Security Of Cyber-physical Systems Research Articles

Cyber-Physical systems security vulnerabilities in manufacturing supply chain operations

The menace of Cyber-Physical (CP) attacks is becoming a major concern, because of the potential adverse effect posed to organizations' supply chain and production activities. For example, product design, equipment destruction, or in some cases, modifications to the manufacturing process, may go unnoticed when adequate measures to protect or deter this issue are not implemented. This study explored the various security vulnerabilities in Cyber-Physical Systems (CPS) in the supply chain system, focusing on the impact of cyberattacks on the production process and data bridge, leading to financial loss. Desktop analysis was adopted through a literature review of existing studies on CP attacks and supply chain management in the manufacturing industry. The study highlights how the security framework and policies in an organization could help reduce risk, whilst still ensuring operational efficiency is maintained. In addition, it contributes to knowledge by evaluating the challenges of CP security and how more proactive prevention and mitigation strategies can be implemented, as well as policies, to help reduce cyberattacks on the supply chain and production system of an organization. Keywords: Cyber-Physical Systems, Policy, Cyberattack, Manufacturing, Supply Chain, Framework.

Securing Cyber Physical Systems: Lightweight Industrial Internet of Things Authentication (LI2A) for Critical Infrastructure and Manufacturing

The increasing incorporation of Industrial Internet of Things (IIoT) devices into critical industrial operations and critical infrastructures necessitates robust security measures to safeguard confidential information and ensure dependable connectivity. Particularly in Cyber Physical Systems (CPSs), IIoT system security becomes critical as systems become more interconnected and digital. This paper introduces a novel Lightweight Industrial IoT Authentication (LI2A) method as a solution to address security concerns in the industrial sector and smart city infrastructure. Mutual authentication, authenticated message integrity, key agreement, soundness, forward secrecy, resistance to a variety of assaults, and minimal resource consumption are all features offered by LI2A. Critical to CPS operations, the approach prevents impersonation, man-in-the-middle, replay, eavesdropping, and modification assaults, according to a security study. The method proposed herein ensures the integrity of CPS networks by verifying communication reliability, identifying unauthorized message modifications, establishing a shared session key between users and IIoT devices, and periodically updating keys to ensure sustained security. A comprehensive assessment of performance takes into account each aspect of storage, communication, and computation. The communication and computing capabilities of LI2A, which are critical for the operation of CPS infrastructure, are demonstrated through comparisons with state-of-the-art systems from the literature. LI2A can be implemented in resource-constrained IIoT devices found in CPS and industrial environments, according to the results. By integrating IIoT devices into critical processes in CPS, it is possible to enhance security while also promoting urban digitalization and sustainability.

Cyber-Physical System Security for Manufacturing Industry 4.0 Using LSTM-CNN Parallel Orchestration

Cyber-Physical System Security for Manufacturing Industry 4.0 Using LSTM-CNN Parallel Orchestration

Integrating Machine and Deep Learning for Enhanced Security in Cyber-Physical Systems: Challenges and Future Research Agenda

Cyber-physical systems are an essential and frequently used infrastructure for resolving today's most challenging problems. As we all know, making rapid and accurate decisions in a big data setting (also called a critical/significant environment) is a tough challenge. This chapter's potential investigates the specifics of one of the most significant technological revolutions developing "Cyber-Physical Systems" and the increasing role of artificial intelligence techniques in these systems. Artificial intelligence techniques are essential in information security because they can rapidly evaluate millions of incidents and recognize various threats – from malware leveraging zero-day vulnerabilities to risky actions that might result in a phishing attack or download of malicious code. We conducted an efficient search in Web of Science, PubMed, Scopus, and EBSCO for articles published up to April 2021 that addressed federated learning, deep learning, machine learning, graph-based approaches, intrusion detection tree approaches, and Signature Based Malicious Behavior Detection in cyber-security. Additionally, the work compared various attack detection techniques in cyber-physical systems against associated challenges and quality metrics such as accuracy, bandwidth, Variance of Noise, Sparsity rate, Pushing recall, F1-score, precision, and recall. It extensively discusses the context for artificial intelligence in cyber-security, including the different cyber-physical security attacks. The unique aspect of this work is that the survey summarizes current concepts and their limitations, focusing on future research potential in artificial intelligence techniques for Cyber-Physical Systems. This research work would facilitate multiple researchers and scholars investigating cyber-physical domains and serve as a basis for further studies. Keywords: Artificial Intelligence; Machine Learning; Deep Learning; Cyber-Physical Systems; Cyber Security; Attacks; Malware

