Ebook: Cyber Defence in Industry 4.0 Systems and Related Logistics and IT Infrastructures

The general objectives of this book include the development of strategies, concepts and tools for the creation and implementation of cyber systems and cyber platforms capable of providing enhanced cyber security and interoperability, smart intrusion prevention, adaptive cyber defence, smart recovering (if needed) of the systems states, smart monitoring, control and management of Industry 4.0 complexes and related logistics systems (composed respectively of connected industrial and logistics modules of 4th generation, e.g., robotic equipment, logistics modules and units, technologic equipment, etc.), as well as their IT infrastructure(s).

The reality is that it is extremely difficult to provide full cyber defence and/or intrusion prevention of the smart networks that connect intelligent industrial and logistics modules, since the more intelligent the systems are, the more vulnerable they become. Therefore, the main efforts of the scientific publications developed in this book are focused on development and implementation of strategies, concepts and tools capable of providing intrusion prevention and cyber defence of smart IT infrastructure(s), but mostly of system core, that controls the entire Industry 4.0 and/or logistics networks, and (if necessary) the reconfiguration of the systems states in the smart infrastructures.

This publication focuses on the creation of concepts for smart environments and cyber platforms, which form the so-called “web of everything” and are (respectively) capable of providing generic turnkey solutions in a variety of application fields – e.g., creationofecosystems which are based on “Cyber Platform(s) for Connected Smart Objects” and are capable to interconnect, to control and to provide adaptive cyber defence and intrusion prevention (and even without human intervention) of connected 4G smart devices and embedded systems that can be integrated into smart IT infrastructures and service platforms and respectively – be implemented in the 4G industrial “world” (e.g., Industry 4.0 systems, intelligent logistics systems, intelligent transport, etc.). Therefore, the proposed concepts for Cyber-physical platforms (CPP) include also their openness to any type of simulation, optimization, and model-creation services (modules) that might appear in the future, i.e., CPP which could be open, scalable, with high-capacity and capable of transition from flexibility to agility in the simulated processes and the created genericmodels.

This publication also focuses on the development of strategies and concepts for industrial deployment of the proposed CPP across multiple sectors (such as industrial and logistics processes), with the support of identified participants who are capable to act as technology and IT infrastructure integrators.

All scientific publications developed in this book were presented during an Advanced Research Workshop (ARW), with the title “Cyber Defence in Industry 4.0 Systems and Related Logistics and IT Infrastructures”.

The ARW took place in Jyvaskyla, Finland in the time period: October 16 – October 21, 2017, and was sponsored by NATO Emerging Security Challenges Division, SPS Programme, Project G5172.

A Note on the Editor:

Prof. Dr. Eng. Konstantin DIMITROV is Head of Department “Logistics Engineering”, Technical University, Sofia, Bulgaria. E-mail: kdimitrov@tu-sofia.bg

Teaching and Research activities of Prof. Konstantin Dimitrov include:

Knowledge-based intelligent systems; implementation of neural, neuro-fuzzy and genetic systems for adaptive control, decision-making and reconfiguation of process/system behaviour; reliability and fault diagnosis of industrial systems; logistics engineering.

Prof. Konstantin Dimitrov is the author of more than 100 scientific publications, 6 books and 3 monographs. He is also a Director of many research and industrial projects and PhD Theses.

There is a considerable amount of research on chaos-based communication or simply chaotic communication that has been ongoing since the early 1990's. It was argued that chaotic communication has the potential of addressing the security issue that is omnipresent in standard communication systems, yet this technology has not taken over traditional methods of communication. In this work, we provide a discussion as to why such communication system is still not fully embraced by the industrial and communication community. We give a brief survey on the existing methods for designing chaos-based communication schemes. We also propose some solutions to address this issue as well as its potential applications in 4G networks.

Industry is evolving towards Industry 4.0, which holds the promise of increased flexibility in manufacturing, better quality and improved productivity. A core actor of this growth is using sensors, which must capture data that can used in unforeseen ways to achieve a performance not achievable without them. However, the complexity of this improved setting is much greater than what is currently used in practice. Hence, it is imperative that the management cannot only be performed by human labor force, but part of that will be done by automated algorithms instead. A natural way to represent the data generated by this large amount of sensors, which are not acting measuring independent variables, and the interaction of the different devices is by using a graph data model. Then, machine learning could be used to aid the Industry 4.0 system to, for example, perform predictive maintenance. However, machine learning directly on graphs, needs feature engineering and has scalability issues. In this paper we discuss methods to convert (embed) the graph in a vector space, such that it becomes feasible to use traditional machine learning methods for Industry 4.0 settings.

