Like all chair members, you reach me at surname@this domain.
Email policy
I receive a lot of email per day. Therefore, unluckily I cannot read all of them. If you do not receive an answer within 2 days, please feel free to recontact me as it is likely that I did not see your email.
Professor for Cybersecurity at IMT Atlantique | Chairholder CyberCNI.fr | VP German Chapter of the ACM | Cybersecurity Expert | Speaker at IMT Atlantique
Marc-Oliver Pahl is Professor at the Technical University IMT Atlantique at the campus Rennes, Brittany, France. He heads the Chair of Cybersecurity in Critical Networked Infrastructures (Cyber CNI) with currently 9 PhD students, 4 PostDocs, and 11 associated professors. He also supervises PhD students at Technical University of Munich.
Marc-Oliver is an adjunct professor of Carleton University in Canada. Marc-Oliver’s research focus is on a holistic approach to cybersecurity. He is an experienced teacher and an eLearning pioneer, holding several teaching awards.
Marc-Oliver holds a Diploma from University of Tübingen and a PhD from Technical University of Munich.
Marc-Oliver is Vice President of the German Chapter of the Association for Computing Machinery (ACM) (https://germany.acm.org/). He heads the Future Education activities of the German-French Academy for the Industry of the Future (https://future-industry.org/).
Marc-Oliver’s research focus is on a holistic approach to cybersecurity. He works on security-by-design, anomaly detection, human-in-the-loop, and automation. His goal is making cybersecurity manageable, resulting in highly resilient and reliable systems. Marc-Oliver publishes regularly in the network and service management and security communities.
My research domain is cybersecurity. I follow a holistic multi-disciplinary approach, including the areas security-by-design, continuous monitoring and data analytics for anomaly detection, (semi-) automated defence for increasing resilience, and human-in-the-loop with multi-modal 3D interfaces.
@inproceedings{muhlbauer2020open,
title = {Open-source OPC UA security and scalability},
author = {Nikolas M\"{u}hlbauer and Erkin Kirdan and Marc-Oliver Pahl and Georg Carle},
year = {2020},
date = {2020-01-01},
booktitle = {2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)},
volume = {1},
pages = {262\textendash269},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{wustrich2020extensible,
title = {An extensible IoT Security Taxonomy},
author = {Lars W\"{u}strich and Marc-Oliver Pahl and Stefan Liebald},
doi = {10.1109/ISCC50000.2020.9219584},
year = {2020},
date = {2020-01-01},
booktitle = {IEEE ISCC 2020},
abstract = {Security is essential in the Internet of Things (IoT). IoT threat classifications are often non-intuitive to use. Identifying relevant properties of an attack is difficult and requires reading details of the attack. We therefore propose a simple-to-use naming scheme for IoT threat classification. It is based on the affected layers and the affected security goals. We evaluate the usefulness of the chosen approach by applying it to common IoT threats.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Security is essential in the Internet of Things (IoT). IoT threat classifications are often non-intuitive to use. Identifying relevant properties of an attack is difficult and requires reading details of the attack. We therefore propose a simple-to-use naming scheme for IoT threat classification. It is based on the affected layers and the affected security goals. We evaluate the usefulness of the chosen approach by applying it to common IoT threats.
@inproceedings{piccoli2020ensuring,
title = {Ensuring consistency for asynchronous Group-Key management in the industrial IoT},
author = {Alessandro Piccoli and Marc-Oliver Pahl and Steffen Fries and Tolga Sel},
year = {2020},
date = {2020-01-01},
booktitle = {2020 16th International Conference on Network and Service Management (CNSM)},
pages = {1\textendash5},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{Lubben2020,
title = {Using Deep Learning to Replace Domain Knowledge},
author = {Christian Lubben and Marc Oliver Pahl and Mohammad Irfan Khan},
doi = {10.1109/ISCC50000.2020.9219567},
issn = {15301346},
year = {2020},
date = {2020-01-01},
journal = {Proceedings - IEEE Symposium on Computers and Communications},
volume = {2020-July},
abstract = {Complex problems like the prediction of future behavior of a system are usually solved by using domain knowledge. This knowledge comes with a certain expense which can be monetary costs or efforts to generate it. We want to decrease this cost while using state of the art machine learning and prediction methods. Our aim is to replace the domain knowledge and create a black-box solution that offers automatic reasoning and accurate predictions. Our guiding example is packet scheduling optimization in Vehicle to Vehicle (V2V) communication. Within the evaluation, we compare the prediction quality of a labour-intense whitebox approach with the presented fully-automated blackbox approach. To ease the measurement process we propose a framework design which allows easy exchange of predictors. The results show the successful design of our framework as well as superior accuracy of the black box approach.},
keywords = {ANN, deep learning, network traffic prediction, V2V, V2X},
pubstate = {published},
tppubtype = {article}
}
Complex problems like the prediction of future behavior of a system are usually solved by using domain knowledge. This knowledge comes with a certain expense which can be monetary costs or efforts to generate it. We want to decrease this cost while using state of the art machine learning and prediction methods. Our aim is to replace the domain knowledge and create a black-box solution that offers automatic reasoning and accurate predictions. Our guiding example is packet scheduling optimization in Vehicle to Vehicle (V2V) communication. Within the evaluation, we compare the prediction quality of a labour-intense whitebox approach with the presented fully-automated blackbox approach. To ease the measurement process we propose a framework design which allows easy exchange of predictors. The results show the successful design of our framework as well as superior accuracy of the black box approach.
