IEEE RELIABILITY SOCIETY SECTION

Received 19 September 2024, accepted 11 November 2024, date of publication 18 November 2024,
date of current version 26 November 2024.
Digital Object Identifier 10.1109/ACCESS.2024.3501587

Toward Secure and Reliable IoT Systems:

A Comprehensive Review of Formal
Methods Applications
IKRAM HADDOU-OUMOULOUD1,2 , ABDERAHMAN KRIOUILE1 ,
SOUFIANE HAMIDA 2,3 , AND AHMED ETTALBI1
1 IMS Team, ADMIR Laboratory, Rabat IT Center, ENSIAS, Mohammed V University, Rabat 10100, Morocco
2 GENIUS Laboratory, SUPMTI of Rabat, Rabat 10000, Morocco
3 Computer Science, Artificial Intelligence and Cyber Security (2IACS), ENSET, Hassan II University of Casablanca, Mohammedia 28806, Morocco
Corresponding author: Soufiane Hamida ([email protected])

ABSTRACT The exponential growth of Internet of Things (IoT) applications poses substantial obstacles
in guaranteeing their dependability, safety, and effectiveness. Formal methods provide precise mathematical
techniques for modeling, verifying, and analyzing these systems, effectively addressing important aspects of
their creation and implementation. This review provides a thorough examination of the utilization of formal
methods in the field of IoT, focusing on recent research published in well- regarded academic journals and
conferences. We examine different formal methodologies, such as temporal logic, automata theory, theorem
proving, and formal specification languages, emphasizing their efficacy in tackling difficulties peculiar to
IoT systems. The review assesses the benefits and constraints of these methodologies, contrasts various
approaches, and integrates essential discoveries. Key contributions include a comprehensive overview of
formal methods applications, identification of critical challenges, evaluation of the effectiveness of different
techniques, and proposals for future research directions. By highlighting emerging trends and future research
paths, this review underscores the significance of formal approaches in enhancing the safety and resilience
of IoT systems. This review seeks to serve as a beneficial reference for researchers and practitioners looking
to improve IoT applications through formal verification and analysis techniques.

INDEX TERMS Formal methods, Internet of Things (IoT), reliability in IoT, model checking, theorem
proving, formal specification, hybrid approaches, verification and validation, IoT system analysis, IoT safety
and privacy.

I. INTRODUCTION equipment health [3]. Through linked systems like smart

Applications for the Internet of Things (IoT) have proliferated grids and intelligent transportation systems, smart cities
quickly, transforming home automation, industrial automa- use Internet of Things technologies to effectively man-
tion, smart cities, and healthcare among other areas [1]. age resources, ease traffic congestion, and improve public
IoT devices in home automation, such as security cam- safety [4], [5]. Remote patient monitoring, real-time health
eras, lighting systems, and thermostats, provide consumers data collecting, and customized treatment plans made pos-
more protection, energy efficiency, and convenience [2]. sible by Internet of Things applications in the healthcare
Significant cost savings and productivity gains result from industry greatly enhance patient outcomes and save health-
industrial automation’s use of IoT to optimize produc- care costs [6], [7], [8]. Although the Internet of Things has
tion lines, streamline manufacturing processes, and track vast potential and many applications, it faces significant secu-
rity, efficiency, and reliability challenges [9]. In particular,
The associate editor coordinating the review of this manuscript and these challenges are critical in applications like industrial
approving it for publication was Catherine Fang. automation and healthcare, where malfunctions, security

2024 The Authors. This work is licensed under a Creative Commons Attribution 4.0 License.
VOLUME 12, 2024 For more information, see https://creativecommons.org/licenses/by/4.0/ 171853
 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

breaches, or performance failures can have serious conse- systems, demonstrating their potential to enhance the depend-
quences [10], [11]. ability of smart grid operations.
To address these concerns, formal methods provide rig- Examining formal methods’ application in IoT system
orous mathematical solutions for the specification, devel- modeling, verification, and analysis is the goal of this
opment, and verification of systems and software [12]. paper [21], [22]. An extensive summary of current studies
Formal methods describe system behavior through mathe- published in esteemed academic journals and conferences is
matical models, allowing precise characterization and deep given in this study, which also shows how formal methods are
analysis [13]. These methods are invaluable for identify- used to address problems unique to the Internet of things [23],
ing contradictions, ambiguities, and inconsistencies early in [24]. Analyzing automata theory, formal specification lan-
the system specification phase, thus preventing errors and guages, and temporal logic among other formal approaches,
ensuring reliability. Formal approaches can help developers this research evaluates how well they improve the security,
improve the security, dependability, and resilience of Internet performance, and dependability of Internet of Things sys-
of Things systems so that they satisfy strict functional and tems. For example, automata theory is applied to simulate the
non-functional criteria [14], [15]. Formal methods include a dynamic behavior of Internet of Things systems and validate
range of techniques, such as formal specification languages, their state transitions, while formal specification languages
theorem proving, and model checking, each of which is provide exact syntax and semantics for articulating system
designed to address specific aspects of system design and needs. Real-time Internet of Things applications especially
verification [16]. These approaches offer a structured frame- need the ability to specify time-dependent actions, which
work for systematically verifying that IoT systems operate temporal logic makes possible [25]. Real-time IoT applica-
as intended under all circumstances, reducing the risk of tions especially benefit from temporal logic, which enables
malfunctions and security breaches [17], [18]. precise specification of time-dependent actions. By means of
In [19], a formal analysis of the ACE specification for this review, we hope to offer insightful analysis of the state of
cache-coherent systems-on-chip, demonstrating the crucial formal methods research in the Internet of Things, point up
role of formal methods in ensuring the reliability and per- new directions for future study to enhance the development
formance of critical systems. They used model checking and implementation of reliable IoT systems.
to validate coherence protocols and identified optimization In comparison to existing surveys on secure and reliable
opportunities, emphasizing how formal methods can detect IoT systems, this review offers several distinct contributions.
subtle bugs that lead to major system failures. This research While prior works primarily focus on general approaches to
highlights the importance of formal verification for building IoT security and reliability, our survey specifically empha-
reliable hardware systems. Moreover, they utilized model sizes the application of formal methods as a rigorous and
checking techniques to validate the coherence protocols mathematical approach to tackling the challenges of IoT
and identified potential areas for optimization within the system dependability. Additionally, we provide a detailed
cache system. The study underscored the effectiveness of comparative analysis of various formal techniques—such as
formal verification in detecting subtle bugs that could lead temporal logic, automata theory, theorem proving, and formal
to significant system failures, highlighting the necessity for specification languages—evaluating their specific advan-
rigorous formal approaches in hardware design and verifica- tages and limitations in the context of IoT. Unlike other
tion. Moreover, they investigated the use of a formal model surveys that may cover formal methods only briefly, our
to improve the verification of a cache-coherent system-on- review delves deeply into recent research and emerging trends
chip. Their research demonstrated how formal methods could in this area, offering an up-to-date assessment of advance-
be effectively applied to verify complex hardware designs, ments that are not covered in earlier works. Furthermore,
ensuring their correctness and performance. By employing we identify critical challenges that remain in the field, such
model checking and other formal verification techniques, as scalability, real-time performance constraints, and the inte-
they identified and addressed potential issues in the system, gration of formal methods with existing IoT technologies.
showcasing the critical role of formal methods in the devel- Finally, we propose future research directions that address
opment of reliable hardware systems. This study contributed these gaps, positioning our review as a valuable resource
to the growing body of evidence supporting the use of formal for both researchers and practitioners seeking to advance the
methods in hardware verification. application of formal methods in secure and reliable IoT
Similarly, the formal modeling and validation of micro systems. The main contributions of this paper are summarized
smart grids based on the ReDy architecture help to create as follows:
accurate models of smart grid components and validate their
interactions [20]. Through formal verification techniques, • A comprehensive review of formal methods applied in
the study ensured that the smart grid system met rigorous IoT systems, demonstrating how these methods enhance
performance and reliability standards, demonstrating formal security, reliability, and performance through rigorous
methods’ effectiveness in complex energy systems. The study mathematical verification.
provided valuable insights into the application of formal • A detailed comparative analysis of formal techniques,
methods in the design and verification of complex energy including automata theory, temporal logic, theorem
171854 VOLUME 12, 2024
I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

proving, and formal specification languages, showing IoT systems must prioritize security and privacy due to sen-
how each addresses specific challenges in IoT systems. sitive data transmission and storage [32]. This section briefly
• A focus on emerging IoT challenges, such as scalability, introduces IoT’s challenges and paves the way for discussing
real-time performance constraints, and the integration of formal methods as a solution for ensuring the secure and
formal methods with current IoT technologies, provid- reliable operation of IoT systems.
ing insights on adapting these methods to meet critical
issues. B. CHALLENGES IN IoT SYSTEMS
• New directions for future research, proposing ways to Scalability remains one of the primary concerns as the pro-
advance formal methods in secure and reliable IoT sys- liferation of IoT devices leads to large volumes of data,
tems while identifying gaps in the current literature. demanding systems capable of handling exponential growth
The organization of this paper is as follows: Section II pro- without sacrificing performance [33]. Since IoT devices
vides an overview of the Internet of Things (IoT), including are growing so quickly, scalability is a major problem.
the main challenges faced by IoT systems and a review of Interoperability is another critical issue, given the diversity
formal methods. It also describes the methodology used in of devices and communication protocols that must work
selecting and assessing relevant literature. Section III presents together seamlessly [34]. This calls for scalable communica-
the findings from the literature review, focusing on formal tion protocols that can manage large data volumes and device
techniques such as formal specification and verification, interactions, as well as reliable infrastructure and effective
model checking, theorem provers, and hybrid approaches in data processing algorithms. Still another important issue is
IoT system architecture. Section IV highlights the knowl- interoperability [35].
edge gaps in the current body of research, covering issues Security emerges as the most pressing challenge, given
such as scalability, real-time performance, the integration the sensitive nature of data transferred across IoT systems
of varied formal methods, adaptability, security and privacy, and their vulnerability to cyberattacks. Strong encryption,
user-friendly tools, and emerging IoT technologies. Section V authentication, and access control systems are essential to
addresses the key challenges and offers future considerations safeguard privacy and data integrity. Reliability and resilience
for advancing formal methods in IoT. Finally, Section VI are equally crucial, especially in mission-critical applications
concludes the paper by summarizing the main contributions such as healthcare and industrial automation, where failures
and outlining the future directions for research in formal can have serious consequences [36]. Figure 1 illustrates the
approaches to IoT. importance ratings of various challenges in IoT systems.
The focus on security and privacy, reflected in their high
importance ratings, further underscores the need for formal
II. BACKGROUND AND METHODOLOGY methods that can rigorously validate IoT system behavior to
A. INTERNET OF THINGS (IoT) OVERVIEW ensure reliability and protect sensitive data.
IoT devices span a wide range, from basic sensors to mul-
tifunctional systems, enabling applications such as smart
thermostats, industrial automation, and remote healthcare
monitoring, enhancing efficiency and decision-making in
these fields [26], [27], [28]. The rapid advancement of wire-
less technology, reduced sensor costs, and cloud computing
has accelerated the growth of IoT, providing unprecedented
opportunities for innovation. Advances in wireless transmis-
sion, sensor cost reduction, and cloud computing resources
have accelerated IoT device proliferation [29]. However,
this expansion introduces challenges related to scalability,
interoperability, and security, especially as IoT systems must
manage large data volumes and complex device interactions
without compromising performance. IoT ecosystems face FIGURE 1. A bar plot showing the importance ratings of various
interoperability issues due to the diversity of devices and pro- challenges in IoT systems.

tocols, and require standardized communication frameworks

to ensure seamless integration [30]. The delicate data being transferred and kept in Internet of
In [31], the authors provided an overview of IoT archi- Things systems makes security and privacy issues critical.
tectures, enabling technologies, and challenges, empha- Due to the presence of IoT devices in unsecured environ-
sizing the need for robust formal verification techniques ments, they are particularly vulnerable to cyberattacks, which
to address the complexities of IoT systems. The findings may result in unauthorized access, data breaches, or device
demonstrated the significant potential of formal methods manipulation. Strong security means putting encryption,
to enhance IoT resilience and reliability, establishing a authentication, and access control systems in place to safe-
strong argument for their integration into IoT system design. guard privacy and data integrity [37]. Privacy concerns also

VOLUME 12, 2024 171855

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

result from the ongoing gathering and processing of personal

data, which calls for rigorous compliance with data protec-
tion laws and the creation of privacy-preserving technology.
The resource allocation depicted in Figure 2 shows that the
majority of resources are dedicated to security (25%) and pri-
vacy (20%), which aligns with their high importance ratings.
Interoperability and reliability each receive 15% of resources,
while scalability and resilience are allocated 10%, reflecting a
balanced approach to address these challenges as IoT systems
expand [38].

