BRICKS: Building’s reasoning for intelligent control knowledge-based system

Building energy management systems have been largely implemented, focusing on specific domains. When installed together, they lack interoperability to make them work correctly and to achieve a centralized user interface. The Building's Reasoning for Intelligent Control Knowledge-based System (BRICKS) overcomes these issues by developing an interoperable building management system able to aggregate different interest domains. It is a context-aware semantic rule-based system for intelligent management of buildings' energy and security. Its output can be a set of alarms, notifications, or control actions to take. BRICKS itself, and its features are the innovative contribution of the present paper. It is very important for buildings' energy management, namely in the scope of demand response programs. In this paper, it is shown how semantics is used to enable the knowledge exchange between different devices, algorithms, and models, without the need for reprogramming the system. A scenario is deployed in a real building for demonstration.This work has received funding from the European Union’s Horizon 2020 research and innovation programme under project DOMINOES (grant agreement No 771066) and from FEDER Funds through COMPETE program and from National Funds through FCT under the projects UID/EEA/00760/2019, PTDC/EEI-EEE/28954/2017 (MAS-Society), and SFRH/BD/118487/2016.info:eu-repo/semantics/publishedVersio

Trust and Privacy Solutions Based on Holistic Service Requirements

The products and services designed for Smart Cities provide the necessary tools to improve the management of modern cities in a more efficient way. These tools need to gather citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. This paper presents one of the possible solutions to manage this heterogeneity, bearing in mind these types of networks, such as Wireless Sensor Networks, have important resource limitations. A knowledge and ontology management system is proposed to facilitate the collaboration between the business, legal and technological areas. This will ease the implementation of adequate specific security and privacy policies for a given service. All these security and privacy policies are based on the information provided by the deployed platforms and by expert system processing

Interoperability middleware for IIoT gateways based on international standard ontologies and standardized digital representation

Recent advances in the areas of microelectronics, information technology, and communication protocols have made the development of smaller devices with greater processing capacity and lower energy consumption. This context contributed to the growing number of physical devices in industrial environments which are interconnected and communicate via the internet, enabling concepts such as Industry 4.0 and the Industrial Internet of Things (IIoT). These nodes have different sensors and actuators that monitor and control environment data. Several companies develop these devices, including diverse communication protocols, data structures, and IoT platforms, which leads to interoperability issues. In IoT scenarios, interoperability is the ability of two systems to communicate and share services. Therefore, communication problems can make it unfeasible to use heterogeneous devices, increasing the project’s financial cost and development time. In an industry, interoperability is related to different aspects, such as physical communication, divergent device communication protocols, and syntactical problems, referring to the distinct data structure. Developing a new standard for solving these matters may bring interoperability-related drawbacks rather than effectively solving these issues. Therefore, to mitigate interoperability problems in industrial applications, this work proposes the development of an interoperability middleware for Edge-enabled IIoT gateways based on international standards. The middleware is responsible for translating communication protocols, updating data from simulations or physical nodes to the assets’ digital representations, and storing data locally or remotely. The middleware adopts the IEEE industrial standard ontologies combined with assets’ standardized digital models. As a case study, a simulation replicates the production of a nutrient solution for agriculture, controlled by IIoT nodes. The use case consists of three devices, each equipped with at least five sensors or actuators, communicating in different communication protocols and exchanging data using diverse structures. The performance of the proposed middleware and its proposed translations algorithms were evaluated, obtaining satisfactory results for mitigating interoperable in industrial applications.Devido a recentes avanços nas áreas de microeletrônica, tecnologia da informação, e protocolos de comunicação tornaram possível o desenvolvimento de dispositivos cada vez menores com maior capacidade de processamento e menor consumo energético. Esse contexto contribuiu para o crescente nú- mero desses dispositivos na industria que estão interligados via internet, viabilizando conceitos como Indústria 4.0 e Internet das Coisas Industrial (IIoT). Esses nós possuem diferentes sensores e atuadores que monitoram e controlam os dados do ambiente. Esses equipamentos são desenvolvidos por diferentes empresas, incluindo protocolos de comunicação, estruturas de dados e plataformas de IoT distintos, acarretando em problemas de interoperabilidade. Em cenários de IoT, interoperabilidade, é a capacidade de sistemas se comunicarem e compartilharem serviços. Portanto, esses problemas podem inviabilizar o uso de dispositivos heterogêneos, aumentando o custo financeiro do projeto e seu tempo de desenvolvimento. Na indústria, interoperabilidade se divide em diferentes aspectos, como comunicação e problemas sintáticos, referentes à estrutura de dados distinta. O desenvolvimento de um padrão industrial pode trazer mais desvantagens relacionadas à interoperabilidade, em vez de resolver esses problemas. Portanto, para mitigar problemas relacionados a intoperabilidade industrial, este trabalho propõe o desenvolvimento de um middleware de interoperável para gateways IIoT baseado em padrões internacionais e ontologias. O middleware é responsável por traduzir diferentes protocolos de comunicação, atualizar os dados dos ativos industriais por meio de suas representações digitais, esses armazenados localmente ou remotamente. O middleware adota os padrões ontológicos industriais da IEEE combinadas com modelos digitais padronizados de ativos industriais. Como estudo de caso, são realizadas simulações para a produção de uma solução nutritiva para agricultura, controlada por nós IIoT. O processo utiliza três dispositivos, cada um equipado com pelo menos cinco sensores ou atuadores, por meio de diferentes protocolos de comunicação e estruturas de dados. O desempenho do middleware proposto e seus algoritmos de tradução foram avaliados e apresentados no final do trabalho, os quais resultados foram satisfatórios para mitigar a interoperabilidade em aplicações industriais

