Service Oriented Computing 14th

Symposium and Summer School on

Service Oriented Computing
SummerSOC 2020 Crete Greece
September 13 19 2020 Schahram
Dustdar
Visit to download the full and correct content document:
https://textbookfull.com/product/service-oriented-computing-14th-symposium-and-su
mmer-school-on-service-oriented-computing-summersoc-2020-crete-greece-septemb
er-13-19-2020-schahram-dustdar/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...

Service Oriented Computing ICSOC 2017 Workshops Lars

Braubach

https://textbookfull.com/product/service-oriented-computing-
icsoc-2017-workshops-lars-braubach/

Service Oriented Computing 18th International

Conference ICSOC 2020 Dubai United Arab Emirates
December 14 17 2020 Proceedings Eleanna Kafeza

https://textbookfull.com/product/service-oriented-computing-18th-
international-conference-icsoc-2020-dubai-united-arab-emirates-
december-14-17-2020-proceedings-eleanna-kafeza/

Service Oriented Computing 15th International

Conference ICSOC 2017 Malaga Spain November 13 16 2017
Proceedings 1st Edition Michael Maximilien

https://textbookfull.com/product/service-oriented-computing-15th-
international-conference-icsoc-2017-malaga-spain-
november-13-16-2017-proceedings-1st-edition-michael-maximilien/

Advances in Service Oriented and Cloud Computing

Workshops of ESOCC 2018 Como Italy September 12 14 2018
Revised Selected Papers Maria Fazio

https://textbookfull.com/product/advances-in-service-oriented-
and-cloud-computing-workshops-of-esocc-2018-como-italy-
september-12-14-2018-revised-selected-papers-maria-fazio/
Service Oriented Computing 16th International
Conference ICSOC 2018 Hangzhou China November 12 15
2018 Proceedings Claus Pahl

https://textbookfull.com/product/service-oriented-computing-16th-
international-conference-icsoc-2018-hangzhou-china-
november-12-15-2018-proceedings-claus-pahl/

Service Oriented Computing 17th International

Conference ICSOC 2019 Toulouse France October 28 31
2019 Proceedings Sami Yangui

https://textbookfull.com/product/service-oriented-computing-17th-
international-conference-icsoc-2019-toulouse-france-
october-28-31-2019-proceedings-sami-yangui/

The Impact of Service Oriented Architecture Adoption on

Organizations Naghmeh Niknejad

https://textbookfull.com/product/the-impact-of-service-oriented-
architecture-adoption-on-organizations-naghmeh-niknejad/

Advanced Information Systems Engineering: 32nd

International Conference, CAiSE 2020, Grenoble, France,
June 8–12, 2020, Proceedings Schahram Dustdar

https://textbookfull.com/product/advanced-information-systems-
engineering-32nd-international-conference-caise-2020-grenoble-
france-june-8-12-2020-proceedings-schahram-dustdar/

Customization Oriented Design of Product Service System

Wenyan Song

https://textbookfull.com/product/customization-oriented-design-
of-product-service-system-wenyan-song/
Schahram Dustdar (Ed.)

Communications in Computer and Information Science 1310

Service-Oriented
Computing
14th Symposium and Summer School
on Service-Oriented Computing, SummerSOC 2020
Crete, Greece, September 13–19, 2020
Communications
in Computer and Information Science 1310

Editorial Board Members

Joaquim Filipe
Polytechnic Institute of Setúbal, Setúbal, Portugal
Ashish Ghosh
Indian Statistical Institute, Kolkata, India
Raquel Oliveira Prates
Federal University of Minas Gerais (UFMG), Belo Horizonte, Brazil
Lizhu Zhou
Tsinghua University, Beijing, China
More information about this series at http://www.springer.com/series/7899
Schahram Dustdar (Ed.)

Service-Oriented
Computing
14th Symposium and Summer School
on Service-Oriented Computing, SummerSOC 2020
Crete, Greece, September 13–19, 2020

123
Editor
Schahram Dustdar
Distributed Systems Group
Technische Universität Wien
Vienna, Austria

ISSN 1865-0929 ISSN 1865-0937 (electronic)

Communications in Computer and Information Science
ISBN 978-3-030-64845-9 ISBN 978-3-030-64846-6 (eBook)
https://doi.org/10.1007/978-3-030-64846-6

© Springer Nature Switzerland AG 2020

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the
material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information
storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now
known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication
does not imply, even in the absence of a specific statement, that such names are exempt from the relevant
protective laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this book are
believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors
give a warranty, expressed or implied, with respect to the material contained herein or for any errors or
omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in
published maps and institutional affiliations.

This Springer imprint is published by the registered company Springer Nature Switzerland AG
The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland
 Preface

The 14th advanced Summer School on Service Oriented Computing (SummerSoC

2020) continued a successful series of summer schools that started in 2007. As the
COVID-19 pandemic did not allow traveling, the symposium of SummerSoC 2020
unfortunately had to be turned into a virtual event. SummerSoC is regularly attracting
world-class experts in Service Oriented Computing (SOC) to present state-of-the-art
research during a week-long program organized in several thematic tracks: IoT, formal
methods for SOC, Cloud Computing, Data Science, Advanced Manufacturing, Soft-
ware Architecture, Digital Humanities, Quantum Computing, and emerging topics. The
advanced summer school is regularly attended by top researchers from academia and
industry as well as by PhD and graduate students.
During the SummerSoC symposium original research contributions in the areas
mentioned above were presented. All accepted contributions were submitted in advance
and have been peer-reviewed in a single-blind review process. Most papers where
reviewed by three reviews per paper, with an absolute minimum of two reviews per
paper. Based on the reviews the program chairs accepted or rejected contributions. Out
of 23 submitted contributions, only 11 were accepted with an acceptance rate of less
than 50%. In addition, the contributions were extensively discussed after their pre-
sentation during the paper session. In addition to the reviewers comments, the feedback
from this discussion was folded into the final version published in this special issue.
The volume is structured into four parts focusing on (i) IoT and cyber-physical
systems, (ii) advanced application areas, (iii) cloud and edge, and (iv) service-based
applications. The first article in the section IoT and cyber-physical systems provides an
approach towards personalized recommendations in an IoT-driven tour guide platform.
The next article introduces situation-aware updates for cyber-physical systems, fol-
lowed by a vision, method, and architecture for an IoT beehive network for monitoring
urban biodiversity. The section on advanced application areas provides three articles
introducing data science approaches to quality control in manufacturing, a NISQ
analyzer for automating the selection of quantum computers for quantum algorithms, as
well as a concept and tooling for pattern views for interconnected pattern languages.
The following section on cloud and edge investigates possibilities for protecting and
hardening installable FaaS platforms, followed by a quantitative evaluation approach
for edge orchestration strategies. Finally, the section on service-based applications
provides a qualitative literature review on microservices identification approaches and
introduces navigational support for non HATEOAS-compliant web-based APIs. The
section, and journal, is concluded with an article on domain-driven service design; this
last contribution received the SummerSoC Young Researcher Award sponsored by
ICSOC.

October 2020 Schahram Dustdar

 Organization

General Chairs
Schahram Dustdar Technische Universität Wien, Austria
Frank Leymann Universität Stuttgart, Germany

Organization Committee
Johanna Barzen Universität Stuttgart, Germany
George Koutras OpenIT, Greece
Themis Kutsuras OpenIT, Greece

Steering Committee
Marco Aiello Universität Stuttgart, Germany
Schahram Dustdar Technische Universität Wien, Austria
Christoph Gröger Bosch, Germany
Frank Hentschel Universität zu Köln, Germany
Willem-Jan van Heuvel Eindhoven University of Technology, The Netherlands
Rania Khalaf IBM, Germany
Frank Leymann Universität Stuttgart, Germany
Kostas Magoutis University of Crete, Greece
Bernhard Mitschang Universität Stuttgart, Germany
Dimitris Plexousakis University of Crete, Greece
Wolfgang Reisig Humboldt-Universität, Germany
Norbert Ritter Universität Hamburg, Germany
Jakka Sairamesh CapsicoHealth Inc., USA
Sanjiva Weerawarana WSO2, Sri Lanka
Guido Wirtz Universität Bamberg, Germany
Alfred Zimmermann Hochschule Reutlingen, Germany

