Autonomy has been touted to be a major asset of Cyber-Physical Systems (CPS) and its components. By intertwining non-physical and physical processes they seamlessly integrate interdependent computational and physical components. In this contribution we take a closer look on structural constellations of CPS and their components that refer to autonomy. We also take into account development aspects and demonstrate encoding autonomy aspects into a behavior-centered representation scheme for digital twins. It features encapsulation on various layers of abstraction in the course of design and choreography for self-contained while networked operation of CPS as System-of-Systems. As digital twin models created in the course of CPS design activities can be executed automatically, the implementation and adaptation of CPS (components) is intertwined with design activities. Consequently, users can act as designers and experience CPS behavior through digital twin execution interactively. Critical elements, such as managing private data in healthcare, can be monitored and adapted to individual needs.
{"title":"Capturing Autonomy in its Multiple Facets: A Digital Twin Approach","authors":"Richard Heininger, C. Stary","doi":"10.1145/3445969.3450422","DOIUrl":"https://doi.org/10.1145/3445969.3450422","url":null,"abstract":"Autonomy has been touted to be a major asset of Cyber-Physical Systems (CPS) and its components. By intertwining non-physical and physical processes they seamlessly integrate interdependent computational and physical components. In this contribution we take a closer look on structural constellations of CPS and their components that refer to autonomy. We also take into account development aspects and demonstrate encoding autonomy aspects into a behavior-centered representation scheme for digital twins. It features encapsulation on various layers of abstraction in the course of design and choreography for self-contained while networked operation of CPS as System-of-Systems. As digital twin models created in the course of CPS design activities can be executed automatically, the implementation and adaptation of CPS (components) is intertwined with design activities. Consequently, users can act as designers and experience CPS behavior through digital twin execution interactively. Critical elements, such as managing private data in healthcare, can be monitored and adapted to individual needs.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129756717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Using role-based access control (RBAC) to manage RBAC is among RBAC's attractive benefits, contributing to its long-standing dominance in practice. Administrative models facilitate management of (mostly configuration) changes in the underlying operational models. Overall system security is crucially dependent on both the administrative and operational models. In this paper, we develop an RBAC administrative model to manage authorization assignments in the EGRBAC (enhanced generalized role-based access control) operational model for smart home IoT. We design the administrative model based on pairwise disjoint Administrative Units, each of which contains a uniquely assigned administrative role and a set of administrative tasks. Administrative tasks determine the administrative permissions available to manage the operational model assignments. We begin with a model containing a single administrative unit and then extend it to include additional units. Multiple administrative units enable decentralized administration which could be adapted to provide scalability in inherently distributed and large-scale environments beyond smart home, such as smart buildings or smart campuses. We provide formalism of our proposed model and illustrate it by specifying operational and administrative use cases. Although, the model is proposed based on a specific smart home operational model, our approach could be applied to environments with similar dynamics.
{"title":"Role-Based Administration of Role-Based Smart Home IoT","authors":"Mehrnoosh Shakarami, R. Sandhu","doi":"10.1145/3445969.3450426","DOIUrl":"https://doi.org/10.1145/3445969.3450426","url":null,"abstract":"Using role-based access control (RBAC) to manage RBAC is among RBAC's attractive benefits, contributing to its long-standing dominance in practice. Administrative models facilitate management of (mostly configuration) changes in the underlying operational models. Overall system security is crucially dependent on both the administrative and operational models. In this paper, we develop an RBAC administrative model to manage authorization assignments in the EGRBAC (enhanced generalized role-based access control) operational model for smart home IoT. We design the administrative model based on pairwise disjoint Administrative Units, each of which contains a uniquely assigned administrative role and a set of administrative tasks. Administrative tasks determine the administrative permissions available to manage the operational model assignments. We begin with a model containing a single administrative unit and then extend it to include additional units. Multiple administrative units enable decentralized administration which could be adapted to provide scalability in inherently distributed and large-scale environments beyond smart home, such as smart buildings or smart campuses. We provide formalism of our proposed model and illustrate it by specifying operational and administrative use cases. Although, the model is proposed based on a specific smart home operational model, our approach could be applied to environments with similar dynamics.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122380994","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the near future IoT will be part of every home turning our houses into smart houses, in which we have multiple users with complex social relationships between them using the same smart devices. This requires sophisticated access control specification and enforcement models. Recently, several access control models have been developed or adapted for IoT in general, with a few specifically designed for the smart home IoT domain. The majority of these models are built on role-based access control (RBAC) or attribute-based access control (ABAC) models which have had considerable traction in traditional non-IoT domains. In this paper, we introduce the smart home IoT attribute-based access control model (HABAC). HABAC is a dynamic and fine-grained model that is developed specifically to meet smart home IoT challenges. Currently it is not precisely clear what are the pros and cons of ABAC over RBAC in general, and in smart home IoT in particular. To this end we provide an analysis of HABAC relative to the previously published EGRBAC (extended generalized role based access control) model for smart home IoT. We compare the theoretical expressive power of these models by providing algorithms for converting an HABAC specification to EGRBAC and vice versa, and discuss the insights for practical deployment of these models resulting from these constructions. We conclude that a hybrid model combining ABAC and RBAC features may be the most suitable for smart home IoT, and likely more generally.
