Industrial networks and IIoT: Now and future trends

Connectivity is the one word summary for Industry 4.0 revolution. The importance of Internet of Things (IoT) and Industrial IoT (IIoT) have been increased dramatically with the rise of industrialization and industry 4.0. As new opportunities bring their own challenges, with the massive interconnected devices of the IIoT, cyber security of those networks and privacy of their users have become an important aspect. Specifically, intrusion detection for industrial networks (IIoT) has great importance. For instance, it is a key factor in improving the safe operation of the smart grid systems yet protecting the privacy of the consumers at the same time. In the same manner, data streaming is a valid option when the analysis is to be pushed from the cloud to the fog for industrial networks to provide agile response, since it brings the advantage of fast action on intrusion detection and also can buy time for intrusion mitigation. In order to dive deep in industrial networks, basic ground needs to be settled. Hence, this chapter serves in this manner, by presenting basic and emerging technologies along with ideas and discussions: First, an introduction of semiconductor evolution is provided along with the up-to-date hi-tech wired/wireless communication solutions for industrial networks. This is followed by a thorough representation of future trends in industrial environments. More importantly, enabling technologies for industrial networks is also presented. Finally, the chapter is concluded with a summary of the presentations along with future projections of IIoT networks

Model-based validation of CANopen systems

International audienceCANopen is an increasingly popular protocol for the design of networked embedded systems. Nonetheless, the large variety of communication and network management functionalities supported in CANopen can increase significantly systems complexity and in turn, the needs for system validation at design time. We present hereafter a rigorous method based on formal modeling and verification techniques, allowing to provide a comprehensive analysis of CANopen systems. Our method uses BIP, a formal framework for modeling, analysis and implementation of real-time, heterogeneous, component-based systems and the associated BIP tools for simulation, performance evaluation and statistical model-checking

A model-based design flow for CAN-based systems

International audienceThis paper introduces a novel approach for systematical development of CAN-based systems with guaranteed functional correctness and optimal performance. This approach relies on formal methods for faithful modeling and analysis of such systems, whilst taking into consideration the effects of critical parameters, such as bit stuffing and buffer utilization. As a proof of concept, the approach has been applied on existing benchmarks simulating realistic automotive networks. The results are similar to ones obtained using domain-specific tools e.g. NETCARBENCH. Moreover, this work creates new perspectives and reveals potential application for the generation of optimal device configurations for the recently developed CAN FD protocol

Using BIP to reinforce correctness of resource-constrained IoT applications

International audienceIoT applications have either a sense-only or a sense-compute-actuate goal and they implement a capability to process and respond to multiple (external) events while performing computations. Existing IoT operating systems provide a versatile execution environment that adheres to the limitations of the interconnected resource-constrained devices. To reduce the development effort, applications are often built on top of RESTful web services, which can be shared and reused. However, the asynchronous communication between remote nodes is prone to event scheduling delays, which cannot be predicted and taken into account while programming the application. Moreover, to avoid long delays in message processing and communication due to packet collisions, the data transmission frequencies between the system's nodes have to carefully chosen. In general, even when appropriate debugging tools and simulators are available, it is still a hard challenge to guarantee the required functional and non-functional properties at the application and system levels. To this end, we focus on IoT applications for the Contiki OS and we introduce a model-based rigorous analysis approach using the BIP component framework. At the application level, we verify qualitative properties regarding service responsiveness, whereas at the system level we can validate qualitative and quantitative properties using statistical model checking. We present results for an application scenario running on a distributed system infrastructure with nodes executing the Contiki OS

Building distributed sensor network applications using BIP

International audienceThe exponential increase in the demands for the deployment of large-scale sensor networks, makes the efficient development of functional applications necessary. Nevertheless, the existence of scarce resources and the derived application complexity, impose significant constraints and requires high design expertise. Consequently, the probability of discovering design errors, once the application is implemented, is considerably high. To address these issues, there is a need for the availability of early-stage validation, performance evaluation and rapid prototyping techniques at design time. In this paper we present a novel approach for the co-design of mixed software/hardware applications for distributed sensor network systems. This approach uses BIP, a formal framework facilitating modeling, analysis and implementation of real-time embedded, heterogeneous systems. Our approach is illustrated through the modeling and deployment of a Wireless Multimedia Sensor Network (WMSN) application. We emphasize on its merits, notably validation of functional and non-functional requirements through statistical model-checking and automatic code generation for sensor network platforms

PHOENI2X -- A European Cyber Resilience Framework With Artificial-Intelligence-Assisted Orchestration, Automation and Response Capabilities for Business Continuity and Recovery, Incident Response, and Information Exchange

As digital technologies become more pervasive in society and the economy, cybersecurity incidents become more frequent and impactful. According to the NIS and NIS2 Directives, EU Member States and their Operators of Essential Services must establish a minimum baseline set of cybersecurity capabilities and engage in cross-border coordination and cooperation. However, this is only a small step towards European cyber resilience. In this landscape, preparedness, shared situational awareness, and coordinated incident response are essential for effective cyber crisis management and resilience. Motivated by the above, this paper presents PHOENI2X, an EU-funded project aiming to design, develop, and deliver a Cyber Resilience Framework providing Artificial-Intelligence-assisted orchestration, automation and response capabilities for business continuity and recovery, incident response, and information exchange, tailored to the needs of Operators of Essential Services and the EU Member State authorities entrusted with cybersecurity

