Multilevel Runtime Verification for Safety and Security Critical Cyber Physical Systems from a Model Based Engineering Perspective

Advanced embedded system technology is one of the key driving forces behind the rapid growth of Cyber-Physical System (CPS) applications. CPS consists of multiple coordinating and cooperating components, which are often software-intensive and interact with each other to achieve unprecedented tasks. Such highly integrated CPSs have complex interaction failures, attack surfaces, and attack vectors that we have to protect and secure against. This dissertation advances the state-of-the-art by developing a multilevel runtime monitoring approach for safety and security critical CPSs where there are monitors at each level of processing and integration. Given that computation and data processing vulnerabilities may exist at multiple levels in an embedded CPS, it follows that solutions present at the levels where the faults or vulnerabilities originate are beneficial in timely detection of anomalies. Further, increasing functional and architectural complexity of critical CPSs have significant safety and security operational implications. These challenges are leading to a need for new methods where there is a continuum between design time assurance and runtime or operational assurance. Towards this end, this dissertation explores Model Based Engineering methods by which design assurance can be carried forward to the runtime domain, creating a shared responsibility for reducing the overall risk associated with the system at operation. Therefore, a synergistic combination of Verification & Validation at design time and runtime monitoring at multiple levels is beneficial in assuring safety and security of critical CPS. Furthermore, we realize our multilevel runtime monitor framework on hardware using a stream-based runtime verification language

REMIND: A Framework for the Resilient Design of Automotive Systems

In the past years, great effort has been spent on enhancing the security and safety of vehicular systems. Current advances in information and communication technology have increased the complexity of these systems and lead to extended functionalities towards self-driving and more connectivity. Unfortunately, these advances open the door for diverse and newly emerging attacks that hamper the security and, thus, the safety of vehicular systems. In this paper, we contribute to supporting the design of resilient automotive systems. We review and analyze scientific literature on resilience techniques, fault tolerance, and dependability. As a result, we present the REMIND resilience framework providing techniques for attack detection, mitigation, recovery, and resilience endurance. Moreover, we provide guidelines on how the REMIND framework can be used against common security threats and attacks and further discuss the trade-offs when applying these guidelines

Standardization Framework for Sustainability from Circular Economy 4.0

The circular economy (CE) is widely known as a way to implement and achieve sustainability, mainly due to its contribution towards the separation of biological and technical nutrients under cyclic industrial metabolism. The incorporation of the principles of the CE in the links of the value chain of the various sectors of the economy strives to ensure circularity, safety, and efficiency. The framework proposed is aligned with the goals of the 2030 Agenda for Sustainable Development regarding the orientation towards the mitigation and regeneration of the metabolic rift by considering a double perspective. Firstly, it strives to conceptualize the CE as a paradigm of sustainability. Its principles are established, and its techniques and tools are organized into two frameworks oriented towards causes (cradle to cradle) and effects (life cycle assessment), and these are structured under the three pillars of sustainability, for their projection within the proposed framework. Secondly, a framework is established to facilitate the implementation of the CE with the use of standards, which constitute the requirements, tools, and indicators to control each life cycle phase, and of key enabling technologies (KETs) that add circular value 4.0 to the socio-ecological transition

Cybersecurity and the future of agri-food industries

Master of AgribusinessDepartment of Agricultural EconomicsMajor Professor Not ListedThe agri-food sector has been undergoing rapid changes in the areas of food production and distribution over the past decades. Over the years, the sector has moved from disconnected, independent and uncoordinated operations to a highly interconnected, dependent and coordinated operations that have enhanced efficiency. The principal cost of this highly efficient system of production is the increased complexity and the exposure to potential risks networked organizations face in the age of the fourth industrial revolution. Increasingly, the physical value of the agri-food sector’s activities has declined even as the intangibles (data, information, insights) have increased in value. As precision agriculture becomes the mainstream and global positioning systems and RFIDs are deployed to enhance traceability and safety, the importance of data protection and security also become exponentially critical to the integrity of the system. That the sector is ahead of the general economy in the adoption of autonomous machines and artificial intelligence implies that the crucial valuation in the sector would be on data generation, organization and analytics, and machine learning. The combined complexity of these systems and processes interacting together create value and at the same time exposes the industry to significant operational risks. For while it was much difficult for cows and grains of corn to be stolen, stealing the data supporting the value embedded in these commodities is becoming increasing easy and riskier. This research is an exploratory excursion into developing an awareness of the scope of the potential risks creeping into the agri-food sector. It raises concern about the nature, typology and structure of these cybersecurity risks, that identifies the skills and capabilities that are needed for the sector to continue producing value to its customers even as it sustains its competitiveness. It focuses attention on building the internal capacities along the agri-food supply chain to ensure that all stakeholders have the appropriate capabilities and capacities to address the impending and emerging challenges. After all, every chain is as strong as its weakest link. Cybersecurity threat has become a very critical challenge facing all businesses. And the agri-food sector is not immune to the threats it presents. Being prepared is a necessary condition for securing the sector’s future

A Survey on Layer-Wise Security Attacks in IoT: Attacks, Countermeasures, and Open-Issues

© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).Security is a mandatory issue in any network, where sensitive data are transferred safely in the required direction. Wireless sensor networks (WSNs) are the networks formed in hostile areas for different applications. Whatever the application, the WSNs must gather a large amount of sensitive data and send them to an authorized body, generally a sink. WSN has integrated with Internet-of-Things (IoT) via internet access in sensor nodes along with internet-connected devices. The data gathered with IoT are enormous, which are eventually collected by WSN over the Internet. Due to several resource constraints, it is challenging to design a secure sensor network, and for a secure IoT it is essential to have a secure WSN. Most of the traditional security techniques do not work well for WSN. The merger of IoT and WSN has opened new challenges in designing a secure network. In this paper, we have discussed the challenges of creating a secure WSN. This research reviews the layer-wise security protocols for WSN and IoT in the literature. There are several issues and challenges for a secure WSN and IoT, which we have addressed in this research. This research pinpoints the new research opportunities in the security issues of both WSN and IoT. This survey climaxes in abstruse psychoanalysis of the network layer attacks. Finally, various attacks on the network using Cooja, a simulator of ContikiOS, are simulated.Peer reviewe

A Review of Current Research Trends in Power-Electronic Innovations in Cyber-Physical Systems.

In this paper, a broad overview of the current research trends in power-electronic innovations in cyber-physical systems (CPSs) is presented. The recent advances in semiconductor device technologies, control architectures, and communication methodologies have enabled researchers to develop integrated smart CPSs that can cater to the emerging requirements of smart grids, renewable energy, electric vehicles, trains, ships, internet of things (IoTs), etc. The topics presented in this paper include novel power-distribution architectures, protection techniques considering large renewable integration in smart grids, wireless charging in electric vehicles, simultaneous power and information transmission, multi-hop network-based coordination, power technologies for renewable energy and smart transformer, CPS reliability, transactive smart railway grid, and real-time simulation of shipboard power systems. It is anticipated that the research trends presented in this paper will provide a timely and useful overview to the power-electronics researchers with broad applications in CPSs.post-print2.019 K

Regulatory Perspective on Nuclear Cyber Security: The Fundamental Issues

We are living in a digital and information-driven age; hence need to retain information on virtually every aspect of our lives, nuclear information inclusive. Security in computer systems is strongly related to the notion of dependability. For such system to be reliable and secure in a nuclear facility, unauthorized logic changes must be prevented - confidentiality, field device inputs and outputs must remain immutable throughout their usable lifetime - integrity, and everything should remain in an operable state - availability. The dynamic and complex nature of cyber threats has made it a serious challenge to secure computer systems in nuclear facilities. Despite the adoption of varied cyber security services, policies, mechanisms, strategies and regulatory frameworks like confidentiality, integrity, availability, non-repudiation, encipherment, defence-in-depth, design basis threat, IAEA technical guidance documents such as: GS-R-1, GS-R-2, NSS13, NSS17, NST036, NST045, and NST047, IEEE standard 7-4.3.2-2010, NIST SP 800-53, NIST SP 800-82, NEI 08-09 and country-specific requirements such as: 10 CFR 73.54, 10 CFR 73.1, RG 5.71 (USNRC), KINS/RG-N08.22 (South Korea) respectively, the threats remain persistent. This paper is aimed at providing a regulatory perspective on nuclear cyber security, its relationship to nuclear safety and security, regulatory requirements and cyber security global best practice recommendations and strategies to prevent its occurrence. This is imperative as Nigeria prepares to join the league of countries with operational nuclear power plants and reactors by its approval and adoption of the nuclear power programme roadmap in 2007

Deep Learning -Powered Computational Intelligence for Cyber-Attacks Detection and Mitigation in 5G-Enabled Electric Vehicle Charging Station

An electric vehicle charging station (EVCS) infrastructure is the backbone of transportation electrification. However, the EVCS has various cyber-attack vulnerabilities in software, hardware, supply chain, and incumbent legacy technologies such as network, communication, and control. Therefore, proactively monitoring, detecting, and defending against these attacks is very important. The state-of-the-art approaches are not agile and intelligent enough to detect, mitigate, and defend against various cyber-physical attacks in the EVCS system. To overcome these limitations, this dissertation primarily designs, develops, implements, and tests the data-driven deep learning-powered computational intelligence to detect and mitigate cyber-physical attacks at the network and physical layers of 5G-enabled EVCS infrastructure. Also, the 5G slicing application to ensure the security and service level agreement (SLA) in the EVCS ecosystem has been studied. Various cyber-attacks such as distributed denial of services (DDoS), False data injection (FDI), advanced persistent threats (APT), and ransomware attacks on the network in a standalone 5G-enabled EVCS environment have been considered. Mathematical models for the mentioned cyber-attacks have been developed. The impact of cyber-attacks on the EVCS operation has been analyzed. Various deep learning-powered intrusion detection systems have been proposed to detect attacks using local electrical and network fingerprints. Furthermore, a novel detection framework has been designed and developed to deal with ransomware threats in high-speed, high-dimensional, multimodal data and assets from eccentric stakeholders of the connected automated vehicle (CAV) ecosystem. To mitigate the adverse effects of cyber-attacks on EVCS controllers, novel data-driven digital clones based on Twin Delayed Deep Deterministic Policy Gradient (TD3) Deep Reinforcement Learning (DRL) has been developed. Also, various Bruteforce, Controller clones-based methods have been devised and tested to aid the defense and mitigation of the impact of the attacks of the EVCS operation. The performance of the proposed mitigation method has been compared with that of a benchmark Deep Deterministic Policy Gradient (DDPG)-based digital clones approach. Simulation results obtained from the Python, Matlab/Simulink, and NetSim software demonstrate that the cyber-attacks are disruptive and detrimental to the operation of EVCS. The proposed detection and mitigation methods are effective and perform better than the conventional and benchmark techniques for the 5G-enabled EVCS