A Scalable Specification-Agnostic Multi-Sensor Anomaly Detection System for IIoT Environments

Advanced sensing is a key ingredient for intelligent control in Industrial Internet of Things (IIoT) environments. Coupled with enhanced communication capabilities, sensors are becoming increasingly vulnerable to cyberattacks, thereby jeopardizing the often safety-critical underlying cyber-physical system. One prominent approach to sensor-level attack detection in modern industrial environments, named PASAD, has recently been proposed in the literature. PASAD is a process-aware stealthy-attack detection mechanism that has shown promising capabilities in detecting anomalous, potentially malicious behavior through real-time monitoring of sensor measurements. Although fast and lightweight, a major limitation of PASAD is that it is univariate, meaning that only a single sensor can be monitored by one instance of the algorithm. This impediment poses serious concerns on its scalability, especially in modernized industrial environments, which typically employ a plethora of sensors. This paper generalizes PASAD to the multivariate case, where a plurality of sensors can be monitored concurrently with little added complexity. This generalization has the evident advantage of offering scalability potential for deployment in future-focused industrial environments, which are undergoing growing integration between the digital and physical worlds

A Framework for Determining Robust Context-Aware Attack-Detection Thresholds for Cyber-Physical Systems

Process-aware attack detection plays a key role in securing cyber-physical systems. A process-aware detection system (PADS) identifies a baseline behaviour of the physical process in cyber-physical systems and continuously attempts to detect deviations from the baseline attributed to malicious modifications in the process operation. Typically, a PADS triggers an alarm whenever the detection score crosses a fixed and predetermined threshold. In this paper, we argue that in the context of securing cyber-physical systems, relying on a single fixed threshold can undermine the effectiveness of the PADS, and propose a context-aware framework for determining two-dimensional thresholds that enhance the sensibility and reliability of such detection systems by rendering them more robust to false detection. In addition, we propose an algorithm, out of many possible, within this framework as a practical example

Gridchain: an investigation of privacy for the future local distribution grid

As part of building the smart grid, there is a massive deployment of so-called smart meters that aggregate information and communicate with the back-end office, apart from measuring properties of the local network. Detailed measurements and communication of, e.g., consumption allows for remote billing, but also in finding problems in the distribution of power and overall to provide data to be used to plan future upgrades of the network. From a security perspective, a massive deployment of such Internet of Things (IoT) components increases the risk that some may be compromised or that collected data are used for privacy-sensitive inference of the consumption of households. In this paper, we investigate the privacy concerns regarding detailed readings of smart meters for billing purposes. We present Gridchain, a solution where households can opt-in to hide their consumption patterns and thus make Non-Intrusive Load Monitoring (NILM) more challenging. Households form groups where they can trade real consumption among themselves to achieve reported consumption that would be resistant to NILM. Gridchain is built on a publish/subscribe model and uses a permissioned blockchain to record any trades, meaning that dishonest households can be discovered and punished if they steal from other households in the group or the electricity company in the end. We implement and release a proof of concept of Gridchain and use public datasets to allow reproducibility. Our results show that even if an attacker has access to the reported electricity consumption of any member of a Gridchain group, this reported consumption is significantly far from the actual consumption to allow for a detailed fingerprint of the household activities

V2C: A Trust-Based Vehicle to Cloud Anomaly Detection Framework for Automotive Systems

Vehicles have become connected in many ways. They communicate with the cloud and will use Vehicle-to-Everything (V2X) communication to exchange warning messages and perform cooperative actions such as platooning. Vehicles have already been attacked and will become even more attractive targets due to their increasing connectivity, the amount of data they produce and their importance to our society. It is therefore crucial to provide cyber security measures to prevent and limit the impact of attacks.As it is problematic for a vehicle to reliably assess its own state when it is compromised, we investigate how vehicle trust can be used to identify compromised vehicles and how fleet-wide attacks can be detected at an early stage using cloud data. In our proposed V2C Anomaly Detection framework, peer vehicles assess each other based on their perceived behavior in traffic and V2X-enabled interactions, and upload these assessments to the cloud for analysis. This framework consists of four modules. For each module we define functional demands, interfaces and evaluate solutions proposed in literature allowing manufacturers and fleet owners to choose appropriate techniques. We detail attack scenarios where this type of framework is particularly useful in detecting and identifying potential attacks and failing software and hardware. Furthermore, we describe what basic vehicle data the cloud analysis can be based upon

Proposing HEAVENS 2.0 – an automotive risk assessment model

Risk-based security models have seen a steady rise in popularity over the last decades, and several security risk assessment models have been proposed for the automotive industry. The new UN vehicle regulation 155 on cybersecurity provisions for vehicle type approval, as part of the 1958 agreement on vehicle harmonization, mandates the use of risk assessment to mitigate cybersecurity risks and is expected to be adopted into national laws in 54 countries within 1 to 3 years. This new legislation will also apply to autonomous vehicles. The automotive cybersecurity engineering standard ISO/SAE\ua021434 is seen as a way to fulfill the new UN legislation, so we can expect quick and wide industry adoption. One risk assessment model that has gained some popularity and is in active use in several companies is the HEAVENS model, but since ISO/SAE\ua021434 introduces additional requirements on the risk assessment process, the original HEAVENS model does not fulfill the standard.In this paper, we investigate the gap between the HEAVENS risk assessment model and ISO/SAE\ua021434, and we identify and propose 12 model updates to HEAVENS to close this gap. We also discuss identified weaknesses of the HEAVENS risk assessment model and propose 5 additional model updates to overcome them. In accordance with these 17 identified model updates, we propose HEAVENS\ua02.0, a new risk assessment model based on HEAVENS which is fully compliant with ISO/SAE 21434

