A Survey on Industrial Control System Testbeds and Datasets for Security Research

The increasing digitization and interconnection of legacy Industrial Control Systems (ICSs) open new vulnerability surfaces, exposing such systems to malicious attackers. Furthermore, since ICSs are often employed in critical infrastructures (e.g., nuclear plants) and manufacturing companies (e.g., chemical industries), attacks can lead to devastating physical damages. In dealing with this security requirement, the research community focuses on developing new security mechanisms such as Intrusion Detection Systems (IDSs), facilitated by leveraging modern machine learning techniques. However, these algorithms require a testing platform and a considerable amount of data to be trained and tested accurately. To satisfy this prerequisite, Academia, Industry, and Government are increasingly proposing testbed (i.e., scaled-down versions of ICSs or simulations) to test the performances of the IDSs. Furthermore, to enable researchers to cross-validate security systems (e.g., security-by-design concepts or anomaly detectors), several datasets have been collected from testbeds and shared with the community. In this paper, we provide a deep and comprehensive overview of ICSs, presenting the architecture design, the employed devices, and the security protocols implemented. We then collect, compare, and describe testbeds and datasets in the literature, highlighting key challenges and design guidelines to keep in mind in the design phases. Furthermore, we enrich our work by reporting the best performing IDS algorithms tested on every dataset to create a baseline in state of the art for this field. Finally, driven by knowledge accumulated during this survey's development, we report advice and good practices on the development, the choice, and the utilization of testbeds, datasets, and IDSs

Understanding vulnerabilities in cyber physical production systems

Development of future manufacturing systems is featured with flexibility, mass customization, intelligence and context based learning to produce smart products. These production systems are characterized through networked, cooperating objects called cyber physical systems (CPSs). From the manufacturing perspective, the ability to communicate data and develop interaction between devices, manufacturing machinery, raw materials, working robots, humans and the plant environment develops the concept of cyber physical production systems (CPPS). Human-robot collaboration is a technology area that will be an integrated part of the future factory floor and the CPPS. With the involvement of human part in the automated system industrial scenarios, practical safety issues are expected to arise in the connected environment due to the use of a large number of devices, sensors, and cloud services causing complex network, IP conflicts, compromised nodes and communication issues. This all may lead to occupational safety issues on the factory floor in different ways and combinations. Overall, the system's physical vulnerability will be increased in the context of compromised connected working space and cyber-security. In this paper, the authors developed a risk assessment based on system vulnerability of a CPPS developed for a use case requirement and performed a simulated approach by launching a cyber-attack and measuring the causal effect to identify implications on human worker safety

Real-Time Sensor Networks and Systems for the Industrial IoT

The Industrial Internet of Things (Industrial IoT—IIoT) has emerged as the core construct behind the various cyber-physical systems constituting a principal dimension of the fourth Industrial Revolution. While initially born as the concept behind specific industrial applications of generic IoT technologies, for the optimization of operational efficiency in automation and control, it quickly enabled the achievement of the total convergence of Operational (OT) and Information Technologies (IT). The IIoT has now surpassed the traditional borders of automation and control functions in the process and manufacturing industry, shifting towards a wider domain of functions and industries, embraced under the dominant global initiatives and architectural frameworks of Industry 4.0 (or Industrie 4.0) in Germany, Industrial Internet in the US, Society 5.0 in Japan, and Made-in-China 2025 in China. As real-time embedded systems are quickly achieving ubiquity in everyday life and in industrial environments, and many processes already depend on real-time cyber-physical systems and embedded sensors, the integration of IoT with cognitive computing and real-time data exchange is essential for real-time analytics and realization of digital twins in smart environments and services under the various frameworks’ provisions. In this context, real-time sensor networks and systems for the Industrial IoT encompass multiple technologies and raise significant design, optimization, integration and exploitation challenges. The ten articles in this Special Issue describe advances in real-time sensor networks and systems that are significant enablers of the Industrial IoT paradigm. In the relevant landscape, the domain of wireless networking technologies is centrally positioned, as expected

Kommunikation und Bildverarbeitung in der Automation

In diesem Open-Access-Tagungsband sind die besten Beiträge des 9. Jahreskolloquiums "Kommunikation in der Automation" (KommA 2018) und des 6. Jahreskolloquiums "Bildverarbeitung in der Automation" (BVAu 2018) enthalten. Die Kolloquien fanden am 20. und 21. November 2018 in der SmartFactoryOWL, einer gemeinsamen Einrichtung des Fraunhofer IOSB-INA und der Technischen Hochschule Ostwestfalen-Lippe statt. Die vorgestellten neuesten Forschungsergebnisse auf den Gebieten der industriellen Kommunikationstechnik und Bildverarbeitung erweitern den aktuellen Stand der Forschung und Technik. Die in den Beiträgen enthaltenen anschaulichen Beispiele aus dem Bereich der Automation setzen die Ergebnisse in den direkten Anwendungsbezug

