Biblio

Drone based applications have progressed significantly in recent years across many industries, including agriculture. This paper proposes a sporadically connected cyber-physical system for assisting winemakers and minimizing the travel time to remote and poorly connected infrastructures. A set of representative diseases and conditions, which will be monitored by land-bound sensors in combination with multispectral images, is identified. To collect accurate data, a trustworthy and secured communication of the drone with the sensors and the base station should be established. We propose to use an Internet of Things framework for establishing a chain of trust by securely onboarding drones, sensors and base station, and providing self-adaptation support for the use case. Furthermore, we perform a security analysis of the use case for identifying potential threats and security controls that should be in place for mitigating them.

Increasingly, the transportation industry has moved towards automation to improve safety, fuel efficiency, and system productivity. However, the increased scrutiny that automated vehicles (AV) face over functional safety has hindered the industry's unbridled confidence in self-driving technologies. As AVs are cyber-physical systems, they utilize distributed control to accomplish a range of safety-critical driving tasks. The Operation Systems (OS) serve as the core of these control systems. Therefore, their designs and implementation must incorporate ways to protect AVs against what must be assumed to be inevitable cyberattacks to meet the overall AV functional safety requirements. This paper investigates the connection between functional safety and cybersecurity in the context of OS. This study finds that risks due to delays can worsen by potential cybersecurity vulnerabilities through a case example of an automated vehicle following. Furthermore, attack surfaces and cybersecurity countermeasures for protecting OSs from security breaches are addressed.

Networked control design is essential to enable normal operation and further accomplish performance improvement of the cyber-physical systems. In this work, a resilient control scheme is presented for the networked nonlinear system under the denial-of-service (DoS) attack and the system uncertainty. Through synthesizing a self regulation system, this scheme is capable of releasing the prescribed performance when attack is active and recovering that in finite-time after the attack is slept. Meanwhile, the neural network is employed to approximate the system uncertainty. Particularly, the update law possesses the non-certainty-equivalent (NCE) structure, and then the impact of the DoS attack is totally isolated. Finally, the numerical simulation is presented to illustrate the effectiveness and benefits of the estimation scheme and the control design.

Electromagnetic emissions associated with the transmission of automotive controller area network (CAN) messages within a passenger car have been analysed and used to reconstruct the original CAN messages. Concurrent monitoring of the CAN traffic via a wired connection to the vehicle OBD-II port was used to validate the effectiveness of the reconstruction process. These results confirm the feasibility of reconstructing in-vehicle network data for forensic purposes, without the need for wired access, at distances of up to 1 m from the vehicle by using magnetic field measurements, and up to 3 m using electric field measurements. This capability has applications in the identification and resolution of EMI issues in vehicle data network, as well as possible implications for automotive cybersecurity.

Cyber-Physical systems (CPSs) are exposed to cyber- physical attacks, i.e., security breaches in cyberspace that adversely affect the physical processes of the systems.We define two probabilistic metrics to estimate the physical impact of attacks targeting cyber-physical systems formalised in terms of a probabilistic hybrid extension of Hennessy and Regan's Timed Process Language. Our impact metrics estimate the impact of cyber-physical attacks taking into account: (i) the severity of the inflicted damage in a given amount of time, and (ii) the probability that these attacks are actually accomplished, according to the dynamics of the system under attack. In doing so, we pay special attention to stealthy attacks, i. e., attacks that cannot be detected by intrusion detection systems. As further contribution, we show that, under precise conditions, our metrics allow us to estimate the impact of attacks targeting a complex CPS in a compositional way, i.e., in terms of the impact on its sub-systems.

