Visible to the public Biblio

Filters: Keyword is Industry 4.0  [Clear All Filters]
2023-02-17
Rahman, Anichur, Hasan, Kamrul, Jeong, Seong–Ho.  2022.  An Enhanced Security Architecture for Industry 4.0 Applications based on Software-Defined Networking. 2022 13th International Conference on Information and Communication Technology Convergence (ICTC). :2127–2130.
Software-Defined Networking (SDN) can be a good option to support Industry 4.0 (4IR) and 5G wireless networks. SDN can also be a secure networking solution that improves the security, capability, and programmability in the networks. In this paper, we present and analyze an SDN-based security architecture for 4IR with 5G. SDN is used for increasing the level of security and reliability of the network by suitably dividing the whole network into data, control, and applications planes. The SDN control layer plays a beneficial role in 4IR with 5G scenarios by managing the data flow properly. We also evaluate the performance of the proposed architecture in terms of key parameters such as data transmission rate and response time.
ISSN: 2162-1241
2023-01-20
Raptis, Theofanis P., Cicconetti, Claudio, Falelakis, Manolis, Kanellos, Tassos, Lobo, Tomás Pariente.  2022.  Design Guidelines for Apache Kafka Driven Data Management and Distribution in Smart Cities. 2022 IEEE International Smart Cities Conference (ISC2). :1–7.
Smart city management is going through a remarkable transition, in terms of quality and diversity of services provided to the end-users. The stakeholders that deliver pervasive applications are now able to address fundamental challenges in the big data value chain, from data acquisition, data analysis and processing, data storage and curation, and data visualisation in real scenarios. Industry 4.0 is pushing this trend forward, demanding for servitization of products and data, also for the smart cities sector where humans, sensors and devices are operating in strict collaboration. The data produced by the ubiquitous devices must be processed quickly to allow the implementation of reactive services such as situational awareness, video surveillance and geo-localization, while always ensuring the safety and privacy of involved citizens. This paper proposes a modular architecture to (i) leverage innovative technologies for data acquisition, management and distribution (such as Apache Kafka and Apache NiFi), (ii) develop a multi-layer engineering solution for revealing valuable and hidden societal knowledge in smart cities environment, and (iii) tackle the main issues in tasks involving complex data flows and provide general guidelines to solve them. We derived some guidelines from an experimental setting performed together with leading industrial technical departments to accomplish an efficient system for monitoring and servitization of smart city assets, with a scalable platform that confirms its usefulness in numerous smart city use cases with different needs.
2022-11-08
Mode, Gautam Raj, Calyam, Prasad, Hoque, Khaza Anuarul.  2020.  Impact of False Data Injection Attacks on Deep Learning Enabled Predictive Analytics. NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium. :1–7.
Industry 4.0 is the latest industrial revolution primarily merging automation with advanced manufacturing to reduce direct human effort and resources. Predictive maintenance (PdM) is an industry 4.0 solution, which facilitates predicting faults in a component or a system powered by state-of-the- art machine learning (ML) algorithms (especially deep learning algorithms) and the Internet-of-Things (IoT) sensors. However, IoT sensors and deep learning (DL) algorithms, both are known for their vulnerabilities to cyber-attacks. In the context of PdM systems, such attacks can have catastrophic consequences as they are hard to detect due to the nature of the attack. To date, the majority of the published literature focuses on the accuracy of DL enabled PdM systems and often ignores the effect of such attacks. In this paper, we demonstrate the effect of IoT sensor attacks (in the form of false data injection attack) on a PdM system. At first, we use three state-of-the-art DL algorithms, specifically, Long Short-Term Memory (LSTM), Gated Recurrent Unit (GRU), and Convolutional Neural Network (CNN) for predicting the Remaining Useful Life (RUL) of a turbofan engine using NASA's C-MAPSS dataset. The obtained results show that the GRU-based PdM model outperforms some of the recent literature on RUL prediction using the C-MAPSS dataset. Afterward, we model and apply two different types of false data injection attacks (FDIA), specifically, continuous and interim FDIAs on turbofan engine sensor data and evaluate their impact on CNN, LSTM, and GRU-based PdM systems. The obtained results demonstrate that FDI attacks on even a few IoT sensors can strongly defect the RUL prediction in all cases. However, the GRU-based PdM model performs better in terms of accuracy and resiliency to FDIA. Lastly, we perform a study on the GRU-based PdM model using four different GRU networks with different sequence lengths. Our experiments reveal an interesting relationship between the accuracy, resiliency and sequence length for the GRU-based PdM models.