FIGURE 3. A histogram displaying the frequency of studies that address

various challenges in IoT systems.

an all-encompassing strategy, from the beginning of design

and development to deployment and continuing support. The
intricacy of Internet of Things systems requires tools and
approaches that make system design easier, deployment pro-
cedures faster, and monitoring and maintenance easier [40].

C. FORMAL METHODS OVERVIEW

The specification, development, and verification of software
and hardware systems are all areas that are addressed by for-
FIGURE 2. A pie chart illustrating the resource allocation percentages for
mal methods, which require the application of mathematical
addressing different challenges in IoT systems. concepts [16]. These techniques offer a rigorous framework
for precisely defining complex systems, enabling in-depth
Particularly in vital applications like healthcare, industrial analysis and verification to guarantee system correctness and
automation, and smart cities, reliability and resilience are reliability. There are many different approaches and tools that
critical to ensuring that IoT systems perform consistently are included in formal methods, and each one is geared to a
across different environments and can withstand attacks or different aspect of system development [41].
failures without compromising functionality [39]. Rugged Formal Specification Languages are used to describe the
testing, redundancy, and fault-tolerant design are all part behavior and properties of systems in a precise and unam-
of ensuring high dependability in order to reduce down- biguous manner. Syntax and semantics are provided by these
time and preserve continuous operation. IoT application languages, which include Z, VDM (Vienna Development
safety and efficacy depend on resilience against physical Method), and B. These languages assist in the expression
faults and cyber-attacks. Figure 3 reveals that security is the of system requirements and design [42]. Developers can use
most frequently addressed challenge in academic studies, these languages to create detailed system models that undergo
with 50 studies focusing on this area. This reflects the critical rigorous analysis to identify inconsistencies, ambiguities, and
nature of securing IoT systems and the extensive research errors early in the development process, which helps prevent
efforts dedicated to this challenge. Privacy is also a major costly mistakes later [43]. Table 1 presents an overview of
focus, with 40 studies highlighting the importance of safe- three widely used formal specification languages, highlight-
guarding user data. Scalability, reliability, and resilience are ing their respective specification styles. Each language offers
addressed in 30, 35, and 25 studies respectively, highlight- unique features and advantages for specifying and verifying
ing the ongoing efforts to manage device growth, ensure system properties.
dependable performance, and maintain system robustness. Specification Language Z is characterised by its sequential,
Interoperability and complexity receive comparatively less property-oriented, and model-oriented specification styles.
attention in the literature, with 20 and 15 studies respectively, It provides a robust framework for clearly defining sys-
suggesting a potential gap in research on device integration tem behaviors and attributes. The B language is largely
and system management. committed to the development of model-oriented speci-
In fact, IoT systems are by nature complex since they fications. It has a wide range of applications, including
combine many technologies and are heterogeneous. The system modeling, which enables developers to design abstract
design, deployment, and maintenance of IoT systems require representations of system components and the interactions
interdisciplinary expertise, involving hardware, software, net- between them. On the other hand, VDM is capable of sup-
working, and data analytics. Handling this intricacy calls for porting both process-oriented and model-oriented approaches

171856 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

TABLE 1. Overview of widely used formal specification languages and automated methodology. SPIN, NuSMV, and UPPAAL are
their specification styles.
examples of model checkers that are designed to systemati-
cally investigate the state space of a system model in order to
identify any property violations [47]. Figure 5 illustrates the
process of model checking, which includes several steps to
verify the properties of a system model. The process starts
with modeling the environment and system, followed by
running the model checker to validate properties.

FIGURE 4. Integration of theorem provers and model checkers.

of specification. It provides a flexible method of formal spec-

ification, making it easier to describe both the processes of
the system and the structural models of the system [44].
The process of proving a theorem entail employing logical FIGURE 5. A flowchart representing the model checking process. The
reasoning in order to demonstrate that a system is right from steps include modeling the environment and system, running the model
checker, refining or reducing the model if necessary, and analyzing
the standpoint of its formal specifications. Coq and Isabelle counterexamples if properties are violated.
are examples of theorem provers that provide assistance in
the construction of formal proofs that establish whether or
not a system complies to the properties that have been stated Model checking is particularly effective for detecting
for it. Theorem proving is especially useful for verifying errors in concurrent and distributed systems, where the state
complex algorithms and protocols that cannot be easily vali- space can be large and complex. Therefore, model checking
dated through manual testing. A high level of assurance in the is an extremely useful technique for assuring the depend-
correctness of the systems is provided by theorem proving, ability of a system because it has the capacity to detect
which ensures that the systems meet the requirements that minor defects that may be overlooked by more conventional
have been defined for them under any and all feasible circum- testing approaches. The process begins with the modeling
stances [45]. Figure 4 illustrates the integration of theorem phase, where a detailed representation of the system and its
provers and model checkers through a common interface. environment is created. This model captures the essential
The integration of theorem provers and model checkers properties and dynamics of the system, including its behavior
is a powerful approach to formal verification, combining and interactions. Accurate modeling is crucial, as any errors
the logical rigor of theorem proving with the automated at this stage can propagate through the subsequent steps [48].
efficiency of model checking. This combination allows for Once the model is constructed, the model checker is run.
seamless interaction between the two tools, enhancing the This tool systematically explores the state space of the system
verification process. Theorem provers provide detailed proofs model, verifying whether the specified properties hold true.
of system correctness, while model checkers systematically The input to the model checker includes the property to be
explore system models to verify properties such as safety verified and the system model itself. At the decision point,
and liveness. This combined approach enhances the overall the model checker determines if the system model satisfies
verification process, ensuring that IoT systems meet their the specified properties [49]. This is denoted as M, s|H f. The
specified requirements under all conditions [46]. possible outcomes are:
One method that is used to determine whether a model of a • Validated: The property is satisfied by the model.
system satisfies particular qualities, such as safety, liveness, • Violated: The property is not satisfied, and a counterex-
and fairness, is called model checking. This method is an ample is provided.

VOLUME 12, 2024 171857

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

• Time/Space Expired: The model checker runs out of The first level of screening involved reviewing titles and
time or memory resources. abstracts to remove papers that focused on unrelated topics,
If a property is validated, the next property is checked. such as purely theoretical explorations of formal methods
This step ensures comprehensive verification of all relevant without IoT applications. The second level of screening
properties of the system. If a modeling error is detected, applied more stringent criteria, including:
the model is refined to improve accuracy. Similarly, if the - Relevance to IoT systems: Papers had to demonstrate
model checker encounters time or space constraints, the specific applications of formal methods in the context
model may be reduced by abstracting or simplifying certain of IoT, focusing on modeling, verification, or analysis
aspects to facilitate efficient verification. Finally, the pro- of these systems.
vided counterexample is analyzed to understand the nature - Publication quality: Only peer-reviewed journal articles
of the violation. This analysis helps identify the root cause of and conference papers were considered. Impact factor,
the problem, guiding further refinement of the model [50]. citation count, and peer reviews were factored into the
assessment of article quality.
D. METHODOLOGY - Timeframe: Only papers published after 2017 were con-
We conducted a systematic literature search to identify per- sidered, as this period marks the rise of newer formal
tinent publications that discuss the utilization of formal methods tailored to the unique demands of IoT systems,
techniques in modeling, validating, and analyzing Internet such as increased scalability, real-time constraints, and
of Things (IoT) systems. The search was designed to ensure enhanced security measures.
a comprehensive understanding of the application of formal As a result, the list was trimmed to 1135 publications.
methods in the rapidly evolving IoT landscape, focusing Subsequently, papers were chosen for additional improve-
on high-quality and recent studies. We performed searches ment based on two particular criteria: (1) the utilization of
in several databases, including IEEE Access, IEEE Xplore, formal methods specifically designed for IoT systems; and
ACM Digital Library, Google Scholar, MDPI, ScienceDirect, (2) a focus on modeling, verification, or analysis of IoT
and Scopus-indexed databases. As shown in Figure 6, the applications rather than broad discussions on formal tech-
search for relevant papers was conducted across five major niques. We also removed duplicates and papers that, upon
databases, with the number of papers retrieved from each further reading, did not meet the relevance criteria. After a
displayed below. thorough and demanding screening process, a final list of
around forty eligible articles was obtained. This final set of
studies was critically analyzed to ensure that they represent
the most recent and relevant contributions to the intersection
of formal methods and IoT. The literature selection process is
depicted in Figure 7, highlighting how the number of papers
was reduced at each screening stage.

FIGURE 6. Overview of the search databases and the number of papers

retrieved from each database during the systematic literature review.

The searches were conducted using the terms ‘‘formal

methods,’’ ‘‘IoT,’’ ‘‘modeling,’’ ‘‘verification,’’ and ‘‘analy- FIGURE 7. Literature selection process, showing the progression of
sis.’’ Upon the initial search, a grand total of 2540 papers were papers from initial search to final selection through various screening
found. In order to guarantee the excellence and pertinence of stages.

the chosen articles, many screening criteria were employed.

The search terms were chosen to capture a broad range of for- The next stage of the review process involved a detailed
mal techniques and their application to IoT systems, ensuring examination of the selected papers. A methodical procedure
that no significant contributions were overlooked. for extracting and analyzing data was carried out, with a focus
In order to guarantee the excellence and pertinence of on understanding the different formal methodologies applied
the chosen articles, many screening criteria were employed. in IoT environments. The papers were classified based on the

171858 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

formal methodologies employed and their particular applica- formal verification in progressing IoT technology. The study
tions in IoT environments. Three primary categories emerged explores diverse formal approaches, including model check-
from the review: ing, theorem proving, and formal specification languages.
- Formal specification languages, which provide a precise It investigates how these methods might be applied in various
way to define system requirements and behavior. IoT scenarios and identifies the existing research and practice
- Automata theory, used to model the dynamic behavior gaps. In the same year, a study devised a cloud-based frame-
of IoT systems. work for the formal verification of IoT tasks, with a specific
- Temporal logic, essential for specifying and reasoning emphasis on scheduling real-time remote tasks [52]. The
about time-dependent properties in IoT applications. tool emulates and assesses IoT operations in an intelligent
environment, guaranteeing that time limits are adhered to
Throughout the review process, we used reference man- in order to prevent dangerous circumstances, particularly in
agement tools such as Zotero to organize and annotate systems that are essential for safety and mission success.
articles, allowing for efficient extraction of key themes and The suggested tool employs formal methods to verify the
trends. Challenges encountered during the review process scheduling of jobs, guaranteeing compliance with stringent
included the need to filter out articles that discussed formal timing limitations. The study highlights the significance of
methods broadly without addressing IoT-specific challenges. validating temporal features.
In response, we refined our search terms and applied In the upcoming year, a study introduced an innovative for-
more focused inclusion criteria in subsequent rounds of mal verification technique for state-based control modules in
review. Cyber-Physical Systems (CPS). The process entails convert-
This rigorous methodology enabled us to provide a com- ing UML state machine diagrams into an abstract rule-based
prehensive assessment of the state of formal methods research logical model [53]. This logical model is utilized for for-
in IoT, offering novel insights into the key trends and identi- mal verification through model checking and for prototyping
fying areas for future study. implementation on FPGA devices, guaranteeing coherence
between the verifiable model and synthesizable VHDL code.
III. FINDINGS IN THE LITERATURE REVIEW This technique guarantees the proper and effective function-
The systematic literature study on the utilization of formal ing of control modules, hence minimizing the likelihood of
methods in IoT systems provided valuable insights into the mistakes in CPS, which are essential components of Inter-
current level of research and practical implementation. This net of Things (IoT) systems. Within the same framework,
section consolidates the results obtained from the examined a review paper examines the current level of advancement
works, with a specific emphasis on the several classifications in the formal verification of IoT protocols, emphasizing
of formal methods, namely formal specification and veri- the difficulties and potential areas for future research. The
fication, model checking, and theorem proving. A rigorous authors conducted a comprehensive analysis of several formal
approach to describing, specifying, and testing these systems verification methodologies and tools, highlighting the need
is provided by formal methods. This approach addresses a of thorough verification in guaranteeing the security and
variety of issues that are inherent in the design and implemen- dependability of IoT protocols [54]. The researchers analyzed
tation of these systems. A literature survey on the application various protocols frequently employed in IoT and assessed
of formal methods in the IoT is presented in this part, with a the merits and drawbacks of current verification techniques.
focus on the most important studies, methodology, and devel- They suggested potential enhancements and future research
oping trends. Several research have explored the utilization of directions to bolster the security and efficiency of these pro-
formal approaches in various parts of IoT systems. tocols.
In 2021, the study’s authors concentrated on the for-
A. FORMAL SPECIFICATION AND VERIFICATION mal specification and verification of the MQTT protocol
Formal specification and verification play a crucial role in using PlusCal-2 [55]. The protocol underwent a transfor-
guaranteeing the dependability and accuracy of IoT sys- mation into a PlusCal-2 model, and formal verification
tems. Multiple studies have showcased the utilization of was conducted using the TLA+ model checker to confirm
these strategies in diverse circumstances. Presented below its properties. Ensuring the accuracy of MQTT is crucial
is an exhaustive analysis of significant research papers, for facilitating communication in the Internet of Things
arranged in chronological order from the earliest to the most (IoT). The researchers emphasized the appropriate applica-
recent. tion of formal approaches in communication protocols to
A survey conducted in 2019 offered a thorough prevent errors and ensure dependable data transmission in IoT
examination of formal verification methodologies for IoT networks.
systems, addressing the difficulties and possibilities in this In a separate paper, the authors introduced a formal model
domain [51]. The authors indicated crucial topics for future of a distribution management system for smart grids that
research to improve the implementation of formal approaches utilizes the IoT [56]. The Nondeterministic Finite Automata
in IoT. The report highlights the crucial importance of (NFA) and Unified Modeling Language (UML) were

