A Review on Security and Privacy Issues Pertaining to Cyber-Physical Systems in the Industry 5.0 Era

The advent of Industry 5.0 marks a transformative era where Cyber-Physical Systems(CPSs)seamlessly integrate physical processes with advanced digital technologies.However,as industries become increasingly interconnected and reliant on smart digital technologies,the intersection of physical and cyber domains introduces novel security considerations,endangering the entire industrial ecosystem.The transition towards a more cooperative setting,including humans and machines in Industry 5.0,together with the growing intricacy and interconnection of CPSs,presents distinct and diverse security and privacy challenges.In this regard,this study provides a comprehensive review of security and privacy concerns pertaining to CPSs in the context of Industry 5.0.The review commences by providing an outline of the role of CPSs in Industry 5.0 and then proceeds to conduct a thorough review of the different security risks associated with CPSs in the context of Industry 5.0.Afterward,the study also presents the privacy implications inherent in these systems,particularly in light of the massive data collection and processing required.In addition,the paper delineates potential avenues for future research and provides countermeasures to surmount these challenges.Overall,the study underscores the imperative of adopting comprehensive security and privacy strategies within the context of Industry 5.0.

Exploration of Industrial Internet Security Technology and Application from the Perspective of Generative Artificial Intelligence

In recent years,artificial intelligence technology has developed rapidly around the world is widely used in various fields,and plays an important role.The integration of industrial Internet security with new technologies such as big models and generative artificial intelligence has become a hot research issue.In this regard,this paper briefly analyzes the industrial Internet security technology and application from the perspective of generative artificial intelligence,hoping to provide some valuable reference and reference for readers.

Development Status and Industrial Security Countermeasures of Maize Deep-processing Industry in Shandong Province--Based on the Actual Investigation in Five Cities and Counties of Shandong Province

Corn deep processing industry is an important follow-up industry for corn production and processing. Shandong has numerous largescale corn processing enterprises and is one of the fast-growing regions in China for deep processing of corn. The status of production and processing of corn in the major corn-producing areas of Shandong Province such as Dezhou,Liaocheng and Tai'an was investigated on the spot. It was found that the development of the corn industry in Shandong also has many problems,such as the mismatch between corn demand and production areas,the excessively small planting area of special corn and the poor communication between technology and demand,resulting in barriers in technology and raw materials in the production and processing links of corn and making it difficult to form a complete industrial chain system. According to the actual investigation,a highly efficient agricultural industry safety review mechanism was established based on the sound judgement of industrial safety to ensure the safety of the company's development,and at the same time,the interpretation and promotion of the strategy of going abroad was strengthened,so as to provide a full range of information services for corn processing enterprises and help to further develop and optimize the corn industry in Shandong.

Characteristic Insights on Industrial Cyber Security and Popular Defense Mechanisms

Due to the deep integration of information technology and operational technology,networked control systems are experiencing an increasing risk of international cyber attacks.In practice,industrial cyber security is a significant topic because current networked control systems are supporting various critical infrastructures to offer vital utility services.By comparing with traditional IT systems,this paper first analyzes the uncontrollable cyber threats and classified attack characteristics,and elaborates the intrinsic vulnerabilities in current networked control systems and novel security challenges in future Industrial Internet.After that,in order to overcome partial vulnerabilities,this paper presents a few representative security mechanisms which have been successfully applied in today’s industrial control systems,and these mechanisms originally improve traditional IT defense technologies from the perspective of industrial availability.Finally,several popular security viewpoints,adequately covering the needs of industrial network structures and service characteristics,are proposed to combine with burgeoning industrial information technologies.We target to provide some helpful security guidelines for both academia and industry,and hope that our insights can further promote in-depth development of industrial cyber security.

An Efficient and Provably Secure SM2 Key-Insulated Signature Scheme for Industrial Internet of Things

With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.

ICPS multi-target constrained comprehensive security control based on DoS attacks energy grading detection and compensation

Aiming at the industry cyber-physical system(ICPS)where Denial-of-Service(DoS)attacks and actuator failure coexist,the integrated security control problem of ICPS under multi-objective constraints was studied.First,from the perspective of the defender,according to the differential impact of the system under DoS attacks of different energies,the DoS attacks energy grading detection standard was formulated,and the ICPS comprehensive security control framework was constructed.Secondly,a security transmission strategy based on event triggering was designed.Under the DoS attack energy classification detection mechanism,for large-energy attacks,the method based on time series analysis was considered to predict and compensate for lost data.Therefore,on the basis of passive and elastic response to small energy attacks,the active defense capability against DoS attacks was increased.Then by introducing the conecomplement linearization algorithm,the calculation methods of the state and fault estimation observer and the integrated safety controller were deduced,the goal of DoS attack active and passive hybrid intrusion tolerance and actuator failure active fault tolerance were realized.Finally,a simulation example of a four-capacity water tank system was given to verify the validity of the obtained conclusions.