{"title":"The HABAC Model for Smart Home IoT and Comparison to EGRBAC","authors":"Safwa Ameer, R. Sandhu","doi":"10.1145/3445969.3450428","DOIUrl":"https://doi.org/10.1145/3445969.3450428","url":null,"abstract":"In the near future IoT will be part of every home turning our houses into smart houses, in which we have multiple users with complex social relationships between them using the same smart devices. This requires sophisticated access control specification and enforcement models. Recently, several access control models have been developed or adapted for IoT in general, with a few specifically designed for the smart home IoT domain. The majority of these models are built on role-based access control (RBAC) or attribute-based access control (ABAC) models which have had considerable traction in traditional non-IoT domains. In this paper, we introduce the smart home IoT attribute-based access control model (HABAC). HABAC is a dynamic and fine-grained model that is developed specifically to meet smart home IoT challenges. Currently it is not precisely clear what are the pros and cons of ABAC over RBAC in general, and in smart home IoT in particular. To this end we provide an analysis of HABAC relative to the previously published EGRBAC (extended generalized role based access control) model for smart home IoT. We compare the theoretical expressive power of these models by providing algorithms for converting an HABAC specification to EGRBAC and vice versa, and discuss the insights for practical deployment of these models resulting from these constructions. We conclude that a hybrid model combining ABAC and RBAC features may be the most suitable for smart home IoT, and likely more generally.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115694928","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Dahlmanns, J. Pennekamp, I. Fink, Bernd Schoolmann, Klaus Wehrle, Martin Henze
The ongoing digitization of industrial manufacturing leads to a decisive change in industrial communication paradigms. Moving from traditional one-to-one to many-to-many communication, publish/subscribe systems promise a more dynamic and efficient exchange of data. However, the resulting significantly more complex communication relationships render traditional end-to-end security futile for sufficiently protecting the sensitive and safety-critical data transmitted in industrial systems. Most notably, the central message brokers inherent in publish/subscribe systems introduce a designated weak spot for security as they can access all communication messages. To address this issue, we propose ENTRUST, a novel solution for key server-based end-to-end security in publish/subscribe systems. ENTRUST transparently realizes confidentiality, integrity, and authentication for publish/subscribe systems without any modification of the underlying protocol. We exemplarily implement ENTRUST on top of MQTT, the de-facto standard for machine-to-machine communication, showing that ENTRUST can integrate seamlessly into existing publish/subscribe systems.
