Cyber-physical systems(CPSs)are regarded as the backbone of the fourth industrial revolution,in which communication,physical processes,and computer technology are integrated.In modern industrial systems,CPSs are widel...Cyber-physical systems(CPSs)are regarded as the backbone of the fourth industrial revolution,in which communication,physical processes,and computer technology are integrated.In modern industrial systems,CPSs are widely utilized across various domains,such as smart grids,smart healthcare systems,smart vehicles,and smart manufacturing,among others.Due to their unique spatial distribution,CPSs are highly vulnerable to cyber-attacks,which may result in severe performance degradation and even system instability.Consequently,the security concerns of CPSs have attracted significant attention in recent years.In this paper,a comprehensive survey on the security issues of CPSs under cyber-attacks is provided.Firstly,mathematical descriptions of various types of cyberattacks are introduced in detail.Secondly,two types of secure estimation and control processing schemes,including robust methods and active methods,are reviewed.Thirdly,research findings related to secure control and estimation problems for different types of CPSs are summarized.Finally,the survey is concluded by outlining the challenges and suggesting potential research directions for the future.展开更多
The rapid evolution of smart cities has led to the deployment of Cyber-Physical IoT Systems(CPS-IoT)for real-time monitoring,intelligent decision-making,and efficient resource management,particularly in intelligent tr...The rapid evolution of smart cities has led to the deployment of Cyber-Physical IoT Systems(CPS-IoT)for real-time monitoring,intelligent decision-making,and efficient resource management,particularly in intelligent transportation and vehicular networks.Edge intelligence plays a crucial role in these systems by enabling low-latency processing and localized optimization for dynamic,data-intensive,and vehicular environments.However,challenges such as high computational overhead,uneven load distribution,and inefficient utilization of communication resources significantly hinder scalability and responsiveness.Our research presents a robust framework that integrates artificial intelligence and edge-level traffic prediction for CPS-IoT systems.Distributed computing for selecting forwarders and analyzing threats across the IoT system enhances stability while improving energy efficiency.In addition,to achieve efficient routing decision-making,the Artificial Bee Colony algorithmis explored to enhance the effective utilization of network resources across IoT systems.Based on the simulation results,the proposed framework achieves remarkable performance in terms of throughput by 38%–41%,packet loss ratio by 30%–33%,security risk mitigation by 35%–37%,and trust level by 41%–44%as compared to existing work.展开更多
Cyber-Physical Networks(CPN)are comprehensive systems that integrate information and physical domains,and are widely used in various fields such as online social networking,smart grids,and the Internet of Vehicles(IoV...Cyber-Physical Networks(CPN)are comprehensive systems that integrate information and physical domains,and are widely used in various fields such as online social networking,smart grids,and the Internet of Vehicles(IoV).With the increasing popularity of digital photography and Internet technology,more and more users are sharing images on CPN.However,many images are shared without any privacy processing,exposing hidden privacy risks and making sensitive content easily accessible to Artificial Intelligence(AI)algorithms.Existing image sharing methods lack fine-grained image sharing policies and cannot protect user privacy.To address this issue,we propose a social relationship-driven privacy customization protection model for publishers and co-photographers.We construct a heterogeneous social information network centered on social relationships,introduce a user intimacy evaluation method with time decay,and evaluate privacy levels considering user interest similarity.To protect user privacy while maintaining image appreciation,we design a lightweight face-swapping algorithm based on Generative Adversarial Network(GAN)to swap faces that need to be protected.Our proposed method minimizes the loss of image utility while satisfying privacy requirements,as shown by extensive theoretical and simulation analyses.展开更多
While in the past the robustness of transportation networks was studied considering the cyber and physical space as isolated environments this is no longer the case.Integrating the Internet of Things devices in the se...While in the past the robustness of transportation networks was studied considering the cyber and physical space as isolated environments this is no longer the case.Integrating the Internet of Things devices in the sensing area of transportation infrastructure has resulted in ubiquitous cyber-physical systems and increasing interdependen-cies between the physical and cyber networks.As a result,the robustness of transportation networks relies on the uninterrupted serviceability of physical and cyber networks.Current studies on interdependent networks overlook the civil engineering aspect of cyber-physical systems.Firstly,they rely on the assumption of a uniform and strong level of interdependency.That is,once a node within a network fails its counterpart fails immedi-ately.Current studies overlook the impact of earthquake and other natural hazards on the operation of modern transportation infrastructure,that now serve as a cyber-physical system.The last is responsible not only for the physical operation(e.g.,flow of vehicles)but also for the continuous data transmission and subsequently the cy-ber operation of the entire transportation network.Therefore,the robustness of modern transportation networks should be modelled from a new cyber-physical perspective that includes civil engineering aspects.In this paper,we propose a new robustness assessment approach for modern transportation networks and their underlying in-terdependent physical and cyber network,subjected to earthquake events.The novelty relies on the modelling of interdependent networks,in the form of a graph,based on their interdependency levels.We associate the service-ability level of the coupled physical and cyber network with the damage states induced by earthquake events.Robustness is then measured as a degradation of the cyber-physical serviceability level.The application of the approach is demonstrated by studying an illustrative transportation network using seismic data from real-world transportation infrastructure.Furthermore,we propose the integration of a robustness improvement indicator based on physical and cyber attributes to enhance the cyber-physical serviceability level.Results indicate an improvement in robustness level(i.e.,41%)by adopting the proposed robustness improvement indicator.The usefulness of our approach is highlighted by comparing it with other methods that consider strong interdepen-dencies and key node protection strategies.The approach is of interest to stakeholders who are attempting to incorporate cyber-physical systems into civil engineering systems.展开更多
This paper designs distributed Nash equilibrium seeking strategies for heterogeneous dynamic cyber-physical systems.In particular, we are concerned with parametric uncertainties in the control channel of the players. ...This paper designs distributed Nash equilibrium seeking strategies for heterogeneous dynamic cyber-physical systems.In particular, we are concerned with parametric uncertainties in the control channel of the players. Moreover, the weights on communication links can be compromised by time-varying uncertainties, which can result from possibly malicious attacks,faults and disturbances. To deal with the unavailability of measurement of optimization errors, an output observer is constructed,based on which adaptive laws are designed to compensate for physical uncertainties. With adaptive laws, a new distributed Nash equilibrium seeking strategy is designed by further integrating consensus protocols and gradient search algorithms.Moreover, to further accommodate compromised communication weights resulting from cyber-uncertainties, the coupling strengths of the consensus module are designed to be adaptive. As a byproduct, the coupling strengths are independent of any global information. With theoretical investigations, it is proven that the proposed strategies are resilient to these uncertainties and players' actions are convergent to the Nash equilibrium. Simulation examples are given to numerically validate the effectiveness of the proposed strategies.展开更多
