The Effect of Key Nodes on theMalware Dynamics in the Industrial Control Network

As industrialization and informatization becomemore deeply intertwined,industrial control networks have entered an era of intelligence.The connection between industrial control networks and the external internet is becoming increasingly close,which leads to frequent security accidents.This paper proposes a model for the industrial control network.It includes a malware containment strategy that integrates intrusion detection,quarantine,and monitoring.Basedonthismodel,the role of keynodes in the spreadofmalware is studied,a comparisonexperiment is conducted to validate the impact of the containment strategy.In addition,the dynamic behavior of the model is analyzed,the basic reproduction number is computed,and the disease-free and endemic equilibrium of the model is also obtained by the basic reproduction number.Moreover,through simulation experiments,the effectiveness of the containment strategy is validated,the influence of the relevant parameters is analyzed,and the containment strategy is optimized.In otherwords,selective immunity to key nodes can effectively suppress the spread ofmalware andmaintain the stability of industrial control systems.The earlier the immunization of key nodes,the better.Once the time exceeds the threshold,immunizing key nodes is almost ineffective.The analysis provides a better way to contain the malware in the industrial control network.

Critical Relation Path Aggregation-Based Industrial Control Component Exploitable Vulnerability Reasoning

With the growing discovery of exposed vulnerabilities in the Industrial Control Components(ICCs),identification of the exploitable ones is urgent for Industrial Control System(ICS)administrators to proactively forecast potential threats.However,it is not a trivial task due to the complexity of the multi-source heterogeneous data and the lack of automatic analysis methods.To address these challenges,we propose an exploitability reasoning method based on the ICC-Vulnerability Knowledge Graph(KG)in which relation paths contain abundant potential evidence to support the reasoning.The reasoning task in this work refers to determining whether a specific relation is valid between an attacker entity and a possible exploitable vulnerability entity with the help of a collective of the critical paths.The proposed method consists of three primary building blocks:KG construction,relation path representation,and query relation reasoning.A security-oriented ontology combines exploit modeling,which provides a guideline for the integration of the scattered knowledge while constructing the KG.We emphasize the role of the aggregation of the attention mechanism in representation learning and ultimate reasoning.In order to acquire a high-quality representation,the entity and relation embeddings take advantage of their local structure and related semantics.Some critical paths are assigned corresponding attentive weights and then they are aggregated for the determination of the query relation validity.In particular,similarity calculation is introduced into a critical path selection algorithm,which improves search and reasoning performance.Meanwhile,the proposed algorithm avoids redundant paths between the given pairs of entities.Experimental results show that the proposed method outperforms the state-of-the-art ones in the aspects of embedding quality and query relation reasoning accuracy.

Programmable Logic Controller Block Monitoring System for Memory Attack Defense in Industrial Control Systems

Cyberattacks targeting industrial control systems(ICS)are becoming more sophisticated and advanced than in the past.A programmable logic controller(PLC),a core component of ICS,controls and monitors sensors and actuators in the field.However,PLC has memory attack threats such as program injection and manipulation,which has long been a major target for attackers,and it is important to detect these attacks for ICS security.To detect PLC memory attacks,a security system is required to acquire and monitor PLC memory directly.In addition,the performance impact of the security system on the PLC makes it difficult to apply to the ICS.To address these challenges,this paper proposes a system to detect PLC memory attacks by continuously acquiring and monitoring PLC memory.The proposed system detects PLC memory attacks by acquiring the program blocks and block information directly from the same layer as the PLC and then comparing them in bytes with previous data.Experiments with Siemens S7-300 and S7-400 PLC were conducted to evaluate the PLC memory detection performance and performance impact on PLC.The experimental results demonstrate that the proposed system detects all malicious organization block(OB)injection and data block(DB)manipulation,and the increment of PLC cycle time,the impact on PLC performance,was less than 1 ms.The proposed system detects PLC memory attacks with a simpler detection method than earlier studies.Furthermore,the proposed system can be applied to ICS with a small performance impact on PLC.

Identifying Industrial Control Equipment Based on Rule Matching and Machine Learning

To identify industrial control equipment is often a key step in network mapping,categorizing network resources,and attack defense.For example,if vulnerable equipment or devices can be discovered in advance and the attack path canbe cut off,security threats canbe effectively avoided and the stable operationof the Internet canbe ensured.The existing rule-matching method for equipment identification has limitations such as relying on experience and low scalability.This paper proposes an industrial control device identification method based on PCA-Adaboost,which integrates rule matching and machine learning.We first build a rule base from network data collection and then use single andmulti-protocol rule-matchingmethods to identify the type of industrial control devices.Finally,we utilize PCA-Adaboost to identify unlabeled data.The experimental results show that the recognition rate of this method is better than that of the traditional Nmap device recognitionmethod and the device recognition accuracy rate reaches 99%.The evaluation effect of the test data set is significantly enhanced.

