The evolution of manufacturing systems into a smart factory brings advantages but also increased cyber-risks. This paper investigates the problem of intrusion detection and autonomous response to cyber-attacks targeting the control logic of industrial control applications for the smart factory. Specifically, we propose ASiMOV (Asynchronous Modular Verification), a self-protecting architecture for cyber–physical systems realizing a verifiable control application. ASiMOV is inspired by modular redundancy and leverages virtualization technologies to respond and to prevent cyber-attacks to the control logic. Using simulation experiments, we evaluate: the effects of an attack on an industrial control application enhanced by ASiMOV; the delay introduced by ASiMOV within a control loop; and the cyber-attack detection delay. Results show that, in the simulated scenario, the controller can work with a sampling rate of up to 200 Hertz. Any tampering with the control logic is detected without false positives/negatives in a time equal to the latency between the proposed control application and the proposed IDS (e.g., tens to hundreds of milliseconds).
ASiMOV: A self-protecting control application for the smart factory / Casalicchio, Emiliano; Gualandi, Gabriele. - In: FUTURE GENERATION COMPUTER SYSTEMS. - ISSN 0167-739X. - 115:(2021), pp. 213-235. [10.1016/j.future.2020.09.003]
ASiMOV: A self-protecting control application for the smart factory
Casalicchio, EmilianoWriting – Original Draft Preparation
;Gualandi, Gabriele
Writing – Original Draft Preparation
2021
Abstract
The evolution of manufacturing systems into a smart factory brings advantages but also increased cyber-risks. This paper investigates the problem of intrusion detection and autonomous response to cyber-attacks targeting the control logic of industrial control applications for the smart factory. Specifically, we propose ASiMOV (Asynchronous Modular Verification), a self-protecting architecture for cyber–physical systems realizing a verifiable control application. ASiMOV is inspired by modular redundancy and leverages virtualization technologies to respond and to prevent cyber-attacks to the control logic. Using simulation experiments, we evaluate: the effects of an attack on an industrial control application enhanced by ASiMOV; the delay introduced by ASiMOV within a control loop; and the cyber-attack detection delay. Results show that, in the simulated scenario, the controller can work with a sampling rate of up to 200 Hertz. Any tampering with the control logic is detected without false positives/negatives in a time equal to the latency between the proposed control application and the proposed IDS (e.g., tens to hundreds of milliseconds).I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
