Terminals and their access represent a vulnerable aspect in the security framework of 5G-railway(5G-R)system.To enhance the control of 5G-R terminals and their access to applications,this paper analyzes the applicatio...Terminals and their access represent a vulnerable aspect in the security framework of 5G-railway(5G-R)system.To enhance the control of 5G-R terminals and their access to applications,this paper analyzes the application scenarios,operational modes,services supported by 5G-R terminals,and the data paths between these terminals and the connected railway application service systems.Further analysis concentrates on the security risks posed by the characteristics of intelligent 5G-R handheld terminals,lightweight Internet of Things(IoT)communication terminals,and onboard integrated wireless transmission equipment with public-private convergence.In light of the risks above,this paper presents the terminal security control requirements.Furthermore,based on the planned architecture of the 5G-R system and security technologies such as terminal identity authentication and behavior auditing,the paper proposes a solution package for the 5G-R terminal security control system,including the overall architecture,functional implementation,and interface configuration.These solutions aim to achieve unified control over the admission and access of 5G-R handheld terminals,IoT communication terminals,and onboard integrated wireless communication equipment to railway application systems.Additionally,they enable the security control and analysis of terminal behaviors and application data,facilitate the security management of terminals,and ensure the secure release,download,and installation of mobile applications.展开更多
Cyber-physical systems(CPSs)are regarded as the backbone of the fourth industrial revolution,in which communication,physical processes,and computer technology are integrated.In modern industrial systems,CPSs are widel...Cyber-physical systems(CPSs)are regarded as the backbone of the fourth industrial revolution,in which communication,physical processes,and computer technology are integrated.In modern industrial systems,CPSs are widely utilized across various domains,such as smart grids,smart healthcare systems,smart vehicles,and smart manufacturing,among others.Due to their unique spatial distribution,CPSs are highly vulnerable to cyber-attacks,which may result in severe performance degradation and even system instability.Consequently,the security concerns of CPSs have attracted significant attention in recent years.In this paper,a comprehensive survey on the security issues of CPSs under cyber-attacks is provided.Firstly,mathematical descriptions of various types of cyberattacks are introduced in detail.Secondly,two types of secure estimation and control processing schemes,including robust methods and active methods,are reviewed.Thirdly,research findings related to secure control and estimation problems for different types of CPSs are summarized.Finally,the survey is concluded by outlining the challenges and suggesting potential research directions for the future.展开更多
Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the...Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.展开更多
In the distributed security control for air-sea heterogeneous multiagent systems(HMASs)with cooperative-antagonistic interactions,data security and transient-steady state performance of the system are two key problems...In the distributed security control for air-sea heterogeneous multiagent systems(HMASs)with cooperative-antagonistic interactions,data security and transient-steady state performance of the system are two key problems.To ensure data security,an intermittent privacy preservation(IPP)mechanism is proposed for the first time.A novel setting time initial mask function and a novel intermittent mask function are constructed.Users can implement intermittent preservation for the system according to actual requirements,which solves the irreversibility problem after conventional mask disappears and balances control accuracy and system security.To ensure transient-steady state performance,a novel error transformation function(ETF)is proposed and integrated into the predefined-time prescribed performance control strategy.Compared to conventional hyperbolic tangent type ETFs,the proposed ETF can improve the convergence accuracy of errors under the same conditions.Furthermore,a unified model of the air-sea HMASs is established,which improves the model accuracy compared with the simplified model.Finally,the proposed IPP security control strategy is applied to the air-sea delivery mission to verify its feasibility and effectiveness.展开更多
This paper introduces the Integrated Security Embedded Resilience Architecture (ISERA) as an advanced resilience mechanism for Industrial Control Systems (ICS) and Operational Technology (OT) environments. The ISERA f...This paper introduces the Integrated Security Embedded Resilience Architecture (ISERA) as an advanced resilience mechanism for Industrial Control Systems (ICS) and Operational Technology (OT) environments. The ISERA framework integrates security by design principles, micro-segmentation, and Island Mode Operation (IMO) to enhance cyber resilience and ensure continuous, secure operations. The methodology deploys a Forward-Thinking Architecture Strategy (FTAS) algorithm, which utilises an industrial Intrusion Detection System (IDS) implemented with Python’s Network Intrusion Detection System (NIDS) library. The FTAS algorithm successfully identified and responded to cyber-attacks, ensuring minimal system disruption. ISERA has been validated through comprehensive testing scenarios simulating Denial of Service (DoS) attacks and malware intrusions, at both the IT and OT layers where it successfully mitigates the impact of malicious activity. Results demonstrate ISERA’s efficacy in real-time threat detection, containment, and incident response, thus ensuring the integrity and reliability of critical infrastructure systems. ISERA’s decentralised approach contributes to global net zero goals by optimising resource use and minimising environmental impact. By adopting a decentralised control architecture and leveraging virtualisation, ISERA significantly enhances the cyber resilience and sustainability of critical infrastructure systems. This approach not only strengthens defences against evolving cyber threats but also optimises resource allocation, reducing the system’s carbon footprint. As a result, ISERA ensures the uninterrupted operation of essential services while contributing to broader net zero goals.展开更多
