Use of Service Oriented Architecture for Scada Networks

Supervisory Control and Data Acquisition (SCADA) systems involve the use of distributed processing to operate geographically dispersed endpoint hardware components. They manage the control networks used to monitor and direct large-scale operations such as utilities and transit systems that are essential to national infrastructure. SCADA industrial control networks (ICNs) have long operated in obscurity and been kept isolated largely through strong physical security. Today, Internet technologies are increasingly being utilized to access control networks, giving rise to a growing concern that they are becoming more vulnerable to attack. Like SCADA, distributed processing is also central to cloud computing or, more formally, the Service Oriented Architecture (SOA) computing model. Certain distinctive properties differentiate ICNs from the enterprise networks that cloud computing developments have focused on. The objective of this project is to determine if modern cloud computing technologies can be also applied to improving dated SCADA distributed processing systems. Extensive research was performed regarding control network requirements as compared to those of general enterprise networks. Research was also conducted into the benefits, implementation, and performance of SOA to determine its merits for application to control networks. The conclusion developed is that some aspects of cloud computing might be usefully applied to SCADA systems but that SOA fails to meet ICN requirements in a certain essential areas. The lack of current standards for SOA security presents an unacceptable risk to SCADA systems that manage dangerous equipment or essential services. SOA network performance is also not sufficiently deterministic to suit many real-time hardware control applications. Finally, SOA environments cannot as yet address the regulatory compliance assurance requirements of critical infrastructure SCADA systems

Development of a Service Oriented SCADA System

AbstractMonitoring and control of technological process, in many cases spread out over small or large geographical areas, are achieved with supervisory control and data acquisition SCADA. This is a fact imposed by technological requirements and also by economical aspects. This approach raises a number of problems, starting from the design and implementation solutions as well as security and safety in these systems. This paper makes a brief analysis of these issues, and starting from this point authors propose a solution based on Service-Oriented Architecture SOA which may represent a solution to some of the identified challenges. For the proposed solution a study is performed. The results are used to conclude on applicability conditions and recommendations on the design and implementation of monitoring and control systems in case of database-as-a-service DbaaS approach

Smart Grid Technologies in Europe: An Overview

The old electricity network infrastructure has proven to be inadequate, with respect to modern challenges such as alternative energy sources, electricity demand and energy saving policies. Moreover, Information and Communication Technologies (ICT) seem to have reached an adequate level of reliability and flexibility in order to support a new concept of electricity network—the smart grid. In this work, we will analyse the state-of-the-art of smart grids, in their technical, management, security, and optimization aspects. We will also provide a brief overview of the regulatory aspects involved in the development of a smart grid, mainly from the viewpoint of the European Unio

Teollisen Internetin käyttöönotto automaatiolaitteissa

Industrial Internet is a term that is used to describe digitalization of industry. It is a research direction in Finland, where there are already various groups studying it. Despite this, the term Industrial Internet is still relatively vague and there is a lack of concreteness around the topic. The objective of this thesis is to explore the current status of Industrial Internet and study the capabilities of automation devices from an Industrial Internet point of view. I explore Industrial Internet through a literary review where I study various use cases. The use cases of Industrial Internet are divided into two main types: platform centric and machine to machine (M2M) communication centric. The use cases provide a list of characteristics and requirements for Industrial Internet from these two perspectives. General requirements are, for example scalability and flexibility, which are achieved through various IT technologies, such as Service-Oriented-Architecture. This thesis also consists of a practical part where I configured the control logic and data collection for a test bed that simulates drop tests of active magnetic bearings. The control logic consists of a programmable logic controller and corresponding software. The data collection consists of software for collecting and analyzing measurement data and the measuring equipment. After the literary review and practical part, I propose the creation of a cloud based Industrial Internet platform around the active magnetic test bed. The purpose of the platform is to provide a direction for further research. The creation of the platform consists of two phases: first phase includes the creation of the platform so that the test bed achieves current functionality but cloud based. The second phase consists of changing the platform to meet the requirements of the literature review. The end results will be an application independent system solution for Industrial Internet.Teollinen Internet on termi, jolla kuvataan teollisuuden digitalisaatiota. Aihe on kasvavan kiinnostuksen kohde ja esim. Suomessa on useita tahoja, jotka panostavat aiheen tutkimukseen. Siltikin Teollinen Internet on käsitteenä epäselvä ja sitä vaivaa konkretian puute. Tämän työn tarkoituksena on tutustua Teollisen Internetin nykytilaan ja automaatiolaitteiden ominaisuuksiin Teollisen Internetin näkökulmasta. Teollisen Internetin esimerkit jakautuvat pääasiassa kahteen luokkaan: alustalähtöisiin ja koneiden väliseen kommunikaatioon (M2M-kommunikaatio). Esimerkit tarjoavat listan ominaisuuksia ja vaatimuksia Teolliselle Internetille kummastakin näkökulmasta. Yleisiä ominaisuuksia ovat esimerkiksi skaalattavuus ja joustavuus, jotka saavutetaan erilaisilla tietoteknisillä vaatimuksilla, esim. palvelukeskeisellä arkkitehtuurilla. Lisäksi työhön kuuluu käytännön osuus, jossa kirjoitin ohjainlogiikan ja datankeräyksen testilaitteeseen, joka simuloi aktiivimagneettilaakerien pudotuskokeita. Ohjainlogiikka koostui PLC-laitteesta ja siihen liittyvistä ohjelmistoista. Datan keräys koostui mittausdatan keräykseen ja purkamiseen vaadittavista ohjelmistoista sekä laitteistosta. Kirjallisuudesta kerättyjen vaatimusten ja käytännön kokemuksien perusteella esitän pilvipohjaisen, Teolliseen Internetiin suunnatun ohjelmistoalustan kehittämistä testilaitteen ympärille. Ohjelmistoalusta voi toimia yliopistollisen jatkotutkimuksen pohjana. Ohjelmistoalustan toteuttaminen tapahtuu kahdessa vaiheessa: ensimmäisessä vaiheessa kehitetään pilvipohjainen alusta, joka saavuttaa testilaitteiston nykyisen toiminnallisuuden. Toisessa vaiheessa ohjelmistoalusta muutetaan vastaamaan Teollisen Internetin vaatimuksia, jolla saavutetaan sovellusriippumaton järjestelmäratkaisu