This paper explores security risks in state estimation based on multi-sensor systems that implement a Kalman filter and aχ^(2) detector.When measurements are transmitted via wireless networks to a remote estimator,th...This paper explores security risks in state estimation based on multi-sensor systems that implement a Kalman filter and aχ^(2) detector.When measurements are transmitted via wireless networks to a remote estimator,the innovation sequence becomes susceptible to interception and manipulation by adversaries.We consider a class of linear deception attacks,wherein the attacker alters the innovation to degrade estimation accuracy while maintaining stealth against the detector.Given the inherent volatility of the detection function based on theχ^(2) detector,we propose broadening the traditional feasibility constraint to accommodate a certain degree of deviation from the distribution of the innovation.This broadening enables the design of stealthy attacks that exploit the tolerance inherent in the detection mechanism.The state estimation error is quantified and analyzed by deriving the iteration of the error covariance matrix of the remote estimator under these conditions.The selected degree of deviation is combined with the error covariance to establish the objective function and the attack scheme is acquired by solving an optimization problem.Furthermore,we propose a novel detection algorithm that employs a majority-voting mechanism to determine whether the system is under attack,with decision parameters dynamically adjusted in response to system behavior.This approach enhances sensitivity to stealthy and persistent attacks without increasing the false alarm rate.Simulation results show that the designed leads to about a 41%rise in the trace of error covariance for stable systems and 29%for unstable systems,significantly impairing estimation performance.Concurrently,the proposed detection algorithm enhances the attack detection rate by 33%compared to conventional methods.展开更多
In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are qu...In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are quantized before transmission.A specific type of perfect stealthy attack, which meets certain rather stringent conditions, is taken into account. Such attacks could be injected by adversaries into both the sensor-toestimator and controller-to-actuator channels, with the aim of disrupting the normal data flow. For the purpose of defending against these perfect stealthy attacks, a novel scheme based on watermarks is developed. This scheme includes the injection of watermarks(applied to data prior to quantization) and the recovery of data(implemented before the data reaches the estimator).The watermark-based scheme is designed to be both timevarying and hidden from adversaries through incorporating a time-varying and bounded watermark signal. Subsequently, a watermark-based attack detection strategy is proposed which thoroughly considers the characteristics of perfect stealthy attacks,thereby ensuring that an alarm is activated upon the occurrence of such attacks. An example is provided to demonstrate the efficacy of the proposed mechanism for detecting attacks.展开更多
The integration of cloud computing into traditional industrial control systems is accelerating the evolution of Industrial Cyber-Physical System(ICPS),enhancing intelligence and autonomy.However,this transition also e...The integration of cloud computing into traditional industrial control systems is accelerating the evolution of Industrial Cyber-Physical System(ICPS),enhancing intelligence and autonomy.However,this transition also expands the attack surface,introducing critical security vulnerabilities.To address these challenges,this article proposes a hybrid intrusion detection scheme for securing ICPSs that combines system state anomaly and network traffic anomaly detection.Specifically,an improved variation-Bayesian-based noise covariance-adaptive nonlinear Kalman filtering(IVB-NCA-NLKF)method is developed to model nonlinear system dynamics,enabling optimal state estimation in multi-sensor ICPS environments.Intrusions within the physical sensing system are identified by analyzing residual discrepancies between predicted and observed system states.Simultaneously,an adaptive network traffic anomaly detection mechanism is introduced,leveraging learned traffic patterns to detect node-and network-level anomalies through pattern matching.Extensive experiments on a simulated network control system demonstrate that the proposed framework achieves higher detection accuracy(92.14%)with a reduced false alarm rate(0.81%).Moreover,it not only detects known attacks and vulnerabilities but also uncovers stealthy attacks that induce system state deviations,providing a robust and comprehensive security solution for the safety protection of ICPS.展开更多
Cyber-physical systems(CPSs)are increasingly vulnerable to cyber-attacks due to their integral connection between cyberspace and the physical world,which is augmented by Internet connectivity.This vulnerability necess...Cyber-physical systems(CPSs)are increasingly vulnerable to cyber-attacks due to their integral connection between cyberspace and the physical world,which is augmented by Internet connectivity.This vulnerability necessitates a heightened focus on developing resilient control mechanisms for CPSs.However,current observer-based active compensation resilient controllers exhibit poor performance against stealthy deception attacks(SDAs)due to the difficulty in accurately reconstructing system states because of the stealthy nature of these attacks.Moreover,some non-active compensation approaches are insufficient when there is a complete loss of actuator control authority.To address these issues,we introduce a novel learning-based passive resilient controller(LPRC).Our approach,unlike observer-based state reconstruction,shows enhanced effectiveness in countering SDAs.We developed a safety state set,represented by an ellipsoid,to ensure CPS stability under SDA conditions,maintaining system trajectories within this set.Additionally,by employing deep reinforcement learning(DRL),the LPRC acquires the capacity to adapt and diverse evolving attack strategies.To empirically substantiate our methodology,various attack methods were compared with current passive and active compensation resilient control methods to evaluate their performance.展开更多
Abstract Performance optimization of cyber-physical systems (CPS) calls for co-design strategies that handle the issues in both computing domain and physical domain. Periods of controller tasks integrated into a uni...Abstract Performance optimization of cyber-physical systems (CPS) calls for co-design strategies that handle the issues in both computing domain and physical domain. Periods of controller tasks integrated into a uniprocessor system are related to both control performance and real-time schedu- lability analysis simultaneously. System performance improvement can be achieved by optimizing the periods of controller tasks. This paper extends an existing model to select task periods in real-time for CPS with fixed priority controller tasks scheduled by rate-monotonic algorithm. When all the tasks can be integrated, the analytic solution of the problem is derived by using the method of Lagrange multipliers and gradient descent method is evaluated to be suitable online. To further deal with the condition that the system is overloaded, an integrated method is proposed to select periods of tasks online by selecting a subset of tasks first and then optimizing the periods for them. Experimental results demonstrate that our method yields near-optimal result with a short running time.展开更多
