Biblio

This article describes the process of synchronizing the generation of random sequences by a quantum random number generator (QRNG) that can be used as secret keys for known cryptographic transformations. The subject of the research is a method for synchronizing the generation of random QRNG sequences based on L1 (C/A) signals of the global positioning system (GPS) using control correcting information received from control correcting stations.

Name Data Networking (NDN) is a clean-slate network redesign that uses content names for routing and addressing. Facing the fact that TCP/IP is deeply entrenched in the current Internet architecture, NDN has made slow progress in industrial promotion. Meanwhile, new architectures represented by SDN, P4, etc., provide a flexible and programmable approach to network research. As a result, a centralized NDN routing mechanism is needed in the scenario for network integration between NDN and TCP/IP. Combining the NLSR protocol and the P4 environment, we introduce an efficient NDN routing mechanism that offers extensible NDN routing services (e.g., resources-location management and routing calculation) which can be programmed in the control plane. More precisely, the proposed mechanism allows the programmable switches to transmit NLSR packets to the control plane with the extended data plane. The NDN routing services are provided by control plane application which framework bases on resource-location mapping to achieve part of the NLSR mechanism. Experimental results show that the proposed mechanism can reduce the number of routing packets significantly, and introduce a slight overhead in the controller compared with NLSR simulation.

Cyber-physical systems (CPS) and IoT systems are nowadays commonly designed as self-adaptive, endowing them with the ability to dynamically reconFigure to reflect their changing environment. This adaptation concerns also the security, as one of the most important properties of these systems. Though the state of the art on adaptivity in terms of security related to these systems can often deal well with fully anticipated situations in the environment, it becomes a challenge to deal with situations that are not or only partially anticipated. This uncertainty is however omnipresent in these systems due to humans in the loop, open-endedness and only partial understanding of the processes happening in the environment. In this paper, we partially address this challenge by featuring an approach for tackling access control in face of partially unanticipated situations. We base our solution on special kind of aspects that build on existing access control system and create a second level of adaptation that addresses the partially unanticipated situations by modifying access control rules. The approach is based on our previous work where we have analyzed and classified uncertainty in security and trust in such systems and have outlined the idea of access-control related situational patterns. The aspects that we present in this paper serve as means for application-specific specialization of the situational patterns. We showcase our approach on a simplified but real-life example in the domain of Industry 4.0 that comes from one of our industrial projects.

The Industrial Internet of Things is expected to attract significant investments for Industry 4.0. In this new environment, the blockchain has immediate potential in industrial applications, providing unchanging, traceable and auditable access control. However, recent work and present in blockchain literature are based on a cloud infrastructure that requires significant investments. Furthermore, due to the placement and distance of the cloud infrastructure to industrial control devices, such approaches present a communication latency that can compromise the strict deadlines for accessing and communicating with this device. In this context, this article presents a blockchain-based access control architecture, which is deployed directly to edge devices positioned close to devices that need access control. Performance assessments of the proposed approach were carried out in practice in an industrial mining environment. The results of this assessment demonstrate the feasibility of the proposal and its performance compared to cloud-based approaches.

Cyber-attacks on our Nation's Critical Infrastructure are growing. In this research, a Cyber Threat Intelligence (CTI) framework is proposed, developed, and tested. The results of the research, using 5 different simulated attacks on a dataset from an Industrial Control System (ICS) testbed, are presented with the extracted IOCs. The Bagging Decision Trees model showed the highest performance of testing accuracy (94.24%), precision (0.95), recall (0.93), and F1-score (0.94) among the 9 different machine learning models studied.

Algorithms for unsupervised anomaly detection have proven their effectiveness and flexibility, however, first it is necessary to calculate with what ratio a certain class begins to be considered anomalous by the autoencoder. For this reason, we propose to conduct a study of the efficiency of autoencoders depending on the ratio of anomalous and non-anomalous classes. The emergence of high-speed networks in electric power systems creates a tight interaction of cyberinfrastructure with the physical infrastructure and makes the power system susceptible to cyber penetration and attacks. To address this problem, this paper proposes an innovative approach to develop a specification-based intrusion detection framework that leverages available information provided by components in a contemporary power system. An autoencoder is used to encode the causal relations among the available information to create patterns with temporal state transitions, which are used as features in the proposed intrusion detection. This allows the proposed method to detect anomalies and cyber attacks.

