14-##_Source Texts-454-1-18-20190814 Journal of Software Engineering Research and Development, 2019, 6:3, doi: 10.5753/jserd.2019.14 This work is licensed under a Creative Commons Attribution 4.0 International License. Towards a more in-depth understanding of the IoT Paradigm and its challenges Rebeca Campos Motta [ Universidade Federal do Rio de Janeiro e LAMIH CNRS UMR 8201 | rmotta@cos.ufrj.br] Valéria Martins da Silva [Universidade Federal do Rio de Janeiro | vsilva@cos.ufrj.br ] Guilherme Horta Travassos [Universidade Federal do Rio de Janeiro | ght@cos.ufrj.br ] Abstract The Internet of Things (IoT) is a new technological paradigm that brings together the physical and virtual worlds to provide software systems everywhere through daily life objects. The IoT can transform how we interact with the environment surrounding us, leading to a significant multidisciplinary technological shift. However, since it is a new field of research and development, there is a lack of consensus and understanding of its concepts and features, as we observed when engineering some software systems in the field. Therefore, we performed investigations to characterize IoT regarding its definition, characteristics, and applications, organizing the area and revealing its challenges, and research opportunities, focusing on software engineering for the IoT. A structured literature review of secondary studies supported the answering of three research questions: What is “Internet of Things”? Which characteristics can define an IoT domain? Which are the areas of IoT application? The structured literature review leads to 15 subsequent studies from which we recovered 34 definitions - discussed in the light of the technical evolution - 29 characteristics and several IoT application areas. Furthermore, the results include an IoT characterization based on identification, sensing, and actuation capabilities, besides a discussion of the relation between IoT and Cyber-Physical Systems (CPS), regarding other research areas and terms often associated with IoT aiming at to bring clarification to the field. In this work, we offer an essential overview of the IoT state-of-the- art and a characterization, presenting issues that should be addressed to contribute to its strengthening and establishment. Keywords: Internet of things, Systems Engineering, Evidence-Based Software Engineering 1 Introduction The Internet of Things (IoT) has emerged as a new paradigm where the software systems are no longer limited to computers but to a great variety of different connected objects, or specific users’ goals and closed environments. The interaction between humans and the cyber-physical world is changing since software can be deployed everywhere and in everything, such as cars, smartphones, clothes and in different environments (Atzori, Iera, and Morabito, 2010; Kraijak and Tuwanut, 2016; Datta et al., 2017; Wortmann, Combemale and Barais, 2017; Cicirelli et al., 2018), characterizing the IoT domain and vision. It enables a pervasive interaction between connected things enhanced with identification, sensing, actuation, and processing capabilities, which enable them to interact with the environment. Together with the benefits proposed by the IoT paradigm, new challenges also arise. The constant evolution of the technology, application heterogeneity and diversity of devices, and other particularities such as a lack of division of roles, scale, and different lifecycle phases differentiate IoT applications from traditional ones (Patel and Cassou, 2015). It can challenge the current software technologies to develop IoT applications and to consolidate such paradigm (Skiba, 2013; Zambonelli, 2016; Larrucea et al., 2017). One of the recurrent difficulties regards the natural IoT multidisciplinary and novelty. Since IoT it is a modern paradigm, some fundamental points are still under discussion and involve converging topics of different research streams (Motta, de Oliveira, and Travassos, 2018). In our previous research regarding ubiquitous (Spínola, Pinto and Travassos, 2008; Spínola and Travassos, 2012) and context-aware software systems (Matalonga, Rodrigues and Travassos, 2017; Santos et al., 2017), we have identified some gaps and the need for software technologies that can also be observed in the IoT domain. However, as a constant challenge in this area, the lack of a unified IoT perception together with some experiences on engineering IoT software systems motivate this research as a starting point for further investigation and development activities at our research group. In this scenario, we performed a structured literature review of secondary studies on IoT to understand the “Internet of Things” concept, as well as its characteristics and the application domains making use of it. Therefore, this research aims to characterize the Internet of Things paradigm, considering the scenario of invisible and pervasive complex systems that support daily activities in the world. This review intends to answer the following questions: What is the “Internet of Things”? Which characteristics can define an IoT domain? Which are the areas of IoT application? The primary goal of this review is to strengthen the IoT paradigm understanding, characterizing it based on its properties, and identifying the current IoT applications (the domains that are currently getting some benefit from the IoT domain) under the perspective of engineering IoT software systems. We made this decision since the advancement of technologies makes society highly dependent on engineered-based software systems. We aim to discuss the software engineering scenario in the IoT paradigm, being the results of this review the first step of research towards the understanding of engineering IoT software systems. Therefore, the intention is to promote a high-level discussion on identified IoT paradigm characteristics and give an overview of the area, aiming to promote a better perception of current development needs and opportunities in the area. Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 Important works from the literature review supported our discussions and the answers to the research questions. There are many definitions for IoT available in the technical literature, and even though they are different, they share similar points. From this diverse content, it was necessary an understanding from our side of the IoT concept and what the “things” represent in the IoT context. Besides the IoT characterization, we discuss the relation among IoT, CPS and other related terms to highlight some points that lead to consider some areas as building blocks for IoT or, on the other hand, dependent on its evolution. The remainder of the paper is structured as follows. In the next section, the methodology is introduced, and we explain how it was applied in this study. Then, in Section 3, the results of the literature review are presented. These results are then further discussed in Section 4, together with the validity threats. The main conclusions from the paper are summarized in Section 5. 2 Research Methodology The purpose of this literature review is to contribute to a more in-depth understanding of the Internet of Things and its challenges, identifying its definitions, characteristics and the current areas of use. 2.1 Review Planning Before undertaking any literature review, it is essential to observe its necessity (Budgen and Brereton, 2006). Therefore, we started with an ad-hoc search looking for any existent secondary studies on IoT. Considering the IoT paradigm as a new motivating area for investigation, we decided to review the technical literature more systematically, adopting existing practices to compose our study plan. In our perspective, “secondary studies” are the studies which survey primary studies to present a bigger picture of a domain, the IoT in this case. All secondary studies that meet the selection criteria should be included; even it does not mention its research protocol. The research protocol followed the recommendations proposed by (Budgen and Brereton, 2006; de Almeida Biolchini et al., 2007) and, for the sake of space, have some of its details presented below. The research goal is GQM- based (Basili, Caldeira and Rombach, 1994) defined as follows: To analyze the Internet of Things with the purpose of characterizing regarding its definitions, characteristics and application areas from the point of view of software engineering researchers in the context of knowledge previously organized and presented in secondary studies regarding IoT available in the technical literature. From this goal, we defined the research questions (RQ): (RQ1) What is the “Internet of Things”? (RQ2) Which characteristics can define an IoT domain? (RQ3) Which are the areas of IoT application? With this goal, the secondary studies were searched according to the following information:  Search Strategy - The search strategy used Scopus 1combined with snowballing procedures. The Scopus was chosen as the search engine since it indexes several 1 https://www.scopus.com/ databases of peer-reviewed sources, covering repositories such as IEEE Xplorer 2for example, and favor the repeatability of the search results (Matalonga, Rodrigues and Travassos, 2017; Santos et al., 2017). In turn, backward and forward snowballing refers to using the reference list of cited papers or the citations to a paper to identify additional sources of data, complementing and extending the initial set of papers (Wohlin, 2014). Also, as far as our experience shows, the strategy of using Scopus with snowballing procedures mitigates an eventual lack of content, avoids duplicated filtering work, and provides a representative set of papers to a characterization study such as this one (Motta, Oliveira, and Travassos 2016; Motta, Oliveira, and Travassos 2018).  Search String - Since the review focus is to retrieve information based on secondary studies, it was: TITLE-ABS-KEY (( "*systematic literature review" OR "systematic* review*" OR "mapping study" OR "systematic mapping" OR "structured review" OR "secondary study" OR "literature survey" OR "survey of technologies" OR "driver technologies" OR "review of survey*" OR "technolog* review*" OR "state of research") AND ( "internet of things" OR "iot")).  Selection Criteria - Works presented as articles shall be available on the web, retrieved from the search engine and written in English. As the selection criteria we have:  Inclusion Criteria o Provide an IoT definition AND o Provide IoT properties OR o Provide IoT application areas  Exclusion Criteria: o Duplicate publication/self-plagiarism OR o Register of proceedings  Selection Procedure - Read the title and abstract of each retrieved study and evaluate it according to the inclusion and exclusion criteria. Two distinct readers evaluated each secondary study. The studies acceptance criteria happened as follows: o All two readers accept: The study is included. o One reader accepts, and one is in doubt: The study is included. o One reader accepts or is in doubt, and one reader excludes: The study is discussed. o Two readers exclude: The study is not included.  Data Extraction - Data extraction aims to capture information from the selected articles to answer the proposed research questions. The data extraction form was proposed during the review planning and used throughout the process. The information was extracted as presented in Table 1. 