This paper explores the issue of secure synchronization control in piecewise-homogeneous Markovian jump delay neural networks affected by denial-of-service(DoS)attacks.Initially,a novel memory-based adaptive event-tri...This paper explores the issue of secure synchronization control in piecewise-homogeneous Markovian jump delay neural networks affected by denial-of-service(DoS)attacks.Initially,a novel memory-based adaptive event-triggered mechanism(MBAETM)is designed based on sequential growth rates,focusing on event-triggered conditions and thresholds.Subsequently,from the perspective of defenders,non-periodic DoS attacks are re-characterized,and a model of irregular DoS attacks with cyclic fluctuations within time series is further introduced to enhance the system's defense capabilities more effectively.Additionally,considering the unified demands of network security and communication efficiency,a resilient memory-based adaptive event-triggered mechanism(RMBAETM)is proposed.A unified Lyapunov-Krasovskii functional is then constructed,incorporating a loop functional to thoroughly consider information at trigger moments.The master-slave system achieves synchronization through the application of linear matrix inequality techniques.Finally,the proposed methods'effectiveness and superiority are confirmed through four numerical simulation examples.展开更多
Coupling between electricity systems and heating systems are becoming stronger,leading to more flexible and more complex interactions between these systems.The operation of integrated energy systems is greatly affecte...Coupling between electricity systems and heating systems are becoming stronger,leading to more flexible and more complex interactions between these systems.The operation of integrated energy systems is greatly affected,especially when security is concerned.Steady-state analysis methods have been widely studied in recent research,which is far from enough when the slow thermal dynamics of heating networks are introduced.Therefore,an integrated quasi-dynamic model of integrated electricity and heating systems is developed.The model combines a heating network dynamic thermal model and the sequential steady-state models of electricity networks,coupling components,and heating network hydraulics.Based on this model,a simulation method is proposed and quasi-dynamic interactions between electricity systems and heating systems are quantified with the highlights of transport delay.Then the quasi-dynamic interactions were applied using security control to relieve congestion in electricity systems.Results show that both the transport delay and control strategies have significant influences on the quasi-dynamic interactions.展开更多
Complex cyber-physical network refers to a new generatio~ of complex networks whose normal functioning significantly relies on tight interactions between its physical and cyber compo- nents. Many modern critical infra...Complex cyber-physical network refers to a new generatio~ of complex networks whose normal functioning significantly relies on tight interactions between its physical and cyber compo- nents. Many modern critical infrastructures can be appropriately modelled as complex cyber-physical networks. Typical examples of such infrastructures are electrical power grids, WWW, public trans- portation systems, state financial networks, and the Interact. These critical facilities play important roles in ensuring the stability of society as well as the development of economy. Advances in informa- tion and communication technology open opportunities for malicious attackers to launch coordinated attacks on cyber-physical critical facilities in networked infrastructures from any Interact-accessible place. Cybersecurity of complex cyber-physical networks has emerged as a hot topic within this con- text. In practice, it is also very crucial to understand the interplay between the evolution of underlying network structures and the collective dynamics on these complex networks and consequently to design efficient security control strategies to protect the evolution of these networks. In this paper, cybersecu- rity of complex cyber-physical networks is first outlined and then some security enhancing techniques, with particular emphasis on safety communications, attack detection and fault-tolerant control, are suggested. Furthermore, a new class of efficient secure the achievement of desirable pinning synchronization control strategies are proposed for guaranteeing behaviors in complex cyber-physical networks against malicious attacks on nodes. The authors hope that this paper motivates to design enhanced security strategies for complex cyber-physical network systems, to realize resilient and secure critical infrastructures.展开更多
