An Efficient and Provably Secure SM2 Key-Insulated Signature Scheme for Industrial Internet of Things

With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.

A New Model for Network Security Situation Assessment of the Industrial Internet

To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First,this paper analyzes the influencing factors of the Industrial Internet and selects evaluation indicators that contain not only quantitative data but also qualitative knowledge.Second,the evaluation indicators are fused with expert knowledge and the ER algorithm.According to the fusion results,a network security situation assessment model of the Industrial Internet based on the ER and BRB method is established,and the projection covariance matrix adaptive evolution strategy(P-CMA-ES)is used to optimize the model parameters.This method can not only utilize semiquantitative information effectively but also use more uncertain information and prevent the problem of combinatorial explosion.Moreover,it solves the problem of the uncertainty of expert knowledge and overcomes the problem of low modeling accuracy caused by insufficient data.Finally,a network security situation assessment case of the Industrial Internet is analyzed to verify the effectiveness and superiority of the method.The research results showthat this method has strong applicability to the network security situation assessment of complex Industrial Internet systems.It can accurately reflect the actual network security situation of Industrial Internet systems and provide safe and reliable suggestions for network administrators to take timely countermeasures,thereby improving the risk monitoring and emergency response capabilities of the Industrial Internet.

Information Security Evaluation of Industrial Control Systems Using Probabilistic Linguistic MCDM Method

Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.

A Review on Security and Privacy Issues Pertaining to Cyber-Physical Systems in the Industry 5.0 Era

The advent of Industry 5.0 marks a transformative era where Cyber-Physical Systems(CPSs)seamlessly integrate physical processes with advanced digital technologies.However,as industries become increasingly interconnected and reliant on smart digital technologies,the intersection of physical and cyber domains introduces novel security considerations,endangering the entire industrial ecosystem.The transition towards a more cooperative setting,including humans and machines in Industry 5.0,together with the growing intricacy and interconnection of CPSs,presents distinct and diverse security and privacy challenges.In this regard,this study provides a comprehensive review of security and privacy concerns pertaining to CPSs in the context of Industry 5.0.The review commences by providing an outline of the role of CPSs in Industry 5.0 and then proceeds to conduct a thorough review of the different security risks associated with CPSs in the context of Industry 5.0.Afterward,the study also presents the privacy implications inherent in these systems,particularly in light of the massive data collection and processing required.In addition,the paper delineates potential avenues for future research and provides countermeasures to surmount these challenges.Overall,the study underscores the imperative of adopting comprehensive security and privacy strategies within the context of Industry 5.0.

Game theory in network security for digital twins in industry

To ensure the safe operation of industrial digital twins network and avoid the harm to the system caused by hacker invasion,a series of discussions on network security issues are carried out based on game theory.From the perspective of the life cycle of network vulnerabilities,mining and repairing vulnerabilities are analyzed by applying evolutionary game theory.The evolution process of knowledge sharing among white hats under various conditions is simulated,and a game model of the vulnerability patch cooperative development strategy among manufacturers is constructed.On this basis,the differential evolution is introduced into the update mechanism of the Wolf Colony Algorithm(WCA)to produce better replacement individuals with greater probability from the perspective of both attack and defense.Through the simulation experiment,it is found that the convergence speed of the probability(X)of white Hat 1 choosing the knowledge sharing policy is related to the probability(x0)of white Hat 2 choosing the knowledge sharing policy initially,and the probability(y0)of white hat 2 choosing the knowledge sharing policy initially.When y0?0.9,X converges rapidly in a relatively short time.When y0 is constant and x0 is small,the probability curve of the“cooperative development”strategy converges to 0.It is concluded that the higher the trust among the white hat members in the temporary team,the stronger their willingness to share knowledge,which is conducive to the mining of loopholes in the system.The greater the probability of a hacker attacking the vulnerability before it is fully disclosed,the lower the willingness of manufacturers to choose the"cooperative development"of vulnerability patches.Applying the improved wolf colonyco-evolution algorithm can obtain the equilibrium solution of the"attack and defense game model",and allocate the security protection resources according to the importance of nodes.This study can provide an effective solution to protect the network security for digital twins in the industry.