2022-08-10
Bahel, Vedant, Mishra, Arunesh.  2021.  CI-MCMS: Computational Intelligence Based Machine Condition Monitoring System. 2021 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE). :489—493.
Earlier around in year 1880’s, Industry 2.0 marked as change to the society caused by the invention of electricity. In today’s era, artificial intelligence plays a crucial role in defining the period of Industry 4.0. In this research study, we have presented Computational Intelligence based Machine Condition Monitoring system architecture for determination of developing faults in industrial machines. The goal is to increase efficiency of machines and reduce the cost. The architecture is fusion of machine sensitive sensors, cloud computing, artificial intelligence and databases, to develop an autonomous fault diagnostic system. To explain CI-MCMs, we have used neural networks on sensor data obtained from hydraulic system. The results obtained by neural network were compared with those obtained from traditional methods.
2022-06-10
Kropp, Alexander, Schwalbe, Mario, Tsokalo, Ievgenii A., Süβkraut, Martin, Schmoll, Robert-Steve, Fitzek, Frank H.P..  2021.  Reliable Control for Robotics - Hardware Resilience Powered by Software. 2021 IEEE 18th Annual Consumer Communications Networking Conference (CCNC). :1–2.
Industry 4.0 is now much more than just a buzzword. However, with the advancement of automation through digitization and softwarization of dedicated hardware, applications are also becoming more susceptible to random hardware errors in the calculation. This cyber-physical demonstrator uses a robotic application to show the effects that even single bit flips can have in the real world due to hardware errors. Using the graphical user interface including the human machine interface, the audience can generate hardware errors in the form of bit flips and see their effects live on the robot. In this paper we will be showing a new technology, the SIListra Safety Transformer (SST), that makes it possible to detect those kind of random hardware errors, which can subsequently make safety-critical applications more reliable.
2022-04-19
Mosteiro-Sanchez, Aintzane, Barcelo, Marc, Astorga, Jasone, Urbieta, Aitor.  2021.  Multi-Layered CP-ABE Scheme for Flexible Policy Update in Industry 4.0. 2021 10th Mediterranean Conference on Embedded Computing (MECO). :1–4.
Industry 4.0 connectivity requires ensuring end-to-end (E2E) security for industrial data. This requirement is critical when retrieving data from the OT network. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) guarantees E2E security by encrypting data according to a policy and generating user keys according to attributes. To use this encryption scheme in manufacturing environments, policies must be updatable. This paper proposes a Multi-Layered Policy Key Encapsulation Method for CP-ABE that allows flexible policy update and revocation without modifying the original CP-ABE scheme.
2022-04-13
Hollerer, Siegfried, Kastner, Wolfgang, Sauter, Thilo.  2021.  Towards a Threat Modeling Approach Addressing Security and Safety in OT Environments. 2021 17th IEEE International Conference on Factory Communication Systems (WFCS). :37–40.
