1,381 research outputs found
Towards a Staging Environment for the Internet of Things
Internet of Things (IoT) applications promise to make many aspects of our
lives more efficient and adaptive through the use of distributed sensing and
computing nodes. A central aspect of such applications is their complex
communication behavior that is heavily influenced by the physical environment
of the system. To continuously improve IoT applications, a staging environment
is needed that can provide operating conditions representative of deployments
in the actual production environments -- similar to what is common practice in
cloud application development today. Towards such a staging environment, we
present Marvis, a framework that orchestrates hybrid testbeds, co-simulated
domain environments, and a central network simulation for testing distributed
IoT applications. Our preliminary results include an open source prototype and
a demonstration of a Vehicle-to-everything (V2X) communication scenario
Cyber Security and Critical Infrastructures
This book contains the manuscripts that were accepted for publication in the MDPI Special Topic "Cyber Security and Critical Infrastructure" after a rigorous peer-review process. Authors from academia, government and industry contributed their innovative solutions, consistent with the interdisciplinary nature of cybersecurity. The book contains 16 articles: an editorial explaining current challenges, innovative solutions, real-world experiences including critical infrastructure, 15 original papers that present state-of-the-art innovative solutions to attacks on critical systems, and a review of cloud, edge computing, and fog's security and privacy issues
Vulnerability modelling and mitigation strategies for hybrid networks
Hybrid networks nowadays consist of traditional IT components, Internet of Things (IoT) and industrial control systems (ICS) nodes with varying characteristics, making them genuinely heterogeneous in nature. Historically evolving from traditional internet-enabled IT servers, hybrid networks allow organisations to strengthen cybersecurity, increase flexibility, improve efficiency, enhance reliability, boost remote connectivity and easy management. Though hybrid networks offer significant benefits from business and operational perspectives, this integration has increased the complexity and security challenges to all connected nodes. The IT servers of these hybrid networks are high-budget devices with tremendous processing power and significant storage capacity. In contrast, IoT nodes are low-cost devices with limited processing power and capacity. In addition, the ICS nodes are programmed for dedicated functions with the least interference. The available cybersecurity solutions for hybrid networks are either for specific node types or address particular weaknesses. Due to these distinct characteristics, these solutions may place other nodes in vulnerable positions. This study addresses this gap by proposing a comprehensive vulnerability modelling and mitigation strategy. This proposed solution equally applies to each node type of hybrid network while considering their unique characteristics. For this purpose, the industry-wide adoption of the Common Vulnerability Scoring System (CVSS) has been extended to embed the distinct characteristics of each node type in a hybrid network. To embed IoT features, the âattack vectorsâ and âattack complexity vectorsâ are modified and another metric âhuman safety indexâ, is integrated in the âBase metric groupâ of CVSS. In addition, the ICS related characteristics are included in the âEnvironmental metric groupâ of CVSS. This metric group is further enhanced to reflect the node resilience capabilities when evaluating the vulnerability score. The resilience of a node is evaluated by analysing the complex relationship of numerous contributing cyber security factors and practices. The evolved CVSSR-IoT-ICS framework proposed in the thesis measures the given vulnerabilities by adopting the unique dynamics of each node. These vulnerability scores are then mapped in the attack tree to reveal the critical nodes and shortest path to the target node. The mitigating strategy framework suggests the most efficient mitigation strategy to counter vulnerabilities by examining the nodeâs functionality, its locality, centrality, criticality, cascading impacts, available resources, and performance thresholds. Various case studies were conducted to analyse and evaluate our proposed vulnerability modelling and mitigation strategies on realistic supply chain systems. These analyses and evaluations confirm that the proposed solutions are highly effective for modelling the vulnerabilities while the mitigation strategies reduce the risks in dynamic and resource-constrained environments. The unified vulnerability modelling of hybrid networks minimises ambiguities, reduces complexities and identifies hidden deficiencies. It also improves system reliability and performance of heterogeneous networks while at the same time gaining acceptance for a universal vulnerability modelling framework across the cyber industry. The contributions have been published in reputable journals and conferences.Doctor of Philosoph
Internet of Robotic Things Intelligent Connectivity and Platforms
