Secure and Trustworthy Cyber–Physical Systems

A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information and Communications Technology".

Deadline for manuscript submissions: closed (15 September 2022) | Viewed by 31871

Special Issue Editors


E-Mail Website
Guest Editor
Department of Computer Science & Engineering, the Mississippi State University, Mississippi State, MS 39762, USA
Interests: Artificial Intelligence; Cybersecurity; Cyber–Physical Systems

E-Mail Website
Guest Editor
Department of Computer Science, Cybersecurity Education, Research & Outreach Center, Tennessee Technological University, Cookeville, TN 38505, USA
Interests: cybersecurity; cyber–physical systems; artificial intelligence; secure and trustworthy cyberspace
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Department of Computer Science, North Carolina Agricultural and Technical State University (NCAT), Greensboro, NC 27411, USA
Interests: Computer Security; Cloud Computing; Malware and Anomaly Detection; Machine Learning

Special Issue Information

Dear Colleagues, 

Cyber–physical systems (CPSs) entail the seamless integration of computation and physical components. These systems illustrate the synergistic interactions among the cyber components, such as the computing and communication parts, and the physical devices, operating at a wide variety of spatial and temporal scales. CPSs are driving innovation and competition in a range of sectors, including agriculture, aeronautics, building design, civil infrastructure, energy, environmental quality, healthcare and personalized medicine, and transportation. These applications will empower the true vision of CPSs, allowing human beings to interact with the physical world and serve critical functions in our lives. CPS technologies are emerging as key drivers of future autonomous and smart connected worlds. With the wider adoption and popularity of the CPS applications, securing them against malicious activities is paramount. Otherwise, malfunctioning and insecure CPS devices and applications can cause enormous damage to individuals, businesses, and nations.

Dr. Sudip Mittal
Dr. Maanak Gupta
Dr. Mahmoud Abdelsalam
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cyber–physical systems
  • artificial intelligence
  • cybersecurity.

Published Papers (10 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

20 pages, 947 KiB  
Article
Digital-Twin-Based Security Analytics for the Internet of Things
by Philip Empl and Günther Pernul
Information 2023, 14(2), 95; https://doi.org/10.3390/info14020095 - 4 Feb 2023
Cited by 7 | Viewed by 3596
Abstract
Although there are numerous advantages of the IoT in industrial use, there are also some security problems, such as insecure supply chains or vulnerabilities. These lead to a threatening security posture in organizations. Security analytics is a collection of capabilities and technologies systematically [...] Read more.
Although there are numerous advantages of the IoT in industrial use, there are also some security problems, such as insecure supply chains or vulnerabilities. These lead to a threatening security posture in organizations. Security analytics is a collection of capabilities and technologies systematically processing and analyzing data to detect or predict threats and imminent incidents. As digital twins improve knowledge generation and sharing, they are an ideal foundation for security analytics in the IoT. Digital twins map physical assets to their respective virtual counterparts along the lifecycle. They leverage the connection between the physical and virtual environments and manage semantics, i.e., ontologies, functional relationships, and behavioral models. This paper presents the DT2SA model that aligns security analytics with digital twins to generate shareable cybersecurity knowledge. The model relies on a formal model resulting from previously defined requirements. We validated the DT2SA model with a microservice architecture called Twinsight, which is publicly available, open-source, and based on a real industry project. The results highlight challenges and strategies for leveraging cybersecurity knowledge in IoT using digital twins. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

15 pages, 7428 KiB  
Article
Dynamic Random Graph Protection Scheme Based on Chaos and Cryptographic Random Mapping
by Zhu Fang and Zhengquan Xu
Information 2022, 13(11), 537; https://doi.org/10.3390/info13110537 - 14 Nov 2022
Viewed by 1412
Abstract
Advances in network technology have enhanced the concern for network security issues. In order to address the problem that hopping graph are vulnerable to external attacks (e.g., the changing rules of fixed graphs are more easily grasped by attackers) and the challenge of [...] Read more.
Advances in network technology have enhanced the concern for network security issues. In order to address the problem that hopping graph are vulnerable to external attacks (e.g., the changing rules of fixed graphs are more easily grasped by attackers) and the challenge of achieving both interactivity and randomness in a network environment, this paper proposed a scheme for a dynamic graph based on chaos and cryptographic random mapping. The scheme allows hopping nodes to compute and obtain dynamically random and uncorrelated graph of other nodes independently of each other without additional interaction after the computational process of synchronous mirroring. We first iterate through the chaos algorithm to generate random seed parameters, which are used as input parameters for the encryption algorithm; secondly, we execute the encryption algorithm to generate a ciphertext of a specified length, which is converted into a fixed point number; and finally, the fixed point number is mapped to the network parameters corresponding to each node. The hopping nodes are independently updated with the same hopping map at each hopping period, and the configuration of their own network parameters is updated, so that the updated graph can effectively prevent external attacks. Finally, we have carried out simulation experiments and related tests on the proposed scheme and demonstrated that the performance requirements of the random graphs can be satisfied in both general and extreme cases. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