{"title":"Transparent End-to-End Security for Publish/Subscribe Communication in Cyber-Physical Systems","authors":"M. Dahlmanns, J. Pennekamp, I. Fink, Bernd Schoolmann, Klaus Wehrle, Martin Henze","doi":"10.1145/3445969.3450423","DOIUrl":"https://doi.org/10.1145/3445969.3450423","url":null,"abstract":"The ongoing digitization of industrial manufacturing leads to a decisive change in industrial communication paradigms. Moving from traditional one-to-one to many-to-many communication, publish/subscribe systems promise a more dynamic and efficient exchange of data. However, the resulting significantly more complex communication relationships render traditional end-to-end security futile for sufficiently protecting the sensitive and safety-critical data transmitted in industrial systems. Most notably, the central message brokers inherent in publish/subscribe systems introduce a designated weak spot for security as they can access all communication messages. To address this issue, we propose ENTRUST, a novel solution for key server-based end-to-end security in publish/subscribe systems. ENTRUST transparently realizes confidentiality, integrity, and authentication for publish/subscribe systems without any modification of the underlying protocol. We exemplarily implement ENTRUST on top of MQTT, the de-facto standard for machine-to-machine communication, showing that ENTRUST can integrate seamlessly into existing publish/subscribe systems.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121917201","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Session details: Keynote Talk","authors":"Maanak Gupta","doi":"10.1145/3460494","DOIUrl":"https://doi.org/10.1145/3460494","url":null,"abstract":"","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134470506","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cyber-physical systems span a wide spectrum, from long-lived legacy systems to more modern installations. Trust is an issue that arises across the spectrum, albeit with different variants of goals and constraints. On the one end of the spectrum, legacy systems are characterized by function-based designs in which trust is an implicitly in-built concept -- the operation is historically designed, implemented, and optimized in a benign stance with respect to intended use. On the other end of the spectrum, modern systems are characterized by offerings from manufacturers, vendors, and system installers -- the devices and deployments use a variety of security features that offer promises of increased trust. All along this spectrum of cyber-physical systems, extending trust beyond the traditional cyber portions to the arteries that connect the physical portions to the cyber portions is a major challenge. Here, we identify a Trust-but-Verify approach that spans this spectrum in addressing trust.
{"title":"Trust-but-Verify in Cyber-Physical Systems","authors":"K. Perumalla","doi":"10.1145/3445969.3450434","DOIUrl":"https://doi.org/10.1145/3445969.3450434","url":null,"abstract":"Cyber-physical systems span a wide spectrum, from long-lived legacy systems to more modern installations. Trust is an issue that arises across the spectrum, albeit with different variants of goals and constraints. On the one end of the spectrum, legacy systems are characterized by function-based designs in which trust is an implicitly in-built concept -- the operation is historically designed, implemented, and optimized in a benign stance with respect to intended use. On the other end of the spectrum, modern systems are characterized by offerings from manufacturers, vendors, and system installers -- the devices and deployments use a variety of security features that offer promises of increased trust. All along this spectrum of cyber-physical systems, extending trust beyond the traditional cyber portions to the arteries that connect the physical portions to the cyber portions is a major challenge. Here, we identify a Trust-but-Verify approach that spans this spectrum in addressing trust.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134222194","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Session details: Session 2: Access Control","authors":"Smriti Bhatt","doi":"10.1145/3460496","DOIUrl":"https://doi.org/10.1145/3460496","url":null,"abstract":"","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130119713","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ibrahim Yilmaz, K. Kapoor, Ambareen Siraj, Mahmoud Abouyoussef
Utilities around the world are reported to invest a total of around $30 billion over the next few years for installation of more than 300 million smart meters, replacing traditional analog meters citeinfo. By mid-decade, with full country wide deployment, there will be almost 1.3 billion smart meters in place citeinfo. Collection of fine-grained energy usage data by these smart meters provides numerous advantages such as energy savings for customers with use of demand optimization, a billing system of higher accuracy with dynamic pricing programs, bidirectional information exchange ability between end-users for better consumer-operator interaction, and so on. However, all these perks associated with fine-grained energy usage data collection threaten the privacy of users. With this technology, customers' personal data such as sleeping cycle, number of occupants, and even type and number of appliances stream into the hands of the utility companies and can be subject to misuse. This research paper addresses privacy violation of consumers' energy usage data collected from smart meters and provides a novel solution for the privacy protection while allowing benefits of energy data analytics. First, we demonstrate the successful application of occupancy detection attacks using a deep neural network method that yields high accuracy results. We then introduce Adversarial Machine Learning Occupancy Detection Avoidance with Blockchain (AMLODA-B) framework as a counter-attack by deploying an algorithm based on the Long Short Term Memory (LSTM) model into the standardized smart metering infrastructure to prevent leakage of consumer's personal information. Our privacy-aware approach protects consumers' privacy without compromising the correctness of billing and preserves operational efficiency without use of authoritative intermediaries.
