Daydreaming factories

Optimisation of factories, a cornerstone of production engineering for the past half century, relies on formulating the challenges with limited degrees of freedom. In this paper, technological advances are reviewed to propose a “daydreaming” framework for factories that use their cognitive capacity for looking into the future or “foresighting”. Assessing and learning from the possible eventualities enable breakthroughs with many degrees of freedom and make daydreaming factories antifragile. In these factories with augmented and reciprocal learning and foresighting processes, revolutionary reactions to external and internal stimuli are unnecessary and industrial co-evolution of people, processes and products will replace industrial revolutions

Twin Based Continuous Patching To Minimize Cyber Risk

AbstractDigital twins are virtual replicas to simulate the behavior of physical devices before they are built and to support their maintenance. We extend this technology to cybersecurity and integrate it with adversary emulation to define a remediation policy that selects and schedules patches for the vulnerabilities of an information and communication infrastructure before threat actors can exploit them. Distinct twins model, respectively, the infrastructure and threat actors. The former twin describes the infrastructure modules, their vulnerabilities, and the elementary attacks actors can implement. The attributes of the twin of a threat actor describe its attack surface, its goals, how it selects attacks, and it handles attack failures. The Haruspex software platform builds the twins of the infrastructure and those of the threat actors, and it automates the emulation of an actor. In this way, it can discover the attack paths the actor implements without disturbing the infrastructure. In each path, the actor composes elementary attacks to reach its goal. Multiple emulations can discover all the paths of an actor by covering stochastic factors such as attack success or failure. The knowledge of these paths enables the remediation policy to minimize the patches to deploy. Since new vulnerabilities continuously become public, new countermeasures are needed. A twin-based approach supports a continuous remediation process to handle changes in the infrastructure, new vulnerabilities, and new threat actors because the platform can update the twins and run adversary emulations. If new attack paths exist, the platform applies the remediation policy. Experimental data confirm the effectiveness of this approach

Facebook’s Cyber–Cyber and Cyber–Physical Digital Twins

A cyber-cyber digital twin is a simulation of a software system. By contrast, a cyber-physical digital twin is a simulation of a non-software (physical) system. Although cyber-physical digital twins have received a lot of recent attention, their cyber-cyber counterparts have been comparatively overlooked. In this paper we show how the unique properties of cyber-cyber digital twins open up exciting opportunities for research and development. Like all digital twins, the cyber-cyber digital twin is both informed by and informs the behaviour of the twin it simulates. It is therefore a software system that simulates another software system, making it conceptually truly a twin, blurring the distinction between the simulated and the simulator. Cyber-cyber digital twins can be twins of other cyber-cyber digital twins, leading to a hierarchy of twins. As we shall see, these apparently philosophical observations have practical ramifications for the design, implementation and deployment of digital twins at Facebook

Supporting Cyber-Physical Systems with Wireless Sensor Networks: An Outlook of Software and Services

Sensing, communication, computation and control technologies are the essential building blocks of a cyber-physical system (CPS). Wireless sensor networks (WSNs) are a way to support CPS as they provide fine-grained spatial-temporal sensing, communication and computation at a low premium of cost and power. In this article, we explore the fundamental concepts guiding the design and implementation of WSNs. We report the latest developments in WSN software and services for meeting existing requirements and newer demands; particularly in the areas of: operating system, simulator and emulator, programming abstraction, virtualization, IP-based communication and security, time and location, and network monitoring and management. We also reflect on the ongoing efforts in providing dependable assurances for WSN-driven CPS. Finally, we report on its applicability with a case-study on smart buildings

AUTOMATED CYBER OPERATIONS MISSION DATA REPLAY

The Persistent Cyber Training Environment (PCTE) has been developed as the joint force solution to provide a single training environment for cyberspace operations. PCTE offers a closed network for Joint Cyberspace Operations Forces, which provides a range of training solutions from individual sustainment training to mission rehearsal and post-operation analysis. Currently, PCTE does not have the ability to replay previously executed training scenarios or external scenarios. Replaying cyber mission data on a digital twin virtual network within PCTE would support operator training as well as enable development and testing of new strategies for offensive and defensive cyberspace operations. A necessary first step in developing such a tool is to acquire network specifications for a target network, or to extract network specifications from a cyber mission data set. This research developed a program design and proof-of-concept tool, Automated Cyber Operations Mission Data Replay (ACOMDR), to extract a portion of the network specifications necessary to instantiate a digital twin network within PCTE from cyber mission data. From this research, we were able to identify key areas for future work to increase the fidelity of the network specification and replay cyber events within PCTE.Captain, United States Marine CorpsApproved for public release. Distribution is unlimited

Dynamic Honeypot Configuration for Programmable Logic Controller Emulation

Attacks on industrial control systems and critical infrastructure are on the rise. Important systems and devices like programmable logic controllers are at risk due to outdated technology and ad hoc security measures. To mitigate the threat, honeypots are deployed to gather data on malicious intrusions and exploitation techniques. While virtual honeypots mitigate the unreasonable cost of hardware-replicated honeypots, these systems often suffer from a lack of authenticity due to proprietary hardware and network protocols. In addition, virtual honeynets utilizing a proxy to a live device suffer from performance bottlenecks and limited scalability. This research develops an enhanced, application layer emulator capable of alleviating honeynet scalability and honeypot inauthenticity limitations. The proposed emulator combines protocol-agnostic replay with dynamic updating via a proxy. The result is a software tool which can be readily integrated into existing honeypot frameworks for improved performance. The proposed emulator is evaluated on traffic reduction on the back-end proxy device, application layer task accuracy, and byte-level traffic accuracy. Experiments show the emulator is able to successfully reduce the load on the proxy device by up to 98% for some protocols. The emulator also provides equal or greater accuracy over a design which does not use a proxy. At the byte level, traffic variation is statistically equivalent while task success rates increase by 14% to 90% depending on the protocol. Finally, of the proposed proxy synchronization algorithms, templock and its minimal variant are found to provide the best overall performance