A Model-Driven Framework for the Prevention of DoS Attacks in Software Defined Networking (SDN)

Muhammad Usman Farooq¹, Muhammad Rashid², Farooque Azam¹, Yawar Rasheed¹, Muhammad Waseem Anwar¹ and Zohaib Shahid³

1Department of Computer and Software Engineering, College of Electrical and Mechanical Engineering, National University of Sciences and Technology (NUST), Islamabad

2Computer Engineering Department, Umm Al-Qura University, Makkah, Saudi Arabia

3Department of Information Technology, Government College University (GCU), Kotwali Road, Faisalabad, Pakistan mufarooq.cse19ceme@ce.ceme.edu.pk, mfelahi@uqu.edu.sa, farooq@ceme.nust.edu.pk, yawar.rasheed18@ce.ceme.edu.pk,

waseemanwar@ceme.nust.edu.pk, zshahid91@gmail.com Abstract—Security is a key component of the network.

Software Defined Networking (SDN) is a refined form of traditional network management system. It is a new encouraging approach to design-build and manage networks.

SDN decouples control plane (software-based router) and data plane (software-based switch), hence it is programmable.

Consequently, it facilitates implementation of security based applications for the prevention of DOS attacks. Various solutions have been proposed by researches for handling of DOS attacks in SDN. However, these solutions are very limited in scope, complex, time consuming and change resistant. In this article, we have proposed a novel model driven framework i.e. MDAP (Model Based DOS Attacks Prevention) Framework. Particularly, a meta model is proposed. As tool support, a tree editor and a Sirius based graphical modeling tool with drag drop palette have been developed in Oboe designer community edition. The tool support allows modeling and visualization of simple and complex network topology scenarios. A Model to Text transformation engine has also been made part of framework that generates java code for the Floodlight SDN controller from the modeled scenario. The validity of proposed framework has been demonstrated via case study. The results prove that the proposed framework can effectively handle DOS attacks in SDN with simplicity as per the true essence of MDSE and can be reliably used for the automation of security based applications in order to deny DOS attacks in SDN

Keywords- SDN, MDE, Networking,, Denial of Service, Local Area Network Denial, OFP, Meta-model, Sirius tool, Model-To- Text, Acceleo, Model Driven Code Transformation.

I. INTRODUCTION

SDN is a developing network design. The controller keeps a universal view of the network. It describes the forwarding rules of the devices in the data plane (Software Based Network Switch) and completes all multipart functions. Software controller for SDN contains the Northbound APIs that empower applications to cooperate with the controller. Southbound APIs that is used to connect the controller and the SDN network which consists of software based switches and software based routers. There is an open-source protocol used between the Control Plane and data plane, which is OpenFlow protocol. It is used to provide communication medium between Control Plane and Data

Plane. The key advantage of centralization is ease of network programming. Cisco Systems, Juniper Networks and HP are major vendors in the network industry which are providing Open Flow support in their switches [1] Google has deployed OpenFlow protocol for network traffic communication between its different datacenters.

Decoupling of Control and Data plane in SDN may result in a security issue of DoS (Denial of Service) Attack.

According to W. Li et al. [2] researchers can implement different type of network techniques because SDN is open source, standardize and flexible approach. Particularly, OpenFlow is very mature concept now-a-days between switches and controller as it acts as a medium. The SDN can take decision as well as perform its implementation at runtime. This makes it vulnerable to security threat such as port scanning, IP spoofing, Denial of Service (DoS) etc. To avoid these attacks, we need an implementation of protective module. In existing literature, various researchers implemented security based application in SDN without using MDA approach. In this research, Model Driven approach has been used for the implementation of Security based application in SDN. Without Model Driven architecture we cannot easily generate source code. Without using model driven approach, we cannot detect error in development process at an early stage.

Model Driven Software Engineering deals with models and transformation as the primary artifacts of software development [3]. In order to transform a given model into source code a platform independent model and a model to text transformation is required. However, there are certain transformation losses due to which completely executable code cannot be generated and requires a bit of customization. Once a Meta model is defined at M2 Level of MDA standard architecture, source code for various platforms may be generated via model to text transformation approach.

SDN also provides the complete visibility to network engineers because of the separation of control plane and data plane. Due to this separation of devices we can save cost of physical network devices such as router and switch and it is scalable as well. The proposed framework (MDAP) handles any type of network topology and Model-to-Text transformation can generate code of any security module.

Therefore, this approach can be used in small as well as large and complex network infrastructures.

