Abstract

The past years have witnessed an increasing interest and concern regarding the development of security monitoring and management mechanisms for Critical Infrastructures, due to their vital role in ensuring the availability of many essential services. This task is not easy due to the specific characteristics of such systems, and the natural resistance of Critical Infrastructures operators against actions implying downtime. Digital Twins, as accurate virtual models of physical objects or processes, can provide a faithful environment for security analysis or evaluation of potential mitigation strategies to be deployed in face of specific situations. Nonetheless, their on-premises deployment can be expensive, implying a significant CAPEX whose return will depend on the ability to plan and deploy a suitable support infrastructure, as well as implementing efficient and scalable data collection and processing mechanisms capable of taking advantage of the acquired resources. This paper presents an off-premises approach to design and deploy Digital Twins to secure critical infrastructures, developed in the scope of the ELEGANT project. Such Digital Twins are built using real-time, high fidelity replicas of Programming Logic Controllers, coupled with scalable and efficient data collection processes, supporting the development and validation of Machine Learning models to mitigate security threats like Denial of Service attacks. The validation approach of ELEGANT, which leveraged from the capabilities of the Fed4Fire federated testbeds evaluated the feasibility of using cloudified Digital Twins, thus converting a significant part of the projected CAPEX for the in-premises model into on-demand, pay-as-you-go OPEX, eventually paving the way for the establishment of a DTaaS (Digital Twin as a Service) paradigm. The achieved results demonstrate that the data pipelines providing support for the ELEGANT Digital Twins have low impact in terms of resource usage in Denial of Service and Distributed Denial of Service attack scenarios, when higher volumes of data are generated.

Highlights

  • M ODERN automation technologies, deployed in modern Industrial Control Systems (ICS) or Industrial Automation Control Systems (IACS), have become pervasive [1], playing a crucial part in ensuring the availability of essential and critical services (e.g., Smart Grid, Water Distribution, etc)

  • The overhead of the background processes, considered as user services to avoid overlapping with the processes terminology in ICS, is discussed in section VI-C, such services enable the diverse steps in the data pipeline

  • The ELEGANT project validated an off-premises approach to design and deploy Digital Twins to secure critical infrastructures. Such Digital Twins are built using real-time, high fidelity emulated replicas of Programming Logic Controllers (PLCs), coupled with scalable and efficient data collection processes, supporting the development and validation of Machine Learning (ML) models to mitigate security threats like Denial of Service (DoS) attacks, which can occur with different patterns

Read more

Summary

Introduction

M ODERN automation technologies, deployed in modern Industrial Control Systems (ICS) or Industrial Automation Control Systems (IACS), have become pervasive [1], playing a crucial part in ensuring the availability of essential and critical services (e.g., Smart Grid, Water Distribution, etc) Such systems include many Internet of Thing (IoT) and/or sensing or control components which are instrumental to manage physical processes - any disruption in their operation may have catastrophic results. For this reason, operators and service utilities are often heavily regulated by standardisation and steering organisations, in order to ensure proper quality, security and privacy requirements. The primacy of availability as the main concern over all other aspects influenced the CI mindset to consider technological maturity as a guarantee of reliability

Methods
Results
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Secure and Scalable Data Collection With Time Minimization in the Smart Grid
Wenyu Ren ... King-Shan Lui
IEEE Transactions on Smart Grid | VOL. 7
Wenyu Ren, et. al.Wenyu Ren ... King-Shan Lui
01 Jan 2015
SDC: A Scalable Approach to Collect Data in Wireless Sensor Networks
N Thepvilojanapong
IEICE Transactions on Communications | VOL. E88-B
N ThepvilojanapongN Thepvilojanapong
01 Mar 2005
Autonomous Configuration in Wireless Sensor Networks
Y Tobe
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences | VOL. E88-A
Y TobeY Tobe
01 Nov 2005
Modeling thermal processes using electrical equivalent circuits in digital twins of technical devices
A.V Stulov ... A.I Tikhonov
Vestnik IGEU | VOL. -
A.V Stulov, et. al.A.V Stulov ... A.I Tikhonov
31 Oct 2021
View more papers

More From: IEEE Access

Paper Title
Journal
Date
Author
High-Performance Single Switch High Step-Up Quadratic DC-DC Converter With Switched Capacitor Cell
D V Sudarsan Reddy ... S Thangavel
IEEE Access | VOL. 12
D V Sudarsan Reddy, et. al.D V Sudarsan Reddy ... S Thangavel
01 Jan 2024
Enhancing Accuracy in Actigraphic Measurements: A Lightweight Calibration Method for Triaxial Accelerometers
Denes Farago ... Zoltan Gingl
IEEE Access | VOL. 12
Denes Farago, et. al.Denes Farago ... Zoltan Gingl
01 Jan 2024
Design, Analysis and Implementation of a 3-DOF Spherical Parallel Manipulator
Mansoul Aljohani ... Seif Eddine Chehaidia
IEEE Access | VOL. -
Mansoul Aljohani, et. al.Mansoul Aljohani ... Seif Eddine Chehaidia
01 Jan 2024
Object Detection via Active Learning Strategy Based on Saliency of Local Features and Posterior Probability
Meng Wang ... Guobao Liu
IEEE Access | VOL. 12
Meng Wang, et. al.Meng Wang ... Guobao Liu
01 Jan 2024
View more papers