Security and Configurable Storage Systems in Industry 4.0 Environments: A Systematic Literature Study




security, industry 4.0, storage, systematic literature review


An increasing amount of Industry 4.0 data storages is highly configurable. As each variant includes individual features and interactions, ensuring data security becomes increasingly challenging. However, we are missing an analysis of research on security and configurable storages in Industry 4.0, especially those based on product-line engineering. To address this gap, we conducted a literature study covering relevant state-of-the-art publications (2013–2022). Overall, security for configurable systems seems under-explored. We highlighted that security standards and concrete mitigations techniques are usually not considered. In addition, we are missing an analysis of configurable storage and software systems in concert to identify threats, risks, and vulnerabilities caused by variability.


Gabel, Matthias, and Jeremias Mechler (2017): "Secure database outsourcing to the cloud: Side-channels, counter-measures and trusted execution". CBMS, pp. 799–804. doi:

Pohl, Klaus, Günter Böckle, and Frank Van Der Linden (2005): "Software product line engineering: foundations, principles, and techniques". Heidelberg, Springer.

Apel, Sven et al. (2016): "Feature-oriented software product lines". Berlin, Springer.

Krüger, Jacob et al. (2017): "Beyond software product lines: Variability modeling in cyber-physical systems". SPLC, pp. 237–241. doi:

Kenner, Andy et al. (2021): "Safety, security, and configurable software systems: a systematic mapping study". SPLC, pp. 148–159. doi:

Bamrara, Atul. (2015): "Evaluating database security and cyber attacks: A relational approach". The Journal of Internet Banking and Commerce 20/2: pp. 1–17.

Gamundani, Attlee M., and Lucas M. Nekare (2018): "A review of new trends in cyber attacks: A zoom into distributed database systems". IST-Africa, pp. 1–17.

Kitchenham, Barbara Ann, David Budgen, and Pearl Brereton (2015): "Evidence-based software engineering and systematic reviews". Boca Raton, CRC press.

Gherardi, Luca, Dominique Hunziker, and Gajamohan Mohanarajah (2014): "A soft-ware product line approach for configuring cloud robotics applications". CLOUD, pp. 745–75. doi:

Wang, Yunxia, Jun Wei, and Chengchong Gao (2015a): "Customization design of cloud manufacturing resources based on polychromatic sets theory". IHMSC, pp. 518-521. doi:

Fischer, Stefan et al. (2015): "Bridging the gap between software variability and sys-tem variant management: experiences from an industrial machinery product line". SEAA, pp. 402–409. doi:

Garcia, Cleiton et al. (2015): "A software process line for service-oriented applica-tions". SAC, pp. 1680–1687. doi:

Wang, Xi Vincent, Abdullah Mohammed, and Lihui Wang (2015b): "Cloud-based ro-botic system: architecture framework and deployment models". FAIM, pp. 1–8.

Galindo, José A. et al. (2015): "Supporting distributed product configuration by inte-grating heterogeneous variability modeling approaches". Information and Software Technology 62/1: pp. 78–100. doi:

Carlsson, Oscar et al. (2016): "Configuration service in cloud based automation sys-tems". IECON, pp. 5238–5245. Doi:

Arrieta, Aitor et al. (2016): "Test case prioritization of configurable cyber-physical sys-tems with weight-based search algorithms". GECCO, pp. 1053–1060. doi:

Groher, Iris et al. (2016): "Reusable architecture variants for customer-specific auto-mation solutions". SPLC, pp. 242–251. doi:

Metzger, Andreas et al. (2016): "Coordinated run-time adaptation of variability-intensive systems: an application in cloud computing". VACE, pp. 5–11. doi:

McGee, Ethan T., and John D. McGregor (2016): "Using dynamic adaptive systems in safety-critical domains". SEAMS, pp. 115–121. doi:

Heikkilä, Tapio, Tadeusz Dobrowiecki, and Lars Dalgaard (2016): "Dealing with con-figurability in robot systems". MESA, pp. 1–7. doi:

Yu, Shiqiang et al. (2017): "Product-Service Family Enabled Product Configuration System for Cloud Manufacturing". MSEC, pp. 1–9. doi:

McGee, Ethan T. et al. (2017): "Designing for reuse in an industrial internet of things monitoring application." WASHES, pp. 19–25. doi:

Iglesias, Aitziber et al. (2017): "Product line engineering of monitoring functionality in industrial cyber-physical systems: a domain analysis". SPLC. 2017, pp. 195–204. doi:

Wang, Lihui, and Xi Vincent Wang (2018): "Cloud robotics towards a CPS assembly system". Cloud-Based Cyber-Physical Systems in Manufacturing, pp. 243–259. doi:

Jalil, Dzulkafli, and Muhamad Shahbani Abu Bakar (2017): "Adapting Software Facto-ry Approach into Cloud ERP Production Model". International Journal of Computer Science and Information Security 15/1: pp. 1–9.

Krieter, Sebastian et al. (2018): "Towards secure dynamic product lines in the cloud". ICSE-NIER, pp. 5–8. doi:

Çapa, Birol et al. (2018): "Rapid PLC-to-Cloud Prototype for Smart Industrial Automa-tion". ISCSIC, pp. 1–5. doi:

Zhang, Zhenjie et al. (2018): "CMfgIA: a cloud manufacturing application mode for in-dustry alliance". The International Journal of Advanced Manufacturing Technology 98/9: pp. 2967–2985. doi:

Lazreg, Sami et al. (2019): "Multifaceted automated analyses for variability-intensive embedded systems". ICSE, pp. 854–865. doi:

Shaaban, Abdelkader Magdy, Thomas Gruber, and Christoph Schmittner (2019): "On-tology-based security tool for critical cyber-physical systems". SPLC, pp. 207–210. doi:

Cañete, Angel, Mercedes Amor, and Lidia Fuentes (2020): "Supporting the evolution of applications deployed on edge-based infrastructures using multi-layer feature mod-els". SPLC, pp. 79–87. doi:

Jamshidi, Pooyan et al. (2019): "Machine learning meets quantitative planning: Ena-bling self-adaptation in autonomous robots". SEAMS, pp. 39–50. doi:

Chumpitaz, Luis, Andrei Furda, and Seng W. Loke (2019): "Evolving Variability Re-quirements of IoT Systems". Software Engineering for Variability Intensive Systems, Auerbach Pubs, pp. 321–334.

Fischer, Juliane et al. (2020): "VarApp: Variant management app for IEC 61131-3 compliant legacy software". ICPS, pp. 269–276. doi: 1

Cañete, Angel (2019): "Energy efficient assignment and deployment of tasks in struc-turally variable infrastructures". SPLC, pp. 222–229. doi:

Schlingloff, Bernd-Holger, and Niels Hoppe (2021): "A Framework for Cloud-based Testing of Multi-variant Cyber-physical Systems". MECO, pp. 1–4. doi: 10.1109/MECO52532.2021.9460159.




How to Cite

May, R. (2022). Security and Configurable Storage Systems in Industry 4.0 Environments: A Systematic Literature Study. Open Conference Proceedings, 2, 151–156.



Beiträge zur / Contributions to the 22. Nachwuchswissenschaftler*innenkonferenz (NWK)