Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

A modern teaching environment for process automation

Emergence of the new technological trends such as Open Platform Communications Unified Architecture (OPC UA), Industrial Ethernet, cloud computing and the 5th wireless network (5G) enabled the implementation of Cyber-physical System (CPS) with flexible, configurable, scalable and interoperable business models. This provides new opportunities for the process automation systems. On the other hand, the constant urge of industries for cost and material efficient processes demands a new automation paradigm with the latest tools and technologies which should be taken into account while teaching future automation engineers. In this thesis, the modern teaching environment for process automation is designed, implemented and described. This work explains the connections, configurations and the test of three mini plants including the Multiple Heat Exchanger, the Three-tank system and the Mixing Tank. In addition, OPC UA communication between the server and its clients has been tested. The plants are a part of the state of the art of the architecture that provides the access of ABB 800xA to the cloud services via OPC UA over the 5G test wireless network. This new paradigm changes the old automation hierarchy and enables the cross layered communication in the old architecture. This modern teaching environment prepares the students for the future automation challenges with the latest tools and merges data analytics, cloud computing and wireless network studies with process automation. It also provides the unique chance of testing the future trends together in this unique process automation setup

DIN Spec 91345 RAMI 4.0 compliant data pipelining: An approach to support data understanding and data acquisition in smart manufacturing environments

Today, data scientists in the manufacturing domain are confronted with a set of challenges associated to data acquisition as well as data processing including the extraction of valuable in-formation to support both, the work of the manufacturing equipment as well as the manufacturing processes behind it. One essential aspect related to data acquisition is the pipelining, including various commu-nication standards, protocols and technologies to save and transfer heterogenous data. These circumstances make it hard to understand, find, access and extract data from the sources depend-ing on use cases and applications. In order to support this data pipelining process, this thesis proposes the use of the semantic model. The selected semantic model should be able to describe smart manufacturing assets them-selves as well as to access their data along their life-cycle. As a matter of fact, there are many research contributions in smart manufacturing, which already came out with reference architectures or standards for semantic-based meta data descrip-tion or asset classification. This research builds upon these outcomes and introduces a novel se-mantic model-based data pipelining approach using as a basis the Reference Architecture Model for Industry 4.0 (RAMI 4.0).Hoje em dia, os cientistas de dados no domínio da manufatura são confrontados com várias normas, protocolos e tecnologias de comunicação para gravar, processar e transferir vários tipos de dados. Estas circunstâncias tornam difícil compreender, encontrar, aceder e extrair dados necessários para aplicações dependentes de casos de utilização, desde os equipamentos aos respectivos processos de manufatura. Um aspecto essencial poderia ser um processo de canalisação de dados incluindo vários normas de comunicação, protocolos e tecnologias para gravar e transferir dados. Uma solução para suporte deste processo, proposto por esta tese, é a aplicação de um modelo semântico que descreva os próprios recursos de manufactura inteligente e o acesso aos seus dados ao longo do seu ciclo de vida. Muitas das contribuições de investigação em manufatura inteligente já produziram arquitecturas de referência como a RAMI 4.0 ou normas para a descrição semântica de meta dados ou classificação de recursos. Esta investigação baseia-se nestas fontes externas e introduz um novo modelo semântico baseado no Modelo de Arquitectura de Referência para Indústria 4.0 (RAMI 4.0), em conformidade com a abordagem de canalisação de dados no domínio da produção inteligente como caso exemplar de utilização para permitir uma fácil exploração, compreensão, descoberta, selecção e extracção de dados

Next Generation Internet of Things – Distributed Intelligence at the Edge and Human-Machine Interactions