Program Committee
Marco Aiello Universität Stuttgart, Germany
Johanna Barzen Universität Stuttgart, Germany
Steffen Becker Universität Stuttgart, Germany
Wolfgang Blochinger Hochschule Reutlingen, Germany
Uwe Breitenbücher Universität Stuttgart, Germany
Gerd Breiter IBM, Germany
Antonio Brogi Università di Pisa, Italy
Florian Daniel Politecnico di Milano, Italy
Christian Decker Hochschule Reutlingen, Germany
viii Organization

Stefan Dessloch Technische Universität Kaiserslautern, Germany

Schahram Dustdar Technische Universität Wien, Austria
Christoph Freytag Humboldt-Universität, Germany
Frank Hentschel Universität zu Köln, Germany
Melanie Herschel Universität Stuttgart, Germany
Willem-Jan van Heuvel Eindhoven University of Technology, The Netherlands
Dimka Karastoyanova Rijksuniversiteit Groningen, The Netherlands
Christian Kohls Technische Hochschule Köln, Germany
Eva Kühn Technische Universität Wien, Austria
Ralf Küsters Universität Stuttgart, Germany
Winfried Lamersdorf Universität Hamburg, Germany
Frank Leymann Universität Stuttgart, Germany
Kostas Magoutis University of Crete, Greece
Bernhard Mitschang Universität Stuttgart, Germany
Daniela Nicklas Universität Bamberg, Germany
Florian Niedermann McKinsey, Germany
Maria Papadopouli University of Crete, Greece
Adrian Paschke Freie Universität Berlin, Germany
Cesare Pautasso University of Lugano, Switzerland
Ilia Petrov Hochschule Reutlingen, Germany
René Reiners Fraunhofer FIT, Germany
Wolfgang Reisig Humboldt-Universität, Germany
Norbert Ritter Universität Hamburg, Germany
Jakka Sairamesh CapsicoHealth Inc., USA
Heiko Schuldt Universität Basel, Switzerland
Holger Schwarz Universität Stuttgart, Germany
Stefan Schulte Technische Universität Wien, Austria
Ulf Schreier Hochschule Furtwangen, Germany
Craig Sheridan The University of Edinburgh, UK
Albrecht Stäbler BigData4Biz, Germany
Damian Tamburri Eindhoven University of Technology, The Netherlands
Massimo Villari Università degli Studi di Messina, Italy
Stefan Wagner Universität Stuttgart, Germany
Sanjiva Weerawarana WSO2, Sri Lanka
Guido Wirtz Universität Bamberg, Germany
Uwe Zdun Universität Wien, Austria
Alfred Zimmermann Hochschule Reutlingen, Germany
Olaf Zimmermann Hochschule für Technik Rapperswil, Switzerland

Additional Reviewers

Martin Garriga Michael Wurster

Pascal Hirmer Tim Würtele
Indika Kumara Daniel Vietz
 Contents

IoT and Cyber-Physical Systems

Towards Personalized Recommendations in an IoT-Driven Tour

Guide Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Margianna Arvaniti-Bofili, Stelios Gkouskos, Konstantinos Kalampokis,
Gerasimos Papaioannou, Georgios Gogolos, Ilias Chaldeakis, Kon-
stantinos Petridis, and Kostas Magoutis

Situation-Aware Updates for Cyber-Physical Systems . . . . . . . . . . . . . . . . . 12

Kálmán Képes, Frank Leymann, and Michael Zimmermann

An IoT Beehive Network for Monitoring Urban Biodiversity:

Vision, Method, and Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Mirella Sangiovanni, Gerard Schouten, and Willem-Jan van den Heuvel

Advanced Application Areas

Data Science Approaches to Quality Control in Manufacturing:

A Review of Problems, Challenges and Architecture . . . . . . . . . . . . . . . . . . 45
Yannick Wilhelm, Ulf Schreier, Peter Reimann, Bernhard Mitschang,
and Holger Ziekow

The NISQ Analyzer: Automating the Selection of Quantum Computers

for Quantum Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Marie Salm, Johanna Barzen, Uwe Breitenbücher, Frank Leymann,
Benjamin Weder, and Karoline Wild

Pattern Views: Concept and Tooling for Interconnected Pattern Languages. . . 86

Manuela Weigold, Johanna Barzen, Uwe Breitenbücher,
Michael Falkenthal, Frank Leymann, and Karoline Wild

Cloud and Edge

Investigating Possibilites for Protecting and Hardening Installable

FaaS Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Mike Prechtl, Robin Lichtenthäler, and Guido Wirtz

A Quantitative Evaluation Approach for Edge Orchestration Strategies . . . . . 127

Sebastian Böhm and Guido Wirtz
x Contents

Service-Based Applications

A Qualitative Literature Review on Microservices

Identification Approaches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Christoph Schröer, Felix Kruse, and Jorge Marx Gómez

Navigational Support for Non HATEOAS-Compliant Web-Based APIs . . . . . 169

Sebastian Kotstein and Christian Decker

Domain-Driven Service Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Stefan Kapferer and Olaf Zimmermann

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

IoT and Cyber-Physical Systems
 Towards Personalized Recommendations
in an IoT-Driven Tour Guide Platform

Margianna Arvaniti-Bofili1,2(B) , Stelios Gkouskos3 ,

Konstantinos Kalampokis3 , Gerasimos Papaioannou3 , Georgios Gogolos3 ,
Ilias Chaldeakis3 , Konstantinos Petridis3 , and Kostas Magoutis1,2
1
Computer Science Department, University of Crete, Heraklion, Greece
{margianna,magoutis}@csd.uoc.gr
2
FORTH-ICS, Heraklion, Greece
3
Terracom Informatics Ltd, Ioannina, Greece
{sgous,kokalabo}@terracom.gr

Abstract. In this paper we describe a system for personalized recom-

mendations as part of a smart IoT-driven tour guide platform. The sys-
tem builds user profiles out of historical localization information (move-
ment of users in space within a museum) and indications of their inter-
ests, inferred through interaction with digital content, and time spent
around exhibits. Users with similar movement style and interests are
clustered together in order to provide useful personalized recommenda-
tions. The presented system leverages data-streaming technologies for
online training and interactive response in coordination with a commer-
cial IoT platform and mobile application. Our evaluation focuses on val-
idating the profile-building and clustering parts of the platform using an
experimental testbed that allows for testing under controlled conditions.

Keywords: Internet of Things · Personalized recommendations · Data

stream processing

1 Introduction
We all visit museums or archaeological sites from time to time to appreciate
culture, to learn, and to overall have a pleasant experience. However museums
are usually large spaces that are hard to navigate, with the volume of exhibits
and information available being overwhelming to the visitor. For this reason
most museums today provide guided tours, traditionally via licensed staff, and
more recently by offering electronic tour guides that help visitors navigate the
space, often providing additional information about the exhibits. These tools are
undoubtedly helpful to many visitors, but they are typically generic.

Supported by the Greek Research Technology Development and Innovation Action

“RESEARCH - CREATE - INNOVATE”, Operational Programme on Competitive-
ness, Entrepreneurship and Innovation (EΠAνEK) 2014–2020, Grant T1EΔK-04819.
c Springer Nature Switzerland AG 2020
S. Dustdar (Ed.): SummerSOC 2020, CCIS 1310, pp. 3–11, 2020.
https://doi.org/10.1007/978-3-030-64846-6_1
4 M. Arvaniti-Bofili et al.

ProxiTour [3] is an IoT-driven platform for digital tours, whose aim is to

create a more custom-made experience for the visitors. By collecting information
produced in real time, such as the visitor’s interaction with the space and the
exhibits, ProxiTour aims to create on the fly a custom-made profile for each
user. Based on that profile, which is updated during the visit, the platform can
suggest exhibits and sights likely to interest the user, improving their experience.
ProxiTour relies on Bluetooth beacons embedded within places of interest
(e.g. museums, historical sites) for localization and for correlating visitor location
with exhibits. Visitors are tracked from the point they enter the space with their
mobile device. Every time they come within range of a beacon, they receive
recommended information (audio and visual) based on their position, nearby
exhibits, and their movement pattern so far. In outdoor spaces, the GPS on
mobile devices can also be used to track visitor location. The interaction of
visitors with the provided digital content and their movements in space can be
interpreted as indirect feedback for the recommendations, enabling adaption.
In this paper, we present a novel system for providing personalized recom-
mendations within the context of a smart IoT-driven tour guide platform [3].
Our contributions in this paper are:
– Creation of user profiles, based on data collected in real time from a Bluetooth
beacon-based localization service and from interaction with digital content
through an end-user mobile application.
– Creating groups of user profiles with similar interests aiming to use such
groups for recommendation purposes.
– An implementation, drawing information from state-of-the-art IoT technolo-
gies, for localization and data collection.
– Online analysis, using Spark Structured Streaming, to perform data analysis
live (online), in a scalable manner.
– Experimental validation of the profile-building and clustering parts using a
deployment of ProxiTour in a controlled physical environment.
The system aims to advance over standard approaches for e-guides that are
either unaware of the history of users’ movement in space and in relation to
exhibits, or have very basic information about it, often requiring significant user
involvement (such as manually browsing through digital content or scanning an
NFC tag next to exhibits).
The paper is structured as follows. In Sect. 2 we discuss related work. In
Sect. 3 we present the architecture and current implementation of the ProxiTour
platform, including user and exhibit profiling, key drivers of recommendations.
In Sect. 4 we present the evaluation and in Sect. 5 we conclude.