VOLUME 12, 2024 171859

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

TABLE 2. Detailed Analysis of Key Studies on Formal Specification and Verification in IoT Systems.

utilized to construct the model, while the VDM-SL toolkit events. The researchers created a simplified representation
was employed for analysis. The study showcased the efficacy of the scheduler’s many modes of operation using a state
of formal approaches in guaranteeing the dependability and machine. They then utilized Promela to formally describe
safety of energy distribution systems based on the Internet and define this representation. The SPIN model checker was
of Things (IoT). The text underscores the significance of employed for formal verification, detecting and rectifying
precisely modeling and validating the functions of smart design problems in the scheduler. The study showcases the
grids to avert faults and enhance performance. In [57], the efficacy of formal approaches in enhancing the resilience
authors presented a formal specification and verification of operating systems employed in IoT, guaranteeing their
approach for timing behavior in safety-critical IoT systems. ability to handle events and tasks with utmost reliability.
The authors employed formal specification languages and However, another study focused on the security issues in the
model checking approaches to guarantee the fulfillment of IoT, specifically regarding the verification of limited-capacity
temporal restrictions in IoT systems, a vital requirement devices [60]. The work employed temporal logic to formally
for safety-critical applications. The research highlights the verify that a multi-factor authentication scheme is free from
importance of doing accurate timing analysis and verification deadlocks and satisfies recognized security standards. This
in systems where timing faults might result in severe and dis- emphasizes the significance of employing formal methods
astrous outcomes. During the same time frame, another work to validate security solutions beyond conventional encryp-
introduced a correct-by-construction method for formally tion, guaranteeing strong authentication procedures in IoT
verifying IoT architecture [58]. The technique incorporates environments.
formal procedures into the design process to guarantee that Recently in [61], a paper presented a proof system for the
IoT systems are constructed correctly, hence greatly decreas- CaIT calculus, which is employed to formally verify IoT sys-
ing the probability of design defects. This approach integrates tems. The proof system facilitates the validation of intricate
formal verification at an early stage in the design process of interactions in IoT contexts, guaranteeing the accuracy of
IoT systems. The study emphasizes the benefits of employing system behaviors. The CaIT calculus offers a strong foun-
a correct-by-construction approach to develop dependable dation for validating interactions inside IoT systems, which
and secure IoT systems from the beginning. is essential for preserving system integrity and operation.
A study conducted in 2023 introduces a method for extract- Each language offers unique features and advantages for
ing, formally specifying, verifying, and repairing the Contiki specifying and verifying system properties. As detailed in
scheduler [59]. The Contiki scheduler is a lightweight oper- Table 2, a comprehensive analysis of key studies on formal
ating system designed for IoT devices that operates based on specification and verification in IoT systems reveals various

171860 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

applications and contributions across different IoT fields. the methodology employed and the significant conclusions
These studies encompass methodologies such as formal ver- obtained from each study.
ification for general IoT applications and real-time task In one study [62], the researchers investigate the use
scheduling, state-based control modules in cyber-physical of model checking to ensure the accuracy and efficiency
systems, and IoT protocol verification, highlighting their of Trickle-based dissemination protocols in the Internet of
respective contributions and limitations. Things (IoT). The methodology entails constructing formal
The literature on formal specification and verification models of the Trickle algorithm and employing model check-
for IoT systems reveals a number of significant trends ing to verify its correct operation under different network
and insights. Formal methods, including model checking conditions. The results illustrate the efficacy of the protocol
and theorem proving, have become increasingly popular and highlight possible areas for enhancement.
as essential instruments for verifying system behavior and Similarly, resiliency and sustainability of in-vehicle net-
guaranteeing the security, reliability, and accuracy of IoT work for real-time authenticity are assessed through model
applications. These techniques are particularly effective in checking in a work published in 2021. This study utilizes
identifying potential security vulnerabilities and guaran- model checking to guarantee the robustness and longevity of
teeing that IoT systems satisfy rigorous functional and in-vehicle networks, specifically focusing on the CAN proto-
non-functional requirements. Nevertheless, significant obsta- col. The methodology involves creating formal models of the
cles persist, particularly in the realm of scalability, as the CAN protocol using timed automata and use model checking
complexity of large-scale IoT systems and their extensive to confirm its resilience against message flooding and bus-off
state spaces continues to be challenging to manage. Further- assaults. The study establishes the necessary circumstances
more, there is a requirement for formal verification tools that for the protocol’s ability to withstand and maintain its effec-
can accommodate the timing and performance constraints of tiveness, which have been confirmed by rigorous analysis
real-time IoT systems, as the integration of formal methods using model verification and experimentation [63].
into these systems is currently underexplored. Another sub- In the context of IoT security, another study introduced a
stantial opportunity is the integration of automated tools and framework for conducting security analysis of IoT systems
formal specification languages to optimize the verification by use model checking to validate their safety and security
process and minimize manual intervention. attributes [64]. The process entails constructing a formal
By offering a comparative examination of the diverse for- model of the IoT system and employing model checkers such
mal methods employed in IoT systems, this paper contributes as SPIN to scrutinize potential security risks and validate
to the expanding corpus of knowledge in formal specification the system’s compliance with specified security features. The
and verification. Our analysis provides a more comprehensive efficacy of the framework is evidenced by multiple case stud-
understanding of the techniques that are most appropriate for ies, showcasing its capacity to identify and address security
specific IoT scenarios by examining the strengths and limita- issues in IoT environments.
tions of various approaches, such as model checking, theorem In this context, other researchers focused on investigating
proving, and formal specification languages. Additionally, the behavior of sensors in IoT systems through the appli-
our review identifies numerous gaps in the current literature, cation of statistical model checking is the focus of this
with a particular emphasis on the capacity to adopt formal study. The primary objective of this study is to employ
methods to dynamic and heterogeneous IoT environments, statistical model checking for the purpose of understanding
as well as scalability and real-time performance. By address- and evaluating the performance of sensors within Internet
ing these gaps, we underscore the critical obstacles that must of Things (IoT) systems [65]. The methodology combines
be surmounted in order for formal methods to be more widely learning algorithms with statistical model checking methods
adopted in IoT systems. Lastly, we suggest future research to assess the dependability and efficiency of sensor networks.
directions, with a particular emphasis on the necessity of The study utilizes sensor behavior modeling and extensive
scalable formal methods, real-time verification techniques, simulations to identify trends and anomalies, thereby insuring
and the creation of user-friendly tools that are more easily the system’s resilience and dependability under a range of
assimilated by industry professionals. conditions.
The HSAS-MD Analyzer is a cutting-edge security anal-
B. MODEL CHECKING ysis system that combines model-checking techniques and
Model checking is an essential formal verification technique deep learning to detect malware in IoT applications. This
employed to examine the state space of IoT systems in research presents a novel approach to detecting malware
order to guarantee that they satisfy specified safety, security, in IoT applications by integrating model checking with
and reliability criteria. This technique is especially benefi- deep learning in a hybrid security analysis system [66].
cial in the IoT arena because of the intricate interactions The process entails transforming the source code of an
among multiple devices and protocols. This section provides IoT application into a format compatible with a model
a comprehensive assessment of prominent research that have checker. It then identifies any aberrant behaviors and ver-
explored the utilization of model checking in the context ifies the application’s behavior using model checking. The
of the Internet of Things (IoT). The evaluation focuses on deep learning component improves detection accuracy by

VOLUME 12, 2024 171861

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

TABLE 3. Review of methodologies and applications of model checking in IoT systems.

categorizing possible threats according to acquired patterns. a range of IoT application fields, formal techniques, and
The system exhibits exceptional accuracy, precision, recall, primary topics. These studies illustrate the extensive use of
and F-measure in identifying malicious activity. model checking for verifying the correctness of Trickle-based
In a conceptual proposal, researchers integrated data- dissemination protocols, ensuring the resiliency and sus-
driven security, model checking, and self-adaptation for IoT tainability of in-vehicle networks, validating the safety and
systems using BIP (Behavior, Interaction, Priority) compo- security attributes of IoT systems, and assessing the per-
nents. The proposed model aims to combine data-driven formance of sensor networks. Moreover, the integration of
security, model checking, and self-adaptation techniques. model checking with deep learning and self-adaptation tech-
This approach combines the use of data-driven security, niques has been explored to enhance security and flexibility
model checking, and self-adaptation to enhance the func- in IoT systems.
tionality of IoT systems [67]. The integration is achieved The examined studies illustrate the substantial influence of
through the utilization of BIP (Behavior, Interaction, Priority) model checking in verifying and guaranteeing the depend-
components. The process entails the creation of formal mod- ability, safety, and performance of IoT systems. Model
els for IoT components, doing model checking to validate checking has been successful in finding vulnerabilities,
security features, and implementing self-adaptation methods confirming protocol correctness, and assuring compliance
to dynamically fix discovered security vulnerabilities. The with specified security properties by methodically examining
strategy seeks to improve the overall security and flexibility the state space of complex systems. The incorporation of
of IoT systems. model checking with additional methodologies, such as deep
In a related study, a survey paper reviewed various formal learning and self-adaptation, amplifies its practicality and
verification and validation (FV&V) techniques applied to IoT efficiency. With the rising complexity of IoT systems, the
systems. This paper provides an overview of different for- importance of model checking in assuring their reliability
mal verification and validation (FV&V) methods used in the becomes more crucial. These studies emphasize the impor-
context of Internet of Things (IoT) systems [68]. The method- tance of continuous research and improvement in model
ology comprises a comprehensive examination of existing checking approaches to tackle the changing difficulties in the
literature, classification of various FV&V methods, and eval- IoT area.
uation of their efficacy in tackling IoT-specific obstacles such
as the state explosion problem. The survey emphasizes the C. THEOREM PROVERS
use of artificial intelligence (AI) in FV&V (Formal Veri- This subsection examines multiple research that have inves-
fication and Validation) technologies and delineates future tigated the utilization of theorem provers in the context of
research paths to augment the dependability and safety of IoT systems. It provides an overview of their techniques and
IoT systems [69]. findings. This review is organized in a chronological manner,
As detailed in Table 3, the review of methodologies and starting with the earliest and progressing to the most recent,
applications of model checking in IoT systems encompasses emphasizing significant contributions and achievements.

171862 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

TABLE 4. Overview of recent research on theorem provers in IoT systems.