With the booming of cyber attacks and cyber criminals against cyber-physical systems(CPSs),detecting these attacks remains challenging.It might be the worst of times,but it might be the best of times because of opport...With the booming of cyber attacks and cyber criminals against cyber-physical systems(CPSs),detecting these attacks remains challenging.It might be the worst of times,but it might be the best of times because of opportunities brought by machine learning(ML),in particular deep learning(DL).In general,DL delivers superior performance to ML because of its layered setting and its effective algorithm for extract useful information from training data.DL models are adopted quickly to cyber attacks against CPS systems.In this survey,a holistic view of recently proposed DL solutions is provided to cyber attack detection in the CPS context.A six-step DL driven methodology is provided to summarize and analyze the surveyed literature for applying DL methods to detect cyber attacks against CPS systems.The methodology includes CPS scenario analysis,cyber attack identification,ML problem formulation,DL model customization,data acquisition for training,and performance evaluation.The reviewed works indicate great potential to detect cyber attacks against CPS through DL modules.Moreover,excellent performance is achieved partly because of several highquality datasets that are readily available for public use.Furthermore,challenges,opportunities,and research trends are pointed out for future research.展开更多
Cyber-physical systems (CPSs) are integrations of computation, communication, control and physical processes. Typical examples where CPSs are deployed include smart grids, civil infrastructure, medical devices and m...Cyber-physical systems (CPSs) are integrations of computation, communication, control and physical processes. Typical examples where CPSs are deployed include smart grids, civil infrastructure, medical devices and manufacturing. Security is one of the most important issues that should be investigated in CPSs and hence has received much attention in recent years. This paper surveys recent results in this area and mainly focusses on three important categories: attack detection, attack design and secure estimation and control. We also discuss several future research directions including risk assessment, modeling of attacks and attacks design, counter-attack strategy and testbed and validation.展开更多
With the concepts of Industry 4.0 and smart manufacturing gaining popularity,there is a growing notion that conventional manufacturing will witness a transition toward a new paradigm,targeting innovation,automation,be...With the concepts of Industry 4.0 and smart manufacturing gaining popularity,there is a growing notion that conventional manufacturing will witness a transition toward a new paradigm,targeting innovation,automation,better response to customer needs,and intelligent systems.Within this context,this review focuses on the concept of cyber–physical production system(CPPS)and presents a holistic perspective on the role of the CPPS in three key and essential drivers of this transformation:data-driven manufacturing,decentralized manufacturing,and integrated blockchains for data security.The paper aims to connect these three aspects of smart manufacturing and proposes that through the application of data-driven modeling,CPPS will aid in transforming manufacturing to become more intuitive and automated.In turn,automated manufacturing will pave the way for the decentralization of manufacturing.Layering blockchain technologies on top of CPPS will ensure the reliability and security of data sharing and integration across decentralized systems.Each of these claims is supported by relevant case studies recently published in the literature and from the industry;a brief on existing challenges and the way forward is also provided.展开更多
The concept of sharing of personal health data over cloud storage in a healthcare-cyber physical system has become popular in recent times as it improves access quality.The privacy of health data can only be preserved...The concept of sharing of personal health data over cloud storage in a healthcare-cyber physical system has become popular in recent times as it improves access quality.The privacy of health data can only be preserved by keeping it in an encrypted form,but it affects usability and flexibility in terms of effective search.Attribute-based searchable encryption(ABSE)has proven its worth by providing fine-grained searching capabilities in the shared cloud storage.However,it is not practical to apply this scheme to the devices with limited resources and storage capacity because a typical ABSE involves serious computations.In a healthcare cloud-based cyber-physical system(CCPS),the data is often collected by resource-constraint devices;therefore,here also,we cannot directly apply ABSE schemes.In the proposed work,the inherent computational cost of the ABSE scheme is managed by executing the computationally intensive tasks of a typical ABSE scheme on the blockchain network.Thus,it makes the proposed scheme suitable for online storage and retrieval of personal health data in a typical CCPS.With the assistance of blockchain technology,the proposed scheme offers two main benefits.First,it is free from a trusted authority,which makes it genuinely decentralized and free from a single point of failure.Second,it is computationally efficient because the computational load is now distributed among the consensus nodes in the blockchain network.Specifically,the task of initializing the system,which is considered the most computationally intensive,and the task of partial search token generation,which is considered as the most frequent operation,is now the responsibility of the consensus nodes.This eliminates the need of the trusted authority and reduces the burden of data users,respectively.Further,in comparison to existing decentralized fine-grained searchable encryption schemes,the proposed scheme has achieved a significant reduction in storage and computational cost for the secret key associated with users.It has been verified both theoretically and practically in the performance analysis section.展开更多
Cyber-physical systems(CPSs) are integrations of networks, computation and physical processes, where embedded computing devices continually sense, monitor, and control the physical processes through networks. Networke...Cyber-physical systems(CPSs) are integrations of networks, computation and physical processes, where embedded computing devices continually sense, monitor, and control the physical processes through networks. Networked industrial processes combining internet, real-time computer control systems and industrial processes together are typical CPSs. With the increasingly frequent cyber-attack, security issues have gradually become key problems for CPSs. In this paper, a cyber-physical system security protection approach for networked industrial processes, i.e., industrial CPSs, is proposed. In this approach, attacks are handled layer by layer from general information technology(IT) security protection, to active protection, then to intrusion tolerance and physical security protection. The intrusion tolerance implemented in real-time control systems is the most critical layer because the real time control system directly affects the physical layer. This novel intrusion tolerance scheme with a closed loop defense framework takes into account the special requirements of industrial CPSs. To illustrate the effectiveness of the CPS security protection approach, a networked water level control system is described as a case study in the architecture analysis and design language(AADL) environment. Simulation results show that 3 types of injected attacks can be quickly defended by using the proposed protection approach.展开更多