2 Related Work
The first approaches to e-guides were heavily based on user interaction, by having
users either select exhibits from a provided list or scan NFC codes associated with
specific exhibits. In both cases the user receives information about an exhibit,
 Towards Personalized Recommendations 5

but at the expense of having to closely interact with the device for input. Such
guides are usually based on generic pre-programmed tours that are stored in the
device and are not fitted to the individual interests or touring style of the visitor.
More recent systems provide the ability to track visitors via Bluetooth bea-
cons or video cameras. There has been significant work in the field of user track-
ing in museums [2], focusing on either providing information to the museum
curators [7] or on providing recommendations to visitors by requiring them to
provide extensive profile information or answer questions [6]. In our work, we
take inspiration from techniques of the first approach [7], to build visitor profiles
and leverage and extend work on recommendations [6] to improve the quality of
the tours with implicit profile characteristics. ProxiTour, the personalized tour-
ing platform evaluated in this paper, was recently introduced by Chronarakis
et al. [3]. Real-time processing of localization streams tracking museum visitors
through video cameras was described by Stamatakis et al. [9]. Our work extends
this previous research by applying profile building and analytics on historical
information, creating the basis for personalized recommendations.
Recommendation systems are a broad and interesting field of study and the
goal is to figure out the best subset of options for some particular user, based on
their profile. They can help reduce “buyer’s anxiety” when faced with overwhelm-
ing choices; in our case they can contribute to a more personalized experience
for visitors. The three main approaches to this task are: collaborative filter-
ing, content-based filtering, and hybrid filtering [1]. Collaborative filtering, the
most commonly used and mature approach, groups users with similar tastes to
make recommendations. The system constructs tables of similar items offline and
then uses those tables to make online suggestions, based on the user’s history.
Content-based filtering predicts the user’s interests, based solely on the current
user and ignoring information collected from other users. Hybrid filtering com-
bines two or more filtering techniques to increase the accuracy and performance
of the system and overcome some of the issues inherent in each approach.
ProxiTour takes a hybrid approach combining collaborative and content-
based filtering. It defines a level of similarity between exhibits based on user
feedback, profiles, and expert input and uses that to compile a list of proposed
exhibits. It then ranks the items in the list using our visitor’s profile as a guide.
The list is presented via the application, using direct and indirect feedback to
evaluate the recommendations and fine-tune user models.

3 Architecture and Implementation

3.1 Proxitour Platform and Testbed Setup
Figure 1 shows the architecture and basic workflow of the ProxiTour platform
evaluated in this paper. The platform supports a variety of mobile devices
(phones, tablets, etc.) by which users interact with the beacons in the museum
and the digital content. The devices communicate events over a RabbitMQ ser-
vice to a commercial IoT platform, Zastel, whose main functions are the man-
agement of location services (beacons, GPS), dynamic data sharing and decision
6 M. Arvaniti-Bofili et al.

making, managing/monitoring beacons and administrative users and connecting

with third party systems and applications through an API.

Fig. 1. Architecture and basic workflow

Relaying events between the IoT platform and a stream-processing service

is Apache Kafka, a distributed messaging and streaming platform, used here for
interoperability purposes. Spark Structured Streaming is a scalable and fault-
tolerant stream processing engine, built on the Spark SQL engine [8] that we use
to implement our applications (analytics on the messages produced by the mobile
devices and recommendation lists for the tours). The results of the analysis
sessions are stored (with the users’ consent) in a MongoDB database, to be used
in the future for training models or to help us initialize the profile of a visitor
who used the app in the past. During a user’s visit, the application will send
recommendations, as push notifications to their device, through Zastel.
Figure 2 depicts the test space where we run our controlled experiments.
Beacons have been set up in various locations/rooms and associated with certain
thematic areas, exhibits, or people. In our evaluation, we examine test scenarios
by having users emulate certain behavioral patterns. For more details regarding
the architecture of the platform and the beacons used, we refer the reader to [3].

Fig. 2. Overview of experimental space used for controlled testing. Circles indicate the
location of BLE beacons and diamonds the associated exhibits.
 Towards Personalized Recommendations 7

Next we describe the concepts and implementation underlying our recom-

mendations system. In this paper, we focus on techniques to construct visitor
and exhibit profiles based on the location tracking history of visitors.

3.2 Support for a Recommendations System

The first step towards any recommendation system is building a profile for
its users. Initially, that profile is based solely on the general information pro-
vided by the user1 (e.g. gender, age) and historical information known for the
studied population (e.g. most popular exhibits). As specific users interact with
the system and we see how they respond to the digital content and to the rec-
ommendations (they seem to follow them or not), the profile can be updated
to enrich knowledge of their preferences (preferred exhibits, recommendations
taken, etc.), which can lead to more customized suggestions.
In the beginning of the tour, we assume that the initial information about a
user is a userID and their age category (e.g., 5–12 (primary school), 13–17 (high
school), 18+ (adults), etc.) entered during registration. Users will be asked to
enable Bluetooth and Location services on their mobile devices and be informed
that without those features, users cannot be tracked and therefore recommen-
dations will have to be based only on basic information and the general histor-
ical information collected from previous visitors. It is our expectation that the
anticipation of richer content and better targeted (personalized) services, in con-
junction with minimal privacy implications, will entice most users to enable the
required support, as has been the case for online shopping and search services.
From the historical information, ProxiTour can create a list with the most
popular exhibits based on direct and indirect feedback from the users. This leads
to the creation of profiles for exhibits as well.
Assuming that a user allows location tracking, the tracked characteristics
of the current tour can enrich the default content (e.g., the top-K exhibits list,
typically the well-known exhibits in a museum’s collection), with a list of the
most interesting exhibits based on their profile (past visits and current tour
track). The list of featured exhibits can be dynamically adapted based on the
users’ current location (e.g. room) and their interaction with the information
on the application and the time they spent on each exhibit. If they spent a
long time at an exhibit, they most likely found it intriguing, especially if they
also interacted with the digital content that was served to them about the same
exhibit. If the user visits some exhibits more than once that can also indicate
increased interest in this category.

User Profiling: Our first objective is to create user profiles by processing local-
ization information. We split the incoming stream of events into user-sessions,
by userID.
Creation of user sessions works as follows: If a session is already open for
this user it updates the information of the session. If a session for the user
1
We assume GDPR-compliant processes involving explicit user consent.
8 M. Arvaniti-Bofili et al.

does not exist, the application will look in the (stored) history to see if it has
historical information for the user to initialize and link this session to, otherwise
it will create a new clean session. Every new user profile contains only basic
information, given at registration (e.g., ageCategory, language, gender, etc.).
While the user moves through each room, we store information like the average
time he spent near each exhibit, the categories of the exhibits he spent the most
time on and the total amount of time spent in the room, current session duration
and more.
There has been a lot of work in defining the best set of characteristics that
define a museum visitor [4,5]. In addition to the more common ones described
above, we chose to include the visitor’s movement pattern. We were motivated
by earlier work by Veron and Levasseur [10] who identified associations of the
movement style of visitors moving through an art gallery space with general
characteristics of the movement style of specific species, in particular ants, fish,
grasshoppers, and butterflies: Visitors in the “ant” category tend to move close
to the walls and the exhibits, follow the suggested route and study each exhibit
carefully. “Fish” tend to move mostly in the empty space, in the center of the
room and do not come very close to the exhibits, spending a short time on some.
“Grasshoppers” tend to also move in the empty space, but approach the exhibits
that interest them and spend more time studying them. “Butterflies” tend to
move in and out of the empty space, not following the suggested route, observing
almost all exhibits with varying time spent on each one.
These different types of movements can be good indicators of different visitor
personality traits and levels of interest. For example, an “ant” is likely to visit
most of the exhibits, so a guide should focus more on the type of digital infor-
mation they enjoy. “Ants” are also more likely to give feedback. On the other
hand, “grasshoppers” have clearer preferences, so we can give them more tar-
geted content or direct them to more obscure exhibits matching their interests.
“Fish” can have varying degrees of engagement, as can “butterflies”, so we will
need to handle them accordingly.
In ProxiTour, the movement pattern of each visitor is continuously analyzed
to categorize them accordingly. Each user is eventually represented by a vector,
containing the information summary of their profile.