Security and stability control system(SSCS)in power systems involves collecting information and sending the decision from/to control stations at different layers;the tree structure of the SSCS requires more levels.Fai...Security and stability control system(SSCS)in power systems involves collecting information and sending the decision from/to control stations at different layers;the tree structure of the SSCS requires more levels.Failure of a station or channel can cause all the execution stations(EXs)to be out of control.The randomness of the controllable capacity of the EXs increases the difficulty of the reliability evaluation of the SSCS.In this study,the loop designed SSCS and reliability analysis are examined for the interconnected systems.The uncertainty analysis of the controllable capacity based on the evidence theory for the SSCS is proposed.The bidirectional and loop channels are introduced to reduce the layers and stations of the existing SSCS with tree configuration.The reliability evaluation and sensitivity analysis are proposed to quantify the controllability and vulnerable components for the SSCS in different configurations.By aiming at the randomness of the controllable capacity of the EXs,the uncertainty analysis of the controllable capacity of the SSCS based on the evidence theory is proposed to quantify the probability of the SSCS for balancing the active power deficiency of the grid.展开更多
In this paper,we investigate and analyze the network security risks faced by 5G private industrial networks.Based on current network security architecture and 3GPP requirements and considering the actual application o...In this paper,we investigate and analyze the network security risks faced by 5G private industrial networks.Based on current network security architecture and 3GPP requirements and considering the actual application of 5G private industrial networks,a comparative analysis is used to plan and design a private network security construction scheme.The network security construction model,network organization,and key processes of 5G private industrial networks at the current stage are investigated.In addition,the key direction for the next stage of construction is discussed.展开更多
The Internet plays increasingly important roles in everyone's life; however, the existence of a mismatch between the basic architectural idea beneath the Internet and the emerging requirements for it is becoming m...The Internet plays increasingly important roles in everyone's life; however, the existence of a mismatch between the basic architectural idea beneath the Internet and the emerging requirements for it is becoming more and more obvious. Although the Internet community came up with a consensus that the future network should be trustworthy, the concept of 'trustworthy networks' and the ways leading us to a trustworthy network are not yet clear. This research insists that the security, controllability, manageability, and survivability should be basic properties of a trustworthy network. The key ideas and techniques involved in these properties are studied, and recent developments and progresses are surveyed. At the same time, the technical trends and challenges are briefly discussed. The network trustworthiness could and should be eventually achieved.展开更多
This paper investigates the adaptive neural network(NN)event-triggered secure formation control problem for nonholonomic mobile robots(NMRs)subject to deception attacks.The NNs are employed to approximate unknown nonl...This paper investigates the adaptive neural network(NN)event-triggered secure formation control problem for nonholonomic mobile robots(NMRs)subject to deception attacks.The NNs are employed to approximate unknown nonlinear functions in robotic dynamics.Since the transmission channel from sensor-to-controller is vulnerable to deception attacks,a NN estimation technique is introduced to estimate the unknown deception attacks.In order to alleviate the amount of communication between controller-and-actuator,an event-triggered mechanism with relative threshold strategy is established.Then,an adaptive NN event-triggered secure formation control method is proposed.It is proved that all closed-loop signals of controlled systems are bounded and the formation tracking errors converge a neighborhood of the origin in the presence of deception attacks.The comparative simulations illustrate the effectiveness of the proposed secure formation control scheme.展开更多
Networked control systems are spatially distributed systems in which the communication between sensors, actuators,and controllers occurs through a shared band-limited digital communication network. Several advantages ...Networked control systems are spatially distributed systems in which the communication between sensors, actuators,and controllers occurs through a shared band-limited digital communication network. Several advantages of the network architectures include reduced system wiring, plug and play devices,increased system agility, and ease of system diagnosis and maintenance. Consequently, networked control is the current trend for industrial automation and has ever-increasing applications in a wide range of areas, such as smart grids, manufacturing systems,process control, automobiles, automated highway systems, and unmanned aerial vehicles. The modelling, analysis, and control of networked control systems have received considerable attention in the last two decades. The ‘control over networks’ is one of the key research directions for networked control systems. This paper aims at presenting a survey of trends and techniques in networked control systems from the perspective of ‘control over networks’, providing a snapshot of five control issues: sampled-data control, quantization control, networked control, event-triggered control, and security control. Some challenging issues are suggested to direct the future research.展开更多
Controller vulnerabilities allow malicious actors to disrupt or hijack the Software-Defined Networking. Traditionally, it is static mappings between the control plane and data plane. Adversaries have plenty of time to...Controller vulnerabilities allow malicious actors to disrupt or hijack the Software-Defined Networking. Traditionally, it is static mappings between the control plane and data plane. Adversaries have plenty of time to exploit the controller's vulnerabilities and launch attacks wisely. We tend to believe that dynamically altering such static mappings is a promising approach to alleviate this issue, since a moving target is difficult to be compromised even by skilled adversaries. It is critical to determine the right time to conduct scheduling and to balance the overhead afforded and the security levels guaranteed. Little previous work has been done to investigate the economical time in dynamic-scheduling controllers. In this paper, we take the first step to both theoretically and experimentally study the scheduling-timing problem in dynamic control plane. We model this problem as a renewal reward process and propose an optimal algorithm in deciding the right time to schedule with the objective of minimizing the long-term loss rate. In our experiments, simulations based on real network attack datasets are conducted and we demonstrate that our proposed algorithm outperforms given scheduling schemes.展开更多