An examination of future energy systems with interactive The authors included novel event categories and axioms,
theorem proving, published in 2022. Ahmed et al. utilized which facilitated the rigorous examination and validation of
interactive theorem proving to formally analyze prospective protocol behaviors in the face of security risks [74].
energy systems in this study [70]. The authors employed the In their 2024 study, the authors tackled the task of expand-
Coq proof aid to validate the accuracy of energy distribution ing formal ontologies in IoT systems. They showcased
algorithms, guaranteeing the dependability and effectiveness enhanced interpretative capacities and reasoning accuracy
of energy management in IoT-based smart grids. A rigorous in qualitative spatial reasoning (QSR) theories by utilizing
formalization of propositional logic in Coq is presented in a a logical-algebraic framework. This methodology facilitates
study that specifically concentrated on the process of formal- the strong expansion of ontologies, which is crucial for the
izing propositional logic using the Coq theorem prover. They dynamic and scalable character of Internet of Things (IoT)
have contributed to the field by creating four Hilbert-style applications [75]. In the same year, a new study introduced
axiom systems and a natural deduction system. Additionally, an algebraic recognition approach for identifying objects
they have demonstrated equivalences and proven important within the Internet of Things (IoT) ecosystem in the Aral
meta-theorems, such as the Completeness and Soundness area. The study devised accurate recognition algorithms uti-
Theorems. This fundamental research in formal logic has lizing linear closure operators, demonstrating their efficacy
practical implications in the verification of IoT systems, in rapidly identifying incoming information flows in IoT
namely in guaranteeing the precision and dependability of networks. As illustrated in Table 4, recent research on theo-
logical operations within these networks [71]. rem provers in IoT systems highlights the diverse application
In their study [72], the authors investigated the process of fields and formal techniques used to address various primary
formally verifying robotic kinematics by utilizing the Coq topics such as verification, formalization, and security. The
proof aid. The work concentrates on verifying coordinate studies reviewed showcase significant contributions, includ-
transformations and rotational matrices, which are crucial ing validating energy distribution algorithms, formalizing
for accurately controlling robots in IoT environments. This propositional logic with meta-theorems, verifying coordinate
study highlights the need of utilizing formal approaches to transformations and rotational matrices in robotics, creating
improve the safety and predictability of robotic operations in formal models for Solidity-style smart contracts, demonstrat-
interconnected systems. ing security features of multi-factor authentication protocols,
A formal representation of Solidity-style smart contracts in and enhancing interpretative capacities in qualitative spatial
the theorem prover Agda, developed in 2023: the researchers reasoning for IoT ontologies.
employed the Agda theorem prover to create a model of The reviewed studies highlight the significant role of
Solidity-style smart contracts. Their objective was to estab- theorem provers in enhancing the reliability, security, and
lish a formalized and verified process for ensuring the correctness of IoT systems. Through the formalization and
accuracy of smart contract execution within IoT ecosys- verification of complex algorithms, protocols, and ontolo-
tems [73]. This approach attempted to tackle the security gies, theorem provers like Coq and Agda provide rigorous
and operational difficulties that are inherent in decentralized mathematical guarantees that are crucial for the dependable
applications. Other study utilized the Logic of Events formal operation of interconnected devices. The integration of log-
technique to demonstrate the security features of multi-factor ical frameworks and algebraic methods further extends the
authentication protocols in the context of industrial IoT. applicability of theorem proving to diverse IoT scenarios,

VOLUME 12, 2024 171863

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

TABLE 5. Summary of key studies on hybrid approaches in formal methods for IoT systems.

from energy management and robotics to smart contracts Guan et al. introduced a formal verification method
and authentication protocols. These studies underscore the for a hybrid IoT operating system model, combining for-
importance of continuing research and development in the- mal specification languages with runtime verification. This
orem proving techniques to address the evolving challenges method ensured system stability and reliability by allowing
in IoT, ensuring robust and secure systems in an increasingly continuous verification of the system as it operates, thus
connected world. catching potential errors and security issues in real-time [79].
Minhas et al. proposed HVoC, a hybrid model checking -
D. HYBRID APPROACHES interactive theorem proving approach for functional verifi-
Hybrid approaches in formal methods for IoT systems cation of digital circuits. This approach demonstrated the
integrate multiple techniques to leverage their individual synergy between these methods in ensuring circuit function-
strengths and mitigate their weaknesses. The selected studies ality, particularly in verifying both the logical correctness
illustrate the innovative ways in which researchers combine and performance aspects of digital circuits used in IoT
different formal methods to enhance verification, validation, devices [80]. Al-Nuaimi et al. developed a hybrid verifica-
and analysis processes in IoT systems. tion technique for decision-making in self-driving vehicles.
In the study by Souri et al., a hybrid formal verification By combining MCMAS and PRISM model checkers, the
approach for QoS-aware multi-cloud service composition study validated autonomous driving scenarios, ensuring that
is proposed [76]. This approach combines model check- the vehicles could make safe and reliable decisions in various
ing and theorem proving to ensure service reliability and traffic conditions [81].
performance. By integrating these methods, the authors In 2022, Dupont et al. employed proof and refinement
were able to verify both functional and non-functional with Event-B to verify architectural patterns of hybrid sys-
properties of cloud services, addressing issues such as tems. This study showcased the robustness of integrating
resource allocation and service level agreements (SLAs). multiple formal methods, allowing for the verification of
Liebrenz et al. presented a service-oriented approach for complex system architectures while maintaining flexibility
decomposing and verifying hybrid system models. By using in design and implementation [82]. Similarly, Ali-Eldin et
component-based methods, the study managed the complex- al. developed a hybrid trust computing approach using social
ity of hybrid systems in IoT. This approach enabled the mod- similarity and machine learning. This method highlights the
ular verification of individual components, which could then effectiveness of combining computational techniques with
be integrated into a complete system, ensuring that each part social metrics to enhance IoT security and data privacy. The
adhered to specified properties before being combined [77]. study demonstrated how machine learning algorithms could
Elkholy et al. focused on model checking intelligent avionics be used to predict trust levels among IoT devices based on
systems using multi-agent systems for test case generation. social similarities, thereby improving the overall security
This study blended formal methods with intelligent systems framework [83]. Lastly, Mammar et al. explored modeling
to enhance avionics safety and performance, ensuring that and proving hybrid programs with Event-B, using general-
complex avionics software could be verified against stringent ization and instantiation techniques. This approach ensured
safety standards [78]. the correctness of hybrid IoT applications by allowing for the

171864 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

TABLE 6. Comprehensive comparison of focus areas in existing surveys vs. our survey.

verification of generalized models that could be instantiated and solutions from various perspectives. However, most of
for specific use cases, thus maintaining both flexibility and these studies tend to focus on general security mechanisms,
rigor in verification [84]. cryptographic techniques, and network-level protections
Krichen surveyed formal methods and validation tech- without addressing the deeper, model-driven formal methods
niques in the automotive industry, emphasizing the inte- for system verification and analysis. In contrast, our review
gration of model checking, theorem proving, and abstract emphasizes the necessity of applying formal methods to
interpretation. This comprehensive survey highlighted the ensure that IoT systems meet stringent security and reliability
importance of using multiple verification techniques to cover requirements, especially in mission-critical applications such
different aspects of automotive systems, such as safety and as healthcare, industrial IoT, and smart cities.
security, which are critical in IoT-enabled vehicles [41]. The 2019 survey [51] covers general IoT security with a
As shown in Table 5, hybrid approaches in formal methods focus on lightweight cryptographic techniques. While cryp-
for IoT systems encompass a range of application fields and tography is vital for securing IoT communications, it does
integrate multiple formal techniques to enhance verification, not provide the formal guarantees required to ensure the
validation, and security. The studies reviewed illustrate sig- correctness of an IoT system under all operational conditions.
nificant contributions, such as ensuring service reliability Formal methods, which offer mathematically sound verifica-
and performance in cloud service composition, enhancing tion techniques, are only mentioned briefly in this survey. The
IoT security and data privacy through trust computing and depth of formal methods analysis is low, and the work does
machine learning, managing the complexity of hybrid sys- not thoroughly explore the broader applicability of formal
tems using component-based methods, securing automotive verification.
systems via a combination of model checking, theorem prov- In the same year, [52] analyzed real-time task schedul-
ing, and abstract interpretation, and ensuring system stability ing in IoT, offering moderate coverage of formal methods.
and reliability in hybrid IoT operating systems through for- The complexity of verifying real-time tasks, where timing
mal specification and runtime verification. constraints are critical, presents a significant challenge. The
To summary, these studies collectively demonstrate the moderate depth of formal analysis reflects this, as formal
effectiveness of hybrid approaches in addressing the complex verification techniques such as model checking and theorem
verification and validation challenges in IoT systems. By inte- proving are powerful but can be resource-intensive when
grating various formal methods, researchers can exploit the applied to real-time systems. Similarly, [54] examined the
complementary strengths of these techniques, resulting in verification of IoT protocols, focusing on a limited subset
more robust, reliable, and secure IoT applications. of formal methods. The study explored how formal methods
could be used to verify protocol behavior, but the depth of
analysis was moderate, with limited exploration of scalability
E. COMPARISON AND DISCUSSION and real-time concerns.
Several existing surveys on secure and reliable IoT systems Surveys such as [57] and [58], conducted in 2021 and
have provided comprehensive insights into the challenges 2022 respectively, delve deeper into formal methods by

VOLUME 12, 2024 171865

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

applying them to safety-critical IoT systems and IoT architec- A. SCALABILITY ISSUES
ture. These surveys highlight the importance of using formal A key obstacle consistently found in several research is the
verification techniques such as model checking and theo- ability of formal approaches to handle the size and complexity
rem proving to ensure the correctness and timing behavior of IoT systems. As the Internet of Things (IoT) networks
of safety-critical systems, where errors can lead to catas- expand, the number of possible states that need to be exam-
trophic outcomes. Despite the high depth of analysis, these ined using formal verification methods like model checking
works also face limitations in computational overhead and increases rapidly. This sometimes results in a state space
resource-intensive verification processes. that becomes too large to handle computationally, making
The study by [59], conducted in 2023, focuses extensively it infeasible to perform the necessary calculations. Further-
on formal methods, particularly in verifying the Contiki more, scalable formal methods and verification tools are
scheduler used in IoT operating systems. By extracting and required to effectively handle large-scale IoT systems while
verifying scheduler operations using formal specifications, maintaining accuracy and performance. Subsequent investi-
this work exemplifies how formal methods can ensure system gations should prioritize the development of algorithms and
stability and correct task execution in complex operational procedures capable of managing the growing intricacy and
scenarios. Although this survey provides extensive coverage magnitude of IoT networks, as Figure 8 shows the scalability
of formal methods, it still encounters challenges with verify- issues and state space explosion.
ing the complexity of scheduler operations.
While [60] in 2023 covers constrained IoT devices and
uses temporal logic for multi-factor authentication verifica-
tion, it offers only moderate depth in its formal analysis.
This reflects a common limitation in existing surveys, where
formal methods are applied to a narrow subset of security
challenges but are not fully explored as a comprehensive solu-
tion for IoT reliability and scalability. As shown in Table 6,
existing surveys on secure and reliable IoT systems have
varying degrees of focus on formal methods, with some
only briefly mentioning their applicability while others delve
deeper into specific use cases like safety-critical IoT systems
or protocol verification.
In contrast to the existing surveys, our review provides
an extensive and detailed analysis of formal methods, par-
ticularly focusing on their application to IoT security and FIGURE 8. Exponential growth of state space size with increasing number
reliability. Our survey dives deeply into various formal of IoT devices.

techniques, such as model checking, theorem proving, and

formal specification languages, to address critical IoT chal- The diagram depicts the scalability problem referred to as
lenges such as scalability, real-time performance, and system state space explosion in the domain of formal verification
complexity. By doing so, we address the gaps found in of Internet of Things (IoT) systems. The x-axis denotes the
previous surveys, offering a comprehensive view of how quantity of IoT devices, while the y-axis illustrates the mag-
formal methods can ensure the robustness and security of nitude of the state space on an exponential scale. Every point
IoT systems. on the graph represents the extent of the state space that cor-
Our survey contributes significantly by not only identify- responds to a specific number of IoT devices. Furthermore,
ing the challenges of existing approaches but also providing the graph illustrates that the size of the state space increases
solutions through formal verification methods. In particu- exponentially as the number of IoT devices increases. At first,
lar, our work highlights recent advancements and emerging when there are fewer devices, the size of the state space
trends, such as the integration of hybrid formal methods with is modest and easy to handle. Nevertheless, as the quantity
runtime verification techniques and machine learning, which of devices grows, the dimension of the state space expands
are not extensively covered in earlier works. rapidly, reaching a point where it becomes quite extensive and
challenging to manage. The rapid and exponential expansion
IV. KNOWLEDGE GAPS poses a considerable obstacle for formal approaches, such as
Although the literature on the use of formal methods in IoT model checking, as they heavily depend on the exploration of
systems has shown great progress, there are still some areas the state space to validate system features. The exponential
where our understanding is lacking. To improve the depend- growth of the state space size necessitates a correspond-
ability, safety, and efficiency of IoT systems, it is crucial to ing rise in computational resources, such as memory and
address these deficiencies. The following critical areas have processing power, for verification purposes. Consequently,
been highlighted where additional research and development it becomes impossible to verify systems that involve a sub-
are imperative. stantial number of devices.