This study considers the performance impacts of false data injection attacks on the cascading failures of a power cyber-physical system,and identifies vulnerable nodes.First,considering the monitoring and control func...This study considers the performance impacts of false data injection attacks on the cascading failures of a power cyber-physical system,and identifies vulnerable nodes.First,considering the monitoring and control functions of a cyber network and power flow characteristics of a power network,a power cyber-physical system model is established.Then,the influences of a false data attack on the decision-making and control processes of the cyber network communication processes are studied,and a cascading failure analysis process is proposed for the cyber-attack environment.In addition,a vulnerability evaluation index is defined from two perspectives,i.e.,the topology integrity and power network operation characteristics.Moreover,the effectiveness of a power flow betweenness assessment for vulnerable nodes in the cyberphysical environment is verified based on comparing the node power flow betweenness and vulnerability assessment index.Finally,an IEEE14-bus power network is selected for constructing a power cyber-physical system.Simulations show that both the uplink communication channel and downlink communication channel suffer from false data attacks,which affect the ability of the cyber network to suppress the propagation of cascading failures,and expand the scale of the cascading failures.The vulnerability evaluation index is calculated for each node,so as to verify the effectiveness of identifying vulnerable nodes based on the power flow betweenness.展开更多
The emerging prototype for a Smart City is one of an urban environment with a new generation of inno- vative services for transportation, energy distribution, healthcare, environmental monitoring, business, commerce, ...The emerging prototype for a Smart City is one of an urban environment with a new generation of inno- vative services for transportation, energy distribution, healthcare, environmental monitoring, business, commerce, emergency response, and social activities. Enabling the technology for such a setting re- quires a viewpoint of Smart Cities as cyber-physical systems (CPSs) that include new software platforms and strict requirements for mobility, security, safety, privacy, and the processing of massive amounts of information. This paper identifies some key defining characteristics of a Smart City, discusses some lessons learned from viewing them as CPSs, and outlines some fundamental research issues that remain largely open.展开更多
Considered as a top priority of industrial devel- opment, Industry 4.0 (or Industrie 4.0 as the German ver- sion) has being highlighted as the pursuit of both academy and practice in companies. In this paper, based ...Considered as a top priority of industrial devel- opment, Industry 4.0 (or Industrie 4.0 as the German ver- sion) has being highlighted as the pursuit of both academy and practice in companies. In this paper, based on the review of state of art and also the state of practice in dif- ferent countries, shortcomings have been revealed as the lacking of applicable framework for the implementation of Industrie 4.0. Therefore, in order to shed some light on the knowledge of the details, a reference architecture is developed, where four perspectives namely manufacturing process, devices, software and engineering have been highlighted. Moreover, with a view on the importance of Cyber-Physical systems, the structure of Cyber-Physical System are established for the in-depth analysis. Further cases with the usage of Cyber-Physical System are also arranged, which attempts to provide some implications to match the theoretical findings together with the experience of companies. In general, results of this paper could be useful for the extending on the theoretical understanding of Industrie 4.0. Additionally, applied framework and proto- types based on the usage of Cyber-Physical Systems are also potential to help companies to design the layout of sensor nets, to achieve coordination and controlling of smart machines, to realize synchronous production with systematic structure, and to extend the usage of information and communication technologies to the maintenance scheduling.展开更多
In today's modern electric vehicles,enhancing the safety-critical cyber-physical system(CPS)'s performance is necessary for the safe maneuverability of the vehicle.As a typical CPS,the braking system is crucia...In today's modern electric vehicles,enhancing the safety-critical cyber-physical system(CPS)'s performance is necessary for the safe maneuverability of the vehicle.As a typical CPS,the braking system is crucial for the vehicle design and safe control.However,precise state estimation of the brake pressure is desired to perform safe driving with a high degree of autonomy.In this paper,a sensorless state estimation technique of the vehicle's brake pressure is developed using a deep-learning approach.A deep neural network(DNN)is structured and trained using deep-learning training techniques,such as,dropout and rectified units.These techniques are utilized to obtain more accurate model for brake pressure state estimation applications.The proposed model is trained using real experimental training data which were collected via conducting real vehicle testing.The vehicle was attached to a chassis dynamometer while the brake pressure data were collected under random driving cycles.Based on these experimental data,the DNN is trained and the performance of the proposed state estimation approach is validated accordingly.The results demonstrate high-accuracy brake pressure state estimation with RMSE of 0.048 MPa.展开更多
In this paper,a new filtering fusion problem is studied for nonlinear cyber-physical systems under errorvariance constraints and denial-of-service attacks.To prevent data collision and reduce communication cost,the st...In this paper,a new filtering fusion problem is studied for nonlinear cyber-physical systems under errorvariance constraints and denial-of-service attacks.To prevent data collision and reduce communication cost,the stochastic communication protocol is adopted in the sensor-to-filter channels to regulate the transmission order of sensors.Each sensor is allowed to enter the network according to the transmission priority decided by a set of independent and identicallydistributed random variables.From the defenders’view,the occurrence of the denial-of-service attack is governed by the randomly Bernoulli-distributed sequence.At the local filtering stage,a set of variance-constrained local filters are designed where the upper bounds(on the filtering error covariances)are first acquired and later minimized by appropriately designing filter parameters.At the fusion stage,all local estimates and error covariances are combined to develop a variance-constrained fusion estimator under the federated fusion rule.Furthermore,the performance of the fusion estimator is examined by studying the boundedness of the fused error covariance.A simulation example is finally presented to demonstrate the effectiveness of the proposed fusion estimator.展开更多
文摘Cyber-physical systems(CPSs)are regarded as the backbone of the fourth industrial revolution,in which communication,physical processes,and computer technology are integrated.In modern industrial systems,CPSs are widely utilized across various domains,such as smart grids,smart healthcare systems,smart vehicles,and smart manufacturing,among others.Due to their unique spatial distribution,CPSs are highly vulnerable to cyber-attacks,which may result in severe performance degradation and even system instability.Consequently,the security concerns of CPSs have attracted significant attention in recent years.In this paper,a comprehensive survey on the security issues of CPSs under cyber-attacks is provided.Firstly,mathematical descriptions of various types of cyberattacks are introduced in detail.Secondly,two types of secure estimation and control processing schemes,including robust methods and active methods,are reviewed.Thirdly,research findings related to secure control and estimation problems for different types of CPSs are summarized.Finally,the survey is concluded by outlining the challenges and suggesting potential research directions for the future.