By using MDA, we can decrease the complexity of the system development [4]. It provides reusability, lower coupling and more modularity, Moreover, speed up the time to develop large applications. By using model-to-text transformation we can save time for implementation of code and reduce the overall cost of building large applications.

To overcome the issue, a novel framework is proposed. The name of the framework is Model-Based DoS Attack Prevention (MDAP). This framework consists of M2 level Ecore Model for handling DoS attacks in SDN architecture. This framework also provides tool support, so a tree editor and fully customized graphical modeling tool has been developed. This tool reduces implementation complexity and achieves a higher level of abstraction. It may further be automated into an application, capable of handling DoS attacks in SDN architecture.

The paper is organized as follows: Section II describes the Literature Review. Section III describes the proposed MDAP Framework. Section IV describes the Case study for validation. Section V covers the Discussion.

Section VI draws some conclusion and deliver direction for future work.

II. LITERATURE REVIEW

F. A. Lopes et al. [5] defined Software Defined Networking (SDN) getting lots of importance in Industry and academic research. SDN Introduced new networking technology that provides flexibility in programming for programmers and allows them to dynamically configure and manage their Network Hardware Resources. In SDN, control plane (as a central controller) process all kind of routing decision. M. Kuerban et al. [6] defined that a key part of SDN is the controller. L. Barki et al. [7] observed in SDN, Switch match entry of newly arrived packet in the forwarding table. If Switch does not find any rule regarding incoming packet, then switch forward this packet to controller switches do not process the incoming packets.

They match for the incoming packets in the forwarding tables and if there is none it will be sent to the controller for further processing. A switch does not perform any processing on its own.

G. Shang et al. [8] suggested a protocol independent technique for DoS attack prevention called FloodDefender for Software Defined Networking.

FloodDefender lies between SDN Controller and SDN switch so this can protect both control plane and data plane.

A. Aleroud et al. [9] presents a technique which detect the DoS attacks which is interference relation this is based on contextual similarity. DoS attacks are identified with the help of pattern. L. Dridi et al. [10] proposed in this paper SDN-Guard, it efficiently protect network from DoS attacks at runtime. First approach of prevention is to reroute attack packets, second approach is to fine-tuned timeout of flow traffic and Third approach is to create collection of flow rules. P. Rengaraju et al. [11] suggested a technique for

preventing network from DoS attacks. In such a way, an attack can be stopped by using distributed Firewall and Intrusion prevention system. A. Abubakar et al. [12]

suggested an Intrusion prevention System (IPS) in SDN.

These attacks can be prevented flow-based anomaly detection IPS by using Machine Learning. K. Zkik et al.

[13] provided a layer which provides security in SDN. The security plane is consisting of Firewall software module, Intrusion prevention device along with anomaly detection system.

F. A. Lopes et al. [5] uses Model-driven approach which is known as Model-Driven Networking (MDN). The main purpose of this approach is to avoid those policies which are generating conflicts in network. G. Casale et al.

[14] Tells the importance of that Model driven approach increases the capability of Big Data based applications A.

Oliveira et al. [15] suggested a MDE approach BRCode. By using this approach, the features which are repeating in enterprise applications provides a leverage to the productivity of software developers by reusing it.

M. W. Anwar et al. [16], [17], [18] presents a framework named MODEVES (MOdel-based DEsign Verification for Embedded Systems). For model the structural and behavioral requirements UML (Unified Modeling Language) and SysML (Systems Modeling Language) diagram representation are used. They generated Computation Tree Logic, SystemVerilog Register Transfer Level (RTL) and Timed Automata model code by developing open source transformation engine. This framework provides 100% design productivity. L. Lushun et al. [19] presented a comparison M2T tools. They compared nine most popular tools on the basis of expressiveness power and performance. This comparison shows MDE- based tools are more expressive but in best expressiveness and performance Xtend2 should be preferred. M. Inayat Ullah et al. [20] presented an MDA based framework which is based on principle (Develop once and run everywhere). In this framework they comprised several datatypes and stereotypes developing a UML based DSML. By using this framework, they proved that their proposed framework simplifies the development for CRUD (Create, Read, Update and Delete) operations. C. Berna china et al. [21]

propose a framework named as ALMOsT.js. This used in agile development for developing web application development and mobile application development. By using this framework lowers the requirement of technical skills for developers.

