRACT="In this paper, we propose an approach for the automated translation ofapplication-level requirements regarding the logical workflow and its QoSinto a configuration of the underlying network substrate. Our goal is tofacilitate the integration of QoS constraints in the development ofindustrial IoT applications to make them more reliable. We follow anapproach based on two semantic models: The first model allows to design theworkflow of an IoT application and to express application-level QoSrequirements on its interactions. The second model captures theconfiguration of a network and can be used as input to a north-boundinterface of an SDN controller. Finally, we make use of rule-based semanticreasoning to automatically translate from the application requirements intoSDN parameters."}

@INPROCEEDINGS{Seeg1906:Rule,AUTHOR={Jan Seeger and Arne {Br{\"o}ring} and Marc-Oliver Pahl and Ermin Sakic},TITLE="{Rule-Based} Translation of {Application-Level} {QoS} Constraints into{SDN} Configurations for the {IoT}",BOOKTITLE="2019 European Conference on Networks and Communications (EuCNC): NetworkSoftwarisation (NET) (EuCNC2019 - NET)",ADDRESS="Valencia, Spain",DAYS=17,MONTH=jun,YEAR=2019,KEYWORDS="SDN; IoT; Semantics; QoS",ABSTRACT="In this paper, we propose an approach for the automated translation ofapplication-level requirements regarding the logical workflow and its QoSinto a configuration of the underlying network substrate. Our goal is tofacilitate the integration of QoS constraints in the development ofindustrial IoT applications to make them more reliable. We follow anapproach based on two semantic models: The first model allows to design theworkflow of an IoT application and to express application-level QoSrequirements on its interactions. The second model captures theconfiguration of a network and can be used as input to a north-boundinterface of an SDN controller. Finally, we make use of rule-based semanticreasoning to automatically translate from the application requirements intoSDN parameters."}

@MISC{pahl:2019IMTutorialVSL-slides, author = {Pahl, Marc-Oliver}, title = {[Slides] Data- and Service-Centric Orchestration of the Internet of Things}, howpublished = {Tutorial given at the Integrated Management Symposium (IM) 2019 on April 9, 2019 in Washington D.C.}, month = {Apr}, year = {2019}, webpdf = {https://s2labs.org/download/publications/2019-04-09_Tutorial1_Data-andService-CentricOrchestrationOfTheInternetOfThings.pdf}, abstract={Managing the Internet of Things (IoT) is complex. The devices and their communication protocols are highly heterogeneous. Interfacing the plethora of remotely manageable devices is so complex that it currently still prevents the IoT from taking off. Data-centric management architectures reduce the complexity. So does service-orientation. In this tutorial you will learn about the basics of data-centric microservice-oriented management of the IoT. We will cover different key aspects of IoT research including - Name-Based IoT, Service-Centric IoT, Middleware, Peer-to-Peer Systems, Edge-Based IoT, Autonomous Management, Hardware Making. Using a Virtual Box virtual machine, we will go through a practical hands-on with you. You will learn about the modelling of IoT devices and services, semantically rich discovery of services, name-based management architectures, and peer-to-peer systems. At the end we will have implemented a complex IoT scenario together that is composed of multiple collaborating microservices. Please bring your laptop with Virtual Box installed to the tutorial.}}

@MISC{pahl:2019IMTutorialVSL-slides, author = {Pahl, Marc-Oliver}, title = {[Slides] Data- and Service-Centric Orchestration of the Internet of Things}, howpublished = {Tutorial given at the Integrated Management Symposium (IM) 2019 on April 9, 2019 in Washington D.C.}, month = {Apr}, year = {2019}, webpdf = {https://s2labs.org/download/publications/2019-04-09_Tutorial1_Data-andService-CentricOrchestrationOfTheInternetOfThings.pdf}, abstract={Managing the Internet of Things (IoT) is complex. The devices and their communication protocols are highly heterogeneous. Interfacing the plethora of remotely manageable devices is so complex that it currently still prevents the IoT from taking off. Data-centric management architectures reduce the complexity. So does service-orientation. In this tutorial you will learn about the basics of data-centric microservice-oriented management of the IoT. We will cover different key aspects of IoT research including - Name-Based IoT, Service-Centric IoT, Middleware, Peer-to-Peer Systems, Edge-Based IoT, Autonomous Management, Hardware Making. Using a Virtual Box virtual machine, we will go through a practical hands-on with you. You will learn about the modelling of IoT devices and services, semantically rich discovery of services, name-based management architectures, and peer-to-peer systems. At the end we will have implemented a complex IoT scenario together that is composed of multiple collaborating microservices. Please bring your laptop with Virtual Box installed to the tutorial.}}