In order to solve the problem of quantitative assessment of information security risks in industrial control systems, this paper proposes a method of information security risk assessment for industrial control systems based on modular hybrid genetic algorithm. Combining with the characteristics of industrial control systems, the use of hybrid genetic algorithm evidence theory to identify, evaluate and assess assets and threats, and ultimately come to the order of the size of the impact of security threats on the specific industrial control system information security. This method can provide basis for making decisions to reduce information security risks in the control system from qualitative and quantitative aspects.

The paper gives an overview of the ICS security and focuses on Control Systems. Use of internet had security challenges which led to the development of ICS which is designed to be dependable and safe. PCS, DCS and SCADA all are subsets of ICS. The paper gives a description of the developments in the ICS security and covers the most interesting work done by researchers. The paper also provides research information about the parameters on which a remotely executed cyber-attack depends.

Secret-related carrier intelligent management and control system uses the Internet of Things and artificial intelligence to solve the transformation of secret-related carrier management and control from manual operation to automatic detection, precise monitoring, and intelligent decision-making, and use technical means to resolve security risks. However, the coexistence of multiple heterogeneous networks will lead to various network security problems in the secret carrier intelligent management and control. Aiming at the actual requirements of the intelligent management and control of secret-related carriers, this paper proposes a system structure including device domain, network domain, platform domain and user domain, and conducts a detailed system security analysis, and introduces intelligent agent technology, and proposes a distributed system. The hierarchical system structure of the secret-related carrier intelligent management and control security protection model has good robustness and portability.

We propose a localized oscillation amplitude monitoring (OAM) method for the mitigation of cyber threats directed at the wide area control (WAC) system used to coordinate control of Flexible AC Transmission Systems (FACTS) for power oscillation damping (POD) of active power flow on inter-area tie lines. The method involves monitoring the inter-area tie line active power oscillation amplitude over a sliding window. We use system instability - inferred from oscillation amplitudes growing instead of damping - as evidence of an indication of a malfunction in the WAC of FACTS, possibly indicative of a cyber attack. Monitoring the presence of such a growth allows us to determine whether any destabilizing behaviors appear after the WAC system engages to control the POD. If the WAC signal increases the oscillation amplitude over time, thereby diminishing the POD performance, the FACTS falls back to POD using local measurements. The proposed method does not require an expansive system-wide view of the network. We simulate replay, control integrity, and timing attacks for a test system and present results that demonstrate the performance of the OAM method for mitigation.

We propose a stability monitoring approach for the mitigation of cyber threats directed at the wide area control (WAC) system used for coordinated control of Flexible AC Transmission Systems (FACTS) used for power oscillation damping (POD) of active power flow on inter-area tie lines. The approach involves monitoring the modes of the active power oscillation on an inter-area tie line using the Matrix Pencil (MP) method. We use the stability characteristics of the observed modes as a proxy for the presence of destabilizing cyber threats. We monitor the system modes to determine whether any destabilizing modes appear after the WAC system engages to control the POD. If the WAC signal exacerbates the POD performance, the FACTS falls back to POD using local measurements. The proposed approach does not require an expansive system-wide view of the network. We simulate replay, control integrity, and timing attacks for a test system and present results that demonstrate the performance of the SM approach for mitigation.

Intrusion detection systems installed on the information security devices that control the internal and external perimeter of the demilitarized zones are not able to detect the vulnerability of ZeroLogon after the successful penetration of the intruder into the zone. Component solution for ZeroLogon control is offered. The paper presents the research results of the capabilities for built-in Active Directory audit mechanisms and open source intrusion detection/prevention systems, which allow identification of the critical vulnerability CVE-2020-1472. These features can be used to improve the quality of cyber-physical systems management, to perform audits, as well as to check corporate domains for ZeroLogon vulnerabilities.

This paper proposes the modular power conversion systems based on an Universal Smart Power Module (USPM). In this concept, the Power Electronics Building Block (PEBB) is improved the flexibility and the expandability by integrating a high-speed power electronics controller, input/output filters among each USPM to realize the simplification of the power electronics design. The original point of USPM is that each power module operates independently because a high-speed power electronics controller is implemented on each power module. The power modules of PEBB are typically configured by the main power circuits and the gate driver. Therefore, the controller has to be designed specifically according to various applications although the advantages of PEBB are high flexibility and user-friendly. The contribution of USPM is the simplification of the system design including power electronics controller. On the other hand, autonomous distributed systems require the control method to suppress the interference in each module. In this paper, the configuration of USPM, example of the USPM system, and detail of the control method are introduced.