There are many safety risks and hidden dangers in petrochemical plants during overhaul. If they are not properly controlled, it is easy to cause significant loss of personnel and property. This paper takes the ethylen...There are many safety risks and hidden dangers in petrochemical plants during overhaul. If they are not properly controlled, it is easy to cause significant loss of personnel and property. This paper takes the ethylene plant of China and South Korea Petrochemical Oefin Department as an example, lists the HSSE risks existing in the overhaul of the plant in 2020, and makes a summary and inventory of the relevant control measures and innovations adopted.展开更多
In the process of building construction, quality and safety management is its foundation, and it is also a necessary prerequisite to ensure the stability and safety of the project after it is put into use. Therefore, ...In the process of building construction, quality and safety management is its foundation, and it is also a necessary prerequisite to ensure the stability and safety of the project after it is put into use. Therefore, it is necessary to objectively analyze many existing problems, put forward targeted solutions, strengthen the management and control of material quality, improve the comprehensive quality and safety awareness of construction personnel, strictly follow the existing standardized procedures and standards, and improve the existing quality and safety management system to ensure the overall construction quality and safety of housing construction projects.展开更多
Cyber-physical systems (CPSs) are integrations of computation, communication, control and physical processes. Typical examples where CPSs are deployed include smart grids, civil infrastructure, medical devices and m...Cyber-physical systems (CPSs) are integrations of computation, communication, control and physical processes. Typical examples where CPSs are deployed include smart grids, civil infrastructure, medical devices and manufacturing. Security is one of the most important issues that should be investigated in CPSs and hence has received much attention in recent years. This paper surveys recent results in this area and mainly focusses on three important categories: attack detection, attack design and secure estimation and control. We also discuss several future research directions including risk assessment, modeling of attacks and attacks design, counter-attack strategy and testbed and validation.展开更多
Security issues and lnternet of Things (loT) become indispensable part in digital community as loT develops with the pervasive introduction of additional "smart" sensors and devices over the last decades, and it n...Security issues and lnternet of Things (loT) become indispensable part in digital community as loT develops with the pervasive introduction of additional "smart" sensors and devices over the last decades, and it necessitates the implementation of information security principle in digital community system. A three-level criticality model to determine the potential impact is proposed in digital community system when various devices lost in this paper. Combining the actual security requirement of digital community and characteristics of loT, a hierarchical security architecture including defense-in-deep cybersecurity and distribute secure control is proposed. A high-assurance trust model, which assumes insider compromise, which exists in the digital community, is finally proposed according to the security issues analysis.展开更多
We present a controlled secure quantum dialogue protocol using a non-maximally (pure) entangled Greenberger-Horne-Zeibinger (GHZ) states at first, and then discuss the requirements for a real quantum dialogue. We ...We present a controlled secure quantum dialogue protocol using a non-maximally (pure) entangled Greenberger-Horne-Zeibinger (GHZ) states at first, and then discuss the requirements for a real quantum dialogue. We show that the authorized two users can exchange their secret messages after purifying the non-maximally entangled GHZ states quantum channel unconditionally securely and simultaneously under the control of a third party.展开更多
In this paper,we first re-examine the previous protocol of controlled quantum secure direct communication of Zhang et al.’s scheme,which was found insecure under two kinds of attacks,fake entangled particles attack a...In this paper,we first re-examine the previous protocol of controlled quantum secure direct communication of Zhang et al.’s scheme,which was found insecure under two kinds of attacks,fake entangled particles attack and disentanglement attack.Then,by changing the party of the preparation of cluster states and using unitary operations,we present an improved protocol which can avoid these two kinds of attacks.Moreover,the protocol is proposed using the three-qubit partially entangled set of states.It is more efficient by only using three particles rather than four or even more to transmit one bit secret information.Given our using state is much easier to prepare for multiqubit states and our protocol needs less measurement resource,it makes this protocol more convenient from an applied point of view.展开更多
