Biblio

The (IoT) paradigm’s fundamental goal is to massively connect the “smart things” through standardized interfaces, providing a variety of smart services. Cyber-Physical Systems (CPS) include both physical and cyber components and can apply to various application domains (smart grid, smart transportation, smart manufacturing, etc.). The Digital Twin (DT) is a cyber clone of physical objects (things), which will be an essential component in CPS. This paper designs a systematic taxonomy to explore different attacks on DT-based CPS and how they affect the system from a four-layer architecture perspective. We present an attack space for DT-based CPS on four layers (i.e., object layer, communication layer, DT layer, and application layer), three attack objects (i.e., confidentiality, integrity, and availability), and attack types combined with strength and knowledge. Furthermore, some selected case studies are conducted to examine attacks on representative DT-based CPS (smart grid, smart transportation, and smart manufacturing). Finally, we propose a defense mechanism called Secured DT Development Life Cycle (SDTDLC) and point out the importance of leveraging other enabling techniques (intrusion detection, blockchain, modeling, simulation, and emulation) to secure DT-based CPS.

There is momentous attention from researchers and practitioners all over the world towards one of the most advanced trends in the world, Smart cities. A smart city is an efficient and sustainable city that offers a superior life quality to all human beings through the optimum management of all its resources. Optimum energy management technique within the smart city is a challenging environment that needs a full focus on basic important needs and supports of the smart city. This includes Smart Grid (SG) infrastructure, Distributed Generation (DG) technology, Smart Home Energy Management System (HEMS), Smart Transportation System (STS), and Energy Storage System (ESS). Out of these five taxonomies, there have been some disputes addressed in profitability and security due to the major involvement of electromobility in the smart transportation system. It creates a big impact on the smart city environment. The disputes in profitability can be effectively handled with the use of dynamic pricing techniques and peer-to-peer (P2P) energy trading mechanisms. On the other hand, security disputes can be overwhelmed by the use of blockchain technology. This paper reviews the energy management-related work on smart cities with the consideration of these basic important needs and supports.

While vehicle-to-everything communication technology enables information sharing and cooperative control for vehicles, it also poses a significant threat to the vehicles' driving security owing to cyber-attacks. In particular, Sybil malicious attacks hidden in the vehicle broadcast information flow are challenging to detect, thereby becoming an urgent issue requiring attention. Several researchers have considered this problem and proposed different detection schemes. However, the detection performance of existing schemes based on plausibility checks and neighboring observers is affected by the traffic and attacker densities. In this study, we propose a malicious attack detection scheme based on traffic-flow information fusion, which enables the detection of Sybil attacks without neighboring observer nodes. Our solution is based on the basic safety message, which is broadcast by vehicles periodically. It first constructs the basic features of traffic flow to reflect the traffic state, subsequently fuses it with the road detector information to add the road fusion features, and then classifies them using machine learning algorithms to identify malicious attacks. The experimental results demonstrate that our scheme achieves the detection of Sybil attacks with an accuracy greater than 90 % at different traffic and attacker densities. Our solutions provide security for achieving a usable vehicle communication network.

Transportation of people and goods is important and crucial in the context of smart cities. The trend in regard of people's mobility is moving from privately owned vehicles towards shared mobility. This trend is even stronger in urban areas, where space for parking is limited, and the mobility is supported by the public transport system, which lowers the need for private vehicles. Several challenges and barriers of currently available solutions retard a massive growth of this mobility option, such as the trust problem, data monopolism, or intermediary costs. Decentralizing mobility management is a promising approach to solve the current problems of the mobility market, allowing to move towards a more usable internet of mobility and smart transportation. Leveraging blockchain technology allows to cut intermediary costs, by utilizing smart contracts. Important in this ecosystem is the proof of identity of participants in the blockchain network. To proof the possession of the claimed identity, the private key corresponding to the wallet address is utilized, and therefore essential to protect. In this paper, a blockchain-based shared mobility platform is proposed and a proof-of-concept is shown. First, current problems and state-of-the-art systems are analyzed. Then, a decentralized concept is built based on ERC-721 tokens, implemented in a smart contract, and augmented with a Hardware Security Module (HSM) to protect the confidential key material. Finally, the system is evaluated and compared against state-of-the-art solutions.