In Industry 4.0, Information Technology (IT) and Operational Technology (OT) tend to converge further with an increasing interdependence of safety and security issues to be considered. On one hand, cyber attacks are possible which can alter implemented safety functionality leading to situations where people are harmed, serious injuries may occur or the environment gets damaged. On the other side, safety can also impact security. For instance, the misuse of a Safety Instrumented System (SIS) may force a machine or a production line to shut down resulting in a denial of service. To prevent or mitigate risks from such scenarios, this paper proposes a threat modeling technique which addresses an integrated view on safety and security. The approach is tailored to the industrial automation domain considering plausible attacks and evaluating risks based on three different metrics. The metrics selected consist of Common Vulnerability Scoring System (CVSS) used as an international standard for rating cyber security vulnerabilities, Security Level (SL) from IEC 62443 to rate cyber security risks in OT environments w.r.t. the underlying architecture, and Safety Integrity Level (SIL) from IEC 61508 to rate safety risks. Due to the variety of use cases involving the chosen metrics, the approach is also feasible for followup analyses, such as integrated safety and security assessments or audits.
2022-04-01
Song, Yan, Luo, Wenjing, Li, Jian, Xu, Panfeng, Wei, Jianwei.  2021.  SDN-based Industrial Internet Security Gateway. 2021 International Conference on Security, Pattern Analysis, and Cybernetics(SPAC). :238–243.
Industrial Internet is widely used in the production field. As the openness of networks increases, industrial networks facing increasing security risks. Information and communication technologies are now available for most industrial manufacturing. This industry-oriented evolution has driven the emergence of cloud systems, the Internet of Things (IoT), Big Data, and Industry 4.0. However, new technologies are always accompanied by security vulnerabilities, which often expose unpredictable risks. Industrial safety has become one of the most essential and challenging requirements. In this article, we highlight the serious challenges facing Industry 4.0, introduce industrial security issues and present the current awareness of security within the industry. In this paper, we propose solutions for the anomaly detection and defense of the industrial Internet based on the demand characteristics of network security, the main types of intrusions and their vulnerability characteristics. The main work is as follows: This paper first analyzes the basic network security issues, including the network security needs, the security threats and the solutions. Secondly, the security requirements of the industrial Internet are analyzed with the characteristics of industrial sites. Then, the threats and attacks on the network are analyzed, i.e., system-related threats and process-related threats; finally, the current research status is introduced from the perspective of network protection, and the research angle of this paper, i.e., network anomaly detection and network defense, is proposed in conjunction with relevant standards. This paper proposes a software-defined network (SDN)-based industrial Internet security gateway for the security protection of the industrial Internet. Since there are some known types of attacks in the industrial network, in order to fully exploit the effective information, we combine the ExtratreesClassifier to enhance the detection rate of anomaly detection. In order to verify the effectiveness of the algorithm, this paper simulates an industrial network attack, using the acquired training data for testing. The test data are industrial network traffic datasets, and the experimental results show that the algorithm is suitable for anomaly detection in industrial networks.
2022-03-14
Sabev, Evgeni, Trifonov, Roumen, Pavlova, Galya, Rainova, Kamelia.  2021.  Cybersecurity Analysis of Wind Farm SCADA Systems. 2021 International Conference on Information Technologies (InfoTech). :1—5.
Industry 4.0 or also known as the fourth industrial revolution poses a great cybersecurity risk for Supervisory control and data acquisition (SCADA) systems. Nowadays, lots of enterprises have turned into renewable energy and are changing the energy dependency to be on wind power. The SCADA systems are often vulnerable against different kinds of cyberattacks and thus allowing intruders to successfully and intrude exfiltrate different wind farm SCADA systems. During our research a future concept testbed of a wind farm SCADA system is going to be introduced. The already existing real-world vulnerabilities that are identified are later on going to be demonstrated against the test SCADA wind farm system.
2022-02-24
Lahbib, Asma, Toumi, Khalifa, Laouiti, Anis, Martin, Steven.  2021.  Blockchain Based Privacy Aware Distributed Access Management Framework for Industry 4.0. 2021 IEEE 30th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE). :51–56.