26 pages, 6787 KiB  
Article
FIRE: A Finely Integrated Risk Evaluation Methodology for Life-Critical Embedded Systems
by Aakarsh Rao, Nadir A. Carreón, Roman Lysecky and Jerzy Rozenblit
Information 2022, 13(10), 487; https://doi.org/10.3390/info13100487 - 10 Oct 2022
Cited by 2 | Viewed by 1779
Abstract
Life-critical embedded systems, including medical devices, are becoming increasingly interconnected and interoperable, providing great efficiency to the healthcare ecosystem. These systems incorporate complex software that plays a significantly integrative and critical role. However, this complexity substantially increases the potential for cybersecurity threats, which [...] Read more.
Life-critical embedded systems, including medical devices, are becoming increasingly interconnected and interoperable, providing great efficiency to the healthcare ecosystem. These systems incorporate complex software that plays a significantly integrative and critical role. However, this complexity substantially increases the potential for cybersecurity threats, which directly impact patients’ safety and privacy. With software continuing to play a fundamental role in life-critical embedded systems, maintaining its trustworthiness by incorporating fail-safe modes via a multimodal design is essential. Comprehensive and proactive evaluation and management of cybersecurity risks are essential from the very design to deployment and long-term management. In this paper, we present FIRE, a finely integrated risk evaluation methodology for life-critical embedded systems. Security risks are carefully evaluated in a bottom-up approach from operations-to-system modes by adopting and expanding well-established vulnerability scoring schemes for life-critical systems, considering the impact to patient health and data sensitivity. FIRE combines a static risk evaluation with runtime dynamic risk evaluation to establish comprehensive risk management throughout the lifecycle of the life-critical embedded system. We demonstrate the details and effectiveness of our methodology in systematically evaluating risks and conditions for risk mitigation with a smart connected insulin pump case study. Under normal conditions and eight different malware threats, the experimental results demonstrate effective threat mitigation by mode switching with a 0% false-positive mode switching rate. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

14 pages, 3119 KiB  
Article
Secure Sensitive Data Sharing Using RSA and ElGamal Cryptographic Algorithms with Hash Functions
by Emmanuel A. Adeniyi, Peace Busola Falola, Mashael S. Maashi, Mohammed Aljebreen and Salil Bharany
Information 2022, 13(10), 442; https://doi.org/10.3390/info13100442 - 20 Sep 2022
Cited by 14 | Viewed by 3632
Abstract
With the explosion of connected devices linked to one another, the amount of transmitted data grows day by day, posing new problems in terms of information security, such as unauthorized access to users’ credentials and sensitive information. Therefore, this study employed RSA and [...] Read more.
With the explosion of connected devices linked to one another, the amount of transmitted data grows day by day, posing new problems in terms of information security, such as unauthorized access to users’ credentials and sensitive information. Therefore, this study employed RSA and ElGamal cryptographic algorithms with the application of SHA-256 for digital signature formulation to enhance security and validate the sharing of sensitive information. Security is increasingly becoming a complex task to achieve. The goal of this study is to be able to authenticate shared data with the application of the SHA-256 function to the cryptographic algorithms. The methodology employed involved the use of C# programming language for the implementation of the RSA and ElGamal cryptographic algorithms using the SHA-256 hash function for digital signature. The experimental result shows that the RSA algorithm performs better than the ElGamal during the encryption and signature verification processes, while ElGamal performs better than RSA during the decryption and signature generation process. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