文摘Terminals and their access represent a vulnerable aspect in the security framework of 5G-railway(5G-R)system.To enhance the control of 5G-R terminals and their access to applications,this paper analyzes the application scenarios,operational modes,services supported by 5G-R terminals,and the data paths between these terminals and the connected railway application service systems.Further analysis concentrates on the security risks posed by the characteristics of intelligent 5G-R handheld terminals,lightweight Internet of Things(IoT)communication terminals,and onboard integrated wireless transmission equipment with public-private convergence.In light of the risks above,this paper presents the terminal security control requirements.Furthermore,based on the planned architecture of the 5G-R system and security technologies such as terminal identity authentication and behavior auditing,the paper proposes a solution package for the 5G-R terminal security control system,including the overall architecture,functional implementation,and interface configuration.These solutions aim to achieve unified control over the admission and access of 5G-R handheld terminals,IoT communication terminals,and onboard integrated wireless communication equipment to railway application systems.Additionally,they enable the security control and analysis of terminal behaviors and application data,facilitate the security management of terminals,and ensure the secure release,download,and installation of mobile applications.
文摘Cyber-physical systems(CPSs)are regarded as the backbone of the fourth industrial revolution,in which communication,physical processes,and computer technology are integrated.In modern industrial systems,CPSs are widely utilized across various domains,such as smart grids,smart healthcare systems,smart vehicles,and smart manufacturing,among others.Due to their unique spatial distribution,CPSs are highly vulnerable to cyber-attacks,which may result in severe performance degradation and even system instability.Consequently,the security concerns of CPSs have attracted significant attention in recent years.In this paper,a comprehensive survey on the security issues of CPSs under cyber-attacks is provided.Firstly,mathematical descriptions of various types of cyberattacks are introduced in detail.Secondly,two types of secure estimation and control processing schemes,including robust methods and active methods,are reviewed.Thirdly,research findings related to secure control and estimation problems for different types of CPSs are summarized.Finally,the survey is concluded by outlining the challenges and suggesting potential research directions for the future.
文摘Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.
基金partially supported by the National Natural Science Foundation of China(Grant No.62322307)the Sichuan Science and Technology Program(Grant No.2023NSFSC1968)+1 种基金the Basic Research Project of the Educational Department of Liaoning Province(Grant No.LJ232410167028)the Revitalization of Liaoning Talents Program(Grant No.XLYC2203201)。
文摘In the distributed security control for air-sea heterogeneous multiagent systems(HMASs)with cooperative-antagonistic interactions,data security and transient-steady state performance of the system are two key problems.To ensure data security,an intermittent privacy preservation(IPP)mechanism is proposed for the first time.A novel setting time initial mask function and a novel intermittent mask function are constructed.Users can implement intermittent preservation for the system according to actual requirements,which solves the irreversibility problem after conventional mask disappears and balances control accuracy and system security.To ensure transient-steady state performance,a novel error transformation function(ETF)is proposed and integrated into the predefined-time prescribed performance control strategy.Compared to conventional hyperbolic tangent type ETFs,the proposed ETF can improve the convergence accuracy of errors under the same conditions.Furthermore,a unified model of the air-sea HMASs is established,which improves the model accuracy compared with the simplified model.Finally,the proposed IPP security control strategy is applied to the air-sea delivery mission to verify its feasibility and effectiveness.
基金funded by the Office of Gas and Electricity Markets(Ofgem)and supported by De Montfort University(DMU)and Nottingham Trent University(NTU),UK.
文摘This paper introduces the Integrated Security Embedded Resilience Architecture (ISERA) as an advanced resilience mechanism for Industrial Control Systems (ICS) and Operational Technology (OT) environments. The ISERA framework integrates security by design principles, micro-segmentation, and Island Mode Operation (IMO) to enhance cyber resilience and ensure continuous, secure operations. The methodology deploys a Forward-Thinking Architecture Strategy (FTAS) algorithm, which utilises an industrial Intrusion Detection System (IDS) implemented with Python’s Network Intrusion Detection System (NIDS) library. The FTAS algorithm successfully identified and responded to cyber-attacks, ensuring minimal system disruption. ISERA has been validated through comprehensive testing scenarios simulating Denial of Service (DoS) attacks and malware intrusions, at both the IT and OT layers where it successfully mitigates the impact of malicious activity. Results demonstrate ISERA’s efficacy in real-time threat detection, containment, and incident response, thus ensuring the integrity and reliability of critical infrastructure systems. ISERA’s decentralised approach contributes to global net zero goals by optimising resource use and minimising environmental impact. By adopting a decentralised control architecture and leveraging virtualisation, ISERA significantly enhances the cyber resilience and sustainability of critical infrastructure systems. This approach not only strengthens defences against evolving cyber threats but also optimises resource allocation, reducing the system’s carbon footprint. As a result, ISERA ensures the uninterrupted operation of essential services while contributing to broader net zero goals.