@MISC{pahl:2019CKI-video, author = {Pahl, Marc-Oliver}, title = {[Video] Composing the (Industrial) Internet of Things}, howpublished = {Talk given at the Siemens-TUM CKI Konferenz 2019 - Industrial Internet of Things on April 4, 2019}, month = {Apr}, year = {2019}, webpdf = {https://youtu.be/vGkEICN8F7Y}, abstract={What are the key building blocks for enabling a composable Internet of THings? How can we provide resilience, security, scalability, and low latency?}}

@MISC{pahl:2019CKI-video, author = {Pahl, Marc-Oliver}, title = {[Video] Composing the (Industrial) Internet of Things}, howpublished = {Talk given at the Siemens-TUM CKI Konferenz 2019 - Industrial Internet of Things on April 4, 2019}, month = {Apr}, year = {2019}, webpdf = {https://youtu.be/vGkEICN8F7Y}, abstract={What are the key building blocks for enabling a composable Internet of THings? How can we provide resilience, security, scalability, and low latency?}}

@MISC{pahl:2019CKI-slides, author = {Pahl, Marc-Oliver}, title = {[Slides] Composing the (Industrial) Internet of Things}, howpublished = {Talk given at the Siemens-TUM CKI Konferenz 2019 - Industrial Internet of Things on April 4, 2019}, month = {Apr}, year = {2019}, webpdf = {https://s2labs.org/download/publications/2019-04-04_CKI_mop_v4.pdf}, abstract={What are the key building blocks for enabling a composable Internet of THings? How can we provide resilience, security, scalability, and low latency?}}

@MISC{pahl:2019CKI-slides, author = {Pahl, Marc-Oliver}, title = {[Slides] Composing the (Industrial) Internet of Things}, howpublished = {Talk given at the Siemens-TUM CKI Konferenz 2019 - Industrial Internet of Things on April 4, 2019}, month = {Apr}, year = {2019}, webpdf = {https://s2labs.org/download/publications/2019-04-04_CKI_mop_v4.pdf}, abstract={What are the key building blocks for enabling a composable Internet of THings? How can we provide resilience, security, scalability, and low latency?}}

@INPROCEEDINGS{Khan1904:Deep,AUTHOR={Khan, Irfan and Aubet, Francois-Xavier and Pahl, Marc-Oliver and Härri, Jérôme},TITLE="Deep Learning-aided Application Scheduler for Vehicular Safety Communication",BOOKTITLE="2019 Wireless Days (WD) (WD2019)",ADDRESS="Manchester, United Kingdom (Great Britain)",DAYS=23,MONTH=apr,YEAR=2019,KEYWORDS="V2V Communication; 802.11p; DSRC; ITS-G5; Deep Learning",ABSTRACT="IEEE 802.11p based V2X communication uses stochastic medium access control,which cannot prevent broadcast packet collision, in particular during highchannel load. Wireless congestion control has been designed to keep thechannel load at an optimal point. However, vehicles' lack of precise andgranular knowledge about true channel activity, in time and space, makes itimpossible to fully avoid packet collisions. In this paper, we propose amachine learning approach using deep neural network for learning vehicles'transmit patterns, and as such predicting future channel activity in spaceand time. We evaluate the performance of our proposal via simulationconsidering multiple safety-related V2X services involving heterogeneoustransmit patterns. Our results show that predicting channel activity, andtransmitting accordingly, reduces collisions and significantly improvescommunication performance.", webpdf = {https://s2labs.org/download/publications/2019_WD_Khan_Aubet_Pahl_Haerri_Deep Learning-aided_Resource_Orchestration_for_Vehicular_Safety_Communication.pdf}}

