Reflections

The entry into the Secure Systems Architecture module took place via a wide-ranging examination of Operating Systems and their historical development, as well as the trend from monolithic systems to distributed systems and Service-Oriented Architecture with a focus on micro services. Furthermore, a modelling tool was learned, with which Attack-Defence Trees can be designed and quantitatively examined and evaluated, and first steps towards the use of OS containers were taken. On the one hand, the recapitulation of OS and its architecture has clarified which processes in the past contributed to how today's OS is structured and functions. On the other hand, the examination of the historical course also offers the possibility of being able to forecast future developments. The incipient networking of everyday devices, the IoT, is just the beginning of an Internet sector that will continue to develop rapidly in the future, but also of cyber security (Shafique et al., 2021). The associated infrastructural requirements with regard to the Internet lead to new developments and embeddings in prevailing structures, such as faster transmissions through 5G, shorter communication routes and thus shorter latencies through Fog Computing and more agile software structures and components through micro services. It is interesting to see that all of these processes are intertwined and are dependent on the respective development and in some cases represent necessary prerequisites. These development processes are exciting to follow, especially from the perspective of sustainability and in the context of the increasing energy demand of the Internet in the coming years and it is to be expected that in the near future an increasing dynamic in developments in this context can be observed. With the modelling tool 'AD Tool' of the Université of Luxembourg (N.D.) Attack-Defence Trees can be designed, which enable quantitative assessments. This is a particularly useful tool in the context of Risk Management, as it can be used to illustrate reduction strategies and measures within the framework of cyber security. Although the open source tool offers useful functions and is comparatively easy to use, it also has technical limitations, as only a very limited number of quantitative investigation methods are offered and errors in applications were found in my own tests. Nevertheless, working with the tool was very informative and offers the opportunity to develop my own ideas for future modelling, so that a gain in knowledge can be recorded. In addition, initial experiences with an OS container were made in the unit. This was Docker (N.D.), which offers containers in which programs can be developed independently of the OS and thus offers compatibility, but also promotes cooperation in collaborating teams. Initial knowledge about the functions and applications of Docker has been learned, but in the further course Docker must be dealt with in depth in order to be able to use the full potential behind the application.

• Shafique, K., Khawaja, B. A., Sabir, F., Quazi, S. & Mustaqim, M. (2020) Internet of Things (IoT) for Next-Generation Smart Systems: A Review of Current Challenges, Future Trends and Prospects for Emerging 5G-IoT Scenarios. IEEE. 8: 23022-23040. Available from: https://ieeexplore.ieee.org/abstract/document/8972389 [Accessed 08 May 2022].
• Univeristé du Luxembourg (N.D.) AD Tool. Available from: https://satoss.uni.lu/members/piotr/adtool/ [Accessed 06 May2022].
• Docker (N.D.) Use containers to Build, Share and Run your applications. Available from: https://www.docker.com/resources/what-container/ [Accessed 08 May 2022].

The subject of this unit was the handling of tools with which AD trees can be designed. A presentation of the AD tool from the previous unit was presented during the seminar. Furthermore, the change from monolithic systems to distributed micro services was discussed and the steps required for this were examined. In addition, sockets have been implemented in Python, which allow client processes to communicate with the server. During the seminar, the functions and applications of the AD tool of the Université du Luxembourg (N.D) were discussed. Although I have already acquired the presented application possibilities in the previous unit, it was interesting to see what challenges other module participants were confronted with and I was able to validate my findings in relation to limited application possibilities and faulty graphics that arose in some cases. The historical process from monolithic systems to distributed micro service systems, as well as the investigation of the advantages and disadvantages that go hand in hand with it was interesting, since the literature often only notes the advantages of distributed systems. A particularly thought-provoking aspect was the argument that micro services outsourced the security aspects to a certain form to third parties and thus created a new industry. The advantages in terms of development speed and simplicity can therefore also be attributed to the lack of the security-related processes. Regardless of how far this argument applies in individual situations or not, this shows that avoidable advantages of development process structures are also accompanied by disadvantages that are overlooked at first glance, which may put the highlighted advantages into perspective. First insights into programming API by implementing sockets in Python showed me how a basic digital infrastructure in smart homes can be done. These initial insights form the basis for further personal development in the future. While the exercise was relatively simple and superficial, the knowledge gained can now be used in the further course through practical application examples to develop further insights and skills.

