Edge Cloud Selection in Mobile Edge Computing(MEC)-Aided Applications for Industrial Internet of Things(IIoT)Services

In many IIoT architectures,various devices connect to the edge cloud via gateway systems.For data processing,numerous data are delivered to the edge cloud.Delivering data to an appropriate edge cloud is critical to improve IIoT service efficiency.There are two types of costs for this kind of IoT network:a communication cost and a computing cost.For service efficiency,the communication cost of data transmission should be minimized,and the computing cost in the edge cloud should be also minimized.Therefore,in this paper,the communication cost for data transmission is defined as the delay factor,and the computing cost in the edge cloud is defined as the waiting time of the computing intensity.The proposed method selects an edge cloud that minimizes the total cost of the communication and computing costs.That is,a device chooses a routing path to the selected edge cloud based on the costs.The proposed method controls the data flows in a mesh-structured network and appropriately distributes the data processing load.The performance of the proposed method is validated through extensive computer simulation.When the transition probability from good to bad is 0.3 and the transition probability from bad to good is 0.7 in wireless and edge cloud states,the proposed method reduced both the average delay and the service pause counts to about 25%of the existing method.

Cloud control for IIoT in a cloud-edge environment

The industrial Internet of Things(IIoT)is a new indus-trial idea that combines the latest information and communica-tion technologies with the industrial economy.In this paper,a cloud control structure is designed for IIoT in cloud-edge envi-ronment with three modes of 5G.For 5G based IIoT,the time sensitive network(TSN)service is introduced in transmission network.A 5G logical TSN bridge is designed to transport TSN streams over 5G framework to achieve end-to-end configuration.For a transmission control protocol(TCP)model with nonlinear disturbance,time delay and uncertainties,a robust adaptive fuzzy sliding mode controller(AFSMC)is given with control rule parameters.IIoT workflows are made up of a series of subtasks that are linked by the dependencies between sensor datasets and task flows.IIoT workflow scheduling is a non-deterministic polynomial(NP)-hard problem in cloud-edge environment.An adaptive and non-local-convergent particle swarm optimization(ANCPSO)is designed with nonlinear inertia weight to avoid falling into local optimum,which can reduce the makespan and cost dramatically.Simulation and experiments demonstrate that ANCPSO has better performances than other classical algo-rithms.

An Efficient and Provably Secure SM2 Key-Insulated Signature Scheme for Industrial Internet of Things

With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.

A Double-Timescale Reinforcement Learning Based Cloud-Edge Collaborative Framework for Decomposable Intelligent Services in Industrial Internet of Things

With the proportion of intelligent services in the industrial internet of things(IIoT)rising rapidly,its data dependency and decomposability increase the difficulty of scheduling computing resources.In this paper,we propose an intelligent service computing framework.In the framework,we take the long-term rewards of its important participants,edge service providers,as the optimization goal,which is related to service delay and computing cost.Considering the different update frequencies of data deployment and service offloading,double-timescale reinforcement learning is utilized in the framework.In the small-scale strategy,the frequent concurrency of services and the difference in service time lead to the fuzzy relationship between reward and action.To solve the fuzzy reward problem,a reward mapping-based reinforcement learning(RMRL)algorithm is proposed,which enables the agent to learn the relationship between reward and action more clearly.The large time scale strategy adopts the improved Monte Carlo tree search(MCTS)algorithm to improve the learning speed.The simulation results show that the strategy is superior to popular reinforcement learning algorithms such as double Q-learning(DDQN)and dueling Q-learning(dueling-DQN)in learning speed,and the reward is also increased by 14%.

Energy Minimization for Heterogenous Traffic Coexistence with Puncturing in Mobile Edge Computing-Based Industrial Internet of Things

Puncturing has been recognized as a promising technology to cope with the coexistence problem of enhanced mobile broadband(eMBB) and ultra-reliable low latency communications(URLLC)traffic. However, the steady performance of eMBB traffic while meeting the requirements of URLLC traffic with puncturing is a major challenge in some realistic scenarios. In this paper, we pay attention to the timely and energy-efficient processing for eMBB traffic in the industrial Internet of Things(IIoT), where mobile edge computing(MEC) is employed for data processing. Specifically, the performance of eMBB traffic and URLLC traffic in a MEC-based IIoT system is ensured by setting the threshold of tolerable delay and outage probability, respectively. Furthermore,considering the limited energy supply, an energy minimization problem of eMBB device is formulated under the above constraints, by jointly optimizing the resource blocks(RBs) punctured by URLLC traffic, data offloading and transmit power of eMBB device. With Markov's inequality, the problem is reformulated by transforming the probabilistic outage constraint into a deterministic constraint. Meanwhile, an iterative energy minimization algorithm(IEMA) is proposed.Simulation results demonstrate that our algorithm has a significant reduction in the energy consumption for eMBB device and achieves a better overall effect compared to several benchmarks.