171866 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

The consequences for IoT systems are especially serious,

as these systems frequently consist of a substantial number
of networked devices, which makes them vulnerable to state
space explosion. This emphasizes the need for verification
methodologies that can be scaled up and effectively handle
and reduce the impact of state space explosion. The illustra-
tion emphasizes the significance of creating adaptable formal
techniques capable of managing the intricacy of extensive
IoT networks. Abstraction, compositional verification, and
symbolic methods are essential techniques for effectively
handling the problem of state space explosion.
The diagram also highlights the necessity of utilizing
sophisticated verification techniques that integrate optimiza-
tions and heuristics to decrease the size of the state space FIGURE 9. Real-time constraints and task scheduling in IoT systems.
while maintaining correctness. These techniques can assist
in maintaining the feasibility of formal verification as IoT
systems get more intricate. Future research should prioritize chronological arrangement of four tasks, labeled as Task 1 to
improving the scalability of formal methods, investigating Task 4. Every work is assigned a distinct start and end time,
hybrid approaches that integrate various verification tech- which is visually depicted by the duration of the colored bars.
niques, and constructing frameworks capable of effectively Task 1 commences at time 0 and concludes at time 3. Task
managing extensive state spaces. Exploring domain-specific 2 commences at time 1 and concludes at time 3. Task 3 com-
improvements designed for IoT applications might enhance mences at time 3 and concludes at time 6. Task 4 commences
the efficiency and feasibility of verification processes. at time 5 and concludes at time 7. The deadlines for Task 3 and
To assure the reliability, security, and performance of IoT Task 4 are indicated by vertical red dashed lines at time 4 and
systems, researchers and practitioners should address the time 7, respectively. Task 3 exceeds its deadline, suggesting
scaling concerns depicted in the figure, thus allowing formal a failure to fulfill the deadline and a potential violation of
approaches to offer credible guarantees. real-time constraints, but Task 4 completes precisely on time,
In summary, scalability remains a significant challenge successfully adhering to the real-time restriction.
for IoT systems as the number of connected devices and Ensuring real-time limitations are met is crucial in IoT
the volume of data continues to grow exponentially. Formal systems, particularly for tasks that are time-sensitive or
methods, while useful, struggle to manage the large and have implications for safety and mission-critical operations.
complex state spaces that emerge in large-scale IoT networks. The diagram illustrates the significance of effective task
This limitation often results in bottlenecks that impact the scheduling in order to guarantee the timely completion of
overall efficiency and reliability of these systems, highlight- all jobs. The successful coordination of Task 1 and Task
ing the need for scalable formal verification techniques. 2 demonstrates that by implementing effective scheduling,
tasks may be accomplished within their designated time peri-
B. CONSTRAINTS ON REAL-TIME PERFORMANCE ods. Nevertheless, the failure to fulfill the deadline for Task
Several IoT applications, particularly those in safety-critical 3 underscores the challenges of assuring timely completion
fields such as healthcare and industrial automation, adhere of all tasks, particularly when there is task overlap or depen-
to stringent real-time limitations. Although there has been dency on the completion of preceding tasks.
research on real-time task scheduling, there is a shortage of The challenge of maintaining real-time performance in IoT
complete formal techniques that can ensure real-time per- systems is critical, particularly in sectors like healthcare and
formance across a wide range of IoT applications. There industrial automation. Delays in data processing and network
is a need for more study to provide formal techniques that latency often compromise the ability of IoT systems to meet
can successfully verify and enforce real-time limitations in strict timing constraints. Currently, formal methods do not
IoT systems. This involves ensuring that essential tasks are fully address these real-time performance issues, which limits
completed within their specified timeframes and that the their applicability in time-sensitive IoT applications where
system maintains a consistent and dependable performance precision is essential.
in all operational circumstances. Figure 9 shows the real-time
constraints and task scheduling. C. INCORPORATION OF VARIED FORMAL METHODS
The diagram depicts the time limitations that exist when Various formal methods, such as model checking, theorem
scheduling tasks in IoT systems. The x-axis corresponds to proving, and formal specification, provide distinct advan-
the temporal dimension, whereas the y-axis reflects distinct tages and constraints. Nevertheless, there is a scarcity of study
activities or assignments. Each colored bar represents the on the integration of these various strategies to exploit their
duration of a task, and certain deadlines are indicated by complementing benefits. Integrating different components
vertical red dashed lines. Moreover, the diagram depicts the could offer stronger and more thorough verification solutions

VOLUME 12, 2024 171867

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

for Internet of Things (IoT) systems. It is crucial to explore their integration remains insufficient. The lack of compre-
strategies for smoothly combining several formal methodolo- hensive frameworks that combine these different techniques
gies. The research should prioritize the integration of several limits their ability to effectively address the wide range
methods to effectively tackle all aspects of IoT system needs, of challenges faced by IoT systems. This gap hinders the
encompassing modeling, verification, and analysis. Figure 10 development of holistic solutions that can manage both
presents the integration levels of various formal methods in functional and non-functional requirements across diverse
IoT systems. IoT architectures.

D. ADAPTABILITY AND EVOLUTION

IoT systems are intrinsically characterized by their dynamic
nature, as devices and configurations undergo regular
changes over time. Contemporary formal techniques typi-
cally rely on static system models, neglecting the dynamic
character of IoT contexts. There is a requirement for flexible
formal procedures that can adapt to modifications in system
architecture and behavior. It is necessary to develop adap-
tive formal methods that can dynamically update verification
models in response to changes in the IoT system. This will
guarantee ongoing accuracy and dependability as the system
progresses. Figure 11 depicts the flexibility and progression
of IoT systems, highlighting the ever-changing nature of
these systems where devices and configurations experience
FIGURE 10. Integration levels of various formal methods in IoT systems. frequent modifications over time. The x-axis denotes the
temporal dimension, while the y-axis signifies a range of
The diagram depicts the levels of integration of different evolutionary occurrences. Distinct colors are employed to
formal approaches inside the framework of IoT systems. The signify several categories of events: blue denotes the addition
x-axis indicates several categories of formal methods, while of a device, green represents updates to a device, and orange
the y-axis represents the degree of integration on a scale indicates network reconfigurations.
ranging from 0 to 1. Every bar in the chart represents a
distinct formal technique and indicates its degree of inte-
gration within IoT systems. The chart displays four distinct
formal methods: Model Checking, Theorem Proving, Formal
Specification, and Hybrid Methods. The integration levels
of Model Checking, Theorem Proving, Formal Specification,
and Hybrid Methods are 0.8, 0.7, 0.6, and 0.9, respectively.
These findings suggest that Hybrid Methods are the most
widely incorporated into IoT systems, followed by Model
Checking, Theorem Proving, and Formal Specification.
The extensive integration level of Hybrid Methods implies
that the combination of several formal methods can offer
a more thorough and efficient way to validating and ana-
lyzing IoT systems. Hybrid methods utilize the advantages
of numerous techniques, providing a strong framework for
tackling the intricacies and difficulties of IoT systems. Model
Checking, with an integration level of 0.8, is extensively FIGURE 11. Adaptive formal methods and evolutionary events in IoT
systems.
utilized because of its automated verification capabilities.
These capabilities enable the systematic investigation of the
state space of IoT systems to ensure that they satisfy specified The chronology depicts five crucial occurrences: the
attributes. Theorem Proving, with an integration level of 0.7, inclusion of Device A, the enhancement of Device B, a recon-
is well regarded for its capacity to deliver meticulous mathe- figuration of the network, the addition of Device C, and the
matical proofs, guaranteeing the accuracy of system behavior. update of Device A. Every event is indicated by a colored
Formal Specification, at an integration level of 0.6, is crucial dot, accompanied with accompanying annotations that offer
for accurately delineating system requirements and behavior, clarification on the nature of each occurrence. The arrows
enabling early identification of design flaws. connecting the events illustrate the direction and chrono-
While various formal methods such as model checking logical order of evolution. The dashed lines symbolize the
and theorem proving have been applied to IoT systems, advancement and interrelation of various events. The arrows

171868 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

emphasize the ongoing development of IoT systems, charac- safeguard against attacks and illegal entry, as well as guaran-
terized by regular upgrades and reconfigurations. teeing the resilience and dependability of security methods.
The graphic prominently emphasizes the importance of Figure 12 depicts the significance of security and privacy
adaptable formal approaches by a big annotation at the top. in IoT systems, emphasizing its crucial purpose in ensuring
The annotation ‘‘Adaptive Formal Methods Dynamic Model the overall integrity and performance of these systems. The
Updates’’ underscores the necessity for formal methods that x-axis indicates two fundamental dimensions: Security and
possess the ability to dynamically adjust to the ever-changing Privacy, while the y-axis displays the proportion.
IoT system. The significance of these adaptive strategies in
preserving accuracy and reliability as the system progresses
is emphasized by the prominent arrow and red text.
The ever-changing characteristics of IoT systems require
the creation of flexible formal procedures that can adapt to
real-time modifications. Static formal models are inadequate
for IoT contexts due to the continuous evolution of system
configurations. The graphic aptly demonstrates the dynamic
character of the subject matter by visually presenting the
sequence of significant events over time and their intercon-
nections. The necessity for adaptability in formal approaches
is emphasized by the frequent and frequently unforeseeable
alterations in IoT contexts. This includes the incorporation
of novel devices, modifications to current devices, and alter-
ations in network setups. Adaptive formal techniques need to
be developed in a way that allows for smooth integration of
these changes into the verification process, while guarantee-
ing that the system’s reliability and security are preserved. FIGURE 12. Security and privacy in IoT systems.
Adaptive formal methods play a significant role in main-
taining the accuracy and reliability of verification procedures
by reflecting the current state of the system. These methods The bar chart illustrates that security is valued at 85% and
ensure the continuing accuracy and reliability of IoT sys- privacy at 80%, showing their significant significance. The
tems by updating verification models in response to changes. graphic illustrates the essentiality of both security and privacy
To guarantee the accuracy, reliability, and security of IoT in the development and execution of IoT systems. The 85%
systems as they evolve, it is crucial to develop adaptive formal security grade highlights the importance of safeguarding IoT
methods that can dynamically update verification models in systems against a range of dangers, such as illegal access, data
response to system changes. This technique overcomes the breaches, and cyberattacks. Security measures are crucial for
constraints of static formal methods and effectively tackles guaranteeing the secrecy, consistency, and accessibility of
the distinct issues presented by the dynamic nature of IoT data within IoT networks.
contexts. Furthermore, the 80% grade on privacy underscores the
IoT systems must be capable of evolving and adapt- significance of protecting personal and sensitive data that
ing to dynamic environments where devices are frequently is gathered and transmitted by IoT devices. The importance
added, updated, or removed. However, current formal meth- of privacy is of utmost significance, particularly in light of
ods are not fully equipped to handle this need for continuous the growing volume of data produced by Internet of Things
adaptation without requiring complete system revalidation. (IoT) devices across a range of applications, including smart
This limits the flexibility of IoT systems, particularly in homes, healthcare, and industrial automation. Ensuring pri-
fast-changing environments where adaptability is crucial for vacy necessitates the implementation of safeguards to prevent
maintaining system functionality and stability. illegal access and exploitation of data, while also complying
with legislative mandates and meeting user expectations. The
E. SECURITY AND PRIVACY similar levels of security and privacy percentages indicate
While several studies prioritize the verification of functional that both factors are given equal priority in IoT systems.
correctness, there is relatively less attention given to the The maintenance of this equilibrium is of utmost importance
elements of security and privacy. Due to the importance of as robust security measures have the potential to augment
data sensitivity and the potential consequences of security privacy, while efficient privacy practices can fortify overall
breaches in IoT systems, there is a pressing requirement security.
for formal approaches that expressly focus on addressing
these concerns. It is crucial to enhance formal approaches in F. USER-FRIENDLY TOOLS
order to thoroughly test security and privacy features in IoT The intricacy of formal approaches frequently constrains their
systems. This entails the development of methodologies to implementation in pragmatic IoT development. There is a

VOLUME 12, 2024 171869

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

requirement for tools that are easy for users to understand G. FORMAL METHODS FOR EMERGING IoT
and use, which can simplify the complicated mathematical TECHNOLOGIES
aspects and offer straightforward interfaces for developers With the emergence of new IoT technologies like edge com-
and engineers. It is essential to develop formal verification puting, 5G, and AI-driven IoT, there is a lack of formal
tools that are more accessible and user-friendly in order to methodologies being applied to these technologies. The cur-
encourage more use among practitioners. These technologies rent research predominantly concentrates on conventional
should be seamlessly included into the IoT development IoT systems, neglecting the exploration of future technolo-
process and offer tangible advantages without necessitat- gies. It is crucial to extend the use of formal approaches
ing extensive knowledge in formal methodologies. Focusing to new IoT technologies. The research should prioritize
on three main criteria—Ease of Use, Intuitive Interface, the development and adaptation of formal methodologies to
and Documentation— Figure 13 shows the user evaluations test and analyze emerging IoT paradigms, with a specific
for tools applied in formal techniques. The x-axis indi- emphasis on meeting performance, security, and reliabil-
cates these features; the y-axis displays the ratings ranging ity standards. Figure 14 depicts the hierarchical levels at
from 5. which formal approaches are applied in three developing
IoT technologies: AI-driven IoT, 5G, and Edge Comput-
ing. The x-axis depicts the level of implementation, ranging
from 0 to 5, while the y-axis displays the three technologies.
The bars represent the level of implementation of formal
techniques in each technology, with AI-driven IoT ranked at
4.8, 5G at 4.2, and Edge Computing at 3.5.

