Report of the 2014 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure

This event was supported in part by the National Science Foundation under Grant Number 1234408. Any opinions, findings, and conclusions or recommendations expressed at the event or in this report are those of the authors and do not necessarily reflect the views of the National Science Foundation

Report of the 2015 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure

This event was supported in part by the National Science Foundation under Grant Number 1234408. Any opinions, findings, and conclusions or recommendations expressed at the event or in this report are those of the authors and do not necessarily reflect the views of the National Science Foundation

Towards trustworthy end-to-end communication in industry 4.0

Industry 4.0 considers integration of IT and control systems with physical objects, software, sensors and connectivity in order to optimize manufacturing processes. It provides advanced functionalities in control and communication for an infrastructure that handles multiple tasks in various locations automatically. Automatic actions require information from trustworthy sources. Thus, this work is focused on how to ensure trustworthy communication from the edge devices to the backend infrastructure. We derive a meta-model based on RAMI 4.0, which is used to describe an end-to-end communication use case for an Industry 4.0 application scenario and to identify dependabilities in case of security challenges. Furthermore, we evaluate secure messaging protocols and the integration of Trusted Platform Module (TPM) as a root of trust for dataexchange. We define a set of representative measurable indicator points based on existing standards and use them for automated dependability detection within the whole system

A Framework for Understanding, Prioritizing, and Applying Systems Security Engineering Processes, Activities, and Tasks

Current systems security practices lack an effective approach to prioritize and tailor systems security efforts to develop and field secure systems in challenging operational environments, which results in business and mission stakeholders becoming more susceptible to an array of disruptive events. This work informs Systems Engineers on recent developments in the field of system security engineering and provides a framework for more fully understanding the application of Systems Security Engineering (SSE) processes, activities, and tasks as described in the recently released National Institute of Standards and Technology (NIST) Special Publication 800-160. This SSE framework uniquely offers a repeatable and tailorable methodology that allows system developers to focus on high Return-on-Investment (RoI) SSE processes, activities, and tasks to more efficiently meet stakeholder protection needs and deliver trustworthy secure systems

Digital Twins for Logistics and Supply Chain Systems: Literature Review, Conceptual Framework, Research Potential, and Practical Challenges

To facilitate an effective, efficient, transparent, and timely decision-making process as well as to provide guidelines for industry planning and public policy development, a conceptual framework of digital twins (DTs) for logistics and supply chain systems (LSCS) is needed. This paper first introduces the background of the logistics and supply chain industry, the DT and its potential benefits, and the motivations and scope of this research. The literature review indicates research and practice gaps and needs that motivate proposing a new conceptual DT framework for LSCS. As each element of the new framework has different requirements and goals, it initiates new research opportunities and creates practical implementation challenges. As such, the future of DT computation involves advanced analytics and modeling techniques to address the new agenda's requirements. Finally, ideas on the next steps to deploy a transparent, trustworthy, and resilient DT for LSCS are presented.Comment: 45 page

Current Efforts Concerning ICT Security of the Power Grid

GRID is a Coordination Action funded under the Trust and Security objective of the IST Programme of the 6th Framework to achieve consensus at the European level on the key issues involved by power systems vulnerabilities, in view of the challenges driven by the transformation of the European power infrastructure and ICT integration. GRID wants to assess the needs of the EU power sector on these issues, so as to establish a Roadmap for collaborative research in this area. The present report provides a survey on current efforts somewhat related to the objectives of GRID. Similar to GRID, a number of European and US endeavours have attempted in recent years to draw a Road Map so as to coordinate efforts concerning energy transport/distribution research and CIP.JRC.G.6-Sensors, radar technologies and cybersecurit

Road2CPS priorities and recommendations for research and innovation in cyber-physical systems

This document summarises the findings of the Road2CPS project, co-financed by the European Commission under the H2020 Research and Innovation Programme, to develop a roadmap and recommendations for strategic action required for future deployment of Cyber-Physical Systems (CPS). The term Cyber-Physical System describes hardware-software systems, which tightly couple the physical world and the virtual world. They are established from networked embedded systems that are connected with the outside world through sensors and actuators and have the capability to collaborate, adapt, and evolve. In the ARTEMIS Strategic Research Agenda 2016, CPS are described as ‘Embedded Intelligent ICT Systems’ that make products smarter, more interconnected, interdependent, collaborative, and autonomous. In the future world of CPS, a huge number of devices connected to the physical world will be able to exchange data with each other, access web services, and interact with people. Moreover, information systems will sense, monitor and even control the physical world via Cyber-Physical Systems and the Internet of Things (HiPEAC Vision 2015). Cyber-Physical Systems find their application in many highly relevant areas to our society: multi-modal transport, health, smart factories, smart grids and smart cities amongst others. The deployment of Cyber-Physical Systems (CPS) is expected to increase substantially over the next decades, holding great potential for novel applications and innovative product development. Digital technologies have already pervaded day-to-day life massively, affecting all kinds of interactions between humans and their environment. However, the inherent complexity of CPSs, as well as the need to meet optimised performance and comply with essential requirements like safety, privacy, security, raises many questions that are currently being explored by the research community. Road2CPS aims at accelerating uptake and implementation of these efforts. The Road2CPS project identifying and analysing the relevant technology fields and related research priorities to fuel the development of trustworthy CPS, as well as the specific technologies, needs and barriers for a successful implementation in different application domains and to derive recommendations for strategic action. The document at hand was established through an interactive, community-based approach, involving over 300 experts from academia, industry and policy making through a series of workshops and consultations. Visions and priorities of recently produced roadmaps in the area of CPS, IoT (Internet of Things), SoS (System-of-Systems) and FoF (Factories of the Future) were discussed, complemented by sharing views and perspectives on CPS implementation in application domains, evolving multi-sided eco-systems as well as business and policy related barriers, enablers and success factors. From the workshops and accompanying activities recommendations for future research and innovation activities were derived and topics and timelines for their implementation proposed. Amongst the technological topics, and related future research priorities ‘integration, interoperability, standards’ ranged highest in all workshops. The topic is connected to digital platforms and reference architectures, which have already become a key priority theme for the EC and their Digitisation Strategy as well as the work on the right standards to help successful implementation of CPSs. Other themes of very high technology/research relevance revealed to be ‘modelling and simulation’, ‘safety and dependability’, ‘security and privacy’, ‘big data and real-time analysis’, ‘ubiquitous autonomy and forecasting’ as well as ‘HMI/human machine awareness’. Next to this, themes emerged including ‘decision making and support’, ‘CPS engineering (requirements, design)’, ‘CPS life-cycle management’, ‘System-of-Systems’, ‘distributed management’, ‘cognitive CPS’, ‘emergence, complexity, adaptability and flexibility’ and work on the foundations of CPS and ‘cross-disciplinary research/CPS Science’