Biblio

The new paradigm of industrial development, called Industry 4.0, faces the problems of Cybersecurity, and as it has already manifested itself in Information Systems, focuses on the use of Artificial Intelligence tools. The authors of this article build on their experience with the use of the above mentioned tools to increase the resilience of Information Systems against Cyber threats, approached to the choice of an effective structure of Cyber-protection of Industrial Systems, primarily analyzing the objective differences between them and Information Systems. A number of analyzes show increased resilience of the decentralized architecture in the management of large-scale industrial processes to the centralized management architecture. These considerations provide sufficient grounds for the team of the project to give preference to the decentralized structure with flock behavior for further research and experiments. The challenges are to determine the indicators which serve to assess and compare the impacts on the controlled elements.

The fourth industrial revolution has led to the rapid development of industrial control systems. While the large number of industrial system devices connected to the Internet provides convenience for production management, it also exposes industrial control systems to more attack surfaces. Under the influence of multiple attack surfaces, sensitive data leakage has a more serious and time-spanning negative impact on industrial production systems. How to quickly locate the source of information leakage plays a crucial role in reducing the loss from the attack, so there are new requirements for tracing sensitive data in industrial control information systems. In this paper, we propose a digital watermarking traceability scheme for sensitive data in industrial control systems to address the above problems. In this scheme, we enhance the granularity of traceability by classifying sensitive data types of industrial control systems into text, image and video data with differentiated processing, and achieve accurate positioning of data sources by combining technologies such as national secret asymmetric encryption and hash message authentication codes, and mitigate the impact of mainstream watermarking technologies such as obfuscation attacks and copy attacks on sensitive data. It also mitigates the attacks against the watermarking traceability such as obfuscation attacks and copy attacks. At the same time, this scheme designs a data flow watermark monitoring module on the post-node of the data source to monitor the unauthorized sensitive data access behavior caused by other attacks.

The main intention of edge computing is to improve network performance by storing and computing data at the edge of the network near the end user. However, its rapid development largely ignores security threats in large-scale computing platforms and their capable applications. Therefore, Security and privacy are crucial need for edge computing and edge computing based environment. Security vulnerabilities in edge computing systems lead to security threats affecting edge computing networks. Therefore, there is a basic need for an intrusion detection system (IDS) designed for edge computing to mitigate security attacks. Due to recent attacks, traditional algorithms may not be possibility for edge computing. This article outlines the latest IDS designed for edge computing and focuses on the corresponding methods, functions and mechanisms. This review also provides deep understanding of emerging security attacks in edge computing. This article proves that although the design and implementation of edge computing IDS have been studied previously, the development of efficient, reliable and powerful IDS for edge computing systems is still a crucial task. At the end of the review, the IDS developed will be introduced as a future prospect.

Software-Defined Networking (SDN) can be a good option to support Industry 4.0 (4IR) and 5G wireless networks. SDN can also be a secure networking solution that improves the security, capability, and programmability in the networks. In this paper, we present and analyze an SDN-based security architecture for 4IR with 5G. SDN is used for increasing the level of security and reliability of the network by suitably dividing the whole network into data, control, and applications planes. The SDN control layer plays a beneficial role in 4IR with 5G scenarios by managing the data flow properly. We also evaluate the performance of the proposed architecture in terms of key parameters such as data transmission rate and response time.

Industry 4.0 is the latest industrial revolution primarily merging automation with advanced manufacturing to reduce direct human effort and resources. Predictive maintenance (PdM) is an industry 4.0 solution, which facilitates predicting faults in a component or a system powered by state-of-the- art machine learning (ML) algorithms (especially deep learning algorithms) and the Internet-of-Things (IoT) sensors. However, IoT sensors and deep learning (DL) algorithms, both are known for their vulnerabilities to cyber-attacks. In the context of PdM systems, such attacks can have catastrophic consequences as they are hard to detect due to the nature of the attack. To date, the majority of the published literature focuses on the accuracy of DL enabled PdM systems and often ignores the effect of such attacks. In this paper, we demonstrate the effect of IoT sensor attacks (in the form of false data injection attack) on a PdM system. At first, we use three state-of-the-art DL algorithms, specifically, Long Short-Term Memory (LSTM), Gated Recurrent Unit (GRU), and Convolutional Neural Network (CNN) for predicting the Remaining Useful Life (RUL) of a turbofan engine using NASA's C-MAPSS dataset. The obtained results show that the GRU-based PdM model outperforms some of the recent literature on RUL prediction using the C-MAPSS dataset. Afterward, we model and apply two different types of false data injection attacks (FDIA), specifically, continuous and interim FDIAs on turbofan engine sensor data and evaluate their impact on CNN, LSTM, and GRU-based PdM systems. The obtained results demonstrate that FDI attacks on even a few IoT sensors can strongly defect the RUL prediction in all cases. However, the GRU-based PdM model performs better in terms of accuracy and resiliency to FDIA. Lastly, we perform a study on the GRU-based PdM model using four different GRU networks with different sequence lengths. Our experiments reveal an interesting relationship between the accuracy, resiliency and sequence length for the GRU-based PdM models.

