The IoT enables using smart devices, like smart-watches, smart wristbands, and smartphones, to provide cost-effective services for humans, for example, for low-cost monitoring schemes in the health-care sector to provide early diagnosis of diseases. From a security and privacy perspective, the IoT could be described as a hopeless case since all prevention aspects of security (confidentiality, integrity, and availability) are inherently weak and unwanted tracking and monitoring throws the doors wide open to privacy attacks. To provide secure IoT solutions, modeling and analysis needs to be integrated in the planning and validation of application scenarios and smart-device architectures to address burning security issues like unintentional or intentional insider attacks. The more so, we need to look at how to represent humans and the ways they interact with systems, and make security risks understandable for humans and secure IoT solutions accessible.

Project start date October 2016
Duration 36 Months
Coordination Middlesex University of London



Middlesex University, UK

Inria, France

University of Grenoble Alpes, France

University of Twente, the Netherlands


The software developed in the SUCCESS project is open source available at


S. Schivo, B.M. Yildiz, E. Ruijters, C. Gerking, R. Kumar, S. Dziwok, A. Rensink, M. Stoelinga. How to Efficiently Build a Front-End Tool for UPPAAL: A Model-Driven Approach. 3rd Symposium on Dependable Software Engineering (SETTA 2017). D10.1007/978-3-319-69483-2_19

E. Ruijters, D. Reijsbergen, P-T. de Boer, M. Stoelinga. Rare Event Simulation for Dynamic Fault Trees. 36th International Conference on Computer Safety, Reliability, and Security (SAFECOMP 2017). DOI: 10.1007/978-3-319-66266-4_2 M. Gerhold,

M. Stoelinga. Model-Based Testing of Probabilistic Systems with Stochastic Time. 11th International Conference on Tests and Proofs (TAP 2017). DOI: 10.1007/978-3-319-61467-0_5 F. Kammüller. Formal Modeling and Analysis with Humans in Infrastructures

for IoT Healthcare Systems. 5th International Conference on Human Aspects of Information Security, Privacy, and Trust, HAS'17, co-located with HCII 2017. DOI: 10.1007/978-3-319-58460-7_24 F. Kammüller. Human Centric Security and Privacy for

the IoT using Formal Techniques. 3rd International Conference on Human Factors in Cybersecurity, affiliated with AHFE 2017. DOI: 10.1007/978-3-319-60585-2_12 F. Kammüller, J. C. Augusto, S. Jones. Security and Privacy Requirements Engineering

for Human Centric IoT Systems using eFRIEND and Isabelle. IEEE/ACIS 15th International Conference on Software Engineering Research, Management and Application, SERA2017, IEEE-CPS 2017. DOI: 10.1109/SERA.2017.7965758 F. Kammüller. A Proof Calculus

for Attack Trees in Isabelle. Data Privacy Management, DPM’17, 12th Int. Workshop, co-located with ESORICS’17. LNCS 10436, Springer, 2017. DOI: 10.1007/978-3-319-67816-0_1 A. Nouri, B. L. Mediouni, M. Bozga, A. Legay, S. Bensalem. Performance

Evaluation of Stochastic Real-Time Systems with the SBIP Framework. Verimag Research Report TR-2017-6 September 27, 2017.