2 https://ieeexplore.ieee.org Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 2.1 Review Planning The review process was executed according to the following steps:  Step 1 - Ad-hoc Search. It is based on the researcher’s experience without providing any explicit or planned process in comparison to a systematic literature review. The primary objective of the ad-hoc search was to verify the need to carry out an initial literature review on the target topic and identifying control articles to guide formulating a search string for further searches. Two researchers performed this step to identify the existence of any secondary study related to IoT. The search perspective was established from the Software Engineering point-of-view for paper reading and analysis. Since we identified secondary studies, we decided to review the existent articles instead of relying on primary studies. From the results of this ad-hoc search, three articles were selected as a starting point for the next step since they met the selection criteria (Atzori, Iera, and Morabito, 2010; Bandyopadhyay and Sen, 2011; Li, Xu and Zhao, 2015).  Step 2 - Scopus search. We organized the terms of the search string based on synonyms and similar terms. The search string was adjusted to recover the three articles which were previously selected. The total of items found was 76; the search was executed at the end of May 2017, considering the papers available in the database until this date.  Step 3 - Title and abstract reading. The list of 76 articles was reviewed to remove duplicates and proceedings, according to the selection criteria. The remaining articles were later read based on title and abstract and reviewed by a 3rd researcher with more experience in the research area. 24 articles were selected for further reading, considering the title and abstract reading, following the criteria established in the research protocol.  Step 4 - Full Reading. The two researchers read the full text of the 24 articles (12 for each, with crosschecking), considering the inclusion and exclusion criteria. Seven of them met the criteria, being those finally selected.  Step 5 - Snowballing. It refers to using the reference list of an article or its citations to identify additional material (Wohlin, 2014). In this step, we performed Backward and Forward Snowballing Sampling, tracking down references in the seven articles selected in the previous step and their citations. The total of articles was divided, and each researcher was responsible for performing the snowballing in part of the articles. Nineteen articles were identified as candidates, and the reviewers cross-checked the articles to be included considering the selection criteria. This step resulted in the inclusion of five new articles.  Step 6 - Review Update. The previous five steps were carried out between March and May 2017. The update was performed on December 2018 to cover new publications made available between 2017 and 2018. We re-executed the same string in Scopus and analyzed the results following the criteria previously established. The three reviewers conducted the update repeating Steps 3 and 4 for the new Scopus results and the forward snowballing (Step 5) for the whole set. This step resulted in the inclusion of three new articles. The review steps resulted in 15 articles, composing the final set: (Atzori, Iera and Morabito, 2010; Bandyopadhyay and Sen, 2011; Miorandi et al., 2012; Gubbi et al., 2013; Singh, Tripathi and Jara, 2014; Borgia, 2014; Whitmore, Agarwal and Da Xu, 2015; Li, Xu and Zhao, 2015; Madakam, Ramaswamy and Tripathi, 2015; Gil et al., 2016; Sethi and Sarangi, 2017; Trappey et al., 2017; Burhanuddin et al., 2017; Ray, 2018; Carcary et al., 2018). See the details of each step in Table 2. Table 1 Information extraction fields. Field Description Reference information Authors, title, year and venue Abstract Abstract IoT definition Verbatim, as presented in the article (Definition research-based derived or with reference) IoT related terms It is associated with other definitions (ubiquitous, context-aware, pervasive, machine-to-machine, and others) IoT application features Characteristics of particular traits, features, properties, attributes that make IoT what it is (that achieve the IoT definition/concept) IoT application areas The areas (and their related applications) that will benefit from the full IoT idea deployment. Development Strategies for IoT The used development strategies to build IoT software (requirements analysis, design, and so on). Type of study It is expected to have only secondary studies, represented by Survey, Systematic Literature Review, others. Study properties Protocol, Research Questions, search string, selection criteria. Challenges Open opportunities in practice or research Article focus Main concerns presented in the articles (architecture, security, and others) Things A list of the kind of things explicitly stated in the article (coffeemaker, refrigerator, incubator, and others) Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 Table 2 Total of articles selected at each step of the review. Step Number of articles selected Step 1 - Step 2 76 Step 3 24 Step 4 7 Step 5 5 Step 6 3 Final set 15 3 Results The dataset contains papers from 2010 to 2018. It is possible to observe a growing interest in the area over the years. The results show that most of the available publications on technical literature were from 2015 to 2018, considering the period of search. Since it is a topic that has recently gained strength, both initiatives from industry and research are still in the early stages. Table 3 presents the study types considering the classification initially presented by the authors. Table 3 Study Types Type Studies Systematic Literature Review (Carcary et al., 2018) Literature Review (Atzori, Iera and Morabito, 2010; Miorandi et al., 2012; Singh, Tripathi and Jara, 2014; Li, Xu, and Zhao, 2015; Gil et al., 2016; Burhanuddin et al., 2017; Sethi and Sarangi, 2017; Ray, 2018) Literature Survey (Bandyopadhyay and Sen 2011; Madakam, Ramaswamy, and Tripathi 2015; Whitmore, Agarwal, and Da Xu 2015; Trappey et al. 2017) Not defined (Gubbi et al. 2013; Borgia 2014) Despite being a current trend, our initial research did not return secondary studies conducted systematically, nor did they present the methodology followed, nor the research questions that the papers intended to answer. The papers - except in (Whitmore, Agarwal and Da Xu, 2015; Carcary et al., 2018) - do not present the research protocol or make explicit the study properties (research questions, search strings, databases, selection criteria, selected articles, among others). For this reason, we have not performed a Quality Assessment since there is no methodology related information to be evaluated. Therefore, not performing the Quality Assessment represents a threat to this study validity. From this result, it is possible to observe the need to provide research data based on sound scientific methodology. Despite the evolution and enthusiasm that new technology can provide with recent developments such as IoT, the lack of scientific rigor it is still one of the significant challenges to strengthen the basis of Software Engineering knowledge (de Almeida Biolchini et al., 2007). This work was conducted by following established guidelines and in a protocolled way, accounting for the strength of the evidence found and its replicability. The questions that this review seeks to answer are aligned with the objective of characterizing IoT and with this result we aim to contribute to strengthening the discussions and evolution of the area. From the selected papers, seven essential topics were addressed (Figure 1):  Concepts - Presenting discussions regarding the fundamentals, definitions, and visions behind the IoT paradigm; Articles (Atzori, Iera and Morabito, 2010; Bandyopadhyay and Sen, 2011; Miorandi et al., 2012; Gubbi et al., 2013; Borgia, 2014; Singh, Tripathi and Jara, 2014; Li, Xu and Zhao, 2015; Madakam, Ramaswamy and Tripathi, 2015; Gil et al., 2016; Trappey et al., 2017; Carcary et al., 2018).  Technology - Introducing enabling technologies and solutions to develop and deploy IoT applications. Articles: (Atzori, Iera and Morabito, 2010; Bandyopadhyay and Sen, 2011; Gubbi et al., 2013; Borgia, 2014; Whitmore, Agarwal and Da Xu, 2015; Li, Xu and Zhao, 2015; Madakam, Ramaswamy and Tripathi, 2015; Burhanuddin et al., 2017; Sethi and Sarangi, 2017; Trappey et al., 2017; Ray, 2018).  Applications - Describing the current state of the existing solutions and the applications of different domains as well as future possibilities to be achieved by using IoT. Articles: (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Bandyopadhyay and Sen 2011; Gubbi et al. 2013; Borgia 2014; Singh, Tripathi, and Jara 2014; Li, Xu, and Zhao 2015; Madakam, Ramaswamy, and Tripathi 2015; Whitmore, Agarwal, and Da Xu 2015; Sethi and Sarangi 2017; Trappey et al. 2017).  Open Issues and Challenges - Presenting opportunities for research and development aiming to evolve IoT. Articles: (Atzori, Iera and Morabito, 2010; Bandyopadhyay and Sen, 2011; Miorandi et al., 2012; Gubbi et al., 2013; Borgia, 2014; Singh, Tripathi and Jara, 2014; Li, Xu and Zhao, 2015; Whitmore, Agarwal and Da Xu, 2015; Burhanuddin et al., 2017; Carcary et al., 2018).  Architecture - Discussing possible implementations of IoT based on different architectures proposals. Articles: (Bandyopadhyay and Sen, 2011; Singh, Tripathi and Jara, 2014; Madakam, Ramaswamy and Tripathi, 2015; Whitmore, Agarwal and Da Xu, 2015; Gil et al., 2016; Sethi and Sarangi, 2017; Trappey et al., 2017; Ray, 2018).  Characteristics - Making specific general features and requirements of IoT. Articles: (Borgia, 2014; Gil et al., 2016).  Initiatives - Research organizations, industries, standardization bodies, and governments that have an interest or put some effort into IoT. Articles: (Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Madakam, Ramaswamy, and Tripathi 2015). Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 Figure 1 Most common topics in the Articles. 