@INPROCEEDINGS{Khan1904:Deep,AUTHOR={Khan, Irfan and Aubet, Francois-Xavier and Pahl, Marc-Oliver and Härri, Jérôme},TITLE="Deep Learning-aided Application Scheduler for Vehicular Safety Communication",BOOKTITLE="2019 Wireless Days (WD) (WD2019)",ADDRESS="Manchester, United Kingdom (Great Britain)",DAYS=23,MONTH=apr,YEAR=2019,KEYWORDS="V2V Communication; 802.11p; DSRC; ITS-G5; Deep Learning",ABSTRACT="IEEE 802.11p based V2X communication uses stochastic medium access control,which cannot prevent broadcast packet collision, in particular during highchannel load. Wireless congestion control has been designed to keep thechannel load at an optimal point. However, vehicles' lack of precise andgranular knowledge about true channel activity, in time and space, makes itimpossible to fully avoid packet collisions. In this paper, we propose amachine learning approach using deep neural network for learning vehicles'transmit patterns, and as such predicting future channel activity in spaceand time. We evaluate the performance of our proposal via simulationconsidering multiple safety-related V2X services involving heterogeneoustransmit patterns. Our results show that predicting channel activity, andtransmitting accordingly, reduces collisions and significantly improvescommunication performance.", webpdf = {https://s2labs.org/download/publications/2019_WD_Khan_Aubet_Pahl_Haerri_Deep Learning-aided_Resource_Orchestration_for_Vehicular_Safety_Communication.pdf}}

@INPROCEEDINGS{pahl:IM2019:ServiceManagement, AUTHOR="Pahl, Marc-Oliver", TITLE="Multi-Tenant IoT Service Management towards an IOT App Economy", BOOKTITLE="Hot Topics in Network and Service Management (HotNSM) at International Symposium on Integrated Network Management (IM)", ADDRESS="Washington DC, USA", DAYS="8-12", MONTH="apr", YEAR="2019", webpdf = {https://s2labs.org/download/publications/2019-04_IM_HotNSM_Multi-Tenant_IoT_Service_Management_towards_an_App_Economy.pdf}}

@INPROCEEDINGS{pahl:IM2019:ServiceManagement, AUTHOR="Pahl, Marc-Oliver", TITLE="Multi-Tenant IoT Service Management towards an IOT App Economy", BOOKTITLE="Hot Topics in Network and Service Management (HotNSM) at International Symposium on Integrated Network Management (IM)", ADDRESS="Washington DC, USA", DAYS="8-12", MONTH="apr", YEAR="2019", webpdf = {https://s2labs.org/download/publications/2019-04_IM_HotNSM_Multi-Tenant_IoT_Service_Management_towards_an_App_Economy.pdf}}

@INPROCEEDINGS{pahl:IM2019:SMLIoTCaching, AUTHOR="Pahl, Marc-Oliver and Liebald, Stefan and Wüstrich, Lars", TITLE="Machine-learning based IoT Data Caching", BOOKTITLE="Hot Topics in Network and Service Management (HotNSM) at International Symposium on Integrated Network Management (IM)", ADDRESS="Washington DC, USA", DAYS="8-12", MONTH="apr", YEAR="2019", webpdf = {https://s2labs.org/download/publications/2019-04_IM_HotNSM_Machine-Learning_based_IoT_Caching.pdf}}

@INPROCEEDINGS{pahl:IM2019:SMLIoTCaching, AUTHOR="Pahl, Marc-Oliver and Liebald, Stefan and Wüstrich, Lars", TITLE="Machine-learning based IoT Data Caching", BOOKTITLE="Hot Topics in Network and Service Management (HotNSM) at International Symposium on Integrated Network Management (IM)", ADDRESS="Washington DC, USA", DAYS="8-12", MONTH="apr", YEAR="2019", webpdf = {https://s2labs.org/download/publications/2019-04_IM_HotNSM_Machine-Learning_based_IoT_Caching.pdf}}