Exhibit Profiling: Every exhibit is defined by an ID and is associated with

a room. For every room and exhibit we have a list of keywords that are closely
associated with them, as well as a list of information and audio-visual sources
that are available to the visitors through their mobile device. We can use direct
and indirect feedback from the user to “rate” the exhibits and get a sense of
which of the additional information provided they find interesting.
Direct feedback can be as simple as having the user rate each item (e.g., on
a scale of 1–5), but that can be annoying for users who will likely ignore it after
a while. The indirect approach is less intrusive to the visitor’s experience and
they can focus solely on the tour; however, it requires them to have enabled the
location tracking option on the mobile device (Bluetooth or GPS). We can store
 Towards Personalized Recommendations 9

information about how long the user spent on each exhibit and use that as a
metric of how interesting they found it, based on their overall attention span
(avgExhibitVisit) and the time spent on it by other users. If the user chooses
not to enable that option, we can still get some feedback, by checking which of
the additional sources the visitor chose to open and for how long he kept them
open. We assume that the longer they looked at an exhibit the more engaged
they were with it.

4 Evaluation

In this work we use experimental data from the testbed depicted in Fig. 2 to
validate the interoperability of the various components of the system, and to
demonstrate that the created profiles can be used to differentiate the behavior
of different users who move in the monitored space. The setup of Fig. 2 features
11 (hypothetical) exhibits and 11 beacons laid out in distances that would be
typical of a museum environment. Users (project members) moving around the
museum space test the beacons’ functionalities and perform controlled exper-
iments by emulating users with specific behavior patterns. The events of the
resulting streams contain key-value pairs of collected information (e.g. longi-
tude, latitude, timestamp, etc.).
Our preliminary tests demonstrate that the setup is functional and that Prox-
iTour can successfully track users moving about the experimental site. Thanks
to the localization and exhibit information included in the messages, we can
calculate for example, how long each user spends on each exhibit. The informa-
tion we produce is used to enrich the profile of the user that evolves, as more
information is collected.
The experiment involves 40 users (project members), moving about the test
space and interacting with the exhibits in a predefined manner. Each user moves
emulating one of the species-inspired behaviors we described in Sect. 3.2. If dis-
tinction of the patterns is possible, then recommendations should be customized
to fit the pattern of behavior detected within each group. Our evaluation in this
work focuses on the former aspect (detecting pattern of behavior and profile
building); testing of the recommendation system itself is planned for an upcom-
ing pilot with real users.
As discussed in Sect. 3.2, detecting a new user requires matching him/her to
a category based on the basic initial information to start creating their personal-
ized tour. Initially, basic categories are primarily split by age group. Each group
will receive an initial recommendations list that consists of the top K exhibits
for users in that age group (determined from historical data). This is a general
choice that will likely be adapted during the visit.
The users are split equally, based on movements patterns, into four groups
(ants, fish, grasshoppers, butterflies). During the visitor’s tour we note how they
move about the space. We create movement vectors for the users from one exhibit
to the next and try to classify those in one of the four categories. We test,
with an autoML approach, the performance of some very well known machine
10 M. Arvaniti-Bofili et al.

Fig. 3. (a) Visitor categories representation based on movement patterns (b) Accu-
racy of visitor’s movement classification. (c) Breakdown of classification accuracy per
category.

learning models (Logistic Regression, Random Forest, KMeans), using different

configurations for each, in an effort to define the best classifier.
We compare the three best performing model configurations, with the random
classifier that acts as our baseline. Each visitor, when entering the museum,
has equal chance of belonging in each group (not entirely accurate, but for the
purposes of this experiment we assume equal representation of each class). In
Fig. 3-(b) we see that we can actually separate the users in the test space with
high confidence. All three of the models perform much better than the baseline,
with random forest performing the best.
However, we want to see which visitors troubled the models the most, in order to
see if we can use other metrics to classify them. In Fig. 3-(c) we have a breakdown
of performance of each model in correctly identifying each category. Baseline is
trivial (25%). All three models have trouble identifying butterflies, since they can
resemble either grasshoppers or more commonly fish. Their random movement in
space can sometimes resemble other patterns, which confuses the models. KMeans
does not recognise them at all, matching them to other cluster as extreme cases.
Logistic Regression mixes them with fish, which makes sense if they moved in the
empty space mostly. Random Forest performs the best, by only missing 50% of
butterflies and classifying them as fish or grasshoppers, based on how close to the
exhibits they went. We will reevaluate the classifiers when we run the pilot, but so
far Random Forest seems to be performing the best.
Aside from the visitor’s pattern of movement, we take into account other
information as well. We calculate various statistics about the visitor’s interests
and their interaction with the content (preferred exhibit categories, etc.). In our
recommendation system design we use the movement patterns and some other
metrics to match the visitor with similar ones and then we create a list of possible
exhibits they might like, based on the similar visitors and we filter that list down
further using a vector describing the user’s preferences.
As more historical data are available to train statistical models, it becomes
possible to make more accurate decisions and to provide more meaningful sug-
gestions. As the user moves from room to room we can detect how satisfied they
are with our recommendations, by seeing if they follow them and if they are
 Towards Personalized Recommendations 11

engaged with the additional materials. If recommendations are ignored or users

appear to be very interested in other exhibit categories we can try to run the user
through the model again and see if we can classify them better. This can be done
periodically, on exiting a room or when we see that the user’s interests deviate
significantly from the recommendations. We have not evaluated this approach
yet, since it requires real users to give feedback. However this is planned in an
upcoming pilot experiment in a museum environment.

5 Conclusions
This paper describes current support for building user profiles and exhibit pro-
files via processing of localization and activity information/events collected by
the ProxiTour IoT-enabled platform. Our experimental evaluation in a con-
trolled testbed demonstrated that classification of users (key to effective person-
alized recommendations) is possible through an online stream-processing plat-
form using ML libraries.
Future work on a larger scale pilot will study the effectiveness of recommen-
dations and further investigate the potential of other ML techniques such as
reinforcement learning to more aggressively explore the space of possible recom-
mendations.

References
1. Bobadilla, J., Ortega, F., Hernando, A., Gutiérrez, A.: Recommender systems sur-
vey. J. Knowl.-Based Syst. (Elsevier) 46, 109–132 (2013)
2. Cheverst, K., Davies, N., Mitchell, K., Friday, A., Efstratiou, C.: Developing a
context-aware electronic tourist guide: some issues and experiences. In: Proceedings
of ACM SIGCHI Human Factors in Computing Systems (CHI 2000), pp. 17–24
(2000)
3. Chronarakis, A., et al.: ProxiTour: a smart platform for personalized touring. In:
Proceedings of 13th Symposium and Summer School on Service-Oriented Comput-
ing (SummerSOC’19); also IBM Technical Report RC25685. Hersonissos, Crete,
Greece, 17–23 June 2019 (2019)
4. Dean, D.: Museum Exhibition Theory and Practice. Routledge, London (1994)
5. Hatala, M., Wakkary, R.: Ontology-based user modeling in an augmented audio
reality system for museums. User Model. User-Adap. Inter. 15, 339–380 (2005)
6. Huang, Y.M., Liu, C.H., Lee, C.Y.: Designing a personalized guide recommendation
system to mitigate information overload in museum learning. Educ. Technol. Soc.
15, 150–166 (2012)
7. Lanir, J., et al.: Visualizing museum visitors’ behavior: where do they go and what
do they do there? Pers. Ubiquit. Comput. 21, 313–326 (2017)
8. Spark Structured Streaming. https://spark.apache.org/docs/latest/structured-
streaming-programming-guide.html
9. Stamatakis, D., Grammenos, D., Magoutis, K.: Real-time analysis of localization
data streams for ambient intelligence environments. In: Keyson, D.V., et al. (eds.)
AmI 2011. LNCS, vol. 7040, pp. 92–97. Springer, Heidelberg (2011). https://doi.
org/10.1007/978-3-642-25167-2 10
10. Veron, E., Levasseur, M.: Ethnographie de l’exposition, Paris, Bibliothèque
Publique d’Information. Centre Georges Pompidou (1983)
 Situation-Aware Updates
for Cyber-Physical Systems

