Cloud Control System Architectures,Technologies and Applications on Intelligent and Connected Vehicles:a Review

The electrification of vehicle helps to improve its operation efficiency and safety.Due to fast development of network,sensors,as well as computing technology,it becomes realizable to have vehicles driving autonomously.To achieve autonomous driving,several steps,including environment perception,path-planning,and dynamic control,need to be done.However,vehicles equipped with on-board sensors still have limitations in acquiring necessary environmental data for optimal driving decisions.Intelligent and connected vehicles(ICV)cloud control system(CCS)has been introduced as a new concept as it is a potentially synthetic solution for high level automated driving to improve safety and optimize traffic flow in intelligent transportation.This paper systematically investigated the concept of cloud control system from cloud related applications on ICVs,and cloud control system architecture design,as well as its core technologies development.Based on the analysis,the challenges and suggestions on cloud control system development have been addressed.

Predictive cruise control for heavy trucks based on slope information under cloud control system

With the advantage of fast calculation and map resources on cloud control system(CCS), cloud-based predictive cruise control(CPCC) for heavy trucks has great potential to improve energy efficiency, which is significant to achieve the goal of national carbon neutrality. However, most investigations focus on the on-board predictive cruise control(PCC) system,lack of research on CPCC architecture under CCS. Besides, the current PCC algorithms have the problems of a single control target and high computational complexity, which hinders the improvement of the control effect. In this paper, a layered architecture based on CCS is proposed to effectively address the realtime computing of CPCC system and the deployment of its algorithm on vehicle-cloud. In addition, based on the dynamic programming principle and the proposed road point segmentation method(RPSM), a PCC algorithm is designed to optimize the speed and gear of heavy trucks with slope information. Simulation results show that the CPCC system can adaptively control vehicle driving through the slope prediction, with fuel-saving rate of 6.17% in comparison with the constant cruise control. Also,compared with other similar algorithms, the PCC algorithm can make the engine operate more in the efficient zone by cooperatively optimizing the gear and speed. Moreover, the RPSM algorithm can reconfigure the road in advance, with a 91% roadpoint reduction rate, significantly reducing algorithm complexity.Therefore, this study has essential research significance for the economic driving of heavy trucks and the promotion of the CPCC system.

A semantic-centered cloud control framework for autonomous unmanned system

Rich semantic information in natural language increases team efficiency in human collaboration, reduces dependence on high precision data information, and improves adaptability to dynamic environment. We propose a semantic centered cloud control framework for cooperative multi-unmanned ground vehicle(UGV) system. Firstly, semantic modeling of task and environment is implemented by ontology to build a unified conceptual architecture, and secondly, a scene semantic information extraction method combining deep learning and semantic web rule language(SWRL) rules is used to realize the scene understanding and task-level cloud task cooperation. Finally, simulation results show that the framework is a feasible way to enable autonomous unmanned systems to conduct cooperative tasks.

Design and implementation of data-driven predictive cloud control system

The rapid increase of the scale and the complexity of the controlled plants bring new challenges such as computing power and storage for conventional control systems.Cloud computing is concerned as a powerful solution to handle complex large-scale control missions by using sufficient computing resources.However,the computing ability enables more complex devices and more data to be involved and most of the data have not been fully utilized.Meanwhile,it is even impossible to obtain an accurate model of each device in the complex control systems for the model-based control algorithms.Therefore,motivated by the above reasons,we propose a data-driven predictive cloud control system.To achieve the proposed system,a practical data-driven predictive cloud control testbed is established and together a cloud-edge communication scheme is developed.Finally,the simulations and experiments demonstrate the effectiveness of the proposed system.

Stochastic stabilization of Markovian jump cloud control systems based on max-plus algebra

In this paper, stochastic stabilization is investigated by max-plus algebra for a Markovian jump cloud control system with a reference signal. For the Markovian jump cloud control system, there exists framework adjustment whose evolution is satisfied with a Markov chain. Using max-plus algebra, a maxplus stochastic system is used to describe the Markovian jump cloud control system. A causal feedback matrix is obtained by exponential stability analysis for a causal feedback controller of the Markovian jump cloud control system. A sufficient condition is given to ensure existence on the causal feedback matrix of the causal feedback controller. Based on the causal feedback controller, stochastic stabilization in probability is analyzed for the Markovian jump cloud control system with a reference signal.Simulation results are given to show effectiveness of the causal feedback controller for the Markovian jump cloud control system.