33 pages, 748 KiB  
Article
An Attribute-Based Approach toward a Secured Smart-Home IoT Access Control and a Comparison with a Role-Based Approach
by Safwa Ameer, James Benson and Ravi Sandhu
Information 2022, 13(2), 60; https://doi.org/10.3390/info13020060 - 25 Jan 2022
Cited by 18 | Viewed by 4288
Abstract
The area of smart homes is one of the most popular for deploying smart connected devices. One of the most vulnerable aspects of smart homes is access control. Recent advances in IoT have led to several access control models being developed or adapted [...] Read more.
The area of smart homes is one of the most popular for deploying smart connected devices. One of the most vulnerable aspects of smart homes is access control. Recent advances in IoT have led to several access control models being developed or adapted to IoT from other domains, with few specifically designed to meet the challenges of smart homes. Most of these models use role-based access control (RBAC) or attribute-based access control (ABAC) models. As of now, it is not clear what the advantages and disadvantages of ABAC over RBAC are in general, and in the context of smart-home IoT in particular. In this paper, we introduce HABACα, an attribute-based access control model for smart-home IoT. We formally define HABACα and demonstrate its features through two use-case scenarios and a proof-of-concept implementation. Furthermore, we present an analysis of HABACα as compared to the previously published EGRBAC (extended generalized role-based access control) model for smart-home IoT by first describing approaches for constructing HABACα specification from EGRBAC and vice versa in order to compare the theoretical expressiveness power of these models, and second, analyzing HABACα and EGRBAC models against standard criteria for access control models. Our findings suggest that a hybrid model that combines both HABACα and EGRBAC capabilities may be the most suitable for smart-home IoT, and probably more generally. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

23 pages, 766 KiB  
Article
VERCASM-CPS: Vulnerability Analysis and Cyber Risk Assessment for Cyber-Physical Systems
by Bradley Northern, Trey Burks, Marlana Hatcher, Michael Rogers and Denis Ulybyshev
Information 2021, 12(10), 408; https://doi.org/10.3390/info12100408 - 30 Sep 2021
Cited by 12 | Viewed by 3934
Abstract
Since Cyber-Physical Systems (CPS) are widely used in critical infrastructures, it is essential to protect their assets from cyber attacks to increase the level of security, safety and trustworthiness, prevent failure developments, and minimize losses. It is necessary to analyze the CPS configuration [...] Read more.
Since Cyber-Physical Systems (CPS) are widely used in critical infrastructures, it is essential to protect their assets from cyber attacks to increase the level of security, safety and trustworthiness, prevent failure developments, and minimize losses. It is necessary to analyze the CPS configuration in an automatic mode to detect the most vulnerable CPS components and reconfigure or replace them promptly. In this paper, we present a methodology to determine the most secure CPS configuration by using a public database of cyber vulnerabilities to identify the most secure CPS components. We also integrate the CPS cyber risk analysis with a Controlled Moving Target Defense, which either replaces the vulnerable CPS components or re-configures the CPS to harden it, while the vulnerable components are being replaced. Our solution helps to design a more secure CPS by updating the configuration of existing CPS to make them more resilient against cyber attacks. In this paper, we will compare cyber risk scores for different CPS configurations and show that the Windows® 10 build 20H2 operating system is more secure than Linux Ubuntu® 20.04, while Red Hat® Enterprise® Linux is the most secure in some system configurations. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

17 pages, 4519 KiB  
Article
Leveraging Aviation Risk Models to Combat Cybersecurity Threats in Vehicular Networks
by Jonathan Ebert, Ohad Newton, Jeffery O’Rear, Scott Riley, Jaehong Park and Maanak Gupta
Information 2021, 12(10), 390; https://doi.org/10.3390/info12100390 - 23 Sep 2021
Cited by 2 | Viewed by 2870
Abstract
The rapidly developing technology and lack of standards in the transportation industry for the proposed Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I), and Vehicle-to-Everything (V2X) networks, which all vehicles will operate under, drives concern about information validity and authenticity due to the risk of erroneous or [...] Read more.
The rapidly developing technology and lack of standards in the transportation industry for the proposed Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I), and Vehicle-to-Everything (V2X) networks, which all vehicles will operate under, drives concern about information validity and authenticity due to the risk of erroneous or malicious information being injected into a vehicular network (VN). In this paper, we apply a risk management process to a vehicular network that will identify hazards and possible controls that can lower their risk. After researching and reviewing various technologies along with several risk models, we have developed a basic framework for assessing and assigning risk through a phased method that leads to input for our developed model. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