文摘This paper explores the issue of secure synchronization control in piecewise-homogeneous Markovian jump delay neural networks affected by denial-of-service(DoS)attacks.Initially,a novel memory-based adaptive event-triggered mechanism(MBAETM)is designed based on sequential growth rates,focusing on event-triggered conditions and thresholds.Subsequently,from the perspective of defenders,non-periodic DoS attacks are re-characterized,and a model of irregular DoS attacks with cyclic fluctuations within time series is further introduced to enhance the system's defense capabilities more effectively.Additionally,considering the unified demands of network security and communication efficiency,a resilient memory-based adaptive event-triggered mechanism(RMBAETM)is proposed.A unified Lyapunov-Krasovskii functional is then constructed,incorporating a loop functional to thoroughly consider information at trigger moments.The master-slave system achieves synchronization through the application of linear matrix inequality techniques.Finally,the proposed methods'effectiveness and superiority are confirmed through four numerical simulation examples.
基金This work was supported in part by the National Natural Science Foundation of China(NSFC)(51537006)European Union’s Horizon 2020 research and innovation programme(774309,MAGNATUDE),WEFO FLEXIS project.
文摘Coupling between electricity systems and heating systems are becoming stronger,leading to more flexible and more complex interactions between these systems.The operation of integrated energy systems is greatly affected,especially when security is concerned.Steady-state analysis methods have been widely studied in recent research,which is far from enough when the slow thermal dynamics of heating networks are introduced.Therefore,an integrated quasi-dynamic model of integrated electricity and heating systems is developed.The model combines a heating network dynamic thermal model and the sequential steady-state models of electricity networks,coupling components,and heating network hydraulics.Based on this model,a simulation method is proposed and quasi-dynamic interactions between electricity systems and heating systems are quantified with the highlights of transport delay.Then the quasi-dynamic interactions were applied using security control to relieve congestion in electricity systems.Results show that both the transport delay and control strategies have significant influences on the quasi-dynamic interactions.
基金supported by the National Key Research and Development Program of China under Grant No.2016YFB0800401the National Nature Science Foundation of China under Grant Nos.61304168,61673104,and 61322302+3 种基金the Natural Science Foundation of Jiangsu Province of China under Grant No.BK20130595the National Ten Thousand Talent Program for Young Top-Notch Talents,the Six Talent Peaks of Jiangsu Province of China under Grant No.2014-DZXX-004the Doctoral Program of Higher Education of China under Grant No.20130092120030the Fundamental Research Funds for the Central Universities of China under Grant No.2242016K41030
文摘Complex cyber-physical network refers to a new generatio~ of complex networks whose normal functioning significantly relies on tight interactions between its physical and cyber compo- nents. Many modern critical infrastructures can be appropriately modelled as complex cyber-physical networks. Typical examples of such infrastructures are electrical power grids, WWW, public trans- portation systems, state financial networks, and the Interact. These critical facilities play important roles in ensuring the stability of society as well as the development of economy. Advances in informa- tion and communication technology open opportunities for malicious attackers to launch coordinated attacks on cyber-physical critical facilities in networked infrastructures from any Interact-accessible place. Cybersecurity of complex cyber-physical networks has emerged as a hot topic within this con- text. In practice, it is also very crucial to understand the interplay between the evolution of underlying network structures and the collective dynamics on these complex networks and consequently to design efficient security control strategies to protect the evolution of these networks. In this paper, cybersecu- rity of complex cyber-physical networks is first outlined and then some security enhancing techniques, with particular emphasis on safety communications, attack detection and fault-tolerant control, are suggested. Furthermore, a new class of efficient secure the achievement of desirable pinning synchronization control strategies are proposed for guaranteeing behaviors in complex cyber-physical networks against malicious attacks on nodes. The authors hope that this paper motivates to design enhanced security strategies for complex cyber-physical network systems, to realize resilient and secure critical infrastructures.