In summary literature has highlighted how SDN programmers and allow them to dynamically configure and manage their Network Hardware Resources then this research highlighted how DoS attacks effect on control plane and data plane performance. In last also highlighted the Model Driven reduces complexity by using Model- Driven Networking (MDN) approach. By using MDA based Model to code transformation can be achieved. Java code of model can be generated with help of transformation

template. In existing literature, security-based application, in SDN, have been developed without using MDA approach.

Several methodologies have been suggested by researches for catering the problem of handling DoS attacks.

III. M^ODEL-^BASED D^OSA^TTACKS P^REVENTION (MDAP)

FRAMEWORK

To create SDN applications or the implementation of DoS attack prevention application a Domain Specific Modelling Language (DSML) is used. This method reduces the complexity of implementation at earlier stages of project design. In this paper, MDAP is using a MDA-based technique which slightly similar to MDN (Model Driven Networking) which is purposed by F. A. Lopes et al. [5].

DoS Prevention security application is implemented on SDN Controller (Floodlight SDN controller (Router)).

MDA based approach raises the level of abstraction on development.

The MDAP framework is using MDA approach for handling DoS (Denial-of-Service) attacks in Software Defined Networking (SDN). The framework is based on

SDN Basic architecture. Different network topology can be used. This SDN architecture and DoS preventer module is flexible and dynamic enough to handle it. The DoS prevention module is implemented in SDN Controller (Router) which is connected with SDN based switch (as shown in figure 4).

A. Proposed MDAP Meta-Model

MDAP meta-model as shown in figure 1 Software Defined networking model consist of data plane (switch class) and control plane (Router class) and Host is linked directly with network switch. Both control plane(Router Class) and data plane switch class linked each other. SDN Model class composed of SDNController, SDNSwitch,

Host, NetworkNode, TrafficGenerator, NetworkLink, ControllerNWSwitch. SDN software-based controller modeled by SDNController class with properties srcIpAddress, destIpAddress. SDN software-based controller is modeled by SDNSwitch class with properties datapathId. Ethernet Network switches modeled by NetworkLink class with properties LinkSpeed and ethType.

NIC ethernet card is modeled by NetworkNode class with properties ipAddress and LinkSpeed. Host(PC) is modeled by Host class with a property of hostName. SDNContoller class performs association with ControllerNWSwitch, SDNSwitch and DoSPrevention class. SDNController class performs association with DoSPreventer.

ControllerNWSwitch performs association with SDNSwitch. SDNSwitch performs association with NetworkLink class. NetworkLink class perform mandatory association with NetworkNode class. The host class performs an optional association with TrafficGenerator class. DoSPreventor class is implemented for handling or preventing DoS attacks.

B. Sirius Tool Support

Sirius is an Eclipse Modeling Framework (EMF) [22]. A customized graphical modeling workbench is created. By using runtime in Obeo Designer we can translate this model dynamically. It manages the complexity of system in a very sensible way. Sirius divides larger parts in less complex parts. This reduces the effort which is required to solve big problem. It also provides filters, limited styles and layers to automatically streamline the graphical representations. It contains following main modules. First, to describe how to use simple UI to create and manipulate models and their representations a Modeling Project can be used. Second, it is a special kind of editor Figure 1. Proposed MDAP Meta-Model

which describes the gathering of all functionalities allowing to create and manipulate these models and representations which is called Aired editor. Once completed, we can create Eclipse IDE based plug-in.

In figure 3 there is Tree Editor of Developed tool.

This Tree Editor consists of root node and child nodes.

Palette consist of nodes and edges which are required to create graphical model which is shown in figure 4. We can use multiple nodes and edges by drag-drop in workspace.

C. Transformation Engine

To generate code from model a set of rules is needed for accurate code generation [23], [24]. So, Acceleo Tool is selected for model to Java source code transformation and used to generate .java code of DoS preventer class [25], [26].

This code can be integrated into Forwarding.java after applying minor changes in it. So, approximately 80%

of code transformation is achieved. In figure 5 transformation code contains data members and operations of class. In the above MDAP Meta-model, rest of code is not generated because these are third party hardware or software such as the SDN switch is Open vSwitch [27]

which is independent from SDN Controller and it is running as an independent application. Host is also an independent which is running in a network simulator. A traffic generator is also a separate application.

Figure 2. Template for transformation (generate.mtl file) Figure 2 shows model to text transformation template. In this research, source code of DoS Preventer class is generated in java for SDN Controller.

1) Transformation Rules

So, a set of transformation rules are developed for Model-To-Text generation.