Machine Learning Empowered Security and Privacy Architecture for IoT Networks with the Integration of Blockchain

The Internet of Things(IoT)is growing rapidly and impacting almost every aspect of our lives,fromwearables and healthcare to security,traffic management,and fleet management systems.This has generated massive volumes of data and security,and data privacy risks are increasing with the advancement of technology and network connections.Traditional access control solutions are inadequate for establishing access control in IoT systems to provide data protection owing to their vulnerability to single-point OF failure.Additionally,conventional privacy preservation methods have high latency costs and overhead for resource-constrained devices.Previous machine learning approaches were also unable to detect denial-of-service(DoS)attacks.This study introduced a novel decentralized and secure framework for blockchain integration.To avoid single-point OF failure,an accredited access control scheme is incorporated,combining blockchain with local peers to record each transaction and verify the signature to access.Blockchain-based attribute-based cryptography is implemented to protect data storage privacy by generating threshold parameters,managing keys,and revoking users on the blockchain.An innovative contract-based DOS attack mitigation method is also incorporated to effectively validate devices with intelligent contracts as trusted or untrusted,preventing the server from becoming overwhelmed.The proposed framework effectively controls access,safeguards data privacy,and reduces the risk of cyberattacks.The results depict that the suggested framework outperforms the results in terms of accuracy,precision,sensitivity,recall,and F-measure at 96.9%,98.43%,98.8%,98.43%,and 98.4%,respectively.

A New Model for Network Security Situation Assessment of the Industrial Internet

To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First,this paper analyzes the influencing factors of the Industrial Internet and selects evaluation indicators that contain not only quantitative data but also qualitative knowledge.Second,the evaluation indicators are fused with expert knowledge and the ER algorithm.According to the fusion results,a network security situation assessment model of the Industrial Internet based on the ER and BRB method is established,and the projection covariance matrix adaptive evolution strategy(P-CMA-ES)is used to optimize the model parameters.This method can not only utilize semiquantitative information effectively but also use more uncertain information and prevent the problem of combinatorial explosion.Moreover,it solves the problem of the uncertainty of expert knowledge and overcomes the problem of low modeling accuracy caused by insufficient data.Finally,a network security situation assessment case of the Industrial Internet is analyzed to verify the effectiveness and superiority of the method.The research results showthat this method has strong applicability to the network security situation assessment of complex Industrial Internet systems.It can accurately reflect the actual network security situation of Industrial Internet systems and provide safe and reliable suggestions for network administrators to take timely countermeasures,thereby improving the risk monitoring and emergency response capabilities of the Industrial Internet.

Review of PLC Security Issues in Industrial Control System

Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet,and thus raising security concerns.First of all,we introduce the basic principle of PLC in this paper.Then we analyze the PLC code security,firmware security,network security,virus vulnerability and Modbus communication protocol by reviewing the previous related work.Finally,we make a summary of the current security protection methods.

Security Guarantee of Agriculture Industry Based on the Improvement of Legal System of Peasant Specialized Cooperative

Current status of several management models of the agriculture industry is introduced,as well as its impacts on industrial security.The management models are mainly the enterprise-like operation model,"enterprise + peasant household" model,small-scale peasants' operation model,and peasant specialized cooperative model.Functions of peasant specialized cooperative in ensuring the security of agricultural industry are introduced,which are enhancing the industrial security by organization degree,promoting the industrial security by scale economy formed by cooperative organizations,fully utilizing the resources by the factor allocation capability,and ensuring the industrial security by industrial chain improvement.Development predicaments of the peasant specialized cooperative at present are analyzed,such as small scale,poor economic benefits,and non-standard operation.Analysis shows that institutional absence is the main reason causing these predicaments.And suggestions on improving the cooperatives system in the Law of the People's Republic of China on Peasants Specialized Cooperatives are put forward,in order to better ensure the security of agriculture

Security Policies for Web Service Invocation of Automotive Industry Chain Collaboration Platform

To meet the actual requirements of an automotive industry chain collaboration platform （AICCP）, this paper offers several simple but effective security policies based upon the traditional security mechanism of data transfer, including user ID verification with SOAP （simple object access protocol）, header, SOAP message encryption with SOAP extension and XML （extensible markup language） file encryption and decryption. Application of these policies to the AICCP for more than one year proves the effectiveness of the data exchange practice between the AICCP and enterprise Intranet.