基金supported and funded by theDeanship of Scientific Research at ImamMohammad Ibn Saud Islamic University(IMSIU)(grant number IMSIU-DDRSP2504).
文摘The rapid evolution of smart cities has led to the deployment of Cyber-Physical IoT Systems(CPS-IoT)for real-time monitoring,intelligent decision-making,and efficient resource management,particularly in intelligent transportation and vehicular networks.Edge intelligence plays a crucial role in these systems by enabling low-latency processing and localized optimization for dynamic,data-intensive,and vehicular environments.However,challenges such as high computational overhead,uneven load distribution,and inefficient utilization of communication resources significantly hinder scalability and responsiveness.Our research presents a robust framework that integrates artificial intelligence and edge-level traffic prediction for CPS-IoT systems.Distributed computing for selecting forwarders and analyzing threats across the IoT system enhances stability while improving energy efficiency.In addition,to achieve efficient routing decision-making,the Artificial Bee Colony algorithmis explored to enhance the effective utilization of network resources across IoT systems.Based on the simulation results,the proposed framework achieves remarkable performance in terms of throughput by 38%–41%,packet loss ratio by 30%–33%,security risk mitigation by 35%–37%,and trust level by 41%–44%as compared to existing work.
基金supported in part by National Natural Science Foundation of China(62271096,U20A20157)Natural Science Foundation of Chongqing,China(cstc2020jcyj-zdxmX0024,CSTB2022NSCQMSX0600)+5 种基金University Innovation Research Group of Chongqing(CXQT20017)Program for Innovation Team Building at Institutions of Higher Education in Chongqing(CXTDX201601020)Science and Technology Research Program of Chongqing Municipal Education Commission(KJQN202000626)Youth Innovation Group Support Program of ICE Discipline of CQUPT(SCIE-QN-2022-04)the Science and Technology Research Program of Chongqing Municipal Education Commission under Grant KJQN202000626Chongqing Municipal Technology Innovation and Application Development Special Key Project(cstc2020jscx-dxwtBX0053)。
文摘Cyber-Physical Networks(CPN)are comprehensive systems that integrate information and physical domains,and are widely used in various fields such as online social networking,smart grids,and the Internet of Vehicles(IoV).With the increasing popularity of digital photography and Internet technology,more and more users are sharing images on CPN.However,many images are shared without any privacy processing,exposing hidden privacy risks and making sensitive content easily accessible to Artificial Intelligence(AI)algorithms.Existing image sharing methods lack fine-grained image sharing policies and cannot protect user privacy.To address this issue,we propose a social relationship-driven privacy customization protection model for publishers and co-photographers.We construct a heterogeneous social information network centered on social relationships,introduce a user intimacy evaluation method with time decay,and evaluate privacy levels considering user interest similarity.To protect user privacy while maintaining image appreciation,we design a lightweight face-swapping algorithm based on Generative Adversarial Network(GAN)to swap faces that need to be protected.Our proposed method minimizes the loss of image utility while satisfying privacy requirements,as shown by extensive theoretical and simulation analyses.
文摘While in the past the robustness of transportation networks was studied considering the cyber and physical space as isolated environments this is no longer the case.Integrating the Internet of Things devices in the sensing area of transportation infrastructure has resulted in ubiquitous cyber-physical systems and increasing interdependen-cies between the physical and cyber networks.As a result,the robustness of transportation networks relies on the uninterrupted serviceability of physical and cyber networks.Current studies on interdependent networks overlook the civil engineering aspect of cyber-physical systems.Firstly,they rely on the assumption of a uniform and strong level of interdependency.That is,once a node within a network fails its counterpart fails immedi-ately.Current studies overlook the impact of earthquake and other natural hazards on the operation of modern transportation infrastructure,that now serve as a cyber-physical system.The last is responsible not only for the physical operation(e.g.,flow of vehicles)but also for the continuous data transmission and subsequently the cy-ber operation of the entire transportation network.Therefore,the robustness of modern transportation networks should be modelled from a new cyber-physical perspective that includes civil engineering aspects.In this paper,we propose a new robustness assessment approach for modern transportation networks and their underlying in-terdependent physical and cyber network,subjected to earthquake events.The novelty relies on the modelling of interdependent networks,in the form of a graph,based on their interdependency levels.We associate the service-ability level of the coupled physical and cyber network with the damage states induced by earthquake events.Robustness is then measured as a degradation of the cyber-physical serviceability level.The application of the approach is demonstrated by studying an illustrative transportation network using seismic data from real-world transportation infrastructure.Furthermore,we propose the integration of a robustness improvement indicator based on physical and cyber attributes to enhance the cyber-physical serviceability level.Results indicate an improvement in robustness level(i.e.,41%)by adopting the proposed robustness improvement indicator.The usefulness of our approach is highlighted by comparing it with other methods that consider strong interdepen-dencies and key node protection strategies.The approach is of interest to stakeholders who are attempting to incorporate cyber-physical systems into civil engineering systems.