With the development of various technologies, the modern industry has been promoted to a new era known as Industry 4.0. Within such paradigm, smart factories are becoming widely recognized as the fundamental concept. These systems generate and exchange vast amounts of privacy-sensitive data, which makes them attractive targets of attacks and unauthorized access. To improve privacy and security within such environments, a more decentralized approach is seen as the solution to allow their longterm growth. Currently, the blockchain technology represents one of the most suitable candidate technologies able to support distributed and secure ecosystem for Industry 4.0 while ensuring reliability, information integrity and access authorization. Blockchain based access control frameworks address encountered challenges regarding the confidentiality, traceability and notarization of access demands and procedures. However significant additional fears are raised about entities' privacy regarding access history and shared policies. In this paper, our main focus is to ensure strong privacy guarantees over the access control related procedures regarding access requester sensitive attributes and shared access control policies. The proposed scheme called PDAMF based on ring signatures adds a privacy layer for hiding sensitive attributes while keeping the verification process transparent and public. Results from a real implementation plus performance evaluation prove the proposed concept and demonstrate its feasibility.
2022-01-25
Sureshkumar, S, Agash, C P, Ramya, S, Kaviyaraj, R, Elanchezhiyan, S.  2021.  Augmented Reality with Internet of Things. 2021 International Conference on Artificial Intelligence and Smart Systems (ICAIS). :1426—1430.
Today technological changes make the probability of more complex things made into simple tasks with more accuracy in major areas and mostly in Manufacturing Industry. Internet of things contributes its major part in automation which helps human to make life easy by monitoring and directed to a related person with in a fraction of second. Continuous advances and improvement in computer vision, mobile computing and tablet screens have led to a revived interest in Augmented Reality the Augmented Reality makes the complex automation into an easier task by making more realistic real time animation in monitoring and automation on Internet of Things (eg like temperature, time, object information, installation manual, real time testing).In order to identify and link the augmented content, like object control of home appliances, industrial appliances. The AR-IoT will have a much cozier atmosphere and enhance the overall Interactivity of the IoT environment. Augmented Reality applications use a myriad of data generated by IoT devices and components, AR helps workers become more competitive and productive with the realistic environment in IoT. Augmented Reality and Internet of Things together plays a critical role in the development of next generation technologies. This paper describes the concept of how Augmented Reality can be integrated with industry(AR-IoT)4.0 and how the sensors are used to monitoring objects/things contiguously round the clock, and make the process of converting real-time physical objects into smart things for the upcoming new era with AR-IoT.
2021-09-30
Denzler, Patrick, Ruh, Jan, Kadar, Marine, Avasalcai, Cosmin, Kastner, Wolfgang.  2020.  Towards Consolidating Industrial Use Cases on a Common Fog Computing Platform. 2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). 1:172–179.
Converging Information Technology (IT) and Operations Technology (OT) in modern factories remains a challenging task. Several approaches such as Cloud, Fog or Edge computing aim to provide possible solutions for bridging OT that requires strict real-time processing with IT that targets computing functionality. In this context, this paper contributes to ongoing Fog computing research by presenting three industrial use cases with a specific focus on consolidation of functionality. Each use case exemplifies scenarios on how to use the computational resources closer to the edge of the network provided by a Fog Computing Platform (FCP). All use-cases utilize the same proposed FCP, which allows drawing a set of requirements on future FCPs, e.g. hardware, virtualization, security, communication and resource management. The central element of the FCP is the Fog Node (FN), built upon commercial off-the-shelf (COTS) multicore processors (MCPs) and virtualization support. Resource management tools, advanced security features and state of the art communication protocols complete the FCP. The paper concludes by outlining future research challenges by comparing the proposed FCP with the identified requirements.
2020-12-17
Basheer, M. M., Varol, A..  2019.  An Overview of Robot Operating System Forensics. 2019 1st International Informatics and Software Engineering Conference (UBMYK). :1—4.
