Heiko Krumm's research while affiliated with Technische Universität Dortmund and other places
What is this page?
This page lists the scientific contributions of an author, who either does not have a ResearchGate profile, or has not yet added these contributions to their profile.
It was automatically created by ResearchGate to create a record of this author's body of work. We create such pages to advance our goal of creating and maintaining the most comprehensive scientific repository possible. In doing so, we process publicly available (personal) data relating to the author as a member of the scientific community.
If you're a ResearchGate member, you can follow this page to keep up with this author's work.
If you are this author, and you don't want us to display this page anymore, please let us know.
It was automatically created by ResearchGate to create a record of this author's body of work. We create such pages to advance our goal of creating and maintaining the most comprehensive scientific repository possible. In doing so, we process publicly available (personal) data relating to the author as a member of the scientific community.
If you're a ResearchGate member, you can follow this page to keep up with this author's work.
If you are this author, and you don't want us to display this page anymore, please let us know.
Publications (89)
In this paper, we present a system that allows patients who require anticoagulation medicine an opportunity to independently manage their dosage concentration with the help of two machine learning algorithms. The basic idea is to predict the next dosage by using a neuronal network and the model predictive control approach, both based on the history...
Long-term survival after left ventricular assist device (LVAD) implantation in heart failure patients is mainly determined by a sophisticated after-care. Ambulatory visits only take place every 12 weeks. In case of life-threatening complications (pump thrombosis, driveline infection) this might lead to delayed diagnosis and delayed intervention. It...
Although regular physical activities reduce mortality and increase quality of life many cardiac patients discontinue training due to lack of motivation, lack of time or having health concerns because of a too high training intensity. Therefore, we developed an exergaming based system to enhance long-term motivation in the context of rehabilitation...
Networked customer devices provide a powerful, flexible and cost-efficient implementation environment for cyber-physical system applications but due to their inherent unreliability can directly support limited dependability only. Since in such an environment non-critical functions can collect, process and prepare comprising data which supports the...
The GlobalSensing system has the aim to supervise (bicycle-) hiking of a group of patients in a cardiologic rehabilitation by taking advantage of user-friendly components. A smartphone application, the patient component, records the vital data and data of the training by using a sensor-broker. These data is transmitted via internet to the group lea...
The RehaWeb system aims at motivating heart patients in rehab with a combination of social networking features, editorial contents as well as mobile support and monitoring. Hikes on selected routes can be planned with RehaWeb community friends. A smartphone application guides the way and collects vitals. All data is transmitted to the RehaWeb serve...
Supported by an automated runtime management system even critical applications, like healthcare applications, can be build upon the interaction with ambient services. They are provided by mobile resource-constrained devices and subject to frequently changing environmental conditions and exceptions. The runtime management has to ensure stable bindin...
In the context of the automated technical management of distributed ambient-assisted-living healthcare systems, we employ high-level policies which describe the abstract requirements of the system from the use cases point of view. At runtime, an efficient low-footprint management system is used which executes low-level management rules of the event...
Security administrators face the challenge of designing, deploying and maintaining a variety of configuration files related to security systems, especially in large-scale networks. These files have heterogeneous syntaxes and follow differing semantic concepts. Nevertheless, they are interdependent due to security services having to cooperate and th...
The following article presents a framework to develop event-based monitoring systems that collect data from an automated transportation system and provide a Human Machine Interface (HMI) with 3D-support. These systems allow to correlate data with the places where it has been collected. Together with 3D models of the technical components, the monito...
Bringing heterogeneous devices like industrial machines, home appliances, and wireless sensors into the Web assumes the usage of well-defined standards and protocols. Our approach combines the Web Service standard for devices DPWS with the embedded system and component management standard OSGi. It implements the specifications of OSGi Remote Servic...
Policy hierarchies and automated policy refinement are powerful approaches to simplify administration of security services
in complex network environments. A crucial issue for the practical use of these approaches is to ensure the validity of the
policy hierarchy, i.e. since the policy sets for the lower levels are automatically derived from the ab...
The CORBA security services support the flexible provision of security features. Their employment, however, has to be tailored
to the assets and threats of a system. We relate the corresponding analysis and design of CORBA systems with traditional security
analysis, risk assessment, and countermeasure planning as it is in the scope of information s...
