Cyber-physical architecture assisted by programmable networking

Cyber-physical technologies are prone to attacks, in addition to faults and failures. The issue of protecting cyber-physical systems should be tackled by jointly addressing security at both cyber and physical domains, in order to promptly detect and mitigate cyber-physical threats. Towards this end, this letter proposes a new architecture combining control-theoretic solutions together with programmable networking techniques to jointly handle crucial threats to cyber-physical systems. The architecture paves the way for new interesting techniques, research directions, and challenges which we discuss in our work.Comment: 8 pages, 3 figures, pre-prin

Software Defined Networks based Smart Grid Communication: A Comprehensive Survey

The current power grid is no longer a feasible solution due to ever-increasing user demand of electricity, old infrastructure, and reliability issues and thus require transformation to a better grid a.k.a., smart grid (SG). The key features that distinguish SG from the conventional electrical power grid are its capability to perform two-way communication, demand side management, and real time pricing. Despite all these advantages that SG will bring, there are certain issues which are specific to SG communication system. For instance, network management of current SG systems is complex, time consuming, and done manually. Moreover, SG communication (SGC) system is built on different vendor specific devices and protocols. Therefore, the current SG systems are not protocol independent, thus leading to interoperability issue. Software defined network (SDN) has been proposed to monitor and manage the communication networks globally. This article serves as a comprehensive survey on SDN-based SGC. In this article, we first discuss taxonomy of advantages of SDNbased SGC.We then discuss SDN-based SGC architectures, along with case studies. Our article provides an in-depth discussion on routing schemes for SDN-based SGC. We also provide detailed survey of security and privacy schemes applied to SDN-based SGC. We furthermore present challenges, open issues, and future research directions related to SDN-based SGC.Comment: Accepte

Autonomic computing meets SCADA security

© 2017 IEEE. National assets such as transportation networks, large manufacturing, business and health facilities, power generation, and distribution networks are critical infrastructures. The cyber threats to these infrastructures have increasingly become more sophisticated, extensive and numerous. Cyber security conventional measures have proved useful in the past but increasing sophistication of attacks dictates the need for newer measures. The autonomic computing paradigm mimics the autonomic nervous system and is promising to meet the latest challenges in the cyber threat landscape. This paper provides a brief review of autonomic computing applications for SCADA systems and proposes architecture for cyber security

An Open Internet of Things System Architecture Based on Software-Defined Device

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The Internet of Things(IoT) connects more and more devices and supports an ever-growing diversity of applications. The heterogeneity of the cross-industry and cross-platform device resources is one of the main challenges to realize the unified management and information sharing, ultimately the large-scale uptake of the IoT. Inspired by software-defined networking(SDN), we propose the concept of software-defined device(SDD) and further elaborate its definition and operational mechanism from the perspective of cyber-physical mapping. Based on the device-as-a-software concept, we develop an open Internet of Things system architecture which decouples upper-level applications from the underlying physical devices through the SDD mechanism. A logically centralized controller is designed to conveniently manage physical devices and flexibly provide the device discovery service and the device control interfaces for various application requests. We also describe an application use scenario which illustrates that the SDD-based system architecture can implement the unified management, sharing, reusing, recombining and modular customization of device resources in multiple applications, and the ubiquitous IoT applications can be interconnected and intercommunicated on the shared physical devices

PLC Virtualization and Software Defined Architectures in Industrial Control Systems

Today’s automation systems are going through a transition called Industry 4.0, referring to the Fourth Industrial Revolution. New concepts, such as cyber-physical systems, mi-croservices and Smart Factory are introduced. This brings up the question of how some of these new technologies can be utilized in Industrial Control Systems. Machines and production lines are nowadays controlled by hardware PLCs and this is considered as a state-of-the-art solution. However, the market demands are continuously increasing and pushing the industry e.g. to lower the operational costs and to develop more agile solutions. Industry 4.0 provides promising approaches to take a step forward and consider PLC virtualization. The purpose of this thesis was to evaluate PLC virtualization possibilities using different Software Defined Architectures. Requirements and benefits of different solutions were evaluated. The major objective of the case study was to compare container- and hypervisor-based virtualization solutions using Docker and KVM. The case study provides a modular and scalable IIoT solution in which a virtual PLC takes over the control instead of a hardware PLC. Node-RED was used as a runtime environment and an I/O-module was needed to set up a control loop test. Response time of the control loop was measured by capturing Modbus traffic with tcpdump. Multiple iterations were performed to show minimum, maximum, average, median and 90th pctl. latencies. The results indicate that the container-based solution has a smaller overhead than the hypervisor-based solution and it has a very little overhead in general. Peak latencies are a concern and even the average latencies show that this solution would not be suitable for any hard real-time or safety-related applications. Further investigation on the topic would be needed to estimate the actual potential of PLC virtualization on hard real-time applications. First of all, a more powerful hardware PC would be needed to perform such tests. Secondly, a faster industrial protocol than Modbus TCP/IP would be required. Perhaps another kind of approach would be needed to overcome the issues that were experienced in this case study. It would be interesting to test a direct communication between virtual PLC and I/O and use Node-RED nodes for example to trigger inputs. Anyhow, it seems that container-based solution is holding much promise as a virtualization approach