基金supported by Science and Technology Project of SGCC“Research on Flat Architecture and Implementation Technology of Security and Stability Control System in Ultra Large Power Grid”(52170221000U).
文摘Security and stability control system(SSCS)in power systems involves collecting information and sending the decision from/to control stations at different layers;the tree structure of the SSCS requires more levels.Failure of a station or channel can cause all the execution stations(EXs)to be out of control.The randomness of the controllable capacity of the EXs increases the difficulty of the reliability evaluation of the SSCS.In this study,the loop designed SSCS and reliability analysis are examined for the interconnected systems.The uncertainty analysis of the controllable capacity based on the evidence theory for the SSCS is proposed.The bidirectional and loop channels are introduced to reduce the layers and stations of the existing SSCS with tree configuration.The reliability evaluation and sensitivity analysis are proposed to quantify the controllability and vulnerable components for the SSCS in different configurations.By aiming at the randomness of the controllable capacity of the EXs,the uncertainty analysis of the controllable capacity of the SSCS based on the evidence theory is proposed to quantify the probability of the SSCS for balancing the active power deficiency of the grid.
文摘In this paper,we investigate and analyze the network security risks faced by 5G private industrial networks.Based on current network security architecture and 3GPP requirements and considering the actual application of 5G private industrial networks,a comparative analysis is used to plan and design a private network security construction scheme.The network security construction model,network organization,and key processes of 5G private industrial networks at the current stage are investigated.In addition,the key direction for the next stage of construction is discussed.
基金the National Key BasicResearch Program (973 Program) under Grant2007CB307104.
文摘The Internet plays increasingly important roles in everyone's life; however, the existence of a mismatch between the basic architectural idea beneath the Internet and the emerging requirements for it is becoming more and more obvious. Although the Internet community came up with a consensus that the future network should be trustworthy, the concept of 'trustworthy networks' and the ways leading us to a trustworthy network are not yet clear. This research insists that the security, controllability, manageability, and survivability should be basic properties of a trustworthy network. The key ideas and techniques involved in these properties are studied, and recent developments and progresses are surveyed. At the same time, the technical trends and challenges are briefly discussed. The network trustworthiness could and should be eventually achieved.
基金supported by the National Natural Science Foundation of China under 62173172.
文摘This paper investigates the adaptive neural network(NN)event-triggered secure formation control problem for nonholonomic mobile robots(NMRs)subject to deception attacks.The NNs are employed to approximate unknown nonlinear functions in robotic dynamics.Since the transmission channel from sensor-to-controller is vulnerable to deception attacks,a NN estimation technique is introduced to estimate the unknown deception attacks.In order to alleviate the amount of communication between controller-and-actuator,an event-triggered mechanism with relative threshold strategy is established.Then,an adaptive NN event-triggered secure formation control method is proposed.It is proved that all closed-loop signals of controlled systems are bounded and the formation tracking errors converge a neighborhood of the origin in the presence of deception attacks.The comparative simulations illustrate the effectiveness of the proposed secure formation control scheme.
基金supported in part by the Australian Research Council Discovery Project(DP160103567)
文摘Networked control systems are spatially distributed systems in which the communication between sensors, actuators,and controllers occurs through a shared band-limited digital communication network. Several advantages of the network architectures include reduced system wiring, plug and play devices,increased system agility, and ease of system diagnosis and maintenance. Consequently, networked control is the current trend for industrial automation and has ever-increasing applications in a wide range of areas, such as smart grids, manufacturing systems,process control, automobiles, automated highway systems, and unmanned aerial vehicles. The modelling, analysis, and control of networked control systems have received considerable attention in the last two decades. The ‘control over networks’ is one of the key research directions for networked control systems. This paper aims at presenting a survey of trends and techniques in networked control systems from the perspective of ‘control over networks’, providing a snapshot of five control issues: sampled-data control, quantization control, networked control, event-triggered control, and security control. Some challenging issues are suggested to direct the future research.
