Security Analysis for Distributed IoT-Based Industrial Automation
Autor: | Zivana Jakovljevic, Vuk Lesi, Miroslav Pajic |
---|---|
Rok vydání: | 2022 |
Předmět: |
0209 industrial biotechnology
Security analysis Computer science business.industry Semantics (computer science) Distributed computing Control (management) Systems and Control (eess.SY) 02 engineering and technology Petri net Electrical Engineering and Systems Science - Systems and Control Automation Attack model 020901 industrial engineering & automation Control and Systems Engineering FOS: Electrical engineering electronic engineering information engineering Electrical and Electronic Engineering business Internet of Things Formal verification |
Zdroj: | IEEE Transactions on Automation Science and Engineering. 19:3093-3108 |
ISSN: | 1558-3783 1545-5955 |
DOI: | 10.1109/tase.2021.3106335 |
Popis: | With ever-expanding computation and communication capabilities of modern embedded platforms, Internet of Things (IoT) technologies enable development of Reconfigurable Manufacturing Systems---a new generation of highly modularized industrial equipment suitable for highly-customized manufacturing. Sequential control in these systems is largely based on discrete events, while their formal execution semantics is specified as Control Interpreted Petri Nets (CIPN). Despite industry-wide use of programming languages based on the CIPN formalism, formal verification of such control applications in the presence of adversarial activity is not supported. Consequently, in this paper we focus on security-aware modeling and verification challenges for CIPN-based sequential control applications. Specifically, we show how CIPN models of networked industrial IoT controllers can be transformed into Time Petri Net (TPN)-based models, and composed with plant and security-aware channel models in order to enable system-level verification of safety properties in the presence of network-based attacks. Additionally, we introduce realistic channel-specific attack models that capture adversarial behavior using nondeterminism. Moreover, we show how verification results can be utilized to introduce security patches and motivate design of attack detectors that improve overall system resiliency, and allow satisfaction of critical safety properties. Finally, we evaluate our framework on an industrial case study. |
Databáze: | OpenAIRE |
Externí odkaz: |