Kálmán Képes(B) , Frank Leymann, and Michael Zimmermann

Institute of Architecture of Application Systems, University of Stuttgart,

Stuttgart, Germany
{kepes,leymann,zimmermann}@iaas.uni-stuttgart.de

Abstract. The growing trend of integrating software processes and

the physical world created new paradigms, such as, the Internet of
Things and Cyber-Physical Systems. However, as applications of these
paradigms are rolled out, the management of their software and hardware
components becomes a challenge, e.g., an update of a mobile system must
not only consider the software but also the surrounding context, such as,
internet connection, current position and speed, or users activities, and
therefore must be aware of their current context and situations when
executed. The timing of executing management tasks is crucial as the
surrounding state of the system and its context must hold long enough
to enable robust execution of management tasks. We propose an app-
roach to model software updates in a Situation-Aware manner, enabling
to observe context, such as, time, environment, application state and
people, hence, enabling to execute update tasks at the right time and
in the right time-frame. We implemented our approach based on a train
scenario within the OpenTOSCA Ecosystem.

Keywords: Cyber-Physical Systems · Context-Aware Systems ·

TOSCA

1 Introduction

The trend of integrating the physical world with the so-called cyber world builds
upon integration of software and hardware components creating new paradigms,
such as the Internet of Things (IoT) [2] and the more general paradigm of Cyber-
Physical Systems (CPS) [17]. The wide range of applicable domains, such as
health care [19], mobility [18] and energy [1], enable the seamless integration
of digital and physical processes with our everyday life. These systems must
combine different types of components, starting from commodity hardware to
embedded devices, from off-the-shelve software components to specialized real-
time functions, e.g., embedded devices that control motors sending data to local
databases hosted on edge cloud resources, which are used to aggregate the data
before sending it further to the cloud. Maintenance of these heterogeneous com-
ponents is a complex task, e.g., the exchange of complete components at runtime
c Springer Nature Switzerland AG 2020
S. Dustdar (Ed.): SummerSOC 2020, CCIS 1310, pp. 12–32, 2020.
https://doi.org/10.1007/978-3-030-64846-6_2
 Situation-Aware Updates for Cyber-Physical Systems 13

to achieve a system update. As every system can have its bugs it is crucial to
enable updates in CPS, as errors that lead to faults within such a system can
have severe safety issues in the real world possibly harming people or resources.
However, management processes that use or configure components must also
consider the surrounding environment, i.e., its overall context must be regarded.
For example, applying runtime updates of components effect their functional
availability and may create severe safety issues in case of errors that can be
caused by external environmental changes, such as, changing network connec-
tions or actions by people affecting the update process. Additionally, if a CPS
should be as autonomous as possible the execution of updates should be started
without the explicit affirmation by users every time an update is available. This
autonomy can only be achieved if the management system of a CPS is aware of
its context, and further, to enable a robust execution of updates, it is important
to observe the current state in the context and apply these at the right time.
Hence, such systems must be Context-Aware in nature [32]. To enable such an
execution it is not only important to know how long a situation will be active
in the application context, e.g., are all users absent from the CPS and don’t use
it, but also how long it takes to execute an update, e.g., how long applying a
new firmware takes or how long it takes to restart a database. In summary, it
is important to combine both views, how much time does an update have and
how long does it take to enable the robust execution of an update.
Therefore, we propose an approach to enable the modeling and execution of
management processes based on awareness of the context and worst-case exe-
cution time of the needed management tasks, enabling to determine when a
system has a proper state and enough time to execute management processes.
The main idea of our approach is to model the desired update with addition of
specifying which components must be updated only when certain situations are
active for enough time to update. Our approach builds on previous work within
the DiStOpt project (successor of SitOPT) [23] that enabled to model Situation-
Aware workflows, but did not consider the timing of Situation-Aware tasks, and
therefore, was only reactive in nature, hence may turn applications not to be
available at the right time again. One of the project goals of DiStOpt is decou-
pling high level knowledge from low level data and queries on top of the received
data, and therefore, enable easier modeling of Situation-Aware workflows. The
concept of Situation-Aware workflows is used in this paper and applied to updat-
ing CPS in a situation-aware manner to enable desired properties of safe and
autonomous execution of management processes. Another work we build upon
is to enable the generation of workflows from so-called declarative deployment
models that only specify what should be deployed and not how. The generated
processes from these models are able to install, configure and start software com-
ponents in an fully automated manner [7], but not under given time constraints
such as those given by the current context of a CPS. We extended and combined
concepts of both previous works enabling the observation of time in context and
execution, therefore, enabling proactive management of CPS.
14 K. Képes et al.

This paper is structured as follows: In Sect. 2 we describe a motivating sce-

nario and background information, in Sect. 3 we describe our approach, in Sect. 4
we describe our prototypical implementation and related work in Sect. 5, followed
by a conclusion and future work in Sect. 6.

Fig. 1. Motivating example for Timing and Situation-Aware execution of updates.

2 Motivation and Background

In this section we describe a motivating scenario based on autonomous trains (see
Subsect. 2.1) and give brief background information on CPS (see Subsect. 2.2),
worst-case execution time (see Subsect. 2.3) and timed situations based on the
DiStOPT project, successor of the SitOPT project (see Subsect. 2.4).

2.1 Motivating Scenario

Think about a mobile CPS such as trains consisting of heterogeneous components
(see middle in Fig. 1), e.g., embedded devices that read sensor data and control
actuators to enable safety-critical functions (see firmware hosted on embedded
device in the middle of Fig. 1). On the other side, software for passengers, such
as, multimedia services are running on commodity hardware (see app hosted
on commodity hardware in the middle of Fig. 1). Each of the component types
have different requirements when regarding updates. Updating such commod-
ity components doesn’t affect the availability of safety-relevant functions and
updating these components could be done at any time when the needed update
files are locally available. However, updating all of these components while pas-
sengers may want to use them, the availability of those services can be reduced
and therefore reduce customer satisfaction. This issue is much more severe when
 Situation-Aware Updates for Cyber-Physical Systems 15

regarding availability of safety-critical components running on embedded devices

of the autonomous train. A failure when updating these components, such as a
firmware that enables control of brakes and motors, has severe impact on the
safety of CPS systems. To enable the automated and robust execution of runtime
updates in such a scenario two challenges arise: (i) when do you start and (ii)
how much time is left to execute updates before the system has to be available
again. For example, in our scenario updating the end-user components should be
achieved when those are not needed, i.e., are not actively used by passengers. In
case of safety-critical components, the train should be in state where it is safe to
execute the update, such as when the autonomous train has stopped at a station,
i.e., the train is not in motion. Therefore the update system must know when
components are not used and know how much time is left before the components
are in use again. Depending on the components to be updated it is not sufficient
to only determine the state of the software and hardware components to find a
suitable time for update execution. As it is done in research for dynamic soft-
ware updating [26] it is observing the so-called quiescence of components and
executing updates only when the necessary components are not in use. In this
field of research the quiescence of components was only observed in the context
of applications itself without regarding the physical environment. To determine
the perfect time to start an update the overall environment of the system must
be observed as well, e.g., whether the train is stopped at a train station or
somewhere outside on the tracks, or whether passengers are connected to the
wireless network of a train wagon (see lower part of Fig. 1). In our train scenario
the execution of software updates would be most sufficient when the train is at
halt at a station and passengers are disconnected from the network components.
Enabling a robust execution of an update in our scenario of autonomous trains
means that updates should not disrupt the availability of the system when it
is actually needed and be started without the need of human interaction. An
update should be execute in a way that it is run at a time slot where the update
can take place completely and successfully, e.g., when an update takes five min-
utes and the train is at a train station for at least the same time, it is safe to
update.