Intelligent connected devices become a more vital part of our lives. In contrast to prior years, today embedded systems and devices are loosely coupled and cooperate with each other according to changing objectives. Following the service-oriented architectural style, the approach of so called device-based service systems emerges. The challenge is t...
The presented policy-based management system supports autonomous control and adaptation of a distributed system according to changing conditions and requirements by means of event-condition-action (ECA) rules. Furthermore, it supports policy-aware application programming. Application components can request evaluations of policy expressions and deci...
Although networked embedded devices (NED) and service-oriented architectures (SOA) are often proclaimed as next generation technologies in industrial automation, there are some steps to take before they can be widely adopted. At the moment, productive systems are not SOA-ready and that is why integration approaches are interesting for manufacturers...
The OSGi Alliance defines an open, modular, and scalable service delivery platform. The DPWS specification standardizes the process of consuming and exposing Web services in a lightweight footprint. In our work, we provide a solution for the mutual integration of OSGi and DPWS. The approach adopts the mechanisms of distributed object systems. It em...
Ziel des europäischen ITEA2-Projekts OSAMI Commons ist die Entwick- lung einer Service-orientierten Komponentenplattform zur Realisierung adaptiver und gütegesicherter Dienstesysteme. Die Anwendungsdomäne des deutschen Teilprojekts ist die kardiologische Rehabilitation. Diese Domäne stellt hohe Anforderungen an Interoperabilität, Zuverlässigkeit, D...
An experimental study shows the feasibility of service-oriented architectures for industrial automation and control systems even with respect to lower, real-time dependent control functions. For that purpose, general SOA-guidelines were refined in order to cover the distribution of control functions between services and the lay-out and management o...
The security mechanisms employed in current networked environments are increasingly complex, and their configuration management has an important role for the protection of these environments. Especially in large scale networks, security administrators are faced with the challenge of designing, deploying, maintaining and monitoring a huge number of...
The usage of the Service Oriented Architecture (SOA) paradigm currently changes the view on many enterprise applications. SOA allows the creation of modular and clearly defined software archi-tectures that ensure a high grade of interoperability and reusability. As even small, resource-constraint networked devices get more and more powerful it is c...
Through the past years, several digital rights man-agement (DRM) solutions for controlled dissemination of dig-ital information have been developed using cryptography and other technologies. Within so many different solutions, however, interoperability problems arise, which increase the interest on integrated design and management of these technolo...
Service-orientation supports the construction of flexible and comprehensive industrial applications. The growing scale and complexity of the applications, however, demand for enhanced self-management functions providing efficient self-adaptation and repair mechanisms. We propose the approach of policy-controlled self-management which has been devel...
The automatic integration of devices into dynamic, automatically configured networks alone does not take advantage of the entire potential of service oriented architectures (SOA). Using service management, independent services can be directed to perform meta tasks in a SOA network. In this paper we describe and evaluate the service management tool...
Currently institutions and individuals more and more depend on secure and reliable operation of information systems, while comprehensive intranets and connections to the growing internet increase the vulnerability of the systems. Therefore modern computer networks require special protection against attacks. Several protection mechanisms and securit...
The paradigm of service oriented architectures spreads throughout the domain of business software and enterprise networks. With the proposal of the device profile for Web-services also small, less powerful embedded devices should be able to interact with services of the network infrastructure they are connected to. New challenges arise when it come...
The security mechanisms employed in today's networked en- vironments are increasingly complex and their configuration manage- ment has an important role for the protection of these environments. Especially in large scale networks, security administrators are faced with the challenge of designing, deploying, maintaining, and monitoring a huge number...
Attacks on computer networks are moving away from simple vulner- ability exploits. More sophisticated attack types combine and depend on aspects on multiple levels (e.g. protocol and network level). Furthermore attacker actions, regular protocol execution steps, and administrator actions may be in- terleaved. Analysis based on human reasoning and s...
As the use of computers and data communication technologies spreads, network security systems are becoming increasingly complex,
due to the incorporation of a variety of mechanisms necessary to fulfil the protection requirements of the upcoming scenarios.
The integrated design and management of different security technologies and mechanisms are thu...