@article{Muhlbauer2020,
title = {Open-Source OPC UA Security and Scalability},
author = {Nikolas M\"{u}hlbauer and Erkin Kirdan and Marc Oliver Pahl and Georg Carle},
doi = {10.1109/ETFA46521.2020.9212091},
issn = {19460759},
year = {2020},
date = {2020-01-01},
journal = {IEEE International Conference on Emerging Technologies and Factory Automation, ETFA},
volume = {2020-Septe},
pages = {262--269},
abstract = {OPC UA is widely adopted for remote-control in industrial environments. It has a central role for industrial control systems as it enables remote management. Compromising OPC UA can lead to compromising entire production facilities. Consequently, OPC UA requires a high level of security. Major commercial OPC UA implementations have compliance certificates ensuring that their security models obey the specification. However, open-source OPC UA implementations that have wide deployment mostly lack these certificates. In this work, we investigate the security models of the four most commonly used open-source implementations: open62541, node-opcua, UA-.NETStandard, and python-opcua. Furthermore, their scalabilities for the number of clients and OPC UA nodes are also analyzed.},
keywords = {OPC UA, open-source, scalability, Security},
pubstate = {published},
tppubtype = {article}
}
OPC UA is widely adopted for remote-control in industrial environments. It has a central role for industrial control systems as it enables remote management. Compromising OPC UA can lead to compromising entire production facilities. Consequently, OPC UA requires a high level of security. Major commercial OPC UA implementations have compliance certificates ensuring that their security models obey the specification. However, open-source OPC UA implementations that have wide deployment mostly lack these certificates. In this work, we investigate the security models of the four most commonly used open-source implementations: open62541, node-opcua, UA-.NETStandard, and python-opcua. Furthermore, their scalabilities for the number of clients and OPC UA nodes are also analyzed.
@inproceedings{Piccoli2020,
title = {Group Key Management in constrained IoT Settings},
author = {A Piccoli and M-O Pahl and L W\"{u}strich},
doi = {10.1109/ISCC50000.2020.9219619},
issn = {15301346},
year = {2020},
date = {2020-01-01},
booktitle = {Proceedings - IEEE Symposium on Computers and Communications},
volume = {2020-July},
abstract = {textcopyright 2020 IEEE. The Internet of Things (IoT) enables software to orchestrate physical spaces. Due to the increased impact, IoT communication in factories, households, or critical infrastructures has to be highly secured. Besides point-to-point communication, group communication is frequently used in the IoT. Securing it typically requires the exchange of cryptographic keys. Several protocols have been proposed for such Group Key Management (GKM). They vary in their targeted settings, in their Key Distribution Model, Architecture Model, Reliability Properties, and Protocol Overhead. This paper surveys existing GKM mechanisms, analyzes their suitability for constrained IoT settings, and identifies open issues that require further research.},
keywords = {autonomous management, constrained nodes, group key management, IoT, reliability, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
textcopyright 2020 IEEE. The Internet of Things (IoT) enables software to orchestrate physical spaces. Due to the increased impact, IoT communication in factories, households, or critical infrastructures has to be highly secured. Besides point-to-point communication, group communication is frequently used in the IoT. Securing it typically requires the exchange of cryptographic keys. Several protocols have been proposed for such Group Key Management (GKM). They vary in their targeted settings, in their Key Distribution Model, Architecture Model, Reliability Properties, and Protocol Overhead. This paper surveys existing GKM mechanisms, analyzes their suitability for constrained IoT settings, and identifies open issues that require further research.
@article{Pahl2019c,
title = {VSL: A Data-Centric Internet of Things Overlay},
author = {Marc-Oliver Pahl and Stefan Liebald and Christian L\"{u}bben},
url = {https://s2labs.org/download/publications/2019-03_NetSys_Demo_VSL.pdf%0Ahttps://www.netsys2019.org/proceedings/},
year = {2019},
date = {2019-01-01},
journal = {International Conference on Networked Systems 2019 (NetSys)},
pages = {1--3},
abstract = {Data-centric service-oriented designs are promising for overcoming the current IoT silos. The Virtual State Layer (VSL) is a data-centric middleware that securely unifies the access to distributed heterogeneous IoT components. The VSL solves key challenge of today's IoT: reducing the complexity, enabling interoperability, and providing security-by-design. The described practical setting enables the interactive exploration of a data- centric middleware including a live performance evaluation.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Data-centric service-oriented designs are promising for overcoming the current IoT silos. The Virtual State Layer (VSL) is a data-centric middleware that securely unifies the access to distributed heterogeneous IoT components. The VSL solves key challenge of today's IoT: reducing the complexity, enabling interoperability, and providing security-by-design. The described practical setting enables the interactive exploration of a data- centric middleware including a live performance evaluation.