3.1 Studies Overview Gil et al. (Gil et al., 2016) reviewed surveys regarding IoT, focusing mostly on the context-aware feature and how both topics are related. The main difference from our work is that they lack a research methodology and the discussion revolved around the general purpose of the selected articles and the context-aware IoT. Another work that contains an analysis of the trends and coverage of the IoT literature is from Whitmore et al. (Whitmore, Agarwal and Da Xu, 2015). It presents an area overview. However, it does not worry about answering research questions, describing open questions and future directions to assist researchers. It differs from our work which concerns the characterization of IoT regarding its definition and characteristics. Numerous IoT definitions exist in the technical literature due to different visions from the research community. Some authors (Miorandi et al., 2012; Gubbi et al., 2013) discuss IoT as an overall vision, while (Atzori, Iera and Morabito, 2010; Bandyopadhyay and Sen, 2011; Borgia, 2014; Singh, Tripathi and Jara, 2014) describe that IoT is realizable by particular visions or pillars. The conceptualization of IoT is the focus of ( Miorandi et al. 2012; Gubbi et al. 2013; Madakam, Ramaswamy, and Tripathi 2015). Other topics are also presented, as a taxonomy for IoT (Gubbi et al., 2013; Sethi and Sarangi, 2017), and IoT patents (Trappey et al., 2017). The works of (Burhanuddin et al., 2017; Ray, 2018) focus on the critical discussion related to architectural issues and options to deal with the immense number of interconnected devices as proposed in IoT. Besides, they also describe fundamental requirements along with implementation challenges and future directions. The work of (Carcary et al., 2018) argues that the adoption of IoT is not yet widespread and examines the existing literature on key determinants (drivers, benefits, barriers, and challenges) that influence the adoption of IoT by organizations. It is important to highlight that from the 15 selected secondary studies, none covers all the topics, showing that the researchers have distinct perspectives and concerns. However, together these studies provide a wealth of information to our research topic. The application of a sound research protocol in this work provides an improvement over the previous ones since some do not make clear the performed procedures. Besides, we offer a research protocol that can be replicated. In this work, we further improve the current state because we not only quantitatively point out the results but provide discussions and answers to research questions grounded in data. We also would like to highlight that one can value the findings and discussions in this article since we are relying on secondary studies. In this case, several primary studies reported in these 15 secondary studies support with evidence. 3.2 Answering the research questions We based our analysis procedure on textual analysis, using codes to assign concepts to a portion of data, identifying patterns from similarities and differences emergent from the data extracted. Two researchers conducted it, with crosschecking to achieve a consensus with the analysis, to decrease potential misinterpretation and bias. A third researcher reviewed the extractions and findings. This process was performed through all the data extracted and lead to the discussions of the research questions proposed, presented in the following subsections. 3.3 RQ1: What is the “Internet of Things”? The 15 selected papers supported the extraction of 34 different IoT definitions. From the analysis of these 34 definitions, we noticed that they followed a specific pattern in their structure in the concern of explaining the involved actors, requirements and the consequences of relations among actors as part of a system - not necessarily presented in all definitions. We considered this structure not to limit our interpretation, but to support a more thorough IoT conceptual understanding and thus finding an appropriate and updated definition for this work. We organized some of the definitions found in chronological order to observe how the concept has evolved. ''An intelligent infrastructure linking objects, information, and people through the computer networks, and where the RFID technology found the basis for realization.'' Defined in 2001 by (Brock, 2001), cited by (Borgia, 2014). In this 2001 definition, we can observe that the idea is to connect objects, information, and people, where both objects and people can be actors in the system. It makes clear the network necessity as a way to connect the actors, and the realization was limited by the RFID identification technology (Finkenzeller, 2010), which represents the IoT vision starting point. “Internet of Things as a paradigm in which computing and networking capabilities are embedded in any conceivable object. We use these capabilities to query the state of the object and to change its state if possible.” Defined in 2005 by (ITU, 2005), cited by (Sethi and Sarangi, 2017). This definition from 2005 does not propose the use of any technology, like RFID, but includes the idea of expanding the original capabilities of an object through technology to perceive changes in the object’s states; it is only possible by addressing objects first, turning them identifiable. Once achieving that, it enables things to communicate automatically (Dunkels and Vasseur, 2008). It can be considered an evolution since this kind of requirement was not previously discussed. The next definition addresses the idea: “A world where things can automatically communicate to computers and each other providing services to the Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 benefit of the humankind.” Defined in 2008 by (Dunkels and Vasseur, 2008), cited by (Atzori, Iera, and Morabito, 2010; Gil et al., 2016). Another definition is: ''A dynamic global network infrastructure with self- capabilities based on standard and interoperable communication protocols where physical and virtual ''things'' have identities, physical attributes, virtual personalities and use intelligent interfaces, and are seamlessly integrated into the information network'' Defined by in 2009 (Gusmeroli, Sundmaeker and Bassi, 2015), cited by (Borgia, 2014; Whitmore, Agarwal and Da Xu, 2015). In this 2009 definition, we can see that the central concept of communication and integration remains. It leads to an effort to make things identifiable (network sense, not physically) and the introduction of requirements such as interoperability and integration in a seamlessly way. This definition also details what are the things in IoT, as things being virtual or physical, that can have different personalities and may use different communication protocols. “The basic idea of this concept is the pervasive presence around us of a variety of things or objects such as Radio- Frequency Identification (RFID) tags, sensors, actuators, mobile phones, etc. which, through unique addressing schemes, are able to interact with each other and cooperate with their neighbors to reach common goals.” Defined in 2010 by (Atzori, Iera, and Morabito, 2010), cited by (Miorandi et al., 2012; Gubbi et al., 2013; Singh, Tripathi and Jara, 2014). This IoT definition from 2010 is one of the most used. It can be considered broader regarding the “actors, relations among actors, requirements and what enables” structure. It presents the vast amount and heterogeneity of actors that can engage an interaction, and a requirement to achieve that through unique addressing schemes. In this case, new actors are included, and we can observe that the sensing and actuation are other possible behaviors that a system can possess, differing from initial definitions. Therefore, these actors can cooperate to reach some goals. “Interconnection of sensing and actuating devices providing the ability to share information across platforms through a unified framework, developing a common operating picture for enabling innovative applications. This is achieved by seamless large-scale sensing, data analytics and information representation using cutting- edge ubiquitous sensing and cloud computing.” Defined in 2012 by (Gubbi et al., 2013). Once more, sensing and actuation have essential roles in IoT, as presented in this definition from 2012. The vast amount of data collection and sharing among actors can be a source to compose diversified, innovative applications. It makes clear the multidisciplinary nature of IoT, as the integration of different disciplines for the accomplishment of successful IoT systems, as there are areas that support or leverages it, such as data analytics, ubiquitous and cloud computing. “Everyday objects can be equipped with identifying, sensing, networking and processing capabilities that will allow them to communicate with one another and with other devices and services over the Internet to achieve some useful objective (…). Every day “things” will be equipped with tracking and sensing capabilities. When this vision is fully actualized, “things” will also contain more sophisticated processing and networking capabilities that will enable these smart objects to understand their environments and interact with people.” Defined in 2015 by (Whitmore, Agarwal and Da Xu, 2015). Once the everyday things can sense the environment, they become more aware of what is around them, which characterizes context-awareness. In this 2015 definition, we see again that the primary concern in IoT is to leverage the connection among different things to achieve a system objective. Also, the authors explain that things in the IoT context are those objects equipped with identifying, sensing, networking, and processing capabilities, whereas other definitions exemplify things as being the providers of such capabilities, that is, tags, sensors, and actuators. In our understanding, things exist in the physical realm, such as sensors, actuators and anything that is equipped with identification (tag reading), sensing or actuation capabilities, which excludes entities in the Internet domain (hosts, terminals, routers, among others). The things should also have communication, networking and processing functionalities varying according to the systems requirements. As one can notice, the capabilities of the things evolved over time as observed from the definitions presented and the examples in Figure 2. Figure 2 IoT evolution. As things evolved, the understanding and discussions should also follow the changes. In the beginning, the things in IoT based systems were objects attached to electronic tags, so these systems present the behavior of Identification. Subsequently, sensors and actuators composing the systems enabled the Sensing and Actuation behaviors respectively. It means that an IoT system may have Identification, Sensing or Actuation behaviors, or a combination of them. The explaining of each behavior and examples of applications can be seen in Figure 3 and Table 4 Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 Figure 3 IoT behaviors. When discussing the previous definitions, it was necessary to distinguish the meaning of “identification” referred to objects. The reason is that an object can be identifiable in the sense of connectivity (e.g., throw IP addresses) or in the sense of physical identification when objects are tagged with electronic tags containing specific information, making it possible to identify objects through tag readers. Further, it is also relevant to elucidate the meaning of “actuation” as it may bring diverse interpretations. When focusing on the IoT context, the adequate meaning for “actuation” is precisely the one presented in Table 4. It is divergent from actions represented by methods in the object-oriented paradigm, and it is not related to objects’ processing capabilities mentioned in the IoT definition discussed previously. Actuation is exclusively related to the possibility of virtual intervening in the real world by mechanical means. It is important to note this distinction in IoT systems due to their capabilities since it is possible to have different compositions of systems. In an industrial plant, for example, identification tags are attached to products and provide real- time location and status. Dashboards with the data recovered from products and machines (from a sensing activity) keep managers updated along the production line and the company are now able to monitor and control production almost automatically (actuation), including processing capabilities. It is a real-case scenario already deployed where the three behaviors and benefits of IoT can be seen, such as providing more process visibility, more accurate work and improving production effectiveness (Cisco, 2014). It is interesting to structure the characteristics and applications retrieved in this review within these three behaviors because IoT does not necessarily have to present all of them, but only one or a combination of them. It can clarify and delimitate IoT solutions contributing as a guide for their applications engineering. To answer RQ1 from the review results, IoT can be defined as a paradigm that allows composing systems from uniquely addressable objects (things) equipped with identifying, sensing or actuation behaviors and processing capabilities that can communicate and cooperate to reach a goal. 3.4 RQ2: Which characteristics can define an IoT domain? The 15 papers provided 263 excerpts, which were coded following the principles of open coding, as described in the Grounded Theory (Strauss and Corbin, 1990), from what we identified 29 characteristics (Table 5). One point of discussion is that the authors do not define all the Table 4 IoT Behaviors. Behavior Description Example Identification The primary function is to identify things, by labeling and enabling them to have an identity, then recover (through reading), and broadcast information related to the thing and its state. Identifying patients with electronic tags (RFID) to be detected throughout hospitals using receivers (readers) placed in departments to accelerate the identification of empty beds (Kannry et al., 2007). Another example is the application of short-range identification technology for drug interaction and drug-allergy detection (Alabdulhafith, Sampangi, and Sampalli, 2013). It operates by identifying patients (NFC tags integrated into their wristband) and drugs (NFC tags integrated), each tag holding a unique ID. Nurses read the patient’s and drug’s NFC tag by using the smartphone’s NFC reader. Finally, the server verifies whether the patient is allergic to the drug or if there might be a potential interaction. Sensing The primary function is to sense environment information, requir- ing information aggregation, data processing, and transmission. Enables awareness, thus acting as a bridge between the physical and digital world. To illustrate the capability of the sensor in the real world, one interesting application is from the geophysics area. Sensors have been deployed for long-distance volcanic monitoring, such as microphones and seismometers, collecting seismic and acoustic data on volcanic activity (Werner-Allen et al., 2006). Actuation Mechanical interventions in the real world according to decisions based on aggregated data or even upon actors’ right trigger; relay on responses to the collected information to perform actions in the physical world and change the object state. An example is the control of things, robots or even animals in the real world as in (Wark et al., 2007), where actuators are used in an attempt to prevent fighting between bulls in on-farm breeding paddocks by autonomously triggering stimuli such as audio warning signals or mild electrical when one bull approaches another. Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 characteristics presented in the articles or referred to the original work defining them Table 6. Table 5 IoT Characteristics. Characteristics # All Characteristics Identified 29 Characteristics not defined 20 Characteristics defined 9 The lack of definitions hinders the research and understanding of the area since we cannot know the feature´s meaning or what the authors meant by that. Although some characteristics such as Interoperability and Scalability are well defined, it is essential to establish a common understanding of the characteristics since they inspire different concepts when contextualized to distinct domains. Table 6 Characteristics not defined. Characteristic Cited by Reference Accuracy (Borgia, 2014; Burhanuddin et al., 2017) - Adaptability (Atzori, Iera, and Morabito 2010; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Li, Xu, and Zhao 2015; Ray, 2018) (Nami and Sharifi 2007; Sampigethaya, Hackmann, et al. 2008; Poovendran, and Bushnell 2008; Lee and Sokolsky 2010; Azimi et al. 2011; Barro-Torres et al. 2012; Hur and Kang 2012) Availability (Atzori, Iera and Morabito, 2010; Bandyopadhyay and Sen, 2011; Gubbi et al., 2013; Li, Xu and Zhao, 2015; Madakam, Ramaswamy and Tripathi, 2015) (Gluhak et al., 2011) Connectivity (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Gubbi et al. 2013; Whitmore, Agarwal, and Da Xu 2015; Gil et al. 2016; Burhanuddin et al., 2017; Ray, 2018; Carcary et al., 2018) (Weiser et al. 1999; INFSO D.4 2008; Conti 2006; Dunkels and Vasseur 2008; Vermesan et al. 2009) Efficiency (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Li, Xu, and Zhao 2015; Madakam, Ramaswamy, and Tripathi 2015; Sethi and Sarangi 2017; Trappey et al. 2017; Burhanuddin et al., 2017) ( Hackmann et al. 2008; Sampigethaya, Poovendran, and Bushnell 2008; Lee and Sokolsky 2010; Azimi et al. 2011; Hur and Kang 2012; Barro-Torres et al. 2012) Extensibility (Bandyopadhyay and Sen, 2011; Li, Xu and Zhao, 2015) - Flexibility (Li, Xu, and Zhao 2015; Sethi and Sarangi 2017) - Manageability (Bandyopadhyay and Sen, 2011; Borgia, 2014) - Modularity (Bandyopadhyay and Sen, 2011) - Performance (Gubbi et al., 2013; Li, Xu and Zhao, 2015) - Privacy (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Li, Xu, and Zhao 2015; Sethi and Sarangi 2017; Whitmore, Agarwal, and Da Xu 2015) (Xianrong Zheng et al., 2014a) Reliability (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Sethi and Sarangi 2017) ( Koren and Krishna 2007; Hackmann et al. 2008; Hackmann et al. 2008; Lee and Sokolsky 2010; Azimi et al. 2011; Hur and Kang 2012; Barro-Torres et al. 2012) Robustness (Atzori, Iera and Morabito, 2010; Miorandi et al., 2012) (Koren and Krishna, 2007) Scalability (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Li, Xu, and Zhao 2015; Madakam, Ramaswamy, and Tripathi 2015; Sethi and Sarangi 2017; Burhanuddin et al., 2017) (Gluhak et al., 2011) Smartness (Li, Xu and Zhao, 2015; Ray, 2018) - Sustainability (Borgia, 2014) - Traceability (Atzori, Iera and Morabito, 2010) - Trust (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Borgia 2014; Li, Xu, and Zhao 2015; Sethi and Sarangi 2017) - Ubiquity (Carcary et al., 2018) - Visibility (Atzori, Iera and Morabito, 2010) - Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 For instance, “Efficiency” is open to many interpretations even the IoT domain is on the focus, which can be related to object’s data collection efficiency, energy-efficiency, security-efficiency, information processing efficiency as well as service adaptability-efficiency. It makes it challenging to characterize IoT and to develop more suitable solutions that meet all the desired characteristics, since they were not defined, only listed. For the same reason, it is not possible to infer that the authors are discussing the same Table 7 Defined characteristics. Characteristic Cited by Reference Addressability: The ability to distinguish objects using unique IDs. (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Miorandi et al. 2012; Borgia 2014) - Unique ID: It is necessary for unique identification for every physical object. Once the object is identified, it is possible to enhance it with personalities and other information and enable the control over it (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Li, Xu, and Zhao 2015; Burhanuddin et al., 2017; Ray, 2018) (Atzori, Iera, and Morabito 2010; Finkenzeller 2010; Gubbi et al. 2013) Object Autonomy: Smart objects can have individual autonomy, not needing direct human interaction to perform established actions, while reacting or being influenced by real/physical world events. (Atzori, Iera and Morabito, 2010; Gubbi et al., 2013; Madakam, Ramaswamy and Tripathi, 2015) - Mobility: Object availability of across different locations. (Atzori, Iera and Morabito, 2010; Bandyopadhyay and Sen, 2011; Borgia, 2014; Sethi and Sarangi, 2017) (Akyildiz, Jiang Xie and Mohanty, 2004; Sharma, Gusain and Kumar, 2013) Autonomy: Refers to systems not needing direct human intervention to perform established actions such as data capture, autonomous behavior, and reaction. (Atzori, Iera, and Morabito 2010; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Li, Xu, and Zhao 2015; Burhanuddin et al., 2017; Ray, 2018; Carcary et al., 2018) (Chlamtac, Conti, and Liu 2003; Nami and Sharifi 2007; Gusmeroli, Sundmaeker, and Bassi 2015) Context-awareness: The use of context to provide task-relevant information and/or services to a user. (Atzori, Iera, and Morabito 2010; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Whitmore, Agarwal, and Da Xu 2015; Sethi and Sarangi 2017; Ray, 2018) ( Abowd et al. 1999; Schmidt and van Laerhoven 2001; Nami and Sharifi 2007; O’Reilly and Pahlka 2009; Perera et al. 2014) Heterogeneity: Several services taking part in the system, which present very different capabilities from the computational and communication standpoints. (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Li, Xu, and Zhao 2015; Burhanuddin et al., 2017; Carcary et al., 2018) (INFSO D.4 2008; Gluhak et al. 2011; Nuzzo and Sangiovanni- Vincentelli 2014) Interoperability: Interoperability is of three types: Network interoperability that deals with communication protocols. Syntactic interoperability ensures conversion of different formats and structures. Semantic interoperability deals with abstracting the meaning of data within a domain. (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Li, Xu, and Zhao 2015; Madakam, Ramaswamy, and Tripathi 2015; Sethi and Sarangi 2017; Burhanuddin et al., 2017; Ray, 2018) (Panetto and Cecil 2013; Jardim- Goncalves et al. 2013; Chengen Wang, Zhuming Bi, and Li Da Xu 2014; Borgia 2014) Security: To ensure the security of data, services and entire IoT system, a series of properties, such as confidentiality, integrity, authentication, authorization, non- repudiation, availability, and privacy, must be guaranteed. (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Miorandi et al. 2012; Gubbi et al. 2013; Borgia 2014; Li, Xu, and Zhao 2015; Madakam, Ramaswamy, and Tripathi 2015; Whitmore, Agarwal, and Da Xu 2015; Sethi and Sarangi 2017; Burhanuddin et al., 2017) (Sampigethaya, Poovendran, and Bushnell 2008; Lee and Sokolsky 2010; Andreini et al. 2010; Andreini et al. 2011; Azimi et al. 2011; Barro-Torres et al. 2012; Hur and Kang 2012; Cirani, Ferrari, and Veltri 2013; Xianrong Zheng et al. 2014b; Chasaki and Mansour 2015) Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 issues, such as efficiency for instance, which from the sources can be regarding cost, size, resources or energy. Even with this lack of definition, the characteristics pointed out in Table 5 are relevant for the characterization scenario of IoT systems. In Table 6, we retrieve the characteristics pointed out by the authors (Cited by) and the original references used by them (Reference) some references may have been used by more than one author and null (-) in case of no reference. This distinction is because we can value more the characteristics referenced by others since it is possible to have more sources to strengthen the results. To continue with our research, we consider only the characteristics that made explicit their definitions (Table 7) These definitions came from our original material interpretation and compilation of the references cited. From the characteristics presented in Table 7, we can observe that some of them are fundamental to an application in order to fulfill our IoT definition: “a paradigm that allows composing systems from uniquely addressable objects equipped with identifying, sensing or actuation behaviors and processing capabilities that are able to communicate and cooperate to reach a goal”. Addressability, Unique ID, Heterogeneity, Interoperability, Mobility, and Security are the essential characteristics necessary for an application to follow the IoT paradigm. From this primary setting, an IoT- based software system can be engineered with identification, sensing and/or actuation capabilities. Each one of them requires new characteristics. For instance, Context-awareness is required to enable sensing behavior, and Autonomy is needed in actuation behavior. Table 7 represents an initial set of IoT characteristics as defined in the technical literature. We wish to perform more extensive research for the characterization of the three behaviors since new characteristics specific to each one of the IoT applications may also be required. Having a clearer and well-defined set of characteristics can aid the development of applications with higher quality and support to quality assurance and assessment. 