基金supported by the Foundation for Innovative Research Groups of the National Natural Science Foundation of China (No. 61521003)The National Key R&D Program of China (No.2016YFB0800101)+1 种基金the National Science Foundation for Distinguished Young Scholars of China (No.61602509)Henan Province Key Technologies R&D Program of China(No.172102210615)
文摘Controller vulnerabilities allow malicious actors to disrupt or hijack the Software-Defined Networking. Traditionally, it is static mappings between the control plane and data plane. Adversaries have plenty of time to exploit the controller's vulnerabilities and launch attacks wisely. We tend to believe that dynamically altering such static mappings is a promising approach to alleviate this issue, since a moving target is difficult to be compromised even by skilled adversaries. It is critical to determine the right time to conduct scheduling and to balance the overhead afforded and the security levels guaranteed. Little previous work has been done to investigate the economical time in dynamic-scheduling controllers. In this paper, we take the first step to both theoretically and experimentally study the scheduling-timing problem in dynamic control plane. We model this problem as a renewal reward process and propose an optimal algorithm in deciding the right time to schedule with the objective of minimizing the long-term loss rate. In our experiments, simulations based on real network attack datasets are conducted and we demonstrate that our proposed algorithm outperforms given scheduling schemes.
文摘There are many safety risks and hidden dangers in petrochemical plants during overhaul. If they are not properly controlled, it is easy to cause significant loss of personnel and property. This paper takes the ethylene plant of China and South Korea Petrochemical Oefin Department as an example, lists the HSSE risks existing in the overhaul of the plant in 2020, and makes a summary and inventory of the relevant control measures and innovations adopted.
文摘In the process of building construction, quality and safety management is its foundation, and it is also a necessary prerequisite to ensure the stability and safety of the project after it is put into use. Therefore, it is necessary to objectively analyze many existing problems, put forward targeted solutions, strengthen the management and control of material quality, improve the comprehensive quality and safety awareness of construction personnel, strictly follow the existing standardized procedures and standards, and improve the existing quality and safety management system to ensure the overall construction quality and safety of housing construction projects.
基金This work was supported in part by the Natural Science Foundation of China (Nos. 61321002, 61120106010, 61522303, U1509215), the Program for New Century Excellent Talents in University (No. NCET-13-0045), and the Beijing Higher Education Young Elite Teacher Project.
文摘Cyber-physical systems (CPSs) are integrations of computation, communication, control and physical processes. Typical examples where CPSs are deployed include smart grids, civil infrastructure, medical devices and manufacturing. Security is one of the most important issues that should be investigated in CPSs and hence has received much attention in recent years. This paper surveys recent results in this area and mainly focusses on three important categories: attack detection, attack design and secure estimation and control. We also discuss several future research directions including risk assessment, modeling of attacks and attacks design, counter-attack strategy and testbed and validation.
基金Supported by the National Science Foundation of China of Shanxi(2015011040)
文摘Security issues and lnternet of Things (loT) become indispensable part in digital community as loT develops with the pervasive introduction of additional "smart" sensors and devices over the last decades, and it necessitates the implementation of information security principle in digital community system. A three-level criticality model to determine the potential impact is proposed in digital community system when various devices lost in this paper. Combining the actual security requirement of digital community and characteristics of loT, a hierarchical security architecture including defense-in-deep cybersecurity and distribute secure control is proposed. A high-assurance trust model, which assumes insider compromise, which exists in the digital community, is finally proposed according to the security issues analysis.
基金The project supported by National Natural Science Foundation of China under Grant No. 10575017
文摘We present a controlled secure quantum dialogue protocol using a non-maximally (pure) entangled Greenberger-Horne-Zeibinger (GHZ) states at first, and then discuss the requirements for a real quantum dialogue. We show that the authorized two users can exchange their secret messages after purifying the non-maximally entangled GHZ states quantum channel unconditionally securely and simultaneously under the control of a third party.
基金Project supported by NSFC(Grant Nos.61671087,61272514,61170272,61003287,61571335,61628209)the Fok Ying Tong Education Foundation(Grant No.131067)+2 种基金the National Key R&D Program of China under Grant 2017YFB0802300the Open Foundation of Guizhou Provincial Key Laboratory of Public Big Data(2018BDKFJJ016)Hubei Science Foundation(2016CFA030,2017AAA125)。
文摘In this paper,we first re-examine the previous protocol of controlled quantum secure direct communication of Zhang et al.’s scheme,which was found insecure under two kinds of attacks,fake entangled particles attack and disentanglement attack.Then,by changing the party of the preparation of cluster states and using unitary operations,we present an improved protocol which can avoid these two kinds of attacks.Moreover,the protocol is proposed using the three-qubit partially entangled set of states.It is more efficient by only using three particles rather than four or even more to transmit one bit secret information.Given our using state is much easier to prepare for multiqubit states and our protocol needs less measurement resource,it makes this protocol more convenient from an applied point of view.