The development of edge computing and machine learning technologies have led to the growth of Industrial IoT systems. Autonomous decision making and smart manufacturing are flourishing in the current age of Industry 4.0. By providing more compute power to edge devices and connecting them to the internet, the so-called Cyber Physical Systems are prone to security threats like never before. Security in the current industry is based on cryptographic techniques that use pseudorandom number keys. Keys generated by a pseudo-random number generator pose a security threat as they can be predicted by a malicious third party. In this work, we propose a secure Industrial IoT Architecture that makes use of true random numbers generated by a quantum random number generator (QRNG). CITRIOT's FireConnect IoT node is used to show the proof of concept in a quantum-safe network where the random keys are generated by a cloud based quantum device. We provide an implementation of QRNG on both real quantum computer and quantum simulator. Then, we compare the results with pseudorandom numbers generated by a classical computer.

The rapid development of the Industry 4.0 initiative highlights the problems of Cyber-security of Industrial Computer Systems and, following global trends in Cyber Defense, the implementation of Artificial Intelligence instruments. The authors, having certain achievement in the implementation of Artificial Intelligence tools in Cyber Protection of Information Systems and, more precisely, creating and successfully experimenting with a hybrid model of Intrusion Detection and Prevention System (IDPS), decided to study and experiment with the possibility of applying a similar model to Industrial Control Systems. This raises the question: can the experience of applying Artificial Intelligence methods in Information Systems, where this development went beyond the experimental phase and has entered into the real implementation phase, be useful for experimenting with these methods in Industrial Systems.

With the development of various technologies, the modern industry has been promoted to a new era known as Industry 4.0. Within such paradigm, smart factories are becoming widely recognized as the fundamental concept. These systems generate and exchange vast amounts of privacy-sensitive data, which makes them attractive targets of attacks and unauthorized access. To improve privacy and security within such environments, a more decentralized approach is seen as the solution to allow their longterm growth. Currently, the blockchain technology represents one of the most suitable candidate technologies able to support distributed and secure ecosystem for Industry 4.0 while ensuring reliability, information integrity and access authorization. Blockchain based access control frameworks address encountered challenges regarding the confidentiality, traceability and notarization of access demands and procedures. However significant additional fears are raised about entities' privacy regarding access history and shared policies. In this paper, our main focus is to ensure strong privacy guarantees over the access control related procedures regarding access requester sensitive attributes and shared access control policies. The proposed scheme called PDAMF based on ring signatures adds a privacy layer for hiding sensitive attributes while keeping the verification process transparent and public. Results from a real implementation plus performance evaluation prove the proposed concept and demonstrate its feasibility.

We aim at creating a society where we can resolve various social challenges by incorporating the innovations of the fourth industrial revolution (e.g. IoT, big data, AI, robot, and the sharing economy) into every industry and social life. By doing so the society of the future will be one in which new values and services are created continuously, making people's lives more conformable and sustainable. This is Society 5.0, a super-smart society. Security and privacy are key issues to be addressed to realize Society 5.0. Privacy-preserving data analytics will play an important role. In this talk we show our recent works on privacy-preserving data analytics such as privacy-preserving logistic regression and privacy-preserving deep learning. Finally, we show our ongoing research project under JST CREST “AI”. In this project we are developing privacy-preserving financial data analytics systems that can detect fraud with high security and accuracy. To validate the systems, we will perform demonstration tests with several financial institutions and solve the problems necessary for their implementation in the real world.

We present a unified communication architecture for security requirements in the industrial internet of things. Formulating security requirements in the language of OPC UA provides a unified method to communicate and compare security requirements within a heavily heterogeneous landscape of machines in the field. Our machine-readable data model provides a fully automatable approach for security requirement communication within the rapidly evolving fourth industrial revolution, which is characterized by high-grade interconnection of industrial infrastructures and self-configuring production systems. Capturing security requirements in an OPC UA compliant and unified data model for industrial control systems enables strong use cases within modern production plants and future supply chains. We implement our data model as well as an OPC UA server that operates on this model to show the feasibility of our approach. Further, we deploy and evaluate our framework within a reference project realized by 14 industrial partners and 7 research facilities within Germany.