Distributed point-to-point routing method for tasks in cloud control systems

With the rapid development of cloud computing and control theory, a new paradigm of networked control systems called cloud control systems is proposed to meet the requirements of large-scale and complex applications. Currently, cloud control systems are mainly built by using a centralized architecture. The centralized system is overly dependent on the central control plane and has huge challenges in large-scale heterogeneous node systems. In this paper, we propose a decentralized approach to establish cloud control systems by proposing a distributed point-to-point task routing method. A considerable number of tasks in the system will not rely on the central plane and will be directly routed to the target devices through the pointto-point routing method, which improves the horizontal scalability of the cloud control system. The point-to-point routing method directly gives a unique address to every task, making inter-task communication more efficient in a complex heterogeneous and busy cloud control systems. Finally, we experimentally demonstrate that the distributed point-to-point task routing approach is compatible against the state-of-the-art central systems in large-scale task situations.

Cloud Control Systems

The concept of cloud control systems is discussed in this paper, which is an extension of networked control systems (NCSs). With the development of internet of things (IOT), the technology of NCSs has played a key role in IOT. At the same time, cloud computing is developed rapidly, which provides a perfect platform for big data processing, controller design and performance assessment. The research on cloud control systems will give new contribution to the control theory and applications in the near future. © 2014 Chinese Association of Automation.

A Review and Outlook on Predictive Cruise Control of Vehicles and Typical Applications Under Cloud Control System

With the application of mobile communication technology in the automotive industry,intelligent connected vehicles equipped with communication and sensing devices have been rapidly promoted.The road and traffic information perceived by intelligent vehicles has important potential application value,especially for improving the energy-saving and safe-driving of vehicles as well as the efficient operation of traffic.Therefore,a type of vehicle control technology called predictive cruise control(PCC)has become a hot research topic.It fully taps the perceived or predicted environmental information to carry out predictive cruise control of vehicles and improves the comprehensive performance of the vehicle-road system.Most existing reviews focus on the economical driving of vehicles,but few scholars have conducted a comprehensive survey of PCC from theory to the status quo.In this paper,the methods and advances of PCC technologies are reviewed comprehensively by investigating the global literature,and typical applications under a cloud control system(CCS)are proposed.Firstly,the methodology of PCC is generally introduced.Then according to typical scenarios,the PCC-related research is deeply surveyed,including freeway and urban traffic scenarios involving traditional vehicles,new energy vehicles,intelligent vehicles,and multi-vehicle platoons.Finally,the general architecture and three typical applications of the cloud control system(CCS)on PCC are briefly introduced,and the prospect and future trends of PCC are proposed.

Secure design for cloud control system against distributed denial of service attack

Nowadays, the development of cloud computing has given power to the resource-constrained network control system （NCS） to out-source heavy computations to the cloud server. However, the development of Cloud Computing produced many security challenges regarding the cyber-physical connection between the cloud and control system. The connection between the control system and cloud server can be subjected to distributed denial of service （DDoS） attack by an attacker to destabilize the NCS. In this paper, we will address this issue by building a secure mechanism for such systems. We will design a detection approach and a mitigation approach for better stable performance of NCS. To ensure the stability of NCS at the time of DDoS attack, we will also design a switching mechanism （SM） for cloud control system （CCS） when there are no more real time solutions available from the cloud. Finally, we will apply the proposed mechanism to an unmanned arial vehicle （UAV）. Our simulation results show that the mechanism works well in stability and protection of NCS under DDoS attack.

Attribute-Based Access Control Scheme with Efficient Revocation in Cloud Computing

Attribute-based encryption(ABE) supports the fine-grained sharing of encrypted data.In some common designs,attributes are managed by an attribute authority that is supposed to be fully trustworthy.This concept implies that the attribute authority can access all encrypted data,which is known as the key escrow problem.In addition,because all access privileges are defined over a single attribute universe and attributes are shared among multiple data users,the revocation of users is inefficient for the existing ABE scheme.In this paper,we propose a novel scheme that solves the key escrow problem and supports efficient user revocation.First,an access controller is introduced into the existing scheme,and then,secret keys are generated corporately by the attribute authority and access controller.Second,an efficient user revocation mechanism is achieved using a version key that supports forward and backward security.The analysis proves that our scheme is secure and efficient in user authorization and revocation.

