Securing Critical Infrastructures

1noL'abstract è presente nell'allegato / the abstract is in the attachmentopen677. INGEGNERIA INFORMATInoopenCarelli, Albert

PLECO: New energy-aware programming languages and eco-systems for the Internet of Things

This paper outlines the aims of the Programming Language ECO-system (PLECO) to create new energy-aware programming languages and eco-systems for the Internet of Things (IoT). It builds upon the Lantern language and focuses on energy-awareness, security, resilience and communications for the large infrastructure underpinning the next generation of IoT. The paper outlines how IoT applications and deployments need to be developed in an energy-aware, secure and cost-effective manner using new secure, robust and energy-focused programming languages and the importance of taking such an approach

A Survey of Techniques For Improving Energy Efficiency in Embedded Computing Systems

Recent technological advances have greatly improved the performance and features of embedded systems. With the number of just mobile devices now reaching nearly equal to the population of earth, embedded systems have truly become ubiquitous. These trends, however, have also made the task of managing their power consumption extremely challenging. In recent years, several techniques have been proposed to address this issue. In this paper, we survey the techniques for managing power consumption of embedded systems. We discuss the need of power management and provide a classification of the techniques on several important parameters to highlight their similarities and differences. This paper is intended to help the researchers and application-developers in gaining insights into the working of power management techniques and designing even more efficient high-performance embedded systems of tomorrow

Securing IT/OT Links for Low Power IIoT Devices:Design considerations for industry 4.0

Manufacturing is facing a host of new security challenges due to the convergence of information technology (IT) and operational technology (OT) in the industry. This article addresses the challenges that arise due to the use of low power Industrial Internet of Things (IIoT) devices in modular manufacturing systems of Industry 4.0. First, we analyze security challenges concerning the manufacturing execution system (MES) and programmable logic controllers (PLC) in IIoT through a selective literature review. Second, we present an exploratory case study to determine a protocol for cryptographic key management and key exchange suitable for the Smart Production Lab of Aalborg University (a learning cyber-physical factory). Finally, we combine the findings of the case study with a quality function deployment (QFD) method to determine design requirements for Industry 4.0. We identify specific requirements from both the high-level domain of factory capabilities and the low-level domain of cryptography and translate requirements between these domains using a QFD analysis. The recommendations for designing a secure smart factory focus on how security can be implemented for low power and low-cost IIoT devices. Even though there have been a few studies on securing IT to OT data exchange, we conclude that the field is not yet in a state where it can be applied in practice with confidence

TEACHING INDUSTRY 4.0

Industry 4.0 is a term that was introduced by the German government at the time of the Hannover Fair in 2011 in relation to an initiative brought forward to support German industry in addressing future challenges. It refers to the 4th industrial revolution, in which disruptive digital technologies, such as the Internet of Things (IoT), robotics, virtual reality (VR), and artificial intelligence (AI), are exercising a notable impact on industrial production.Industry 4.0 takes the emphasis on digital technology of recent decades to a whole new level with the help of interconnectivity through the Internet of Things (IoT), real-time data access, and the introduction of cyber-physical systems.This paper focuses on the design of an educational module for higher education mechatronics students. Introducing Industry 4.0 into a mechatronics curriculum will reinforce the integration of student competences in flexible and rapid manufacturing. The module includes notions of machine learning and deep machine learning, which are essential in robotics and behavioral robotics and closely interact with control theory. The results of a pilot training activity in the field are also illustrated and discussed.

Deep Learning-Based, Passive Fault Tolerant Control Facilitated by a Taxonomy of Cyber-Attack Effects

In the interest of improving the resilience of cyber-physical control systems to better operate in the presence of various cyber-attacks and/or faults, this dissertation presents a novel controller design based on deep-learning networks. This research lays out a controller design that does not rely on fault or cyber-attack detection. Being passive, the controller’s routine operating process is to take in data from the various components of the physical system, holistically assess the state of the physical system using deep-learning networks and decide the subsequent round of commands from the controller. This use of deep-learning methods in passive fault tolerant control (FTC) is unique in the research literature. The proposed controller is applied to both linear and nonlinear systems. Additionally, the application and testing are accomplished with both actuators and sensors being affected by attacks and /or faults

A critical review of cyber-physical security for building automation systems

Modern Building Automation Systems (BASs), as the brain that enables the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as optimized automation via outsourced cloud analytics and increased building-grid integrations. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber-secure resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber-secure resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro

Industry 4.0: current trend and future scope for further research in High Performance Manufacturing

The fourth industrial revolution requires that personalization processes of mass productions evolve towards flexible, interconnected, cloud production with greater automation in its machines and operations, called Industry 4.0 (I4.0). However, a homogeneous I4.0 concept, infrastructure state, and other issues are still scarce, making difficult to determinate in the specialized literature, the threshold between recent manufacturing and challenges that companies had to reach competitive advantage through I4.0 inclusion. Despite becoming one of the most popular strategies for continuous improvement, many plants are struggling to turn I4.0 into a success. Therefore, this paper analyzes the current trends of Industry 4.0 in High Performance Manufacturing (HPM), aiming to consolidate the existing knowledge on both subjects, providing a starting point for academics and practitioners seeking to implement I4.0 in plants and offering suggestions for future examination. This systematic literature review aims to synthesize, organize, and structure the stock of knowledge relating to I4.0 and HPM. The results show that HPM papers do not evidence a holistic evaluation of I.40 principles and foundations. There exists in HPM literature manufacturing practices that permit evaluate technology inclusion and their performance but not their autonomy, cloud computing and network between machines, supplier, and processes. The HPM papers trends are related with issues such as adaptability, flexibility, reconfigurability, new information technologies, modularity, automation, etc. Regarding study limitations, it is necessary to study current I4.0 adoption level, technological infrastructure, and cultural factors. The practical implications are focused in the identification of manufacturing practices used in specialized literature to measure how technology inclusion increase companies’ performance, proving the technological infrastructure and I4.0 maturity level. The originality of this paper converges on the presentation of some manufacturing practices applied on HPM studies which are associated with I4.0