Cyber-Physical Production Testbed: Literature Review and Concept Development

Many researchers use virtual and simulation-based testbed technology for research in production and maintenance optimization. Although, the virtual environment produces good results, it cannot imitate the unexpected changes that occur in actual production. There are very few physical testbeds emulating actual production environment. The aim of this paper is to present a concept of a cyber-physical production testbed based on review of Cyber-Physical Systems (CPS) testbeds in research. The testbed consists of a semi-automatic production line equipped with system monitoring tools, data analysis capabilities and commercial software. This testbed will be used for demonstration of data acquisition for production and maintenance prioritization. Additionally, the testbed will be used for research in IoT platforms for production optimization

Identifying Vulnerabilities of Industrial Control Systems using Evolutionary Multiobjective Optimisation

In this paper we propose a novel methodology to assist in identifying vulnerabilities in a real-world complex heterogeneous industrial control systems (ICS) using two evolutionary multiobjective optimisation (EMO) algorithms, NSGA-II and SPEA2. Our approach is evaluated on a well known benchmark chemical plant simulator, the Tennessee Eastman (TE) process model. We identified vulnerabilities in individual components of the TE model and then made use of these to generate combinatorial attacks to damage the safety of the system, and to cause economic loss. Results were compared against random attacks, and the performance of the EMO algorithms were evaluated using hypervolume, spread and inverted generational distance (IGD) metrics. A defence against these attacks in the form of a novel intrusion detection system was developed, using a number of machine learning algorithms. Designed approach was further tested against the developed detection methods. Results demonstrate that EMO algorithms are a promising tool in the identification of the most vulnerable components of ICS, and weaknesses of any existing detection systems in place to protect the system. The proposed approach can be used by control and security engineers to design security aware control, and test the effectiveness of security mechanisms, both during design, and later during system operation.Comment: 25 page

Identifying vulnerabilities of industrial control systems using evolutionary multiobjective optimisation

In this paper, we propose a novel methodology to assist in identifying vulnerabilities in real-world complex heterogeneous industrial control systems (ICS) using two Evolutionary Multiobjective Optimisation (EMO) algorithms, NSGA-II and SPEA2. Our approach is evaluated on a well-known benchmark chemical plant simulator, the Tennessee Eastman (TE) process model. We identified vulnerabilities in individual components of the TE model and then made use of these vulnerabilities to generate combinatorial attacks. The generated attacks were aimed at compromising the safety of the system and inflicting economic loss. Results were compared against random attacks, and the performance of the EMO algorithms was evaluated using hypervolume, spread, and inverted generational distance (IGD) metrics. A defence against these attacks in the form of a novel intrusion detection system was developed, using machine learning algorithms. The designed approach was further tested against the developed detection methods. The obtained results demonstrate that the developed EMO approach is a promising tool in the identification of the vulnerable components of ICS, and weaknesses of any existing detection systems in place to protect the system. The proposed approach can serve as a proactive defense tool for control and security engineers to identify and prioritise vulnerabilities in the system. The approach can be employed to design resilient control strategies and test the effectiveness of security mechanisms, both in the design stage and during the operational phase of the system

Assessing the Impact of Cyber Attacks on Interdependent Physical Systems

Considerable research has focused on securing SCADA systems and the physical processes they control, but an effective framework for the real-time impact assessment of cyber attacks on SCADA systems is not yet available. This paper attempts to address the problem by proposing an innovative framework based on the mixed holistic reductionist methodology. The framework supports real-time impact assessments that take into account the interdependencies existing between critical infrastructures that are supervised and controlled by SCADA systems. Holistic and reductionist approaches are complementary approaches that support situation assessment and evaluations of the risk and consequences arising from infrastructure interdependencies. The application of the framework to a sample scenario on a realistic testbed demonstrates the effectiveness of the framework for risk and impact assessments