An official website of the United States government
Heterogeneous distributed systems, including the Internet of Things (IoT) or distributed cyber-physical systems (CPS), often su↵er a lack of interoperability and security, which hinders the wider deployment of such systems. Specifically, the di↵erent levels of security requirements and the heterogeneity in terms of communication models, for instance, point-to-point vs. publish-subscribe, are the example challenges of IoT and distributed CPS consisting of heterogeneous devices and applications. In this paper, we propose a working application programming interface (API) and runtime to enhance interoperability and security while addressing the challenges that stem from the heterogeneity in the IoT and distributed CPS. In our case study, we design and implement our application programming interface (API) design approach using opensource software, and with our working implementation, we evaluate the e↵ectiveness of our proposed approach. Our experimental results suggest that our approach can achieve both interoperability and security in the IoT and distributed CPS with a reasonably small overhead and better-managed software.
more »
« less
Semantic Localization for IoT
Euclidean geometry and Newtonian time with floating point numbers are common computational models of the physical world. However, to achieve the kind of cyber-physical collaboration that arises in the IoT, such a literal representation of space and time may not be the best choice. In this chapter we survey location models from robotics, the internet, cyber-physical systems, and philosophy. The diversity in these models is justified by differing application demands and conceptualizations of space (spatial ontologies). To facilitate interoperability of spatial knowledge across representations,we propose a logical frameworkwherein a spatial ontology is defined as a model-theoretic structure. The logic language induced from a collection of such structures may be used to formally describe location in the IoT via semantic localization. Space-aware IoT services gain advantages for privacy and interoperability when they are designed for the most abstract spatial-ontologies as possible.We finish the chapter with definitions for open ontologies and logical inference.
more »
« less
- Award ID(s):
- 1836601
- PAR ID:
- 10311565
- Editor(s):
- Pandey, R.
- Date Published:
- Journal Name:
- Semantic IoT: Theory and Applications, Studies in Computational Intelligence 941
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Cyber-physical systems are vulnerable to a variety of cyber, physical and cyber-physical attacks. The security of cyber-physical systems can be enhanced beyond what can be achieved through firewalls and trusted components by building trust from observed and/or expected behaviors. These behaviors can be encoded as invariants. Information flows that do not satisfy the invariants are used to identify and isolate malfunctioning devices and cyber intrusions. However, the distributed architectures of cyber-physical systems often contain multiple access points that are physically and/or digitally linked. Thus, invariants may be difficult to determine and/or computationally prohibitive to check in real time. Researchers have employed various methods for determining the invariants by analyzing the designs of and/or data generated by cyber-physical systems such as water treatment plants and electric power grids. This chapter compares the effectiveness of detecting attacks on a water treatment plant using design-centric invariants versus data-centric rules, the latter generated using a variety of data mining methods. The methods are compared based on the maximization of true positives and minimization of false positives.more » « less
-
Mitigating vulnerabilities in industrial control systems (ICSs) represents a highly complex task. ICSs may contain an abundance of device types, all with unique software and hardware components. Upon discovering vulnerabilities on ICS devices, cyber defenders must determine which mitigations to implement, and which mitigations can apply across multiple vulnerabilities. Cyber defenders need techniques to optimize mitigation selection. This exploratory research paper shows how ontologies, also known as linked-data models, can potentially be used to model ICS devices, vulnerabilities, and mitigations, as well as to identify mitigations that can remediate or mitigate multiple vulnerabilities. Ontologies can be used to reduce the complexity of a cyber defender’s role by allowing for insights to be drawn, especially in the ICS domain. Data are modelled from the Common Platform Enumeration (CPE), the National Vulnerability Database (NVD), standardized list of controls from the National Institute of Standards and Technology (NIST), and ICS Cyber Emergency Response Team (CERT) advisories. Semantic queries provide the techniques for mitigation prioritization. A case study is described for a selected programmable logic controller (PLC), its known vulnerabilities from the NVD, and recommended mitigations from ICS CERT. Overall, this research shows how ontologies can be used to link together existing data sources, to run queries over the linked data, and to allow for new insights to be drawn for mitigation selection.more » « less
-
Modern embedded and cyber-physical systems are ubiquitous. Many critical cyber-physical systems have real-time requirements (e.g., avionics, automobiles, power grids, manufacturing systems, industrial control systems, etc.). Recent developments and new functionality require real-time embedded devices to be connected to the Internet. This gives rise to the real-time Internet-of-things (RT-IoT) that promises a better user experience through stronger connectivity and efficient use of next-generation embedded devices. However, RT-IoT are also increasingly becoming targets for cyber-attacks, which is exacerbated by this increased connectivity. This paper gives an introduction to RT-IoT systems, an outlook of current approaches and possible research challenges towards secure RT-IoT frameworks.more » « less
-
With the introduction of Cyber-Physical Systems (CPS) and Internet of Things (IoT) technologies, the automation industry is undergoing significant changes, particularly in improving production efficiency and reducing maintenance costs. Industrial automation applications often need to transmit time- and safety-critical data to closely monitor and control industrial processes. Several Ethernet-based fieldbus solutions, such as PROFINET IRT, EtherNet/IP, and EtherCAT, are widely used to ensure real-time communications in industrial automation systems. These solutions, however, commonly incorporate additional mechanisms to provide latency guarantees, making their interoperability a grand challenge. The IEEE 802.1 Time-Sensitive Networking (TSN) task group was formed to enhance and optimize IEEE 802.1 network standards, particularly for Ethernet-based networks. These solutions can be evolved and adapted for cross-industry scenarios, such as large-scale distributed industrial plants requiring multiple industrial entities to work collaboratively. This paper provides a comprehensive review of current advances in TSN standards for industrial automation. It presents the state-of-the-art IEEE TSN standards and discusses the opportunities and challenges of integrating TSN into the automation industry. Some promising research directions are also highlighted for applying TSN technologies to industrial automation applications.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1007/978-3-030-64619-6_16