@INPROCEEDINGS{pahl:netsys2019:demoVSL,AUTHOR={Pahl, Marc-Oliver and Liebald, Stefan and {L{\"u}bben}, Christian},TITLE="DEMO: {VSL:} A {Data-Centric} Internet of Things Overlay",BOOKTITLE="2019 International Conference on Networked Systems (NetSys) (NetSys'19)",ADDRESS="Garching b. M{\"u}nchen, Germany",DAYS=17,MONTH=mar,YEAR=2019,ABSTRACT="This paper gives an overview on the Virtual State Layer (VSL). The VSL is adata-centric middleware that unifies the access to distributedheterogeneous IoT components in a secure way. It thereby solves keychallenge of today's IoT namely reducing the complexity, enablinginteroperability, and providing security-by-design. We show the performanceof our solution and illustrate its practical use in a demo setup and plot.",webpdf = {https://s2labs.org/download/publications/2019-03_NetSys_Demo_VSL.pdf}}

@INPROCEEDINGS{pahl:netsys2019:demoVSL,AUTHOR={Pahl, Marc-Oliver and Liebald, Stefan and {L{\"u}bben}, Christian},TITLE="DEMO: {VSL:} A {Data-Centric} Internet of Things Overlay",BOOKTITLE="2019 International Conference on Networked Systems (NetSys) (NetSys'19)",ADDRESS="Garching b. M{\"u}nchen, Germany",DAYS=17,MONTH=mar,YEAR=2019,ABSTRACT="This paper gives an overview on the Virtual State Layer (VSL). The VSL is adata-centric middleware that unifies the access to distributedheterogeneous IoT components in a secure way. It thereby solves keychallenge of today's IoT namely reducing the complexity, enablinginteroperability, and providing security-by-design. We show the performanceof our solution and illustrate its practical use in a demo setup and plot.",webpdf = {https://s2labs.org/download/publications/2019-03_NetSys_Demo_VSL.pdf}}

@INPROCEEDINGS{pahl:netsys2019:data-centric-vsl,AUTHOR="Pahl, Marc-Oliver and Liebald, Stefan",TITLE="Information-Centric IoT Middleware Overlay: VSL",BOOKTITLE="2019 International Conference on Networked Systems (NetSys) (NetSys'19)",ADDRESS="Garching b. München, Germany",DAYS=17,MONTH=mar,YEAR=2019,ABSTRACT="The oil of the Internet of Things (IoT) is data. Consequently adata-centric or name-based design fits the challenges of the IoT very well.Especially when looking at edge-based approaches introducing a data-centricInternet architecture becomes possible as it does not require any changesat the core. Scalability and latency issues also play a smaller role at theedge, leveraging some problems of data-centric architectures.In this paper we present an edge-based data-centric architecture for theInternet of things (IoT). Our system architecture consists of distributedcomputing nodes. We show how they can manage themselves, forming an overlaythat enables data exchange between IoT services running on any node. Thecore of our abstraction is a hierarchical addressing scheme. We show how itenables complex service discovery. A key feature of our solution is usingdata as interface to services. We show how we solve the challenge ofunifying interfaces.We evaluate our solution in three perspectives: usability, performance interms of latency, and scalability in terms of throughput.",webpdf = {https://s2labs.org/download/publications/2019-03_NetSys_Designing_a_Data-Centric_Internet_of_Things.pdf}}

@INPROCEEDINGS{pahl:netsys2019:data-centric-vsl,AUTHOR="Pahl, Marc-Oliver and Liebald, Stefan",TITLE="Information-Centric IoT Middleware Overlay: VSL",BOOKTITLE="2019 International Conference on Networked Systems (NetSys) (NetSys'19)",ADDRESS="Garching b. München, Germany",DAYS=17,MONTH=mar,YEAR=2019,ABSTRACT="The oil of the Internet of Things (IoT) is data. Consequently adata-centric or name-based design fits the challenges of the IoT very well.Especially when looking at edge-based approaches introducing a data-centricInternet architecture becomes possible as it does not require any changesat the core. Scalability and latency issues also play a smaller role at theedge, leveraging some problems of data-centric architectures.In this paper we present an edge-based data-centric architecture for theInternet of things (IoT). Our system architecture consists of distributedcomputing nodes. We show how they can manage themselves, forming an overlaythat enables data exchange between IoT services running on any node. Thecore of our abstraction is a hierarchical addressing scheme. We show how itenables complex service discovery. A key feature of our solution is usingdata as interface to services. We show how we solve the challenge ofunifying interfaces.We evaluate our solution in three perspectives: usability, performance interms of latency, and scalability in terms of throughput.",webpdf = {https://s2labs.org/download/publications/2019-03_NetSys_Designing_a_Data-Centric_Internet_of_Things.pdf}}