TABLE 1. TRANSFORMATION RULES S. No. MDAP modeling

concepts Java Concepts

1. SDNControllerSDNModel

2. SDNSwitchSDNModel

3. ControllerNWSwitchSDNModel

4. SDNModelSDNModel

5. NetworkLinkSDNModel

6. HostSDNModel

7. TrafficGeneratorSDNModel

8. DoSPreventerSDNModel

In this Table 1 explains the transformation rules.

When we apply transformations MDAP concepts will be converted in to java concepts accordingly.

IV. VALIDATION A. Case Study Narrative

Consider a scenario of mail transfer between two people (Department Head and its project manager) working in an office. The topology consists of 6 (host1 – host6) Linux hosts having NIC card (In above model NIC is Network Node) whose IP addresses are (10.0.0.1, 10.0.0.2, 10.0.0.3, 10.0.0.4, 10.0.0.5, 10.0.0.6) there hosts are connected with 3 L2 switches (CAT6) in and these switches are connected with an OpenVSwitch(data plane) then this OpenVSwitch is further connected with Floodlight SDN Controller (10.0.0.0) with TLS 1.2 encrypted channel (In this model we used ControllerNWSw node to represent this encrypted channel) (using OpenFlow Protocol 1.4). host1 (10.0.0.1) will generate an email to host 6 (10.0.0.6) (as shown in Figure 4). When Host 1 sends an email to host 6 then network traffic is generated. When the very first packet of host1 arrives at host1. host1 will starts finding a rule related to this packet in forwarding table but not present then host1 generate an OpenFlow protocol based packet to sdnCntr1 then sdnCntr1 will verify packet source and destination ip and assign a rule and generate an OpenFlow based packet to host1. host1 update its forwarding table and send this packet to host6.

Similarly, when Host 1 sends next packet to Host 6 of this email then host1 look for the rule regarding host6 in forwarding table. This time it finds a rule (without interacting or sending OpenFlow packet to SDN Controller) and sends this packet to Host 6 this process repeat until DoS

attack is not generated or new network traffic. When Host 2 which is DoS attacker and trying to generate DoS packet.

When DoS packet arrives at host1. host1 will look for the rule in the forwarding table but it is not present in that table then the same process will follow as mentioned above for the case of the first packet. SDN controller will analyze considered as a DoS attack and assign the rule to drop that kind of flow/packet send a rule to host1. Then SDN Controller generates an OpenFlow packet to host1. host1 updates its forwarding table and drops that packet Next time host1 drop all that type of network traffic. So, DoS attack will be blocked by utilizing fewer resources.

B. MDAP in Action

Above mentioned case study is modeled by using MDAP Framework. This represents the case study in tree view and Graphical view.

Figure 3. Tree Editor of Sirius tool

In Figure 3, Tree view model of the case study is presented.

Figure 4. A case study model

MDAP supports Graphical model representation which can be created by using different nodes and edges. A specially designed toolbox is called palette as shown in Figure 4. A Palette consists of Nodes and edges. Palette provides drag-and-drop to create graphical representation. If we want to connect SDN Controller with DoS Preventer we will have to use SDNCrtl-Dos edge from the palette.

In Figure 4 Model SDNContoller class uses association with ControllerNWLink class then this ControllerNWLink uses association with NWLink (According to case study model there are three instances of NWLink) then this NWLink class uses association with NetworkNode class then this NetworkNode class uses association with Host PC (According to case study 6 instance is created). In case Host 5 class which is hacked so this Host5 class is using association with Traffic Generator class.

C. Transformation

Figure 5. Generated Source Java code of DoS Preventer class Figure 5 shows the generated Java code against the transformation template. This code can be integrated into Floodlight SDN Controller by applying minor improvements and also it will stop LAND attacks. The template for code transformation contains special type of syntax. The code of rest of the seven classes is also generated. Such as generated source code of DoSPreventerSDNModel contains attributes docIps and IPv4Address of Estring type and Operations are doForwardFlow, doDropFlow, another generated class SDNController contains attributes named destIpAddress and srcIpAddress of EString type and their getters and setters functions, another generated class SDNSwitch contains attributes named dataPathId of EString datatype and its getters and setters functions. Another generated class ControllerNWSwitch contains attributes named transportSecurity and OFPVersion of EString datatype and their getters and setters functions. Another generated class NetworkLink contains attributes named linkSpeed and

ethType of EString datatype and their getters and setters functions. Another generated class NetworkNode contains attributes named IpAddress and LinkSpeed of EString datatype and their getters and setters functions. Similarly, another generated class Host and TrafficGenerator contains attributes named hostname and dosTraffic of Estring and their getters and setters functions.