@article{Pahl2019a,
title = {Information-Centric IoT Middleware Overlay: VSL},
author = {Marc-Oliver Pahl and Stefan Liebald},
url = {https://s2labs.org/download/publications/2019-03_NetSys_Designing_a_Data-Centric_Internet_of_Things.pdf%0Ahttps://www.netsys2019.org/proceedings/},
isbn = {9781728105680},
year = {2019},
date = {2019-01-01},
journal = {International Conference on Networked Systems 2019 (NetSys)},
abstract = {The heart of the Internet of Things (IoT) is data. IoT services processes data from sensors that interface their physical surroundings, and from other software such as Internet weather databases. They produce data to control physical environments via actuators, and offer data to other services. More recently, service-centric designs for managing the IoT have been proposed. Data-centric or name-based communica- tion architectures complement these developments very well. Especially for edge-based or site-local installations, data-centric Internet architectures can be implemented already today, as they do not require any changes at the core. We present the Virtual State Layer (VSL), a site-local data- centric architecture for the IoT. Special features of our solution are full separation of logic and data in IoT services, offering the data-centric VSL interface directly to developers, which significantly reduces the overall system complexity, explicit data modeling, a semantically-rich data item lookup, stream connec- tions between services, and security-by-design. We evaluate our solution regarding usability, performance, scalability, resilience, energy efficiency, and security.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
The heart of the Internet of Things (IoT) is data. IoT services processes data from sensors that interface their physical surroundings, and from other software such as Internet weather databases. They produce data to control physical environments via actuators, and offer data to other services. More recently, service-centric designs for managing the IoT have been proposed. Data-centric or name-based communica- tion architectures complement these developments very well. Especially for edge-based or site-local installations, data-centric Internet architectures can be implemented already today, as they do not require any changes at the core. We present the Virtual State Layer (VSL), a site-local data- centric architecture for the IoT. Special features of our solution are full separation of logic and data in IoT services, offering the data-centric VSL interface directly to developers, which significantly reduces the overall system complexity, explicit data modeling, a semantically-rich data item lookup, stream connec- tions between services, and security-by-design. We evaluate our solution regarding usability, performance, scalability, resilience, energy efficiency, and security.
@inproceedings{pahl2019designing,
title = {Designing a Data-Centric internet of things},
author = {Marc-Oliver Pahl and Stefan Liebald},
year = {2019},
date = {2019-01-01},
booktitle = {2019 International Conference on Networked Systems (NetSys)(NetSys’ 19)},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{pahl2019vsl,
title = {VSL: A data-centric internet of things overlay},
author = {Marc-Oliver Pahl and Stefan Liebald and Christian L\"{u}bben},
year = {2019},
date = {2019-01-01},
booktitle = {2019 International Conference on Networked Systems (NetSys)},
pages = {1\textendash3},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{pahl2019machine,
title = {Machine-learning based IoT data caching},
author = {Marc-Oliver Pahl and Stefan Liebald and Lars W\"{u}strich},
year = {2019},
date = {2019-01-01},
booktitle = {2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)},
pages = {9\textendash12},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{seeger2019rule,
title = {Rule-based translation of application-level QoS constraints into SDN configurations for the IoT},
author = {Jan Seeger and Arne Br\"{o}ring and Marc-Oliver Pahl and Ermin Sakic},
year = {2019},
date = {2019-01-01},
booktitle = {2019 European Conference on Networks and Communications (EuCNC)},
pages = {432\textendash437},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{von2019generalized,
title = {A generalized tdoa/toa model for tof positioning},
author = {Maximilian Tschirschnitz and Marcel Wagner and Marc-Oliver Pahl and Georg Carle},
year = {2019},
date = {2019-01-01},
booktitle = {2019 International Conference on Indoor Positioning and Indoor Navigation (IPIN)},
pages = {1\textendash8},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{von2019clock,
title = {Clock error analysis of common time of flight based positioning methods},
author = {Maximilian Tschirschnitz and Marcel Wagner and Marc-Oliver Pahl and Georg Carle},
year = {2019},
date = {2019-01-01},
booktitle = {2019 International Conference on Indoor Positioning and Indoor Navigation (IPIN)},
pages = {1\textendash8},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{Pahl2019,
title = {Giving IoT services an identity and changeable attributes},
author = {Marc Oliver Pahl and Lorenzo Donini},
isbn = {9783903176157},
year = {2019},
date = {2019-01-01},
journal = {2019 IFIP/IEEE Symposium on Integrated Network and Service Management, IM 2019},
number = {section II},
pages = {455--461},
abstract = {The Internet of Things (IoT) pervades our surroundings. It softwarizes our physical environments. Software controls devices that interface their physical environments. The IoT is often privacy, safety, and security critical. Consequently, it requires adequate mechanisms for securing its services. For reasons such as heterogeneity, complexity, and lack of deployment there is little research on IoT service security.Our work creates a base for IoT service security. We give IoT services secure identities and attributes. Using site-local X.509v3 certificates with short lifetimes, we show how service attributes can securely be changed at runtime. This enables enforcing security policies even on distributed, loosely coupled IoT nodes. Our central mechanisms are pinning certificates to service executables, and autonomously managing the short certificate lifetimes. We assess the resulting renewal traffic and power consumption. textcopyright 2019 IFIP.},