• Univeristé du Luxembourg (N.D.) AD Tool. Available from: https://satoss.uni.lu/members/piotr/adtool/ [Accessed 14 May 2022].

The aim of this unit was to understand the core objectives of implementing secure mechanisms to support communications in distributed systems, including confidentiality, integrity and availability. Furthermore, the first assessment was submitted in the unit, so that a first reflection on the teamwork can be made. It was interesting to get an overview of the security mechanism in OS. The principles of Saltzer and Schröder (1975) were of great value here, as they provide general guidelines on the basis of which computer systems and their protection can be developed. Following on from this, the SDLC of the DevOps and ITIL service lifecycle were a good connection, since the examples could be used to clarify how the principles can be integrated into a development process in order to lead to the most secure end product possible. Furthermore, knowledge already acquired was refreshed, such as public key encryption. The unit was able to combine knowledge already acquired with the new aspects and requirements of Operating and Distributed System Security in order to train and promote personal skills in this area. Another central part of the unit was the design document, which was the first assessment of the module. In addition to the content-related knowledge and skills, which were acquired by analysing the vulnerabilities and mitigation approaches of smart home components and creating an AD tree, some insights were also gained in relation to teamwork. In retrospect, some wrong decisions regarding the cooperation in the team could be determined, which hindered the development process. The team decided to split up the individual stages of the project in order to have responsibilities in certain areas, which should lead to a clear assignment of tasks. However, this significantly slowed down the development process, since only a few people felt responsible for parts of the document and it therefore took a long time for individual sections to be completed. Since the sections in this document build on each other, the decision to divide the work in this way meant that the development process came to a standstill and in the meantime we had to wait for other team members and their contributions in order to be able to continue working. This was also made more difficult because there were different ideas about the scope and depth of the work, as well as academic standards, so that parts of the work were rated as insufficient for the final product in my opinion. Due to the time limit for submitting the assessment and the discrepancy in terms of the presentation of the final product, the decision was made to take the lead in a small team and to design the design document completely ourselves. It must be noted that I see the reason for this development in the way in which tasks are distributed. By assigning responsibilities, each person took care of the issue at hand, but did not have the whole product in mind. This led to incompleteness of the individual areas and to incompatibility. Since the assignment also meant that everyone only felt responsible for the assigned topic, it was difficult to encourage individuals to participate after submitting their work, as they assumed that they had done their part of the work and thus have fulfilled their part of the responsibility. A better approach for this processing of the assessment might have been the Scrum from the Agile SDLC, since all team members would have participated in every stage of the development and therefore would have been a better understanding of the final product and the associated focus. These experiences can be taken into the next teamwork in order to perform better in the team in the future and thus be able to work more effectively in the team.

• Saltzer, J. & Schroeder, M. (1975) The Protection of Information in Computer Systems. Proceedings of the IEEE 63(9): 1278-1308. Available from: https://ieeexplore.ieee.org/document/1451869 [Accessed 20 May 2022].