@INPROCEEDINGS{pahl:IM2019:IoTServiceDiscovery, AUTHOR="Pahl, Marc-Oliver and Liebald, Stefan", TITLE="A Modular Distributed IoT Service Discovery", BOOKTITLE="International Symposium on Integrated Network Management (IM)", ADDRESS="Washington DC, USA", DAYS="8-12", MONTH="apr", YEAR="2019", ABSTRACT="The Internet of Things (IoT) consists of collaborating microservices ($\mu$Ss). Some services offer interfaces to manage entities, others implement orchestration logic, yet others interface users. Dynamic binding of services is fundamental to enable portability and adaptivity of $\mu$Ss to their local (service) context. The central challenge of service composition is service discovery. Service discovery has been investigated a lot in the past. However, the focus was on low ISO/ OSI layer technologies such as UPNP or Bonjour. Implementing the IoT as a Service-Oriented Architecture (SOA) of $\mu$Ss requires a significantly more feature rich discovery on the application layer. A major challenge here is that the IoT is more heterogeneous and dynamic than classic IT SOA systems. The IoT therefore requires a novel service discovery. We present a semantically rich yet simple to use IoT service discovery mechanism. It consists of distributed so called search providers that implement semantic directories, and a federation mechanism that allows mapping complex search queries to simple search provider modules. Our approach reflects the heterogeneity of managed entities, and the dynamic adaptivity required to reflect the continuous changes of IoT spaces. We evaluate our solution qualitatively with a user study and quantitatively via latency measurements.", KEYWORDS="Internet of Things Networks ; Internet of Things Services ; Context-Aware Services ; Fog and Mobile Edge Computing ", webpdf = {https://s2labs.org/download/publications/2019-04_IM_A_Modular_Distributed_IoT_Service_Discovery.pdf}}

@INPROCEEDINGS{pahl:IM2019:IoTServiceDiscovery, AUTHOR="Pahl, Marc-Oliver and Liebald, Stefan", TITLE="A Modular Distributed IoT Service Discovery", BOOKTITLE="International Symposium on Integrated Network Management (IM)", ADDRESS="Washington DC, USA", DAYS="8-12", MONTH="apr", YEAR="2019", ABSTRACT="The Internet of Things (IoT) consists of collaborating microservices ($\mu$Ss). Some services offer interfaces to manage entities, others implement orchestration logic, yet others interface users. Dynamic binding of services is fundamental to enable portability and adaptivity of $\mu$Ss to their local (service) context. The central challenge of service composition is service discovery. Service discovery has been investigated a lot in the past. However, the focus was on low ISO/ OSI layer technologies such as UPNP or Bonjour. Implementing the IoT as a Service-Oriented Architecture (SOA) of $\mu$Ss requires a significantly more feature rich discovery on the application layer. A major challenge here is that the IoT is more heterogeneous and dynamic than classic IT SOA systems. The IoT therefore requires a novel service discovery. We present a semantically rich yet simple to use IoT service discovery mechanism. It consists of distributed so called search providers that implement semantic directories, and a federation mechanism that allows mapping complex search queries to simple search provider modules. Our approach reflects the heterogeneity of managed entities, and the dynamic adaptivity required to reflect the continuous changes of IoT spaces. We evaluate our solution qualitatively with a user study and quantitatively via latency measurements.", KEYWORDS="Internet of Things Networks ; Internet of Things Services ; Context-Aware Services ; Fog and Mobile Edge Computing ", webpdf = {https://s2labs.org/download/publications/2019-04_IM_A_Modular_Distributed_IoT_Service_Discovery.pdf}}