On specification-based cyber-attack detection in smart grids

The transformation of power grids into intelligent cyber-physical systems brings numerous benefits, but also significantly increases the surface for cyber-attacks, demanding appropriate countermeasures. However, the development, validation, and testing of data-driven countermeasures against cyber-attacks, such as machine learning-based detection approaches, lack important data from real-world cyber incidents. Unlike attack data from real-world cyber incidents, infrastructure knowledge and standards are accessible through expert and domain knowledge. Our proposed approach uses domain knowledge to define the behavior of a smart grid under non-attack conditions and detect attack patterns and anomalies. Using a graph-based specification formalism, we combine cross-domain knowledge that enables the generation of whitelisting rules not only for statically defined protocol fields but also for communication flows and technical operation boundaries. Finally, we evaluate our specification-based intrusion detection system against various attack scenarios and assess detection quality and performance. In particular, we investigate a data manipulation attack in a future-orientated use case of an IEC 60870-based SCADA system that controls distributed energy resources in the distribution grid. Our approach can detect severe data manipulation attacks with high accuracy in a timely and reliable manner

Standardization in cyber-physical systems: the ARUM case

Cyber-physical systems concept supports the realization of the Industrie 4.0 vision towards the computerization of traditional industries, aiming to achieve intelligent and reconfigurable factories. Standardization assumes a critical role in the industrial adoption of cyber-physical systems, namely in the integration of legacy systems as well as the smooth migration from existing running systems to the new ones. This paper analyses some existing standards in related fields and presents identified limitations and efforts for a wider acceptance of such systems by industry. A special attention is devoted to the efforts to develop a standard-compliant service-oriented multi-agent system solution within the ARUM project.info:eu-repo/semantics/publishedVersio

Intelligent Sensors Security

The paper is focused on the security issues of sensors provided with processors and software and used for high-risk applications. Common IT related threats may cause serious consequences for sensor system users. To improve their robustness, sensor systems should be developed in a restricted way that would provide them with assurance. One assurance creation methodology is Common Criteria (ISO/IEC 15408) used for IT products and systems. The paper begins with a primer on the Common Criteria, and then a general security model of the intelligent sensor as an IT product is discussed. The paper presents how the security problem of the intelligent sensor is defined and solved. The contribution of the paper is to provide Common Criteria (CC) related security design patterns and to improve the effectiveness of the sensor development process