FIGURE 13. User-friendly tools for formal methods.

In fact, users believe these tools to be of 4.2 for Ease of

Use, 3.8 for Intuitive Interface, and 3.5 for Documentation, FIGURE 14. Formal methods for emerging IoT technologies.

therefore reflecting their perceived quality and usability. With

a rating of 4.2, the chart shows that Ease of Use is greatest According to the Figure 13, AI-driven IoT has the highest
implying that consumers find formal methods tools rather level of implementation of formal procedures, scoring 4.8.
simple to use. This high grade emphasizes the need of cre- Formal approaches are widely used to guarantee the reliabil-
ating tools that are easily available and user-friendly so that ity, security, and efficiency of AI-driven IoT systems at a high
practitioners may efficiently implement formal approaches level. Due to the intricate and crucial nature of AI algorithms
free from too complex or steep learning curves. Although the in IoT applications, the meticulous use of formal methods
tools are usually regarded as user-friendly, the 3.8 Intuitive aids in proving the accuracy and resilience of these systems,
Interface rating shows that there is still space for development hence increasing trust and reliability. The 5G technology,
in simplifying interfaces. Since it improves user experience, which has an implementation level of 4.2, also demonstrates
lowers the possibility of mistakes, and improves tool effi- substantial utilization of formal methods. Deploying 5G net-
ciency in formal verification and analysis, an easy interface works requires intricate protocols and instantaneous data
is absolutely vital. transmission, which makes it necessary to employ formal
Though rather lower, the 3.5 Documentation rating empha- methods for validating and verifying these systems. Formal
sizes the requirement of thorough and unambiguous docu- approaches in the context of 5G technology are employed
mentation. Users need good documentation if they are to to guarantee that the demanding criteria of high speed and
grasp the tools’ features, capacities, and limits. It supports low latency are achieved, all the while upholding security
learning, troubleshooting, and efficient application of the measures and averting possible weaknesses. Edge Comput-
functionality of the products. The somewhat low-grade points ing, with a rating of 3.5, exhibits a somewhat lower although
to an area that needs work since it implies that users could be still significant degree of formal techniques implementation.
having trouble locating sufficient tools and help. Edge Computing entails the processing of data in close

171870 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

proximity to its origin, as opposed to depending on central- research is needed to develop more scalable algorithms. Opti-
ized cloud servers. This approach has distinct issues in terms mizing formal verification methods to handle the complexity
of limited resources and the need for real-time processing. of large and distributed IoT networks is essential to ensure
Applying formal approaches in Edge Computing offers a their continued reliability as they expand. The current depth
systematic approach to ensuring the accuracy and efficiency of formal methods applied to scalability challenges is still
of distributed systems that operate at the edge of the network. insufficient and is visualized in Figure 16, indicating the need
While formal methods provide valuable tools for enhanc- for further development in this area.
ing the security, reliability, and scalability of IoT systems,
their effectiveness varies across different identified knowl-
edge gaps. As depicted in Figure 15, formal methods show
strong coverage in areas like security and privacy but are
less capable of addressing challenges related to scalability,
adaptability, and the evolution of IoT systems. This highlights
the need for further development and integration of formal
methods to better meet the demands of rapidly evolving IoT
technologies.

FIGURE 16. The current depth of formal methods application across

various IoT challenges demonstrating the areas where further
development is needed.

Another critical issue is ensuring real-time performance

in IoT systems. Many IoT applications, particularly those
in safety-critical domains like healthcare and industrial
automation, require tasks to be executed within strict time
constraints. However, existing formal methods are not fully
equipped to verify real-time performance across a wide
range of dynamic and resource-constrained environments.
Although some progress has been made in real-time task
scheduling, more comprehensive formal verification tools are
FIGURE 15. Coverage of formal methods in addressing IoT knowledge
gaps. needed to guarantee real-time performance while maintaining
system efficiency. As shown in Figure 1, the depth of formal
This radar chart illustrates how well formal methods cur- methods in addressing real-time constraints remains moder-
rently address each major knowledge gap, emphasizing the ate, suggesting that additional research is required.
areas where formal methods are effective (e.g., security, pri- The integration of varied formal methods, such as model
vacy) and where improvements are needed (e.g., scalability, checking, theorem proving, and formal specification lan-
adaptability). guages, presents another opportunity for advancing the field.
Each method has distinct strengths, but they also have lim-
V. CHALLENGES AND FUTURE CONSIDERATIONS itations when used in isolation. For example, while model
The application of formal methods to IoT systems has demon- checking provides automatic verification, it often struggles
strated significant potential for enhancing system security with scalability. In contrast, theorem proving can handle
and reliability. However, several challenges remain that hin- more complex systems but requires significant manual effort.
der their broader adoption and practical implementation. There is a clear need for hybrid verification frameworks
Addressing these challenges is crucial for advancing the field that combine the strengths of these methods to offer a more
and ensuring that IoT systems are robust, secure, and scalable. comprehensive and efficient approach to system verification.
One of the primary challenges in applying formal methods The importance of this integration is reflected in Figure 17,
to IoT systems is scalability. As IoT networks grow, the state which highlights it as a priority for future research.
space that needs to be explored during verification increases This radar chart illustrates the research priorities for formal
exponentially, resulting in what is known as the state space methods in IoT systems, emphasizing areas such as scala-
explosion problem. Current formal methods are limited by bility, real-time performance, security, and the integration of
computational resources, making it difficult to handle the methods. The numerical values represent the relative impor-
verification of large-scale IoT networks. While abstraction tance of each research area on a scale of 1 to 5, where
techniques have been proposed to mitigate this issue, further 5 indicates the highest priority.

VOLUME 12, 2024 171871

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

TABLE 7. Overview of proposed future research directions.

concerns are still limited, as indicated by their moderate depth

in Figure 16.
Despite the potential of formal methods, their complexity
often limits their adoption in practical IoT development envi-
ronments. Current formal verification tools require advanced
knowledge of mathematical theories, making them inacces-
sible to non-expert developers and practitioners. Developing
user-friendly formal tools that integrate seamlessly into IoT
development workflows is crucial for broader adoption. Such
tools should provide intuitive interfaces and extensive docu-
mentation without compromising the rigor of the underlying
formal methods. As highlighted in Table 7, the development
of user-friendly tools represents a significant opportunity for
expanding the practical use of formal methods in IoT systems.
Lastly, the emergence of new IoT technologies, such as
edge computing, 5G, and AI-driven IoT systems, presents
FIGURE 17. Future research priorities for formal methods in IoT.
both challenges and opportunities for formal methods. While
much of the current research focuses on traditional IoT archi-
tectures, these new technologies introduce additional layers
Adaptability is also a significant concern for IoT systems, of complexity and uncertainty. Extending formal verification
which are inherently dynamic. Devices and system architec- techniques to cover these emerging paradigms will ensure
tures frequently change over time, making it challenging for that next-generation IoT systems meet the same high stan-
existing formal methods, which often rely on static models, dards of reliability, security, and scalability as traditional
to keep pace with evolving systems. Developing adaptive for- systems.
mal methods that can dynamically update verification models
as systems evolve is critical for maintaining the reliability
of IoT systems in real-time environments. This area remains VI. CONCLUSION AND PERSPECTIVES
underexplored, as seen in Table 7, where adaptive formal The exhaustive examination of formal approaches employed
methods are identified as a key research direction. in IoT systems highlights their pivotal function in augment-
Security and privacy are paramount in IoT systems, par- ing the dependability, security, and efficiency of networked
ticularly given the sensitive nature of the data they handle devices. The utilization of formal specification, model ver-
and the potential consequences of security breaches. While ification, and theorem proving has played a crucial role
formal methods have traditionally focused on functional cor- in tackling the inherent difficulties of IoT systems. These
rectness, there is a growing need for methods that rigorously approaches have shown substantial promise in confirming
verify security protocols and privacy policies. Ensuring that protocol consistency, ensuring real-time speed, and offering
IoT systems can withstand security attacks while maintaining mathematical assurances for the security of IoT systems.
data confidentiality and integrity is an essential requirement However, the assessment emphasizes that there are still obsta-
for future IoT networks. Formal methods that address these cles that need to be addressed. These challenges include