IoTLogBlock: Recording Off-line Transactions of Low-Power IoT Devices Using a Blockchain

For any distributed system, and especially for the\ua0Internet of Things, recording interactions between devices is\ua0essential. At first glance, blockchains seem to be suitable for\ua0storing these interactions, as they allow multiple parties to share\ua0a distributed ledger. However, at a closer look, blockchains require heavy computations, large memory capacity, and alwayson communication to the cloud; these are three properties that\ua0are challenging for IoT devices with limited resources.In this paper, we present IoTLogBlock to address these challenges. IoTLogBlock connects resource-constrained IoT devices\ua0to the blockchain, and it consists of three building blocks jointly\ua0enabling recording transactions: a lightweight contract signing\ua0protocol, a blockchain network, and a smart contract. The\ua0contract signing protocol allows devices to interact locally to\ua0perform transactions, even if no communication to the cloud\ua0and the blockchain exists at that moment. At a later time, devices\ua0forward the stored transactions to the blockchain, where a smart\ua0contract ultimately verifies the transactions.We evaluate our design on low-power devices and quantify\ua0the performance in terms of memory, computation, and energy\ua0consumption. Our results show that a constrained device can\ua0create and sign a transaction within 3 s on average. Finally, we\ua0expose the devices to network scenarios with edge connections\ua0ranging from 10 s to over 2 h

TinyEVM: Off-Chain Smart Contracts on Low-Power IoT Devices

With the rise of the Internet of Things (IoT), billions of devices ranging from simple sensors to smart-phones will participate in billions of micropayments. However, current centralized solutions are unable to handle a massive number of micropayments from untrusted devices.Blockchains are promising technologies suitable for solving some of these challenges.Particularly, permissionless blockchains such as Ethereum and Bitcoin have drawn the attention of the research community.However, the increasingly large-scale deployments of blockchain reveal some of their scalability limitations. Prominent proposals to scale the payment system include off-chain protocols such as payment channels. However, the leading proposals assume powerful nodes with an always-on connection and frequent synchronization. These assumptions require in practice significant communication, memory, and computation capacity, whereas IoT devices face substantial constraints in these areas. Existing approaches also do not capture the logic and process of IoT, where applications need to process locally collected sensor data to allow for full use of IoT micro-payments.In this paper, we present TinyEVM, a novel system to generate and execute off-chain smart contracts based on sensor data.TinyEVM\u27s goal is to enable IoT devices to perform micro-payments and, at the same time, address the device constraints.We investigate the trade-offs of executing smart contracts on low-power IoT devices using TinyEVM.We test our system with 7,000 publicly verified smart contracts, where TinyEVM achieves to deploy 93 % of them without any modification.Finally, we evaluate the execution of off-chain smart contracts in terms of run-time performance, energy, and memory requirements on IoT devices.Notably, we find that low-power devices can deploy a smart contract in 215 ms on average, and they can complete an off-chain payment in 584 ms on average

Performance of deep neural networks on low-power IoT devices

Advances in deep learning have revolutionized machine learning by solving complex tasks such as image, speech, and text recognition. However, training and inference of deep neural networks are resource-intensive. Recently, researchers made efforts to bring inference to IoT edge and sensor devices which have become the prime data sources nowadays. However, running deep neural networks on low-power IoT devices is challenging due to their resource-constraints in memory, compute power, and energy. This paper presents a benchmark to grasp these trade-offs by evaluating three representative deep learning frameworks: uTensor, TF-Lite-Micro, and CMSIS-NN. Our benchmark reveals significant differences and trade-offs for each framework and its tool-chain: (1) We find that uTensor is the most straightforward framework to use, followed by TF-Micro, and then CMSIS-NN. (2) Our evaluation shows large differences in energy, RAM, and Flash footprints. For example, in terms of energy, CMSIS-NN is the most efficient, followed by TF-Micro and then uTensor, each with a significant gap

MicroTL: Transfer Learning on Low-Power IoT Devices

Deep Neural Networks (DNNs) on IoT devices are becoming readily available for classification tasks using sensor data like images and audio. However, DNNs are trained using extensive computational resources such as GPUs on cloud services, and once being quantized and deployed on the IoT device remain unchanged. We argue in this paper, that this approach leads to three disadvantages. First, IoT devices are deployed in real-world scenarios where the initial problem may shift over time (e.g., to new or similar classes), but without re-training, DNNs cannot adapt to such changes. Second, IoT devices need to use energy-preserving communication with limited reliability and network bandwidth, which can delay or restrict the transmission of essential training sensor data to the cloud. Third, collecting and storing training sensor data in the cloud poses privacy concerns. A promising technique to mitigate these concerns is to utilize on-device Transfer Learning (TL). However, bringing TL to resource-constrained devices faces challenges and tradeoffs in computational, energy, and memory constraints, which this paper addresses. This paper introduces MicroTL, Transfer Learning (TL) on low-power IoT devices. MicroTL tailors TL to IoT devices without the communication requirement with the cloud. Notably, we found that the MicroTL takes 3x less energy and 2.8x less time than transmitting all data to train an entirely new model in the cloud, showing that it is more efficient to retrain parts of an existing neural network on the IoT device