An engineering framework for Service-Oriented Intelligent Manufacturing Systems

Nowadays fully integrated enterprises are being replaced by business networks in which each participant provides others with specialized services. As a result, the Service Oriented Manufacturing Systems emerges. These systems are complex and hard to engineer. The main source of complexity is the number of different technologies, standards, functions, protocols, and execution environments that must be integrated in order to realize them. This paper proposes a framework and associated engineering approach for assisting the system developers of Service Oriented Manufacturing Systems. The approach combines multi-agent system with Service Oriented Architectures for the development of intelligentautomation control and execution of manufacturing systems.Giret Boggino, AS.; Garcia Marques, ME.; Botti Navarro, VJ. (2016). An engineering framework for Service-Oriented Intelligent Manufacturing Systems. Computers in Industry. 81:116-127. doi:10.1016/j.compind.2016.02.002S1161278

A Secure Fog-based Platform for SCADA-based IoT Critical Infrastructure

The rapid proliferation of Internet of Things (IoT) devices, such as smart meters and water valves, into industrial critical infrastructures and control systems has put stringent performance and scalability requirements on modern Supervisory Control and Data Acquisition (SCADA) systems. While cloud computing has enabled modern SCADA systems to cope with the increasing amount of data generated by sensors, actuators and control devices, there has been a growing interest recently to deploy edge datacenters in fog architectures to secure low-latency and enhanced security for mission-critical data. However, fog security and privacy for SCADA-based IoT critical infrastructures remains an under-researched area. To address this challenge, this contribution proposes a novel security “toolbox” to reinforce the integrity, security, and privacy of SCADA-based IoTcritical infrastructure at the fog layer. The toolbox incorporates a key feature: a cryptographic-based access approach to the cloud services using identity-based cryptography and signature schemes at the fog layer. We present the implementation details of a prototype for our proposed Secure Fog-based Platform (SeFoP) and provide performance evaluation results to demonstrate the appropriateness of the proposed platform in a real-world scenario. These results can pave the way towards the development of more secured and trusted SCADA-based IoT critical infrastructure, which is essential to counter cyber threats against next-generation critical infrastructure and industrial control systems. The results from the experiments demonstrate a superior performance of SeFoP, which is around 2.8 seconds when adding 5 virtual machines (VMs), 3.2 seconds when adding 10 VMs, and 112 seconds when adding 1000 VMs compared to Multi-Level user Access Control (MLAC) platform

Phenolic profiling, biological activities and in silico studies of Acacia tortilis (Forssk.) Hayne ssp. raddiana extracts

The authors are grateful to the Foundation for Science and Technology (FCT, Portugal) for financial support through national funds FCT/MCTES to CIMO (UIDB/00690/2020). L. Barros and R. C. Calhelha thank the national funding by the FCT, P.I., through the institutional scientific employment program-contract for their contracts. M. Carocho also thanks the project ValorNatural for his research contract. The authors are also grateful to the FEDER-Interreg España- Portugal programme for financial support through the project 0377_Iberphenol_6_E.info:eu-repo/semantics/publishedVersio

Engineering of next generation cyber-physical automation system architectures

Cyber-Physical-Systems (CPS) enable flexible and reconfigurable realization of automation system architectures, utilizing distributed control architectures with non-hierarchical modules linked together through different communication systems. Several control system architectures have been developed and validated in the past years by research groups. However, there is still a lack of implementation in industry. The intention of this work is to provide a summary of current alternative control system architectures that could be applied in industrial automation domain as well as a review of their commonalities. The aim is to point out the differences between the traditional centralized and hierarchical architectures to discussed ones, which rely on decentralized decision-making and control. Challenges and impacts that industries and engineers face in the process of adopting decentralized control architectures are discussed, analysing the obstacles for industrial acceptance and the new necessary interdisciplinary engineering skills. Finally, an outlook of possible mitigation and migration actions required to implement the decentralized control architectures is addressed.The authors would like to thank the European Commission for the support, and the partners of the EU Horizon 2020 project PERFoRM (2016b) for the fruitful discussions. The PERFoRM project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 680435.info:eu-repo/semantics/publishedVersio

Generic Patterns for Intrusion Detection Systems in Service-Oriented Automotive and Medical Architectures

To implement new software functions and more flexible updates in the future as well as to provide cloud-based functionality, the service-oriented architecture (SOA) paradigm is increasingly being integrated into automotive electrical and electronic architecture (E/E architectures). In addition to the automotive industry, the medical industry is also researching SOA-based solutions to increase the interoperability of devices (vendor-independent). The resulting service-oriented communication is no longer fully specified during design time, which affects information security measures. In this paper, we compare different SOA protocols for the automotive and medical fields. Furthermore, we explain the underlying communication patterns and derive features for the development of an SOA-based Intrusion Detection System (IDS)