In this unit a producer-consumer implementation in Python was created. The transformation process from monolithic systems to microservices was examined, as well as the problems associated with distributed systems and models and representations to support system developments were considered. The first discussion of producer-consumer implementations in Python gave me insights into the practical programming of these systems and gave me an understanding of the general communication process. This represents the basis for the creation of a code expected in the next assessment, which is intended to represent a secure smart home network. The first work with the programming of such structures in Python showed me that a lot of effort has to be made on my part to acquire these skills and to be able to create the best possible end product in a team. It also showed me what options there are for securing such networks, be it through protocols, encryption or practical considerations such as power consumption and transmission rates. When examining transformation processes from monolithic systems to microservices, I noticed that well-considered considerations have to be made in order to carry out such a transformation. Since this change often takes place while the system is running and therefore an interruption or malfunction cannot be tolerated, good decisions are required as to how quickly and to what extent a change should take place. It was particularly interesting for me to see that recommendations such as the glue code, which can be used to implement microservices in existing systems, also have opposite recommendations and point out the dangers of influencing the stability of a system when using glue code (Jin et al., 2021; Washizaki et al., 2020). The consideration of models in the context of system development was a logical step to expand the existing knowledge of Unified Modelling Language (UML). While UML can be used for program development and particular advantages can be found in the clear representation of complex programs, there is a representation convention based on the language for system development called System Modelling Language (SysML). Highlighting the similarities and differences helped me gain a critical perspective on both languages. The dominant finding here is that within the framework of the large number of display options (14 through UML alone and 9 through SysML) the choice of the right display in the contextual framework is of decisive importance in order to be able to present the information to be conveyed as simply as possible to external persons. In the future, further training with UML and SysML must be carried out in order to be able to use the full potential of both modelling languages.

• Jin, Z., Zhu, Y., Zhu, J., Yu, D., Li, C., Chen, R., ... & Xu, Y. (2021) Lessons learned from migrating complex stateful applications onto serverless platforms. Proceedings of the 12th ACM SIGOPS Asia-Pacific Workshop on Systems 89-96. Available from: https://dl.acm.org/doi/abs/10.1145/3476886.3477510 [Accessed 25 May 2022].
• Washizaki, H., Uchida, H., Khomh, F., & Guéhéneuc, Y. G. (2020) Machine learning architecture and design patterns. IEEE Softw. 8: 1-8. Available from: http://www.washi.cs.waseda.ac.jp/wp-content/uploads/2019/12/IEEE_Software_19__ML_Patterns.pdf [Accessed 25 May 2022].

The subject of this unit was to get an overview of the challenges of secure OS and distributed systems. Current approaches to supporting distributed networks were examined and an overview of future developments was created. In addition, the team worked intensively on the processing of the coding project. While the dominant Internet for widespread end-user use is dominated by an Internet protocol, TCP/IPv4 or TCP/IPv6, the use in relation to IoT and IoE shows a range of protocols, which have advantages and disadvantages depending on the application areas bring. Some of these are for example ZigBee, BlueToothLE, RFID, NFC, SigFox, Cellular and Z-Wave. All of these IoT communication protocols are designed for different areas of application. For example, ZigBee and Z-Wave are primarily suitable for smart homes, but not for data transmission over longer distances. SigFox and Cellular, on the other hand, enable communication over several kilometers (Al-Sarawi et al., 2017). This is an interesting finding, as it contrasts with the otherwise dominant Internet protocol TCP/IP and illustrates that new solutions must be implemented at various levels with the advent of the IoT. This can also be transferred to distributed systems and OS. Since IoT devices require good compatibility, OSs such as TinyOS or MBed OS are being developed that meet these requirements (AlDossary et al., 2022). Another central aspect of this unit was the teamwork that took place as part of the coding project. In addition to the technical skills that were acquired, the progress in terms of teamwork and the participation of the individual team members should be emphasized. While in my view organisational mistakes were made during the development of the design document, which had a significant negative impact on time management in the team, these mistakes were avoided in the current project. Tasks were processed structurally and hierarchically together, resulting in better progress. The current processing strategy can be compared to the Agile Scrum approach (Subih et al., 2019). This enabled better time management, which can be confirmed by the progress of the project and the remaining time. The communication culture in the team has also improved, since each team member feels responsible for the progress of the individual milestones and thus actively participates in the individual development processes. It can therefore be assumed that the mistakes made in the last project had a positive influence on the team competence of each team member.