基金supported by the National Key R&D Program of China(2022ZD0119604)the National Natural Science Foundation of China(NSFC)(62173181,62222308,62221004)the Natural Science Foundation of Jiangsu Province(BK20220139)
文摘This paper designs distributed Nash equilibrium seeking strategies for heterogeneous dynamic cyber-physical systems.In particular, we are concerned with parametric uncertainties in the control channel of the players. Moreover, the weights on communication links can be compromised by time-varying uncertainties, which can result from possibly malicious attacks,faults and disturbances. To deal with the unavailability of measurement of optimization errors, an output observer is constructed,based on which adaptive laws are designed to compensate for physical uncertainties. With adaptive laws, a new distributed Nash equilibrium seeking strategy is designed by further integrating consensus protocols and gradient search algorithms.Moreover, to further accommodate compromised communication weights resulting from cyber-uncertainties, the coupling strengths of the consensus module are designed to be adaptive. As a byproduct, the coupling strengths are independent of any global information. With theoretical investigations, it is proven that the proposed strategies are resilient to these uncertainties and players' actions are convergent to the Nash equilibrium. Simulation examples are given to numerically validate the effectiveness of the proposed strategies.
文摘This paper explores security risks in state estimation based on multi-sensor systems that implement a Kalman filter and aχ^(2) detector.When measurements are transmitted via wireless networks to a remote estimator,the innovation sequence becomes susceptible to interception and manipulation by adversaries.We consider a class of linear deception attacks,wherein the attacker alters the innovation to degrade estimation accuracy while maintaining stealth against the detector.Given the inherent volatility of the detection function based on theχ^(2) detector,we propose broadening the traditional feasibility constraint to accommodate a certain degree of deviation from the distribution of the innovation.This broadening enables the design of stealthy attacks that exploit the tolerance inherent in the detection mechanism.The state estimation error is quantified and analyzed by deriving the iteration of the error covariance matrix of the remote estimator under these conditions.The selected degree of deviation is combined with the error covariance to establish the objective function and the attack scheme is acquired by solving an optimization problem.Furthermore,we propose a novel detection algorithm that employs a majority-voting mechanism to determine whether the system is under attack,with decision parameters dynamically adjusted in response to system behavior.This approach enhances sensitivity to stealthy and persistent attacks without increasing the false alarm rate.Simulation results show that the designed leads to about a 41%rise in the trace of error covariance for stable systems and 29%for unstable systems,significantly impairing estimation performance.Concurrently,the proposed detection algorithm enhances the attack detection rate by 33%compared to conventional methods.
基金supported in part by the National Natural Science Foundation of China(61933007,62273087,62273088,U21A2019)the Shanghai Pujiang Program of China(22PJ1400400)+2 种基金the Hainan Province Science and Technology Special Fund of China(ZDYF2022SHFZ105)the Royal Society of U.K.the Alexander von Humboldt Foundation of Germany
文摘In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are quantized before transmission.A specific type of perfect stealthy attack, which meets certain rather stringent conditions, is taken into account. Such attacks could be injected by adversaries into both the sensor-toestimator and controller-to-actuator channels, with the aim of disrupting the normal data flow. For the purpose of defending against these perfect stealthy attacks, a novel scheme based on watermarks is developed. This scheme includes the injection of watermarks(applied to data prior to quantization) and the recovery of data(implemented before the data reaches the estimator).The watermark-based scheme is designed to be both timevarying and hidden from adversaries through incorporating a time-varying and bounded watermark signal. Subsequently, a watermark-based attack detection strategy is proposed which thoroughly considers the characteristics of perfect stealthy attacks,thereby ensuring that an alarm is activated upon the occurrence of such attacks. An example is provided to demonstrate the efficacy of the proposed mechanism for detecting attacks.
基金supported by the National Natural Science Foundation of China(NSFC)under grant No.62371187the Hunan Provincial Natural Science Foundation of China under Grant Nos.2024JJ8309 and 2023JJ50495.
文摘The integration of cloud computing into traditional industrial control systems is accelerating the evolution of Industrial Cyber-Physical System(ICPS),enhancing intelligence and autonomy.However,this transition also expands the attack surface,introducing critical security vulnerabilities.To address these challenges,this article proposes a hybrid intrusion detection scheme for securing ICPSs that combines system state anomaly and network traffic anomaly detection.Specifically,an improved variation-Bayesian-based noise covariance-adaptive nonlinear Kalman filtering(IVB-NCA-NLKF)method is developed to model nonlinear system dynamics,enabling optimal state estimation in multi-sensor ICPS environments.Intrusions within the physical sensing system are identified by analyzing residual discrepancies between predicted and observed system states.Simultaneously,an adaptive network traffic anomaly detection mechanism is introduced,leveraging learned traffic patterns to detect node-and network-level anomalies through pattern matching.Extensive experiments on a simulated network control system demonstrate that the proposed framework achieves higher detection accuracy(92.14%)with a reduced false alarm rate(0.81%).Moreover,it not only detects known attacks and vulnerabilities but also uncovers stealthy attacks that induce system state deviations,providing a robust and comprehensive security solution for the safety protection of ICPS.
基金supported by the National Natural Science Foundation of China(52332011).
文摘Cyber-physical systems(CPSs)are increasingly vulnerable to cyber-attacks due to their integral connection between cyberspace and the physical world,which is augmented by Internet connectivity.This vulnerability necessitates a heightened focus on developing resilient control mechanisms for CPSs.However,current observer-based active compensation resilient controllers exhibit poor performance against stealthy deception attacks(SDAs)due to the difficulty in accurately reconstructing system states because of the stealthy nature of these attacks.Moreover,some non-active compensation approaches are insufficient when there is a complete loss of actuator control authority.To address these issues,we introduce a novel learning-based passive resilient controller(LPRC).Our approach,unlike observer-based state reconstruction,shows enhanced effectiveness in countering SDAs.We developed a safety state set,represented by an ellipsoid,to ensure CPS stability under SDA conditions,maintaining system trajectories within this set.Additionally,by employing deep reinforcement learning(DRL),the LPRC acquires the capacity to adapt and diverse evolving attack strategies.To empirically substantiate our methodology,various attack methods were compared with current passive and active compensation resilient control methods to evaluate their performance.