This book provides an overview of the next generation Internet of Things (IoT), ranging from research, innovation, development priorities, to enabling technologies in a global context. It is intended as a standalone in a series covering the activities of the Internet of Things European Research Cluster (IERC), including research, technological innovation, validation, and deployment.The following chapters build on the ideas put forward by the European Research Cluster, the IoT European Platform Initiative (IoT–EPI), the IoT European Large-Scale Pilots Programme and the IoT European Security and Privacy Projects, presenting global views and state-of-the-art results regarding the next generation of IoT research, innovation, development, and deployment.The IoT and Industrial Internet of Things (IIoT) are evolving towards the next generation of Tactile IoT/IIoT, bringing together hyperconnectivity (5G and beyond), edge computing, Distributed Ledger Technologies (DLTs), virtual/ andaugmented reality (VR/AR), and artificial intelligence (AI) transformation.Following the wider adoption of consumer IoT, the next generation of IoT/IIoT innovation for business is driven by industries, addressing interoperability issues and providing new end-to-end security solutions to face continuous treats.The advances of AI technology in vision, speech recognition, natural language processing and dialog are enabling the development of end-to-end intelligent systems encapsulating multiple technologies, delivering services in real-time using limited resources. These developments are focusing on designing and delivering embedded and hierarchical AI solutions in IoT/IIoT, edge computing, using distributed architectures, DLTs platforms and distributed end-to-end security, which provide real-time decisions using less data and computational resources, while accessing each type of resource in a way that enhances the accuracy and performance of models in the various IoT/IIoT applications.The convergence and combination of IoT, AI and other related technologies to derive insights, decisions and revenue from sensor data provide new business models and sources of monetization. Meanwhile, scalable, IoT-enabled applications have become part of larger business objectives, enabling digital transformation with a focus on new services and applications.Serving the next generation of Tactile IoT/IIoT real-time use cases over 5G and Network Slicing technology is essential for consumer and industrial applications and support reducing operational costs, increasing efficiency and leveraging additional capabilities for real-time autonomous systems.New IoT distributed architectures, combined with system-level architectures for edge/fog computing, are evolving IoT platforms, including AI and DLTs, with embedded intelligence into the hyperconnectivity infrastructure.The next generation of IoT/IIoT technologies are highly transformational, enabling innovation at scale, and autonomous decision-making in various application domains such as healthcare, smart homes, smart buildings, smart cities, energy, agriculture, transportation and autonomous vehicles, the military, logistics and supply chain, retail and wholesale, manufacturing, mining and oil and gas