Anomaly-Based IDS (Intrusion Detection System) for Cyber-Physical Systems

Cyber-physical systems (CPS) are critical infrastructures that integrate physical processes with computational components. The security of CPS is paramount, as any breach can lead to severe consequences. Anomaly-based intrusion detection systems (IDS) have emerged as a promising approach to safeguard CPS against cyber threats. This paper presents an anomaly-based IDS designed specifically for CPS, leveraging machine learning techniques to establish a baseline of normal system behaviour and promptly detect deviations indicative of malicious activities. The proposed system incorporates multiple classification techniques, including KNeighbors, RandomForest, XGB, DecisionTree, SGD, SVM, LGBM, AdaBoost, Bagging, and MLP Classifier, to enhance detection accuracy and robustness. Key components of the IDS, such as data collection, feature extraction, anomaly detection, and alert generation, are thoroughly outlined. The system's performance is evaluated, highlighting its effectiveness in accurately identifying intrusions while maintaining low false positive rates. The proposed anomaly-based IDS aims to provide a robust and reliable solution for enhancing the security of CPS and protecting critical infrastructure from cyber threats.

A Comprehensive Survey on Cyber-Physical System Security in the Internet of Things (IoT): Addressing and Solutions

Background: Cyber-Physical Systems (CPSs) integrate computing, control, and communication technologies, bridging cyberspace and the physical world to enhance critical infrastructure and safety-critical systems. Existing surveys often address CPS security from a single perspective, necessitating a more comprehensive approach. Methods: This paper presents a thorough review of CPS security from three perspectives: the physical domain, the cyber domain, and the cyber-physical domain. We examine attacks on physical components like sensors, cyber-attacks targeting CPSs, and integrated cyber-physical attacks. For each domain, we analyse corresponding detection and defence mechanisms. Results: Our review reveals that CPSs face significant security threats across all domains. In the physical domain, attacks on sensors can disrupt system operations, but various defences are available. In the cyber domain, CPSs are vulnerable to malware, hacking, and denial-of-service attacks, with several detection and defence strategies in place. The cyber-physical domain highlights complex threats where cyber-attacks cause physical damage, requiring comprehensive security approaches. Conclusion: By examining CPS security from multiple perspectives, this review provides a holistic understanding of current threats and defence mechanisms. It identifies future research directions to enhance CPS security, aiming to better protect critical infrastructure against evolving cyber threats.

TRIPLE: A blockchain-based digital twin framework for cyber–physical systems security

Cyber–physical systems (CPSs) are being increasingly adopted for industrial applications, yet they involve a dynamic threat landscape that requires CPSs to adapt to emerging threats during their operation. Recently, digital twin (DT) technology (which refers to a virtual representation of a product, process, or environment) has emerged as a suitable candidate to address the security challenges faced by dynamic CPSs. DT has the capability of strengthening the security of CPSs by continuously mapping the physical to twin counterparts to detect inconsistencies. The existing DT-based security solutions are constrained by untrustworthy data dissemination as well as limited data sharing among the involved stakeholders, which, in turn, limit the ability of DTs to run accurate simulations or make valid decisions. To address these challenges, this paper proposes a modular framework called TRusted and Intelligent cyber-PhysicaL systEm (TRIPLE), that leverages blockchain, DTs, and threat intelligence (TI) to secure CPSs. The blockchain-based DT components in the framework provide data integrity, traceability, and availability for trusted DTs. Furthermore, to accurately and comprehensively model system states, the framework envisions fusing process knowledge for modeling DTs from system specification-based and learning-based information and other sources, including infrastructure-as-code (IaC) and knowledge base (KB). The framework also integrates TI for future-proofing against emerging threats, such that threats can be detected either reactively by mapping the behavior of physical and virtual spaces or proactively by TI and threat hunting. We demonstrate the viability of the framework through a proof of concept. Finally, we formally verify the TRIPLE framework to demonstrate its correctness and effectiveness in enhancing CPS security.

