Biblio

Modern computing networks that enable distributed computing are comprised of a wide range of heterogeneous devices with different levels of resources, which are interconnected by different networking technologies and communication protocols. This integration, together with the state of the art technologies, has brought into play new uncertainties, associated with physical world and the cyber space. In heterogeneous networked control systems environments, awareness and resilience are two important properties that these systems should bear and comply with. In this work the problem of resilience enhancement in heterogeneous networked control systems is addressed based on a distributed middleware, which is propped up on a hierarchical multi-agent framework, where each of the constituent agents is devoted to a specific task. The proposed architecture takes into account physical and cyber vulnerabilities and ensures state and context awareness, and a minimum level of acceptable operational performance, in response to physical and cyber disturbances. Experiments on a IPv6-based test-bed proved the relevance and benefits offered by the proposed architecture.

Advances on the integration of wireless sensor and actuator networks, as a whole, have contribute to the greater reconfigurability of systems and lower installation costs with application to supervision of networked control systems. This integration, however, increases some vulnerabilities associated with the physical world and also with the cyber and security world. This trend makes the wireless nodes one of the most vulnerable component of these kind of systems, which can have a major impact on the overall performance of the networked control system. This paper presents an architecture relying on a hierarchical multi-agent system for resilience enhancement, with focus on wireless sensor and actuator networks. The proposed framework was evaluated on an IPv6 test-bed comprising several distributed devices, where performance and communication links health are analyzed. The relevance of the proposed approach is demonstrated by results collected from the test-bed.

Numerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a Byzantine fault tolerant configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to prevent individual malicious administrators from performing undesired actions. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.

Introduction of IoT is a big step towards the convergence of physical and virtual world as everyday objects are connected to the internet nowadays. But due to its diversity and resource constraint nature, the security of these devices in the real world has become a major challenge. Although a number of security frameworks have been suggested to ensure the security of IoT devices, frameworks for auditing this security are rare. We propose an open-source framework to audit the security of IoT devices covering hardware, firmware and communication vulnerabilities. Using existing open-source tools, we formulate a modular approach towards the implementation of the proposed framework. Standout features in the suggested framework are its modular design, extensibility, scalability, tools integration and primarily autonomous nature. The principal focus of the framework is to automate the process of auditing. The paper further mentions some tools that can be incorporated in different modules of the framework. Finally, we validate the feasibility of our framework by auditing an IoT device using proposed toolchain.

In times of Industry 4.0 and cyber-physical systems (CPS) providing security is one of the biggest challenges. A cyber attack launched at a CPS poses a huge threat, since a security incident may affect both the cyber and the physical world. Since CPS are very flexible systems, which are capable of adapting to environmental changes, it is important to keep an overview of the resulting costs of providing security. However, research regarding CPS currently focuses more on engineering secure systems and does not satisfactorily provide approaches for evaluating the resulting costs. This paper presents an interaction-based model for evaluating security costs in a CPS. Furthermore, the paper demonstrates in a use case driven study, how this approach could be used to model the resulting costs for guaranteeing security.