Research Outputs
Analysing Design Approaches for the Power Consumption in Cyber-Physical Systems
The importance of Cyber Physical Systems (CPS) and Internet of Things (IoT) applications is constantly increasing, especially in the context of Industry 4.0. Architectural decisions are crucial not just for performance, security and resilience reasons but also regarding costs and resource usage. In this paper we analyse two of the fundamental approaches to design control loops (i.e. time-driven and event-driven), show how they can be realised and evaluate their power requirements. Through this the design criteria can be extended also considering the optimization of energy related aspects.
Automated and Secure Onboarding for System of Systems
The Internet of Things (IoT) is rapidly changing the number of connected devices and the way they interact with each other. This increases the need for an automated and secure onboarding procedure for IoT devices, systems and services. Device manufacturers are entering the market with internet connected devices, ranging from small sensors to production devices, which are subject of security threats specific to IoT. The onboarding procedure is required to introduce a new device in a System of Systems (SoS) without compromising the already onboarded devices and the underlying infrastructure. Onboarding is the process of providing access to the network and registering the components for the first time in an IoT/SoS framework, thus creating a chain of trust from the hardware device to its hosted software systems and their provided services. The large number and diversity of device hardware, software systems and running services raises the challenge to establish a generic onboarding procedure. In this paper, we present an automated and secure onboarding procedure for SoS. We have implemented the onboarding procedure in the Eclipse Arrowhead framework. However, it can be easily adapted for other IoT/SoS frameworks that are based on Service-oriented Architecture (SoA) principles. The automated onboarding procedure ensures a secure and trusted communication between the new IoT devices and the Eclipse Arrowhead framework. We show its application in a smart charging use case and perform a security assessment.
A Framework for Measuring the Costs of Security at Runtime
In Industry 4.0, Cyber-Physical Systems (CPS) are formed by components, which are interconnected with each other over the Internet of Things (IoT). The resulting capabilities of sensing and affecting the physical world offer a vast range of opportunities, yet, at the same time pose new security challenges. To address these challenges there are various IoT Frameworks, which offer solutions for managing and controlling IoT-components and their interactions. In this regard, providing security for an interaction usually requires performing additional security-related tasks (e.g. authorisation, encryption, etc.) to prevent possible security risks. Research currently focuses more on designing and developing these frameworks and does not satisfactorily provide methodologies for evaluating the resulting costs of providing security. In this paper we propose an initial approach for measuring the resulting costs of providing security for interacting IoT-components by using a Security Cost Modell ing Framework. Furthermore, we describe the necessary building blocks of the framework and provide an experimental design showing how it could be used to measure security costs at runtime.
Risk Management and Standard Compliance for Cyber-Physical Systems of Systems
The Internet of Things (IoT) and cloud technologies are increasingly implemented in the form of Cyber-Physical Systems of Systems (CPSoS) for the railway sector. In order to satisfy the security requirements of Cyber-Physical Systems (CPS), domainspecific risk identification assessment procedures have been developed. Threat modelling is one of the most commonly used methods for threat identification for the security analysis of CPSoS and is capable of targeting various domains. This paper reports our experience of using a risk management framework identify the most critical security vulnerabilities in CPSoS in the domain and shows the broader impact this work can have on the domain of safety and security management. Moreover, we emphasize the application of common analytical methods for cyber-security based on international industry standards to identify the most vulnerable assets. These will be applied to a meta-model for automated railway systems in the concept phase to support the development and deployment of these systems. Furthermore, it is the first step to create a secure and standard complaint system by design.
A recommendation for suitable technologies for an indoor farming framework
Facing food insecurity and overuse of resources due to effects of climate change, humanity needs to find new ways to secure food production and produce close to consumers. Vertical farming, where plants are grown in vertical arrays inside buildings with help of Information and Communication Technology (ICT) components, could contribute to solving this issue. Such systems integrate heterogeneous devices on different computing layers and acquire a lot of data to monitor and optimize the production process. We created an indoor testing unit in which growing conditions can be monitored and controlled to optimize growth of microgreens. This setup includes an Indoor Farming Support as a Service (IFSaaS) prototype that provides safe and secure monitoring and controlling, as well as self-adaption of an indoor farming system. In this article we provide information about the combination of most suitable technologies.
Impact of Critical Infrastructure Requirements on Service Migration Guidelines to the Cloud
A high level of information security in critical infrastructure IT systems and services has to be preserved when migrating their IT services to the cloud. Often various legislative and security constraints have to be met in line with best practice guidelines and international standards to perform the migration. To support the critical infrastructure providers in migrating their services to the cloud we are developing a process based migration guideline for critical infrastructure providers focusing on information security. First of all we investigate, via questionnaires, how the importance of individual security topics covered in such guidelines differentiates between industry stakeholders and critical infrastructure providers. This supports the selection of relevant security topics and the considered guidelines and standards, which we survey in search for common relevant security topics. Subsequently we present the analysis of the above-mentioned security requirements and how they affect a here developed taxonomy for a process-based security guideline. Furthermore we present potential service migration use cases and how our methodology would affect the migration of secure critical infrastructure services.
Towards a secure and self-adapting smart indoor farming framework
Facing the increase in world population and the stagnation in available arable land there is a high demand for optimizing the food production. Considering the world-wide and ongoing reduction of the agricultural labor force novel approaches for food production are required. Vertical farming may be such a solution where plants are being produced indoors in racks, cared by robotic appliances which will be operated by specialized software. Given the multitude of parameters which determine the ideal condition, a lot of data needs to be acquired. As this data is used to adapt the entire Cyber-Physical System to a changing environment the data has to be secure and adaptations have to consider safety aspects as well. Such systems must hence be secure, safe, scalable and self-adaptable to a high degree. We present an important element for such solutions, a cloud, IoT and robotic based smart farming framework.