keywords = {Autonomous service management, Certificates, IoT, Metadata, Microservices, Security, Unattended nodes, X.509},
pubstate = {published},
tppubtype = {article}
}
The Internet of Things (IoT) pervades our surroundings. It softwarizes our physical environments. Software controls devices that interface their physical environments. The IoT is often privacy, safety, and security critical. Consequently, it requires adequate mechanisms for securing its services. For reasons such as heterogeneity, complexity, and lack of deployment there is little research on IoT service security.Our work creates a base for IoT service security. We give IoT services secure identities and attributes. Using site-local X.509v3 certificates with short lifetimes, we show how service attributes can securely be changed at runtime. This enables enforcing security policies even on distributed, loosely coupled IoT nodes. Our central mechanisms are pinning certificates to service executables, and autonomously managing the short certificate lifetimes. We assess the resulting renewal traffic and power consumption. textcopyright 2019 IFIP.
@article{Pahl2019b,
title = {Machine-learning based IoT data caching},
author = {Marc Oliver Pahl and Stefan Liebald and Lars Wustrich},
isbn = {9783903176157},
year = {2019},
date = {2019-01-01},
journal = {2019 IFIP/IEEE Symposium on Integrated Network and Service Management, IM 2019},
pages = {9--12},
abstract = {he Internet of Things (IoT) continuously produces big amounts of data. Data-centric middleware can therefore help reducing the complexity when orchestrating distributed Things. With its heterogeneity and resource limitations, IoT applications can lack performance, scalability, or resilience. Caching can help overcoming the limitations. We are currently working on establishing data caching within IoT middleware. The paper presents fundamentals of caching, major challenges, relevant state of the art, and a description of our current approaches. We show directions of using machine learning for caching in the IoT.},
keywords = {Caching, Data-centric, Internet of Things, Machine learning},
pubstate = {published},
tppubtype = {article}
}
he Internet of Things (IoT) continuously produces big amounts of data. Data-centric middleware can therefore help reducing the complexity when orchestrating distributed Things. With its heterogeneity and resource limitations, IoT applications can lack performance, scalability, or resilience. Caching can help overcoming the limitations. We are currently working on establishing data caching within IoT middleware. The paper presents fundamentals of caching, major challenges, relevant state of the art, and a description of our current approaches. We show directions of using machine learning for caching in the IoT.
@article{Pahl2018c,
title = {Securing IoT microservices with certificates},
author = {Marc Oliver Pahl and Lorenzo Donini},
doi = {10.1109/NOMS.2018.8406189},
isbn = {9781538634165},
year = {2018},
date = {2018-01-01},
journal = {IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018},
pages = {1--5},
abstract = {The Internet of Things (IoT) consists of distributed computing nodes. With increasing processor power such nodes can be used as hosts for microservices. IoT services routinely processes security critical data that affects the privacy, safety, and security of users. However, suitable security mechanisms remain missing. Fundamental open challenges are the authentication of services, securing the metadata of services, and validating the correct functioning of security mechanisms on distributed entities under different authorities. In this paper we present a certificate- based methodology for authenticating services, securely adding information to their executables, and validating the correct functioning of distributed entities of our design. We add X.509 certificates with extended attributes to the service executables. By introducing different trust anchors, services and their metadata are protected through their entire life cycle from developers to the computing nodes running them. Our solution enables distributed nodes to verify the security properties locally. It enables reliably changing certificate properties across the distributed IoT nodes. It features autonomous certificate management. We evaluate the traffic caused by our autonomous certificate management process quantitatively. The presented solution is churn tolerant and applicable to diverse distributed systems.},
keywords = {Autonomous certificate management, Certificates, IoT, Microservices, Security, Unattended nodes, X.509},
pubstate = {published},
tppubtype = {article}
}
The Internet of Things (IoT) consists of distributed computing nodes. With increasing processor power such nodes can be used as hosts for microservices. IoT services routinely processes security critical data that affects the privacy, safety, and security of users. However, suitable security mechanisms remain missing. Fundamental open challenges are the authentication of services, securing the metadata of services, and validating the correct functioning of security mechanisms on distributed entities under different authorities. In this paper we present a certificate- based methodology for authenticating services, securely adding information to their executables, and validating the correct functioning of distributed entities of our design. We add X.509 certificates with extended attributes to the service executables. By introducing different trust anchors, services and their metadata are protected through their entire life cycle from developers to the computing nodes running them. Our solution enables distributed nodes to verify the security properties locally. It enables reliably changing certificate properties across the distributed IoT nodes. It features autonomous certificate management. We evaluate the traffic caused by our autonomous certificate management process quantitatively. The presented solution is churn tolerant and applicable to diverse distributed systems.