V. D^ISCUSSION

The proposed framework allows network engineers to easily manage DOS attacks in SDN. Various concepts related to software-based security modules have been added to our proposed meta model in order to enhance the security of networks and handle multiple security attacks without acquiring new network hardware devices. The developed DoS attack prevention module in MDAP Framework takes the decision when the first packet of suspicious traffic has arrived and blocks this suspicious traffic at the early stages.

Tree editor and graphical modeling tool which are part of the framework allows modeling of simple and complex network topology scenarios. The drag drop palette of our graphical modeling tool allows modeling with ease and user friendliness. The framework also has the capability to generate an implementation (Java code) of DoS attacks prevention application via model to text transformation. The proposed framework is modular and flexible and can be easily adapted to incorporate new advanced concepts related to DOS attacks prevention in SDN.

The limitation of the proposed MDAP framework is that there are certain transformation losses due to which a completely executable code cannot be generated from the modeled scenario and an effort is required to make the generated code executable. Moreover, this framework only supports Java language. So, it cannot generate code for another programming language. The proposed MDAP Framework is used only for the development of SDN-based network applications.

VI. CONCLUSION AND F^{UTURE WORK}

In this article, we have proposed a novel model driven framework i.e. MDAP (Model Based DOS Attacks Prevention) Framework. Particularly, a meta model is proposed. As tool support, a tree editor and a Sirius based graphical modeling tool with drag drop palette have been developed in oboe designer community edition. The tool support allows modeling and visualization of simple and complex network topology scenarios. A Model to Text transformation engine has also been made part of framework that generates java code for the Floodlight SDN controller from the modeled scenario. The validity of proposed framework has been demonstrated via case study.

The results prove that the proposed framework can effectively handle DOS attacks in SDN with simplicity as per the true essence of MDSE and can be reliably used for the automation of security based applications in order to deny DOS attacks in SDN.

Considering future work, this framework can be extended with other network concepts Such as DMZ node, DNS Servers, FTP Servers, mail servers, Firewall node.

Making the model too text transformation more efficient in order to reduce the transformation losses is also a future milestone.

ACKNOWLEDGMENTS

We acknowledge the support of KACST (King Abdul-Aziz City for Science and Technology) and STU (Science and Technology Unit) Makkah, Saudi Arabia.

R^EFERANCES

[1] S. Jain et al., "B4: Experience with a globally-deployed software defined WAN," ACM SIGCOMM Computer Communication Review, vol. 43, no. 4, pp. 3-14, 2013.

[2] W. Li, W. Meng, and L. F. Kwok, "A survey on OpenFlow- based Software Defined Networks: Security challenges and countermeasures," Journal of Network and Computer Applications, vol. 68, pp. 126-139, 2016.

[3] Rasheed, Yawar, Farooque Azam, and Muhammad Waseem Anwar. "A novel framework and tool for multi-purpose modeling of physical infrastructures." Proceedings of the 12th International Conference on Computer Modeling and Simulation. 2020.

[4] Rasheed, Yawar, et al. "A Novel Model Driven Framework for Image Enhancement and Object Recognition." International Conference on Information and Software Technologies.

Springer, Cham, 2020.

[5] F. A. Lopes, M. Santos, R. Fidalgo, and S. Fernandes, "Model- driven networking: A novel approach for SDN applications development," in 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), 2015, pp. 770-773:

IEEE.

[6] M. Kuerban, Y. Tian, Q. Yang, Y. Jia, B. Huebert, and D. Poss,

"FlowSec: DOS attack mitigation strategy on SDN controller,"

in 2016 IEEE International Conference on Networking, Architecture and Storage (NAS), 2016, pp. 1-2: IEEE.

[7] L. Barki, A. Shidling, N. Meti, D. Narayan, and M. M. Mulla,

"Detection of distributed denial of service attacks in software defined networks," in 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2016, pp. 2576-2581: IEEE.

[8] G. Shang, P. Zhe, X. Bin, H. Aiqun, and R. Kui,

"FloodDefender: Protecting data and control plane resources under SDN-aimed DoS attacks," in IEEE INFOCOM 2017- IEEE Conference on Computer Communications, 2017, pp. 1-9:

IEEE.

