Enhancing Verification in the �IoT-Edge-Cloud Continuum

Davide Taibi

University of Oulu

Context and Motivation

• Distributed IoT-edge-cloud systems are dynamic and heterogeneous

​

• Architectural drift and erosion are common in complex systems

​

• Traditional test-based verification is insufficient

​

• We need verification that accounts for architecture and runtime behavior

Software Architecture in the Continuum

Architectural Reconstruction

• Goal: Reconstruct actual system architecture from artifacts for comparison against design-time models

​

• Static: call graphs, dependency analysis
• Dynamic: runtime traces, observability data

​

Architectural Compliance Testing

• Identify conformance violations (e.g., layering breaches, illegal calls)
• Use reconstructed architecture as test oracle
• Automate rule checking (e.g., service isolation, gateway boundaries)

​

• Goal: Compliance as code using model comparisons

Verification Strategy Across Layers

• Combine static (structure), dynamic (behavior)
• Edge: test under constraints, local decision logic
• Cloud: verify orchestration, data flows
• IoT: ensure adherence to contracts and communication interfaces

Generative AI for Verification

• AI generates tests for uncovered execution paths
• Suggests architecture rules from historical models
• Limitations: false positives, runtime costs

​

• Goal: LLM-assisted compliance suggestion and validation

6G and Software Architecture in the Edge-to-Cloud Continuum

• Architectural Disruption by 6G
• Shift to massively distributed and heterogeneous nodes
• Requires architectural redesign to support ultra-low latency and >100 Gbps throughput
• Convergence of IoT, AI, Quantum Computing, and edge orchestration

​

• New Architectural Needs
• Energy-Aware Orchestration (EAO) models with dynamic resource scaling
• Resilient deployment models for smart hospitals, AR, connected vehicles
• Integration of AI-driven diagnostics and liquid AI at the edge

​

• Compliance & Sustainability
• Necessity to rethink modularity, service isolation, and deployment granularity
• Emphasis on sustainability, reliability, and AI-augmented architectural compliance
• Enhanced architectural traceability and automation with LLMs and static/dynamic analysis

​

• Goal: Build future-proof, adaptive architectures for real-time, high-stakes applications in 6G environments

Case Example: Smart City System

• Components: sensors, edge gateways, cloud analytics
• Issue: unauthorized data flow from edge to 3rd-party service
• Approach: reconstruct actual call graph, detect drift
• Outcome: compliance violation detected and patched

Case Example: FinTech Proactive Autoscaling

• Components: Prometheus, Grafana, K3s (lightweight Kubernetes), Edge Cluster VMs
• Production traces from a FinTech payment system
• Observed bottlenecks during scale-up delays under peak CPU loads

​

• Issue:
• Default Kubernetes autoscaler reacts after CPU spikes;
• Risk of under-provisioning and late pod instantiation
• Approach:
• Applied 29 time series forecasting models (14 statistical + 15 neural) to predict CPU usage;
• Integration with k3s for proactive pod scheduling

​

• Outcome:
• All models ran inference in < 1 minute, -> compatible with real-time auto-scaling
• Auto-scaler behavior refined, reducing premature scale-down and ensuring resource readiness

Current Status

• Static analysis tools
• Architectural Patterns
• Anti-Patterns
• Architectural Degradation (drifts)

​

• Dynamic Analysis tools
• Ongoing

​

• Resource Specification and allocation
• K8 model
• Orchestration models / allcoations

​

​

Challenges & Opportunities

• Challenges:
• Trace-model alignment
• Edge observability
• Opportunities:
• Self-updating architecture models
• AI-assisted verification pipelines
• Continuous architectural compliance testing

Conclusion & Vision

• Verification must evolve to include architectural integrity

​

• Combine static/dynamic analysis with AI and reconstruction

​

• Enable adaptive, resilient verification in the IoT-cloud continuum

​

• Let’s build automated compliance pipelines for the future