• Al-Sarawi, S., Anbar, M., Alieyan, K. & Alzubaidi, M. (2017)Internet of Things (IoT) communication protocols: Review. International Conference on Information Technology. 685-690. Available from: https://0-ieeexplore-ieee-org.serlib0.essex.ac.uk/document/8079928 [Accessed 03 June 2022].
• AlDossary, N., AlQahtani, S., & AlUbaidan, H. (2022) A Survey on Resource Management and Security Issues in IoT Operating Systems. International Conference of Women in Data Science at Prince Sultan University. 26-30. Available from: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9764840 [Accessed 04 June 2022].
• Subih, M. A., Malik, B. H., Mazhar, I., Yousaf, A., Sabir, M. U., Wakeel, T. & Nawaz, H. (2019) Comparison of agile method and scrum method with software quality affecting factors. International Journal of Advanced Computer Science and Applications. 10(5): 531-535. Available from: https://pdfs.semanticscholar.org/3ed8/4e552137101ac7d3c2c02bb9860b6ddebb6b.pdf [Accessed 04 June 2022].

At the conclusion of the Secure System Architecture module, it was debated whether formal modelling is the best way to ensure that systems are secure by design. Furthermore, future trends in distributed systems were examined by me and possible applications, but also challenges, based on Agriculture 4.0. The coding project for a smart home simulation was also completed. During the seminar, the question was discussed whether modelling is the best option for realizing system security by design. The debate of the pros and cons arguments was very interesting and it was found in the course of the discussion that this thesis cannot be unequivocally confirmed or refuted. Modelling provides a good basis for structuring and can be of great benefit in the development process of secure systems. However, potential disadvantages were also listed which can have a negative impact. The reflected presentation of the pro modelling group can be mentioned as particularly profitable, which, in addition to the listed advantages, also showed limitations. In a final vote, it was agreed that modelling by design can contribute to the development of secure systems, but cannot be seen as a general solution. Since there was a misunderstanding on my part about the final debate of the seminar, I also dealt extensively with future trends in distributed systems (see Future Trends of Distributed Systems in Artefacts). However, this additional effort was of great interest to me, so that I can describe this analysis as anything but pointless. In the course of my investigations, an interesting and important future sector caught my eye, Agriculture 4.0. By 2050, the need for food is projected to increase by 70%, posing a major challenge in terms of global population and nutrition (Debauche et al., 2021). Since large parts of the usable agricultural land are already in use and the climatic change is already making the first impacts on food production discernible and an increase in change can be assessed as very likely, the change in agriculture represents an important task for the food industry. Agriculture 4.0 or Smart Farming can help to save space and resources by cultivating crops in order to maximize the yield and at the same time to grow food with limited resources, such as water. Through IoT, water management, plant diseases, crop management and livestock can be analysed in order to use the available usable areas as effectively as possible. The challenges here are the internet availability in remote regions, as well as the amount of data. Although this change has only just picked up speed and is associated with some challenges, ways of Agriculture 5.0 are already being discussed. These are composed of robot integrations in cultivation processes and machine learning in order to be able to counteract the falling number of farmers with the increasing demand for food (Martos et al., 2021). This consideration has shown me how versatile development efforts of systems and smart networks can be and at the same time can be of fundamental importance for society. At the end of the coding project, the project can be rated as profitable in terms of gaining knowledge and increasing skills. By simulating the smart home, threats could be highlighted and mitigation approaches developed, which showed me how it is practically possible to design secure smart home systems and what technical options are available for this. But the teamwork and the insights that I gained from this should also be emphasized, which were explicitly analysed and discussed in the Individual Reflective Piece.

• Debauche, O., Mahoudi, S. Manneback, P. & Lebau, F. (2021) Cloud and distributed architectures for data management in agriculture 4.0: Review and future trends. Journal of King Saud University. Available from: https://www.sciencedirect.com/science/article/pii/S1319157821002664 [Accessed 05 June 2022].
• Martos, V., Ahmad, A., Cartujo, P. & Ordonez, J. (2021) Ensuring agricultural sustainability through remote sensing in the era of agriculture 5.0. Applied Sciences. 11(13):5911. Available from: https://www.mdpi.com/2076-3417/11/13/5911 [Accessed 06 June 2022].