Information Security Evaluation of Industrial Control Systems Using Probabilistic Linguistic MCDM Method

Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.

The Necessity of Information Security in the Vulnerable Pharmaceutical Industry

The pharmaceutical industry produces billions of dollars in sales each year. The industry is evolving and relying on using technology more and more to conduct day-to-day business. The pharmaceutical industry generates enormous amounts of sensitive and private information such as medical records, employee information, financial data and research data. This makes the pharmaceutical industry vulnerable to cybercrime. The pharmaceutical industry has a big responsibility to stakeholders, patients, employees and customers all over the world to ensure this information is secure. It is imperative for organizations to budget adequate amounts of money and resources to have effective Information Security Management. Information Security Management is critical in the pharmaceutical industry and the alternative of not having it would be devastating to a pharmaceutical company. Cyber criminals can tarnish company reputations and the effects can take years to overcome. The main contributions of this paper will be to describe the concerns about the security of information in the pharmaceutical industry, provide examples of organizations that are victims of cybercrime, describe regulations in place to help reduce information security breaches and illustrate why information security is necessary in the pharmaceutical industry.

China Patent-Intensive Industry Greatly Stimulates Economic Growth

On October 27th,the State Intellectual Property Office released the Patent-intensive Industry Directory(2016)(trial version)(hereinafter referred to as Directory)for the first time and the China Patent-intensive Industry Statistics Report(2015).Since the year 2012,the State Intellectual Property Office has conducted research of the patent-intensive industry for four consecutive years.Based on a large number of statistical results。

Security Risk Analysis Model for Identification and Resolution System of Industrial Internet

Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if the identification and resolution system is attacked.Moreover,it may become a threat to national security.Therefore,security plays an important role in identification and resolution system of the industrial Internet.In this paper,an innovative security risk analysis model is proposed for the first time,which can help control risks from the root at the initial stage of industrial Internet construction,provide guidance for related enterprises in the early design stage of identification and resolution system of the industrial Internet,and promote the healthy and sustainable development of the industrial identification and resolution system.

Security for Industrial Communication Systems

B. Remote Access to Stand-Alone Embedded Systems Industrial controllers, especially for power system and transportation applications, are often deployed as stand-alone systems in a geographically dispersed area. Maintenance and service costs of stand-alone embedded systems can be reduced when they can be

Security for Industrial Communication Systems

B. Network Architectures This section describes the main types of industrial and utility communication network topologies and protocols, in preparation for the discussion of specific security issues in the later sections. Communication networks for industrial automation are typically built in hierarchi-

Security for Industrial Communication Systems

D.Security on the Field Bus and Device Level As described in SectionⅢ-B,Fig.2,in- dustrial communication networks involve a number of levels.The lowest level\is closest to the application specific devices such as sensors,meters,and actuators.A large number of specialized and partly proprietary commu- nication systems,media,and protocols can be found on this level.Most were developed at a time when security issues were of lesser con- cern than today,and when no practical secu- rity measures were available.

Security for Industrial Communication Systems

E. Security of Embedded Systems for Industrial Control and Communication Industrial automation controllers are typically implemented on embedded computers. Such embedded systems have to cope with restrictions on cost, real-time performance, power consumption, and other constraints which are even more demanding than in large workstations. A reference discusses these aspects with the example of a thermostat con-

Analysis and Research on China′s Industrial Internet Security Development

Under the new situation of"integration of industrialization and industrialization"in China,security situational awareness is an important means to solve the problems of unclear boundaries,multiple roles and complex business relationships of industrial Internet.The main contents of the platform include industrial data collection,industrial protocol identification,industrial asset detection and industrial threat monitoring.Among them,risk prevention and detection,key data protection,cloud platform and identification resolution node protection are all important issues.On the one hand,escorting the industrial Internet business needs to summarize the industrial Internet network security data and master the network security situation from the overall perspective.On the other hand,it is also necessary to establish an industrial Internet platform security early warning and emergency response process system,promote the security rectification of industrial platform enterprises,find the security threats and risks that have been hidden in the industrial Internet platform for a long time,and provide perception and decision⁃making support for enterprises.