2.2 CPS

In research and industry the trend of integrating the physical world and soft-
ware emerged to paradigms such as the Internet of Things [2] or the more general
paradigm of CPS[17]. The wide-range of application scenarios for CPS, such as,
energy [34], health care [19] and mobility [18] implies the growing integration
within our everyday lives. These applications build on heterogeneous hardware
and software components such as embedded devices to commodity hardware
or from off-the-shelve components to specialized software. As these components
may be deployed and run within physical environments and interacting with
users in a physical manner, CPS in cases can be seen as real-time systems execut-
ing (near-)real-time tasks that have deadlines on the execution of their functions
16 K. Képes et al.

to enable properties such as safety. These properties are crucial for CPS as miss-
ing deadlines may put people into danger, e.g., when an airbag of a car reacts
to late. Therefore it is crucial that CPS are highly resilient to errors and do not
create severe faults, hence, it is crucial to immediately apply (critical) updates
of the heterogeneous CPS components to make the system more resilient over
their lifetime. This also must be regarded when executing management tasks
such as updates, as the execution of as such may have severe side effects as well.

2.3 Tasks and Their Worst-Case Execution Time

The timing of the update operations does not only depend on the duration a
situation is active, but, the execution time of the operations as well, especially
their worst-case execution time (WCET) [40]. This enables our approach to
proactively decide whether to execute operations based on the currently active
situations. However, determining the WCET of an operation is not trivial and in
general not possible to calculate an exact value in modern systems, i.e., it is only
possible to get approximations of the WCET [40]. But especially, in the case of
CPS calculating the WCET is crucial, e.g., airbag control in cars or emergency
braking in trains. The precision of a so-called WCET upper bound that specifies
how long an operation will take at most depends on the underlying hardware.
The closer the software is to the hardware the more precise a WCET bound can
be calculated, which can be done by so-called static analysis or measurement-
based approaches. While the static approaches calculate a WCET bound based
on the source code and target hardware, the measurement-based approaches cal-
culates upper bounds on previous executions of operations [40]. This problem
of calculating upper WCET bounds gets more complicated in modern Cloud or
Edge Computing scenarios, as the underlying hardware is visualized and het-
erogeneous, further complicating the problem getting proper WCET values. In
our example, the most sensitive part to update is the firmware on the embedded
device, as flashing the system disables safety-critical functionality and must not
be aborted while executing. However, as firmware is the first software layer on
top of embedded devices the WCET of flashing can be practically determined.
Hence, the WCET of tasks that are sensitive and close to the hardware is easier
to determine, and therefore, usable within our approach.

2.4 Timed Situations

The overall goal of our approach is to execute activities of a process at the
right time, e.g., in our motivating scenario updates on safety-critical compo-
nents should only be executed when the train is at a train station, while other
software components may only be updated when passengers don’t use them.
Another important aspect is that the execution should be aborted as less as
possible, in case of hardware, such as ECUs in trains or cars, retries of the flash-
ing process reduces lifetime and may even make the hardware unusable when
the flashing process fails [20]. Therefore, we extends our previous approaches
on modeling situations within the SitOPT project [8,39], where a situation was
 Situation-Aware Updates for Cyber-Physical Systems 17

defined as a state in the context of an object. To observe situations, context data

from objects, such as, machines, software components or users are processed to
calculate a particular situations state. We extended situations to give a guaran-
tee on how long they are active, enabling to use the timing-aspect of situations
directly while executing situation-aware tasks. These specify at runtime for how
long a situation will be either active or inactive, hence, enable to proactively
manage the execution of tasks. For example, if we know that the necessary sit-
uations are available for enough time, e.g., the train is stopped at a station and
passengers don’t use specific components for at least a minute, we can execute
an update.

Fig. 2. Overview of the UPTIME method.

3 UPTIME - Update Management for Things in Motion

and Environments
In this section we describe our concept to enable the situation-aware modeling
and execution of software updates, based on our method called UPTIME (see
Fig. 2) which is based on a so-called Situation-Aware Deployment Metamodel and
Time-Aware Situational Scopes (see Subsect. 3.2). The first is used to model an
update while the second is used to for situation-aware execution.

3.1 Overview
The main idea of the UPTIME method is to specify components and their
exposed operations with the situations that must be active long enough in the
current context of the application to execute such operations properly. The first
step in the UPTIME method is to model the desired update from a source to a
target deployment model, i.e., model the components and relations which shall
be installed and configured in the running systems via deployment models (see
first step in Fig. 2). In the second step the target deployment model is annotated
18 K. Képes et al.

with situations (see Subsect. 2.4) and the worst-case execution time (WCET, see
Subsect. 2.3) of the available operations and their compensation operations. For
example, in our scenario an operation to flash embedded devices, and also to
compensate previously executed flash operations, is annotated with a WCET of
one minute and the situation that a train shall be at a station, indicating that
the update of a firmware should only be executed when the train is at a station
for at least a minute at runtime (see on the right side in Fig. 2). In case of com-
ponents used by passengers, we only specify the situation that no passenger is
using these components. Both steps are based on the Situation-Aware Deploy-
ment Metamodel described in Subsect. 3.2 in detail. After specifying situations
and execution times, in step three we generate an imperative deployment model,
i.e., a process from the given source and target deployment models that contains
activities using the operations of modeled components in an order to update
the system (see Subsect. 3.3). The order of generated processes are derived by
determining which components must be removed, updated or newly installed,
and using the available management operations to achieve this. In addition,
each annotated operation from the original declarative models which are needed
within the generated process is added to a so-called Time-Aware Situational
Scope. These scopes control the execution of these operations by observing the
specified situations and therefore can calculate whether there is enough time
to execute an operation according to its annotated WCET. The execution of
operations in such scopes is only started when the proper situations are active
for a duration that is enough to execute management tasks and possibly their
compensation, i.e., revert already executed operations. This strategy enables to
keep a system in a consistent state even if the execution of operations fail as a
scope will start to compensate already executed update operations in time.

Fig. 3. Metamodel of Situation-Aware Deployment Models (SADM).

 Situation-Aware Updates for Cyber-Physical Systems 19

3.2 Situation-Aware Deployment and Process Metamodels

The Situation-Aware Deployment Metamodel (SADMM) enables to model the
deployment of an application by specifying components, relations and situations.
In our method the current state and updated state of an applications’ configu-
ration is modeled within two models of a SADMM. Fig. 3 gives an overview of
the metamodel with our extension for situations, which will be presented in the
following. An instance of a SADMM, a SADM, is a directed and weighted multi-
graph that represents structural configuration of an application under a set of
situations, i.e., it represents components and relations that can be started and
configured at runtime, however, only when the specified situations are active
their exposed operations can be used. Let M be the set of all SADMs, then
d ∈ M is defined as a tuple:
d = (C, R, S, CT, RT, ST, type, operation, sits, active)
The elements of the tuple d are defined as follows:
– C: The set of components in d. Each ci ∈ C represents an application com-
ponent that should be configured and started.
– R ⊆ C × C: The set of relations, whereby each ri = (ci , cj ) ∈ R represents a
relationship between two components: ci is the source and cj the target.
– S: The set of situations in d, whereby each si ∈ S specifies a certain situation
in the context of an application.
– CT : The set of component types whereby each cti ∈ CT describes the seman-
tics of components, e.g., it specifies that a component is firmware.
– RT : The set of relation types whereby each rti ∈ RT describes the seman-
tics of relations, e.g., it specifies whether a relation is used to model that a
component is hosted on or connected to another.
– ST : The set of situation types whereby each sti ∈ ST describes the semantics
of situations, e.g., it specifies that a situation is used to determine whether a
train is moving.
– type: The mapping function, which assigns the component type, relation type
and situation type to each component, relation and situation.
– operation: The mapping function, which assign operations to components via
their type, therefore, the mapping operation maps each ct ∈ CT to a set of
tuples (id, wcet) where id ∈ Σ + , with Σ being an alphabet and Σ + denoting
all strings over Σ, and wcet ∈ R>0 , specifying the available operations and
their WCET.
– sits: The mapping function, which assigns each component in d its set of
situations under which it is valid to be deployed. Therefore, sits maps to
each ci ∈ C a set si ⊆ S ∪  where  denotes that any situation is feasible,
allowing that a component is always valid to be deployed.
– active : S × R>0 → {true, f alse}, where active(s, t) = true if and only if the
situation s is active for the duration t.
To achieve the adaptation needed within our method, i.e., update from the
current configuration to target configuration, different methods can be applied
to determine an abstract process of needed activities to be used in executable
20 K. Képes et al.

languages. In the following we will define a meta model for such processes and
so-called Time-Aware Situational Scopes (TASS).
Let a process G with a set of TASS be a directed and labeled graph repre-
sented by the tuple G = (A, L, c, scopes).