Flexible Composition of Robot Logic with Computer Vision Services

Vision-based robotics is an ever-growing field within industrial automation. Demands for greater flexibility and higher quality motivate manufacturing companies to adopt these technologies for such tasks as material handling, assembly, and inspection. In addition to the direct use in the manufacturing setting, robots combined with vision systems serve as highly flexible means for realization of prototyping test-beds in the R&D context.Traditionally, the problem areas of robotics and computer vision are attacked separately. An exception is the study of vision-based servo control, the focus of which constitutes control-theoretic aspects of vision-based robot guidance under assumption that robot joints can be controlled directly. The missing part is a systemic approach to implementing robotic application with vision sensing given industrial robots constrained by their programming interface. This thesis targets the development process of vision-based robotic systems in an event-driven environment. It focuses on design and composition of three functional components: (1) robot control function, (2) image acquisition function, and (3) image processing function. The thesis approaches its goal by a combination of laboratory results, a case study of an industrial company (Kongsberg Automotive AS), and formalization of computational abstractions and architectural solutions. The image processing function is tackled with the application of reactive pipelines. The proposed system development method allows for smooth transition from early-stage vision algorithm prototyping to the integration phase. The image acquisition function in this thesis is exposed in a service-oriented manner with the help of a flexible set of concurrent computational primitives. To realize control of industrial robots, a distributed architecture is devised, which supports composability of communication-heavy robot logic, as well as flexible coupling of the robot control node with vision services

Kommunikation und Bildverarbeitung in der Automation

In diesem Open Access-Tagungsband sind die besten Beiträge des 11. Jahreskolloquiums "Kommunikation in der Automation" (KommA 2020) und des 7. Jahreskolloquiums "Bildverarbeitung in der Automation" (BVAu 2020) enthalten. Die Kolloquien fanden am 28. und 29. Oktober 2020 statt und wurden erstmalig als digitale Webveranstaltung auf dem Innovation Campus Lemgo organisiert. Die vorgestellten neuesten Forschungsergebnisse auf den Gebieten der industriellen Kommunikationstechnik und Bildverarbeitung erweitern den aktuellen Stand der Forschung und Technik. Die in den Beiträgen enthaltenen anschauliche Anwendungsbeispiele aus dem Bereich der Automation setzen die Ergebnisse in den direkten Anwendungsbezug

Organising the Implementation of Industry 4.0 in a High Value German Manufacturing Firm: A Complex Adaptive Systems Approach.

Ph. D. ThesisThis thesis addresses an important research gap in empirical qualitative evidence regarding the organisational aspects of the implementation of Industry 4.0. Whereas there is a basic understanding of the technical implementation in the factory plant, the understanding of the implementation from an organisational perspective is limited. A holistic single case study with 35 semi-structured expert interviews enabled a deep exploration of an implementation in a real-world context at the firm level. The findings demonstrate how a high value German manufacturing company has implemented Industry 4.0, as well as why this firm implemented as it did. Several elements are thematically analysed, representing important examples of how manufacturing firms can organise the implementation of Industry 4.0 in praxis. Covering the three areas of actions, influences and relationships, the implications of the analysed elements are discussed in relation to six theoretical themes, namely centralisation vs. decentralisation, diffusion of new ideas, working in teams, trust, open innovation and path dependence. This thesis represents the first existing study that understands the implementation of Industry 4.0 as a Complex Adaptive System of interrelated system elements which continuously evolve over time. In this sense, a newly developed system model acknowledges important relationship characteristics that lead to a more comprehensive perspective on the complex implementation of Industry 4.0. This thesis contributes to the research field by being the first study to suggest a “dual approach” encompassing important decentralised as well as centralised implementation patterns for a successful process. It furthermore demonstrates how workforce concerns regarding job security significantly influence the emergence of system elements regarding change management during the implementation of Industry 4.0. The thesis offers academic contributions to the Industry 4.0 implementation literature, as well as organisational elements recommended for practitioners when organising the implementation of Industry 4.0

A Scalable and Secure System Architecture for Smart Buildings

Recent years has seen profound changes in building technologies both in Europe and worldwide. With the emergence of Smart Grid and Smart City concepts, the Smart Building has attracted considerable attention and rapid development. The introduction of novel information and communication technologies (ICT) enables an optimized resource utilization while improving the building performance and occupants' satisfaction over a broad spectrum of operations. However, literature and industry have drawn attention to certain barriers and challenges that inhibit its universal adoption. The Smart Building is a cyber-physical system, which as a whole is more than the sum of its parts. The heterogeneous combination of systems, processes, and practices requires a multidisciplinary research. This work proposes and validates a systems engineering approach to the investigation of the identified challenges and the development of a viable architecture for the future Smart Building. Firstly, a data model for the building management system (BMS) enables a semantic abstraction of both the ICT and the building construction. A high-level application programming interface (API) facilitates the creation of generic management algorithms and external applications, independent from each Smart Building instance, promoting the intelligence portability and lowering the cost. Moreover, the proposed architecture ensures the scalability regardless of the occupant activities and the complexity of the optimization algorithms. Secondly, a real-time message-oriented middleware, as a distributed embedded architecture within the building, empowers the interoperability of the ICT devices and networks and their integration into the BMS. The middleware scales to any building construction regardless of the devices' performance and connectivity limitations, while a secure architecture ensures the integrity of data and operations. An extensive performance and energy efficiency study validates the proposed design. A "building-in-the-loop" emulation system, based on discrete-event simulation, virtualizes the Smart Building elements (e.g., loads, storage, generation, sensors, actuators, users, etc.). The high integration with the message-oriented middleware keeps the BMS agnostic to the virtual nature of the emulated instances. Its cooperative multitasking and immerse parallelism allow the concurrent emulation of hundreds of elements in real time. The virtualization facilitates the development of energy management strategies and financial viability studies on the exact building and occupant activities without a prior investment in the necessary infrastructure. This work concludes with a holistic system evaluation using a case study of a university building as a practical retrofitting estimation. It illustrates the system deployment, and highlights how a currently under development energy management system utilizes the BMS and its data analytics for demand-side management applications