{"title":"Privacy Protection of Grid Users Data with Blockchain and Adversarial Machine Learning","authors":"Ibrahim Yilmaz, K. Kapoor, Ambareen Siraj, Mahmoud Abouyoussef","doi":"10.1145/3445969.3450431","DOIUrl":"https://doi.org/10.1145/3445969.3450431","url":null,"abstract":"Utilities around the world are reported to invest a total of around $30 billion over the next few years for installation of more than 300 million smart meters, replacing traditional analog meters citeinfo. By mid-decade, with full country wide deployment, there will be almost 1.3 billion smart meters in place citeinfo. Collection of fine-grained energy usage data by these smart meters provides numerous advantages such as energy savings for customers with use of demand optimization, a billing system of higher accuracy with dynamic pricing programs, bidirectional information exchange ability between end-users for better consumer-operator interaction, and so on. However, all these perks associated with fine-grained energy usage data collection threaten the privacy of users. With this technology, customers' personal data such as sleeping cycle, number of occupants, and even type and number of appliances stream into the hands of the utility companies and can be subject to misuse. This research paper addresses privacy violation of consumers' energy usage data collected from smart meters and provides a novel solution for the privacy protection while allowing benefits of energy data analytics. First, we demonstrate the successful application of occupancy detection attacks using a deep neural network method that yields high accuracy results. We then introduce Adversarial Machine Learning Occupancy Detection Avoidance with Blockchain (AMLODA-B) framework as a counter-attack by deploying an algorithm based on the Long Short Term Memory (LSTM) model into the standardized smart metering infrastructure to prevent leakage of consumer's personal information. Our privacy-aware approach protects consumers' privacy without compromising the correctness of billing and preserves operational efficiency without use of authoritative intermediaries.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129046051","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sai Sree Laya Chukkapalli, S. Aziz, Nouran Alotaibi, Sudip Mittal, Maanak Gupta, Mahmoud Abdelsalam
Increasing number of internet connected devices has paved a path for smarter ecosystems in various sectors such as agriculture, aquaculture, manufacturing, healthcare, etc. Especially, integrating technologies like big data, artificial intelligence (AI), blockchain, etc. with internet connected devices has increased efficiency and productivity. Therefore, fishery farmers have started adopting smart fisheries technologies to better manage their fish farms. Despite their technological advancements smart fisheries are exposed and vulnerable to cyber-attacks that would cause a negative impact on the ecosystem both physically and economically. Therefore in this paper, we present a smart fisheries ecosystem where the architecture describes various interactions that happen between internet connected devices. We develop a smart fisheries ontology based on the architecture and implement Attribute Based Access Control System (ABAC) where access to resources of smart fisheries is granted by evaluating the requests. We also discuss how access control decisions are made in multiple use case scenarios of a smart fisheries ecosystem. Furthermore, we elaborate on some AI applications that would enhance the smart fisheries ecosystem.
{"title":"Ontology driven AI and Access Control Systems for Smart Fisheries","authors":"Sai Sree Laya Chukkapalli, S. Aziz, Nouran Alotaibi, Sudip Mittal, Maanak Gupta, Mahmoud Abdelsalam","doi":"10.1145/3445969.3450429","DOIUrl":"https://doi.org/10.1145/3445969.3450429","url":null,"abstract":"Increasing number of internet connected devices has paved a path for smarter ecosystems in various sectors such as agriculture, aquaculture, manufacturing, healthcare, etc. Especially, integrating technologies like big data, artificial intelligence (AI), blockchain, etc. with internet connected devices has increased efficiency and productivity. Therefore, fishery farmers have started adopting smart fisheries technologies to better manage their fish farms. Despite their technological advancements smart fisheries are exposed and vulnerable to cyber-attacks that would cause a negative impact on the ecosystem both physically and economically. Therefore in this paper, we present a smart fisheries ecosystem where the architecture describes various interactions that happen between internet connected devices. We develop a smart fisheries ontology based on the architecture and implement Attribute Based Access Control System (ABAC) where access to resources of smart fisheries is granted by evaluating the requests. We also discuss how access control decisions are made in multiple use case scenarios of a smart fisheries ecosystem. Furthermore, we elaborate on some AI applications that would enhance the smart fisheries ecosystem.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131053097","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: