Holistic Security and Safety for Factories of the Future

The accelerating transition of traditional industrial processes towards fully automated and intelligent manufacturing is being witnessed in almost all segments. This major adoption of enhanced technology and digitization processes has been originally embraced by the Factories of the Future and Industry 4.0 initiatives. The overall aim is to create smarter, more sustainable, and more resilient future-oriented factories. Unsurprisingly, introducing new production paradigms based on technologies such as machine learning (ML), the Internet of Things (IoT), and robotics does not come at no cost as each newly incorporated technique poses various safety and security challenges. Similarly, the integration required between these techniques to establish a unified and fully interconnected environment contributes to additional threats and risks in the Factories of the Future. Accumulating and analyzing seemingly unrelated activities, occurring simultaneously in different parts of the factory, is essential to establish cyber situational awareness of the investigated environment. Our work contributes to these efforts, in essence by envisioning and implementing the SMS-DT, an integrated platform to simulate and monitor industrial conditions in a digital twin-based architecture. SMS-DT is represented in a three-tier architecture comprising the involved data and control flows: edge, platform, and enterprise tiers. The goal of our platform is to capture, analyze, and correlate a wide range of events being tracked by sensors and systems in various domains of the factory. For this aim, multiple components have been developed on the basis of artificial intelligence to simulate dominant aspects in industries, including network analysis, energy optimization, and worker behavior. A data lake was also used to store collected information, and a set of intelligent services was delivered on the basis of innovative analysis and learning approaches. Finally, the platform was tested in a textile industry environment and integrated with its ERP system. Two misuse cases were simulated to track the factory machines, systems, and people and to assess the role of SMS-DT correlation mechanisms in preventing intentional and unintentional actions. The results of these misuse case simulations showed how the SMS-DT platform can intervene in two domains in the first scenario and three in the second one, resulting in correlating the alerts and reporting them to security operators in the multi-domain intelligent correlation dashboard.The present work has been developed under the EUREKA ITEA3 Project Cyber-Factory#1 (ITEA-17032) and Project CyberFactory#1PT (ANI—P2020 40124) co-funded by Portugal 2020. Furthermore, this work also received funding from the project UIDB/00760/2020.info:eu-repo/semantics/publishedVersio

SMS-I: Intelligent Security for Cyber–Physical Systems

Critical infrastructures are an attractive target for attackers, mainly due to the catastrophic impact of these attacks on society. In addition, the cyber–physical nature of these infrastructures makes them more vulnerable to cyber–physical threats and makes the detection, investigation, and remediation of security attacks more difficult. Therefore, improving cyber–physical correlations, forensics investigations, and Incident response tasks is of paramount importance. This work describes the SMS-I tool that allows the improvement of these security aspects in critical infrastructures. Data from heterogeneous systems, over different time frames, are received and correlated. Both physical and logical security are unified and additional security details are analysed to find attack evidence. Different Artificial Intelligence (AI) methodologies are used to process and analyse the multi-dimensional data exploring the temporal correlation between cyber and physical Alerts and going beyond traditional techniques to detect unusual Events, and then find evidence of attacks. SMS-I’s Intelligent Dashboard supports decision makers in a deep analysis of how the breaches and the assets were explored and compromised. It assists and facilitates the security analysts using graphical dashboards and Alert classification suggestions. Therefore, they can more easily identify anomalous situations that can be related to possible Incident occurrences. Users can also explore information, with different levels of detail, including logical information and technical specifications. SMS-I also integrates with a scalable and open Security Incident Response Platform (TheHive) that enables the sharing of information about security Incidents and helps different organizations better understand threats and proactively defend their systems and networks.This research was funded by the Horizon 2020 Framework Programme under grant agreement No 832969. This output reflects the views only of the author(s), and the European Union cannot be held responsible for any use which may be made of the information contained therein. For more information on the project see: http://satie-h2020.eu/.info:eu-repo/semantics/publishedVersio

The Impact of Attacks in LEM and Prevention Measures Based on Forecasting and Trust Models

In recent years Local Energy Markets (LEM) have emerged as an innovative and versatile energy trade solution. They bring benefits when renewable energy sources are used and are more flexible for consumers. There are, however, security concerns that put the feasibility of the local energy market at risk. One of these security challenges is the integrity of data in the smart-grid that supports the local market. In this article the LEM and the types of attacks that can have a negative impact on it are presented, and a security mechanism based on a trust model is proposed. A case study is elaborated using a multi-agent system called Local Energy Market Multi-Agent System (LEMMAS), capable of simulating the LEM and testing the proposed security mechanism

LEMMAS: a secured and trusted Local Energy Market simulation system

The ever changing nature of the energy grid and the addition of novel systems such as the Local Energy Market (LEM) drastically increase its complexity, thus making the management harder and with increased importance at local level. Providing innovative and advanced management solutions is fundamental for the success of this new distributed energy grid paradigm. In this paper we extend Multi-Agent System (MAS) based simulation tool for LEMs called LEMMAS. A cyberattack detection model is developed and integrated in LEMMAS with the objective of preventing cyber-attacks from affecting the negotiations. This model is compared with the previous version which only analysed the trustworthiness of participants. The results show that the cyber-attack detection model drastically increases the security capabilities of LEMMAS.This work has received funding from FEDER Funds through COMPETE program and from National Funds through FCT under the project SPET–PTDC/EEI-EEE/029165/2017. This work has also received funding from the project UIDB/00760/2020 and Ph.D scholarship with reference 2021.07629.BD.info:eu-repo/semantics/publishedVersio