Advancing Autoencoder Architectures for Enhanced Anomaly Detection in Multivariate Industrial Time Series

In the context of rapid digitization in industrial environments,how effective are advanced unsupervised learning models,particularly hybrid autoencoder models,at detecting anomalies in industrial control system(ICS)datasets?This study is crucial because it addresses the challenge of identifying rare and complex anomalous patterns in the vast amounts of time series data generated by Internet of Things(IoT)devices,which can significantly improve the reliability and safety of these systems.In this paper,we propose a hybrid autoencoder model,called ConvBiLSTMAE,which combines convolutional neural network(CNN)and bidirectional long short-term memory(BiLSTM)to more effectively train complex temporal data patterns in anomaly detection.On the hardware-in-the-loopbased extended industrial control system dataset,the ConvBiLSTM-AE model demonstrated remarkable anomaly detection performance,achieving F1 scores of 0.78 and 0.41 for the first and second datasets,respectively.The results suggest that hybrid autoencoder models are not only viable,but potentially superior alternatives for unsupervised anomaly detection in complex industrial systems,offering a promising approach to improving their reliability and safety.

Machine Learning Empowered Security and Privacy Architecture for IoT Networks with the Integration of Blockchain

The Internet of Things(IoT)is growing rapidly and impacting almost every aspect of our lives,fromwearables and healthcare to security,traffic management,and fleet management systems.This has generated massive volumes of data and security,and data privacy risks are increasing with the advancement of technology and network connections.Traditional access control solutions are inadequate for establishing access control in IoT systems to provide data protection owing to their vulnerability to single-point OF failure.Additionally,conventional privacy preservation methods have high latency costs and overhead for resource-constrained devices.Previous machine learning approaches were also unable to detect denial-of-service(DoS)attacks.This study introduced a novel decentralized and secure framework for blockchain integration.To avoid single-point OF failure,an accredited access control scheme is incorporated,combining blockchain with local peers to record each transaction and verify the signature to access.Blockchain-based attribute-based cryptography is implemented to protect data storage privacy by generating threshold parameters,managing keys,and revoking users on the blockchain.An innovative contract-based DOS attack mitigation method is also incorporated to effectively validate devices with intelligent contracts as trusted or untrusted,preventing the server from becoming overwhelmed.The proposed framework effectively controls access,safeguards data privacy,and reduces the risk of cyberattacks.The results depict that the suggested framework outperforms the results in terms of accuracy,precision,sensitivity,recall,and F-measure at 96.9%,98.43%,98.8%,98.43%,and 98.4%,respectively.

Characteristic Insights on Industrial Cyber Security and Popular Defense Mechanisms

Due to the deep integration of information technology and operational technology,networked control systems are experiencing an increasing risk of international cyber attacks.In practice,industrial cyber security is a significant topic because current networked control systems are supporting various critical infrastructures to offer vital utility services.By comparing with traditional IT systems,this paper first analyzes the uncontrollable cyber threats and classified attack characteristics,and elaborates the intrinsic vulnerabilities in current networked control systems and novel security challenges in future Industrial Internet.After that,in order to overcome partial vulnerabilities,this paper presents a few representative security mechanisms which have been successfully applied in today’s industrial control systems,and these mechanisms originally improve traditional IT defense technologies from the perspective of industrial availability.Finally,several popular security viewpoints,adequately covering the needs of industrial network structures and service characteristics,are proposed to combine with burgeoning industrial information technologies.We target to provide some helpful security guidelines for both academia and industry,and hope that our insights can further promote in-depth development of industrial cyber security.

Review of PLC Security Issues in Industrial Control System

Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet,and thus raising security concerns.First of all,we introduce the basic principle of PLC in this paper.Then we analyze the PLC code security,firmware security,network security,virus vulnerability and Modbus communication protocol by reviewing the previous related work.Finally,we make a summary of the current security protection methods.