ELECTRON: An Architectural Framework for Securing the Smart Electrical Grid with Federated Detection, Dynamic Risk Assessment and Self-Healing

The electrical grid has significantly evolved over the years, thus creating a smart paradigm, which is well known as the smart electrical grid. However, this evolution creates critical cybersecurity risks due to the vulnerable nature of the industrial systems and the involvement of new technologies. Therefore, in this paper, the ELECTRON architecture is presented as an integrated platform to detect, mitigate and prevent potential cyberthreats timely. ELECTRON combines both cybersecurity and energy defence mechanisms in a collaborative way. The key aspects of ELECTRON are (a) dynamic risk assessment, (b) asset certification, (c) federated intrusion detection and correlation, (d) Software Defined Networking (SDN) mitigation, (e) proactive islanding and (f) cybersecurity training and certification

Design flow for the rigorous development of networked embedded systems

Au cours des dernières années, l'utilisation d’appareils embarqués a augmenté rapidement en raison de la commodité qu'ils offrent dans la vie quotidienne. Les appareils embarqués se caractérisent par leur petite taille, leur portabilité ainsi que leur capacité d'échanger des données avec d'autres appareils grâce à leur service de communication réseau. L'analyse du comportement et les interactions entre ces appareils a abouti dans l'établissement d’un nouveau type de système, appelé systèmes embarqués en réseau.En tant que la popularité actuelle des systèmes embarqués en réseau grandissent, il y a une tendance de relever leurs défis de conception existants afin de développer d'applications fonctionnelles. Ces défis concernent l'utilisation de leurs ressources matérielles limitées (p.ex. la mémoire du processeur, l'unité d'alimentation) et l'hétérogénéité du système en termes de logiciel, de matériel et aussi des mécanismes d'interaction entre les appareils. A cet effet, dans cette thèse nous présentons une approche rigoureuse considérant tous les défis grâce à un flot de conception basée sur techniques de modélisation. Le flot utilise le formalisme BIP pour la construction hiérarchique de systèmes autour de composants et il est facilement utilisé, car chaque étape est entièrement automatisée par des outils et méthodes développés. En plus, ce flot perme la simulation des systèmes à chaque étape de développement, la vérification par l'exploration de l'espace de conception, la génération de code et la calibration des modèles développés, afin de présenter fidèlement le système réel. Les modèles calibrés peuvent analyser la performance de system et aussi valider des exigences sur le system. Finalement, les résultats d'analyse de performance peuvent apporter des améliorations sur la conception de système cible.Notre approche est présenté sur plusieurs bien connus domaines applicatifs des systèmes embarqués en réseau, comme les systèmes automobiles, les systèmes de l'automation industrielle, les systèmes de réseaux de capteurs sans fil (WSN systèmes) et les systèmes pour l'internet des objets (IoT systèmes). Chaque domaine inclut différentes caractéristiques et technologies, mais dispose également différent défis. Ces défis sont considérés par les outils développés pour chaque domaine, qui sont validées contre les outils existantes, comme MATLAB/Simulink, RTaW-Sim, OPNET Modeler et Cooja. La validation se fait grâce à les cas d’études sur les applications industrielles ou les benchmark réalistes des systèmes embarqués en réseau. Nos expérimentations illustrent le soutien d'une meilleure analyse par les outils développés en fournissant d'abord résultats similaires pendant la simulation et en plus les capacités de génération automatique de code et la vérification des exigences.Over the latest years the use of embedded devices has expanded rapidly due to the convenience they offer in daily life. Embedded devices are characterized by their tiny size, their portability as well as their ability to exchange data with other devices through a dedicated network unit. The analysis of the behavior and interactions between such devices lead to the emergence of a new system type, called networked embedded systems.As the current popularity of networked embedded systems grows, there is a trend for addressing their existing design challenges in the development of functional applications. These challenges relate to the use of their limited hardware resources (e.g. processor memory, power unit) and the system heterogeneity in terms of software, hardware as well as communication mechanisms between the embedded devices. To this end, in this thesis we present a rigorous approach considering all the design challenges through a model-based design flow. The flow uses BIP as an underlying framework for the hierarchical construction of component-based systems and it is easily employed, as each step is fully supported by developed tools and methods. Its benefits include early-stage simulation and testing, verification of functional correctness, generation of deployable code and collection of performance data from real executions, in order to calibrate the developed models. Calibrated models represent faithfully the real system and can analyze system performance as well as evaluate accurately system requirements. Additionally, performance analysis results may provide design enhancements in the target system.Our approach is demonstrated in several well-known application domains of networked embedded systems, namely the automotive, industrial automation, Wireless Sensor Network (WSN) and Internet of Things (IoT) systems. Each domain includes different characteristics and technologies, but also features different challenges. These challenges are considered by developed tools for each domain, which are validated against existing domain-specific, such as MATLAB/Simulink, RTaW-Sim, OPNET Modeler and Cooja. The validation is facilitated through case-studies in industrial or benchmark networked embedded systems. Our experiments illustrate the support of a better fine-grained analysis from the developed tools by initially providing similar simulation results and additionally offering capabilities for automated code generation as well as requirement verification