Access Control Policy Analysis and Access Denial Method for Cloud Services

Personal cloud computing is an emerging trend in the computer industry. For a sustainable service, cloud computing services must control user access. The essential business characteristics of cloud computing are payment status and service level agreement. This work proposes a novel access control method for personal cloud service business. The proposed method sets metadata, policy analysis rules, and access denying rules. Metadata define the structure of access control policies and user requirements for cloud services. The policy analysis rules are used to compare conflicts and redundancies between access control policies. The access denying rules apply policies for inhibiting inappropriate access. The ontology is a theoretical foundation of this method. In this work, ontologies for payment status, access permission, service level, and the cloud provide semantic information needed to execute rules. A scenario of personal data backup cloud service is also provided in this work. This work potentially provides cloud service providers with a convenient method of controlling user access according to changeable business and marketing strategies.

Control Framework for Secure Cloud Computing

Cloud computing is touted as the next big thing in the Information Technology (IT) industry, which is going to impact the businesses of any size and yet the security issue continues to pose a big threat on it. The security and privacy issues persisting in cloud computing have proved to be an obstacle for its widespread adoption. In this paper, we look at these issues from a business perspective and how they are damaging the reputation of big companies. There is a literature review on the existing issues in cloud computing and how they are being tackled by the Cloud Service Providers (CSP). We propose a governing body framework which aims at solving these issues by establishing relationship amongst the CSPs in which the data about possible threats can be generated based on the previous attacks on other CSPs. The Governing Body will be responsible for Data Center control, Policy control, legal control, user awareness, performance evaluation, solution architecture and providing motivation for the entities involved.

A Novel Stateful PCE-Cloud Based Control Architecture of Optical Networks for Cloud Services

The next-generation optical network is a service oriented network,which could be delivered by utilizing the generalized multiprotocol label switching(GMPLS) based control plane to realize lots of intelligent features such as rapid provisioning,automated protection and restoration(P&R),efficient resource allocation,and support for different quality of service(QoS) requirements.In this paper,we propose a novel stateful PCE-cloud(SPC)based architecture of GMPLS optical networks for cloud services.The cloud computing technologies(e.g.virtualization and parallel computing) are applied to the construction of SPC for improving the reliability and maximizing resource utilization.The functions of SPC and GMPLS based control plane are expanded according to the features of cloud services for different QoS requirements.The architecture and detailed description of the components of SPC are provided.Different potential cooperation relationships between public stateful PCE cloud(PSPC) and region stateful PCE cloud(RSPC) are investigated.Moreover,we present the policy-enabled and constraint-based routing scheme base on the cooperation of PSPC and RSPC.Simulation results for verifying the performance of routing and control plane reliability are analyzed.

RoBAC—A New Way of Access Control for Cloud

Access control has made a long way from 1960s. With the advent changes of technologies pertaining to location transparency in storage of data, there arises different access control scenarios. Cloud storage, the predominant storage that is being in use currently, also paves way to various access control problems. Though there are various access control mechanisms such as RBAC, ABAC, they are designed on the user’s perspective such as the role held by the user or other attributes assigned to the user. A new access control mechanism called object relationship based access control (RoBAC) has been developed based on the relations held among the users. The policy decision of access control is based on the relationship among the classes followed in the Java programming. Results have shown that this model best suits various scenarios in the cloud environment, and it also shows that the time for making decision either to allow or to deny is reduced compared to the existing system.

Service Security Architecture and Access Control Model for Cloud Computing

Security is a key problem for the development of Cloud Computing. A common service security architecture is a basic abstract to support security research work. The authorization ability in the service security faces more complex and variable users and environment. Based on the multidimensional views, the service security architecture is described on three dimensions of service security requirement integrating security attributes and service layers. An attribute-based dynamic access control model is presented to detail the relationships among subjects, objects, roles, attributes, context and extra factors further. The model uses dynamic control policies to support the multiple roles and flexible authority. At last, access control and policies execution mechanism were studied as the implementation suggestion.