Development Status and Industrial Security Countermeasures of Maize Deep-processing Industry in Shandong Province--Based on the Actual Investigation in Five Cities and Counties of Shandong Province

Corn deep processing industry is an important follow-up industry for corn production and processing. Shandong has numerous largescale corn processing enterprises and is one of the fast-growing regions in China for deep processing of corn. The status of production and processing of corn in the major corn-producing areas of Shandong Province such as Dezhou,Liaocheng and Tai'an was investigated on the spot. It was found that the development of the corn industry in Shandong also has many problems,such as the mismatch between corn demand and production areas,the excessively small planting area of special corn and the poor communication between technology and demand,resulting in barriers in technology and raw materials in the production and processing links of corn and making it difficult to form a complete industrial chain system. According to the actual investigation,a highly efficient agricultural industry safety review mechanism was established based on the sound judgement of industrial safety to ensure the safety of the company's development,and at the same time,the interpretation and promotion of the strategy of going abroad was strengthened,so as to provide a full range of information services for corn processing enterprises and help to further develop and optimize the corn industry in Shandong.

Security Risk Analysis Model for Identification and Resolution System of Industrial Internet

Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if the identification and resolution system is attacked.Moreover,it may become a threat to national security.Therefore,security plays an important role in identification and resolution system of the industrial Internet.In this paper,an innovative security risk analysis model is proposed for the first time,which can help control risks from the root at the initial stage of industrial Internet construction,provide guidance for related enterprises in the early design stage of identification and resolution system of the industrial Internet,and promote the healthy and sustainable development of the industrial identification and resolution system.

Security for Industrial Communication Systems

B. Remote Access to Stand-Alone Embedded Systems Industrial controllers, especially for power system and transportation applications, are often deployed as stand-alone systems in a geographically dispersed area. Maintenance and service costs of stand-alone embedded systems can be reduced when they can be

Security for Industrial Communication Systems

B. Network Architectures This section describes the main types of industrial and utility communication network topologies and protocols, in preparation for the discussion of specific security issues in the later sections. Communication networks for industrial automation are typically built in hierarchi-

Security for Industrial Communication Systems

D.Security on the Field Bus and Device Level As described in SectionⅢ-B,Fig.2,in- dustrial communication networks involve a number of levels.The lowest level\is closest to the application specific devices such as sensors,meters,and actuators.A large number of specialized and partly proprietary commu- nication systems,media,and protocols can be found on this level.Most were developed at a time when security issues were of lesser con- cern than today,and when no practical secu- rity measures were available.

Security for Industrial Communication Systems

E. Security of Embedded Systems for Industrial Control and Communication Industrial automation controllers are typically implemented on embedded computers. Such embedded systems have to cope with restrictions on cost, real-time performance, power consumption, and other constraints which are even more demanding than in large workstations. A reference discusses these aspects with the example of a thermostat con-

Analysis and Research on China′s Industrial Internet Security Development

Under the new situation of"integration of industrialization and industrialization"in China,security situational awareness is an important means to solve the problems of unclear boundaries,multiple roles and complex business relationships of industrial Internet.The main contents of the platform include industrial data collection,industrial protocol identification,industrial asset detection and industrial threat monitoring.Among them,risk prevention and detection,key data protection,cloud platform and identification resolution node protection are all important issues.On the one hand,escorting the industrial Internet business needs to summarize the industrial Internet network security data and master the network security situation from the overall perspective.On the other hand,it is also necessary to establish an industrial Internet platform security early warning and emergency response process system,promote the security rectification of industrial platform enterprises,find the security threats and risks that have been hidden in the industrial Internet platform for a long time,and provide perception and decision⁃making support for enterprises.

A Novel Secure Data Transmission Scheme in Industrial Internet of Things

The industrial Internet of Things(IoT)is a trend of factory development and a basic condition of intelligent factory.It is very important to ensure the security of data transmission in industrial IoT.Applying a new chaotic secure communication scheme to address the security problem of data transmission is the main contribution of this paper.The scheme is proposed and studied based on the synchronization of different-structure fractional-order chaotic systems with different order.The Lyapunov stability theory is used to prove the synchronization between the fractional-order drive system and the response system.The encryption and decryption process of the main data signals is implemented by using the n-shift encryption principle.We calculate and analyze the key space of the scheme.Numerical simulations are introduced to show the effectiveness of theoretical approach we proposed.

Edge Computing Task Scheduling with Joint Blockchain and Task Caching in Industrial Internet

Deploying task caching at edge servers has become an effectiveway to handle compute-intensive and latency-sensitive tasks on the industrialinternet. However, how to select the task scheduling location to reduce taskdelay and cost while ensuring the data security and reliable communicationof edge computing remains a challenge. To solve this problem, this paperestablishes a task scheduling model with joint blockchain and task cachingin the industrial internet and designs a novel blockchain-assisted cachingmechanism to enhance system security. In this paper, the task schedulingproblem, which couples the task scheduling decision, task caching decision,and blockchain reward, is formulated as the minimum weighted cost problemunder delay constraints. This is a mixed integer nonlinear problem, which isproved to be nonconvex and NP-hard. To solve the optimal solution, thispaper proposes a task scheduling strategy algorithm based on an improvedgenetic algorithm (IGA-TSPA) by improving the genetic algorithm initializationand mutation operations to reduce the size of the initial solutionspace and enhance the optimal solution convergence speed. In addition,an Improved Least Frequently Used algorithm is proposed to improve thecontent hit rate. Simulation results show that IGA-TSPA has a faster optimalsolution-solving ability and shorter running time compared with the existingedge computing scheduling algorithms. The established task scheduling modelnot only saves 62.19% of system overhead consumption in comparison withlocal computing but also has great significance in protecting data security,reducing task processing delay, and reducing system cost.

Optimal Deep Learning Based Intruder Identification in Industrial Internet of Things Environment

With the increased advancements of smart industries,cybersecurity has become a vital growth factor in the success of industrial transformation.The Industrial Internet of Things(IIoT)or Industry 4.0 has revolutionized the concepts of manufacturing and production altogether.In industry 4.0,powerful IntrusionDetection Systems(IDS)play a significant role in ensuring network security.Though various intrusion detection techniques have been developed so far,it is challenging to protect the intricate data of networks.This is because conventional Machine Learning(ML)approaches are inadequate and insufficient to address the demands of dynamic IIoT networks.Further,the existing Deep Learning(DL)can be employed to identify anonymous intrusions.Therefore,the current study proposes a Hunger Games Search Optimization with Deep Learning-Driven Intrusion Detection(HGSODLID)model for the IIoT environment.The presented HGSODL-ID model exploits the linear normalization approach to transform the input data into a useful format.The HGSO algorithm is employed for Feature Selection(HGSO-FS)to reduce the curse of dimensionality.Moreover,Sparrow Search Optimization(SSO)is utilized with a Graph Convolutional Network(GCN)to classify and identify intrusions in the network.Finally,the SSO technique is exploited to fine-tune the hyper-parameters involved in the GCN model.The proposed HGSODL-ID model was experimentally validated using a benchmark dataset,and the results confirmed the superiority of the proposed HGSODL-ID method over recent approaches.

Wireless Sensor Security Issues on Data Link Layer:A Survey

A computer network can be defined as many computing devices connected via a communication medium like the internet.Computer network development has proposed how humans and devices communicate today.These networks have improved,facilitated,and made conventional forms of communication easier.However,it has also led to uptick in-network threats and assaults.In 2022,the global market for information technology is expected to reach$170.4 billion.However,in contrast,95%of cyber security threats globally are caused by human action.These networks may be utilized in several control systems,such as home-automation,chemical and physical assault detection,intrusion detection,and environmental monitoring.The proposed literature review presents a wide range of information on Wireless Social Networks(WSNs)and Internet of Things(IoT)frameworks.The aim is first to be aware of the existing issues(issues with traditional methods)and network attacks on WSN and IoT systems and how to defend them.The second is to review the novel work in the domain and find its limitations.The goal is to identify the area’s primary gray field or current research divide to enable others to address the range.Finally,we concluded that configuration.Message Rapid Spanning Tree Protocol(RSTP)messages have higher efficiency in network performance degradation than alternative Bridge Data Unit Protocol(BPDU)forms.The research divides our future research into solutions and newly developed techniques that can assist in completing the lacking component.In this research,we have selected articles from 2015 to 2021 to provide users with a comprehensive literature overview.