3.5 RQ3: Which are the areas of IoT application? Several application domains will leverage the Internet of Things paradigm advantages. All the application domains are only examples of areas that benefit from IoT or are supposed to do it in the future. As declared in Whitmore et al. “the domain of the application areas for the IoT is limited only by imagination at this point” (Whitmore, Agarwal and Da Xu, 2015). Despite the application scenarios were described in different levels of detail, we tried to categorize some of them into the tree behaviors (Table 5) as presented in Table 8. Atzori et al. (Atzori, Iera, and Morabito, 2010)describe five domains: (A) Transportation and logistics, (B) Healthcare, (C) Smart environment (home, office, plant), (D) Personal/social and (E) Futuristic domain (whose implementation of such applications is still too complicated). Gubbi et al. (Gubbi et al., 2013) describe (A) Personal and Home, (B) Enterprise, (C) Utilities, and (D) Mobile domain. Also, there is a classification of the applications for Consumer (Home, Lifestyle, Healthcare, Transport) and Business (manufacturing, retail, energy, transportation, agriculture, and others) (Trappey et al., 2017). Those domain categorizations can be a subpart of a categorization, which grouped the applications in three major domains (Borgia, 2014): (A) Industrial domain, (B) Smart city domain, and (C) Health well-being domain. They are not isolated from each other, but there is a partial overlapping since some applications are shared across the contexts. For example, tracking of products can be a demand for both Industrial and Health well-being domains. Table 8 Application type. Behaviors Application type Identification Touristic maps equipped with tags that allow NFC-equipped phones to browse it and automatically call web services, materials tracking to prevent left-ins during surgery (Atzori, Iera, and Morabito, 2010); patient triage, resource management and distribution (Gubbi et al., 2013); medical equipment tracking, secure access indoor environment management, personnel tracking, bike/car/van sharing, mobile tickets, luggage management, animal tracking, fast payment, warehouse management and inventory, identification of materials and goods (Borgia, 2014); verifying the authenticity of aircraft, storing health records (Bandyopadhyay and Sen, 2011). Sensing Patient monitoring, remote personnel monitoring (health, location), sensors built into building infrastructure to guide first responders in emergencies or disaster scenarios or sensors built into infrastructure to monitor structural fatigue and other maintenance, sensing of water quality, leakage, usage and distribution, air pollution and noise monitoring, support to diagnoses, video/radar/satellite surveillance, road condition monitoring, product deterioration (Borgia, 2014); monitoring chronic disease using wearable vital signs sensors in body sensors (Bandyopadhyay and Sen, 2011). Actuation Room lighting changing, alarm systems, remote switching off electrical equipment (Atzori, Iera, and Morabito, 2010), temperature and humidity control (Gubbi et al., 2013), irrigation control (Borgia, 2014), muscle stimuli for paraplegic individuals (Bandyopadhyay and Sen, 2011). Hybrid Buildings adjusting locally to conditions while also taking into account outdoor conditions, Robot taxis that respond to real- time traffic movements of the city, and are calibrated to reduce congestion at bottlenecks in the city and to service pick-up areas that are most frequently used (Atzori, Iera and Morabito, 2010), water waste management (Gubbi et al., 2013), parking system, traffic management (Borgia, 2014). Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 4 Discussion 4.1 The things in IoT Alongside the application areas, we also extracted the things, as we are interested in recovering what natural objects are currently in use under the IoT paradigm. In many cases, the authors listed usage possibilities and existing solutions based on IoT. Forty-one different things were extracted, and Figure 4 shows the ten most cited ones. Figure 4 Most common things in IoT. These are everyday objects enhanced with identification, sensing and actuation capabilities. For example, sensors attached to vehicles can collect information about the roads (e.g., about traffic density or surface conditions) reporting back to the city center and, from thing-thing interaction, a vehicle can communicate to another enabling smart parking and faster communication of problems in traffic. Extracting information on things from already deployed IoT applications has helped our research group to realize the innovative potential of this paradigm better. Also, the results of the real use of things and the examples of applications (such as those described in Table 8) might be a contribution - for practitioners working on innovative problem-solving projects - as a source of possibilities for stimulating thinking, creativity and to expand initial ideas. The three well-established behaviors (identification, sensing, and actuation) can support different usage scenarios varying according to the kind of objects used, data to be collected, business requirements and users’ need. For instance, a door lock with the “acting” behavior can open/close different sort of doors in different scenarios according to rules, e.g., from authentication by electronic tag reading, eyes or fingers scanning, humans/animals/robots proximity sensing and many other possibilities. Even though an IoT solution is taken as a massive amount of various connected objects of our everyday life, the three behaviors highlighted in this work are expressly the basis among IoT objects. Identifying and elucidating this common property is another contribution for practitioners, which can consider these three behaviors and issues concerned with them when idealizing, engineering and developing IoT-based systems. 4.2 IoT Related Terms Internet of Things sometimes sounds like a buzzword, so some terms seem to be synonyms or even “aliases” (Madakam, Ramaswamy and Tripathi, 2015). However not every term can be used interchangeably for it. From the analysis and interpretation, we categorize the related terms as presented in Table 9. All the data extracted, and other details can be found in the research protocol (https://goo.gl/cTyzuT).  Related Technology - Technologies related to IoT supporting its development.  Related Areas - Other research areas that are frequently associated with IoT because they share some similarities or are considered IoT drivers. By looking at the related terms, we argue that the IoT paradigm proposal is to enable a connected world, believing that different research areas can also be enablers in a joint effort for research, development, and evolution. Also, there are areas which need further research to deal with the challenges of this novel paradigm. From our understanding, IoT is an umbrella combining the advances of many areas, and we discuss the points that make those areas connected to IoT or the convergence points that make some topics to sound as IoT synonyms. The definition of the terms is out of the scope of this discussion. From the table below we discuss only the Related Areas. Table 9 IoT Related Terms. Categories Terms Related Technology Cloud Computing Internet Protocol communication Middleware RFID Universal IDentifier architecture Wireless sensor networks Related Areas Ambient Intelligence Context-Aware Systems Cyber-Physical Systems Human-Computer Interaction Industry 4.0 Internet of Computers Internet of Objects Internet of People Intranet/Extranet of Things Machine-to-Machine interaction Micro-electro-mechanical systems Network of Things Pervasive Computing Social IoT Ubiquitous Computing Web of Things  Ambient Intelligence - Ambient Intelligence is a developing technology that will increasingly make our everyday environment more sensitive and responsive (Madakam, Ramaswamy and Tripathi, 2015). According to (Miorandi et al., 2012), IoT may well inherit concepts and lessons learned in Ambient Intelligence, enabling Ambient Intelligence to a larger scale.  Context-Aware Systems - Considering our understanding of things those that are equipped with identification and sensing capabilities and are the bridge from the physical to the virtual realm. From identification technologies such as RFID, it is possible Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 to get the identity and location of entities. Sensors enable sensing environment information such as sound, temperature, humidity, among others (Atzori, Iera, and Morabito, 2010). In our interpretation, these capabilities of things in IoT make the field of IoT related to Context-awareness, because from sensors and tag reading the environment and entities’ context information can be perceived (not explicit input to the system). Then such context information can be used to provide task-relevant information and/or services to a user (Abowd et al., 1999). Even though context- awareness is considered an essential aspect of IoT (Sethi and Sarangi, 2017), it does not mean any IoT system is context-aware, at least information gathered are used as relevant resources for decision-making and for dynamically taking actions, such as systems customization.  