A multi-point collaborative DDoS defense mechanism for IIoT environment

Nowadays,a large number of intelligent devices involved in the Industrial Internet of Things(IIoT)environment are posing unprecedented cybersecurity challenges.Due to the limited budget for security protection,the IIoT devices are vulnerable and easily compromised to launch Distributed Denial-of-Service(DDoS)attacks,resulting in disastrous results.Unfortunately,considering the particularity of the IIoT environment,most of the defense solutions in traditional networks cannot be directly applied to IIoT with acceptable security performance.Therefore,in this work,we propose a multi-point collaborative defense mechanism against DDoS attacks for IIoT.Specifically,for the single point DDoS defense,we design an edge-centric mechanism termed EdgeDefense for the detection,identification,classification,and mitigation of DDoS attacks and the generation of defense information.For the practical multi-point scenario,we propose a collaborative defense model against DDoS attacks to securely share the defense information across the network through the blockchain.Besides,a fast defense information sharing mechanism is designed to reduce the delay of defense information sharing and provide a responsive cybersecurity guarantee.The simulation results indicate that the identification and classification performance of the two machine learning models designed for EdgeDefense are better than those of the state-of-the-art baseline models,and therefore EdgeDefense can defend against DDoS attacks effectively.The results also verify that the proposed fast sharing mechanism can reduce the propagation delay of the defense information blocks effectively,thereby improving the responsiveness of the multi-point collaborative DDoS defense.

An ensemble deep learning model for cyber threat hunting in industrial internet of things

By the emergence of the fourth industrial revolution,interconnected devices and sensors generate large-scale,dynamic,and inharmonious data in Industrial Internet of Things(IIoT)platforms.Such vast heterogeneous data increase the challenges of security risks and data analysis procedures.As IIoT grows,cyber-attacks become more diverse and complex,making existing anomaly detection models less effective to operate.In this paper,an ensemble deep learning model that uses the benefits of the Long Short-Term Memory(LSTM)and the AutoEncoder(AE)architecture to identify out-of-norm activities for cyber threat hunting in IIoT is proposed.In this model,the LSTM is applied to create a model on normal time series of data(past and present data)to learn normal data patterns and the important features of data are identified by AE to reduce data dimension.In addition,the imbalanced nature of IIoT datasets has not been considered in most of the previous literature,affecting low accuracy and performance.To solve this problem,the proposed model extracts new balanced data from the imbalanced datasets,and these new balanced data are fed into the deep LSTM AE anomaly detection model.In this paper,the proposed model is evaluated on two real IIoT datasets-Gas Pipeline(GP)and Secure Water Treatment(SWaT)that are imbalanced and consist of long-term and short-term dependency on data.The results are compared with conventional machine learning classifiers,Random Forest(RF),Multi-Layer Perceptron(MLP),Decision Tree(DT),and Super Vector Machines(SVM),in which higher performance in terms of accuracy is obtained,99.3%and 99.7%based on GP and SWaT datasets,respectively.Moreover,the proposed ensemble model is compared with advanced related models,including Stacked Auto-Encoders(SAE),Naive Bayes(NB),Projective Adaptive Resonance Theory(PART),Convolutional Auto-Encoder(C-AE),and Package Signatures(PS)based LSTM(PS-LSTM)model.

Optimization Scheme of Trusted Task Offloading in IIoT Scenario Based on DQN

With the development of the Industrial Internet of Things(IIoT),end devices(EDs)are equipped with more functions to capture information.Therefore,a large amount of data is generated at the edge of the network and needs to be processed.However,no matter whether these computing tasks are offloaded to traditional central clusters or mobile edge computing(MEC)devices,the data is short of security and may be changed during transmission.In view of this challenge,this paper proposes a trusted task offloading optimization scheme that can offer low latency and high bandwidth services for IIoT with data security.Blockchain technology is adopted to ensure data consistency.Meanwhile,to reduce the impact of low throughput of blockchain on task offloading performance,we design the processes of consensus and offloading as a Markov decision process(MDP)by defining states,actions,and rewards.Deep reinforcement learning(DRL)algorithm is introduced to dynamically select offloading actions.To accelerate the optimization,we design a novel reward function for the DRL algorithm according to the scale and computational complexity of the task.Experiments demonstrate that compared with methods without optimization,our mechanism performs better when it comes to the number of task offloading and throughput of blockchain.

