Security Analysis for Distributed IoT-Based Industrial Automation
Апстракт
Internet of Things (IoT) technologies enable development of reconfigurable manufacturing systems--a new generation of modularized industrial equipment suitable for highly customized manufacturing. Sequential control in these systems is largely based on discrete events, whereas their formal execution semantics is specified as control interpreted Petri nets (CIPN). Despite industry-wide use of programming languages based on the CIPN formalism, formal verification of such control applications in the presence of adversarial activity is not supported. Consequently, in this article, we introduce security-aware modeling and verification techniques for CIPN-based sequential control applications. Specifically, we show how CIPN models of networked industrial IoT controllers can be transformed into time Petri net (TPN)-based models and composed with plant and security-aware channel models in order to enable system-level verification of safety properties in the presence of network-based attacks. A...dditionally, we introduce realistic channel-specific attack models that capture adversarial behavior using nondeterminism. Moreover, we show how verification results can be utilized to introduce security patches and facilitate design of attack detectors that improve system resiliency and enable satisfaction of critical safety properties. Finally, we evaluate our framework on an industrial case study.
Кључне речи:
sequential control systems / Security / secure distributed automation / Safety / Petri nets / Petri nets (PNs) / nondeterministic analysis / Manufacturing / Industrial Internet of Things / Industrial Internet of Things (IIoT) / Automation / Analytical modelsИзвор:
IEEE Transactions on Automation Science and Engineering, 2022, 19, 4, 3093-3108Издавач:
- IEEE - Inst Electrical Electronics Engineers Inc, Piscataway
Финансирање / пројекти:
- Office of Naval Research (ONR) [N00014-17-1-2012, N00014-17-1-2504, N00014-20-1-2745]
- NSF grant [CNS-1652544]
- Science Fund of the Republic of Serbia [6523109, AI-MISSION 4.0
- Иновативни приступ у примени интелигентних технолошких система за производњу делова од лима заснован на еколошким принципима (RS-35004)
- Истраживање и развој метода моделирања и поступака израде денталних надокнада применом савремених технологија и рачунаром подржаних система (RS-35020)
DOI: 10.1109/TASE.2021.3106335
ISSN: 1545-5955
WoS: 000732195700001
Scopus: 2-s2.0-85114715729
Колекције
Институција/група
Mašinski fakultetTY - JOUR AU - Lesi, Vuk AU - Jakovljević, Živana AU - Pajić, Miroslav PY - 2022 UR - https://machinery.mas.bg.ac.rs/handle/123456789/101 AB - Internet of Things (IoT) technologies enable development of reconfigurable manufacturing systems--a new generation of modularized industrial equipment suitable for highly customized manufacturing. Sequential control in these systems is largely based on discrete events, whereas their formal execution semantics is specified as control interpreted Petri nets (CIPN). Despite industry-wide use of programming languages based on the CIPN formalism, formal verification of such control applications in the presence of adversarial activity is not supported. Consequently, in this article, we introduce security-aware modeling and verification techniques for CIPN-based sequential control applications. Specifically, we show how CIPN models of networked industrial IoT controllers can be transformed into time Petri net (TPN)-based models and composed with plant and security-aware channel models in order to enable system-level verification of safety properties in the presence of network-based attacks. Additionally, we introduce realistic channel-specific attack models that capture adversarial behavior using nondeterminism. Moreover, we show how verification results can be utilized to introduce security patches and facilitate design of attack detectors that improve system resiliency and enable satisfaction of critical safety properties. Finally, we evaluate our framework on an industrial case study. PB - IEEE - Inst Electrical Electronics Engineers Inc, Piscataway T2 - IEEE Transactions on Automation Science and Engineering T1 - Security Analysis for Distributed IoT-Based Industrial Automation EP - 3108 IS - 4 SP - 3093 VL - 19 DO - 10.1109/TASE.2021.3106335 ER -
@article{ author = "Lesi, Vuk and Jakovljević, Živana and Pajić, Miroslav", year = "2022", abstract = "Internet of Things (IoT) technologies enable development of reconfigurable manufacturing systems--a new generation of modularized industrial equipment suitable for highly customized manufacturing. Sequential control in these systems is largely based on discrete events, whereas their formal execution semantics is specified as control interpreted Petri nets (CIPN). Despite industry-wide use of programming languages based on the CIPN formalism, formal verification of such control applications in the presence of adversarial activity is not supported. Consequently, in this article, we introduce security-aware modeling and verification techniques for CIPN-based sequential control applications. Specifically, we show how CIPN models of networked industrial IoT controllers can be transformed into time Petri net (TPN)-based models and composed with plant and security-aware channel models in order to enable system-level verification of safety properties in the presence of network-based attacks. Additionally, we introduce realistic channel-specific attack models that capture adversarial behavior using nondeterminism. Moreover, we show how verification results can be utilized to introduce security patches and facilitate design of attack detectors that improve system resiliency and enable satisfaction of critical safety properties. Finally, we evaluate our framework on an industrial case study.", publisher = "IEEE - Inst Electrical Electronics Engineers Inc, Piscataway", journal = "IEEE Transactions on Automation Science and Engineering", title = "Security Analysis for Distributed IoT-Based Industrial Automation", pages = "3108-3093", number = "4", volume = "19", doi = "10.1109/TASE.2021.3106335" }
Lesi, V., Jakovljević, Ž.,& Pajić, M.. (2022). Security Analysis for Distributed IoT-Based Industrial Automation. in IEEE Transactions on Automation Science and Engineering IEEE - Inst Electrical Electronics Engineers Inc, Piscataway., 19(4), 3093-3108. https://doi.org/10.1109/TASE.2021.3106335
Lesi V, Jakovljević Ž, Pajić M. Security Analysis for Distributed IoT-Based Industrial Automation. in IEEE Transactions on Automation Science and Engineering. 2022;19(4):3093-3108. doi:10.1109/TASE.2021.3106335 .
Lesi, Vuk, Jakovljević, Živana, Pajić, Miroslav, "Security Analysis for Distributed IoT-Based Industrial Automation" in IEEE Transactions on Automation Science and Engineering, 19, no. 4 (2022):3093-3108, https://doi.org/10.1109/TASE.2021.3106335 . .