A Review on Security and Privacy Issues Pertaining to Cyber-Physical Systems in the Industry 5.0 Era

The advent of Industry 5.0 marks a transformative era where Cyber-Physical Systems(CPSs)seamlessly integrate physical processes with advanced digital technologies.However,as industries become increasingly interconnected and reliant on smart digital technologies,the intersection of physical and cyber domains introduces novel security considerations,endangering the entire industrial ecosystem.The transition towards a more cooperative setting,including humans and machines in Industry 5.0,together with the growing intricacy and interconnection of CPSs,presents distinct and diverse security and privacy challenges.In this regard,this study provides a comprehensive review of security and privacy concerns pertaining to CPSs in the context of Industry 5.0.The review commences by providing an outline of the role of CPSs in Industry 5.0 and then proceeds to conduct a thorough review of the different security risks associated with CPSs in the context of Industry 5.0.Afterward,the study also presents the privacy implications inherent in these systems,particularly in light of the massive data collection and processing required.In addition,the paper delineates potential avenues for future research and provides countermeasures to surmount these challenges.Overall,the study underscores the imperative of adopting comprehensive security and privacy strategies within the context of Industry 5.0.

Game theory in network security for digital twins in industry

To ensure the safe operation of industrial digital twins network and avoid the harm to the system caused by hacker invasion,a series of discussions on network security issues are carried out based on game theory.From the perspective of the life cycle of network vulnerabilities,mining and repairing vulnerabilities are analyzed by applying evolutionary game theory.The evolution process of knowledge sharing among white hats under various conditions is simulated,and a game model of the vulnerability patch cooperative development strategy among manufacturers is constructed.On this basis,the differential evolution is introduced into the update mechanism of the Wolf Colony Algorithm(WCA)to produce better replacement individuals with greater probability from the perspective of both attack and defense.Through the simulation experiment,it is found that the convergence speed of the probability(X)of white Hat 1 choosing the knowledge sharing policy is related to the probability(x0)of white Hat 2 choosing the knowledge sharing policy initially,and the probability(y0)of white hat 2 choosing the knowledge sharing policy initially.When y0?0.9,X converges rapidly in a relatively short time.When y0 is constant and x0 is small,the probability curve of the“cooperative development”strategy converges to 0.It is concluded that the higher the trust among the white hat members in the temporary team,the stronger their willingness to share knowledge,which is conducive to the mining of loopholes in the system.The greater the probability of a hacker attacking the vulnerability before it is fully disclosed,the lower the willingness of manufacturers to choose the"cooperative development"of vulnerability patches.Applying the improved wolf colonyco-evolution algorithm can obtain the equilibrium solution of the"attack and defense game model",and allocate the security protection resources according to the importance of nodes.This study can provide an effective solution to protect the network security for digital twins in the industry.

Exploration of Industrial Internet Security Technology and Application from the Perspective of Generative Artificial Intelligence

In recent years,artificial intelligence technology has developed rapidly around the world is widely used in various fields,and plays an important role.The integration of industrial Internet security with new technologies such as big models and generative artificial intelligence has become a hot research issue.In this regard,this paper briefly analyzes the industrial Internet security technology and application from the perspective of generative artificial intelligence,hoping to provide some valuable reference and reference for readers.

An Efficient and Provably Secure SM2 Key-Insulated Signature Scheme for Industrial Internet of Things

With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.

Machine Learning Empowered Security and Privacy Architecture for IoT Networks with the Integration of Blockchain

The Internet of Things(IoT)is growing rapidly and impacting almost every aspect of our lives,fromwearables and healthcare to security,traffic management,and fleet management systems.This has generated massive volumes of data and security,and data privacy risks are increasing with the advancement of technology and network connections.Traditional access control solutions are inadequate for establishing access control in IoT systems to provide data protection owing to their vulnerability to single-point OF failure.Additionally,conventional privacy preservation methods have high latency costs and overhead for resource-constrained devices.Previous machine learning approaches were also unable to detect denial-of-service(DoS)attacks.This study introduced a novel decentralized and secure framework for blockchain integration.To avoid single-point OF failure,an accredited access control scheme is incorporated,combining blockchain with local peers to record each transaction and verify the signature to access.Blockchain-based attribute-based cryptography is implemented to protect data storage privacy by generating threshold parameters,managing keys,and revoking users on the blockchain.An innovative contract-based DOS attack mitigation method is also incorporated to effectively validate devices with intelligent contracts as trusted or untrusted,preventing the server from becoming overwhelmed.The proposed framework effectively controls access,safeguards data privacy,and reduces the risk of cyberattacks.The results depict that the suggested framework outperforms the results in terms of accuracy,precision,sensitivity,recall,and F-measure at 96.9%,98.43%,98.8%,98.43%,and 98.4%,respectively.

A New Model for Network Security Situation Assessment of the Industrial Internet

To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First,this paper analyzes the influencing factors of the Industrial Internet and selects evaluation indicators that contain not only quantitative data but also qualitative knowledge.Second,the evaluation indicators are fused with expert knowledge and the ER algorithm.According to the fusion results,a network security situation assessment model of the Industrial Internet based on the ER and BRB method is established,and the projection covariance matrix adaptive evolution strategy(P-CMA-ES)is used to optimize the model parameters.This method can not only utilize semiquantitative information effectively but also use more uncertain information and prevent the problem of combinatorial explosion.Moreover,it solves the problem of the uncertainty of expert knowledge and overcomes the problem of low modeling accuracy caused by insufficient data.Finally,a network security situation assessment case of the Industrial Internet is analyzed to verify the effectiveness and superiority of the method.The research results showthat this method has strong applicability to the network security situation assessment of complex Industrial Internet systems.It can accurately reflect the actual network security situation of Industrial Internet systems and provide safe and reliable suggestions for network administrators to take timely countermeasures,thereby improving the risk monitoring and emergency response capabilities of the Industrial Internet.

Information Security Evaluation of Industrial Control Systems Using Probabilistic Linguistic MCDM Method

Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.

Development Status and Industrial Security Countermeasures of Maize Deep-processing Industry in Shandong Province--Based on the Actual Investigation in Five Cities and Counties of Shandong Province

Corn deep processing industry is an important follow-up industry for corn production and processing. Shandong has numerous largescale corn processing enterprises and is one of the fast-growing regions in China for deep processing of corn. The status of production and processing of corn in the major corn-producing areas of Shandong Province such as Dezhou,Liaocheng and Tai'an was investigated on the spot. It was found that the development of the corn industry in Shandong also has many problems,such as the mismatch between corn demand and production areas,the excessively small planting area of special corn and the poor communication between technology and demand,resulting in barriers in technology and raw materials in the production and processing links of corn and making it difficult to form a complete industrial chain system. According to the actual investigation,a highly efficient agricultural industry safety review mechanism was established based on the sound judgement of industrial safety to ensure the safety of the company's development,and at the same time,the interpretation and promotion of the strategy of going abroad was strengthened,so as to provide a full range of information services for corn processing enterprises and help to further develop and optimize the corn industry in Shandong.

Characteristic Insights on Industrial Cyber Security and Popular Defense Mechanisms

Due to the deep integration of information technology and operational technology,networked control systems are experiencing an increasing risk of international cyber attacks.In practice,industrial cyber security is a significant topic because current networked control systems are supporting various critical infrastructures to offer vital utility services.By comparing with traditional IT systems,this paper first analyzes the uncontrollable cyber threats and classified attack characteristics,and elaborates the intrinsic vulnerabilities in current networked control systems and novel security challenges in future Industrial Internet.After that,in order to overcome partial vulnerabilities,this paper presents a few representative security mechanisms which have been successfully applied in today’s industrial control systems,and these mechanisms originally improve traditional IT defense technologies from the perspective of industrial availability.Finally,several popular security viewpoints,adequately covering the needs of industrial network structures and service characteristics,are proposed to combine with burgeoning industrial information technologies.We target to provide some helpful security guidelines for both academia and industry,and hope that our insights can further promote in-depth development of industrial cyber security.

A Framework for Securing Saudi Arabian Hospital Industry: Vision-2030 Perspective

Recent transformation of Saudi Arabian healthcare sector into a reven-ue producing one has signaled several advancements in healthcare in the country.Transforming healthcare management into Smart hospital systems is one of them.Secure hospital management systems which are breach-proof only can be termed as effective smart hospital systems.Given the perspective of Saudi Vision-2030,many practitioners are trying to achieve a cost-effective hospital management sys-tem by using smart ideas.In this row,the proposed framework posits the main objectives for creating smart hospital management systems that can only be acknowledged by managing the security of healthcare data and medical practices.Further,the proposed framework will also be helpful in gaining satisfactory rev-enue from the healthcare sector by reducing the cost and time involved in mana-ging the smart hospital system.The framework is based on a hybrid approach of three key methods which include:employing the Internet of Medical Things(IoMT)and blockchain methodologies for maintaining the security and privacy of healthcare data and medical practices,and using big data analytics methodol-ogy for raising the funds and revenue by managing the bulk volume of healthcare data.Moreover,the framework will also be helpful for both the patients and the doctors,thus enabling the Kingdom of Saudi Arabia(KSA)to meet its goals of Vision-2030 by ensuring low cost,yet credible,healthcare services.

Wireless Sensor Security Issues on Data Link Layer:A Survey

A computer network can be defined as many computing devices connected via a communication medium like the internet.Computer network development has proposed how humans and devices communicate today.These networks have improved,facilitated,and made conventional forms of communication easier.However,it has also led to uptick in-network threats and assaults.In 2022,the global market for information technology is expected to reach$170.4 billion.However,in contrast,95%of cyber security threats globally are caused by human action.These networks may be utilized in several control systems,such as home-automation,chemical and physical assault detection,intrusion detection,and environmental monitoring.The proposed literature review presents a wide range of information on Wireless Social Networks(WSNs)and Internet of Things(IoT)frameworks.The aim is first to be aware of the existing issues(issues with traditional methods)and network attacks on WSN and IoT systems and how to defend them.The second is to review the novel work in the domain and find its limitations.The goal is to identify the area’s primary gray field or current research divide to enable others to address the range.Finally,we concluded that configuration.Message Rapid Spanning Tree Protocol(RSTP)messages have higher efficiency in network performance degradation than alternative Bridge Data Unit Protocol(BPDU)forms.The research divides our future research into solutions and newly developed techniques that can assist in completing the lacking component.In this research,we have selected articles from 2015 to 2021 to provide users with a comprehensive literature overview.

Review of PLC Security Issues in Industrial Control System

Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet,and thus raising security concerns.First of all,we introduce the basic principle of PLC in this paper.Then we analyze the PLC code security,firmware security,network security,virus vulnerability and Modbus communication protocol by reviewing the previous related work.Finally,we make a summary of the current security protection methods.

Security Guarantee of Agriculture Industry Based on the Improvement of Legal System of Peasant Specialized Cooperative

Current status of several management models of the agriculture industry is introduced,as well as its impacts on industrial security.The management models are mainly the enterprise-like operation model,"enterprise + peasant household" model,small-scale peasants' operation model,and peasant specialized cooperative model.Functions of peasant specialized cooperative in ensuring the security of agricultural industry are introduced,which are enhancing the industrial security by organization degree,promoting the industrial security by scale economy formed by cooperative organizations,fully utilizing the resources by the factor allocation capability,and ensuring the industrial security by industrial chain improvement.Development predicaments of the peasant specialized cooperative at present are analyzed,such as small scale,poor economic benefits,and non-standard operation.Analysis shows that institutional absence is the main reason causing these predicaments.And suggestions on improving the cooperatives system in the Law of the People's Republic of China on Peasants Specialized Cooperatives are put forward,in order to better ensure the security of agriculture

Security Policies for Web Service Invocation of Automotive Industry Chain Collaboration Platform

To meet the actual requirements of an automotive industry chain collaboration platform （AICCP）, this paper offers several simple but effective security policies based upon the traditional security mechanism of data transfer, including user ID verification with SOAP （simple object access protocol）, header, SOAP message encryption with SOAP extension and XML （extensible markup language） file encryption and decryption. Application of these policies to the AICCP for more than one year proves the effectiveness of the data exchange practice between the AICCP and enterprise Intranet.

The Necessity of Information Security in the Vulnerable Pharmaceutical Industry

The pharmaceutical industry produces billions of dollars in sales each year. The industry is evolving and relying on using technology more and more to conduct day-to-day business. The pharmaceutical industry generates enormous amounts of sensitive and private information such as medical records, employee information, financial data and research data. This makes the pharmaceutical industry vulnerable to cybercrime. The pharmaceutical industry has a big responsibility to stakeholders, patients, employees and customers all over the world to ensure this information is secure. It is imperative for organizations to budget adequate amounts of money and resources to have effective Information Security Management. Information Security Management is critical in the pharmaceutical industry and the alternative of not having it would be devastating to a pharmaceutical company. Cyber criminals can tarnish company reputations and the effects can take years to overcome. The main contributions of this paper will be to describe the concerns about the security of information in the pharmaceutical industry, provide examples of organizations that are victims of cybercrime, describe regulations in place to help reduce information security breaches and illustrate why information security is necessary in the pharmaceutical industry.

Security Risk Analysis Model for Identification and Resolution System of Industrial Internet

Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if the identification and resolution system is attacked.Moreover,it may become a threat to national security.Therefore,security plays an important role in identification and resolution system of the industrial Internet.In this paper,an innovative security risk analysis model is proposed for the first time,which can help control risks from the root at the initial stage of industrial Internet construction,provide guidance for related enterprises in the early design stage of identification and resolution system of the industrial Internet,and promote the healthy and sustainable development of the industrial identification and resolution system.

Security for Industrial Communication Systems

B. Remote Access to Stand-Alone Embedded Systems Industrial controllers, especially for power system and transportation applications, are often deployed as stand-alone systems in a geographically dispersed area. Maintenance and service costs of stand-alone embedded systems can be reduced when they can be

Security for Industrial Communication Systems

B. Network Architectures This section describes the main types of industrial and utility communication network topologies and protocols, in preparation for the discussion of specific security issues in the later sections. Communication networks for industrial automation are typically built in hierarchi-

Security for Industrial Communication Systems

D.Security on the Field Bus and Device Level As described in SectionⅢ-B,Fig.2,in- dustrial communication networks involve a number of levels.The lowest level\is closest to the application specific devices such as sensors,meters,and actuators.A large number of specialized and partly proprietary commu- nication systems,media,and protocols can be found on this level.Most were developed at a time when security issues were of lesser con- cern than today,and when no practical secu- rity measures were available.

Security for Industrial Communication Systems

E. Security of Embedded Systems for Industrial Control and Communication Industrial automation controllers are typically implemented on embedded computers. Such embedded systems have to cope with restrictions on cost, real-time performance, power consumption, and other constraints which are even more demanding than in large workstations. A reference discusses these aspects with the example of a thermostat con-