– A is the set of activities. We separate A into AB ∪ AC = A where AB is the

set of activities implementing the desired deployment logic and AC is the set
of compensation activities.
– L defines the order of the control flow of process G and a control connector
l ∈ L is defined as a pair (s, t) where s, t ∈ AB specifies to execute the activity
s before t.
– c is the mapping of activities to their compensation activities via c : AB →
AC ∪{N OP }, allowing activities to not have a compensation activity by using
N OP .
– scopes is the set of TASS in G (Fig. 4).

Fig. 4. Time-Aware Situational Scope.

We define a TASS scope ∈ scopes to be an acyclic subgraph of G defined as

scope = (Ascope , Lscope , S, situations, active, guarantee, wcetduration ) with the
elements defined as the following:

– Ascope , Lscope is the subgraph of G spanned by Ascope

– S is the set of situations, whereby each si ∈ S specifies a certain situation in
the context of an application.
– situations : A → P(S) is the mapping from A to S to indicate that activities
may only be executed when all annotated situations are active.
– active is the mapping active : S × R>0 → {true, f alse}, where active(s, d) =
true if and only if the situation s is active for the duration d, analogous to
those in a SADM.
Another random document with
no related content on Scribd:
 character of, 93;
wounded, 99;
death of, 100;
burial of, 100
Jenner, Major, murder of, 215
Jombeni Hills, 87
Jora, measurement of, 53
Jumbi ben Aloukeri, 11, 105, 155, 158, 234, 267
Juma, 14, 176

Kamasia, 136
Karanjui, camp at, 84;
fight at, 324
Karama, 147
Kenia, Mount, 34;
first sight of, 66;
again in sight of, 291;
north of, 137
Kibaba, capacity of, 53
Kibuyu, 54
Kilaluma, 43, 343
Kinangop, Mount, 338, 342
Kinuthia, 49-51
Kinyala, song of, 310
Kiongozi, 12
Kirrimar plain, 253
Kitoma, 53
Kolb, Dr., 5, 11;
account of death of, 156
Koranja, 51;
accompanies us, 59;
trepidation of, 62;
bids us farewell, 63;
meeting with, 349
Koromo, meeting with, 104;
makes blood-brotherhood with El Hakim, 113
Kota, 52
Kriger and Knapp, Messrs., 18;
decide to accompany us, 24;
return of, 35
Kriger’s farm, arrival at, 22;
departure from, 25;
return to, 361
Kundu, 53
Kwa-Ngombe, 345

Leeches, 212
Lemoro, 213
Leopard, 35
Lion, number of, 32;
hunt, 156, 279;
El Hakim’s adventure with, 292, 332, 333
Loads, method of carrying, 16
Lokomogo, 213;
present of, 270
Lolokwe, Mount, 136
Longfield, Capt., 353
Lorian, 3, 4;
news of, 246;
the start for, 246;
 where is it?, 258;
dissertation on, 265
Loroghi Mountains, 5, 137
Lubo, 213;
immense possessions of, 232
Lykipia plateau, 52, 137

Mahogo, 52
Makono, measurement of, 53
Malwa, 13
Manga, 51;
indisposition of, 56;
greeted by, 349
Marabout stork, 39
Maranga, arrival at, 51;
abundance of food in, 52;
departure from, 59;
return to, 349;
peculiar method of crossing a river of people of, 356
Maragua river, 46;
bridge across the, 47;
return to the, 358
Maragua bean, 53
Marathwa river, 352
Marazuki, death of, 128
Marisi-al-lugwa-Zambo plateau, 204-245
Marlé tribe, 228
Marsabit, 222
Masai, 242, 338
Materu, camp at, 62
Mau escarpment, 137
M’biri, visit to, 352
M’bu, arrival at, 64;
hostility of natives of, 67;
an anxious journey, 71;
the guides desert, 74;
farewell to, 73
Metama, 52;
matindi, 53
Midges, attacked by, 178
Milindi, 31
Milk, method of adulteration of, 54
Mineral spring, 161;
salts, 162
Mogogodo, 181
Mogoroni river, 345
Moravi, route across, 81
Morio trees, 135, 160
“Morning Whiffs,” terrible results of, 39;
further experiences with, 55
M’thara, arrival at, 90;
purchasing food in, 91;
description of camp at, 98;
camp in danger, 104;
getting supplies of food in, 113;
departure from, 148;
bad news from, 297;
return to the camp at, 302;
farewell to, 331
Muhindi, 52
Mules, 19;
 accident to one of the, 78
Mumoni Hills, 47
Mumunye, 53
Munipara, 11
Munithu, arrival at, 84;
departure from, 84;
return to, 116;
story of the pillaged goods at, 116;
departure from, 131;
attack on, 319
M’wele, 52

Nairobi, 1, 2, 6, 8, 9;
river, 27;
falls, 27;
the return to, 362
Naivasha, 338
N’dizi, 53
N’Dominuki, chief of M’thara, character of, 89;
declining influence of, 90;
is accused of treachery by the Somalis, 106;
explanation of, 108;
offers himself as guide, 111;
fidelity of, 299
N’doro, 341
Neumann, Mr. A. H., 5;
influence over N’Dominuki of, 89;
acquaintance with Dr. Kolb, 155
Ngare Mussoor, 336
Ngare Nanuki, 337
N’gombe, Mount, 178
Noor Adam, 17;
appearance and character of, 94
Nyemps, 136;
the old men of, 330

Oryx, 183

Papyrus reeds, 26;

swamps, 360, 361
Petrie, Prof. Flinders, 276
Photography under difficulties, 260, 262
Pig, 254
Porters, selecting the, 9
Provisions, selecting the, 8
Python, narrow escape from, 207

Rain, 301, 312

Ramathani, 13, 177, 309;
fright of, 356
Rats, troubled by, 117
Rendili, nomadic habits of, 163;
no signs of, 200;
encampment, 203;
arrival at village of, 211;
chiefs, 213;
flocks, 215;
trading with the, 216;
settlements of the, 221;
appearance and dress of the, 227;
ornaments, 228;
women of the, 228;
fondness for children of the, 229;
propensity to falsehood of the, 231;
 small-pox among the, 232, 238;
fighting qualities of the, 235;
love of begging of, 236;
love of tobacco of, 236;
household utensils, 238;
weapons, 239;
saddlery, 239;
courage of the, 240;
dread of the Masai of the, 241;
return to the camp, 268;
fortifying the camp, 273;
burial places, 275;
departure from the, 274
Rendili sheep, 198, 234
Registration of porters, 16
Resarse ben Shokar, 12, 324, 331
Rhinoceros, Lieut, von Hohnel injured by a, 4;
a delicate situation, 28;
encounters with, 34, 45, 149;
pugnacious disposition of, 164;
hunt on mule-back, 173;
hunt, 182;
shot by El Hakim, 185;
shot by author, 186;
hunt, 198;
large numbers of, 250, 253, 257;
adventure with a, 255;
disturbed at night by, 260;
shot by George, 298;
hunt, 295, 341
Rudolph, Lake, 4, 5, 58

Sabaki river, 31
Sadi ben Heri, 11;
death of, 128
Sagana, 45
Salt, failure to procure, 179;
large plain of, 233
Sand rivers, 200, 290
Sand rats, 212
Seton-Karr, Mr., 276
Sirimon river, 337
Sheba, Mount, 164
Sheep, buying from the Rendili, 268;
death of many of the, 314;
the disposal of, 358
“Sherlock Holmes,” 13;
illness of, 340;
death of, 342
Shooting, useful hints on, 146
Skene, Captain, 358
Smallpox, 59, 232, 238, 354
Somali caravan, start of, 17;
news of the, 83;
attacked by the Wa’Embe, 84;
conference with leaders of, 93;
friction with, 141;
meeting with portion of, 201;
disaster to the, 217;
the alarm in the, 271;
the panic in the, 272
Song of Kinyala, 310
Spot, death of, 263
Sulieman, 12;
desertion of, 259
Swahili porters, character of, 7
Sweinfurth Falls, 46
Swamp Camp, 178, 291
Sycamores, 79

Tana river, 4, 45;

the source of the, 343;
flooded, 350;
attempts to cross the, 351, 355;
across the, 357
Teleki, Count Samuel, 4
Thika-Thika river, 17;
crossing the, 42;
building a bridge across the, 359
Thompson, Joseph, F.R.G.S., 3;
description of Kenia by, 66;
description of Masai by, 242, 332, 333
Thorn forest, 88;
terrible experience with thorns, 205
Ticks, abundance of, 28
Tikiti, 53
Tomori people, 85
Trade goods, list of, 15
T’savo river, 31
Turkana people, 222