An Efficient SDFRM Security System for Blockchain Based Internet of Things

Blockchain has recently sparked interest in both the technological and businessfirms.The Internet of Things's(IoT)core principle emerged due to the connectivity of several new technologies,including wireless technology,the Inter-net,embedded automation systems,and micro-electromechanical devices.Manu-facturing environments and operations have been successfully converted by implementing recent advanced technology like Cloud Computing(CC),Cyber-Physical System(CSP),Information and Communication Technologies(ICT)and Enterprise Model,and other technological innovations into the fourth indus-trial revolution referred to as Industry 4.0.Data management is defined as the pro-cess of accumulation in order to make better business decisions,and process,secure and store information about a company.In the incipient model,there are interconnected contrivances and Machine-to-Machine(M2M)interactions,and transaction data are stored on the Blockchain.Security is a challenging aspect that must be punctiliously considered during the design and development phases of a CSP.In this research article,we proposed a Secure and Distributed Framework for Resource Management(SDFRM)in Industry 4.0 environments within a distribu-ted and collaborative Industry 4.0 system,the dynamic and trust-based Distributed Management Framework(DMF)of shared resource access.Such issues are focused by taking into account of the traditional characteristics of IoT/Industrial Internet of Things’(IIoT)-predicated environments,an SDFRM in Industry 4.0 environments within a distributed and collaborative Industry 4.0 system.Also,to ensure strong privacy over the procedures associated with Access Control(AC),a privacy-preserving method is proposed and integrated into the DMF.The proposed DMF,based on blockchain technology and peer-to-peer networks,allows dynamic access management and system governance without using third parties who could be attacked.We worked hard to design and implement the pro-posal to demonstrate its viability and evaluate its performance.Our proposal out-performs the Multichain Blockchain in terms of successful storage transactions with an achieved average throughput of 98.15%.

Intelligent Intrusion Detection for Industrial Internet of Things Using Clustering Techniques

The rapid growth of the Internet of Things(IoT)in the industrial sector has given rise to a new term:the Industrial Internet of Things(IIoT).The IIoT is a collection of devices,apps,and services that connect physical and virtual worlds to create smart,cost-effective,and scalable systems.Although the IIoT has been implemented and incorporated into a wide range of industrial control systems,maintaining its security and privacy remains a significant concern.In the IIoT contexts,an intrusion detection system(IDS)can be an effective security solution for ensuring data confidentiality,integrity,and availability.In this paper,we propose an intelligent intrusion detection technique that uses principal components analysis(PCA)as a feature engineering method to choose the most significant features,minimize data dimensionality,and enhance detection performance.In the classification phase,we use clustering algorithms such as K-medoids and K-means to determine whether a given flow of IIoT traffic is normal or attack for binary classification and identify the group of cyberattacks according to its specific type for multi-class classification.To validate the effectiveness and robustness of our proposed model,we validate the detection method on a new driven IIoT dataset called X-IIoTID.The performance results showed our proposed detection model obtained a higher accuracy rate of 99.79%and reduced error rate of 0.21%when compared to existing techniques.

Anomaly Detection for Industrial Internet of Things Cyberattacks

The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational andfinancial harm to organizations.To preserve the confidentiality,integrity,and availability of IIoT networks,an anomaly-based intrusion detection system(IDS)can be used to provide secure,reliable,and efficient IIoT ecosystems.In this paper,we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks.The proposed anomaly-based IDS is divided into three phases:pre-processing,feature selection,and classification.In the pre-processing phase,data cleaning and nor-malization are performed.In the feature selection phase,the candidates’feature vectors are computed using two feature reduction techniques,minimum redun-dancy maximum relevance and neighborhood components analysis.For thefinal step,the modeling phase,the following classifiers are used to perform the classi-fication:support vector machine,decision tree,k-nearest neighbors,and linear discriminant analysis.The proposed work uses a new data-driven IIoT data set called X-IIoTID.The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%,a sensitivity rate of 99.59%,a specificity rate of 99.58%,and a low false positive rate of 0.4%.