The management of distributed and embedded service systems is a complex task as the services are exposed to changing environments which have to be reflected by the services' configurations. These configurations are commonly based on abstract management policies. Embedded devices usually lack the resources to perform the necessary computations to de...
Vortrag der GI-Jahrestagung: Sicherheit in komplexen, vernetzten Umgebungen, Workshop im Rahmen der Jahrestagung 2005 der Gesellschaft für Informatik Informatik LIVE!, 19. - 22. September 2005 in Bonn, Deutschland
Advanced attack sequences combine different kinds of steps (e.g. attacker, protocol, and administration steps) on multiple networked systems. We propose a SPIN based approach for formal modeling and analysis of such scenarios. Our approach is especially suited for scenarios were protocol and network level aspects matter simultaneously. Typical atta...
Os mecanismos de segurança empregados em ambientes de redes atuais são de crescente complexidade e o gerenciamento de suas configurações adquire, portanto, um papel fundamental para proteção desses ambientes. Particularmente em redes de computadores de larga escala, os administradores de segurança vêem-se confrontados com o desafio de projetar, imp...
The management of distributed service systems is a com- plex task as changes in the system and the environment may induce reconguration tasks to be handled. In this pa- per, we deal with the automated reconguration of service- oriented, embedded systems. Depending on the environ- ment such a system encounters, some of the services may need to be re...
In today's network environments the integrated design and management of different security technologies and mechanisms are of great interest. Especially in large networks, the security management should be supported by approaches with an appropriate level of abstraction, such that a system can be considered independently of the complex configuratio...
Formale Modellierung und Analyse von netzwerkbasierten Angriffen erm?glichen tieferes Verst?ndnis von Angriffsfolgen sind jedoch meist so kom-plex, dass die Modellierung sehr aufw?ndig und eine Analyse mit autom. Werk-zeugen aufgrund der Gr??e des Zustandsraumes unm?glich ist. Wir stellen einen Ansatz vor, der Modelle für praxisrelevante Angriffe u...
In contrast to traditional software, component-structured systems are developed by combining independently obtained software components. This technology promises an easier reuse of software building blocks and, in consequence, a significant reduction of the efforts and costs to produce software applications. On the other side, component-structured...
Since many security incidents of networked computing infrastructures arise from inadequate technical management actions, we aim at a method support- ing the formal analysis of those implications which administration activities may have towards system security. We apply the specification language cTLA which supports the modular description of proces...
Distributed embedded applications increasingly operate in changing environments where the application security depends on the type and properties of the currently used communication services and employed devices. While vulnerabilities, threats, and available security function processing power are changing, the applications, however, should automati...
Die Entwicklung komponentenstrukturierter E-Commerce-Software ist kostengünstig und schnell, da man die Systeme recht einfach aus wiederverwendbaren Softwarekomponenten zusammensetzt. Allerdings führt diese Entwurfsmethode zu einer neuen Art an Problemen für die Datensicherheit dieser Systeme. Insbesondere besteht die Gefahr, dass eine bösartige Ko...
This report describes the formal specification language c TLA in its 2003 version which can be translated into the language PROMELA of the well-known auto- mated verification tool SPIN. The report describes the semantical background, the semantics, and the syntax of cTLA. cTLA is based on Leslie Lamport's Temporal Logic of Actions. In contrary to L...
Software component technology supports the cost-e#ective development of e-commerce applications but also introduces special security problems. In particular, a malicious component is a threat to any application incorporating it. Therefore wrappers are of interest which control the behavior of components at run-time and enforce the application's sec...
Formal description techniques, verification methods, and their tool-based automated application meanwhile provide valuable support for the formal analysis of communication protocol designs. Never- theless the practical analysis of modern protocols still requires relatively great efforts and therefore many protocol developments do not employ formal...
The design of suitable configurations for virtual private networks (VPNs) is usually difficult and error-prone. The abstract objectives of design are given by high level policies representing various requirements and the designers are often faced with conflicting requirements. Moreover, it is difficult to find a suitable mapping of high level polic...
Presently, many communication protocols are under development which are tailored to the efficient high-speed data transfer meeting different application-specific requirements. Our approach concentrates on a framework which facilitates the formal verification of the protocols. The framework supplies verified and re-usable implications between predef...
The Unified Modeling Language UML is well-suited for the design of real-time systems. In particular, the design of dynamic system behaviors is supported by interaction diagrams and statecharts. Real-time aspects of behaviors can be described by time constraints. The semantics of the UML, however, is non-formal. In order to enable formal design veri...
Transfer protocols are composed from basic protocol mechanisms and accordingly a complex protocol can be verified by a series of relatively simple mechanism proofs. Our approach applies L. Lamport's Temporal Logic of Actions (TLA). It is based on a modular compositional TLAstyle and supports the analysis of flexibly configured high-speed transfer p...
cTLA+ is a compositional specification and verification technique which is based on Leslie Lamport's Temporal Logic of Actions TLA. cTLA+ supports modular process type definitions and the composition of processes to systems. Processes can model components of an implementation. Moreover, they can represent modular logical constraints. Constraint-ori...
In order to support formally correctness preserving refinement steps of objectoriented system designs, we refer at one hand to the practically well-accepted Unified Modelling Language (UML) and at the other hand to L. Lamport's Temporal Logic of Actions (TLA) which supports concise and precise notions of properties of dynamic behaviours and corresp...
: In addition to static structures, the Unified Modelling Language UML supports the specification of dynamic properties by means of state charts and interaction diagrams. Each diagram, however, only reflects partial aspects of the system. A common behavior model is lacking while it is necessary to relate the diagrams with each other and to enable t...
Hybrid systems like computer-controlled chemical plants are typical safety critical distributed systems. In present practice, the safety of hybrid systems is guaranteed by hazard analysis which is performed according to procedures (e.g., HazOp) where experts discuss a series of informal argumentations. Each argumentation considers a specific requir...
Software component technology on the one hand supports the cost-effective development of specialized applications. On the other hand, however it introduces special security problems. Some major problems can be solved by the automated run-time enforcement of security policies. Each component is controlled by a wrapper which monitors the component's...
The design of suitable packet-filters protecting subnets against network-based attacks is usually difficult and error-prone. Therefore, tool-assistance shall facilitate the design task and shall contribute to the correctness of the filters, i.e., the filters should be consistent with the other security mechanisms of the computer network, in particu...
In order to support education in distributed system fundamentals and to elucidate the function of distributed algorithms and protocols, we apply animations of formal models which concentrate on the mediation of aspects of the dynamic system behavior. For this purpose we adapted and extended approaches and tools supporting the animation of sequentia...
This paper presents two different approaches to the problem of formally verifying the correctness of control systems which consist of a logic controller and a continuous plant and, thus, constitute a hybrid system. One approach aims at algorithmic verification and combines Condition/Event Systems with Timed Automata. The first framework is used to...
The notion of specification frameworks transposes the framework approach from software development to the level of formal modeling and analysis. A specification framework is devoted to a special application domain. It supplies re-usable specification modules and guides the construction of specifications. Moreover, it provides theorems to be used as...
The integration of efficient implementation techniques, which have been proven in manual coding, into FDT compilers is difficult due to semantic constraints of the FDTs and the lack of language means to flexibly adapt to a given implementa- tion context. In this paper, we discuss ways to improve the efficiency of automated protocol implementations...
We develop a framework supporting the formal hazard analysis of
chemical plants. It provides generic specification modules for the
description of safety properties, specification modules for the
description of plant models, and theorems stating that certain subsystem
structures of the plant model imply certain safety properties. Using the
framework...
The backup of large data sets is preferably performed automatically outside of regular working hours. In highly structured computer networks, how- ever, faults and exceptions may relatively frequently occur resulting in unsuc- cessful subprocesses. Therefore automated fault and configuration management is of interest. We report on a corresponding m...
A user-defined telecooperation service (UTS) provides service elements for application-specific communication and cooperation processes as well as integrated means for the service definition, adaptation, and management. It supports user groups with particular communication, cooperation, and coordination needs which may change over time and which ma...
Currently the approach of component-oriented software development is in discussion. It aims to the cost-effective construction of flexible applications from megamodules. We report on an application of this approach to the configuration management of networks. A corresponding component framework was developed and encouraging experiences from applica...
In addition to static structures, the Unified Modelling Language UML supports the specification of dynamic properties by means of state charts and interaction diagrams. Each diagram, however, only reflects partial aspects of the system. A common behavior model is lacking while it is necessary to relate the diagrams with each other and to enable the...
The transfer protocol framework supports the formal specification and verification of data transfer protocols. It consists of generic specification modules and theorems. Compositions of specification module instances result in well-structured specifications which describe a protocol, the medium used, and the service provided by means of TLA formula...
Many modern chemical plants have to be modelled as complex hybrid
systems consisting of various continuous and event-discrete components.
Besides the modular and easy to read specification, the formal
verification of required properties (e.g., safety properties) is a major
problem, due to the complexity of the models. In practice, mostly
informal a...
to be presented at: H. Konig, K. Geihs (Eds.): IFIP WG 6.1 International Working Conference on Distributed Applications and Interoperable Systems (DAIS 97), Cottbus, Germany, Sep/Oct 1997 Chapman & Hall, 1997 Design patterns are well-known in the field of general software engineering. Informal patterns represent principles of proven designs and enc...
Workflow management systems/business process management systems (BPMS) provide for an integral support of computer-based information processing, personal activities, business procedures and their relationships to organizational structures. They support the modeling and analysis of so-called business processes and offer means for the application-nea...
The design tool cTc has been developed to support the construction and refinement of formal specifications of distributed software systems. It concentrates on the design by stepwise refinement, where refinement steps correspond to the integration of predefined process patterns. cTc processes modules written in the compositional TLA specification st...
Presently, many communication protocols are under development which are tailored tothe efficient high-speed data transfer meeting different application-specific requirements.Our approach concentrates on a framework which facilitates the formal verification of theprotocols. The framework supplies verified and re-usable implications between predefine...
TLA is an action-based linear-time temporal logic and supports the specification and verification of concurrent systems. In general, verification is equivalent to the logical proof of implications between temporal formulas, which can be reduced to a set of predicate logic proofs. In this context our approach aims to the automation of verification p...
requirement specifications concern traces of system behaviour, environment assumptions, and components' interfaces expressed by predicate logic formulas. At the more detailed design specifications the behaviour of independent components (agents), connected by message queues, are expressed by stream-processing functions. The implementation is perfor...
Major steps of the design of distributed applications correspond to the integration of predefined patterns. To support such design steps, a concept for refinement by pattern composition is introduced which applies formal process composition and provides functions for the tool assisted construction and modification of specifications. The approach is...
In order to support the practical application of formal verification, a fully-automated verification tool has been developed which is used for the design of communication systems and distributed applications. The tool refers to the concept of Refinement Mappings, which state correspondences between specifications of more abstract and more detailed...
Composition of high-speed protocols from basic protocol mechanisms can help to realize the flexible application-specific selection of protocols. For the purpose of formal specification, functional modelling, analysis, and verification of composed protocols we apply L. Lamport's Temporal Logic of Actions (TLA). We propose a modular and compositional...
Because of the increasing complexity of distributed applications methods are of interest which assure product quality and enhance developer's productivity. Our approach centers on the utilization of formal modelling techniques for the design of open applications the components of which interact via standardized ISO/OSI communication services. In ad...
As the use of computers and data communication technologies spre- ads, network security systems are becoming increasingly complex, due to the incorporation of a variety of mechanisms necessary to full the protection re- quirements of the upcoming scenarios. The integrated design and management of different security technologies and mechanisms are t...
Modulare Speziikationen hybrider Systeme modellieren h auug sehr direkt die Ressourcen der realen Systeme als Komponenten und die Verbin-dungen dazwischen als Kopplung. Wir pl adieren hier daf ur, reale Systeme zu Veriikations-und Analysezwecken zus atzlich auch in anderer Struktur zu mo-dellieren, n amlich als Verbund einzelner Constraints zu im S...
Citations
... Another system used two machine learning algorithms to predict the doses. 9 The usefulness of such systems have been tested with mixed method approach 10 and education status of the patient was found to be one of the predictive factors. 11 Our idea was to develop a very simple algorithm which can be used by patients through simple mobile phone interface. ...
... There is a paucity of reports on how these patients can be managed from afar. 7 Transitioning these patients to virtual care models has proven to be a challenge for the advanced HF community due to the more severe underlying HF condition. Moreover, these patients will wait longer for heart transplant, as programmes remain suspended for all but the highest risk patients. ...