In this paper, systematic design and act of eco-security is discussed as a focal point of conflict and unrest. The situation of ecosystem, the schematic framework of eco-security design, the main acts of ecosystem imp...In this paper, systematic design and act of eco-security is discussed as a focal point of conflict and unrest. The situation of ecosystem, the schematic framework of eco-security design, the main acts of ecosystem improvement, major difficulties and challenges have also been analyzed. The purpose of this study was to formulate the systematic framework of eco-security maintenance, to highlight systematic idea or philosophy of ecological rehabilitation and eco-security. A three-dimensional schematic model is applied to design the security of ecosystem. It was concluded that: 1) maintaining ecological security requires far better and sophisticated resource management skill and ecological improvement measures, and is also a continuing and multifac-eted task. It cannot be permanently accomplished by a single action and program; 2) at present, technical system and policy and law system dimensions of ecological security are not enough even in short; 3) development of ecological industries is beneficial to local economic development and ecosystem protection.展开更多
Cyber-physical systems(CPSs)in critical infrastructure face serious threats of attack,motivating research into a wide variety of defence mechanisms such as those that monitor for violations of invariants,i.e.logical p...Cyber-physical systems(CPSs)in critical infrastructure face serious threats of attack,motivating research into a wide variety of defence mechanisms such as those that monitor for violations of invariants,i.e.logical properties over sensor and actuator states that should always be true.Many approaches for identifying invariants attempt to do so automatically,typically using data logs,but these can miss valid system properties if relevant behaviours are not well-represented in the data.Furthermore,as the CPS is already built,resolving any design flaws or weak points identified through this process is costly.In this paper,we propose a systematic method for deriving invariants from an analysis of a CPS design,based on principles of the axiomatic design methodology from design science.Our method iteratively decomposes a high-level CPS design to identify sets of dependent design parameters(i.e.sensors and actuators),allowing for invariants and invariant checkers to be derived in parallel to the implementation of the system.We apply our method to the designs of two CPS testbeds,SWaT and WADI,deriving a suite of invariant checkers that are able to detect a variety of single-and multi-stage attacks without any false positives.Finally,we reflect on the strengths and weaknesses of our approach,how it can be complemented by other defence mechanisms,and how it could help engineers to identify and resolve weak points in a design before the controllers of a CPS are implemented.展开更多
基金Supported by china's National Key Technologies ReserchDevelopement Program in the 10th Five-Year Plan(2001BA901A40)
文摘In this paper, systematic design and act of eco-security is discussed as a focal point of conflict and unrest. The situation of ecosystem, the schematic framework of eco-security design, the main acts of ecosystem improvement, major difficulties and challenges have also been analyzed. The purpose of this study was to formulate the systematic framework of eco-security maintenance, to highlight systematic idea or philosophy of ecological rehabilitation and eco-security. A three-dimensional schematic model is applied to design the security of ecosystem. It was concluded that: 1) maintaining ecological security requires far better and sophisticated resource management skill and ecological improvement measures, and is also a continuing and multifac-eted task. It cannot be permanently accomplished by a single action and program; 2) at present, technical system and policy and law system dimensions of ecological security are not enough even in short; 3) development of ecological industries is beneficial to local economic development and ecosystem protection.
基金the National Research Foundation,Singapore,under its National Satellite of Excellence Programme“Design Science and Technology for Secure Critical Infrastructure”(Award Number:NSoE DeST-SCI2019-0004).
文摘Cyber-physical systems(CPSs)in critical infrastructure face serious threats of attack,motivating research into a wide variety of defence mechanisms such as those that monitor for violations of invariants,i.e.logical properties over sensor and actuator states that should always be true.Many approaches for identifying invariants attempt to do so automatically,typically using data logs,but these can miss valid system properties if relevant behaviours are not well-represented in the data.Furthermore,as the CPS is already built,resolving any design flaws or weak points identified through this process is costly.In this paper,we propose a systematic method for deriving invariants from an analysis of a CPS design,based on principles of the axiomatic design methodology from design science.Our method iteratively decomposes a high-level CPS design to identify sets of dependent design parameters(i.e.sensors and actuators),allowing for invariants and invariant checkers to be derived in parallel to the implementation of the system.We apply our method to the designs of two CPS testbeds,SWaT and WADI,deriving a suite of invariant checkers that are able to detect a variety of single-and multi-stage attacks without any false positives.Finally,we reflect on the strengths and weaknesses of our approach,how it can be complemented by other defence mechanisms,and how it could help engineers to identify and resolve weak points in a design before the controllers of a CPS are implemented.