Autonomous technologies have been rapidly replacing the traditional manual intervention nearly in every aspect of our life. These technologies essentially require robots to carry out their automated processes. Nowadays, with the emergence of industry 4.0, robots are increasingly being remote-controlled via client-server connection, which creates uncommon vulnerabilities that allow attackers to target those robots. The development of an open source operational environment for robots, known as Robot Operating System (ROS) has come as a response to these demands. Security and privacy are crucial for the use of ROS as the chance of a compromise may lead to devastating ramifications. In this paper, an overview of ROS and the attacks targeting it are detailed and discussed. Followed by a review of the ROS security and digital investigation studies.
2020-11-20
Bhaharin, S. H., Mokhtar, U. A., Sulaiman, R., Yusof, M. M..  2019.  Issues and Trends in Information Security Policy Compliance. 2019 6th International Conference on Research and Innovation in Information Systems (ICRIIS). :1—6.
In the era of Industry 4.0 (IR 4.0), information leakage has become a critical issue for information security. The basic approach to addressing information leakage threats is to implement an information security policy (ISP) that defines the standards, boundaries, and responsibilities of users of information and technology of an organization. ISPs are one of the most commonly used methods for controlling internal user security behaviours, which include, but not limited to, computer usage ethics; organizational system usage policies; Internet and email usage policies; and the use of social media. Human error is the main security threat to information security, resulting from negligence, ignorance, and failure to adhere to organizational information security policies. Information security incidents are a problem related to human behaviour because technology is designed and operated by humans, presenting the opportunities and spaces for human error. In addition to the factor of human error as the main source of information leakage, this study aims to systematically analyse the fundamental issues of information security policy compliance. An analysis of these papers identifies and categories critical factor that effect an employee's attitude toward compliance with ISP. The human, process, technology element and information governance should be thought as a significant scope for more efficiency of information security policy compliance and in any further extensive studies to improve on information security policy compliance. Therefore, to ensure these are properly understood, further study is needed to identity the information governance that needs to be included in organizations and current best practices for developing an information security policy compliance within organizations.
2020-11-02
Bloom, Gedare, Alsulami, Bassma, Nwafor, Ebelechukwu, Bertolotti, Ivan Cibrario.  2018.  Design patterns for the industrial Internet of Things. 2018 14th IEEE International Workshop on Factory Communication Systems (WFCS). :1—10.
The Internet of Things (IoT) is a vast collection of interconnected sensors, devices, and services that share data and information over the Internet with the objective of leveraging multiple information sources to optimize related systems. The technologies associated with the IoT have significantly improved the quality of many existing applications by reducing costs, improving functionality, increasing access to resources, and enhancing automation. The adoption of IoT by industries has led to the next industrial revolution: Industry 4.0. The rise of the Industrial IoT (IIoT) promises to enhance factory management, process optimization, worker safety, and more. However, the rollout of the IIoT is not without significant issues, and many of these act as major barriers that prevent fully achieving the vision of Industry 4.0. One major area of concern is the security and privacy of the massive datasets that are captured and stored, which may leak information about intellectual property, trade secrets, and other competitive knowledge. As a way forward toward solving security and privacy concerns, we aim in this paper to identify common input-output (I/O) design patterns that exist in applications of the IIoT. These design patterns enable constructing an abstract model representation of data flow semantics used by such applications, and therefore better understand how to secure the information related to IIoT operations. In this paper, we describe communication protocols and identify common I/O design patterns for IIoT applications with an emphasis on data flow in edge devices, which, in the industrial control system (ICS) setting, are most often involved in process control or monitoring.
2020-10-12
Eckhart, Matthias, Ekelhart, Andreas, Lüder, Arndt, Biffl, Stefan, Weippl, Edgar.  2019.  Security Development Lifecycle for Cyber-Physical Production Systems. IECON 2019 - 45th Annual Conference of the IEEE Industrial Electronics Society. 1:3004–3011.