19 pages, 11931 KiB  
Article
Image Watermarking Approach Using a Hybrid Domain Based on Performance Parameter Analysis
by Rohit Srivastava, Ravi Tomar, Maanak Gupta, Anuj Kumar Yadav and Jaehong Park
Information 2021, 12(8), 310; https://doi.org/10.3390/info12080310 - 30 Jul 2021
Cited by 7 | Viewed by 2623
Abstract
In today’s scenario, image watermarking has been an integral part in various multimedia applications. Watermarking is the approach for adding additional information to the existing image to protect the data from modification and to provide data integrity. Frequency transform domain techniques are complex [...] Read more.
In today’s scenario, image watermarking has been an integral part in various multimedia applications. Watermarking is the approach for adding additional information to the existing image to protect the data from modification and to provide data integrity. Frequency transform domain techniques are complex and costly and degrade the quality of the image due to less embedding of bits. The proposed work utilize the original DCT method with some modifications and applies this method on frequency bands of DWT. Furthermore, the output is used in combination with a pixel modification method for embedding and extraction. The proposed outcome is the improvement of performance achieved in terms of time, imperceptibility, and robustness. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

11 pages, 794 KiB  
Article
Improving Physical Layer Security of Cooperative NOMA System with Wireless-Powered Full-Duplex Relaying
by Yuan Ren, Yixuan Tan, Meruyert Makhanbet and Xuewei Zhang
Information 2021, 12(7), 279; https://doi.org/10.3390/info12070279 - 10 Jul 2021
Cited by 8 | Viewed by 2631
Abstract
Non-orthogonal multiple access (NOMA) and wireless energy harvesting are two promising technologies for improving spectral efficiency and energy efficiency, respectively. In this paper, we study the physical layer security of a wireless-powered full-duplex (FD) relay-aided cooperative NOMA system. In particular, the source is [...] Read more.
Non-orthogonal multiple access (NOMA) and wireless energy harvesting are two promising technologies for improving spectral efficiency and energy efficiency, respectively. In this paper, we study the physical layer security of a wireless-powered full-duplex (FD) relay-aided cooperative NOMA system. In particular, the source is wiretapped by an eavesdropper, and the FD relay assists the transmission from the source to a near user and a far user with self-energy recycling. To enhance the security performance of the system, we propose an artificial noise (AN)-aided cooperative transmission scheme, in which the relay emits a jamming signal to confuse the eavesdropper while receiving the signal from the source. For the proposed scheme, the ergodic secrecy sum rate (ESSR) is derived to characterize the secrecy performance and a lower bound of ESSR is obtained. Finally, numerical results verify the accuracy of the theoretical analysis of the proposed AN-aided secure transmission scheme. The superiority of the proposed scheme is also demonstrated since this scheme can achieve better secrecy performance, compared to the conventional cooperative NOMA scheme. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

11 pages, 3006 KiB  
Article
CFM-RFM: A Cascading Failure Model for Inter-Domain Routing Systems with the Recovery Feedback Mechanism
by Wendian Zhao, Yongjie Wang, Xinli Xiong and Yang Li
Information 2021, 12(6), 247; https://doi.org/10.3390/info12060247 - 14 Jun 2021
Cited by 7 | Viewed by 2645
Abstract
With the increase and diversification of network users, the scale of the inter-domain routing system is becoming larger and larger. Cascading failure analysis and modeling are of great significance to improve the security of inter-domain routing networks. To solve the problem that the [...] Read more.
With the increase and diversification of network users, the scale of the inter-domain routing system is becoming larger and larger. Cascading failure analysis and modeling are of great significance to improve the security of inter-domain routing networks. To solve the problem that the propagation principle of cascading failure does not conform to reality, a Cascading Failure Model for inter-domain routing systems with the Recovery Feedback Mechanism (CFM-RFM) is proposed in this paper. CFM-RFM comprehensively considers the main factors that cause cascading failure. Based on two types of update message propagation mechanism and traffic redistribution, it simulates the cascading failure process. We found that under the action of the recovery feedback mechanism, the cascading failure process was accelerated, and the network did not quickly return to normal, but was rather quickly and extensively paralyzed. The average attack cost can be reduced by 38.1% when the network suffers the same damage. Full article
(This article belongs to the Special Issue Secure and Trustworthy Cyber–Physical Systems)
Show Figures

Figure 1

Back to TopTop