Explainable artificial intelligence in web phishing classification on secure IoT with cloud-based cyber-physical systems

IoT is the technology that aids the interconnection of all kinds of devices over the internet to replace data, monitor devices and enhance actuators to create outcomes. Cyber-physical systems (CPS) contain control and computation components, which are compactly assured with physical procedures. The internet plays a prominent role in modern lives, and the cybersecurity challenge caused by phishing attacks is significant. This research presents a novel approach to address this problem using machine learning (ML) methods for phishing website classification. Leveraging feature extraction and innovative algorithms, the projected method aims to distinguish between malicious and legitimate websites by features of phishing attempts and analyzing inherent patterns. Phishing is a significant threat that causes extensive financial losses for internet users yearly. This fraudulent act includes identity hackers utilizing clever approaches to deceive individuals into revealing sensitive data. Generally, phishers use strategies such as advanced phishing software and fake emails to illegally acquire confidential details like usernames and passwords from financial accounts. This article develops an Explainable Artificial Intelligence with Aquila Optimization Algorithm in Web Phishing Classification (XAIAOA-WPC) approach on secure Cyber-Physical Systems. The developed XAIAOA-WPC approach mainly emphasizes the effectual classification and recognition of web phishing based on CPS. In the first phase, preprocessing is carried out on three levels: data cleaning, text preprocessing, and standardization. Furthermore, the Harris' Hawks optimization-based feature selection (HHO-FS) method is applied to derive feature subsets. The XAIAOA-WPC method utilizes a multi-head attention-based long short-term memory (MHA-LSTM) model for web phishing recognition. Besides, the detection outcomes of the MHA-LSTM approach are enhanced by using the Aquila optimization algorithm (AOA) model. At last, the XAIAOA-WPC method incorporates the XAI model LIME for superior perception and explainability of the black-box process for precise identification of intrusions. The simulation outcome of the XAIAOA-WPC method is examined on a benchmark database. The experimental validation of the XAIAOA-WPC method exhibited a superior accuracy value of 99.29 % over existing techniques.

Robust Federated Learning for Mitigating Advanced Persistent Threats in Cyber-Physical Systems

Malware triage is essential for the security of cyber-physical systems, particularly against Advanced Persistent Threats (APTs). Proper data for this task, however, are hard to come by, as organizations are often reluctant to share their network data due to security concerns. To tackle this issue, this paper presents a secure and distributed framework for the collaborative training of a global model for APT triage without compromising privacy. Using this framework, organizations can share knowledge of APTs without disclosing private data. Moreover, the proposed design employs robust aggregation protocols to safeguard the global model against potential adversaries. The proposed framework is evaluated using real-world data with 15 different APT mechanisms. To make the simulations more challenging, we assume that edge nodes have partial knowledge of APTs. The obtained results demonstrate that participants in the proposed framework can privately share their knowledge, resulting in a robust global model that accurately detects APTs with significant improvement across different model architectures. Under optimal conditions, the designed framework detects almost all APT scenarios with an accuracy of over 90 percent.

Application of Artificial Intelligence Technologies in Security of Cyber-Physical Systems

Cybersecurity questions of cyber-physical systems (CPS) have become ever more vital in recent times. Advances in technology and digitization have posed new weaknesses in CPS and cyber attackers take advantage of it. Viruses, malware, and sophisticated forms of cyberattacks have become a dangerous reality for critical infrastructure CPS. Lately, artificial intelligence (AI) technology has been extensively applied in the struggle against cyber threats in CPS. AI may improve system security by providing tools to quickly detect cyberthreats and automatically resolve them. Digitization of critical infrastructures (energy distribution networks, smart systems, oil and gas industry, water infrastructure, etc.) has increased their efficient management and at the same time, the number of cyber attackers on sensors, actuators, network and control equipment has also increased. Cyber security of critical objects can be ensured through AI. This article explores the theoretical foundations, application fields, and AI conceptual models. It analyzes the benefits and shortcomings of applying AI technologies to the security of the abovementioned systems. Mechanisms for detecting cyber threats in cyber-physical systems with the help of AI and predicting and preventing security threats are proposed.

Enhancing Security through Intelligent Threat Detection and Response: The Integration of Artificial Intelligence in Cyber-Physical Systems

Cyber-Physical Systems (CPS) play a crucial role in critical industries such as manufacturing, transportation, energy, and healthcare by integrating the physical and digital worlds. However, the complexity and interconnectivity of CPS with the global network increase their vulnerability to cyber-attacks. This research explores the benefits of implementing artificial intelligence (AI) in the context of cyber-physical systems (CPS) to detect and respond to security threats. This study uses machine learning and deep learning techniques to analyze sensor data and system threats. The data analysis methods encompass predictive modeling and evaluating AI algorithms' performance in detecting threats. The research data is obtained from relevant literature reviews and secondary data analysis. The research findings indicate that integrating AI in CPS can enhance the success rate of threat detection, prompt response, and accuracy in threat identification. By enabling the system to learn from previous experiences, AI can reduce the number of false positives and false negatives while providing automated real-time responses to threats without human intervention. The research concludes that AI has great potential to enhance security in CPS by providing more efficient and effective solutions to address increasingly complex cyber threats. The findings of this study are expected to provide insights and recommendations that can be applied in developing CPS security systems in the future.

