Security framework for industrial collaborative robotic cyber-physical systems

The paper introduces a security framework for the application of human-robot collaboration in a futuristic industrial cyber-physical system (CPS) context of industry 4.0. The basic elements and functional requirements of a secure collaborative robotic cyber-physical system are explained and then the cyber-attack modes are discussed in the context of collaborative CPS whereas a defense mechanism strategy is proposed for such a complex system. The cyber-attacks are categorized according to the extent on controllability and the possible effects on the performance and efficiency of such CPS. The paper also describes the severity and categorization of such cyber-attacks and the causal effect on the human worker safety during human-robot collaboration. Attacks in three dimensions of availability, authentication and confidentiality are proposed as the basis of a consolidated mitigation plan. We propose a security framework based on a two-pronged strategy where the impact of this methodology is demonstrated on a teleoperation benchmark (NeCS-Car). The mitigation strategy includes enhanced data security at important interconnected adaptor nodes and development of an intelligent module that employs a concept similar to system health monitoring and reconfiguration

Security and privacy issues of physical objects in the IoT: Challenges and opportunities

In the Internet of Things (IoT), security and privacy issues of physical objects are crucial to the related applications. In order to clarify the complicated security and privacy issues, the life cycle of a physical object is divided into three stages of pre-working, in-working, and post-working. On this basis, a physical object-based security architecture for the IoT is put forward. According to the security architecture, security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail. Considering the development of IoT technologies, potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized. At the same time, possible directions for dealing with these challenges are also pointed out

Wireless mobile ad-hoc sensor networks for very large scale cattle monitoring

This paper investigates the use of wireless mobile ad hoc sensor networks in the nationwide cattle monitoring systems. This problem is essential for monitoring general animal health and detecting outbreaks of animal diseases that can be a serious threat for the national cattle industry and human health. We begin by describing a number of related approaches for supporting animal monitoring applications and identify a comprehensive set of requirements that guides our approach. We then propose a novel infrastructure-less, self -organized peer to peer architecture that fulfills these requirements. The core of our work is the novel data storage and routing protocol for large scale, highly mobile ad hoc sensor networks that is based on the Distributed Hash Table (DHT) substrate that we optimize for disconnections. We show over a range of extensive simulations that by exploiting nodes’ mobility, packet overhearing and proactive caching we significantly improve availability of sensor data in these extreme conditions

Attack-Surface Metrics, OSSTMM and Common Criteria Based Approach to “Composable Security” in Complex Systems

In recent studies on Complex Systems and Systems-of-Systems theory, a huge effort has been put to cope with behavioral problems, i.e. the possibility of controlling a desired overall or end-to-end behavior by acting on the individual elements that constitute the system itself. This problem is particularly important in the “SMART” environments, where the huge number of devices, their significant computational capabilities as well as their tight interconnection produce a complex architecture for which it is difficult to predict (and control) a desired behavior; furthermore, if the scenario is allowed to dynamically evolve through the modification of both topology and subsystems composition, then the control problem becomes a real challenge. In this perspective, the purpose of this paper is to cope with a specific class of control problems in complex systems, the “composability of security functionalities”, recently introduced by the European Funded research through the pSHIELD and nSHIELD projects (ARTEMIS-JU programme). In a nutshell, the objective of this research is to define a control framework that, given a target security level for a specific application scenario, is able to i) discover the system elements, ii) quantify the security level of each element as well as its contribution to the security of the overall system, and iii) compute the control action to be applied on such elements to reach the security target. The main innovations proposed by the authors are: i) the definition of a comprehensive methodology to quantify the security of a generic system independently from the technology and the environment and ii) the integration of the derived metrics into a closed-loop scheme that allows real-time control of the system. The solution described in this work moves from the proof-of-concepts performed in the early phase of the pSHIELD research and enrich es it through an innovative metric with a sound foundation, able to potentially cope with any kind of pplication scenarios (railways, automotive, manufacturing, ...)

Deployment Policies to Reliably Maintain and Maximize Expected Coverage in a Wireless Sensor Network

The long-term operation of a wireless sensor network (WSN) requires the deployment of new sensors over time to restore any loss in network coverage and communication ability resulting from sensor failures. Over the course of several deployment actions it is important to consider the cost of maintaining the WSN in addition to any desired performance measures such as coverage, connectivity, or reliability. The resulting problem formulation is approached first through a time-based deployment model in which the network is restored to a fixed size at periodic time intervals. The network destruction spectrum (D-spectrum) has been introduced to estimate reliability and is more commonly applied to a static network, rather than a dynamic network where new sensors are deployed over time. We discuss how the D-spectrum can be incorporated to estimate reliability of a time-based deployment policy and the features that allow a wide range of deployment policies to be evaluated in an efficient manner. We next focus on a myopic condition-based deployment model where the network is observed at periodic time intervals and a fixed budget is available to deploy new sensors with each observation. With a limited budget available the model must address the complexity present in a dynamic network size in addition to a dynamic network topology, and the dependence of network reliability on the deployment action. We discuss how the D-spectrum can be applied to the myopic condition-based deployment problem, illustrating the value of the D-spectrum in a variety of maintenance settings beyond the traditional static network reliability problem. From the insight of the time-based and myopic condition-based deployment models, we present a Markov decision process (MDP) model for the condition-based deployment problem that captures the benefit of an action beyond the current time period. Methodology related to approximate dynamic programming (ADP) and approximate value iteration algorithms is presented to search for high quality deployment policies. In addition to the time-based and myopic condition-based deployment models, the MDP model is one of the few addressing the repeated deployment of new sensors as well as an emphasis on network reliability. For each model we discuss the relevant problem formulation, methodology to estimate network reliability, and demonstrate the performance in a range of test instances, comparing to alternative policies or models as appropriate. We conclude with a stochastic optimization model focused on a slightly different objective to maximize expected coverage with uncertainty in where a sensor lands in the network. We discuss a heuristic solution method that seeks to determine an optimal deployment of sensors, present results for a wide range of network sizes and explore the impact of sensor failures on both the model formulation and resulting deployment policy