Modeling of dynamic trust contracts for industry 4.0 systems

Al-Ali, Rima; Heinrich, Robert; Hnětynka, Petr; Juan-Verdejo, Adrián; Seifermann, Stephan; Walter, Maximilian

doi:10.1145/3241403.3241450

Cited by 11 publications

(6 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Al-Ali et al [162] describe a real-world use case for data flow monitoring, where certain data on machine error rates is shared within the company itself, and across organization boundaries based on a set of privacy policies. Some of these policies cannot be statically enforced because they depend on dynamically changing processes or coordinated interaction between different entities.…”

Section: ) Data Transportmentioning

confidence: 99%

A Systematic Survey of Industrial Internet of Things Security: Requirements and Fog Computing Opportunities

Tange

Donno

Fafoutis

et al. 2020

IEEE Commun. Surv. Tutorials

295

112

View full text Add to dashboard Cite

A key application of the Internet of Things (IoT) paradigm lies within industrial contexts. Indeed, the emerging Industrial Internet of Things (IIoT), commonly referred to as Industry 4.0, promises to revolutionize production and manufacturing through the use of large numbers of networked embedded sensing devices, and the combination of emerging computing technologies, such as Fog/Cloud Computing and Artificial Intelligence. The IIoT is characterized by an increased degree of inter-connectivity, which not only creates opportunities for the industries that adopt it, but also for cyber-criminals. Indeed, IoT security currently represents one of the major obstacles that prevent the widespread adoption of IIoT technology. Unsurprisingly, such concerns led to an exponential growth of published research over the last few years. To get an overview of the field, we deem it important to systematically survey the academic literature so far, and distill from it various security requirements as well as their popularity. This paper consists of two contributions: our primary contribution is a systematic review of the literature over the period 2011-2019 on IIoT Security, focusing in particular on the security requirements of the IIoT. Our secondary contribution is a reflection on how the relatively new paradigm of Fog computing can be leveraged to address these requirements, and thus improve the security of the IIoT.

show abstract

Section: ) Data Transportmentioning

confidence: 99%

A Systematic Survey of Industrial Internet of Things Security: Requirements and Fog Computing Opportunities

Tange

Donno

Fafoutis

et al. 2020

IEEE Commun. Surv. Tutorials

295

112

View full text Add to dashboard Cite

show abstract

“…Another area of contention is the exchange of knowledge over dynamic networks in both industrial and non-industrial atmospheres (i.e., IT) given that the two atmospheres are geographically or logically isolated. In the age of Industry 4.0, data sharing between the OT and IT environments is essential for making the optimal business decisions (i.e., usually higher management is located in a different facility than current operations) [17]. However, this raises the vulnerability of such sensitive infrastructure, which can be exposed to untrustworthy networks and attacks.…”

Section: Relation Between Cybersecurity and Safety In Ahsmentioning

confidence: 99%

“…The dynamic nature of the CPS portion, such as a complex environment, necessitates a unique approach (i.e., considering cybersecurity and safety). Most data exchange methods, according to [17], are incapable of grasping highdynamic scenarios in which several parties (i.e., vendors) cooperate to achieve a shared purpose, particularly where privacy is factored in. The same authors suggested a solution based on establishing a dynamic trust zone in which decisions are automatically made through identifying flows, evaluating them, and deciding whether to allow the flow or not [17].…”

Section: Relation Between Cybersecurity and Safety In Ahsmentioning

confidence: 99%

“…These data are private and often proprietary to manufacturers as well as not always accessible for analysis, making this study difficult to conduct further studies to confirm or improve the results. Al-Ali et al [17] propose creating a trust zone to handle sharing such information, but this entails the acceptance of all parties. Table 1 summarizes some proposed solutions and their challenges.…”

Section: Relation Between Cybersecurity and Safety In Ahsmentioning

confidence: 99%

See 1 more Smart Citation

Autonomous Haulage Systems in the Mining Industry: Cybersecurity, Communication and Safety Issues and Challenges

et al. 2021

View full text Add to dashboard Cite

The current advancement of robotics, especially in Cyber-Physical Systems (CPS), leads to a prominent combination between the mining industry and connected-embedded technologies. This progress has arisen in the form of state-of-the-art automated giant vehicles with Autonomous Haulage Systems (AHS) that can transport ore without human intervention. Like CPS, AHS enable autonomous and/or remote control of physical systems (e.g., mining trucks). Thus, similar to CPS, AHS are also susceptible to cyber attacks such as Wi-Fi De-Auth and GPS attacks. With the use of the AHS, several mining activities have been strengthened due to increasing the efficiency of operations. Such activities require ensuring accurate data collection from which precise information about the state of the mine should be generated in a timely and consistent manner. Consequently, the presence of secure and reliable communications is crucial in making AHS mines safer, productive, and sustainable. This paper aims to identify and discuss the relation between safety of AHS in the mining environment and both cybersecurity and communication as well as highlighting their challenges and open issues. We survey the literature that addressed this aim and discuss its pros and cons and then highlight some open issues. We conclude that addressing cybersecurity issues of AHS can ensure the safety of operations in the mining environment as well as providing reliable communication, which will lead to better safety. Additionally, it was found that new communication technologies, such 5G and LTE, could be adopted in AHS-based systems for mining, but further research is needed to considered related cybersecurity issues and attacks.

show abstract

“…This makes the rules explicit and avoids ad-hoc interdependencies of constituent legacy systems. The approach is based on our preliminary work [2,3], where we have defined security ensembles that describe permitted interactions in the system and follow the system during its evolution. The approach presented in this paper brings it to the level of a self-adaptive architecture, introduces the concepts of the security adaptation controller and connects it to the legacy systems.…”

Section: Introductionmentioning

confidence: 99%

Dynamic security rules for legacy systems

Al-Ali

Hnětynka

Havlik

et al. 2019

Proceedings of the 13th European Conference on Software Architecture - Volume 2

Self Cite

View full text Add to dashboard Cite

Industry 4.0 tries to digitalize the production process further. The digitalization is achieved by connecting different entities (machines, worker) to data-exchange, which needs to be dynamic and to adapt to different changing situations and members in the process. However, just exchanging data might lead to confidentiality issues. The data-exchange needs to be protected to secure the confidentiality and trust in the system. Therefore, security rules need to adapt to these dynamic situations. One part of a possible solution might be dynamic access control rules. However in many cases, existing "legacy" systems are reused, which can in not handle dynamic access control rules. Due to this gap between the required and provided functionality, we propose an approach, which integrates dynamic access control based on the system-context into legacy systems. Our approach uses a security adaption controller, which dynamically adapts the access control rules to a new situation and integrates them into an existing legacy system. We discussed our approach with industrial practitioners and related our approach to their existing legacy system. In addition, we performed a scalability analysis to demonstrate the applicability of our approach in a realistic environment. CCS CONCEPTS• Security and privacy → Domain-specific security and privacy architectures; • Computer systems organization → Self-organizing autonomic computing.

show abstract

Modeling of dynamic trust contracts for industry 4.0 systems

Cited by 11 publications

References 14 publications

A Systematic Survey of Industrial Internet of Things Security: Requirements and Fog Computing Opportunities

A Systematic Survey of Industrial Internet of Things Security: Requirements and Fog Computing Opportunities

Autonomous Haulage Systems in the Mining Industry: Cybersecurity, Communication and Safety Issues and Challenges

Dynamic security rules for legacy systems

Contact Info

Product

Resources

About