@INPROCEEDINGS{pahl:IM2019:ServiceSecurity, AUTHOR="Pahl, Marc-Oliver and Donini, Lorenzo", TITLE="Giving IoT Edge Services an Identity and Changeable Attributes", BOOKTITLE="International Symposium on Integrated Network Management (IM)", ADDRESS="Washington DC, USA", DAYS="8-12", MONTH="apr", YEAR="2019", ABSTRACT="The Internet of Things (IoT) is managed by soft- ware. This software interfaces our physical surroundings. For a successful deployment of the IoT, providing adequate service security is essential. However, with its distributed heterogeneous nature, and its different stakeholders in the development process, securing IoT services is challenging. In this work we how certificates can be used to give services an identity for authentication. We show how the mechanism can be used to securely add attributes to the service executable. To reflect the dynamic distributed nature of the IoT, we show how the securely added attributes can be changed at runtime and how security policies can be enforced even on distributed loosely coupled IoT nodes. Our solution is based on pinning X.509v3 certificates to the service executables, and autonomously managing short certificate lifetimes for ensuring the desired security policies within guaranteed time limits. Besides the feasibility of our approach we asses the resulting traffic of the renewals and the power consumption of this process.", KEYWORDS="Internet of Things Networks ; Internet of Things Services ; Security Services ; Security Services ; Fog and Mobile Edge Computing ; Deployment of Services ", webpdf = {https://s2labs.org/download/publications/2019-04_IM_Giving_IoT_Services_an_Identitiy_and_Changeable_Attributes.pdf}}

@INPROCEEDINGS{pahl:IM2019:ServiceSecurity, AUTHOR="Pahl, Marc-Oliver and Donini, Lorenzo", TITLE="Giving IoT Edge Services an Identity and Changeable Attributes", BOOKTITLE="International Symposium on Integrated Network Management (IM)", ADDRESS="Washington DC, USA", DAYS="8-12", MONTH="apr", YEAR="2019", ABSTRACT="The Internet of Things (IoT) is managed by soft- ware. This software interfaces our physical surroundings. For a successful deployment of the IoT, providing adequate service security is essential. However, with its distributed heterogeneous nature, and its different stakeholders in the development process, securing IoT services is challenging. In this work we how certificates can be used to give services an identity for authentication. We show how the mechanism can be used to securely add attributes to the service executable. To reflect the dynamic distributed nature of the IoT, we show how the securely added attributes can be changed at runtime and how security policies can be enforced even on distributed loosely coupled IoT nodes. Our solution is based on pinning X.509v3 certificates to the service executables, and autonomously managing short certificate lifetimes for ensuring the desired security policies within guaranteed time limits. Besides the feasibility of our approach we asses the resulting traffic of the renewals and the power consumption of this process.", KEYWORDS="Internet of Things Networks ; Internet of Things Services ; Security Services ; Security Services ; Fog and Mobile Edge Computing ; Deployment of Services ", webpdf = {https://s2labs.org/download/publications/2019-04_IM_Giving_IoT_Services_an_Identitiy_and_Changeable_Attributes.pdf}}

@MISC{pahl:2019UITromso, author = {Pahl, Marc-Oliver}, title = {Taming the Internet of Things: DS2OS - a secure data-centric service-oriented approach}, howpublished = {Research talk at the UI Tromsø invited by Randi Karlson}, month = {Feb}, year = {2019}, webpdf = {https://youtu.be/XPaJ52592Sg}, abstract={The Internet of Things (IoT) consists of numerous sensors and actuators, from the door lock to the smart fridge. Its communication protocols and applications are diverse: Door locks and fridges typically do not speak the same language. That makes a comprehensive orchestration of all the IoT things complex.The Distributed Smart Space Orchestration System (DS2OS) is an IoT middleware that covers data and service management related aspects of Smart Spaces. Its target is hiding the complexity of the IoT and offering developers a high level of usability, security, resilience, and performance. It should become as easy to program a Smart Space as it is developing Apps for smartphones today.In my talk I will present central design elements of DS2OS and its middleware, the Virtual State Layer (VSL).}}