Recent technological advances in developing intelligent telecommunication networks, ultra-compact bendable wireless transceiver chips, adaptive wearable sensors and actuators, and secure computing infrastructures along with the progress made in psychology and neuroscience for understanding neu-rocognitive and computational principles of human behavior combined have paved the way for a new field of research: Tactile Internet with Human-in-the-Loop (TaHiL). This emerging field of transdisciplinary research aims to promote next generation digitalized human-machine interactions in perceived real time. To achieve this goal, mechanisms and principles of human goal-directed multisensory perception and action need to be integrated into technological designs for breakthrough innovations in mobile telecommunication, electronics and materials engineering, as well as computing. This overview highlights key challenges and the frontiers of research in the new field of TaHiL. Revolutionizing the current Internet as a digital infrastructure for sharing visual and auditory information globally, the TaHiL research will enable humans to share tactile and haptic information and thus veridically immerse themselves into virtual, remote, or inaccessible real environments to exchange skills and expertise with other humans or machines for applications in medicine, industry, and the Internet of Skills.

Modern electric power systems are complex cyber-physical systems. The integration of traditional power and digital technologies result in interdependencies that need to be considered in risk analysis. In this paper we argue the need for analysis methods that can combine the competencies of various experts in a common analysis focusing on the overall system perspective. We report on our experiences on using the Vulnerability Analysis Framework (VAF) and bow-tie diagrams in a combined analysis of the power and cyber security aspects in a realistic case. Our experiences show that an extended version of VAF with increased support for interdependencies is promising for this type of analysis.

An image hiding algorithm based on bit plane and two-dimensional code is proposed in this paper. The main characteristic of information hiding is to use the information redundant data of the existing image, to embed the information into these redundant data by the information hiding algorithm, or to partially replace redundant information with information to be embedded to achieve a visual invisible purpose. We first analyze the color index usage frequency of the block index matrix in the algorithm, and calculate the distance between the color of the block index matrix with only one color and the other color in the palette that is closest to the color. Then, the QR model and the compression model are applied to improve the efficiency. We compare the proposed model with the stateof-the-art models.

This research presented a digital watermarking scheme using multi-level authentication for protecting QR code images in order to provide security and authenticity. This research focuses on the improved digital watermarking scheme for QR code security that can protect the confidentiality of the information stored in QR code images from the public. Information modification, malicious attack, and copyright violation may occur due to weak security and disclosure pattern of QR code. Digital watermarking can be a solution to reduce QR code imitation and increase QR code security and authenticity. The objectives of this research are to provide QR code image authentication and security, tamper localization, and recovery scheme on QR code images. This research proposed digital watermarking for QR code images based on multi-level authentication with Least Significant Bit (LSB) and SHA-256 hash function. The embedding and extracting watermark utilized region of Interest (ROI) and Region of Non-Interest (RONI) in the spatial domain for improving the depth and width of QR code application in the anti-counterfeiting field. The experiments tested the reversibility and robustness of the proposed scheme after a tempered watermarked QR code image. The experimental results show that the proposed scheme provides multi-level security, withstands tampered attacks and it provided high imperceptibility of QR code image.

Modbus is a popular industrial communication protocol supported by most automation devices. Despite its popularity, it is not a secure protocol because when it was developed, security was not a concern due to closed environments of industrial control systems. With the convergence of information technology and operational technology in recent years, the security of industrial control systems has become a serious concern. Due to the high availability requirements, it is not practical or feasible to do security experimentation of production systems. We present an implementation of cyber-physical systems with Modbus/TCP communication for real-time security testing. The proposed architecture consists of a process simulator, an IEC 61131-3 compliant programmable logic controller, and a human-machine interface, all communicating via Modbus/TCP protocol. We use Simulink as the process simulator. It does not have built-in support for the Modbus protocol. A contribution of the proposed work is to extend the functionality of Simulink with a custom block to enable Modbus communication. We use two case studies to demonstrate the utility of the cyber-physical system architecture. We can model complex industrial processes with this architecture, can launch cyber-attacks, and develop protection mechanisms.

In today’s world, Supervisory Control and Data Acquisition (SCADA) networks have many critical tasks, including managing infrastructure such as power, water, and sewage systems, and controlling automated manufacturing and transportation systems. Securing these systems is crucial. Here we describe a project to design security into an example system using formal specifications. Our example system is a component in a cybersecurity testbed at the University of Cincinnati, which was described in previous work. We also show how a design flaw can be discovered and corrected early in the system development process.