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well

Automating Security Risk and Requirements Management for Cyber-Physical Systems

Cyber-physische Systeme ermöglichen zahlreiche moderne Anwendungsfälle und Geschäftsmodelle wie vernetzte Fahrzeuge, das intelligente Stromnetz (Smart Grid) oder das industrielle Internet der Dinge. Ihre Schlüsselmerkmale Komplexität, Heterogenität und Langlebigkeit machen den langfristigen Schutz dieser Systeme zu einer anspruchsvollen, aber unverzichtbaren Aufgabe. In der physischen Welt stellen die Gesetze der Physik einen festen Rahmen für Risiken und deren Behandlung dar. Im Cyberspace gibt es dagegen keine vergleichbare Konstante, die der Erosion von Sicherheitsmerkmalen entgegenwirkt. Hierdurch können sich bestehende Sicherheitsrisiken laufend ändern und neue entstehen. Um Schäden durch böswillige Handlungen zu verhindern, ist es notwendig, hohe und unbekannte Risiken frühzeitig zu erkennen und ihnen angemessen zu begegnen. Die Berücksichtigung der zahlreichen dynamischen sicherheitsrelevanten Faktoren erfordert einen neuen Automatisierungsgrad im Management von Sicherheitsrisiken und -anforderungen, der über den aktuellen Stand der Wissenschaft und Technik hinausgeht. Nur so kann langfristig ein angemessenes, umfassendes und konsistentes Sicherheitsniveau erreicht werden. Diese Arbeit adressiert den dringenden Bedarf an einer Automatisierungsmethodik bei der Analyse von Sicherheitsrisiken sowie der Erzeugung und dem Management von Sicherheitsanforderungen für Cyber-physische Systeme. Das dazu vorgestellte Rahmenwerk umfasst drei Komponenten: (1) eine modelbasierte Methodik zur Ermittlung und Bewertung von Sicherheitsrisiken; (2) Methoden zur Vereinheitlichung, Ableitung und Verwaltung von Sicherheitsanforderungen sowie (3) eine Reihe von Werkzeugen und Verfahren zur Erkennung und Reaktion auf sicherheitsrelevante Situationen. Der Schutzbedarf und die angemessene Stringenz werden durch die Sicherheitsrisikobewertung mit Hilfe von Graphen und einer sicherheitsspezifischen Modellierung ermittelt und bewertet. Basierend auf dem Modell und den bewerteten Risiken werden anschließend fundierte Sicherheitsanforderungen zum Schutz des Gesamtsystems und seiner Funktionalität systematisch abgeleitet und in einer einheitlichen, maschinenlesbaren Struktur formuliert. Diese maschinenlesbare Struktur ermöglicht es, Sicherheitsanforderungen automatisiert entlang der Lieferkette zu propagieren. Ebenso ermöglicht sie den effizienten Abgleich der vorhandenen Fähigkeiten mit externen Sicherheitsanforderungen aus Vorschriften, Prozessen und von Geschäftspartnern. Trotz aller getroffenen Maßnahmen verbleibt immer ein gewisses Restrisiko einer Kompromittierung, worauf angemessen reagiert werden muss. Dieses Restrisiko wird durch Werkzeuge und Prozesse adressiert, die sowohl die lokale und als auch die großräumige Erkennung, Klassifizierung und Korrelation von Vorfällen verbessern. Die Integration der Erkenntnisse aus solchen Vorfällen in das Modell führt häufig zu aktualisierten Bewertungen, neuen Anforderungen und verbessert weitere Analysen. Abschließend wird das vorgestellte Rahmenwerk anhand eines aktuellen Anwendungsfalls aus dem Automobilbereich demonstriert.Cyber-Physical Systems enable various modern use cases and business models such as connected vehicles, the Smart (power) Grid, or the Industrial Internet of Things. Their key characteristics, complexity, heterogeneity, and longevity make the long-term protection of these systems a demanding but indispensable task. In the physical world, the laws of physics provide a constant scope for risks and their treatment. In cyberspace, on the other hand, there is no such constant to counteract the erosion of security features. As a result, existing security risks can constantly change and new ones can arise. To prevent damage caused by malicious acts, it is necessary to identify high and unknown risks early and counter them appropriately. Considering the numerous dynamic security-relevant factors requires a new level of automation in the management of security risks and requirements, which goes beyond the current state of the art. Only in this way can an appropriate, comprehensive, and consistent level of security be achieved in the long term. This work addresses the pressing lack of an automation methodology for the security-risk assessment as well as the generation and management of security requirements for Cyber-Physical Systems. The presented framework accordingly comprises three components: (1) a model-based security risk assessment methodology, (2) methods to unify, deduce and manage security requirements, and (3) a set of tools and procedures to detect and respond to security-relevant situations. The need for protection and the appropriate rigor are determined and evaluated by the security risk assessment using graphs and a security-specific modeling. Based on the model and the assessed risks, well-founded security requirements for protecting the overall system and its functionality are systematically derived and formulated in a uniform, machine-readable structure. This machine-readable structure makes it possible to propagate security requirements automatically along the supply chain. Furthermore, they enable the efficient reconciliation of present capabilities with external security requirements from regulations, processes, and business partners. Despite all measures taken, there is always a slight risk of compromise, which requires an appropriate response. This residual risk is addressed by tools and processes that improve the local and large-scale detection, classification, and correlation of incidents. Integrating the findings from such incidents into the model often leads to updated assessments, new requirements, and improves further analyses. Finally, the presented framework is demonstrated by a recent application example from the automotive domain