Automatic dependent surveillance-broadcast (ADS- B) records provide an important basis and evidence for future route planning and accountability. However, due to the lack of effective support for the integrity and confidentiality of ADS-B, the air traffic control (ATC) system based on ADS-B faces serious security threats. Once the data is tampered with, it will cause immeasurable losses to society. The ADS-B data is arranged in chronological order, and the order-preserving encryption method allows users to directly search for ciphertexts by time. However, encryption alone does not guarantee the integrity of the data. The attacker can still destroy the integrity of the data by modifying the ciphertext. This paper proposes a secure ADS- B protection scheme that supports queries. We construct a dynamic order-preserving encryption (DOPE) scheme to achieve data confidentiality and sequential search of target data in the ciphertext. In addition, the scheme achieves fast integrity checking by calculating the unique verification label of the entire ciphertext, and supports blockless verification, which means that all data does not need to be transmitted during the audit phase. In the meanwhile, the auditor can verify the integrity of multiple ADS-B documents at once, which improves the computational efficiency of the audit. We analyze the integrity and security of the scheme and proved that DOPE is indistinguishable under an ordered chosen-plaintext attack (IND-OCPA). Furthermore, we conclude through performance analysis that the communication overhead is constant and computation overhead is logarithmic level. The proposed scheme is applicable to all data arranged in order, such as hospital records arranged by date and so on. At the same time, ADS-B can be used for urban vehicle monitoring and is a basic means to realize smart transportation.

The Internet of Things (IoT) increasingly demonstrates its role in smart services, such as smart home, smart grid, smart transportation, etc. However, due to lack of standards among different vendors, existing networked IoT devices (NoTs) can hardly provide enough security. Moreover, it is impractical to apply advanced cryptographic solutions to many NoTs due to limited computing capability and power supply. Inspired by recent advances in IoT demand, in this paper, we develop an IoT security architecture that can protect NoTs in different IoT scenarios. Specifically, the security architecture consists of an auditing module and two network-level security controllers. The auditing module is designed to have a stand-alone intrusion detection system for threat detection in a NoT network cluster. The two network-level security controllers are designed to provide security services from either network resource management or cryptographic schemes regardless of the NoT security capability. We also demonstrate the proposed IoT security architecture with a network based one-hop confidentiality scheme and a cryptography-based secure link mechanism.

This paper proposes a prototype of a level 3 autonomous vehicle using Raspberry Pi, capable of detecting the nearby vehicles using an IR sensor. We make the first attempt to analyze autonomous vehicles from a microscopic level, focusing on each vehicle and their communications with the nearby vehicles and road-side units. Two sets of passive and active experiments on a pair of prototypes were run, demonstrating the interconnectivity of the developed prototype. Several sensors were incorporated into an emulation based on System-on-Chip to further demonstrate the feasibility of the proposed model.

Smart Transportation applications by nature are examples of Vehicular Ad-hoc Network (VANETs) applications where mobile vehicles, roadside units and transportation infrastructure interplay with one another to provide value added services. While there are abundant researches that focused on the communication aspect of such Mobile Ad-hoc Networks, there are few research bodies that target the development of VANET applications. Among the popular VANET applications, a dominant direction is to leverage Cloud infrastructure to execute and deliver applications and services. Recent studies showed that Cloud Computing is not sufficient for many VANET applications due to the mobility of vehicles and the latency sensitive requirements they impose. To this end, Fog Computing has been proposed to leverage computation infrastructure that is closer to the network edge to compliment Cloud Computing in providing latency-sensitive applications and services. However, applications development in Fog environment is much more challenging than in the Cloud due to the distributed nature of Fog systems. In this paper, we investigate how Smart Transportation applications are developed following Fog Computing approach, their challenges and possible mitigation from the state of the arts.