Cyber-Physical Systems (CPS) suffer from extendable vulnerabilities due to the convergence of the physical world with the cyber world, which makes it victim to a number of sophisticated cyber-attacks. The motives behind such attacks range from criminal enterprises to military, economic, espionage, political, and terrorism-related activities. Many governments are more concerned than ever with securing their critical infrastructure. One of the effective means of detecting threats and securing their infrastructure is the use of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). A number of studies have been conducted and proposed to assess the efficacy and effectiveness of IDS through the use of self-learning techniques, especially in the Industrial Control Systems (ICS) era. This paper investigates and analyzes the utilization of IDS systems and their proposed solutions used to enhance the effectiveness of such systems for CPS. The targeted data extraction was from 2011 to 2021 from five selected sources: IEEE, ACM, Springer, Wiley, and ScienceDirect. After applying the inclusion and exclusion criteria, 20 primary studies were selected from a total of 51 studies in the field of threat detection in CPS, ICS, SCADA systems, and the IoT. The outcome revealed the trends in recent research in this area and identified essential techniques to improve detection performance, accuracy, reliability, and robustness. In addition, this study also identified the most vulnerable target layer for cyber-attacks in CPS. Various challenges, opportunities, and solutions were identified. The findings can help scholars in the field learn about how machine learning (ML) methods are used in intrusion detection systems. As a future direction, more research should explore the benefits of ML to safeguard cyber-physical systems.

This paper presents LIRA-V, a lightweight system for performing remote attestation between constrained devices using the RISC-V architecture. We propose using read-only memory and the RISC-V Physical Memory Protection (PMP) primitive to build a trust anchor for remote attestation and secure channel creation. Moreover, we show how LIRA-V can be used for trusted communication between two devices using mutual attestation. We present the design, implementation and evaluation of LIRA-V using an off-the-shelf RISC-V microcontroller and present performance results to demonstrate its suitability. To our knowledge, we present the first remote attestation mechanism suitable for constrained RISC-V devices, with applications to cyber-physical systems and Internet of Things (IoT) devices.

Naval vessels infrastructures are evolving towards increasingly connected and automatic systems. Such accelerated complexity boost to search for more adapted and useful navigation devices may be at odds with cybersecurity, making necessary to develop adapted analysis solutions for experts. This paper introduces a novel process to visualize and analyze naval Cyber-Physical Systems (CPS) using oriented graphs, considering operational constraints, to represent physical and functional connections between multiple components of CPS. Rapid prototyping of interconnected components is implemented in a semi-automatic manner by defining the CPS’s digital and physical systems as nodes, along with system variables as edges, to form three layers of an oriented graph, using the open-source Neo4j software suit. The generated multi-layer graph can be used to support cybersecurity analysis, like attacks simulation, anomaly detection and propagation estimation, applying existing or new algorithms.

Due to the insufficient awareness of decision makers on the security risks of industrial cyber-physical systems(ICPS) under cyber-attacks, it is difficult to take effective defensive measures according to the characteristics of different cyber-attacks in advance. To solve the above problem, this paper gives a qualitative analysis method of ICPS security risk from the perspective of defenders. The ICPS being attacked is modeled as a dynamic closed-loop fusion model where the mathematical models of the physical plant and the feedback controller are established. Based on the fusion model, the disruption resources generated by attacks are mathematically described. Based on the designed Kalman filter, the detection of attacks is judged according to the residual value of the system. According to the disruption resources and detectability, a general security risk level model is further established to evaluate the security risk level of the system under attacks. The simulation experiments are conducted by using Matlab to analyze the destructiveness and detectability of attacks, where the results show that the proposed qualitative analysis method can effectively describe the security risk under the cyber-attacks.

