ASiMOV: Microservices-based verifiable control logic with estimable detection delay against cyber-attacks to cyber-physical systems

The automatic control in Cyber-Physical-Systems brings advantages but also increased risks due to cyber-attacks. This Ph.D. thesis proposes a novel reference architecture for distributed control applications increasing the security against cyber-attacks to the control logic. The core idea is to replicate each instance of a control application and to detect attacks by verifying their outputs. The verification logic disposes of an exact model of the control logic, although the two logics are decoupled on two different devices. The verification is asynchronous to the feedback control loop, to avoid the introduction of a delay between the controller(s) and system(s). The time required to detect a successful attack is analytically estimable, which enables control-theoretical techniques to prevent damage by appropriate planning decisions. The proposed architecture for a controller and an Intrusion Detection System is composed of event-driven autonomous components (microservices), which can be deployed as separate Virtual Machines (e.g., containers) on cloud platforms. Under the proposed architecture, orchestration techniques enable a dynamic re-deployment acting as a mitigation or prevention mechanism defined at the level of the computer architecture. The proposal, which we call ASiMOV (Asynchronous Modular Verification), is based on a model that separates the state of a controller from the state of its execution environment. We provide details of the model and a microservices implementation. Through the analysis of the delay introduced in both the control loop and the detection of attacks, we provide guidelines to determine which control systems are suitable for adopting ASiMOV. Simulations show the behavior of ASiMOV both in the absence and in the presence of cyber-attacks

An Open System for Collection and Automatic Recognition of Pottery through Neural Network Algorithms

In the last ten years, artificial intelligence (AI) techniques have been applied in archaeology. The ArchAIDE project realised an AI-based application to recognise archaeological pottery. Pottery is of paramount importance for understanding archaeological contexts. However, recognition of ceramics is still a manual, time-consuming activity, reliant on analogue catalogues. The project developed two complementary machine-learning tools to propose identifications based on images captured on-site, for optimising and economising this process, while retaining key decision points necessary to create trusted results. One method relies on the shape of a potsherd; the other is based on decorative features. For the shape-based recognition, a novel deep-learning architecture was employed, integrating shape information from points along the inner and outer profile of a sherd. The decoration classifier is based on relatively standard architectures used in image recognition. In both cases, training the algorithms meant facing challenges related to real-world archaeological data: the scarcity of labelled data; extreme imbalance between instances of different categories; and the need to take note of minute differentiating features. Finally, the creation of a desktop and mobile application that integrates the AI classifiers provides an easy-to-use interface for pottery classification and storing pottery data

MAPPA. Metodologie Applicate alla Predittività del Potenziale Archeologico. 2

La carta di potenziale archeologico della città di Pisa. L'algoritmo elaborato ad hoc per il calcolo del potenziale archeologico. Il MOD: il primo archivio italiano open data di documenti archeologici

Developing the ArchAIDE Application: A digital workflow for identifying, organising and sharing archaeological pottery using automated image recognition

Pottery is of fundamental importance for understanding archaeological contexts, facilitating the understanding of production, trade flows, and social interactions. Pottery characterisation and the classification of ceramics is still a manual process, reliant on analogue catalogues created by specialists, held in archives and libraries. The ArchAIDE project worked to streamline, optimise and economise the mundane aspects of these processes, using the latest automatic image recognition technology, while retaining key decision points necessary to create trusted results. Specifically, ArchAIDE worked to support classification and interpretation work (during both fieldwork and post-excavation analysis) with an innovative app for tablets and smartphones. This article summarises the work of this three-year project, funded by the European Union's Horizon 2020 Research and Innovation Programme under grant agreement N.693548, with a consortium of partners representing both the academic and industry-led ICT (Information and Communications Technology) domains, and the academic and development-led archaeology domains. The collaborative work of the archaeological and technical partners created a pipeline where potsherds are photographed, their characteristics compared against a trained neural network, and the results returned with suggested matches from a comparative collection with typical pottery types and characteristics. Once the correct type is identified, all relevant information for that type is linked to the new sherd and stored within a database that can be shared online. ArchAIDE integrated a variety of novel and best-practice approaches, both in the creation of the app, and the communication of the project to a range of stakeholders

Use of redundancy in the design of a secure software defined industrial control application

Industrial control applications are today software defined and networked making them even more vulnerable to cyber-attacks. Hence there is the need to investigate new solutions that are secure by design. In this paper, we address this challenge by proposing a model and an architecture for a controller that, by using redundancy, is capable of detecting cyber-attacks to its logic and that enables the implementation of mitigation and prevention mechanisms

ASiMOV: A self-protecting control application for the smart factory

The evolution of manufacturing systems into a smart factory brings advantages but also increased cyber-risks. This paper investigates the problem of intrusion detection and autonomous response to cyber-attacks targeting the control logic of industrial control applications for the smart factory. Specifically, we propose ASiMOV (Asynchronous Modular Verification), a self-protecting architecture for cyber–physical systems realizing a verifiable control application. ASiMOV is inspired by modular redundancy and leverages virtualization technologies to respond and to prevent cyber-attacks to the control logic. Using simulation experiments, we evaluate: the effects of an attack on an industrial control application enhanced by ASiMOV; the delay introduced by ASiMOV within a control loop; and the cyber-attack detection delay. Results show that, in the simulated scenario, the controller can work with a sampling rate of up to 200 Hertz. Any tampering with the control logic is detected without false positives/negatives in a time equal to the latency between the proposed control application and the proposed IDS (e.g., tens to hundreds of milliseconds)

A self-protecting control application for IIoT

Industrial control applications are today software defined and networked, making them even more vulnerable to cyber-attacks. Hence there is the need to investigate new solutions that are secure by design. In this paper, we propose a self-protecting architecture for a control application suitable for Industrial Internet-of-Things deployments. The proposed solution, by using redundancy, is capable of self-detecting cyberattacks to its logic and to autonomously activate mitigation actions

Opening the Past 2014. Immersive Archaeology. MapPapers 5/2014

Opening the Past means to tell the Past to the scientific community, but especially to the community of citizens to whom the archaeologists and more generally the operators of the Cultural Heritage should speak to. Tell in an engaging and immersive way means to capture the attention of the citizens towards their Past, to make them aware of the Cultural Heritage and to educate to protect it. Storytelling must necessarily be at the center of what we call public archeology. Archeology, although it is a humanistic discipline, has abdicated to the storytelling and failed to form adequate expertise in this field. Nowadays, it is increasingly necessary that the archaeologists tell the archeology, using new and old media, social networks, virtual reality, and seeking new way such as those related to open data, maker culture ,gamification, and sharing to produce a story more and more immersive

MAPPA Data Book 1

Primo progetto italiano di Data Book, in linea con i più avanzati progetti internazionali di condivisione dei dati della ricerca, unisce un livello più tradizionale di sintesi interpretativa, in cui sono sintetizzati i dati raccolti negli scavi archeologici all'interno di un quadro di ricostruzione storica, a un livello più innovativo, in cui i “dati grezzi” (schede US, planimetrie e sezioni, foto, diagrammi stratigrafici, relazioni preliminari ecc.), che sono alla base delle interpretazioni e delle ricostruzioni proposte, sono pubblicati in un archivio digitale open data. Il primo MAPPA Databook è dedicato a ricerche di archeologia urbana