171872 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

scalability limitations, real-time constraints, integration of [11] E. Schiller, A. Aidoo, J. Fuhrer, J. Stahl, M. Ziörjen, and B. Stiller,
multiple formal approaches, adaptability, security and privacy ‘‘Landscape of IoT security,’’ Comput. Sci. Rev., vol. 44, May 2022,
Art. no. 100467, doi: 10.1016/J.COSREV.2022.100467.
concerns, and the need for better user-friendly tools. Tackling [12] J. Perháč, V. Novitzká, W. Steingartner, and Z. Bilanová, ‘‘Formal model of
these obstacles is crucial for the ongoing advancement and IDS based on BDI logic,’’ Mathematics, vol. 9, no. 18, p. 2290, Sep. 2021,
execution of dependable IoT systems. doi: 10.3390/MATH9182290.
[13] A. Saidi, M. Hadj Kacem, I. Tounsi, and A. Hadj Kacem, ‘‘A
In order to address the deficiencies that have been high- formal approach to specify and verify Internet of Things archi-
lighted and improve the use of formal methods in IoT tecture,’’ Internet Things, vol. 24, Dec. 2023, Art. no. 100972, doi:
systems, it is recommended that future research concentrate 10.1016/J.IOT.2023.100972.
on creating verification tools that can handle large-scale IoT [14] Q. Rouland, B. Hamid, J.-P. Bodeveix, and M. Filali, ‘‘A formal methods
approach to security requirements specification and verification,’’ in Proc.
networks and real-time restrictions in a scalable manner. 24th Int. Conf. Eng. Complex Comput. Syst., Nov. 2019, pp. 236–241, doi:
The integration of various formal approaches can enhance 10.1109/ICECCS.2019.00033.
their complementing capabilities, resulting in more resilient [15] T. Kulik, B. Dongol, P. G. Larsen, H. D. Macedo, S. Schneider,
P. W. V. Tran-Jørgensen, and J. Woodcock, ‘‘A survey of practical formal
verification systems. Furthermore, the implementation of methods for security,’’ Formal Aspects Comput., vol. 34, no. 1, pp. 1–39,
adaptive formal methods that can dynamically modify ver- Mar. 2022, doi: 10.1145/3522582.
ification models in accordance with alterations in system [16] O. Lysne, ‘‘Formal methods,’’ in The Huawei and Snowden Questions.
Cham, Switzerland: Springer, 2018, pp. 75–85.
configurations would guarantee uninterrupted dependabil- [17] M. Huisman, C. Pasareanu, and N. Zhan, Formal Methods: 24th Interna-
ity. By implementing thorough verification procedures and tional Symposium, vol. 13047. Cham, Switzerland: Springer, 2021.
developing user-friendly tools, the adoption of the system [18] M. Luckcuck, M. Farrell, L. A. Dennis, C. Dixon, and M. Fisher, ‘‘Formal
among practitioners would be facilitated, leading to improved specification and verification of autonomous robotic systems: A sur-
vey,’’ ACM Comput. Surveys, vol. 52, no. 5, pp. 1–41, Sep. 2020, doi:
security and privacy. Moreover, by extending the use of for- 10.1145/3342355.
mal methods to emerging technologies like edge computing, [19] A. Kriouile and W. Serwe, ‘‘Formal analysis of the ACE specification for
5G, and AI-driven IoT, we can guarantee that these new cache coherent systems-onchip,’’ in Formal Methods for Industrial Critical
Systems. Cham, Switzerland: Springer, 2013, pp. 108–122.
approaches adhere to performance, security, and reliability [20] K. Hafdi and A. Kriouile, ‘‘Formal modeling and validation of micro
criteria, thus facilitating the development of the next genera- smart grids based on ReDy architecture,’’ in Proc. 5th Int. Conf. Cloud
tion of IoT systems. Comput. Artif. Intelligence: Technol. Appl. (CloudTech). Morocco: IEEE,
Nov. 2020, pp. 1–7.
[21] E. K. Elsayed and A. Asmaa, ‘‘Formal verification of an efficient architec-
REFERENCES ture to enhance the security in IoT,’’ Int. J. Adv. Comput. Sci. Appl., vol. 12,
[1] M. A. Rahim, M. A. Rahman, M. M. Rahman, A. T. Asyhari, no. 3, pp. 1–24, 2021.
M. Z. A. Bhuiyan, and D. Ramasamy, ‘‘Evolution of IoT-enabled connec- [22] M. Algarni, M. Alkhelaiwi, and A. Karrar, ‘‘Internet of Things security:
tivity and applications in automotive industry: A review,’’ Veh. Commun., A review of enabled application challenges and solutions,’’ Int. J. Adv.
vol. 27, Jan. 2021, Art. no. 100285. Comput. Sci. Appl., vol. 12, no. 3, pp. 1–21, 2021.
[2] J. Liu, H. Hu, W. Xu, and D. Luo, ‘‘Internet of Things challenges and future [23] A. Fortas, E. Kerkouche, and A. Chaoui, ‘‘Formal verification of IoT appli-
scope for enhanced living environments,’’ in Advances in Computers. cations using rewriting logic: An MDE-based approach,’’ Sci. Comput.
Amsterdam, The Netherlands: Elsevier, 2024, pp. 201–246. Program., vol. 222, Oct. 2022, Art. no. 102859.
[3] H. M. Rai, Atik-Ur-Rehman, A. Pal, S. Mishra, and K. K. Shukla, ‘‘Use [24] M.-Z. Shieh, Y.-B. Lin, and Y.-J. Hsu, ‘‘VerificationTalk: A verification
of Internet of Things in the context of execution of smart city applications: and security mechanism for IoT applications,’’ Sensors, vol. 21, no. 22,
A review,’’ Discover Internet Things, vol. 3, no. 1, p. 18, Aug. 2023, doi: p. 7449, Nov. 2021, doi: 10.3390/S21227449.
10.1007/S43926-023-00037-2. [25] A. S. Gowri, P. S. Bala, and I. Zion, ‘‘Comprehensive analysis of resource
[4] A. H. M. M. Anwar and A. T. Oakil, ‘‘Smart transportation systems in smart allocation and service placement in fog and cloud computing,’’ Int. J. Adv.
cities: Practices, challenges, and opportunities for Saudi cities,’’ in Studies Comput. Sci. Appl., vol. 12, no. 3, pp. 1–17, 2021.
in Energy, Resource and Environmental Economics. Cham, Switzerland: [26] M. Tahir, M. Li, X. Zheng, A. Carie, X. Jin, M. Azhar, N. Ayoub, A. Wagan,
Springer, 2024, pp. 315–337. M. Aamir, L. Ali, M. Asif, and Z. Hussain, ‘‘A novel network user behav-
[5] A. Shirgire, V. Vasugi, A. Shelar, M. Vangari, S. Gadhave, and iors and profile testing based on anomaly detection techniques,’’ Int. J. Adv.
C. S. Chavan, ‘‘A review on intelligent transportation systems Comput. Sci. Appl., vol. 10, no. 6, pp. 1–28, 2019.
(ITS) for smart cities,’’ in Proc. 5th Int. Conf. Inventive Res. [27] F. H., ‘‘An efficient approach for the security threats on data centers in IoT
Comput. Appl. (ICIRCA), Aug. 2023, pp. 1500–1504, doi: 10.1109/ environment,’’ Int. J. Adv. Comput. Sci. Appl., vol. 8, no. 4, pp. 1–17, 2017.
ICIRCA57980.2023.10220766. [28] E. Ahmad, ‘‘Model-based system engineering of the Internet of
[6] N. Turab and Q. Kharma, ‘‘Secure medical Internet of Things framework Things: A bibliometric literature analysis,’’ IEEE Access, vol. 11,
based on parkerian hexad model,’’ Int. J. Adv. Comput. Sci. Appl., vol. 10, pp. 50642–50658, 2023, doi: 10.1109/ACCESS.2023.3277429.
no. 6, pp. 1–23, 2019. [29] K. Boikanyo, A. M. Zungeru, B. Sigweni, A. Yahya, and C. Lebekwe,
[7] A. Alghamdi, A. Alzahrani, and V. Thayananthan, ‘‘Fog network area man- ‘‘Remote patient monitoring systems: Applications, architecture, and chal-
agement model for managing fog-cloud resources in IoT environment,’’ lenges,’’ Scientific Afr., vol. 20, Jul. 2023, Art. no. e01638.
Int. J. Adv. Comput. Sci. Appl., vol. 12, no. 3, pp. 1–17, 2021. [30] A. Javed, A. Malhi, T. Kinnunen, and K. Främling, ‘‘Scalable IoT platform
[8] M. Ajmal and N. Ahmed, ‘‘Privacy and security mechanisms for eHealth for heterogeneous devices in smart environments,’’ IEEE Access, vol. 8,
monitoring systems,’’ Int. J. Adv. Comput. Sci. Appl., vol. 8, no. 4, pp. 1–22, pp. 211973–211985, 2020, doi: 10.1109/ACCESS.2020.3039368.
2017. [31] K. Hafdi, ‘‘Overview on Internet of Things (IoT) architectures,
[9] S. E. Bibri, J. Krogstie, A. Kaboli, and A. Alahi, ‘‘Smarter eco- enabling technologies and challenges,’’ J. Comput., vol. 14, no. 9,
cities and their leading-edge artificial intelligence of things solutions pp. 557–570, 2019, doi: 10.17706/JCP.14.9.557-570.
for environmental sustainability: A comprehensive systematic review,’’ [32] A. H. Hussein, ‘‘Internet of Things (IoT): Research challenges and future
Environ. Sci. Ecotechnology, vol. 19, May 2024, Art. no. 100330, doi: applications,’’ Int. J. Adv. Comput. Sci. Appl., vol. 10, no. 6, pp. 1–19, 2019.
10.1016/J.ESE.2023.100330. [33] Y. He, J. He, and N. Wen, ‘‘The challenges of IoT-based applications in
[10] C. Li, J. Wang, S. Wanga, and Y. Zhang, ‘‘A review of IoT applications high-risk environments, health and safety industries in the Industry 4.0
in healthcare,’’ Neurocomputing, vol. 565, Jan. 2024, Art. no. 127017, doi: era using decision-making approach,’’ J. Innov. Knowl., vol. 8, no. 2,
10.1016/J.NEUCOM.2023.127017. Apr. 2023, Art. no. 100347, doi: 10.1016/J.JIK.2023.100347.