@MISC{pahl:2019UITromso, author = {Pahl, Marc-Oliver}, title = {Taming the Internet of Things: DS2OS - a secure data-centric service-oriented approach}, howpublished = {Research talk at the UI Tromsø invited by Randi Karlson}, month = {Feb}, year = {2019}, webpdf = {https://youtu.be/XPaJ52592Sg}, abstract={The Internet of Things (IoT) consists of numerous sensors and actuators, from the door lock to the smart fridge. Its communication protocols and applications are diverse: Door locks and fridges typically do not speak the same language. That makes a comprehensive orchestration of all the IoT things complex.The Distributed Smart Space Orchestration System (DS2OS) is an IoT middleware that covers data and service management related aspects of Smart Spaces. Its target is hiding the complexity of the IoT and offering developers a high level of usability, security, resilience, and performance. It should become as easy to program a Smart Space as it is developing Apps for smartphones today.In my talk I will present central design elements of DS2OS and its middleware, the Virtual State Layer (VSL).}}

@INPROCEEDINGS{pahl:CNSM18:MLIoTServiceAnomaly,AUTHOR="Pahl, Marc-Oliver and Aubet, Francois-Xavier",TITLE="All Eyes on You: Distributed {Multi-Dimensional} {IoT} Microservice AnomalyDetection",BOOKTITLE="2018 14th International Conference on Network and Service Management (CNSM)(CNSM 2018)",ADDRESS="Rome, Italy",DAYS=4,MONTH=nov, webpdf = {https://s2labs.org/download/publications/2018-11_CNSM_All_Eyes_On_You_pahl.pdf},YEAR=2018,ABSTRACT="The Internet of Things (IoT) is a Distributed System of cooperatingMicroservices (μSs). IoT services manage devices that monitor and controltheir environments. The interaction of the IoT with the physicalenvironment creates strong security, privacy, and safety implications. Itmakes providing adequate security for IoT μSs essential. However, thecomplexity of IoT services makes detecting anomalous behavior difficult.We present a machine-learning based approach for modeling IoT servicebehavior by only observing inter-service communication. Our algorithmcontinuously learns μS models on distributed IoT nodes within an IoT site.Combining the learned models within and in-between IoT sites converges ourμS models within short time. Sharing the resulting stable models amongcompute nodes enables good anomaly detection.As one application, firewalling IoT μSs becomes possible. Combining ourautonomous μS modeling with firewalling enables retrofitting security toexisting IoT installations. We enable retrofitting access control toexisting non-secure IoT installations.Our proposed approach is resource efficient matching the requirements ofthe IoT. To evaluate the quality of our proposed algorithm, we show thebehavior of our proposed algorithm for a set of common IoT attacks. Weevaluate how domain knowledge enables us to decorrelate events on a node,and how adding context features improves the detection rate."}

@INPROCEEDINGS{pahl:CNSM18:MLIoTServiceAnomaly,AUTHOR="Pahl, Marc-Oliver and Aubet, Francois-Xavier",TITLE="All Eyes on You: Distributed {Multi-Dimensional} {IoT} Microservice AnomalyDetection",BOOKTITLE="2018 14th International Conference on Network and Service Management (CNSM)(CNSM 2018)",ADDRESS="Rome, Italy",DAYS=4,MONTH=nov, webpdf = {https://s2labs.org/download/publications/2018-11_CNSM_All_Eyes_On_You_pahl.pdf},YEAR=2018,ABSTRACT="The Internet of Things (IoT) is a Distributed System of cooperatingMicroservices (μSs). IoT services manage devices that monitor and controltheir environments. The interaction of the IoT with the physicalenvironment creates strong security, privacy, and safety implications. Itmakes providing adequate security for IoT μSs essential. However, thecomplexity of IoT services makes detecting anomalous behavior difficult.We present a machine-learning based approach for modeling IoT servicebehavior by only observing inter-service communication. Our algorithmcontinuously learns μS models on distributed IoT nodes within an IoT site.Combining the learned models within and in-between IoT sites converges ourμS models within short time. Sharing the resulting stable models amongcompute nodes enables good anomaly detection.As one application, firewalling IoT μSs becomes possible. Combining ourautonomous μS modeling with firewalling enables retrofitting security toexisting IoT installations. We enable retrofitting access control toexisting non-secure IoT installations.Our proposed approach is resource efficient matching the requirements ofthe IoT. To evaluate the quality of our proposed algorithm, we show thebehavior of our proposed algorithm for a set of common IoT attacks. Weevaluate how domain knowledge enables us to decorrelate events on a node,and how adding context features improves the detection rate."}

@MISC{pahl:2018adhocnow, author = {Pahl, Marc-Oliver}, title = {Securing the Internet of Things}, howpublished = {Keynote at the AdHoc Now conference.}, month = {Sep}, year = {2018}, webpdf = {https://s2labs.org/download/publications/2018-09-07_Keynote_Security_TUM_pahl.pdf}, abstract={The Industrial Internet of Things (IIoT) can be described as a Distributed System of cooperating Microservices (µSs). These services manage devices that monitor and control their environments such as industrial robots. The IIoT Microservices thereby obtain privacy-relevant data, e.g. about workers, and command safety-critical control, e.g. when operating robot arms close to humans. Also they have inherently access to security-critical information such as production plans. Consequently securing services is essential for the IIoT. In my talk I will discuss challenges and provide different strategies for securing the IIoT.}}

@MISC{pahl:2018adhocnow, author = {Pahl, Marc-Oliver}, title = {Securing the Internet of Things}, howpublished = {Keynote at the AdHoc Now conference.}, month = {Sep}, year = {2018}, webpdf = {https://s2labs.org/download/publications/2018-09-07_Keynote_Security_TUM_pahl.pdf}, abstract={The Industrial Internet of Things (IIoT) can be described as a Distributed System of cooperating Microservices (µSs). These services manage devices that monitor and control their environments such as industrial robots. The IIoT Microservices thereby obtain privacy-relevant data, e.g. about workers, and command safety-critical control, e.g. when operating robot arms close to humans. Also they have inherently access to security-critical information such as production plans. Consequently securing services is essential for the IIoT. In my talk I will discuss challenges and provide different strategies for securing the IIoT.}}

@online{pahl:2018-JacobsUniversity, author = {Pahl, Marc-Oliver}, title = {The iLab Concept - Making Teaching better, at Scale}, booktitle = {Invited talk at Jacobs University Bremen}, year = {2018}, webpdf = {http://www.pahl.de/download/publications/2018-04-09_Jacobs_University_Bremen-The_iLab_Concept_-_Making_teaching_better,_at_scale.pdf}, address = {Bremen, Germany},}

@online{pahl:2018-JacobsUniversity, author = {Pahl, Marc-Oliver}, title = {The iLab Concept - Making Teaching better, at Scale}, booktitle = {Invited talk at Jacobs University Bremen}, year = {2018}, webpdf = {http://www.pahl.de/download/publications/2018-04-09_Jacobs_University_Bremen-The_iLab_Concept_-_Making_teaching_better,_at_scale.pdf}, address = {Bremen, Germany},}

@inproceedings{pahlNOMS2018:ML-as-a-Microservice,author = {Pahl, Marc-Oliver and Loipfinger, Markus},title = {{Machine Learning as a Reusable Microservice}},booktitle = {Network Operations and Management Symposium (NOMS)},year = {2018},month = apr,webpdf = {https://s2labs.org/download/publications/NOMS2018_Machine_Learning_as_a_reusable_Microservice.pdf}}

@inproceedings{pahlNOMS2018:ML-as-a-Microservice,author = {Pahl, Marc-Oliver and Loipfinger, Markus},title = {{Machine Learning as a Reusable Microservice}},booktitle = {Network Operations and Management Symposium (NOMS)},year = {2018},month = apr,webpdf = {https://s2labs.org/download/publications/NOMS2018_Machine_Learning_as_a_reusable_Microservice.pdf}}

@inproceedings{pahlNOMS2018:Certificate-based-IoT-Microservice-Security,author = {Pahl, Marc-Oliver and Donini, Lorenzo},title = {{Securing IoT Microservices with Certificates}},booktitle = {Network Operations and Management Symposium (NOMS)},year = {2018},month = apr,webpdf = {https://s2labs.org/download/publications/NOMS2018_Securing_IoT_Microservices_with_Certificates.pdf}}