A Framework for Industry 4.0

The potential of the Industry 4.0 will allow the national industry to develop all kinds of procedures, especially in terms of competitive differentiation. The prospects and motivations behind Industry 4.0 are related to the management that is essentially geared towards industrial internet, to the integrated analysis and use of data, to the digitalization of products and services, to new disruptive business models and to the cooperation within the value chain. It is through the integration of Cyber-Physical Systems (CPS), into the maintenance process that it is possible to carry out a continuous monitoring of industrial machines, as well as to apply advanced techniques for predictive and proactive maintenance. The present work is based on the MANTIS project, aiming to construct a specific platform for the proactive maintenance of industrial machines, targeting particularly the case of GreenBender ADIRA Steel Sheet. In other words, the aim is to reduce maintenance costs, increase the efficiency of the process and consequently the profit. Essentially, the MANTIS project is a multinational research project, where the CISTER Research Unit plays a key role, particularly in providing the communications infrastructure for one MANTIS Pilot. The methodology is based on a follow-up study, which is jointly carried with the client, as well as within the scope of the implementation of the ADIRA Pilot. The macro phases that are followed in the present work are: 1) detailed analysis of the business needs; 2) preparation of the architecture specification; 3) implementation/development; 4) tests and validation; 5) support; 6) stabilization; 7) corrective and evolutionary maintenance; and 8) final project analysis and corrective measures to be applied in future projects. The expected results of the development of such project are related to the integration of the industrial maintenance process, to the continuous monitoring of the machines and to the application of advanced techniques of preventive and proactive maintenance of industrial machines, particularly based on techniques and good practices of the Software Engineering area and on the integration of Cyber-Physical Systems.O potencial desenvolvido pela Indústria 4.0 dotará a indústria nacional de capacidades para desenvolver todo o tipo de procedimentos, especialmente a nível da diferenciação competitiva. As perspetivas e as motivações por detrás da Indústria 4.0 estão relacionadas com uma gestão essencialmente direcionada para a internet industrial, com uma análise integrada e utilização de dados, com a digitalização de produtos e de serviços, com novos modelos disruptivos de negócio e com uma cooperação horizontal no âmbito da cadeia de valor. É através da integração dos sistemas ciber-físicos no processo de manutenção que é possível proceder a um monitoramento contínuo das máquinas, tal como à aplicação de técnicas avançadas para a manutenção preditiva e pró-ativa das mesmas. O presente trabalho é baseado no projeto MANTIS, objetivando, portanto, a construção de uma plataforma específica para a manutenção pró-ativa das máquinas industriais, neste caso em concreto das prensas, que serão as máquinas industriais analisadas ao longo do presente trabalho. Dito de um outro modo, objetiva-se, através de uma plataforma em específico, reduzir todos os custos da sua manutenção, aumentando, portanto, os lucros industriais advindos da produção. Resumidamente, o projeto MANTIS consiste num projeto de investigação multinacional, onde a Unidade de Investigação CISTER desenvolve um papel fundamental, particularmente no fornecimento da infraestrutura de comunicação no Piloto MANTIS. A metodologia adotada é baseada num estudo de acompanhamento, realizado em conjunto com o cliente, e no âmbito da implementação do Piloto da ADIRA. As macro fases que são compreendidas por esta metodologia, e as quais serão seguidas, são: 1) análise detalhada das necessidades de negócio; 2) preparação da especificação da arquitetura; 3) implementação/desenvolvimento; 4) testes e validação; 5) suporte; 6) estabilização; 7) manutenção corretiva e evolutiva; e 8) análise final do projeto e medidas corretivas a aplicar em projetos futuros. Os resultados esperados com o desenvolvimento do projeto estão relacionados com a integração do processo de manutenção industrial, a monitorização contínua das máquinas e a aplicação de técnicas avançadas de manutenção preventiva e pós-ativa das máquinas, especialmente com base em técnicas e boas práticas da área de Engenharia de Software

Machine Tool Communication (MTComm) Method and Its Applications in a Cyber-Physical Manufacturing Cloud

The integration of cyber-physical systems and cloud manufacturing has the potential to revolutionize existing manufacturing systems by enabling better accessibility, agility, and efficiency. To achieve this, it is necessary to establish a communication method of manufacturing services over the Internet to access and manage physical machines from cloud applications. Most of the existing industrial automation protocols utilize Ethernet based Local Area Network (LAN) and are not designed specifically for Internet enabled data transmission. Recently MTConnect has been gaining popularity as a standard for monitoring status of machine tools through RESTful web services and an XML based messaging structure, but it is only designed for data collection and interpretation and lacks remote operation capability. This dissertation presents the design, development, optimization, and applications of a service-oriented Internet-scale communication method named Machine Tool Communication (MTComm) for exchanging manufacturing services in a Cyber-Physical Manufacturing Cloud (CPMC) to enable manufacturing with heterogeneous physically connected machine tools from geographically distributed locations over the Internet. MTComm uses an agent-adapter based architecture and a semantic ontology to provide both remote monitoring and operation capabilities through RESTful services and XML messages. MTComm was successfully used to develop and implement multi-purpose applications in in a CPMC including remote and collaborative manufacturing, active testing-based and edge-based fault diagnosis and maintenance of machine tools, cross-domain interoperability between Internet-of-things (IoT) devices and supply chain robots etc. To improve MTComm’s overall performance, efficiency, and acceptability in cyber manufacturing, the concept of MTComm’s edge-based middleware was introduced and three optimization strategies for data catching, transmission, and operation execution were developed and adopted at the edge. Finally, a hardware prototype of the middleware was implemented on a System-On-Chip based FPGA device to reduce computational and transmission latency. At every stage of its development, MTComm’s performance and feasibility were evaluated with experiments in a CPMC testbed with three different types of manufacturing machine tools. Experimental results demonstrated MTComm’s excellent feasibility for scalable cyber-physical manufacturing and superior performance over other existing approaches