VOLUME 12, 2024 171873

 I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

[34] R. Almutairi, G. Bergami, and G. Morgan, ‘‘Advancements and challenges [57] Y. Jia, Z. Zhang, X. Cao, and H. Wang, ‘‘Formal specification and
in IoT simulators: A comprehensive review,’’ Sensors, vol. 24, no. 5, verification of timing behavior in safety-critical IoT systems,’’ in Trans-
p. 1511, Feb. 2024, doi: 10.3390/S24051511. actions on Computational Science and Computational Intelligence. Cham,
[35] E. U. Haque, A. Shah, J. Iqbal, S. S. Ullah, R. Alroobaea, and S. Hussain, Switzerland: Springer, 2021, pp. 459–470.
‘‘A scalable blockchain based framework for efficient IoT data manage- [58] Z. H. Toman, L. Hamel, S. H. Toman, and M. Graiet, ‘‘Correct-by-
ment using lightweight consensus,’’ Sci. Rep., vol. 14, no. 1, p. 7841, Construction approach for formal verification of IoT architecture,’’ Proc.
Apr. 2024, doi: 10.1038/S41598-024-58578-7. Comput. Sci., vol. 207, pp. 2598–2609, Jun. 2022.
[36] B. Schneier, ‘‘Internet of Things,’’ in We Have Root: Even More Advice [59] H. Mousavi, A. Ebnenasir, and E. Mahmoudzadeh, ‘‘Formal specification,
From Schneier on Security. Cham, Switzerland: Springer, 2019, pp. 31–72. verification and repair of Contiki’s scheduler,’’ ACM Trans. Cyber-Phys.
[37] T. Gebremichael, L. P. I. Ledwaba, M. H. Eldefrawy, G. P. Hancke, Syst., vol. 7, no. 4, pp. 1–28, Oct. 2023, doi: 10.1145/3605948.
N. Pereira, M. Gidlund, and J. Akerberg, ‘‘Security and privacy [60] W. R. Bezerra, J. E. Martina, and C. B. Westphall, ‘‘A formal verification of
in the industrial Internet of Things: Current standards and future a reputation multi-factor authentication mechanism for constrained devices
challenges,’’ IEEE Access, vol. 8, pp. 152351–152366, 2020, doi: and low-power wide-area network using temporal logic,’’ Sensors, vol. 23,
10.1109/ACCESS.2020.3016937. no. 15, p. 6933, Aug. 2023, doi: 10.3390/S23156933.
[38] L. Tawalbeh, F. Muheidat, M. Tawalbeh, and M. Quwaider, ‘‘IoT privacy [61] N. Chen and H. Zhu, ‘‘A proof system of the CaIT calculus,’’ Fron-
and security: Challenges and solutions,’’ Appl. Sci., vol. 10, no. 12, p. 4102, tiers Comput. Sci., vol. 18, no. 2, Apr. 2024, Art. no. 182401, doi:
Jun. 2020, doi: 10.3390/APP10124102. 10.1007/S11704-022-2258-3.
[39] H. Allioui and Y. Mourdi, ‘‘Exploring the full potentials of IoT for better [62] B. Bannour and A. Lapitre, ‘‘Model checking of trickle-based IoT dissemi-
financial growth and stability: A comprehensive survey,’’ Sensors, vol. 23, nation,’’ in Proc. 9th Medit. Conf. Embedded Comput. (MECO), Jun. 2020,
no. 19, p. 8015, Sep. 2023, doi: 10.3390/S23198015. pp. 1–6.
[40] K. Sallam, M. Mohamed, and A. Wagdy Mohamed, ‘‘Internet of Things [63] J. H. Kim, H. J. Jo, and I. Lee, ‘‘Model checking resiliency and sustain-
(IoT) in supply chain management: Challenges, opportunities, and best ability of in-vehicle network for real-time authenticity,’’ Appl. Sci., vol. 11,
practices,’’ Sustain. Mach. Intell. J., vol. 2, pp. 1–26, Mar. 2023. no. 3, p. 1068, Jan. 2021, doi: 10.3390/APP11031068.
[41] M. Krichen, ‘‘Formal methods and validation techniques for ensuring auto- [64] Z. Fang, H. Fu, T. Gu, Z. Qian, T. Jaeger, P. Hu, and P. Mohapatra,
motive systems security,’’ Information, vol. 14, no. 12, p. 666, Dec. 2023, ‘‘A model checking-based security analysis framework for IoT systems,’’
doi: 10.3390/INFO14120666. High-Confidence Comput., vol. 1, no. 1, Jun. 2021, Art. no. 100004, doi:
[42] D. Fensel, ‘‘Formal specification languages in knowledge and software 10.1016/J.HCC.2021.100004.
engineering,’’ Knowl. Eng. Rev., vol. 10, no. 4, pp. 361–404, Dec. 1995, [65] S. Chehida, A. Baouya, S. Bensalem, and M. Bozga, ‘‘Learning and
doi: 10.1017/S0269888900007566. analysis of sensors behavior in IoT systems using statistical model check-
[43] P. Wang, ‘‘Formal model based safety analysis methods and the appli- ing,’’ Softw. Quality J., vol. 30, no. 2, pp. 367–388, Jun. 2022, doi:
cation,’’ in Civil Aircraft Electrical Power System Safety Assessment. 10.1007/S11219-021-09559-W.
Amsterdam, The Netherlands: Elsevier, 2017, pp. 259–287. [66] A. A. Hamza, I. T. Abdel Halim, M. A. Sobh, and A. M. Bahaa-Eldin,
[44] P. Marwedel, ‘‘Specifications and modeling,’’ in Embedded Systems. ‘‘HSAS-MD analyzer: A hybrid security analysis system using model-
Cham, Switzerland: Springer, 2021, pp. 29–126. checking technique and deep learning for malware detection in IoT apps,’’
Sensors, vol. 22, no. 3, p. 1079, Jan. 2022, doi: 10.3390/S22031079.
[45] J. Urban and J. Vyskocil, ‘‘Theorem proving in large formal mathematics
[67] A. Alsobeh and A. Shatnawi, ‘‘Integrating data-driven security, model
as an emerging AI field,’’ in Automated Reasoning and Mathematics.
checking, and self-adaptation for IoT systems using BIP components: A
Cham, Switzerland: Springer, 2013, pp. 240–257.
conceptual proposal model,’’ in Proc. Int. Conf. Adv. Comput. Res., 2023,
[46] S. Rajan, N. Shankar, and M. K. Srivas, ‘‘An integration of model checking pp. 533–549.
with automated proof checking,’’ in Computer Aided Verification. Cham,
[68] M. Krichen, ‘‘A survey on formal verification and validation techniques
Switzerland: Springer, 1995, pp. 84–97.
for Internet of Things,’’ Appl. Sci., vol. 13, no. 14, p. 8122, Jul. 2023, doi:
[47] J. H. Siddiqui, A. Rauf, and M. A. Ghafoor, ‘‘Advances in software model 10.3390/APP13148122.
checking,’’ in Advances in Computers. Amsterdam, The Netherlands: Else-
[69] M. E. E. Alahi, A. Sukkuea, F. W. Tina, A. Nag, W. Kurdthongmee,
vier, 2018, pp. 59–89.
K. Suwannarat, and S. C. Mukhopadhyay, ‘‘Integration of IoT-enabled
[48] M. Almakhour, L. Sliman, A. E. Samhat, and A. Mellouk, ‘‘Verification of technologies and artificial intelligence (AI) for smart city scenario: Recent
smart contracts: A survey,’’ Pervas. Mobile Comput., vol. 67, Sep. 2020, advancements and future trends,’’ Sensors, vol. 23, no. 11, p. 5206,
Art. no. 101227, doi: 10.1016/J.PMCJ.2020.101227. May 2023, doi: 10.3390/S23115206.
[49] S. Edelkamp and S. Schrödl, ‘‘Automated system verification,’’ in Heuris- [70] A. Ahmed, O. Hasan, F. Awwad, and N. Bastaki, ‘‘Formal analysis of future
tic Search. Amsterdam, The Netherlands: Elsevier, 2012, pp. 701–736. energy systems using interactive theorem proving,’’ in Briefs in Applied
[50] A. Souri, N. J. Navimipour, and A. M. Rahmani, ‘‘Formal verification Sciences and Technology. Cham, Switzerland: Springerpringer, 2022, doi:
approaches and standards in the cloud computing: A comprehensive and 10.1007/978-3-030-78409-6.
systematic review,’’ Comput. Standards Inter., vol. 58, pp. 1–22, May 2018, [71] D. Guo and W. Yu, ‘‘A comprehensive formalization of proposi-
doi: 10.1016/J.CSI.2017.11.007. tional logic in coq: Deduction systems, meta-theorems, and automa-
[51] A. Souri and M. Norouzi, ‘‘A state-of-the-art survey on formal verification tion tactics,’’ Mathematics, vol. 11, no. 11, p. 2504, May 2023, doi:
of the Internet of Things applications,’’ J. Service Sci. Res., vol. 11, no. 1, 10.3390/MATH11112504.
pp. 47–67, Jun. 2019, doi: 10.1007/S12927-019-0003-8. [72] G. Xie, H. Yang, H. Deng, Z. Shi, and G. Chen, ‘‘Formal verification of
[52] S. Ahmad, S. Malik, I. Ullah, D.-H. Park, K. Kim, and D. Kim, ‘‘Towards robot rotary kinematics,’’ Electronics, vol. 12, no. 2, p. 369, Jan. 2023, doi:
the design of a formal verification and evaluation tool of real-time tasks 10.3390/ELECTRONICS12020369.
scheduling of IoT applications,’’ Sustainability, vol. 11, no. 1, p. 204, [73] F. Alhabardi and A. Setzer, ‘‘A model of solidity-style smart contracts in the
Jan. 2019, doi: 10.3390/SU11010204. theorem prover agda,’’ in Proc. IEEE Int. Conf. Artif. Intell., Blockchain,
[53] I. Grobelna, ‘‘Formal verification of control modules in cyber- Internet Things, Sep. 2023, pp. 1–10.
physical systems,’’ Sensors, vol. 20, no. 18, p. 5154, Sep. 2020, doi: [74] M. Xiao, Y. Chen, Z. Li, Q. Chen, and R. Xu, ‘‘Proving mutual authentica-
10.3390/S20185154. tion property of industrial Internet of Things multi-factor authentication
[54] K. Hofer-Schmitz and B. Stojanovic, ‘‘Towards formal verification of IoT protocol based on logic of events,’’ Electronics, vol. 13, no. 1, p. 177,
protocols: A review,’’ Comput. Netw., vol. 174, Jun. 2020, Art. no. 107233, Dec. 2023, doi: 10.3390/ELECTRONICS13010177.
doi: 10.1016/J.COMNET.2020.107233. [75] G. A. Aranda-Corral, J. Borrego-Díaz, A. M. Chávez-González, and
[55] S. Akhtar and E. Zahoor, ‘‘Formal specification and verification of MQTT N. M. Gulayeva, ‘‘A logical–algebraic approach to revising formal ontolo-
protocol in PlusCal-2,’’ Wireless Pers. Commun., vol. 119, pp. 1589–1606, gies: Application in mereotopology,’’ AI, vol. 5, no. 2, pp. 746–789,
Feb. 2021. May 2024, doi: 10.3390/AI5020039.
[56] S. Kousar, N. A. Zafar, T. Ali, E. H. Alkhammash, and M. Hadjouni, [76] A. Souri, A. M. Rahmani, N. J. Navimipour, and R. Rezaei, ‘‘A hybrid
‘‘Formal modeling of IoT-based distribution management system for formal verification approach for QoS-aware multi-cloud service compo-
smart grids,’’ Sustainability, vol. 14, no. 8, p. 4499, Apr. 2022, doi: sition,’’ Cluster Comput., vol. 23, no. 4, pp. 2453–2470, Dec. 2020, doi:
10.3390/SU14084499. 10.1007/S10586-019-03018-9.

171874 VOLUME 12, 2024

I. Haddou-Oumouloud et al.: Toward Secure and Reliable IoT Systems

[77] T. Liebrenz, P. Herber, and S. Glesner, ‘‘A service-oriented approach for ABDERAHMAN KRIOUILE is currently a Pro-
decomposing and verifying hybrid system models,’’ in Formal Aspects of fessor with ENSIAS, University of Mohammed V
Component Software. Cham, Switzerland: Springer, 2020, pp. 127–146. of Rabat, where he has been teaching with the
[78] W. Elkholy, M. El-Menshawy, J. Bentahar, M. Elqortobi, A. Laarej, Department of Embedded Systems, since 2018.
and R. Dssouli, ‘‘Model checking intelligent avionics systems for test His professional experience spans several leading
cases generation using multi-agent systems,’’ Expert Syst. Appl., vol. 156, companies, including Airbus, STMicroelectronics,
Oct. 2020, Art. no. 113458, doi: 10.1016/J.ESWA.2020.113458. and Farasha Systems, where he contributed to
[79] Y. Guan, J. Guo, and Q. Li, ‘‘Formal verification of a hybrid IoT oper-
various projects in embedded systems and gained
ating system model,’’ IEEE Access, vol. 9, pp. 59171–59183, 2021, doi:
extensive industry expertise. His research interests
10.1109/ACCESS.2021.3073398.
[80] M. F. Minhas, O. Hasan, and S. Abed, ‘‘HVoC: A hybrid model checking-
include embedded systems, system design, and
interactive theorem proving approach for functional verification of digital optimization for industrial applications. His work emphasizes the integra-
circuits,’’ J. Electron. Test., vol. 37, no. 4, pp. 561–567, Aug. 2021, doi: tion of advanced technologies into practical applications, enhancing the
10.1007/S10836-021-05956-Y. performance and reliability of embedded systems in complex environments.
[81] M. Al-Nuaimi, S. Wibowo, H. Qu, J. Aitken, and S. Veres, ‘‘Hybrid He has been involved in numerous research projects and has collaborated
verification technique for decision-making of self-driving vehicles,’’ with international research institutions. He is passionate about bridging the
J. Sensor Actuator Netw., vol. 10, no. 3, p. 42, Jun. 2021, doi: gap between academic research and industry needs, ensuring that his research
10.3390/JSAN10030042. contributions have practical and impactful applications.
[82] G. Dupont, Y. Ait-Ameur, N. K. Singh, and M. Pantel, ‘‘Formally verified
architectural patterns of hybrid systems using proof and refinement with
event-B,’’ Sci. Comput. Program., vol. 216, Apr. 2022, Art. no. 102765,
doi: 10.1016/J.SCICO.2021.102765.
[83] A. M. T. Ali-Eldin, ‘‘A hybrid trust computing approach for IoT using
social similarity and machine learning,’’ PLoS ONE, vol. 17, no. 7,
Jul. 2022, Art. no. e0265658, doi: 10.1371/JOURNAL.PONE.0265658. SOUFIANE HAMIDA received the master’s
[84] A. Mammar, M. Afendi, and R. Laleau, ‘‘Modeling and proving hybrid degree in educational technology from the École
programs with event-B: An approach by generalization and instantia- Normale Supérieure, Tetouan, Morocco, in 2016,
tion,’’ Sci. Comput. Program., vol. 222, Oct. 2022, Art. no. 102856, doi: and the Ph.D. degree in computer science with
10.1016/J.SCICO.2022.102856. a specialization in artificial intelligence from the
Faculty of Sciences and Techniques of Mohamme-
dia, Hassan II University, Casablanca, Morocco,
in 2022.
His Ph.D. dissertation titled ‘‘Contribution to
the Development of Intelligent Decision Systems
in Education and Healthcare Fields,’’ earning the highest honors and jury
congratulations. He is currently a Professor of higher education with the
Hassan II University of Casablanca, specializing in artificial intelligence,
programming, and database design. His teaching areas include artificial
intelligence, advanced office automation, databases, algorithms, and object-
oriented programming. His research interests include artificial intelligence,
programming, database design, computer networks, and project manage-
ment. He is active in academic activities, seminars, and conferences related
to computer science and artificial intelligence.

IKRAM HADDOU-OUMOULOUD received the

bachelor’s degree in engineering physics from the
Faculty of Sciences and Techniques, Hassan II AHMED ETTALBI is currently a Full Profes-
University, Casablanca, Morocco, and the mas- sor with the Software Engineering Department,
ter’s degree in electronics and telecommunications Higher National School of Computer Science and
from the Faculty of Sciences, Abdelmalek Essaadi Systems Analysis (ENSIAS), Mohammed V Uni-
University, Tetouan, Morocco. She is currently versity, Rabat, Morocco. He is also a member
pursuing the Ph.D. degree in computer science of the IT Architecture and Model-Driven Sys-
with ENSIAS, University of Mohammed V of tems Development (IMS) Team, Advanced Digital
Rabat. Enterprise Modeling and Information Retrieval
She is also a member of the IT Architecture and Model Driven Systems (ADMIR) Laboratory, Rabat IT Center. His
Development (IMS) Research Laboratory and the Universal Geniuses of research interests include cloud computing, web
Systems (GENIUS) Research Laboratory. Her research interests include services, object modeling with viewpoints, and service-oriented architectures
improving the security and reliability of Internet of Things (IoT) systems (SOA). He has published extensively in these areas and regularly contributes
through the use of formal verification techniques. She is passionate about to international conferences and journals. His work bridges both theoretical
using formal approaches to address new concerns in IoT. Her research advancements and practical applications in software engineering, particu-
interests include formal verification techniques, the IoT security, and system larly in the development of scalable and modular systems.
reliability.

VOLUME 12, 2024 171875