The Internet of Things (IoT) and Industrial IoT (IIoT) have developed rapidly in the past few years, as both the Internet and âthingsâ have evolved significantly. âThingsâ now range from simple Radio Frequency Identification (RFID) devices to smart wireless sensors, intelligent wireless sensors and actuators, robotic things, and autonomous vehicles operating in consumer, business, and industrial environments. The emergence of âintelligent thingsâ (static or mobile) in collaborative autonomous fleets requires new architectures, connectivity paradigms, trustworthiness frameworks, and platforms for the integration of applications across different business and industrial domains. These new applications accelerate the development of autonomous system design paradigms and the proliferation of the Internet of Robotic Things (IoRT). In IoRT, collaborative robotic things can communicate with other things, learn autonomously, interact safely with the environment, humans and other things, and gain qualities like self-maintenance, self-awareness, self-healing, and fail-operational behavior. IoRT applications can make use of the individual, collaborative, and collective intelligence of robotic things, as well as information from the infrastructure and operating context to plan, implement and accomplish tasks under different environmental conditions and uncertainties. The continuous, real-time interaction with the environment makes perception, location, communication, cognition, computation, connectivity, propulsion, and integration of federated IoRT and digital platforms important components of new-generation IoRT applications. This paper reviews the taxonomy of the IoRT, emphasizing the IoRT intelligent connectivity, architectures, interoperability, and trustworthiness framework, and surveys the technologies that enable the application of the IoRT across different domains to perform missions more efficiently, productively, and completely. The aim is to provide a novel perspective on the IoRT that involves communication among robotic things and humans and highlights the convergence of several technologies and interactions between different taxonomies used in the literature.publishedVersio
Towards edge robotics: the progress from cloud-based robotic systems to intelligent and context-aware robotic services
Current robotic systems handle a different range of applications such as video surveillance, delivery
of goods, cleaning, material handling, assembly, painting, or pick and place services. These systems
have been embraced not only by the general population but also by the vertical industries to
help them in performing daily activities. Traditionally, the robotic systems have been deployed in
standalone robots that were exclusively dedicated to performing a specific task such as cleaning the
floor in indoor environments. In recent years, cloud providers started to offer their infrastructures
to robotic systems for offloading some of the robotâs functions. This ultimate form of the distributed
robotic system was first introduced 10 years ago as cloud robotics and nowadays a lot of robotic solutions
are appearing in this form. As a result, standalone robots became software-enhanced objects
with increased reconfigurability as well as decreased complexity and cost. Moreover, by offloading
the heavy processing from the robot to the cloud, it is easier to share services and information from
various robots or agents to achieve better cooperation and coordination.
Cloud robotics is suitable for human-scale responsive and delay-tolerant robotic functionalities
(e.g., monitoring, predictive maintenance). However, there is a whole set of real-time robotic applications
(e.g., remote control, motion planning, autonomous navigation) that can not be executed with
cloud robotics solutions, mainly because cloud facilities traditionally reside far away from the robots.
While the cloud providers can ensure certain performance in their infrastructure, very little can be
ensured in the network between the robots and the cloud, especially in the last hop where wireless
radio access networks are involved. Over the last years advances in edge computing, fog computing,
5G NR, network slicing, Network Function Virtualization (NFV), and network orchestration are stimulating
the interest of the industrial sector to satisfy the stringent and real-time requirements of their
applications. Robotic systems are a key piece in the industrial digital transformation and their benefits
are very well studied in the literature. However, designing and implementing a robotic system
that integrates all the emerging technologies and meets the connectivity requirements (e.g., latency,
reliability) is an ambitious task.
This thesis studies the integration of modern Information andCommunication Technologies (ICTs)
in robotic systems and proposes some robotic enhancements that tackle the real-time constraints of
robotic services. To evaluate the performance of the proposed enhancements, this thesis departs
from the design and prototype implementation of an edge native robotic system that embodies the concepts of edge computing, fog computing, orchestration, and virtualization. The proposed edge
robotics system serves to represent two exemplary robotic applications. In particular, autonomous
navigation of mobile robots and remote-control of robot manipulator where the end-to-end robotic
system is distributed between the robots and the edge server. The open-source prototype implementation
of the designed edge native robotic system resulted in the creation of two real-world testbeds
that are used in this thesis as a baseline scenario for the evaluation of new innovative solutions in
robotic systems.
After detailing the design and prototype implementation of the end-to-end edge native robotic
system, this thesis proposes several enhancements that can be offered to robotic systems by adapting
the concept of edge computing via the Multi-Access Edge Computing (MEC) framework. First, it
proposes exemplary network context-aware enhancements in which the real-time information about
robot connectivity and location can be used to dynamically adapt the end-to-end system behavior to
the actual status of the communication (e.g., radio channel). Three different exemplary context-aware
enhancements are proposed that aim to optimize the end-to-end edge native robotic system. Later,
the thesis studies the capability of the edge native robotic system to offer potential savings by means of
computation offloading for robot manipulators in different deployment configurations. Further, the
impact of different wireless channels (e.g., 5G, 4G andWi-Fi) to support the data exchange between a
robot manipulator and its remote controller are assessed.