In the multivariable fault diagnosis of industrial process, due to the existence of correlation between variables, the result of fault diagnosis will inevitably appear "smearing" effect. Although the fault diagnosis method based on the contribution of multi-dimensional reconstruction is helpful when multiple faults occur. But in order to correctly isolate all the fault variables, this method will become very inefficient due to the combination of variables. In this paper, a fault diagnosis method based on kNN and MRBC is proposed to fundamentally avoid the corresponding influence of "smearing", and a fast variable selection strategy is designed to accelerate the process of fault isolation. Finally, simulation study on a benchmark process verifies the effectiveness of the method, in comparison with the traditional method represented by FDA-based method.

The output of rolling bearings, as one of the most widely used support elements, has a significant impact on the equipment's stability and protection. Automatic and effective mining of features representing performance condition plays an important role in ensuring its reliability. However, in the actual process, there are often differences in the quality of features extracted from feature engineering, and this difference cannot be evaluated by commonly used methods, such as correlation metric and monotonicity metric. In order to accurately and automatically evaluate and select effective features, a novel assessment metric is established based on the attributes of the feature itself. Firstly, the features are extracted from different domains, which contain differential information, and a feature set is constructed. Secondly, the performances of the features are evaluated and selected based on internal distance and external distance, which is a novel feature evaluation model for classification task. Finally, an adaptive boosting strategy that combines multiple weak learners is adopted to achieve the fault identification at different severities and orientations. One experimental bearing dataset is adopted to analyze, and effectiveness and accuracy of proposed metric index is verified.

The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for different accounts, administrators never check password files for flaws that might lead to a successful cracking, and the lack of a tight security policy regarding regular password replacement are a few problems that need to be addressed. The proposed research work aims at enhancing this security mechanism, prevent penetrations, password theft, and attempted break-ins towards securing computing systems. The selected solution approach is two-folded; it implements a two-factor authentication scheme to prevent unauthorized access, accompanied by Honeyword principles to detect corrupted or stolen tokens. Both can be integrated into any platform or web application with the use of QR codes and a mobile phone.

In this paper, we propose a deep learning based detection for multiple input multiple output (MIMO) physical-layer network coding (DeepPNC) over two way relay channels (TWRC). In MIMO-PNC, the relay node receives the signals superimposed from the two end nodes. The relay node aims to obtain the network-coded (NC) form of the two end nodes' signals. By training suitable deep neural networks (DNNs) with a limited set of training samples. DeepPNC can extract the NC symbols from the superimposed signals received while the output of each layer in DNNs converges. Compared with the traditional detection algorithms, DeepPNC has higher mapping accuracy and does not require channel information. The simulation results show that the DNNs based DeepPNC can achieve significant gain over the DeepNC scheme and the other traditional schemes, especially when the channel matrix changes unexpectedly.

Cyber-Physical Systems (CPS) underpin global critical infrastructure, including power, water, gas systems and smart grids. CPS, as a technology platform, is unique as a target for Advanced Persistent Threats (APTs), given the potentially high impact of a successful breach. Additionally, CPSs are targets as they produce significant amounts of heterogeneous data from the multitude of devices and networks included in their architecture. It is, therefore, essential to develop efficient privacy-preserving techniques for safeguarding system data from cyber attacks. This paper introduces a comprehensive review of the current privacy-preserving techniques for protecting CPS systems and their data from cyber attacks. Concepts of Privacy preservation and CPSs are discussed, demonstrating CPSs' components and the way these systems could be exploited by either cyber and physical hacking scenarios. Then, classification of privacy preservation according to the way they would be protected, including perturbation, authentication, machine learning (ML), cryptography and blockchain, are explained to illustrate how they would be employed for data privacy preservation. Finally, we show existing challenges, solutions and future research directions of privacy preservation in CPSs.

A Quick Response (QR) Code is a type of barcode that can be read by the digital devices and which stores the information in a square-shaped. The QR Code readers can extract data from the patterns which are presented in the QR Code matrix. A QR Code can be acting as an attack vector that can harm indirectly. In such case a QR Code can carry malicious or phishing URLs and redirect users to a site which is well conceived by the attacker and pretends to be an authorized one. Once the QR Code is decoded the commands are triggered and executed, causing damage to information, operating system and other possible sequence the attacker expects to gain. In this paper, a new model for QR Code authentication and phishing detection has been presented. The proposed model will be able to detect the phishing and malicious URLs in the process of the QR Code validation as well as to prevent the user from validating it. The development of this application will help to prevent users from being tricked by the harmful QR Codes.

Autonomous cyber-physical systems (CPS) are susceptible to non-invasive physical attacks such as sensor spoofing attacks that are beyond the classical cybersecurity domain. These attacks have motivated numerous research efforts on attack detection, but little attention on what to do after detecting an attack. The importance of attack recovery is emphasized by the need to mitigate the attack’s impact on a system and restore it to continue functioning. There are only a few works addressing attack recovery, but they all rely on prior knowledge of system dynamics. To overcome this limitation, we propose Recovery-by-Learning, a data-driven attack recovery framework that restores CPS from sensor attacks. The framework leverages natural redundancy among heterogeneous sensors and historical data for attack recovery. Specially, the framework consists of two major components: state predictor and data checkpointer. First, the predictor is triggered to estimate systems states after the detection of an attack. We propose a deep learning-based prediction model that exploits the temporal correlation among heterogeneous sensors. Second, the checkpointer executes when no attack is detected. We propose a double sliding window based checkpointing protocol to remove compromised data and keep trustful data as input to the state predictor. Third, we implement and evaluate the effectiveness of our framework using a realistic data set and a ground vehicle simulator. The results show that our method restores a system to continue functioning in presence of sensor attacks.

Industry 4.0 is now much more than just a buzzword. However, with the advancement of automation through digitization and softwarization of dedicated hardware, applications are also becoming more susceptible to random hardware errors in the calculation. This cyber-physical demonstrator uses a robotic application to show the effects that even single bit flips can have in the real world due to hardware errors. Using the graphical user interface including the human machine interface, the audience can generate hardware errors in the form of bit flips and see their effects live on the robot. In this paper we will be showing a new technology, the SIListra Safety Transformer (SST), that makes it possible to detect those kind of random hardware errors, which can subsequently make safety-critical applications more reliable.

This paper is about the estimation of the cyber-resilience of CPS. We define two new resilience estimation metrics: k-steerability and l-monitorability. They aim at assisting designers to evaluate and increase the cyber-resilience of CPS when facing stealthy attacks. The k-steerability metric reflects the ability of a controller to act on individual plant state variables when, at least, k different groups of functionally diverse input signals may be processed. The l-monitorability metric indicates the ability of a controller to monitor individual plant state variables with l different groups of functionally diverse outputs. Paired together, the metrics lead to CPS reaching (k,l)-resilience. When k and l are both greater than one, a CPS can absorb and adapt to control-theoretic attacks manipulating input and output signals. We also relate the parameters k and l to the recoverability of a system. We define recoverability strategies to mitigate the impact of perpetrated attacks. We show that the values of k and l can be augmented by combining redundancy and diversity in hardware and software, in order to apply the moving target paradigm. We validate the approach via simulation and numeric results.

Cyber-physical systems are used in many areas of human life. But people do not pay enough attention to ensuring the security of these systems. As a result of the resulting security gaps, an attacker can launch an attack, not only shutting down the system, but also having some negative impact on the environment. The article examines denial of service attacks in ad-hoc networks, conducts experiments and considers the consequences of their successful execution. As a result of the research, it was determined that an attack can be detected by changes in transmitted traffic and processor load. The cyber-physical system operates on stable algorithms, and even if legal changes occur, they can be easily distinguished from those caused by the attack. The article shows that the use of statistical methods for analyzing traffic and other parameters can be justified for detecting an attack. This study shows that each attack affects traffic in its own way and creates unique patterns of behavior change. The experiments were carried out according to methodology with changings in the intensity of the attacks, with a change in normal behavior. The results of this study can further be used to implement a system for detecting attacks on cyber-physical systems. The collected datasets can be used to train the neural network.