A Novel Approach for Network Vulnerability Analysis in IIoT

Industrial Internet of Things(IIoT)offers efficient communication among business partners and customers.With an enlargement of IoT tools connected through the internet,the ability of web traffic gets increased.Due to the raise in the size of network traffic,discovery of attacks in IIoT and malicious traffic in the early stages is a very demanding issues.A novel technique called Maximum Posterior Dichotomous Quadratic Discriminant Jaccardized Rocchio Emphasis Boost Classification(MPDQDJREBC)is introduced for accurate attack detection wi th minimum time consumption in IIoT.The proposed MPDQDJREBC technique includes feature selection and categorization.First,the network traffic features are collected from the dataset.Then applying the Maximum Posterior Dichotomous Quadratic Discriminant analysis to find the significant features for accurate classification and minimize the time consumption.After the significant features selection,classification is performed using the Jaccardized Rocchio Emphasis Boost technique.Jaccardized Rocchio Emphasis Boost Classification technique combines the weak learner result into strong output.Jaccardized Rocchio classification technique is considered as the weak learners to identify the normal and attack.Thus,proposed MPDQDJREBC technique gives strong classification results through lessening the quadratic error.This assists for proposed MPDQDJREBC technique to get better the accuracy for attack detection with reduced time usage.Experimental assessment is carried out with UNSW_NB15 Dataset using different factors such as accuracy,precision,recall,F-measure and attack detection time.The observed results exhibit the MPDQDJREBC technique provides higher accuracy and lesser time consumption than the conventional techniques.

工业物联网中数字孪生辅助任务卸载算法

针对工业物联网(IIoT)设备资源有限和边缘服务器资源动态变化导致的任务协同计算效率低等问题,该文提出一种工业物联网中数字孪生(DT)辅助任务卸载算法。首先,该算法构建了云-边-端3层数字孪生辅助任务卸载框架,在所创建的数字孪生层中生成近似最佳的任务卸载策略。其次,在任务计算时间和能量的约束下,从时延的角度研究了计算卸载过程中用户关联和任务划分的联合优化问题,建立了最小化任务卸载时间和服务失败惩罚的优化模型。最后,提出一种基于深度多智能体参数化Q网络(DMAPQN)的用户关联和任务划分算法,通过每个智能体不断地探索和学习,以获取近似最佳的用户关联和任务划分策略,并将该策略下发至物理实体网络中执行。仿真结果表明,所提任务卸载算法有效降低了任务协同计算时间,同时为每个计算任务提供近似最佳的卸载策略。

天然气地下储气库智能化建设关键技术及其发展趋势

中国储气库在数字化转型和智能化建设方面已经取得了重要成果,储气库智能化建设发展了油气藏-井筒-管网一体化耦合模拟和数字孪生等关键技术。搭建了智能储气库云平台框架,采用“数据+平台+应用”的建设模式,充分利用数据中心、物联网和工业互联网等新型基础设施,支撑各业务板块管理、研究、生产和服务等需求。储气库智能化建设研发了储气库信息化管理平台、储气库一体化综合管理平台、基于数字孪生一体化仿真的决策系统和储气库全生命周期数字化平台。智能储气库未来建设将重点发展地质体数字孪生、高精度建模、可视化动态展示、智能运营、实时智能风险预警、工业软件国产化以及北斗卫星导航系统、卫星互联网等新技术。

工业物联网中基于信息熵的联邦增量学习算法与优化

面对工业生产过程中大规模、多样且随时间增长的数据和机器学习任务,该文提出一种基于信息熵的联邦增量学习(FIL)与优化方法。基于联邦框架,各本地计算节点可利用本地数据进行模型训练,并计算信息平均熵上传至服务器,以此辅助识别类增任务;全局服务器则根据本地反馈的平均熵选择参与当前轮次训练的本地节点,并判决任务是否产生增量后,进行全局模型下发与聚合更新。所提方法结合平均熵和阈值进行不同情况下的节点选择,实现低平均熵下的模型稳定学习和高平均熵下的模型增量式扩展。在此基础上,采用凸优化,在资源有限的情况下自适应地调整聚合频率和资源分配,最终实现模型的有效收敛。仿真结果表明,在不同的情景下,该文所提方法都可以加速模型收敛并提升训练精度。