The correctness of security control system strategy is very important to ensure the stability of power system. Aiming at the problem that the current security control strategy verification method is not enough to match the increasingly complex large power grid, this paper proposes a cyclic verification method of security control system strategy table based on constraints and whole process dynamic simulation. Firstly, the method is improved based on the traditional security control strategy model to make the strategy model meet certain generalization ability; And on the basis of this model, the cyclic dynamic verification of the strategy table is realized based on the constraint conditions and the whole process dynamic simulation, which not only ensures the high accuracy of strategy verification for the security control strategy of complex large power grid, but also ensures that the power system is stable and controllable. Finally, based on a certain regional power system, the optimal verification of strategy table verification experiment is realized. The experimental results show that the average processing time of the proposed method is 10.32s, and it can effectively guarantee the controllability and stability of power grid.

Aiming at the problems of imperfect dynamic verification of power grid security and stability control strategy and high test cost, a reliability test method of power grid security control system based on BP neural network and dynamic group simulation is proposed. Firstly, the fault simulation results of real-time digital simulation system (RTDS) software are taken as the data source, and the dynamic test data are obtained with the help of the existing dispatching data network, wireless virtual private network, global positioning system and other communication resources; Secondly, the important test items are selected through the minimum redundancy maximum correlation algorithm, and the test items are used to form a feature set, and then the BP neural network model is used to predict the test results. Finally, the dynamic remote test platform is tested by the dynamic whole group simulation of the security and stability control system. Compared with the traditional test methods, the proposed method reduces the test cost by more than 50%. Experimental results show that the proposed method can effectively complete the reliability test of power grid security control system based on dynamic group simulation, and reduce the test cost.

The papers in this special section focus on resilient control in large-scae networked cyber-physical systems. These papers deal with the opportunities offered by these emerging technologies to mitigate undesired phenomena arising when intentional jamming and false data injections, categorized as cyber-attacks, infer communication channels. Recent advances in sensing, communication and computing have open the door to the deployment of largescale networks of sensors and actuators that allow fine-grain monitoring and control of a multitude of physical processes and infrastructures. The appellation used by field experts for these paradigms is Cyber-Physical Systems (CPS) because the dynamics among computers, networking media/resources and physical systems interact in a way that multi-disciplinary technologies (embedded systems, computers, communications and controls) are required to accomplish prescribed missions. Moreover, they are expected to play a significant role in the design and development of future engineering applications such as smart grids, transportation systems, nuclear plants and smart factories.

The smart electricity grids have been evolving to a more complex cyber-physical ecosystem of infrastructures with integrated communication networks, new carbon-free sources of power generation, advanced monitoring and control systems, and a myriad of emerging modern physical hardware technologies. With the unprecedented complexity and heterogeneity in dynamic smart grid networks comes additional vulnerability to emerging threats such as cyber attacks. Rapid development and deployment of advanced network monitoring and communication systems on one hand, and the growing interdependence of the electric power grids to a multitude of lifeline critical infrastructures on the other, calls for holistic defense strategies to safeguard the power grids against cyber adversaries. In order to improve the resilience of the power grid against adversarial attacks and cyber intrusions, advancements should be sought on detection techniques, protection plans, and mitigation practices in all electricity generation, transmission, and distribution sectors. This survey discusses such major directions and recent advancements from a lens of different detection techniques, equipment protection plans, and mitigation strategies to enhance the energy delivery infrastructure resilience and operational endurance against cyber attacks. This undertaking is essential since even modest improvements in resilience of the power grid against cyber threats could lead to sizeable monetary savings and an enriched overall social welfare.

Cyber-physical systems are subject to natural uncertainties and sensor noise that can be amplified/attenuated due to feedback. In this work, we want to leverage these properties in order to define the inherent differential privacy of feedback-control systems without the addition of an external differential privacy noise. If larger levels of privacy are required, we introduce a methodology to add an external differential privacy mechanism that injects the minimum amount of noise that is needed. On the other hand, we show how the combination of inherent and external noise affects system security in terms of the impact that integrity attacks can impose over the system while remaining undetected. We formulate a bilevel optimization problem to redesign the control parameters in order to minimize the attack impact for a desired level of inherent privacy.

With the advent of motorization, result in traffic system more congested, how to make the traffic system more effective and also take safety into account, namely build a intelligent transportation system, has become a hot spot of society. The vehicle distance control system studied in this paper is an important function in intelligent transportation system, through introducing cyber-physical systems (CPS) technology into it, set up system model, make the vehicles maintain a preset safety distance, thereby not only help improve the effective utilization of traffic system, but also help avoid the collision due to the speed change. Finally, use Simulink software to simulate and analyze the performance of the system, the result shows that the model can effectively cope with the distance change which is due to speed change, and ensure the vehicles maintain a preset safety distance within a short period of time.