GRU-based Buzzer Ensemble for Abnormal Detection in Industrial Control Systems

Recently,Industrial Control Systems(ICSs)have been changing from a closed environment to an open environment because of the expansion of digital transformation,smart factories,and Industrial Internet of Things(IIoT).Since security accidents that occur in ICSs can cause national confusion and human casualties,research on detecting abnormalities by using normal operation data learning is being actively conducted.The single technique proposed by existing studies does not detect abnormalities well or provide satisfactory results.In this paper,we propose a GRU-based Buzzer Ensemble for AbnormalDetection(GBE-AD)model for detecting anomalies in industrial control systems to ensure rapid response and process availability.The newly proposed ensemble model of the buzzer method resolves False Negatives(FNs)by complementing the limited range that can be detected in a single model because of the internal models composing GBE-AD.Because the internal models remain suppressed for False Positives(FPs),GBE-AD provides better generalization.In addition,we generated mean prediction error data in GBE-AD and inferred abnormal processes using soft and hard clustering.We confirmed that the detection model’s Time-series Aware Precision(TaP)suppressed FPs at 97.67%.The final performance was 94.04%in an experiment using anHIL-basedAugmented ICS(HAI)Security Dataset(ver.21.03)among public datasets.

An Intelligent Approach for Intrusion Detection in Industrial Control System

Supervisory control and data acquisition(SCADA)systems are computer systems that gather and analyze real-time data,distributed control systems are specially designed automated control system that consists of geographically distributed control elements,and other smaller control systems such as programmable logic controllers are industrial solid-state computers that monitor inputs and outputs and make logic-based decisions.In recent years,there has been a lot of focus on the security of industrial control systems.Due to the advancement in information technologies,the risk of cyberattacks on industrial control system has been drastically increased.Because they are so inextricably tied to human life,any damage to them might have devastating consequences.To provide an efficient solution to such problems,this paper proposes a new approach to intrusion detection.First,the important features in the dataset are determined by the difference between the distribution of unlabeled and positive data which is deployed for the learning process.Then,a prior estimation of the class is proposed based on a support vector machine.Simulation results show that the proposed approach has better anomaly detection performance than existing algorithms.

Information Security Evaluation of Industrial Control Systems Using Probabilistic Linguistic MCDM Method

Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.

Fault Detection for Motor Drive Control System of Industrial Robots Using CNN-LSTM-based Observers

The complex working conditions and nonlinear characteristics of the motor drive control system of industrial robots make it difficult to detect faults.In this paper,a deep learning-based observer,which combines the convolutional neural network(CNN)and the long short-term memory network(LSTM),is employed to approximate the nonlinear driving control system.CNN layers are introduced to extract dynamic features of the data,whereas LSTM layers perform time-sequential prediction of the target system.In terms of application,normal samples are fed into the observer to build an offline prediction model for the target system.The trained CNN-LSTM-based observer is then deployed along with the target system to estimate the system outputs.Online fault detection can be realized by analyzing the residuals.Finally,an application of the proposed fault detection method to a brushless DC motor drive system is given to verify the effectiveness of the proposed scheme.Simulation results indicate the impressive fault detection capability of the presented method for driving control systems of industrial robots.

Filter-based iterative learning control for linear large-scale industrial processes

In the procedure of the steady-state hierarchical optimization with feedback for large-scale industrial processes, a sequence of set-point changes with different magnitudes is carried out on the optimization layer. To improve the dynamic performance of transient response driven by the set-point changes, a filter-based iterative learning control strategy is proposed. In the proposed updating law, a local-symmetric-integral operator is adopted for eliminating the measurement noise of output information,a set of desired trajectories are specified according to the set-point changes sequence, the current control input is iteratively achieved by utilizing smoothed output error to modify its control input at previous iteration, to which the amplified coefficients related to the different magnitudes of set-point changes are introduced. The convergence of the algorithm is conducted by incorporating frequency-domain technique into time-domain analysis. Numerical simulation demonstrates the effectiveness of the proposed strategy,

Adaptive Power Control for mutual Interference Avoidance in Industrial Internet-of-Things

