Coordinating negotiations in data-intensive collaborative working environments using an agent-based model-driven platform

This paper tackles the interoperability problems of enterprise information systems by presenting a distributive model-driven platform for parallel coordination of multiple negotiations in data-intensive collaborative working environments. The proposed model was validated and verified by an industrial application scenario within the European research project H2020 C2NET (Cloud Collaborative Manufacturing Networks). This real scenario developed data-intensive collaborative and cloud-enabled tools that allow the optimisation of the supply network of manufacturing SMEs, proposing a negotiation solution based on a model-driven interoperable decentralised architecture.info:eu-repo/semantics/acceptedVersio

Mitigating Insider Threat Risks in Cyber-physical Manufacturing Systems

Cyber-Physical Manufacturing System (CPMS)—a next generation manufacturing system—seamlessly integrates digital and physical domains via the internet or computer networks. It will enable drastic improvements in production flexibility, capacity, and cost-efficiency. However, enlarged connectivity and accessibility from the integration can yield unintended security concerns. The major concern arises from cyber-physical attacks, which can cause damages to the physical domain while attacks originate in the digital domain. Especially, such attacks can be performed by insiders easily but in a more critical manner: Insider Threats. Insiders can be defined as anyone who is or has been affiliated with a system. Insiders have knowledge and access authentications of the system\u27s properties, therefore, can perform more serious attacks than outsiders. Furthermore, it is hard to detect or prevent insider threats in CPMS in a timely manner, since they can easily bypass or incapacitate general defensive mechanisms of the system by exploiting their physical access, security clearance, and knowledge of the system vulnerabilities. This thesis seeks to address the above issues by developing an insider threat tolerant CPMS, enhanced by a service-oriented blockchain augmentation and conducting experiments & analysis. The aim of the research is to identify insider threat vulnerabilities and improve the security of CPMS. Blockchain\u27s unique distributed system approach is adopted to mitigate the insider threat risks in CPMS. However, the blockchain limits the system performance due to the arbitrary block generation time and block occurrence frequency. The service-oriented blockchain augmentation is providing physical and digital entities with the blockchain communication protocol through a service layer. In this way, multiple entities are integrated by the service layer, which enables the services with less arbitrary delays while retaining their strong security from the blockchain. Also, multiple independent service applications in the service layer can ensure the flexibility and productivity of the CPMS. To study the effectiveness of the blockchain augmentation against insider threats, two example models of the proposed system have been developed: Layer Image Auditing System (LIAS) and Secure Programmable Logic Controller (SPLC). Also, four case studies are designed and presented based on the two models and evaluated by an Insider Attack Scenario Assessment Framework. The framework investigates the system\u27s security vulnerabilities and practically evaluates the insider attack scenarios. The research contributes to the understanding of insider threats and blockchain implementations in CPMS by addressing key issues that have been identified in the literature. The issues are addressed by EBIS (Establish, Build, Identify, Simulation) validation process with numerical experiments and the results, which are in turn used towards mitigating insider threat risks in CPMS

A model-driven perspective on the rule-based specification and analysis of service-based applications

The focus in this position paper is on business rules as a means to raise the level of abstraction (and automation) at which business logic is incorporated in model-driven application design in the context of service-oriented architectures. More specifically, in addition to providing a classification framework for business rules and investigating the existing standards and languages for the formal specification of business rules, we propose a model-driven framework for the rule-based design of services. We provide an example to illustrate this framework and to demonstrate the role business rules can play in the context of model driven development (MDD) of service-oriented architectures (SOAs). Furthermore, we also explore, in terms of existing tool support, the extent to which the model-driven design process can be complemented and combined with business rules written in nearly natural language, which can become, at the platform-specific level, an executable way to specify business knowledge and decisions