The Digital Signature Algorithm (DSA) is a representative of a family of digital signature algorithms that are known to have a number of subliminal channels for covert data transmission. The capacity of these channels stretches from several bits (narrowband channels) to about 256 or so bits (a broadband channel). There are a couple of methods described in the literature to prevent the usage of the broadband channel with the help of a warden. In the present paper, we discuss some weaknesses of the known methods and suggest a solution that is free of the weaknesses and eliminates the broadband covert channel. Our solution also requires a warden who does not participate in signature generation and is able to check any signed message for the absence of the covert communication.

The router's buffer size imposes significant impli-cations on the performance of the network. Network operators nowadays configure the router's buffer size manually and stati-cally. They typically configure large buffers that fill up and never go empty, increasing the Round-trip Time (RTT) of packets significantly and decreasing the application performance. Few works in the literature dynamically adjust the buffer size, but are implemented only in simulators, and therefore cannot be tested and deployed in production networks with real traffic. Previous work suggested setting the buffer size to the Bandwidth-delay Product (BDP) divided by the square root of the number of long flows. Such formula is adequate when the RTT and the number of long flows are known in advance. This paper proposes a system that leverages programmable switches as passive instruments to measure the RTT and count the number of flows traversing a legacy router. Based on the measurements, the programmable switch dynamically adjusts the buffer size of the legacy router in order to mitigate the unnecessary large queuing delays. Results show that when the buffer is adjusted dynamically, the RTT, the loss rate, and the fairness among long flows are enhanced. Additionally, the Flow Completion Time (FCT) of short flows sharing the queue is greatly improved. The system can be adopted in campus, enterprise, and service provider networks, without the need to replace legacy routers.

The vast majority of nowadays remote code execution attacks target virtual function tables (vtables). Attackers hijack vtable pointers to change the control flow of a vulnerable program to their will, resulting in full control over the underlying system. In this paper, we present NoVT, a compiler-based defense against vtable hijacking. Instead of protecting vtables for virtual dispatch, our solution replaces them with switch-case constructs that are inherently control-flow safe, thus preserving control flow integrity of C++ virtual dispatch. NoVT extends Clang to perform a class hierarchy analysis on C++ source code. Instead of a vtable, each class gets unique identifier numbers which are used to dispatch the correct method implementation. Thereby, NoVT inherently protects all usages of a vtable, not just virtual dispatch. We evaluate NoVT on common benchmark applications and real-world programs including Chromium. Despite its strong security guarantees, NoVT improves runtime performance of most programs (mean overhead −0.5%, −3.7% min, 2% max). In addition, protected binaries are slightly smaller than unprotected ones. NoVT works on different CPU architectures and protects complex C++ programs against strong attacks like COOP and ShrinkWrap.

This paper studies event-triggered output-based security control of nonlinear system under deception attacks obeying a Bernoulli distribution. Firstly, to save system resources of a T-S fuzzy system, an output-based discrete event-triggered mechanism (ETM) is introduced, which excludes Zeno behavior absolutely. Secondly, a closed-loop T-S fuzzy system model is built, which integrates parameters of the nonlinear plant, the ETM, stochastic attacks, fuzzy dynamic output feedback controller and network-induced delays in a unified framework. Thirdly, sufficient conditions for asymptotic stability of the T-S fuzzy sys$łnot$tem are derived, and the design method of a fuzzy output-based security controller is presented. Finally, an example illustrates effectiveness of the proposed method.

This paper develops an adaptive neural network (NN) asymptotic tracking control scheme for nonstrict-feedback switched nonlinear systems with unknown nonlinearities. The NNs are used to dispose the unknown nonlinearities. Different from the published results, the asymptotic convergence character is achieved based on the bound estimation method. By combining some smooth functions with the adaptive backstepping scheme, the asymptotic tracking control strategy is presented. It is proved that the fabricated scheme can guarantee that the system output can asymptotically follow the desired signal, and also that all signals of the entire system are bounded. The validity of the devised scheme is evaluated by a simulation example.

This paper presents an observer-based security control scheme for a Cyber-Physical System (CPS). In the considered system, the feedback channel of the CPS may suffer from Denial-of-Service (DoS). To begin with, a time-delayed switching CPS model is constructed according to two different attack situations. And then, based on the switching model, an observer-based controller is designed in the cyber-layer, Meanwhile, the stability of the closed-loop system is analyzed based on H$ınfty$ stability of switching systems in view of Average Dwell Time (ADT). At last, the performance of the proposed security control scheme is illustrated by an numerical example in Simulation.