With the vigorous development of the Internet of Things and 5G technology, such as machine-to-machine and device-todevice, all kinds of data transmission including environmental monitoring and equipment control strengthens the key role of wireless sensor networks in the large-scale wireless communication system. However, especially in the complex industrial wireless applications, the low utilization efficiency of the limited wireless radio resource enhances the coexistence problem between heterogeneous networks. In this paper, from the severe mutual interference point of view, a mathematical model regarding cumulative interferences in the industrial wireless sensor networks is described. Then, from the perspective of mutual interference avoidance, an adaptive power control scheme is proposed in order to handle the normal communication needs on both the primary link and the secondary link. At last, nonlinear programming is taken to solve the corresponding optimization problem. Some typical analyses are given to verify the effectiveness of the proposed scheme on optimizing the tradeoff between the system throughput and energy consumption. Especially, the energy-efficiency of the novel scheme for Industrial Internet of Things is also analysed. Results show that the proposed power control is efficient. The throughput could be enhanced and the energy consumption could be reduced with the guarantee of mutual interference avoidance.

Anomaly Detection for Industrial Internet of Things Cyberattacks

The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational andfinancial harm to organizations.To preserve the confidentiality,integrity,and availability of IIoT networks,an anomaly-based intrusion detection system(IDS)can be used to provide secure,reliable,and efficient IIoT ecosystems.In this paper,we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks.The proposed anomaly-based IDS is divided into three phases:pre-processing,feature selection,and classification.In the pre-processing phase,data cleaning and nor-malization are performed.In the feature selection phase,the candidates’feature vectors are computed using two feature reduction techniques,minimum redun-dancy maximum relevance and neighborhood components analysis.For thefinal step,the modeling phase,the following classifiers are used to perform the classi-fication:support vector machine,decision tree,k-nearest neighbors,and linear discriminant analysis.The proposed work uses a new data-driven IIoT data set called X-IIoTID.The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%,a sensitivity rate of 99.59%,a specificity rate of 99.58%,and a low false positive rate of 0.4%.

Haze Control by Industrialization:A Win-win Mode of Ecological Civilization and Economic Development

Haze control is a difficult and arduous battle,and it is a major decision concerning the people's livelihood and national ecological civilization construction.Taking Heilongjiang Province as an example,this paper introduced a new idea for haze control.Haze in Heilongjiang Province was mainly resulted from straw burning.Market-oriented,large-scale,and industrialized haze control relying on science and technology is new opportunity and challenge for realizing ecological civilization and revitalizing the economy of Heilongjiang Province.

Impact of environmental regulations on the efficient control of industrial pollution in China

The continuous progress of industrialization is a fundamental cause of China’s increasingly severe environmental pollution problem.Improving the efficiency of industrial pollution control is an inevitable choice to effectively decrease pollution emissions,thus winning the battle of pollution prevention and control.In this paper,we used the stochastic frontier analysis(SFA)model to measure the provincial efficiency of industrial pollution control based on the input and output data of industrial pollution control of 29 administrative provinces in China from 2000 to 2017.On this basis,a spatial econometric model was used to explore the influence of environmental regulation intensity on the efficiency of industrial pollution control.In addition,the spatial spillover effect of pollution reduction was thoroughly examined.The results show that:(1)The efficiency of industrial pollution control in China has improved year by year,but the overall efficiency is still low,with the average value increasing from 0.165 in 2000 to 0.309 in 2017.Furthermore,there is significant regional heterogeneity with the highest efficiency level in the east and lowest efficiency level in the west.(2)By increasing the financial and material input,the efficiency of industrial pollution control has increased.However,the increase of human input has not been so helpful.(3)The global Moran’s I index is significantly greater than zero,indicating a strong spatial correlation and agglomeration in the efficiency of industrial pollution control,which is reflected in high-high agglomeration in the eastern region and low-low agglomeration in the western region.(4)Stringent environmental regulation has a positive effect on improving the efficiency of industrial pollution control.It also imposes a positive spatial spillover effect,indicating a strategic interaction and coordination of regional pollution control.In line with this,related proposals have been made to optimize the investment structure for environmental pollution control,establish a flow mechanism for the factor market,and strengthen the environmental responsibility awareness of state-owned enterprises.On this basis,we expect to provide a policy for improving the efficiency of industrial pollution control and promoting regional joint pollution control in China.

A Hybrid System Approach for High Consumption Industrial Furnace Control

In this paper we describe a hybrid system approach for high consumption industrial furnace control. The problem is observed in systematic way starting from the need for modeling this system as hybrid. For description of this behavior we use the Hybrid System Description Language. After that, we design an optimal controller for the furnace and we simulate and compare the controller with other relevant predictive controllers. We have shown that using the hybrid approach for control of industrial furnaces leads to significant improvement of the control system performances.