[9] A. Aleroud and I. Alsmadi, "Identifying DoS attacks on software defined networks: A relation context approach," in NOMS 2016-2016 IEEE/IFIP Network Operations and Management Symposium, 2016, pp. 853-857: IEEE.

[10] L. Dridi and M. F. Zhani, "SDN-guard: DoS attacks mitigation in SDN networks," in 2016 5th IEEE International Conference on Cloud Networking (Cloudnet), 2016, pp. 212-217: IEEE.

[11] P. Rengaraju, V. R. Ramanan, and C.-H. Lung, "Detection and prevention of DoS attacks in Software-Defined Cloud networks," in 2017 IEEE Conference on Dependable and Secure Computing, 2017, pp. 217-223: IEEE.

[12] A. Abubakar and B. Pranggono, "Machine learning based intrusion detection system for software defined networks," in 2017 Seventh International Conference on Emerging Security Technologies (EST), 2017, pp. 138-143: IEEE.

[13] K. Zkik, S. El Hajji, and G. Orhanou, "Design and Implementation of a New Security Planee for Hybrid Distributed SDNs," Journal of communications. vol. 14, no. 1, pp. 26-32, 2019.

[14] G. Casale et al., "DICE: quality-driven development of data- intensive cloud applications," in 2015 IEEE/ACM 7th International Workshop on Modeling in Software Engineering, 2015, pp. 78-83: IEEE.

[15] A. Oliveira, V. Bischoff, L. J. Gonçales, K. Farias, and M.

Segalotto, "BRCode: An interpretive model-driven engineering approach for enterprise applications," Computers in Industry, vol. 96, pp. 86-97, 2018.

[16] M. W. Anwar, M. Rashid, F. Azam, A. Naeem, M. Kashif, and W. H. Butt, "A Unified Model-Based Framework for the Simplified Execution of Static and Dynamic Assertion-Based Verification," IEEE Access, vol. 8, pp. 104407-104431, 2020.

[17] M. W. Anwar, M. Rashid, F. Azam, M. Kashif, and W. H. Butt,

"A model-driven framework for design and verification of embedded systems through SystemVerilog," Design Automation for Embedded Systems, vol. 23, no. 3-4, pp. 179- 223, 2019.

[18] M. W. Anwar, M. Rashid, F. Azam, M. Kashif, “Model-Based Design Verification for Embedded Systems through SVOCL:

An OCL Extension for SystemVerilog”, Design Automation for Embedded Systems, vol. 21, no. 1, 2017.

[19] L. Luhunu and E. Syriani, "Comparison of the expressiveness and performance of template-based code generation tools," in Proceedings of the 10th ACM SIGPLAN International Conference on Software Language Engineering, 2017, pp. 206- 216.

[20] M. Inayatullah, F. Azam, and M. W. Anwar, "Model-Based Scaffolding Code Generation for Cross-Platform Applications,"

in 2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), 2019, pp.

1006-1012: IEEE.

[21] C. Bernaschina, "ALMOsT. js: an agile model to model and model to text transformation framework," in International Conference on Web Engineering, 2017, pp. 79-97: Springer.

[22] M. Rashid, M. W. Anwar, A. M. Khan, “Towards the Tools Selection in Model Based System Engineering for Embedded Systems - A Systematic Literature Review”, Journal of Systems and Software, vol. 106, pp.150-163, May 2015

[23] M. Rashid, M. W. Anwar and F. Azam, “Expressing embedded systems verification aspects at higher abstraction level — SystemVerilog in Object Constraint Language (SVOCL)”, 2016 IEEE Systems Conference, pp. 1-7, Orlando, USA, April 2016 [24] F. Samea, M. W. Anwar, M. Rashid, F. Azam, W. H. Butt, A.

W. Muzaffar, “A Model-driven Framework for Serverless Data- driven Applications in Cloud Computing”, PLOS ONE, vol. 15, no.8, e0237317, 2020.

[25] M. Rashid, M. W. Anwar, F. Azam and M. Kashif, “Model- based requirements and properties specifications trends for early design verification of embedded systems” 11th IEEE System of Systems Engineering Conference, pp. 1-7, Kongsberg, Norway, June 2016.

[26] M. Rashid, M. W. Anwar, “A systematic investigation of tools in model based system engineering for embedded systems”, 11th IEEE System of Systems Engineering Conference, pp. 1-6, Kongsberg, Norway, June 2016

[27] Open vSwitch Documentation [Online]. Available:

http://docs.openvswitch.org/en/latest/