Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

PLC Virtualization and Software Defined Architectures in Industrial Control Systems

Today’s automation systems are going through a transition called Industry 4.0, referring to the Fourth Industrial Revolution. New concepts, such as cyber-physical systems, mi-croservices and Smart Factory are introduced. This brings up the question of how some of these new technologies can be utilized in Industrial Control Systems. Machines and production lines are nowadays controlled by hardware PLCs and this is considered as a state-of-the-art solution. However, the market demands are continuously increasing and pushing the industry e.g. to lower the operational costs and to develop more agile solutions. Industry 4.0 provides promising approaches to take a step forward and consider PLC virtualization. The purpose of this thesis was to evaluate PLC virtualization possibilities using different Software Defined Architectures. Requirements and benefits of different solutions were evaluated. The major objective of the case study was to compare container- and hypervisor-based virtualization solutions using Docker and KVM. The case study provides a modular and scalable IIoT solution in which a virtual PLC takes over the control instead of a hardware PLC. Node-RED was used as a runtime environment and an I/O-module was needed to set up a control loop test. Response time of the control loop was measured by capturing Modbus traffic with tcpdump. Multiple iterations were performed to show minimum, maximum, average, median and 90th pctl. latencies. The results indicate that the container-based solution has a smaller overhead than the hypervisor-based solution and it has a very little overhead in general. Peak latencies are a concern and even the average latencies show that this solution would not be suitable for any hard real-time or safety-related applications. Further investigation on the topic would be needed to estimate the actual potential of PLC virtualization on hard real-time applications. First of all, a more powerful hardware PC would be needed to perform such tests. Secondly, a faster industrial protocol than Modbus TCP/IP would be required. Perhaps another kind of approach would be needed to overcome the issues that were experienced in this case study. It would be interesting to test a direct communication between virtual PLC and I/O and use Node-RED nodes for example to trigger inputs. Anyhow, it seems that container-based solution is holding much promise as a virtualization approach

Designing SMART-PJU Based on LoraWAN for Rural Light System

In the industrial era 4.0, every industrial tool or equipment and building already uses automation via IoT, especially in public street lighting. Using a SMART-PJU-based LoraWAN system can minimize electrical energy use by using dimmer schedule control and ON/OFF schedule control. Using a dimmer schedule for PJU lights, the energy is set maximum of 10 amperes depending on the dimmer module used. The SMART-PJU has a LoRa module to control and monitor them via a wireless network. This research used the LoRa-EBYTE E32-DTU(915L20) module as the data sender and receiver. LoRa-EBYTE E32-DTU(915L20) with a frequency of 915 MHz to 931 MHz and an RS232/RS485 connector. The furthest distance that can be reached during testing at the Jakarta Global University campus, with a frequency of 922 MHz, is 450 meters, 344 meters, and 215 meters at three different points. The SMART-PJU system can regulate light, ON/OFF control, and ON/OFF schedule and can see the on or off status of the digital output on the Arduino. To ensure the module is on or off. Furthermore, it can monitor electricity usage in the PJU, such as power, voltage, current, power factor, and frequency, via the PZEM-016 sensor. The comparison value using the dimmer schedule at 12 hours is 375.62 Wh without the dimmer, 1085.04 Wh, and the average comparison error value of the PZEM-016 sensor reading with a multimeter is 0.1 current, 0.009 voltage, 0.3 power at each dimmer setting from 20 to 80. All data are obtained and viewed using Node-red software. By using Node-red software, users can control and monitor easily because Node-red uses language and displays that are easy for users to understand

Advanced security aspects on Industrial Control Network.

Security threats are one of the main problems of this computer-based era. All systems making use of information and communication technologies (ICT) are prone to failures and vulnerabilities that can be exploited by malicious software and agents. In the latest years, Industrial Critical Installations started to use massively network interconnections as well, and what it is worst they came in contact with the public network, i.e. with Internet. Industrial networks are responsible for process and manufacturing operations of almost every scale, and as a result the successful penetration of a control system network can be used to directly impact those processes. Consequences could potentially range from relatively benign disruptions, such as the disruption of the operation (taking a facility offline), the alteration of an operational process (changing the formula of a chemical process), all the way to deliberate acts of sabotage that are intended to cause harm. The interconnectivity of Industrial Control Systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols. This presents presents an innovative approach to Intrusion Detection in SCADA systems based on the concept of Critical State Analysis and State Proximity. The theoretical framework is supported by tests conducted with an Intrusion Detection System prototype implementing the proposed detection approach

Proposal of a Monitoring System for Collaborative Robots to Predict Outages and to Assess Reliability Factors Exploiting Machine Learning

Industry standards pertaining to Human-Robot Collaboration (HRC) impose strict safety requirements to protect human operators from danger. When a robot is equipped with dangerous tools, moves at a high speed or carries heavy loads, the current safety legislation requires the continuous on-line monitoring of the robot’s speed and a suitable separation distance from human workers. The present paper proposes to make a virtue out of necessity by extending the scope of on-line monitoring to predicting failures and safe stops. This has been done by implementing a platform, based on open access tools and technologies, to monitor the parameters of a robot during the execution of collaborative tasks. An automatic machine learning (ML) tool on the edge of the network can help to perform the on-line predictions of possible outages of collaborative robots, especially as a consequence of human-robot interactions. By exploiting the on-line monitoring system, it is possible to increase the reliability of collaborative work, by eliminating any unplanned downtimes during execution of the tasks, by maximising trust in safe interactions and by increasing the robot’s lifetime. The proposed framework demonstrates a data management technique in industrial robots considered as a physical cyber-system. Using an assembly case study, the parameters of a robot have been collected and fed to an automatic ML model in order to identify the most significant reliability factors and to predict the necessity of safe stops of the robot. Moreover, the data acquired from the case study have been used to monitor the manipulator’ joints; to predict cobot autonomy and to provide predictive maintenance notifications and alerts to the end-users and vendors