Abstract:Abstract-In today's "smart era" there is a growing ecosystem of Internet of Things (IoT)-enabled devices, which exploit (wireless) Internet connectivity and use standard communication protocols to interact with each other and the environment. As various IoT components are becoming widely available in the marketplace, a key challenge from a feedback control viewpoint is the ability to seamlessly integrate new IoT components or modify existing configurations in feedback control settings without having to halt th… Show more
“…Automating the generation of input AND/OR graphs for ICS is also a challenging activity, which we plan to further investigate over real-world settings. In particular, we aim at a hybrid approach involving three main aspects: using semantic inference techniques to produce analytical redundancies [42], IT-like network mapping and discovery mechanisms at the cyber level, and semi-automated methods to consolidate expert knowledge from operators. At the optimisation side, our computation strategy already considers a tie-break algorithm that selects the solution with minimum amount of nodes when two or more solutions with equal cost are found.…”
In recent years, Industrial Control Systems (ICS) have become an appealing target for cyber attacks, having massive destructive consequences. Security metrics are therefore essential to assess their security posture. In this paper, we present a novel ICS security metric based on AND/OR graphs that represent cyber-physical dependencies among network components. Our metric is able to efficiently identify sets of critical cyberphysical components, with minimal cost for an attacker, such that if compromised, the system would enter into a non-operational state. We address this problem by efficiently transforming the input AND/OR graph-based model into a weighted logical formula that is then used to build and solve a Weighted Partial MAX-SAT problem. Our tool, META4ICS, leverages state-of-the-art techniques from the field of logical satisfiability optimisation in order to achieve efficient computation times. Our experimental results indicate that the proposed security metric can efficiently scale to networks with thousands of nodes and be computed in seconds. In addition, we present a case study where we have used our system to analyse the security posture of a realistic water transport network. We discuss our findings on the plant as well as further security applications of our metric.
“…Automating the generation of input AND/OR graphs for ICS is also a challenging activity, which we plan to further investigate over real-world settings. In particular, we aim at a hybrid approach involving three main aspects: using semantic inference techniques to produce analytical redundancies [42], IT-like network mapping and discovery mechanisms at the cyber level, and semi-automated methods to consolidate expert knowledge from operators. At the optimisation side, our computation strategy already considers a tie-break algorithm that selects the solution with minimum amount of nodes when two or more solutions with equal cost are found.…”
In recent years, Industrial Control Systems (ICS) have become an appealing target for cyber attacks, having massive destructive consequences. Security metrics are therefore essential to assess their security posture. In this paper, we present a novel ICS security metric based on AND/OR graphs that represent cyber-physical dependencies among network components. Our metric is able to efficiently identify sets of critical cyberphysical components, with minimal cost for an attacker, such that if compromised, the system would enter into a non-operational state. We address this problem by efficiently transforming the input AND/OR graph-based model into a weighted logical formula that is then used to build and solve a Weighted Partial MAX-SAT problem. Our tool, META4ICS, leverages state-of-the-art techniques from the field of logical satisfiability optimisation in order to achieve efficient computation times. Our experimental results indicate that the proposed security metric can efficiently scale to networks with thousands of nodes and be computed in seconds. In addition, we present a case study where we have used our system to analyse the security posture of a realistic water transport network. We discuss our findings on the plant as well as further security applications of our metric.
“…The acquired data is transmitted using wireless communication protocols like BlueTooth LE, SigFox, RFID, ZigBee, NFC, Z-Wave, WiFi, etc. over the HTTP (Hypertext Transfer Protocol and MQTT (Message Query Telemetry Transport) [22]. Various…”
Education 4.0 contemplates the involvement of emerging technologies like IoT (Internet of Things), Fog and cloud computing. Ubiquitous real-time monitoring under the challenging environment of an educational institution is the key requirement for proper implementation of Education 4.0 around the world. Conspicuously, this research presents a novel monitoring and irregularity detection framework for educational institutions. In this research, acquisition of data while deploying IoT is being suggested in the comprehensive environs of the educational institutions. Pre-processing of acquired data for feature extraction is implemented using the Fog-Cloud nodes. Subsequently, the Temporal Chunk (TC)which is articulated with Temporal Data mining, is further employed to detect irregularities based on SoTL (Set of threshold limits)and HAA (Historical Adversity Approximation). Successively, Multi-Layered Bi-Directional Long Short Term Memory (M-Bi-LSTM) oriented irregularity prediction model is deployed. Furthermore, a fog-inspired alert generation and reporting module are employed for real-time reporting to notify the concerned stakeholder for in-time preventive action corresponding to predicted irregularity. To authenticate the proposed framework and to avoid the experimental implementation cost, the experimental simulations are performed. The experimental results verify that the proposed framework is capable to perform better in comparison to other contemporary decision-making methods for Delay Efficiency, Data Classification, Irregularity Prediction and System Stability. Moreover, the proposed framework can successfully estimate most of the irregularities in an educational environment and provide support for the proper implementation of Education 4.0 in a proficient and realistic manner.
“…In practice, for computing the graphs, we propose the use of algorithms which translate water distribution models (e.g., EPANET models) into logic graphs. Moreover, domain knowledge and automated reasoning, based on the SEMIoTICS architecture [8], can be used to determine what new sensors and software agents are needed. For this, all the network components (sensors, actuators, agents) must be semantically annotated, and it assumes that a domain knowledge model exists which semantically describes the functions.…”
Cyber-Physical Systems (CPS), such as Water Distribution Networks (WDNs), deploy digital devices to monitor and control the behavior of physical processes. These digital devices, however, are susceptible to cyber and physical attacks, that may alter their functionality, and therefore the integrity of their measurements/actions. In practice, industrial control systems utilize simple control laws, which rely on various sensor measurements and algorithms which are expected to operate normally. To reduce the impact of a potential failure, operators may deploy redundant components; this however may not be useful, e.g., when a cyber attack at a PLC component occurs.In this work, we address the problem of reducing vulnerability to cyber-physical attacks in water distribution networks. This is achieved by augmenting the graph which describes the information flow from sensors to actuators, by adding new connections and algorithms, to increase the number of redundant cyber components. These, in turn, increase the cyber-physical security level, which is defined in the present paper as the number of malicious attacks a CPS may sustain before becoming unable to satisfy the control requirements. A proof-of-concept of the approach is demonstrated over a simple WDN, with intuition on how this can be used to increase the cyber-physical security level of the system.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.