Server-aided access control for cloud computing

With the massive diffusion of cloud computing, more and more sensitive data is being centralized into the cloud for sharing, which brings forth new challenges for the security and privacy of outsourced data. To address these challenges, the server-aided access control(SAAC) system was proposed. The SAAC system builds upon a variant of conditional proxy re-encryption(CPRE) named threshold conditional proxy re-encryption(TCPRE). In TCPRE, t out of n proxies can re-encrypt ciphertexts(satisfying some specified conditions) for the delegator(while up to t-1 proxies cannot), and the correctness of the re-encrypted ciphertexts can be publicly verified. Both features guarantee the trust and reliability on the proxies deployed in the SAAC system. The security models for TCPRE were formalized, several TCPRE constructions were proposed and that our final scheme was secure against chosen-ciphertext attacks was proved.

Privacy Protection Based Access Control Scheme in Cloud-Based Services

With the rapid development of computer technology, cloud-based services have become a hot topic. They not only provide users with convenience, but also bring many security issues, such as data sharing and privacy issue. In this paper, we present an access control system with privilege separation based on privacy protection(PS-ACS). In the PS-ACS scheme, we divide users into private domain(PRD) and public domain(PUD) logically. In PRD, to achieve read access permission and write access permission, we adopt the Key-Aggregate Encryption(KAE) and the Improved Attribute-based Signature(IABS) respectively. In PUD, we construct a new multi-authority ciphertext policy attribute-based encryption(CP-ABE) scheme with efficient decryption to avoid the issues of single point of failure and complicated key distribution, and design an efficient attribute revocation method for it. The analysis and simulation result show that our scheme is feasible and superior to protect users' privacy in cloud-based services.

Ensuring Security, Confidentiality and Fine-Grained Data Access Control of Cloud Data Storage Implementation Environment

With the development of cloud computing, the mutual understandability among distributed data access control has become an important issue in the security field of cloud computing. To ensure security, confidentiality and fine-grained data access control of Cloud Data Storage (CDS) environment, we proposed Multi-Agent System (MAS) architecture. This architecture consists of two agents: Cloud Service Provider Agent (CSPA) and Cloud Data Confidentiality Agent (CDConA). CSPA provides a graphical interface to the cloud user that facilitates the access to the services offered by the system. CDConA provides each cloud user by definition and enforcement expressive and flexible access structure as a logic formula over cloud data file attributes. This new access control is named as Formula-Based Cloud Data Access Control (FCDAC). Our proposed FCDAC based on MAS architecture consists of four layers: interface layer, existing access control layer, proposed FCDAC layer and CDS layer as well as four types of entities of Cloud Service Provider (CSP), cloud users, knowledge base and confidentiality policy roles. FCDAC, it’s an access policy determined by our MAS architecture, not by the CSPs. A prototype of our proposed FCDAC scheme is implemented using the Java Agent Development Framework Security (JADE-S). Our results in the practical scenario defined formally in this paper, show the Round Trip Time (RTT) for an agent to travel in our system and measured by the times required for an agent to travel around different number of cloud users before and after implementing FCDAC.

基于5G多接入边缘计算的云化PLC系统架构设计与应用

随着工业控制系统对柔性化、扁平化的要求不断提升,以PLC为构建基础的传统工业控制网络在大规模接入、算力提升和部署灵活性方面均受到限制.针对这些问题,融合5G网络和边缘计算技术,设计了基于5G多接入边缘计算的云化PLC系统架构,阐述了该架构的运行机制和所涉及的关键技术;在此基础上,进行PLC系统的云化部署和调试,实现了工业现场、企业数据中心、5G网络和边缘网络的集成;最后,通过在某汽车制造公司产线改造过程中的应用,验证了所提架构的有效性.

Cloud-Based Access Control to Preserve Privacy in Academic Web Application

Emerging cloud computing has introduced new platforms for developing enterprise academic web applications, where software, platforms and infrastructures are published to the globe as services. Software developers can build their systems by multiple invocations of these services. This research is devoted to investigating the management and data flow control over enterprise academic web applications where web services and developed academic web application are constructing infrastructure-networking scheme at the application level. Academic web services are invoked over http port and using REST based protocol;thus traditional access control method is not enough to control the follow of data using host and port information. The new cloud based access control rules proposed here are to be designed and implemented to work at this level. The new proposed access control architecture will be a web service gateway, and it published itself as a service (SaaS). We used three case studies to test our moodle and then we apply JSON parsers to perceive web service description file (WSDL file) and supply policies according to data are to be allowed or denied based on user roll through our parsing.