As the connectivity within manufacturing processes increases in light of Industry 4.0, information security becomes a pressing issue for product suppliers, systems integrators, and asset owners. Reaching new heights in digitizing the manufacturing industry also provides more targets for cyber attacks, hence, cyber-physical production systems (CPPSs) must be adequately secured to prevent malicious acts. To achieve a sufficient level of security, proper defense mechanisms must be integrated already early on in the systems' lifecycle and not just eventually in the operation phase. Although standardization efforts exist with the objective of guiding involved stakeholders toward the establishment of a holistic industrial security concept (e.g., IEC 62443), a dedicated security development lifecycle for systems integrators is missing. This represents a major challenge for engineers who lack sufficient information security knowledge, as they may not be able to identify security-related activities that can be performed along the production systems engineering (PSE) process. In this paper, we propose a novel methodology named Security Development Lifecycle for Cyber-Physical Production Systems (SDL-CPPS) that aims to foster security by design for CPPSs, i.e., the engineering of smart production systems with security in mind. More specifically, we derive security-related activities based on (i) security standards and guidelines, and (ii) relevant literature, leading to a security-improved PSE process that can be implemented by systems integrators. Furthermore, this paper informs domain experts on how they can conduct these security-enhancing activities and provides pointers to relevant works that may fill the potential knowledge gap. Finally, we review the proposed approach by means of discussions in a workshop setting with technical managers of an Austrian-based systems integrator to identify barriers to adopting the SDL-CPPS.

2020-09-21
Andel, Todd R., Todd McDonald, J., Brown, Adam J., Trigg, Tyler H., Cartsten, Paul W..  2019.  Towards Protection Mechanisms for Secure and Efficient CAN Operation. 2019 IEEE International Conference on Consumer Electronics (ICCE). :1–6.
Cyber attacks against automobiles have increased over the last decade due to the expansion in attack surfaces. This is the result of modern automobiles having connections such as Bluetooth, WiFi, and other broadband services. While there has been numerous proposed solutions in the literature, none have been widely adopted as maintaining real-time message deliverability in the Controller Area Networks (CAN) outweighs proposed security solutions. Through iterative research, we have developed a solution which mitigates an attacker's impact on the CAN bus by using CAN's inherent features of arbitration, error detection and signaling, and fault confinement mechanism. The solution relies on an access controller and message priority thresholds added to the CAN data-link layer. The results provide no time delay for non-malicious traffic and mitigates bus impact of a subverted node attempting to fabricate messages at an unauthorized priority level.
2020-05-04
de Sá, Alan Oliveira, Carmo, Luiz Fernando Rust da C., Santos Machado, Raphael C..  2019.  Countermeasure for Identification of Controlled Data Injection Attacks in Networked Control Systems. 2019 II Workshop on Metrology for Industry 4.0 and IoT (MetroInd4.0 IoT). :455–459.
Networked Control Systems (NCS) are widely used in Industry 4.0 to obtain better management and operational capabilities, as well as to reduce costs. However, despite the benefits provided by NCSs, the integration of communication networks with physical plants can also expose these systems to cyber threats. This work proposes a link monitoring strategy to identify linear time-invariant transfer functions performed by a Man-in-the-Middle during controlled data injection attacks in NCSs. The results demonstrate that the proposed identification scheme provides adequate accuracy when estimating the attack function, and does not interfere in the plant behavior when the system is not under attack.
2020-02-17
Luntovskyy, Andriy, Globa, Larysa.  2019.  Performance, Reliability and Scalability for IoT. 2019 International Conference on Information and Digital Technologies (IDT). :316–321.
So-called IoT, based on use of enabling technologies like 5G, Wi-Fi, BT, NFC, RFID, IPv6 as well as being widely applied for sensor networks, robots, Wearable and Cyber-PHY, invades rapidly to our every day. There are a lot of apps and software platforms to IoT support. However, a most important problem of QoS optimization, which lays in Performance, Reliability and Scalability for IoT, is not yet solved. The extended Internet of the future needs these solutions based on the cooperation between fog and clouds with delegating of the analytics blocks via agents, adaptive interfaces and protocols. The next problem is as follows: IoT can generate large arrays of unmanaged, weakly-structured, and non-configured data of various types, known as "Big Data". The given papers deals with the both problems. A special problem is Security and Privacy in potentially "dangerous" IoTscenarios. Anyway, this subject needs as special discussion for risks evaluation and cooperative intrusion detection. Some advanced approaches for optimization of Performance, Reliability and Scalability for IoT-solutions are offered within the paper. The paper discusses the Best Practises and Case Studies aimed to solution of the established problems.