Review of PLC Security Issues in Industrial Control System

Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet,and thus raising security concerns.First of all,we introduce the basic principle of PLC in this paper.Then we analyze the PLC code security,firmware security,network security,virus vulnerability and Modbus communication protocol by reviewing the previous related work.Finally,we make a summary of the current security protection methods.

Data Driven Vibration Control:A

With the ongoing advancements in sensor networks and data acquisition technologies across various systems like manufacturing,aviation,and healthcare,the data driven vibration control(DDVC)has attracted broad interests from both the industrial and academic communities.Input shaping(IS),as a simple and effective feedforward method,is greatly demanded in DDVC methods.It convolves the desired input command with impulse sequence without requiring parametric dynamics and the closed-loop system structure,thereby suppressing the residual vibration separately.Based on a thorough investigation into the state-of-the-art DDVC methods,this survey has made the following efforts:1)Introducing the IS theory and typical input shapers;2)Categorizing recent progress of DDVC methods;3)Summarizing commonly adopted metrics for DDVC;and 4)Discussing the engineering applications and future trends of DDVC.By doing so,this study provides a systematic and comprehensive overview of existing DDVC methods from designing to optimizing perspectives,aiming at promoting future research regarding this emerging and vital issue.

Design and Implementation of Embedded Web Server in Industrial Control Systems

In the traditional project of industry control, the field operator is the only man who watches production condition at the production spot. Enterprise administers cannot obtain real-time production status and make real-time decision if they don’t reach the production spot. Because of the development of Embedded Web Server such status is being changed. The remote monitor and control mode based on Embedded Web Server provides complete exact real-time information for managers, and makes it possible to make a decision in real time. In the paper, the design and implements of Embedded Web Server are presented and the key realization technology of it is described in detail. EWS (Embedded Web Server) will effectively lower system operating cost and improve maintaining efficiency, which has wide application prospect and popularization value in industrial control systems.

Energy Efficiency Improvement of an Industrial Crystallization Process Using Linearizing Control

This paper illustrates the benefits of a multivariable linearizing control approach applied to an industrial crystallization process. This relevant approach is declined according to two different strategies: first, a setpoint tracking is proposed for the couple crystal mass/concentration, whereas a second way consists in tracking of crystal content and concentration. The controlled variables, unavailable online, are issued from an observer developed in previous works. The performance of these strategies, which application to cane sugar crystallization constitutes a real novelty, are compared with experimental data issued from a PID-controlled industrial plant. The results reveal a significant improvement of energy efficiency, leading to an economy of more than 10% of energy.

Internet of Things Enabled Intelligent Energy Management and Control System for Heavy Equipment Industrial Park and Fuzzy Assessment of Its Schemes

In order to solve the problems of poor informationflow,low energy utilization rate and energy consumption data reuse in the heavy equipment industrial park,the Internet of Things(IoT)technology is applied to construct the intelligent energy management and control system(IEMCS).The application architecture and function module planning are analyzed and designed.Furthermore,the IEMCS scheme is not unique due to the fuzziness of customer demand and the understanding deviation of designer to customer demand in the design stage.Scheme assessment is of great significance for the normal subsequent implementation of the system.A fuzzy assessment method for IEMCS scheme alternatives is proposed to achieve scheme selection.Fuzzy group decision using triangular fuzzy number to express the vague assessment of experts is adopted to determine the index value.TOPSIS is modified by replacing Euclidean distance with contact vector distance in IEMCS scheme alternative assessment.An experiment with eight IEMCS scheme alternatives in a heavy equipment industrial park is given for the validation.The experiment result shows that eight IEMCS scheme alternatives can be assessed.Through the comparisons with other methods,the reliability of the results obtained by the proposed method is discussed.

Wireless Fault-Tolerant Controllers in Cascaded Industrial Workcells Using Wi-Fi and Ethernet

A Wireless Networked Control System using 802.11b is used to model fault-tolerance at the controller level of an industrial workcell. The fault-tolerance study in this paper presents the cascading of two independent workcells where each controller must be able to handle the load of both cells in case of failure of the other one. The intercommunication is completely wireless between the cells and this feature is investigated. The model incorporates unmodified 802.11b and 802.11g for communication. Sensors send sampled data to both controllers and the controllers to exchange a watchdog. The fault-free and faulty models are both simulated using OPNET Network Modeler. External interference on the critical intercommunication link is also investigated. Results of simulations are presented based on a 95% confidence analysis, guaranteeing correct system performance.