A central part of the Secure Systems Architecture module was teamwork and the associated process planning and project management. Since I believe that my team made wrong decisions in this context, these are reflected in the following. Working in a team makes it possible to distribute and coordinate tasks in order to achieve faster development on the one hand and a better end product on the other (Lindsjørn et al., 2016). However, this requires a product-oriented planning of the development process so that the team can participate effectively with each other (Moe, 2013). From my point of view, organisational mistakes were made, especially with regard to the Design Document, which had a negative impact on the development process. The team decided to divide the work into development processes instead of subdividing the tasks in each development process. The idea behind the decision was to create areas of responsibility that clearly assign team members their tasks. Such a distribution of responsibilities can make sense, especially in complex and long-term projects in which the respective sub-projects are self-contained and independent (Komi‐Sirviö & Tihinen, 2005). In our case, however, the individual areas of responsibility build on one another and had to be viewed in a direct interconnected context. The decision we made meant that individual people worked on the respective their tasks while the others waited for the product. Since this took a considerable amount of time, it had a negative impact on time management of the project. The task areas were also processed independently of the linking context, so that vulnerabilities and mitigations, for example, were not optimally coordinated. At a late stage of the project, I realized that the contributions of individual team members did not meet my personal standards, so that they had to be revised and supplemented with the help of other team members (Reflection Unit 3, Appendix). Due to this experience in terms of teamwork, I was able to learn a lot for the next assessment as well as my professional future in the context of software and system development processes, but also beyond (Reflection Unit 5, Appendix). Wrong structural decisions were made that could have simply been avoided. With regard to the SDLC, there have long been structures, such as the Waterfall approach, which provide development teams with guidelines that can also be used in other areas (Bassil, 2012; Sen & Sinha, 2005). If our team had followed this approach, there would probably have been better a time management. By using an Agile project management approach, the quality could have been significantly increased, since the individual aspects could have been better linked (Bergmann & Karwoski, 2018). The knowledge gained shows me that my personal team management and project management must be continuously developed in order to fully exploit the potential of teamwork, but also to be able to positively influence development processes with my expertise in a professional context. In order to achieve this, further practical projects must be carried out, but also further theoretical approaches must be learned and analysed. A good start for this is offered by the Agile Alliance, which regularly organise events and seminars to promote software development processes and teamwork (Agile Alliance, N.D.). In addition, team management seminars are offered, which aim to further develop personal team skills, but also management skills.

• Agile Alliance (N.D.) Member Initiatives. Available from: https://www.agilealliance.org/resources/initiatives/ [Accessed 11 June 2022].
• Bassil, Y. (2012) A simulation model for the waterfall software development life cycle. International Journal of Engineering & Technology. 2(5): 1-7. Available from: https://arxiv.org/ftp/arxiv/papers/1205/1205.6904.pdf [Accessed 10 June 2022].
• Bergmann, T., & Karwowski, W. (2018) Agile project management and project success: A literature review. International Conference on Applied Human Factors and Ergonomics. 405-414. Available from: https://link.springer.com/chapter/10.1007/978-3-319-94709-9_39 [Accessed 11 June 2022].
• Komi‐Sirviö, S., & Tihinen, M. (2005) Lessons learned by participants of distributed software development. Knowledge and Process Management. 12(2): 108-122. Available from: https://onlinelibrary.wiley.com/doi/epdf/10.1002/kpm.225?saml_referrer [Accessed 11 June 2022].
• Lindsjørn, Y., Sjøberg, D. I., Dingsøyr, T., Bergersen, G. R., & Dybå, T. (2016) Teamwork quality and project success in software development: A survey of agile development teams. Journal of Systems and Software. 122: 274-286. Available from: https://www.sciencedirect.com/science/article/pii/S016412121630187X [Accessed 09 June 2022].
• Moe, N. B. (2013) Key challenges of improving agile teamwork. International conference on agile software development.149: 76-90. Available from: https://link.springer.com/chapter/10.1007/978-3-642-38314-4_6 [Accessed 10 June 2022].
• Sen, A., & Sinha, A. P. (2005) A comparison of data warehousing methodologies. Communications of the ACM. 48(3): 79-84. Available from: https://dl.acm.org/doi/fullHtml/10.1145/1047671.1047673 [Accessed 11 June 2022].