Uimbe, 52

Viazi, 52
Victoria Nyanza, Lake, 1, 7
Vikwer, 52
Viseli, 132

Wa’Chanjei, visit of the, 316

Wa’Embe, decision to punish the, 94;
plan of attack, 95;
the start, 96;
ambush by the, 98;
the Burkeneji trading with the, 268
Wa’Gnainu, pillage of our goods by the, 116
Wa’Igani, desire to make blood-brotherhood with us, 81
Wa’Imbe, cordial greeting of the, 79;
conference with the, 80;
audacious proposal of the, 80
Wa’kwafi, 136
Wakamba porters, characteristics of, 7
Waller’s gazelle, 205
Wa’Mbu, bad character of the, 57;
hostility of the, 65;
renewed hostility of the, 67;
interview with the chiefs of, 69;
capture of the chiefs of, 69;
farewell to the, 73
Wandorobbo, description of the, 179;
language of the, 181;
guides, 194;
desertion of the guides, 195
Wangwana, 7
WaN’yam-wezi porters, characteristics of, 7
Wargasse, Mount, 136
Waso Nyiro, 3, 4;
tiring march to the, 160;
splendid climate of, 175;
 desolate landscape on the, 249;
crossing the, 291;
the source of the, 338
Washenzi, 7
Waterbuck, 184;
capture of young, 292
Wa’Zuka, cordial reception by the, 75
Weapons, list of our, 9, 10
Whistling trees, 332
Witchcraft, 340
Wild dogs, 292

Zanzibar, 7
Zebra, 33, 43, 336, 341
Zuka, entry into, 75;
camp in, 77
Zura, welcome at, 81

THE END.

PRINTED BY WILLIAM CLOWES AND SONS, LIMITED, LONDON AND

BECCLES.
 PART OF
BRITISH EAST AFRICA
Longmans, Green & Co. London, New York & Bombay.
 Transcriber’s Notes
pg 223 Changed: I endeavoured to yet near enough
to: I endeavoured to get near enough
pg 316 Changed: A deputation from the Wa-Chanjei
to: A deputation from the Wa’Chanjei
pg 317 Changed: These ball cartidges contained
to: These ball cartridges contained
pg 329 Changed: an experience which once befel
to: an experience which once befell
Errata changes from page xvi have been made in text.
 *** END OF THE PROJECT GUTENBERG EBOOK AN IVORY
TRADER IN NORTH KENIA ***

Updated editions will replace the previous one—the old editions will
be renamed.

Creating the works from print editions not protected by U.S.

copyright law means that no one owns a United States copyright in
these works, so the Foundation (and you!) can copy and distribute it
in the United States without permission and without paying copyright
royalties. Special rules, set forth in the General Terms of Use part of
this license, apply to copying and distributing Project Gutenberg™
electronic works to protect the PROJECT GUTENBERG™ concept
and trademark. Project Gutenberg is a registered trademark, and
may not be used if you charge for an eBook, except by following the
terms of the trademark license, including paying royalties for use of
the Project Gutenberg trademark. If you do not charge anything for
copies of this eBook, complying with the trademark license is very
easy. You may use this eBook for nearly any purpose such as
creation of derivative works, reports, performances and research.
Project Gutenberg eBooks may be modified and printed and given
away—you may do practically ANYTHING in the United States with
eBooks not protected by U.S. copyright law. Redistribution is subject
to the trademark license, especially commercial redistribution.

START: FULL LICENSE

THE FULL PROJECT GUTENBERG LICENSE
 PLEASE READ THIS BEFORE YOU DISTRIBUTE OR USE THIS WORK

To protect the Project Gutenberg™ mission of promoting the free

distribution of electronic works, by using or distributing this work (or
any other work associated in any way with the phrase “Project
Gutenberg”), you agree to comply with all the terms of the Full
Project Gutenberg™ License available with this file or online at
www.gutenberg.org/license.

Section 1. General Terms of Use and

Redistributing Project Gutenberg™
electronic works
1.A. By reading or using any part of this Project Gutenberg™
electronic work, you indicate that you have read, understand, agree
to and accept all the terms of this license and intellectual property
(trademark/copyright) agreement. If you do not agree to abide by all
the terms of this agreement, you must cease using and return or
destroy all copies of Project Gutenberg™ electronic works in your
possession. If you paid a fee for obtaining a copy of or access to a
Project Gutenberg™ electronic work and you do not agree to be
bound by the terms of this agreement, you may obtain a refund from
the person or entity to whom you paid the fee as set forth in
paragraph 1.E.8.

1.B. “Project Gutenberg” is a registered trademark. It may only be

used on or associated in any way with an electronic work by people
who agree to be bound by the terms of this agreement. There are a
few things that you can do with most Project Gutenberg™ electronic
works even without complying with the full terms of this agreement.
See paragraph 1.C below. There are a lot of things you can do with
Project Gutenberg™ electronic works if you follow the terms of this
agreement and help preserve free future access to Project
Gutenberg™ electronic works. See paragraph 1.E below.
1.C. The Project Gutenberg Literary Archive Foundation (“the
Foundation” or PGLAF), owns a compilation copyright in the
collection of Project Gutenberg™ electronic works. Nearly all the
individual works in the collection are in the public domain in the
United States. If an individual work is unprotected by copyright law in
the United States and you are located in the United States, we do
not claim a right to prevent you from copying, distributing,
performing, displaying or creating derivative works based on the
work as long as all references to Project Gutenberg are removed. Of
course, we hope that you will support the Project Gutenberg™
mission of promoting free access to electronic works by freely
sharing Project Gutenberg™ works in compliance with the terms of
this agreement for keeping the Project Gutenberg™ name
associated with the work. You can easily comply with the terms of
this agreement by keeping this work in the same format with its
attached full Project Gutenberg™ License when you share it without
charge with others.

1.D. The copyright laws of the place where you are located also
govern what you can do with this work. Copyright laws in most
countries are in a constant state of change. If you are outside the
United States, check the laws of your country in addition to the terms
of this agreement before downloading, copying, displaying,
performing, distributing or creating derivative works based on this
work or any other Project Gutenberg™ work. The Foundation makes
no representations concerning the copyright status of any work in
any country other than the United States.

1.E. Unless you have removed all references to Project Gutenberg:

1.E.1. The following sentence, with active links to, or other

immediate access to, the full Project Gutenberg™ License must
appear prominently whenever any copy of a Project Gutenberg™
work (any work on which the phrase “Project Gutenberg” appears, or
with which the phrase “Project Gutenberg” is associated) is
accessed, displayed, performed, viewed, copied or distributed:
 This eBook is for the use of anyone anywhere in the United
States and most other parts of the world at no cost and with
almost no restrictions whatsoever. You may copy it, give it away
or re-use it under the terms of the Project Gutenberg License
included with this eBook or online at www.gutenberg.org. If you
are not located in the United States, you will have to check the
laws of the country where you are located before using this
eBook.

1.E.2. If an individual Project Gutenberg™ electronic work is derived

from texts not protected by U.S. copyright law (does not contain a
notice indicating that it is posted with permission of the copyright
holder), the work can be copied and distributed to anyone in the
United States without paying any fees or charges. If you are
redistributing or providing access to a work with the phrase “Project
Gutenberg” associated with or appearing on the work, you must
comply either with the requirements of paragraphs 1.E.1 through
1.E.7 or obtain permission for the use of the work and the Project
Gutenberg™ trademark as set forth in paragraphs 1.E.8 or 1.E.9.

1.E.3. If an individual Project Gutenberg™ electronic work is posted

with the permission of the copyright holder, your use and distribution
must comply with both paragraphs 1.E.1 through 1.E.7 and any
additional terms imposed by the copyright holder. Additional terms
will be linked to the Project Gutenberg™ License for all works posted
with the permission of the copyright holder found at the beginning of
this work.

1.E.4. Do not unlink or detach or remove the full Project

Gutenberg™ License terms from this work, or any files containing a
part of this work or any other work associated with Project
Gutenberg™.

1.E.5. Do not copy, display, perform, distribute or redistribute this

electronic work, or any part of this electronic work, without
prominently displaying the sentence set forth in paragraph 1.E.1 with
active links or immediate access to the full terms of the Project
Gutenberg™ License.