Insider threat detection in cyber-physical systems: a systematic literature review

The rapid expansion of cyber-physical systems (CPSs) has introduced new security challenges, leading to the emergence of various threats, attacks, and controls aimed at addressing security concerns in this evolving CPS landscape. However, a noticeable gap exists in the literature, particularly in the field of insider threat detection, which lacks a systematic review of CPS security. This study aims to comprehensively review and analyse relevant studies on insider threat detection in CPS. Employing a systematic protocol, we conducted an extensive search for pertinent articles across five prominent online databases: IEEE Xplore, Web of Science, Scopus, ACM, and ScienceDirect. The selection of these indices was based on their comprehensive coverage and the distinct relevance of their contents to our research topic. The results, guided by defined inclusion and exclusion criteria, yielded a final set of 69 included articles. Notably, 39.1 % of these articles focused on insider threat detection using specification-based methods, while 27.5 % addressed cryptography methods. Machine learning methods constituted 13.04 %, and the remaining 14.5 % included review and survey studies. Insider threats pose significant challenges in global cybersecurity, necessitating effective detection systems, methods, and tools for accurate and rapid identification. This study contributes distinct observations on the insider threat detection research topic in CPS, providing valuable insights for researchers and practitioners to expedite improvements and draw significant guidelines based on this comprehensive systematic review.

Mathematical Models for Cyber-Physical System Security: Securing Critical Infrastructure Through Control-Theoretic Approaches

Cyber-Physical Systems (CPS) is now an important part of modern vital infrastructure. They combine physical and digital parts to make things more efficient and automated. But as they get more connected and complicated, they become more vulnerable to different online risks, which make security much harder. In this situation, control-theoretic methods look like they could help protect CPS by using ideas from control theory to create strong and flexible defenses. The main focus of this work is on control-theoretic methods to mathematical models for CPS security. We talk about the special problems that come up with CPS security, like making sure that the system is reliable, private, honest, and accessible even when working conditions change and online risks change. We talk about how control theory can help solve these problems by giving us a way to model, analyze, and lower the security risks in CPS. First, we look at how feedback control theory can be used to improve CPS security. In this case, control methods are used to change system settings and reactions on the fly to protect against cyber attacks and keep the system working. We look at several types of control-based defenses, such as breach detection and reaction systems, anomaly detection, and adaptable access control, to show how they can improve CPS's security while keeping vital processes running as smoothly as possible. Next, we talk about how to use cryptography and control theory together to make sure that communication is safe and data is kept safe in CPS. By using cryptographic primitives in control algorithms, CPS can make sure that components can safely share information with each other and protect against threats like listening in, changing data, and playing back information. We look at the problems that uncertainty and system dynamics can cause in CPS security models and suggest probabilistic and robust control methods that can effectively deal with uncertain settings and bad behavior. Lastly, we show case studies and real-world uses of control-theoretic security methods in key infrastructure areas like healthcare, transportation, and energy. This shows how well they work in the real world. This paper talks about how control theory helps keep key infrastructure systems safe and points out areas where more study is needed to make these systems even safer and more reliable.

An analytical survey of cyber‐physical systems in water treatment and distribution: Security challenges, intrusion detection, and future directions

AbstractSince the inception of the Industrial 4.0 revolution, industrial cyber‐physical systems (CPSs) have become integral to critical infrastructures and industrial sectors, including water treatment and distribution systems. Integrating physical and digital worlds has made communication systems within these plants—comprising actuators, sensors, and controllers—vulnerable to advanced cyber‐attacks. Safeguarding the nation's critical infrastructure has thus attracted significant interest from both academia and industry. This article thoroughly examines water treatment and distribution CPSs, detailing their architectural design, devices, applications, and security standards. It analyzes various cyber‐attacks and explores CPS security vulnerabilities and their detection and mitigation techniques. Additionally, it reviews the trends in machine learning (ML) and deep learning (DL) intrusion detection system (IDS) solutions, highlighting their advantages and disadvantages. The article evaluates current datasets and testbeds, identifying some of the best‐performing IDS algorithms tested on each dataset compared to previous research, which could serve as benchmarks in this field. Finally, it proposes data augmentation techniques to generate comprehensive datasets, identifies research gaps, and suggests potential improvements to enhance IDS performance.

The Need of Testbeds for Cyberphysical System Security

The Need of Testbeds for Cyberphysical System Security

Almost sure detection of the presence of malicious components in cyber–physical systems

This article studies a fundamental problem of security of cyber–physical systems (CPSs): that of detecting, almost surely, the presence of malicious components in the CPS. We assume that some of the actuators may be malicious while all sensors are honest. We introduce a novel idea of separability of state trajectories generated by CPSs in two situations: those under the nominal no-attack situation and those under the influence of an attacker. We establish its connection to the security of CPSs, particularly in detecting the presence of malicious actuators (if any) in them. As primary contributions, we establish necessary and sufficient conditions for the aforementioned detection in CPSs modeled as Markov decision processes (MDPs). Moreover, we focus on the mechanism of perturbing the pre-determined control policies of the honest agents in CPSs modeled as stochastic linear systems, by injecting a certain class of random process called private excitation; sufficient conditions for detectability and non-detectability of the presence of malicious actuators, assuming that the policies are randomized history-dependent and randomized Markovian, are established. Several technical aspects of our results are discussed extensively.

CPSim: Simulation Toolbox for Security Problems in Cyber-Physical Systems

There are various applications of Cyber-Physical systems (CPSs) which are life-critical where failure or malfunction can result in significant harm to human life, the environment, or substantial economic loss. Therefore, it is important to ensure their reliability, security, and robustness to the attacks. However, there is no widely used toolbox to simulate CPS and target security problems, especially the simulation of sensor attacks and defense strategies against them. In this work, we introduce our toolbox CPSim, a user-friendly simulation toolbox for security problems in CPS. CPSim aims to simulate common sensor attacks and countermeasures to these sensor attacks. We have implemented bias attacks, delay attacks, and replay attacks. Additionally, we have implemented various recovery-based methods against sensor attacks. The sensor attacks and recovery methods configurations can be customized with the given APIs. CPSim has built-in numerical simulators and various implemented benchmarks. Moreover, CPSim is compatible with other external simulators and can be deployed on a real testbed for control purposes.

Enhanced collaborative intrusion detection for industrial cyber-physical systems using permissioned blockchain and decentralized federated learning networks

In the digital economy, the security of Cyber-Physical Systems (CPSs) is paramount. Despite the deployment of various Intrusion Detection Systems (IDSs) in industrial CPSs, the primary obstacles to the advanced research include class imbalance, privacy gap, model homogenization, and arbitrary aggregation. Thus, in this paper, a Permissioned Blockchain-enabled decentralized federated distillation Generative Adversarial Network (GAN), namely PB-fdGAN, is proposed for Collaborative IDSs (CIDSs) in industrial CPSs. The novel Local Differential Privacy (LDP)-external classifier GAN (ecGAN) addresses class imbalance and privacy concerns by integrating label conditions into the latent space and using Wasserstein distance for stability in semi-supervised learning. Additionally, a Decentralized Federated Distillation (DFD) scheme allows for collaborative model building without data exchange, enhancing privacy and diversity. Moreover, a Quality of Service (QoS)-consortium blockchain framework with a new QoS evaluation strategy ensures reliable and effective model aggregation. The experimental evaluation demonstrates the high effectiveness of PB-fdGAN in detecting various types of cyber threats and the superiorities over state-of-the-art IDS solutions.

Security Control of Cyber-Physical Systems under Cyber Attacks: A Survey.

Cyber-physical systems (CPSs), which combine computer science, control systems, and physical elements, have become essential in modern industrial and societal contexts. However, their extensive integration presents increasing security challenges, particularly due to recurring cyber attacks. Therefore, it is crucial to explore CPS security control. In this review, we systematically examine the prevalent cyber attacks affecting CPSs, such as denial of service, false data injection, and replay attacks, explaining their impacts on CPSs' operation and integrity, as well as summarizing classic attack detection methods. Regarding CPSs' security control approaches, we comprehensively outline protective strategies and technologies, including event-triggered control, switching control, predictive control, and optimal control. These approaches aim to effectively counter various cyber threats and strengthen CPSs' security and resilience. Lastly, we anticipate future advancements in CPS security control, envisioning strategies to address emerging cyber risks and innovations in intelligent security control techniques.

Can We Develop Holistic Approaches to Delivering Cyber-Physical Systems Security?

Can We Develop Holistic Approaches to Delivering Cyber-Physical Systems Security?