Despite Artificial Intelligence can still be considered as a fashion term mostly used by marketing, technologies approaching Artificial Intelligence have been used in both military and civil areas for a long time. Today, the development of these technologies is exponential and their need is various. We may find them in areas such as data filtering and analysis, modeling and simulation, automation. They have been used to develop and advance numerous fields and industries, including finance, healthcare, education, transportation, military armament, cyber security, and more. In this paper we be presented the risks and advantages in using AI on cyber security and more precisely on cyber defence and cyber-attack, especially in a more and more world-wide interconnected context.

Some advanced concepts and methods for intelligent Fault Diagnosis (FD) are proposed to be implemented in industrial cyber physical platforms (CPP), respectively with capacities to prevent and/or to neutralize cyber attacks in Industry 4.0 complexes and logistics systems.

As the industrial processes and their control are transitioning to their so called 4.0 version, we are witnessing a dramatic increase in disruptive or destructive attacks on those installations. Naturally, the global connectivity of the Industry 4.0 sensors and actuators, and the use of the Internet as the transfer medium for both the data acquisition and the control signalling, make modern systems conveniently more attackable, than they used to be. The system, which we propose with this paper, might still be a stretch of imagination, but it could be that extra layer of intelligence over a SCADA system, which could bring an agile security functionality to withstand the most common types of cyber-attacks.

The present work deals with the main challenges and constraints inherent to the factories of the future (FoF), especially those related to resilience and hacking risks. After a brief historical review of the industry evolution through the ages, the authors focus on the technical and technological specificities of the so-called industry 4.0 and propose an original Security Simulator Platform for cyber-attacks evaluation in real life industrial production systems, based on the CPS concept (Cyber-Physical System). For this, a graphic architecture is proposed to study the different flows and exchanges between the physical part (manufacturing system) and its ecosystem (Customers, suppliers, stocks, etc.). Then, a numerical model under Witness software, is built, in order to analyze the behavior of the global system (Soft and Hardware) in the event of possible integrity breach and cyber-attacks. The developed model is based on a set of mathematical algorithms and numerical techniques to ensure an intelligent cyber control of the resilience the industrial system.

Supply chains are becoming more global, complex and increasingly vulnerable. Specifically, the latest evolution of the modern supply chains creates crucial cyber-risks and cyber-security challenges. Nowadays, supply chain risk managers need methods and tools for control, analysis, risk mitigation and managing of their cyber vulnerabilities. In this context, cyber-risk modeling and analysis in supply chain has become one of the major research subjects. The first part of this chapter provides a survey of the field and investigates the use of Petri Nets as a tool for modeling and performance analysis of supply chains, as well as their great potential for supply chain risk analysis. The second part of this work is dedicated to our contributions for modeling and performance evaluation of supply chain networks by using discrete event dynamic approaches. Based on the modeling and performance analysis power of Batch Deterministic and Stochastic Petri nets (BDSPN) for supply chain and logistic systems, two original risk-modeling approaches are introduced for this emerging research topic.

This chapter describes and evaluates the cyber world, including its phenomena, from a strategic perspective. As no universally accepted definitions for the cyber world exist, associated literature and publications address it in many ways. This chapter depicts the standards-based risk model, cyber operations and cyberweaponry, as well as the critical structures of society as the targets. Moreover, cyber security definitions and a five-layer model of cyber threats, which include cyber vandalism, cybercrime, cyber intelligence, cyberterrorism and cyberwarfare are provided.

Artificial intelligence is an unavoidable asset of Industry 4.0. Artificial actors participate in real-time decision-making and problem solving in various industrial processes, including planning, production, and management. Their efficiency, as well as intelligent and autonomous behavior is highly dependent on the ability to learn from examples, which creates new vulnerabilities exploited by security threats. Today's disruptive attacks of hackers go beyond system's infrastructures targeting not only hard-coded software or hardware, but foremost data and trained decision models, in order to approach system's intelligence and compromise its work. This paper intends to reveal security threats which are new in the industrial context by observing the latest discoveries in the AI domain. Our focus is data poisoning attacks caused by adversarial training samples and subsequent corruption of machine learning process.

A “Cyber-Physical System (CPS)” is an intelligent system interacting with other systems through networks and having physical and information technology components. CPSs are already in use in critical technologies such as Industry 4.0, advanced defense technologies and advanced cyber defense. The end devices within CPSs are generally constrained devices and most solutions in use in classical networks are therefore not applicable for CPS. In this article we investigate the network layer attacks against CPSs and possible mitigations.

Industry 4.0 is the name for the latest trend in industrial systems for automation of services, cyber physical system and data exchange between multiple players. These system have unique trusted computing cyber requirements. Many time the machine is pitted against a MATE (Man at-the-end) adversary. MATE threats require new requirements on hardware. These requirements are addressed by virtually all major hardware vendors. In this chapter we will discuss the threats, hardware capabilities and use cases offered by major hardware vendors to address Industry 4.0 hardware requirements.