基金supported by State Administration of Science,Technology and Industry for National Defense,China(No.1000-GEAC0001)
文摘Abstract Performance optimization of cyber-physical systems (CPS) calls for co-design strategies that handle the issues in both computing domain and physical domain. Periods of controller tasks integrated into a uniprocessor system are related to both control performance and real-time schedu- lability analysis simultaneously. System performance improvement can be achieved by optimizing the periods of controller tasks. This paper extends an existing model to select task periods in real-time for CPS with fixed priority controller tasks scheduled by rate-monotonic algorithm. When all the tasks can be integrated, the analytic solution of the problem is derived by using the method of Lagrange multipliers and gradient descent method is evaluated to be suitable online. To further deal with the condition that the system is overloaded, an integrated method is proposed to select periods of tasks online by selecting a subset of tasks first and then optimizing the periods for them. Experimental results demonstrate that our method yields near-optimal result with a short running time.
文摘With the booming of cyber attacks and cyber criminals against cyber-physical systems(CPSs),detecting these attacks remains challenging.It might be the worst of times,but it might be the best of times because of opportunities brought by machine learning(ML),in particular deep learning(DL).In general,DL delivers superior performance to ML because of its layered setting and its effective algorithm for extract useful information from training data.DL models are adopted quickly to cyber attacks against CPS systems.In this survey,a holistic view of recently proposed DL solutions is provided to cyber attack detection in the CPS context.A six-step DL driven methodology is provided to summarize and analyze the surveyed literature for applying DL methods to detect cyber attacks against CPS systems.The methodology includes CPS scenario analysis,cyber attack identification,ML problem formulation,DL model customization,data acquisition for training,and performance evaluation.The reviewed works indicate great potential to detect cyber attacks against CPS through DL modules.Moreover,excellent performance is achieved partly because of several highquality datasets that are readily available for public use.Furthermore,challenges,opportunities,and research trends are pointed out for future research.
基金This work was supported in part by the Natural Science Foundation of China (Nos. 61321002, 61120106010, 61522303, U1509215), the Program for New Century Excellent Talents in University (No. NCET-13-0045), and the Beijing Higher Education Young Elite Teacher Project.
文摘Cyber-physical systems (CPSs) are integrations of computation, communication, control and physical processes. Typical examples where CPSs are deployed include smart grids, civil infrastructure, medical devices and manufacturing. Security is one of the most important issues that should be investigated in CPSs and hence has received much attention in recent years. This paper surveys recent results in this area and mainly focusses on three important categories: attack detection, attack design and secure estimation and control. We also discuss several future research directions including risk assessment, modeling of attacks and attacks design, counter-attack strategy and testbed and validation.
文摘With the concepts of Industry 4.0 and smart manufacturing gaining popularity,there is a growing notion that conventional manufacturing will witness a transition toward a new paradigm,targeting innovation,automation,better response to customer needs,and intelligent systems.Within this context,this review focuses on the concept of cyber–physical production system(CPPS)and presents a holistic perspective on the role of the CPPS in three key and essential drivers of this transformation:data-driven manufacturing,decentralized manufacturing,and integrated blockchains for data security.The paper aims to connect these three aspects of smart manufacturing and proposes that through the application of data-driven modeling,CPPS will aid in transforming manufacturing to become more intuitive and automated.In turn,automated manufacturing will pave the way for the decentralization of manufacturing.Layering blockchain technologies on top of CPPS will ensure the reliability and security of data sharing and integration across decentralized systems.Each of these claims is supported by relevant case studies recently published in the literature and from the industry;a brief on existing challenges and the way forward is also provided.
文摘The concept of sharing of personal health data over cloud storage in a healthcare-cyber physical system has become popular in recent times as it improves access quality.The privacy of health data can only be preserved by keeping it in an encrypted form,but it affects usability and flexibility in terms of effective search.Attribute-based searchable encryption(ABSE)has proven its worth by providing fine-grained searching capabilities in the shared cloud storage.However,it is not practical to apply this scheme to the devices with limited resources and storage capacity because a typical ABSE involves serious computations.In a healthcare cloud-based cyber-physical system(CCPS),the data is often collected by resource-constraint devices;therefore,here also,we cannot directly apply ABSE schemes.In the proposed work,the inherent computational cost of the ABSE scheme is managed by executing the computationally intensive tasks of a typical ABSE scheme on the blockchain network.Thus,it makes the proposed scheme suitable for online storage and retrieval of personal health data in a typical CCPS.With the assistance of blockchain technology,the proposed scheme offers two main benefits.First,it is free from a trusted authority,which makes it genuinely decentralized and free from a single point of failure.Second,it is computationally efficient because the computational load is now distributed among the consensus nodes in the blockchain network.Specifically,the task of initializing the system,which is considered the most computationally intensive,and the task of partial search token generation,which is considered as the most frequent operation,is now the responsibility of the consensus nodes.This eliminates the need of the trusted authority and reduces the burden of data users,respectively.Further,in comparison to existing decentralized fine-grained searchable encryption schemes,the proposed scheme has achieved a significant reduction in storage and computational cost for the secret key associated with users.It has been verified both theoretically and practically in the performance analysis section.