2020-01-13
Ivkic, Igor, Mauthe, Andreas, Tauber, Markus.  2019.  Towards a Security Cost Model for Cyber-Physical Systems. 2019 16th IEEE Annual Consumer Communications Networking Conference (CCNC). :1–7.
In times of Industry 4.0 and cyber-physical systems (CPS) providing security is one of the biggest challenges. A cyber attack launched at a CPS poses a huge threat, since a security incident may affect both the cyber and the physical world. Since CPS are very flexible systems, which are capable of adapting to environmental changes, it is important to keep an overview of the resulting costs of providing security. However, research regarding CPS currently focuses more on engineering secure systems and does not satisfactorily provide approaches for evaluating the resulting costs. This paper presents an interaction-based model for evaluating security costs in a CPS. Furthermore, the paper demonstrates in a use case driven study, how this approach could be used to model the resulting costs for guaranteeing security.
2019-09-11
Mbiriki, A., Katar, C., Badreddine, A..  2018.  Improvement of Security System Level in the Cyber-Physical Systems (CPS) Architecture. 2018 30th International Conference on Microelectronics (ICM). :40–43.

Industry 4.0 is based on the CPS architecture since it is the next generation in the industry. The CPS architecture is a system based on Cloud Computing technology and Internet of Things where computer elements collaborate for the control of physical entities. The security framework in this architecture is necessary for the protection of two parts (physical and information) so basically, security in CPS is classified into two main parts: information security (data) and security of control. In this work, we propose two models to solve the two problems detected in the security framework. The first proposal SCCAF (Smart Cloud Computing Adoption Framework) treats the nature of information that serves for the detection and the blocking of the threats our basic architecture CPS. The second model is a modeled detector related to the physical nature for detecting node information.

Moyne, J., Mashiro, S., Gross, D..  2018.  Determining a Security Roadmap for the Microelectronics Industry. 2018 29th Annual SEMI Advanced Semiconductor Manufacturing Conference (ASMC). :291–294.

The evolution of the microelectronics manufacturing industry is characterized by increased complexity, analysis, integration, distribution, data sharing and collaboration, all of which is enabled by the big data explosion. This evolution affords a number of opportunities in improved productivity and quality, and reduced cost, however it also brings with it a number of risks associated with maintaining security of data systems. The International Roadmap for Devices and System Factory Integration International Focus Team (IRDS FI IFT) determined that a security technology roadmap for the industry is needed to better understand the needs, challenges and potential solutions for security in the microelectronics industry and its supply chain. As a first step in providing this roadmap, the IFT conducted a security survey, soliciting input from users, suppliers and OEMs. Preliminary results indicate that data partitioning with IP protection is the number one topic of concern, with the need for industry-wide standards as the second most important topic. Further, the "fear" of security breach is considered to be a significant hindrance to Advanced Process Control efforts as well as use of cloud-based solutions. The IRDS FI IFT will endeavor to provide components of a security roadmap for the industry in the 2018 FI chapter, leveraging the output of the survey effort combined with follow-up discussions with users and consultations with experts.

2019-03-11
Hoeller, A., Toegl, R..  2018.  Trusted Platform Modules in Cyber-Physical Systems: On the Interference Between Security and Dependability. 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :136–144.

Cyber physical systems are the key innovation driver for many domains such as automotive, avionics, industrial process control, and factory automation. However, their interconnection potentially provides adversaries easy access to sensitive data, code, and configurations. If attackers gain control, material damage or even harm to people must be expected. To counteract data theft, system manipulation and cyber-attacks, security mechanisms must be embedded in the cyber physical system. Adding hardware security in the form of the standardized Trusted Platform Module (TPM) is a promising approach. At the same time, traditional dependability features such as safety, availability, and reliability have to be maintained. To determine the right balance between security and dependability it is essential to understand their interferences. This paper supports developers in identifying the implications of using TPMs on the dependability of their system.We highlight potential consequences of adding TPMs to cyber-physical systems by considering the resulting safety, reliability, and availability. Furthermore, we discuss the potential of enhancing the dependability of TPM services by applying traditional redundancy techniques.

2018-12-03
Shearon, C. E..  2018.  IPC-1782 standard for traceability of critical items based on risk. 2018 Pan Pacific Microelectronics Symposium (Pan Pacific). :1–3.

Traceability has grown from being a specialized need for certain safety critical segments of the industry, to now being a recognized value-add tool for the industry as a whole that can be utilized for manual to automated processes End to End throughout the supply chain. The perception of traceability data collection persists as being a burden that provides value only when the most rare and disastrous of events take place. Disparate standards have evolved in the industry, mainly dictated by large OEM companies in the market create confusion, as a multitude of requirements and definitions proliferate. The intent of the IPC-1782 project is to bring the whole principle of traceability up to date and enable business to move faster, increase revenue, increase productivity, and decrease costs as a result of increased trust. Traceability, as defined in this standard will represent the most effective quality tool available, becoming an intrinsic part of best practice operations, with the encouragement of automated data collection from existing manufacturing systems which works well with Industry 4.0, integrating quality, reliability, product safety, predictive (routine, preventative, and corrective) maintenance, throughput, manufacturing, engineering and supply-chain data, reducing cost of ownership as well as ensuring timeliness and accuracy all the way from a finished product back through to the initial materials and granular attributes about the processes along the way. The goal of this standard is to create a single expandable and extendable data structure that can be adopted for all levels of traceability and enable easily exchanged information, as appropriate, across many industries. The scope includes support for the most demanding instances for detail and integrity such as those required by critical safety systems, all the way through to situations where only basic traceability, such as for simple consumer products, are required. A key driver for the adoption of the standard is the ability to find a relevant and achievable level of traceability that exactly meets the requirement following risk assessment of the business. The wealth of data accessible from traceability for analysis (e.g.; Big Data, etc.) can easily and quickly yield information that can raise expectations of very significant quality and performance improvements, as well as providing the necessary protection against the costs of issues in the market and providing very timely information to regulatory bodies along with consumers/customers as appropriate. This information can also be used to quickly raise yields, drive product innovation that resonates with consumers, and help drive development tests & design requirements that are meaningful to the Marketplace. Leveraging IPC 1782 to create the best value of Component Traceability for your business.

2018-11-19
Langfinger, M., Schneider, M., Stricker, D., Schotten, H. D..  2017.  Addressing Security Challenges in Industrial Augmented Reality Systems. 2017 IEEE 15th International Conference on Industrial Informatics (INDIN). :299–304.

In context of Industry 4.0 Augmented Reality (AR) is frequently mentioned as the upcoming interface technology for human-machine communication and collaboration. Many prototypes have already arisen in both the consumer market and in the industrial sector. According to numerous experts it will take only few years until AR will reach the maturity level to be deployed in productive applications. Especially for industrial usage it is required to assess security risks and challenges this new technology implicates. Thereby we focus on plant operators, Original Equipment Manufacturers (OEMs) and component vendors as stakeholders. Starting from several industrial AR use cases and the structure of contemporary AR applications, in this paper we identify security assets worthy of protection and derive the corresponding security goals. Afterwards we elaborate the threats industrial AR applications are exposed to and develop an edge computing architecture for future AR applications which encompasses various measures to reduce security risks for our stakeholders.