Cyber-Physical Systems (CPS) - Cloud Computing, Wireless sensor network (WSN), M2M, IoT, and others are all fields that collaborate somehow to reach the broad goal of CPS, that is, “to bring the cyber-world of computing and communications together with the physical world” (Rajkumar et al. 2010; Madakam, Ramaswamy, and Tripathi 2015). According to (Miorandi et al., 2012), “a Cyber-physical infrastructure is the result of the embedding of electronics into everyday physical objects, making them ''smart'' and letting them integrate seamlessly within the global.” As discussed previously, we understand that WSNs are enablers for M2M and consequently for IoT. M2M systems are the precursor of CPS as devices allow the bridge between the physical and virtual world, in the same manner, M2M are the basis for the Internet of Things. It leads us to interpret IoT is a form of realizing CPS, and it is consistent with (Chen, 2012), who proposes that “CPS is an evolution of M2M by the introduction of more intelligent and interactive operations, under the architecture of internet of things (IoT)”.  Human-Computer Interaction - HCI is an area that needs further research to deal with this novel IoT context where human intervention is low or even absent. It usually involves the study, planning, and design of the interaction between people and computers (Madakam, Ramaswamy and Tripathi, 2015).  Industry 4.0 - IoT is described as a critical enabler for Industry 4.0 (Trappey et al., 2017). IoT has been deployed in factories and production environment, turning them more intelligent. It is leading toward the fourth industrial revolution.  Internet of Computers - Mentioned not as a synonym of IoT but as an orthogonal term (Gil et al., 2016). In their description Internet of Computers are traditional internet environments, where both leading data producers and consumers are human beings (not things).  Internet of Objects - Considering some of the IoT definitions found in the technical literature, we can interpret that “objects” and things are equivalent. For instance, “IoT implies that objects in an IoT can be identified uniquely in the virtual representations” (Li, Xu, and Zhao, 2015). In addition, “ [IoT is] the pervasive presence around us of a variety of things or objects – such as Radio-Frequency Identification (RFID) tags, sensors, actuators, mobile phones, etc.” (Wan et al., 2013) and ''a worldwide network of interconnected objects uniquely addressable, based on standard communication protocols” (Atzori, Iera, and Morabito 2010; Bandyopadhyay and Sen 2011; Gil et al. 2016).  Internet of People - the Internet of Things is not synonymous with the Internet of People as mentioned by Borgia (Borgia, 2014), but the author does not explain that. For this reason, we searched for works addressing this subject, and we could not find any consensus. Nevertheless, (Miranda et al., 2015) explain that IoT technology needs people-centric enhancements to achieve the more desirable IoT scenarios, that is, scenarios which consider people’s context, learning from it, reasoning and taking actions proactively. Therefore, achieving those desired scenarios requires moving from the Internet of Things to the Internet of People (IoP). Some essential features of IoP systems are: be social, be personalized, be proactive and be predictable.  Intranet/Extranet of Things - Intranet/Extranet of Things and IoT are not synonymous (Borgia, 2014). However, as far as we know, they share a broad concept, but the difference is that in intranet/extranet there is a restriction of connection for restricted areas, while on the internet the connections are publicly accessible.  Machine-to-Machine Interaction - M2M means no human intervention while devices are communicating end-to-end (Madakam, Ramaswamy and Tripathi, 2015). It leads us to think that M2M and IoT are similar, but M2M is more a paradigm leading towards IoT (Atzori, Iera, and Morabito, 2010). M2M refers to technologies that allow both wireless and wired systems to communicate with other devices of the same ability (Wan et al., 2013). Unlike devices in IoT, in M2M they are meant to operate in a specific application, which means that M2M solutions do not allow the broad sharing of data or opened connection of devices into the Internet (Holler et al., 2014).  Micro-electro-mechanical Systems - MEMS technology is one of the enablers to develop miniature devices, which are capable of sensing, compute and communicate (Gubbi et al., 2013). When connected, these miniature devices form a Wireless sensor network, and, consequently, are crucial building blocks for developing machine-to-machine, IoT, among others.  Network of Things - Network of Things is similar to Intranet/Extranet regarding connection restrictions. It is referred to operate in a restricted local, within a work environment like an enterprise-based application. Only the owners use the information collected from such networks, and the data may be released selectively (Gubbi et al., 2013).  Pervasive or Ubiquitous Computing - These two terms are intimately connected. Some authors have addressed them interchangeably (Satyanarayanan 2001; Baldauf, Dustdar, and Rosenberg 2007; Spínola, Pinto, and Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 Travassos 2008). Our interpretation of the relation between IoT and UbiComp is that IoT projects can be considered ubiquitous according to their adherence to ubiquity characteristics (Spínola and Travassos 2012). Such characteristics are context-sensitivity, adaptable behavior, service omnipresence, heterogeneity of devices, experience capture, spontaneous, interoperability, scalability, privacy and trust, fault tolerance, quality of service, and universal usability (Spínola and Travassos 2012). That is, ubiquity becomes a transversal property of IoT systems as they fulfill ubiquity characteristics.  Social IoT - The term Social IoT (SIoT) is mentioned as a new paradigm that has been proposed (Atzori, Iera, and Morabito 2010; Li, Xu, and Zhao 2015; Gil et al. 2016; Sethi and Sarangi 2017). SIoT means that the things are seen now as “beings,” and the interconnections among them are compared to human social relations. The authors described the three main facets of a SIoT System: (i) The SIoT is navigable; (ii) A need for trustworthiness (relationship strength) is present between devices; and (iii) Models to study human social networks are similar to social networks of IoT devices.  Web of Things - It refers to the re-use of Web standards to connect and integrate IoT objects into the Web (Atzori, Iera and Morabito, 2010; Bandyopadhyay and Sen, 2011; Borgia, 2014; Madakam, Ramaswamy and Tripathi, 2015). It is possible to observe that the evolution of some areas and the collaboration among them enable the IoT paradigm realization. Once it is possible to develop small devices, embed intelligence, seamless communication, thing-thing interaction, wireless connections, and others, all of these are IoT enabling technologies. This discussion of terms related to the IoT paradigm might be a contribution for further investigations, which might depend on grounded concepts and clarity about convergence points that make other topics seem as IoT synonyms. In addition, practitioners and researchers can benefit from this discussion in the circumstances there are doubts on whether IoT is indeed the right term to consider for their software projects and/or future investigations. 4.3 IoT Challenges To foster our discussions and research directions, one of the information extracted from the selected articles were challenges, which we understand as open opportunities in the industry or academia. The data extracted were analyzed based on Grounded Theory procedures (Strauss and Corbin, 1990). The process started by retrieving the excerpts related to IoT challenges (the excerpts could be a word, a phrase or a full paragraph). The 15 papers provided 38 excerpts regarding IoT challenges. The 38 excerpts were organized into seven categories (Table 10). We used codes to assign concepts to a portion of data, with a constant comparative analysis to identify patterns from similarities and differences emergent from the data. This textual analysis was conducted by two researchers, with crosschecking to achieve consensus. The excerpts were organized in the categories, and we present each category with a definition and an example of an excerpt to support its comprehension. It is interesting to notice that the concerns are usually interrelated, confirming the multidisciplinary nature of IoT. For example: “For technology to disappear from the consciousness of the user, the Internet of Things demands software architectures and pervasive communication networks to process and convey the contextual information to where it is relevant” (Gubbi et al., 2013), this excerpt is coded for an architectural issue and network as well. Another example is “Central issues are making full interoperability of interconnected devices possible, providing them with an always higher degree of smartness by enabling their adaptation and autonomous behavior, while guaranteeing trust, privacy, and security” (IEEE, 2004), which was coded both for interoperability and security issues. Provide solutions to the issues presented in the technical literature can be tricky to achieve due to the diversity of concerns, variety of devices and uncertainties in the area. From the findings recovered in this review, our research perspective will be directed to support the proposed definition: IoT is a paradigm that allows composing systems from uniquely addressable objects (things) equipped with identifying, sensing or actuation behaviors and processing capabilities that can communicate and cooperate to reach a goal. Our focus will be on looking at the perspective of the software orchestration necessary for the composition of systems that will rise in this contemporary paradigm. Despite our decision to direct the research, the article may contribute to other areas of research providing definitions, characteristics, and the challenges presented in this section. 4.4 Threats to Validity Since only Scopus was used as a search engine, it may be missing some relevant studies, but from our experience, we know that it can give a reasonable coverage when performing together with snowballing procedures (backward and forward) (Matalonga, Rodrigues, and Travassos 2015; Motta, Oliveira, and Travassos 2016). In addition, a recurrent issue in literature reviews regards inconsistent terminology and restrictive keywords. We searched for other reviews and observed the terms used to compose our search string to reduce the researchers’ bias. Data extraction and interpretation biases were mitigated with crosschecking between two researchers and by having a third researcher to revise the results. All phases of this review were peer-reviewed; any doubt was discussed among the readers, to reduce selection bias. We have not performed a Quality Assessment regarding the research methodology of the selected studies due to the lack of information in the secondary reports. It is a threat to this study validity. Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 5 Conclusion This work presented the research on the IoT paradigm, detailing the activities performed for the literature review, and analyzing the findings and discussions to answer the following research questions: (RQ1) What is “Internet of Things”? (RQ2) Which characteristics can define an IoT domain? (RQ3) Which are the areas of IoT application? As the IoT concept is currently under discussion, there are still significant issues regarding its understanding that need to be clarified and established. One contribution of this work is to present an organized perspective regarding the current state-of-the-art regarding the IoT paradigm. Besides, it allows observing which areas of application are making use of IoT (RQ3). All of these findings were related and summarized to enrich the IoT paradigm comprehension. From the discussion of RQ1, we understand that IoT is a paradigm allowing the composition of software systems from uniquely addressable objects equipped with identifying, sensing or actuation behaviors and processing capabilities that can communicate and cooperate to reach a goal. The idea of composing software systems from available components is not new, but one of the issues that set IoT apart is the scale at which it can be achieved and the actors involved in these new software systems. From this, shared concerns regarding the development and evaluation of such software systems should be reframed to cover the particularities of these new types of devices. A critical step towards it is to establish what quality characteristics should be contemplated. With the second research question, we moved forward in this direction. Regarding the IoT characteristics (RQ2), from the technical literature, we recovered 29 different attributes, from which this paper discussed nine of them with clear evidence from the sources of information. Considering that the results retrieved are from secondary studies, the characteristics represented reflect more than just the 15 secondary studies, but rather the whole set of primary studies involved in them which can strengthen these results. The most commonly cited characteristics presented are Efficiency, Interoperability, Scalability, Privacy, and Security that reassure the definition reached in the paper. This work is the first step towards future investigations focusing on aspects such as software development and quality control of IoT. Apart from that, the grounded concepts, properties and terms related to the IoT paradigm can be a contribution to any future related research. Besides, the identification and discussions on already deployed applications and the three behaviors of things can contribute to practitioners in the processes of idealizing, engineering and developing IoT software systems. At last, it is expected Table 10 IoT Challenges. Category Example Architecture: Issues and concerns regarding design decisions, styles and the structure of IoT systems. “Finding a scalable, flexible, secure and cost-efficient architecture, able to cope with the complex IoT scenario, is one of the main goals for the IoT adoption.” (Borgia, 2014). Data: It refers to the management of a significant amount of data, and how to recover, represent, store, interconnect, search, and organize data generated by IoT from so many different users and devices. “This new field offers many research challenges, but the main goal of this line of research is to make sense of data in any IoT environment. It has been pointed out that it is always much easier to create data than to analyze them. With this in mind, new conceptual modeling, as well as new paradigms of data mining techniques will be crucial to provide value and meaning to initially empty Data.” (Gil et al. 2016). Interoperability: Related to the challenge of making different systems, software, and things to interact for a purpose. Standards and protocols are also included as issues. “The end goal is to have Plug n' Play smart objects which can be deployed in any environment with an interoperable backbone allowing them to blend with other smart objects around them.” (Gubbi et al., 2013). Management: The application of management activities, such as planning, monitoring and controlling, in the IoT system will raise the interaction of different things. “From the viewpoint of the network, IoT is a very complex heterogeneous network, which includes the connections among various types of networks through various communication technologies. The devices and methodologies for addressing things management is still a challenge.” (Li, Xu and Zhao, 2015) Network: Technical challenges related to communication technologies, routing, access and addressing schemes considering the different characteristics of the devices. “Designing an appropriate topology, routing, and MAC layer is critical for scalability and longevity of the deployed network” (Gubbi et al., 2013). Security: Issues related to several aspects to ensure data security in the IoT system. For that, a series of properties, such as confidentiality, integrity, authentication, authorization, non- repudiation, availability, and privacy should be investigated. “Security issues are central in IoT as they may occur at various levels, investing technology as well as ethical and privacy issues [...] This is extremely challenging due to the IoT characteristics.” (Borgia, 2014). Social: Concerns related to the human end-user to understand the situation of its users and their appliances. “For a lay person to fully benefit from the IoT revolution, attractive and easy to understand visualization have to be created.” (Gubbi et al., 2013). Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 the knowledge organized and presented in this paper can contribute to stimulating discussions and future investigations on providing software technologies to promote the engineering of high-quality IoT software systems. 6 Declarations Abbreviations IoT: Internet of Things; CPS: Cyber-Physical Systems; RFID: Radio-Frequency Identification; MEMS: Micro- electro-mechanical systems; M2M: Machine-to-Machine; HCI: Human-Computer Interaction. Availability of data and materials Details of the protocol are available in https://goo.gl/cTyzuT. Authors’ contributions We present a review supported by established guidelines and aims to contribute to the IoT field of with awareness, understanding of its concepts and features and a characterization regarding its definition, characteristics, and applications. We answer the research questions characterizing the area, present challenges and opportunities and we offer an essential overview of the Internet of Things state-of-the-art, presenting issues that should be addressed to contribute to its strengthening and establishment. Acknowledgments The authors thank CNPq and CAPES for supporting this research. Funding Prof. Travassos is a CNPq researcher (grant 305929/2014- 3). This study was financed in part by the Coordenação de Aperfeiçoamento de Pessoal de Nível Superior - Brasil (CAPES) - Finance Code 001. Competing interests The authors declare that they have no competing interests. Consent for participation and publication Not applicable. 7 References Abowd, G. D. et al. (1999) ‘Towards a Better Understanding of Context and Context-Awareness’, in Computing Systems, pp. 304–307. doi: 10.1007/3-540-48157-5_29. Akyildiz, I. F., Jiang Xie and Mohanty, S. (2004) ‘A survey of mobility management in next-generation all-IP-based wireless systems,’ IEEE Wireless Communications, 11(4), pp. 16–28. doi: 10.1109/MWC.2004.1325888. Alabdulhafith, M., Sampangi, R. V. and Sampalli, S. (2013) ‘NFC-enabled smartphone application for drug interaction and drug allergy detection,’ in 2013 5th International Workshop on Near Field Communication (NFC). IEEE, pp. 1–6. doi: 10.1109/NFC.2013.6482450. de Almeida Biolchini, J. C. et al. (2007) ‘Scientific research ontology to support systematic review in software engineering,’ Advanced Engineering Informatics, 21(2), pp. 133–151. doi: 10.1016/j.aei.2006.11.006. Andreini, F. et al. (2010) ‘Context-aware location in the Internet of Things,’ in 2010 IEEE Globecom Workshops. IEEE, pp. 300–304. doi: 10.1109/GLOCOMW.2010.5700330. Andreini, F. et al. (2011) ‘A scalable architecture for geo- localized service access in smart cities,’ in 2011 Future Network & Mobile Summit, pp. 1–8. Atzori, L., Iera, A. and Morabito, G. (2010) ‘The Internet of Things: A survey,’ Computer Networks. Elsevier B.V., 54(15), pp. 2787–2805. doi: 10.1016/j.comnet.2010.05.010. Azimi, S. R. et al. (2011) ‘Vehicular Networks for Collision Avoidance at Intersections’, SAE International Journal of Passenger Cars-Mechanical Systems, 4(1), pp. 2011-01– 0573. doi: 10.4271/2011-01-0573. Baldauf, M., Dustdar, S. and Rosenberg, F. (2007) ‘A survey on context-aware systems,’ International Journal of Ad Hoc and Ubiquitous Computing, 2(4), p. 263. doi: 10.1504/IJAHUC.2007.014070. Bandyopadhyay, D. and Sen, J. (2011) ‘Internet of Things: Applications and Challenges in Technology and Standardization’, Wireless Personal Communications, 58(1), pp. 49–69. doi: 10.1007/s11277-011-0288-5. Barro-Torres, S. et al. (2012) ‘Real-time personal protective equipment monitoring system,’ Computer Communications, 36(1), pp. 42–50. doi: 10.1016/j.comcom.2012.01.005. Basili, V. R., Caldeira, G. and Rombach, H. D. (1994) ‘Goal Question Metric Paradigm.’ Borgia, E. (2014) ‘The Internet of Things vision: Key features, applications, and open issues,’ Computer Communications. Elsevier B.V., 54, pp. 1–31. doi: 10.1016/j.comcom.2014.09.008. Brock, D. L. (2001) ‘Integrating the Electronic Product Code (EPC) and the Global Trade Item Number (GTIN),’ MIT Auto-Id Center, (February 1), pp. 1–25. Budgen, D. and Brereton, P. (2006) ‘Performing systematic literature reviews in software engineering,’ in Proceeding of the 28th international conference on Software engineering - ICSE ’06. New York, New York, USA: ACM Press, p. 1051. doi: 10.1145/1134285.1134500. Burhanuddin, M. A. et al. (2017) ‘Internet of things architecture: Current challenges and future direction of research,’ International Journal of Applied Engineering Research, 12(21), pp. 11055–11061. Carcary, M. et al. (2018) ‘Exploring the Determinants of IoT Adoption: Findings from a Systematic Literature Review,’ in Zdravkovic, J. et al. (eds) CEUR Workshop Proceedings. Cham: Springer International Publishing (Lecture Notes in Business Information Processing), pp. 113–125. doi: 10.1007/978-3-319-99951-7_8. Chasaki, D. and Mansour, C. (2015) ‘Security challenges in the internet of things,’ International Journal of Space- Based and Situated Computing, 5(3), p. 141. doi: 10.1504/IJSSC.2015.070945. Chen, M. (2012) ‘Machine-to-Machine Communications: Architectures, Standards, and Applications,’ KSII Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 Transactions on Internet and Information Systems, 6(2), pp. 480–497. doi: 10.3837/tiis.2012.02.002. Chengen Wang, Zhuming Bi and Li Da Xu (2014) ‘IoT and Cloud Computing in Automation of Assembly Modeling Systems,’ IEEE Transactions on Industrial Informatics. IEEE, 10(2), pp. 1426–1434. doi: 10.1109/TII.2014.2300346. Chlamtac, I., Conti, M. and Liu, J. J. N. (2003) ‘Mobile ad hoc networking: imperatives and challenges,’ Ad Hoc Networks, 1(1), pp. 13–64. doi: 10.1016/S1570- 8705(03)00013-1. Cicirelli, F. et al. (2018) ‘A Metamodel Framework for Edge- Based Smart Environments’, in 2018 IEEE International Conference on Cloud Engineering (IC2E). IEEE, pp. 286– 291. doi: 10.1109/IC2E.2018.00067. Cirani, S., Ferrari, G. and Veltri, L. (2013) ‘Enforcing Security Mechanisms in the IP-Based Internet of Things: An Algorithmic Overview,’ Algorithms. Multidisciplinary Digital Publishing Institute, 6(2), pp. 197–226. doi: 10.3390/a6020197. Cisco (2014) Leading Tools Manufacturer Transforms Operations with IoT. Available at: http://www.cisco.com/c/dam/en_us/solutions/industries/d ocs/manufacturing/c36-732293-00-stanley-cs.pdf. Datta, S. K. et al. (2017) ‘Vehicles as Connected Resources: Opportunities and Challenges for the Future,’ IEEE Vehicular Technology Magazine, 12(2), pp. 26–35. doi: 10.1109/MVT.2017.2670859. Dunkels, A. and Vasseur, J. (2008) The Internet of Things : IP for Smart Objects, IPSO Alliance White Paper. Finkenzeller, K. (2010) RFID handbook: fundamentals and applications in contactless smart cards, radio frequency identification, and near-field communication. NJ: Wiley. Gil, D. et al. (2016) ‘Internet of Things: A Review of Surveys Based on Context-Aware Intelligent Services,’ Sensors, 16(7), p. 1069. doi: 10.3390/s16071069. Gluhak, A. et al. (2011) ‘A survey on facilities for experimental internet of things research,’ IEEE Communications Magazine, 49(11), pp. 58–67. doi: 10.1109/MCOM.2011.6069710. Gubbi, J. et al. (2013) ‘Internet of Things (IoT): A vision, architectural elements, and future directions,’ Future Generation Computer Systems, 29(7), pp. 1645–1660. doi: 10.1016/j.future.2013.01.010. Gusmeroli, S., Sundmaeker, H. and Bassi, A. (2015) ‘Internet of Things Strategic Research Roadmap,’ The Cluster of European Research Projects, Tech. Rep, pp. 9–52. Hackmann, G. et al. (2008) ‘A Holistic Approach to Decentralized Structural Damage Localization Using Wireless Sensor Networks,’ in 2008 Real-Time Systems Symposium. IEEE, pp. 35–46. doi: 10.1109/RTSS.2008.40. Holler, J. et al. (2014) From Machine-To-Machine to the Internet of Things. Elsevier. doi: 10.1016/C2012-0-03263- 2. Hur, J. and Kang, K. (2012) ‘Dependable and secure computing in medical information systems,’ Computer Communications. Elsevier B.V., 36(1), pp. 20–28. doi: 10.1016/j.comcom.2012.01.006. IEEE (2004) Guide to the Software Engineering Body of Knowledge, Ieee. IEEE Computer Society Press. Available at: http://www.computer.org/portal/web/swebok. INFSO D.4 (2008) ‘Networked enterprise and RFID INFSO G.2 Micro and nanosystems’, Co-operation with the working group RFID of the ETP EPOSS, internet of things in 2020, roadmap for the future, Version 1.1, 2020(4). ITU (2005) ITU Internet Report 2005: The Internet of Things. doi: 10.1038/nphys3028. Jardim-Goncalves, R. et al. (2013) ‘Systematisation of Interoperability Body of Knowledge: the foundation for Enterprise Interoperability as a science,’ Enterprise Information Systems. Taylor & Francis, 7(1), pp. 7–32. doi: 10.1080/17517575.2012.684401. Kannry, J. et al. (2007) ‘Small-scale Testing of RFID in a Hospital Setting: RFID as Bed Trigger,’ AMIA Annual Symposium Proceedings, pp. 384–388. Available at: http://www.pubmedcentral.nih.gov/articlerender.fcgi?arti d=2813671&tool=pmcentrez&rendertype=abstract. Koren, I. and Krishna, C. M. (2007) ‘Fault-Tolerant Systems’. Elsevier. Available at: https://ebookcentral.proquest.com/lib/feup- ebooks/reader.action?docID=294597&query=. Kraijak, S. and Tuwanut, P. (2016) ‘A survey on the internet of things architecture, protocols, possible applications, security, privacy, real-world implementation and future trends,’ International Conference on Communication Technology Proceedings, ICCT, 2016–February, pp. 26– 31. doi: 10.1109/ICCT.2015.7399787. Larrucea, X. et al. (2017) ‘Software Engineering for the Internet of Things,’ IEEE Software, 34(1), pp. 24–28. doi: 10.1109/MS.2017.28. Lee, I. and Sokolsky, O. (2010) ‘Medical cyber-physical systems,’ in Proceedings of the 47th Design Automation Conference on - DAC ’10. New York, New York, USA: ACM Press, p. 743. doi: 10.1145/1837274.1837463. Li, S., Xu, L. Da and Zhao, S. (2015) ‘The internet of things: a survey,’ Information Systems Frontiers, 17(2), pp. 243– 259. doi: 10.1007/s10796-014-9492-7. Madakam, S., Ramaswamy, R. and Tripathi, S. (2015) ‘Internet of Things (IoT): A Literature Review,’ Journal of Computer and Communications, 3(5), pp. 164–173. doi: 10.4236/jcc.2015.35021. Matalonga, S., Rodrigues, F. and Travassos, G. (2015) ‘Challenges in Testing Context-Aware Software Systems,’ in 9th Workshop on Systematic and Automated Software Testing 2015. Belo Horizonte, Brazil, pp. 51–60. Matalonga, S., Rodrigues, F. and Travassos, G. H. (2017) ‘Characterizing testing methods for context-aware software systems: Results from a quasi-systematic literature review,’ Journal of Systems and Software. Elsevier Inc., 131, pp. 1–21. doi: 10.1016/j.jss.2017.05.048. Miorandi, D. et al. (2012) ‘Internet of things: Vision, applications and research challenges,’ Ad Hoc Networks. Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 Elsevier B.V., 10(7), pp. 1497–1516. doi: 10.1016/j.adhoc.2012.02.016. Miranda, J. et al. (2015) ‘From the Internet of Things to the Internet of People’, IEEE Internet Computing, 19(2), pp. 40–47. doi: 10.1109/MIC.2015.24. Motta, R. C., Oliveira, K. M. de and Travassos, G. H. (2016) ‘Characterizing Interoperability in Context-Aware Software Systems,’ in 2016 VI Brazilian Symposium on Computing Systems Engineering (SBESC). IEEE, pp. 203– 208. doi: 10.1109/SBESC.2016.039. Motta, R. C., de Oliveira, K. M. and Travassos, G. H. (2018) ‘On challenges in engineering IoT software systems,’ in Proceedings of the XXXII Brazilian Symposium on Software Engineering - SBES ’18. New York, New York, USA: ACM Press, pp. 42–51. doi: 10.1145/3266237.3266263. Nami, M. R. and Sharifi, M. (2007) ‘A Survey of Autonomic Computing Systems,’ in Intelligent Information Processing III. Boston, MA: Springer US, pp. 101–110. doi: 10.1007/978-0-387-44641-7_11. Nuzzo, P. and Sangiovanni-Vincentelli, A. (2014) ‘Let’s Get Physical: Computer Science Meets Systems,’ in From Programs to Systems. The Systems Perspective in Computing. Springer, pp. 193–208. doi: 10.1007/978-3- 642-54848-2_13. O’Reilly, T. and Pahlka, J. (2009) ‘The Web Squared Era,’ Forbes, September 2009. Panetto, H. and Cecil, J. (2013) ‘Information systems for enterprise integration, interoperability, and networking: theory and applications,’ Enterprise Information Systems. Taylor & Francis, 7(1), pp. 1–6. doi: 10.1080/17517575.2012.684802. Patel, P. and Cassou, D. (2015) ‘Enabling high-level application development for the Internet of Things’, Journal of Systems and Software. Elsevier Ltd., 103, pp. 62–84. doi: 10.1016/j.jss.2015.01.027. Perera, C. et al. (2014) ‘Context-Aware Computing for The Internet of Things: A Survey,’ IEEE Communications Surveys & Tutorials, 16(1), pp. 414–454. doi: 10.1109/SURV.2013.042313.00197. Rajkumar, R. (Raj) et al. (2010) ‘Cyber-physical systems,’ in Proceedings of the 47th Design Automation Conference on - DAC ’10. New York, New York, USA: ACM Press, p. 731. doi: 10.1145/1837274.1837461. Ray, P. P. (2018) ‘A survey on Internet of Things architectures,’ Journal of King Saud University - Computer and Information Sciences. King Saud University, 30(3), pp. 291–319. doi: 10.1016/j.jksuci.2016.10.003. Sampigethaya, K., Poovendran, R. and Bushnell, L. (2008) ‘Secure Operation, Control, and Maintenance of Future E- Enabled Airplanes,’ Proceedings of the IEEE, 96(12), pp. 1992–2007. doi: 10.1109/JPROC.2008.2006123. Santos, I. de S. et al. (2017) ‘Test case design for context- aware applications: Are we there yet?’, Information and Software Technology. Elsevier B.V., 88, pp. 1–16. doi: 10.1016/j.infsof.2017.03.008. Satyanarayanan, M. (2001) ‘Pervasive computing: vision and challenges,’ IEEE Personal Communications, 8(4), pp. 10–17. doi: 10.1109/98.943998. Schmidt, A. and van Laerhoven, K. (2001) ‘How to build smart appliances?’, IEEE Personal Communications. IEEE, 8(4), pp. 66–71. doi: 10.1109/98.944006. Sethi, P. and Sarangi, S. R. (2017) ‘Internet of Things: Architectures, Protocols, and Applications’, Journal of Electrical and Computer Engineering, 2017. doi: 10.1155/2017/9324035. Sharma, V., Gusain, P. and Kumar, P. (2013) ‘Near field communication,’ SETLabs Briefings, 2013(Cac2s), pp. 342–345. Singh, D., Tripathi, G. and Jara, A. J. (2014) ‘A survey of Internet-of-Things: Future vision, architecture, challenges and services,’ 2014 IEEE World Forum on Internet of Things, WF-IoT 2014, pp. 287–292. doi: 10.1109/WF- IoT.2014.6803174. Skiba, D. J. (2013) ‘The Internet of Things (IoT),’ Nursing Education Perspectives, 34(1), pp. 63–64. doi: 10.5480/1536-5026-34.1.63. Spínola, R. O., Pinto, F. C. R. and Travassos, G. H. (2008) ‘Supporting requirements definition and quality assurance in ubiquitous software project,’ in Communications in Computer and Information Science, pp. 587–603. doi: 10.1007/978-3-540-88479-8-42. Spínola, R. O. and Travassos, G. H. (2012) ‘Towards a framework to characterize ubiquitous software projects,’ Information and Software Technology, 54(7), pp. 759–785. doi: 10.1016/j.infsof.2012.01.009. Strauss, A. and Corbin, J. (1990) Basics of qualitative research: Techniques and procedures for developing grounded theory. Newbury Park: Sage Publications, Inc. Trappey, A. J. C. et al. (2017) ‘A review of essential standards and patent landscapes for the Internet of Things: A key enabler for Industry 4.0’, Advanced Engineering Informatics. Elsevier Ltd, 33, pp. 208–229. doi: 10.1016/j.aei.2016.11.007. Vermesan, Ovidiu and Friess, Peter and Guillemin, Patrick and Gusmeroli, Sergio and Sundmaeker, Harald and Bassi, Alessandro and Jubert, Ignacio Soler and Mazura, Margaretha and Harrison, M. and others (2009) ‘Towards the Web of Things : Web Mashups for Embedded Devices’, Workshop on Mashups, Enterprise Mashups and Lightweight Composition on the Web (MEM 2009), pp. 1– 8. Wan, J. et al. (2013) ‘From machine-to-machine communications towards cyber-physical systems,’ Computer Science and Information Systems, 10(3), pp. 1105–1128. doi: 10.2298/CSIS120326018W. Wark, T. et al. (2007) ‘The Design and Evaluation of a Mobile Sensor/Actuator Network for Autonomous Animal Control,’ in 2007 6th International Symposium on Information Processing in Sensor Networks. IEEE, pp. 206–215. doi: 10.1109/IPSN.2007.4379680. Weiser, M. et al. (1999) ‘The origins of ubiquitous computing research at PARC,’ IBM Systems Journal, 38(4), pp. 693–696. doi: 10.1147/sj.384.0693. Towards a more in-depth understanding of the IoT Paradigm and its challenges Motta et al. 2019 Werner-Allen, G. et al. (2006) ‘Deploying a wireless sensor network on an active volcano,’ IEEE Internet Computing, 10(2), pp. 18–25. doi: 10.1109/MIC.2006.26. Whitmore, A., Agarwal, A. and Da Xu, L. (2015) ‘The Internet of Things—A survey of topics and trends,’ Information Systems Frontiers, 17(2), pp. 261–274. doi: 10.1007/s10796-014-9489-2. Wohlin, C. (2014) ‘Guidelines for snowballing in systematic literature studies and a replication in software engineering,’ Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering - EASE ’14, pp. 1–10. doi: 10.1145/2601248.2601268. Wortmann, A., Combemale, B. and Barais, O. (2017) ‘A Systematic Mapping Study on Modeling for Industry 4.0’, in 2017 ACM/IEEE 20th International Conference on Model Driven Engineering Languages and Systems (MODELS). IEEE, pp. 281–291. doi: 10.1109/MODELS.2017.14. Xianrong Zheng et al. (2014a) ‘Cloud Service Negotiation in Internet of Things Environment: A Mixed Approach,’ IEEE Transactions on Industrial Informatics, 10(2), pp. 1506–1515. doi: 10.1109/TII.2014.2305641. Xianrong Zheng et al. (2014b) ‘CLOUDQUAL: A Quality Model for Cloud Services,’ IEEE Transactions on Industrial Informatics. IEEE, 10(2), pp. 1527–1536. doi: 10.1109/TII.2014.2306329. Zambonelli, F. (2016) ‘Towards a General Software Engineering Methodology for the Internet of Things.’ Available at: http://arxiv.org/abs/1601.05569.