基于区块链的工业物联网隐私保护协作学习系统

为了在保护数据隐私的前提下,充分利用异构的工业物联网节点数据训练高精度模型,提出了一种基于区块链的隐私保护两阶段协作学习系统。首先,使用分组联邦学习框架,根据参与节点的算力将其划分为不同组,每组通过联邦学习训练一个适合其算力的全局模型;其次,引入分割学习,使节点能够与移动边缘计算服务器协作训练更大规模的模型,并采用差分隐私技术进一步保护数据隐私,将训练好的模型存储在区块链上,通过区块链的共识算法进一步防止恶意节点的攻击,保护模型安全;最后,为了结合多个异构全局模型的优点并进一步提高模型精度,使用每个全局模型的特征提取器从用户数据中提取特征,并将这些特征用作训练集训练更高精度的复杂模型。实验结果表明,该系统在Fashion-MNIST和CIFAR-10数据集上的性能优于传统联邦学习的性能,能够应用于工业物联网场景中以获得高精度模型。

适用于工业物联网网关的智能边缘计算

工业设备接入网络实现生产自动化的过程中数据量级快速增长,而边缘层设备资源有限,无法完成全部任务请求。针对边缘层设备合理高效处理端设备任务请求的问题,提出了一种基于多跳计算卸载方法的物联网边缘网关(Internet of Things Edge Gateway,IoTEG)框架。该框架要求数据优先在网关侧处理以降低时延和保护隐私。首先,该框架根据端设备任务流特点将其分为时敏和非时敏两类。其次,设计了任务轮转调度处理机制,对任务流按时延要求高低进行处理。最后,设计了基于实时网络资源、实时本地资源和任务类型的最优联合计算卸载策略。实验结果表明,IoTEG框架能有效提高任务卸载的成功率,并能够高效处理不同类型的任务。

一种面向工业物联网的远程安全指令控制方案

随着工业领域对智能化要求的不断提高,工业物联网(IIoT)得到了快速发展,其可以有效提高工业生产中的流程效率和决策质量,具有广阔的应用前景。然而,近年来IIoT的安全问题逐渐凸显。针对远程指令控制这一应用场景,设计一种基于SM9标识密码算法的两方协同群签名算法,并结合区块链实现面向IIoT的远程安全指令控制方案,以保障IIoT中远程指令操作的安全性。该方案基于国密SM9标准,群管理员审核指令,并与发起指令签署请求的用户协同完成群签名,群签名在保护签名者身份隐私的同时可以由群管理员在必要时公开签名者身份。通过引入区块链技术,实现IIoT平台的去中心化管理,并通过智能合约获取指令执行历史数据,方便后续审计与追责。此外,方案在签名验证阶段通过批量验证来有效减少计算消耗。安全性及性能分析结果表明:在签名数量超过20条时,该方案通过批量验证的方式可以使得计算量减少50%以上;相较对比方案,所提方案在IIoT环境下安全性和实用性更高。

价值主张转变视角下工业互联网平台建设赋能企业创新的作用机制研究

利用中国制造业A股上市公司2018—2020年公开数据,基于平台理论,引入数字创新能力,考察工业互联网平台应用形式对企业创新能力和创新绩效的影响,又以价值共创理论为支撑,探讨价值主张在这一过程中的作用机制。结果表明,相对于采用第三方工业互联网平台,企业自主建设平台更有助于促进创新,且价值主张转变在其中起到了部分中介作用,企业通过自身建立工业互联网平台能够更有优势进行价值主张的转变,吸引用户共同参与价值创造,从而全面促进科技创新。

非线性能量采集的工业物联网非线性信息年龄分析

针对工业物联网(IIoT)中对信息新鲜性日益增长的需求,提出一种基于非线性能量采集(EH)的IIoT监控系统,配备电池容量大小为B的传感器节点,从无线供电基站(WPS)使用非线性EH技术采集射频(RF)能量进行充电,电池充满后将采集到的数据发送给数据采集节点。此外,针对在复杂场景中需要设置多个非线性信息年龄(AoI)算法所存在系统较为复杂的问题,提出1个普适函数来描述不同的非线性AoI,并通过调节参数来控制函数图像形状。在推导系统非线性AoI封闭表达式的同时引入系统能量效率(EE),以两者的比值Ψ作为系统的性能指标。鉴于问题较为复杂,采用一维搜索方法来寻找最优电池容量。通过系统仿真和数值分析,证明了存在最优的电池容量B使系统Ψ最小化。仿真结果表明,信道衰落参数、状态更新大小、WPS发射功率等参数都会对系统的性能产生影响,在相关系统的优化设计时都需要考虑。当WPS发射功率为0.5 W时,指数型非线性AoI下的Ψ是对数型非线性的2倍,是线性的1.8倍。