A B S T R A C TA revolution in manufacturing systems is underway: substantial recent investment has been directed towards the development of smart manufacturing systems that are able to respond in real time to changes in customer demands, as well as the conditions in the supply chain and in the factory itself. Smart manufacturing is a key component of the broader thrust towards Industry 4.0, and relies on the creation of a bridge between digital and physical environments through Internet of Things (IoT) technologies, coupled with enhancements to those digital environments through greater use of cloud systems, data analytics and machine learning. Whilst these individual technologies have been in development for some time, their integration with industrial systems leads to new challenges as well as potential benefits. In this paper, we explore the challenges faced by those wishing to secure smart manufacturing systems. Lessons from history suggest that where an attempt has been made to retrofit security on systems for which the primary driver was the development of functionality, there are inevitable and costly breaches. Indeed, today's manufacturing systems have started to experience this over the past few years; however, the integration of complex smart manufacturing technologies massively increases the scope for attack from adversaries aiming at industrial espionage and sabotage. The potential outcome of these attacks ranges from economic damage and lost production, through injury and loss of life, to catastrophic nation-wide effects. In this paper, we discuss the security of existing industrial and manufacturing systems, existing vulnerabilities, potential future cyber-attacks, the weaknesses of existing measures, the levels of awareness and preparedness for future security challenges, and why security must play a key role underpinning the development of future smart manufacturing systems.
Critical infrastructure systems are evolving from isolated bespoke systems to those that use general-purpose computing hosts, IoT sensors, edge computing, wireless networks and artificial intelligence. Although this move improves sensing and control capacity and gives better integration with business requirements, it also increases the scope for attack from malicious entities that intend to conduct industrial espionage and sabotage against these systems. In this paper, we review the state of the cyber-security research that is focused on improving the security of the water supply and wastewater collection and treatment systems that form part of the critical national infrastructure. We cover the publication statistics of the research in this area, the aspects of security being addressed, and future work required to achieve better cyber-security for water systems.
Ensuring security in pervasive computing systems is an essential pre-requisite for their deployment. Typically, such systems are reliant on wireless networks for communication; however, whilst a considerable amount of attention has been given to cryptographic mechanisms for securing that wireless link, almost none has been devoted to the creation of covert channels capable of circumventing perimeter security. In systems that embody an element of control, covert channels offer the potential both to leak information that might be considered private and to alter the operation of the system in ways that are undesirable or unsafe. In this paper, we present two novel forms of covert channel designed to leak information from a compromised node within a secured network in ways that are statistically undetectable by other parts of that system. These two attacks rely on: modulation of transmission power, which impacts the RSSI/LQI of a message; and modulation of sensor data in a way that can be seen in the encrypted form of that data. We report the results of an extensive set of practical experiments designed to assess the channel capacity of these covert channels. Overall, this paper demonstrates that the creation of undetectable covert channels is a practical proposition in pervasive computing systems. This, in turn, has implications for key distribution: the use of individual, rather than group, keys is necessary to limit the exposure caused by a successful covert channel attack.
The rise in practical Virtual Organisations (VOs) requires secure access to data and interactions between their partners. Ad hoc solutions to meet these requirements are possible, but Web services hold out the potential for generic security solutions whose cost can be spread across several short lived dynamic VOs. This paper identifies trust and security requirements throughout the VO lifecycle and analyse current Web Services specifications to show their suitability to meet these requirements. Although they demonstrate the potential for generic security support, there are uncertainties concerning different level of interoperability and stability of implementation for different specifications, which may slow down their exploitation for security-critical business applications. However, research in Web services developments are well timed to avoid losing first adopter advantage when they become stable.
To respond to market opportunities enterprises must interoperate with each other within dynamic virtual organizations (VO) when they do not control the required resources themselves. The TrustCoM project is developing a framework for trust, security and contract management for dynamic VO. The core contribution of the TrustCoM framework is its ability to define a contractual agreement between VO members at a business level and have it specified, monitored and updated at a technical, operational level within a service oriented architecture. The main innovation in TrustCoM is to apply recent research results on policy based security in distributed computing management, role based access control and reputation management to bridge the gap between VO Agreements and managed Web Services.
Recent hardware developments have made it possible for the Internet of Things (IoT) to be built. A wide variety of industry sectors, including manufacturing, utilities, agriculture, transportation, and healthcare are actively seeking to incorporate IoT technologies in their operations. The increased connectivity and data sharing that give IoT systems their advantages also increase their vulnerability to attack. In this study, the authors explore the automated generation of attacks using genetic programming (GP), so that defences can be tested objectively in advance of deployment. In the authors' system, the GPgenerated attackers targeted publish-subscribe communications within a wireless sensor networks that was protected by an artificial immune intrusion detection system (IDS) taken from the literature. The GP attackers successfully suppressed more legitimate messages than the hand-coded attack used originally to test the IDS, whilst reducing the likelihood of detection. Based on the results, it was possible to reconfigure the IDS to improve its performance. Whilst the experiments were focussed on establishing a proof-of-principle rather than a turnkey solution, they indicate that GP-generated attackers have the potential to improve the protection of systems with large attack surfaces, in a way that is complementary to traditional testing and certification.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.