In the following part of the thesis, the focus is set on how orchestration solutions can support
mobile robot systems to make high quality decisions. The application of OKpi as an orchestration algorithm
and DLT-based federation are studied to meet the KPIs that autonomously controlledmobile
robots have in order to provide uninterrupted connectivity over the radio access network. The elaborated
solutions present high compatibility with the designed edge robotics system where the robot
driving range is extended without any interruption of the end-to-end edge robotics service. While the
DLT-based federation extends the robot driving range by deploying access point extension on top of
external domain infrastructure, OKpi selects the most suitable access point and computing resource
in the cloud-to-thing continuum in order to fulfill the latency requirements of autonomously controlled
mobile robots.
To conclude the thesis the focus is set on how robotic systems can improve their performance by
leveraging Artificial Intelligence (AI) and Machine Learning (ML) algorithms to generate smart decisions.
To do so, the edge native robotic system is presented as a true embodiment of a Cyber-Physical
System (CPS) in Industry 4.0, showing the mission of AI in such concept. It presents the key enabling
technologies of the edge robotic system such as edge, fog, and 5G, where the physical processes are
integrated with computing and network domains. The role of AI in each technology domain is identified
by analyzing a set of AI agents at the application and infrastructure level. In the last part of the
thesis, the movement prediction is selected to study the feasibility of applying a forecast-based recovery
mechanism for real-time remote control of robotic manipulators (FoReCo) that uses ML to infer
lost commands caused by interference in the wireless channel. The obtained results are showcasing
the its potential in simulation and real-world experimentation.Programa de Doctorado en IngenierĂa TelemĂĄtica por la Universidad Carlos III de MadridPresidente: Karl Holger.- Secretario: Joerg Widmer.- Vocal: Claudio Cicconett
Cybersecurity of Industrial Cyber-Physical Systems: A Review
Industrial cyber-physical systems (ICPSs) manage critical infrastructures by
controlling the processes based on the "physics" data gathered by edge sensor
networks. Recent innovations in ubiquitous computing and communication
technologies have prompted the rapid integration of highly interconnected
systems to ICPSs. Hence, the "security by obscurity" principle provided by
air-gapping is no longer followed. As the interconnectivity in ICPSs increases,
so does the attack surface. Industrial vulnerability assessment reports have
shown that a variety of new vulnerabilities have occurred due to this
transition while the most common ones are related to weak boundary protection.
Although there are existing surveys in this context, very little is mentioned
regarding these reports. This paper bridges this gap by defining and reviewing
ICPSs from a cybersecurity perspective. In particular, multi-dimensional
adaptive attack taxonomy is presented and utilized for evaluating real-life
ICPS cyber incidents. We also identify the general shortcomings and highlight
the points that cause a gap in existing literature while defining future
research directions.Comment: 32 pages, 10 figure
Recommended from our members
Modeling industry 4.0 based fog computing environments for application analysis and deployment
The extension of the Cloud to the Edge of the network through Fog Computing can have a significant impact on the reliability and latencies of deployed applications. Recent papers have suggested a shift from VM and Container based deployments to a shared environment among applications to better utilize resources. Unfortunately, the existing deployment and optimization methods pay little attention to developing and identifying complete models to such systems which may cause large inaccuracies between simulated and physical run-time parameters. Existing models do not account for application interdependence or the locality of application resources which causes extra communication and processing delays. This paper addresses these issues by carrying out experiments in both cloud and edge systems with various scales and applications. It analyses the outcomes to derive a new reference model with data driven parameter formulations and representations to help understand the effect of migration on these systems. As a result, we can have a more complete characterization of the fog environment. This, together with tailored optimization methods than can handle the heterogeneity and scale of the fog can improve the overall system run-time parameters and improve constraint satisfaction. An Industry 4.0 based case study with different scenarios was used to analyze and validate the effectiveness of the proposed model. Tests were deployed on physical and virtual environments with different scales. The advantages of the model based optimization methods were validated in real physical environments. Based on these tests, we have found that our model is 90% accurate on load and delay predictions for application deployments in both cloud and edge
The Need of Multidisciplinary Approaches and Engineering Tools for the Development and Implementation of the Smart City Paradigm
This paper is motivated by the concept that the successful, effective, and sustainable implementation of the smart city paradigm requires a close cooperation among researchers with different, complementary interests and, in most cases, a multidisciplinary approach. It first briefly discusses how such a multidisciplinary methodology, transversal to various disciplines such as architecture, computer science, civil engineering, electrical, electronic and telecommunication engineering, social science and behavioral science, etc., can be successfully employed for the development of suitable modeling tools and real solutions of such sociotechnical systems. Then, the paper presents some pilot projects accomplished by the authors within the framework of some major European Union (EU) and national research programs, also involving the Bologna municipality and some of the key players of the smart city industry. Each project, characterized by different and complementary approaches/modeling tools, is illustrated along with the relevant contextualization and the advancements with respect to the state of the art
- âŚ