基金supported by Natural Science Foundation of China(Nos.61272204 and 61433006)the Fundamental Research Funds for the Central Universities,China(No.2013ZZGH006)
文摘Cyber-physical systems(CPSs) are integrations of networks, computation and physical processes, where embedded computing devices continually sense, monitor, and control the physical processes through networks. Networked industrial processes combining internet, real-time computer control systems and industrial processes together are typical CPSs. With the increasingly frequent cyber-attack, security issues have gradually become key problems for CPSs. In this paper, a cyber-physical system security protection approach for networked industrial processes, i.e., industrial CPSs, is proposed. In this approach, attacks are handled layer by layer from general information technology(IT) security protection, to active protection, then to intrusion tolerance and physical security protection. The intrusion tolerance implemented in real-time control systems is the most critical layer because the real time control system directly affects the physical layer. This novel intrusion tolerance scheme with a closed loop defense framework takes into account the special requirements of industrial CPSs. To illustrate the effectiveness of the CPS security protection approach, a networked water level control system is described as a case study in the architecture analysis and design language(AADL) environment. Simulation results show that 3 types of injected attacks can be quickly defended by using the proposed protection approach.
基金the National Natural Science Foundation of China(61873057)the Education Department of Jilin Province(JJKH20200118KJ).
文摘This study considers the performance impacts of false data injection attacks on the cascading failures of a power cyber-physical system,and identifies vulnerable nodes.First,considering the monitoring and control functions of a cyber network and power flow characteristics of a power network,a power cyber-physical system model is established.Then,the influences of a false data attack on the decision-making and control processes of the cyber network communication processes are studied,and a cascading failure analysis process is proposed for the cyber-attack environment.In addition,a vulnerability evaluation index is defined from two perspectives,i.e.,the topology integrity and power network operation characteristics.Moreover,the effectiveness of a power flow betweenness assessment for vulnerable nodes in the cyberphysical environment is verified based on comparing the node power flow betweenness and vulnerability assessment index.Finally,an IEEE14-bus power network is selected for constructing a power cyber-physical system.Simulations show that both the uplink communication channel and downlink communication channel suffer from false data attacks,which affect the ability of the cyber network to suppress the propagation of cascading failures,and expand the scale of the cascading failures.The vulnerability evaluation index is calculated for each node,so as to verify the effectiveness of identifying vulnerable nodes based on the power flow betweenness.
文摘The emerging prototype for a Smart City is one of an urban environment with a new generation of inno- vative services for transportation, energy distribution, healthcare, environmental monitoring, business, commerce, emergency response, and social activities. Enabling the technology for such a setting re- quires a viewpoint of Smart Cities as cyber-physical systems (CPSs) that include new software platforms and strict requirements for mobility, security, safety, privacy, and the processing of massive amounts of information. This paper identifies some key defining characteristics of a Smart City, discusses some lessons learned from viewing them as CPSs, and outlines some fundamental research issues that remain largely open.
文摘Considered as a top priority of industrial devel- opment, Industry 4.0 (or Industrie 4.0 as the German ver- sion) has being highlighted as the pursuit of both academy and practice in companies. In this paper, based on the review of state of art and also the state of practice in dif- ferent countries, shortcomings have been revealed as the lacking of applicable framework for the implementation of Industrie 4.0. Therefore, in order to shed some light on the knowledge of the details, a reference architecture is developed, where four perspectives namely manufacturing process, devices, software and engineering have been highlighted. Moreover, with a view on the importance of Cyber-Physical systems, the structure of Cyber-Physical System are established for the in-depth analysis. Further cases with the usage of Cyber-Physical System are also arranged, which attempts to provide some implications to match the theoretical findings together with the experience of companies. In general, results of this paper could be useful for the extending on the theoretical understanding of Industrie 4.0. Additionally, applied framework and proto- types based on the usage of Cyber-Physical Systems are also potential to help companies to design the layout of sensor nets, to achieve coordination and controlling of smart machines, to realize synchronous production with systematic structure, and to extend the usage of information and communication technologies to the maintenance scheduling.
文摘In today's modern electric vehicles,enhancing the safety-critical cyber-physical system(CPS)'s performance is necessary for the safe maneuverability of the vehicle.As a typical CPS,the braking system is crucial for the vehicle design and safe control.However,precise state estimation of the brake pressure is desired to perform safe driving with a high degree of autonomy.In this paper,a sensorless state estimation technique of the vehicle's brake pressure is developed using a deep-learning approach.A deep neural network(DNN)is structured and trained using deep-learning training techniques,such as,dropout and rectified units.These techniques are utilized to obtain more accurate model for brake pressure state estimation applications.The proposed model is trained using real experimental training data which were collected via conducting real vehicle testing.The vehicle was attached to a chassis dynamometer while the brake pressure data were collected under random driving cycles.Based on these experimental data,the DNN is trained and the performance of the proposed state estimation approach is validated accordingly.The results demonstrate high-accuracy brake pressure state estimation with RMSE of 0.048 MPa.
基金supported in part by the National Natural Science Foundation of China(62173068,61803074,61703245,61973102,U2030205,61903065,61671109,U1830207,U1830133)the China Postdoctoral Science Foundation(2018M643441,2017M623005)+1 种基金the Royal Society of UKthe Alexander von Humboldt Foundation of Germany。
文摘In this paper,a new filtering fusion problem is studied for nonlinear cyber-physical systems under errorvariance constraints and denial-of-service attacks.To prevent data collision and reduce communication cost,the stochastic communication protocol is adopted in the sensor-to-filter channels to regulate the transmission order of sensors.Each sensor is allowed to enter the network according to the transmission priority decided by a set of independent and identicallydistributed random variables.From the defenders’view,the occurrence of the denial-of-service attack is governed by the randomly Bernoulli-distributed sequence.At the local filtering stage,a set of variance-constrained local filters are designed where the upper bounds(on the filtering error covariances)are first acquired and later minimized by appropriately designing filter parameters.At the fusion stage,all local estimates and error covariances are combined to develop a variance-constrained fusion estimator under the federated fusion rule.Furthermore,the performance of the fusion estimator is examined by studying the boundedness of the fused error covariance.A simulation example is finally presented to demonstrate the effectiveness of the proposed fusion estimator.