@article{Pahl2018b,
title = {Graph-based IoT microservice security},
author = {Marc Oliver Pahl and Fran\c{c}ois Xavier Aubet and Stefan Liebald},
doi = {10.1109/NOMS.2018.8406118},
isbn = {9781538634165},
year = {2018},
date = {2018-01-01},
journal = {IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018},
pages = {1--3},
abstract = {The Internet of Things (IoT) can be considered as Service Oriented Architecture (SOA) of Microservices ($mu$S). The $mu$Ss inherently process data that affects the privacy, safety, and security of its users. IoT service security is a key challenge. Most state of the art providing IoT system security is policy based. We showcase a graph-based access control that runs as module on IoT nodes, or in the network. Our solution intercepts and firewalls inter-service communication. It automatically creates a model of legitimate communication relationships. The model is interactively updated via a simple-to-understand interface. Our solution adds inevitable IoT security to existing IoT systems .},
keywords = {Autonomous service management, firewall, IoT, Mi-croservices, Passive monitoring, Security, Unattended nodes},
pubstate = {published},
tppubtype = {article}
}
The Internet of Things (IoT) can be considered as Service Oriented Architecture (SOA) of Microservices ($mu$S). The $mu$Ss inherently process data that affects the privacy, safety, and security of its users. IoT service security is a key challenge. Most state of the art providing IoT system security is policy based. We showcase a graph-based access control that runs as module on IoT nodes, or in the network. Our solution intercepts and firewalls inter-service communication. It automatically creates a model of legitimate communication relationships. The model is interactively updated via a simple-to-understand interface. Our solution adds inevitable IoT security to existing IoT systems .
@article{Pahl2016a,
title = {Distributed smart space orchestration},
author = {Marc Oliver Pahl and Georg Carle and Gudrun Klinker},
doi = {10.1109/NOMS.2016.7502936},
isbn = {9781509002238},
year = {2016},
date = {2016-01-01},
journal = {Proceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium},
pages = {979--984},
abstract = {A programming abstraction for pervasive computing is introduced. It is based on context models and a novel concept that is called Virtual Context. An extensive requirements analysis for a real-world deployment of pervasive computing is presented. It is the base for an assessment of relevant state of the art that reveals the missing of a suitable programming abstraction. The work introduces a collaborative ontology for smart spaces, the concepts Virtual Context and micro-middleware, and, based on the former, a self- managing service management framework for smart spaces. The implementation of the concepts is quantitatively and qualitatively evaluated.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
A programming abstraction for pervasive computing is introduced. It is based on context models and a novel concept that is called Virtual Context. An extensive requirements analysis for a real-world deployment of pervasive computing is presented. It is the base for an assessment of relevant state of the art that reveals the missing of a suitable programming abstraction. The work introduces a collaborative ontology for smart spaces, the concepts Virtual Context and micro-middleware, and, based on the former, a self- managing service management framework for smart spaces. The implementation of the concepts is quantitatively and qualitatively evaluated.
@article{Pahl2015a,
title = {Data-centric service-oriented management of things},
author = {Marc Oliver Pahl},
doi = {10.1109/INM.2015.7140326},
isbn = {9783901882760},
year = {2015},
date = {2015-01-01},
journal = {Proceedings of the 2015 IFIP/IEEE International Symposium on Integrated Network Management, IM 2015},
pages = {484--490},
abstract = {With the Internet of Things, more and more devices become remotely manageable. The amount and heterogeneity of managed devices make the task of implementing management functionality challenging. Future Pervasive Computing scenarios require implementing a plethora of services to provide management functionality. With growing demand on services, reducing the emerging complexity becomes increasingly important. A simple-to-use programming model for implementing complex management scenarios is essential to enable developers to create the growing amount of required management software at high quality. The paper presents how data-centric mechanisms, as known from network management, can be utilized to create a service-oriented architecture (SOA) for management services. The resulting shift of complexity from access functionality towards data structures introduces new flexibility and facilitates the programming of management applications significantly. This is evaluated with a user study on the reference implementation.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
With the Internet of Things, more and more devices become remotely manageable. The amount and heterogeneity of managed devices make the task of implementing management functionality challenging. Future Pervasive Computing scenarios require implementing a plethora of services to provide management functionality. With growing demand on services, reducing the emerging complexity becomes increasingly important. A simple-to-use programming model for implementing complex management scenarios is essential to enable developers to create the growing amount of required management software at high quality. The paper presents how data-centric mechanisms, as known from network management, can be utilized to create a service-oriented architecture (SOA) for management services. The resulting shift of complexity from access functionality towards data structures introduces new flexibility and facilitates the programming of management applications significantly. This is evaluated with a user study on the reference implementation.
@article{shrestha2014convergence,
title = {Convergence Mechanisms for a Smart Space App Store},
author = {Bibek Shrestha and Marc-Oliver Pahl and Benjamin Hof},
year = {2014},
date = {2014-01-01},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
@article{shrestha2014final,
title = {Final Talk Convergence Mechanisms for a Smart Space App Store},
author = {Bibek Shrestha and Marc-Oliver Pahl and Benjamin Hof},
year = {2014},
date = {2014-01-01},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
@article{Pahl2014,
title = {Crowdsourced context-modeling as key to future smart spaces},
author = {Marc Oliver Pahl and Georg Carle},
doi = {10.1109/NOMS.2014.6838362},
isbn = {9781479909131},
year = {2014},
date = {2014-01-01},
journal = {IEEE/IFIP NOMS 2014 - IEEE/IFIP Network Operations and Management Symposium: Management in a Software Defined World},
abstract = {Managing smart spaces with software requires the acquisition and processing of context information about a space. To be usable for exchanging information, a context representation has to be structured with a context model. Existing context-modeling techniques usually require experts and lack support for collaborative distributed creation, which prevents a crowdsourced development in a distributed collaborative way by non-experts. To facilitate context modeling, this paper presents a hybrid meta model that combines features from key-value, markup, object oriented, and ontology based context-modeling approaches. An architecture is introduced that allows the dynamic collaborative extension and crowdsourced convergence of context models.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Managing smart spaces with software requires the acquisition and processing of context information about a space. To be usable for exchanging information, a context representation has to be structured with a context model. Existing context-modeling techniques usually require experts and lack support for collaborative distributed creation, which prevents a crowdsourced development in a distributed collaborative way by non-experts. To facilitate context modeling, this paper presents a hybrid meta model that combines features from key-value, markup, object oriented, and ontology based context-modeling approaches. An architecture is introduced that allows the dynamic collaborative extension and crowdsourced convergence of context models.
@article{Pahl2013a,
title = {Taking smart space users into the development loop: an architecture for community based software development for smart spaces},
author = {Marc-Oliver Pahl and Georg Carle},
isbn = {9783901882562},
year = {2013},
date = {2013-01-01},
journal = {Proceedings of the 2013 ACM conference on Pervasive and ubiquitous computing adjunct publication},
pages = {793--800},
abstract = {Smart spaces need driver services to connect accessed hardware and orchestration services to realize scenarios. There is a problem of scale in software development for smart spaces because it is done by few. It is also problematic that those few decide about what is supported and developed. We propose to provide users with tools for community based development of driver and orchestration services. We analyze the requirements for a middleware framework to allow distributed development. We present necessary extensions that promote community based development: (1) a repository for interface definitions, (2) App Store and App Manager, and (3) multi-dimensional ratings. Finally we present how smart space software development can be facilitated using our Distributed Smart Space Orchestration System (DS2OS).},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Smart spaces need driver services to connect accessed hardware and orchestration services to realize scenarios. There is a problem of scale in software development for smart spaces because it is done by few. It is also problematic that those few decide about what is supported and developed. We propose to provide users with tools for community based development of driver and orchestration services. We analyze the requirements for a middleware framework to allow distributed development. We present necessary extensions that promote community based development: (1) a repository for interface definitions, (2) App Store and App Manager, and (3) multi-dimensional ratings. Finally we present how smart space software development can be facilitated using our Distributed Smart Space Orchestration System (DS2OS).
@inproceedings{pahl2013taking,
title = {Taking smart space users into the development loop},
author = {Marc-Oliver Pahl and Georg Carle},
year = {2013},
date = {2013-01-01},
booktitle = {UbiComp 2013 Adjunct (HomeSys 2013)},
pages = {793\textendash800},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
In: 2013 IEEE International Conference on Pervasive Computing and Communications Workshops, PerCom Workshops 2013, pp. 139–144, 2013, ISBN: 9781467350778.
@article{Pahl2013,
title = {The missing layer-Virtualizing smart spaces},
author = {Marc Oliver Pahl and Georg Carle},
doi = {10.1109/PerComW.2013.6529471},
isbn = {9781467350778},
year = {2013},
date = {2013-01-01},
journal = {2013 IEEE International Conference on Pervasive Computing and Communications Workshops, PerCom Workshops 2013},
pages = {139--144},
abstract = {With the Virtual State Layer (VSL), an abstraction for software-based orchestration of smart spaces is presented. The aim of the VSL is to ease the programming of orchestration software while not limiting its functionality. textcopyright 2013 IEEE.},
keywords = {app store, autonomous computing, distributed computing, smart space},
pubstate = {published},
tppubtype = {article}
}
With the Virtual State Layer (VSL), an abstraction for software-based orchestration of smart spaces is presented. The aim of the VSL is to ease the programming of orchestration software while not limiting its functionality. textcopyright 2013 IEEE.
I am continuously supervising students since 2008. I supervised more than 150 Master- and Bachelor theses, 5 PhD theses at Tu Munich, and 6 PhD theses at IMT Atlantique.
I am teaching continuously at universities since 2003. I received multiple awards for my teaching including the 2013 Ernst Otto Fischer teaching award for excellent teaching and the 2020 supervisory award for excellent PhD supervision, both from Technical University of Munich.
Lighthouse activities are:
The conception, creation, and operation of the biggest computer networks and distributed systems hands-on class series in Germany, the iLab, more at https://ilab.ilabxp.com/
The following table gives an overview on my teaching activities:
My major teaching activities besides supervising students.
Current Positions
Full Professor (2019-) Directeur de Recherches Grande Ecole (Technical University) Institut Mines Télécom (IMT) Atlantique (prior Ecole nationale supérieure des télécommunications de Bretagne) / Department SRCD / Chaire Cyber CNI, Rennes, France
Chairholder of the Chaire Cybersecurity for Critical Networked Infrastructures (Cyber CNI) (1/2020-)
– 8 professors
– 1 engineer
– 3 post-docs
– 11 PhDs
– 5industrypartners(Airbus,Amossys,BNPParibas,EDF, Nokia Bell Labs)
Previously Co-Director of the multi-institute research team(UMR6285) LAB-STICC/IRIS (Sécurité et Résilience des Systèmes d’Information) (1/2020-2/2021) – 14 professors – 1 research position – 1 technician – 11 post-docs – 22 PhDs
Member of the Steering Committee of the German-French Academy for the industry of the future (GFA) (2019-)
Coordinator“FutureEducation” of the German-French Academy for the Industry of the Future (GFA) (2017-)
Adjunct Professor, Carleton University, Canada (2019-)
Vice-President, German Chapter of the ACM (2020-)
Previous Academic Position
2014-2020 Head of the IoT Smartspace Research Team at the Chair for Network Architectures and Services at Technical University of Munich, Germany – 5 PhD students and more than 200 Master, Bachelor and Diploma students under my supervision. – ProLehre Media and Didactics / External lecturer
2016-2017 Advisor of the Board of the Munich Center for Internet Research (MCIR), preparation of the transition to the current Bavarian Institute of Digital Transformation (BIDT)
2008-2014 Researcher and Lecturer at the Technical University of Munich
2005 External consultant for the interactive learning DVD “Netzwerktechnik” and Trainer at German “Berufsschulen”
Awards
Supervisory Award for excellent PhD supervision (Technical University of Munich, Germany, 2020)
Ernst Otto Fischer Lehrpreis (outstanding teaching award) (Technical University of Munich, Germany, 2013)
Excellent teaching award (Technical University of Munich, 2018)
Excellent teaching award (Technical University of Munich, 2016)
Excellent teaching award (Technical University of Munich, 2015)
Excellent teaching award (Technical University of Munich, 2014)
Fellowship of the Klaus Tschira Foundation for the Heidel- berg Laureate Forum (2016)
Education
2018 Zertifikat Hochschullehre der Bayerischen Universitäten – Vertiefungsstufe (highest teaching certificate of Bavaria)
2014 PhD (Summa cum Laude), Technical University of Munich, “Distributed Smart Space Orchestration,” Focus on Internet of Things, Advisors: Prof. Dr.-Ing. Georg Carle, Munich; Prof. Gudrun Klinker, PhD, Munich
2008 Diploma (1.0 (best possible grade)), Eberhard Karls Universität Tübingen, “spy360.net — Webcampanoramen bis 360 Grad in HDR,” Focus on Image Processing, Advisors: Prof. Dr. Andreas Schilling, Tübingen; Prof. Dr. Dr. h.c. Wolfgang Straßer, Tübingen
Languages
German (mother tongue): fluent
English (working language): fluent
French (working language): fluent
Latin (“Großes Latinum”)
Memberships
Association for Computing Machinery (ACM)
German Chapter of the ACM (GChACM) – Vice-President (2020-2023; 2 terms)
Institute of Electrical and Electronics Engineers (IEEE) – IEEE-IES Technical Committee on Factory Automation
German Society for Informatics (GI)
Deutscher Hochschullehrerverband (DHV)
Invited Talks
“, “ AI for industry summer school, 2021
Young Security Conference (YSC) 2021
“CollaborativeRemoteSituationalCybersecurityAwareness,” SNCF Cyber Fusion Center, 2021
“A holistic Approach to Cybersecurity, “ New Brunswick Cybersummit, 2021
“When data is the new oil, it is our role to prevent the blowout!, “ AI for industry summer school, 2020
“When COVID-19 brings out the fundamentals of Artificial Intelligence, ” Atos Popup College, 2020
“When Data is the New Oil, Security is the Blowout Preventer, ” IDSA VIRTUAL EXPO “Scaling in Europe with Data Sovereignty – a French Perspective”, 2020
“IoT Smart Environment Research Vision, ” IMT Atlantique Séminaire au Vert, Département SRCD, Carnac, France, 2019 ̈
“Ziemlich beste Freunde? Uber die Vereinbarkeit von Digitaler Transformation und Privatsphäre” (Pretty much best friends? On the compatibility of digital transformation and privacy), German Informatics Society, Munich, Germany, 2019
“Privacy or why should I care? Security and Privacy aspects of Autonomous Driving,” Autonomous Vehicle Safety and Security meetup, Munich, Germany, 2019
“Cross-layer optimization for time- and security-critical IoT applications,” Huawei, San Jose, USA, 2019
“Composing the (Industrial) Internet of Things(IIoT),”Siemens CKI Forum, Munich, Germany, 2019
“Taming the Internet of Things: DS2OS – a secure data- centric service-oriented approach,” Arctic University (Randi Karlson), Tromsø, Norway, 2019
“Securing the Internet of Things – Because it is Your Data!,” Data61/ CSIRO (Ingo Weber), Sydney, Australia, 2018
“The Future of Teaching? How Combining Online and Of- fline Learning can become the Key,” University of Sydney (Ralph Holz), Sydney, Australia, 2018
“Securing the Internet of Things,” keynote at the AdHoc Now conference (Nicolas Montavont), St. Malo, France, 2018
“The iLab Concept – Making Teaching better, at Scale,” Ja- cobs University Bremen (Jürgen Schönwälder), Bremen, Ger- many, 2018
“Smart Space Orchestration – How to make the Internet of Things smart?”, Eurecom (Jérome Härri), Sophia Antipolis, France, 2016
“Datenzentrierte Modulare Gebäudeautomatisierung im Internet der Dinge,” (Datacentric Modular Building Automation in the Internet of Things), keynote at the IT4ENERGY-Workshop 2015 – Dezentrale Energiesysteme in der Gebäude- und Wohnungswirtschaft (Armin Wolf), Berlin, Germany, 2015
“ServiceorientierteArchitektureninBaaS,”(Service-Oriented Architectures in BaaS), keynote at the IT4ENERGY-Workshop 2014 – Gebäudewirtschaft und Energienetze (Thomas Luckenbach), Berlin, Germany, 2014
“The iLab experience – a blended learning hands-on course concept,” keynote at the EU Tempus Event for the Modernisation of Higher Education (Helmut Seidl), Munich, Germany, 2013
Raised Funding
I am constantly mounting projects with a volume for my groups of over 2 000 000 EUR (in overall projects of several 10 MEUR) until 2021. I am experienced in the national and international public and private funding acquisition sectors. From the beginning, I am often in leading roles in projects. The funding covers research and teaching activities.
Project Coordination
2018-2021 BMBF/ Business Finland (DE, FI) Decentralized Cross-commodity Energy Management (DECENT): Overall coordinator DE consortium, PI TUM
2013-2016 BMBF / ITEA (DE, ES, TR) Building as a Service (BaaS): Technical Coordinator, PI TUM
2008-2011 BMBF / CELTIC (DE, FR, SE) Autonomic Home Networking (Authone): Technical Project Lead TUM
Lead author of numerous national and international proposals that unluckily did not get funded.
Community Service
Publication co-chair, ACM/ IEEE/ IFIP Network Operations and Service Managment (NOMS) 2022
Experience Session Co-Chair of the IFIP/IEEE International Symposium on Integrated Network Management (IM) 2021
Workshop Co-Chair ACM/ IEEE/ IFIP Network Operations and Service Managment (NOMS) 2020
Student Travel Grant Chair ACM/ IEEE/ IFIP International Conference on Network and Service Management (CNSM) 2019
Associate Editor ACM International Journal of Network Ma- nagement (IJNM) (2018-)
Guest Editor Special Issue Wiley’s Internet Technology Let- ters (with Michel Barbeau (Carlton University, Canada; Joaquin, IMT Sud Paris, France) 2019
General Co-Chair of the IFIP / IEEE Decentralized Orchestration and Management of Distributed Heterogeneous Things (DOMINOS) Workshop 2018, 2019
TPC Co-Chair Global Information Infrastructure and Net- working Symposium (GIIS) 2019, IEEE International Conference on Ad Hoc Networks and Wireless (Adhoc-Now) 2018
Panel Co-Chair of the IFIP/IEEE International Symposium on Integrated Network Management (IM) 2019
Demo Co-Chair IFIP / IEEE Cloudification of the Internet of Things (CIoT) 2018
Organizer IFIP / IEEE HOT topics in Network and Service Management (HOTNSM) 2019
Organizer IFIP / IEEE Distributed Orchestration and Management of Distributed Heterogeneous Things (DOMINOS) 2018
My review activity
I am in the OC of multiple conferences, mainly in the network service and management community.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok