The platforms supporting the smart city applications are rarely implemented from scratch by a municipality and/or totally owned by a single company, but are more typically realized by integrating some existing ICT infrastructures thanks to a supporting platform, such as the well known FIWARE platform. Such a multi-tenant deployment model is required to lower the initial investment costs to implement large scale solutions for smart cities, but also imposes some key security obstacles. In fact, smart cities support critical applications demanding to protect the data and functionalities from malicious and unauthorized uses. Equipping the supporting platforms with proper means for access control is demanding, but these means are typically implemented according to a centralized approach, where a single server stores and makes available a set of identity attributes and authorization policies. Having a single root of trust is not suitable in a distributed and cooperating scenario of large scale smart cities due to their multi-tenant deployment. In fact, each of the integrated system has its own set of security policies, and the other systems need to be aware of these policy, in order to allow a seamless use of the same credentials across the overall infrastructure (realizing what is known as the single-sign-on). This imposes the problem of consistent and secure data replicas within a distributed system, which can be properly approached by using the blockchain technology. Therefore, this work proposes a novel solution for distributed management of identity and authorization policies by leveraging on the blockchain technology to hold a global view of the security policies within the system, and integrating it in the FIWARE platform. A detailed assessment is provided to evaluate the goodness of the proposed approach and to compare it with the existing solutions.

Blockchain-based authentication and authorization for smart city applications

Industry 4.0 involves innovations with upcoming digital technologies, and blockchain is one of them. Blockchain can be incorporated to improve security, privacy, and data transparency both for small and large enterprises. Industry 4.0 is a synthesis of the new production methods that allow manufacturers to achieve their target more rapidly. Research has been conducted on various Industry 4.0 technologies like Artificial Intelligence (AI), Internet of Things (IoT), Big data, and Blockchain, and how they could create significant interruptions in recent years. These technologies provide various possibilities in the world of manufacturing and supply chain. Blockchain is a technology that has gained much recognition and can enhance the manufacturing and supply chain environment. Various fields now have fascinating insights into the advantages of blockchain. Several research articles on “Blockchain” and “Industry 4.0″ from Google Scholar, Scopus, and other relevant sources are identified and reviewed for this study. This paper discusses the major potential of Blockchain in Industry 4.0. Various drivers, enablers, and associated capabilities of Blockchain technology for Industry 4.0 are discussed for insights. Different Industry 4.0 spheres/sub-domains for Blockchain technology realisation are also discussed. Finally, we have identified and studied fourteen significant applications of Blockchain in Industry 4.0. It is a range of new developments and hope for immense opportunities that are changing Industry 4.0. This technology would work to achieve amplified outcomes and work individually to enhance the process.

Blockchain technology applications for Industry 4.0: A literature-based review

Blockchain plays a vital task in cybersecurity. With the exerted efforts for realising large-scale quantum computers, most current cryptographic mechanisms may be hacked. Accordingly, we need a quantum tool utilised for designing blockchain frameworks to have the ability to be executed in the level of digital computers and resist the probable attacks from both digital and quantum computers. Quantum walks may be utilised as a quantum-inspired model for designing new cryptographic algorithms. In this paper, we present a new authentication and encryption protocol based on quantum-inspired quantum walks (QIQW). The proposed protocol is utilized to build a blockchain framework for secure data transmission among IoT devices. Instead of using classical cryptographic hash functions, quantum hash functions based on QIQW are employed for linking blocks of the chain. The main advantages of the presented framework are helping IoT nodes to effectively share their data with other nodes and full control of their records. Security analysis demonstrates that our proposed protocol can defend against message attack and impersonation attacks, thus ensuring secure transmission of data among IoT devices.

Quantum-Inspired Blockchain-Based Cybersecurity: Securing Smart Edge Utilities in IoT-Based Smart Cities

Industry 4.0 is having an increasingly positive impact on the value chain by modernizing and optimizing the production and distribution processes. In this streamline, the digital twin (DT) is one of the most cutting-edge technologies of Industry 4.0, providing simulation capabilities to forecast, optimize and estimate states and configurations. In turn, these technological capabilities are encouraging industrial stakeholders to invest in the new paradigm, though an increased focus on the risks involved is really needed. More precisely, the deployment of a DT is based on the composition of technologies such as cyber-physical systems, the Industrial Internet of Things, edge computing, virtualization infrastructures, artificial intelligence and big data. However, the confluence of all these technologies and the implicit interaction with the physical counterpart of the DT in the real world generate multiple security threats that have not yet been sufficiently studied. In that context, this paper analyzes the current state of the DT paradigm and classifies the potential threats associated with it, taking into consideration its functionality layers and the operational requirements in order to achieve a more complete and useful classification. We also provide a preliminary set of security recommendations and approaches that can help to ensure the appropriate and trustworthy use of a DT. 

Digital Twin: A Comprehensive Survey of Security Threats

In the context of blockchain technology, “off-chain” refers to computation or data that is structurally external to the blockchain network. Off-Chain Blockchain Systems (OCBS) enable this information processing and management through distributed software architecture where the blockchain network interacts with off-chain resources. Hence, OCBS are a critical data governance component in the design of enterprise blockchain solutions, resulting in extensive research and development exploring the interplay between on-chain and off-chain storage and computation and efforts to evaluate their performance relative to other information management systems. Key features of OCBS’ are their ability to improve scalability, reduce data storage requirements, and enhance data privacy, all extremely critical issues to enable broader blockchain adoption. These OCBS features map well to the needs of the healthcare industry, particularly due to the need to manage various types of medical, consumer, and other health-related data. However, different types of health data are also subject to stringent regulatory, security and legal requirements, a key factor limiting blockchain adoption in the sector. In response, there is a critical need to better align OCBS design features to different types of healthcare data management and their respective governance and privacy regimes. This article first reviews the characteristics of different constructs of OCBS. It then proposes a modular hybrid privacy-preserving framework leveraging off-chain and on-chain blockchain system design applied to three different reference models that illustrate how blockchain can enhance healthcare information management. Through this privacy-preserving framework we hope to liberate healthcare data by enabling sharing, sovereignty and enhanced trust.

hOCBS: A privacy-preserving blockchain framework for healthcare data leveraging an on-chain and off-chain system design

Digital Twins are complex digital representations of assets that are used by a variety of organizations across the Industry 4.0 value chain. As the digitization of industrial processes advances, Digital Twins will become widespread. As a result, there is a need to develop new secure data sharing models for a complex ecosystem of interacting Digital Twins and lifecycle parties. Decentralized Applications are uniquely suited to address these sharing challenges while ensuring availability, integrity and confidentiality. They rely on distributed ledgers and decentralized databases for data storage and processing, avoiding single points of trust. To tackle the need for decentralized sharing of Digital Twin data, this work proposes an owner-centric decentralized sharing model. A formal access control model addresses integrity and confidentiality aspects based on Digital Twin components and lifecycle requirements. With our prototypical implementation EtherTwin we show how to overcome the numerous implementation challenges associated with fully decentralized data sharing, enabling management of Digital Twin components and their associated information. For validation, the prototype is evaluated based on an industry use case and semi-structured expert interviews.

EtherTwin: Blockchain-based Secure Digital Twin Information Management

Although there are numerous advantages of the IoT in industrial use, there are also some security problems, such as insecure supply chains or vulnerabilities. These lead to a threatening security posture in organizations. Security analytics is a collection of capabilities and technologies systematically processing and analyzing data to detect or predict threats and imminent incidents. As digital twins improve knowledge generation and sharing, they are an ideal foundation for security analytics in the IoT. Digital twins map physical assets to their respective virtual counterparts along the lifecycle. They leverage the connection between the physical and virtual environments and manage semantics, i.e., ontologies, functional relationships, and behavioral models. This paper presents the DT2SA model that aligns security analytics with digital twins to generate shareable cybersecurity knowledge. The model relies on a formal model resulting from previously defined requirements. We validated the DT2SA model with a microservice architecture called Twinsight, which is publicly available, open-source, and based on a real industry project. The results highlight challenges and strategies for leveraging cybersecurity knowledge in IoT using digital twins.

/pdf/digital-twin-based-security-analytics-for-the-internet-of-2j9aluxz.pdf

Digital-Twin-Based Security Analytics for the Internet of Things

In Cloud Computing, the cloud serves as a central data hub for the Industrial Internet of Things' (IIoT) data and is deployed in diverse application fields, e.g., Smart Grid or Smart Manufacturing. Therefore, the aggregated and contextualized data is bundled in a central data hub, bringing tremendous cybersecurity advantages. Given the threat landscape in IIoT systems, especially SMEs (small and medium-sized enterprises) need to be prepared regarding their cybersecurity, react quickly, and strengthen their overall cybersecurity. For instance, with the application of machine learning algorithms, security-related data can be analyzed predictively in order to be able to ward off a potential attack at an early stage. Since modern reference architectures for IIoT systems, such as RAMI 4.0 or IIRA, consider cybersecurity approaches on a high level and SMEs lack financial funds and knowledge, this paper conceptualizes a security analytics service used as a security add-on to these reference architectures. Thus, this paper conceptualizes a flexible security analytics service that implements security capabilities with flexible analytical techniques that fit specific SMEs' needs. The security analytics service is also evaluated with a real-world use case.

https://dl.acm.org/doi/pdf/10.1145/3445969.3450427

A Flexible Security Analytics Service for the Industrial IoT

Abstract Organizations face attacks on industrial control systems (ICS) as vulnerabilities are pervasive. However, patching vulnerable systems by simply updating to the newest version is often not an option and shifts focus to workarounds. Beyond pure patching, workarounds specify other remediation measures (e.g., firewall or VPN configuration) that must be taken due to system availability requirements, complexity, or heterogeneous devices. In this paper, we introduce vulnerability playbooks based on open standards. Pushing the envelope of cybersecurity playbooks—steps organizations should follow when responding to cybersecurity incidents reactively—for ICS vulnerability management offers organizations a more transparent, repeatable process and faster, possibly automated actions. We have designed a process model to collect and transform security advisories in Common Security Advisory Framework (CSAF) format and generate Collaborative Automated Course of Action Operations (CACAO) playbooks based on listed remediation advice. With a proof of concept, we demonstrate that structured CSAF documents can be seamlessly transformed into CACAO playbooks. For our industrial use case, we must also use unstructured security advice highlighting quality differences (compared to CSAF). Our generated 79 standard conformant CACAO playbooks with 485 identified actions hint at imbalanced advice toward patching. Preferably, vendors should include detailed technical remediation advice, provide APIs, and go beyond patching recommendations in their security advisories. Subscribers should structure their assets and use machine learning to normalize, generate, and prioritize CACAO playbooks. With CSAF and CACAO, we see two open standards for handling vulnerabilities. 

Generating ICS vulnerability playbooks with open standards

Intrusion Detection Systems (IDS) allow for detecting malicious activities in organizational networks and hosts. As the Industrial Internet of Things (Industrial IoT) has gained momentum and attackers become process-aware, it elevates the focus on anomaly-based Network Intrusion Detection Systems (NIDS) in IoT. While previous research has primarily concentrated on fortifying SCADA systems with NIDS, keeping track of the latest advancements in resource-efficient messaging (e.g., MQTT, CoAP, and OPC-UA) is paramount. In our work, we straightforwardly derive IoT processes for NIDS using distributed tracing and process mining. We introduce a pioneering framework called MISSION which effectively captures, consolidates, and models MQTT flows, leading to a heightened process awareness in NIDS. Through our prototypical implementation, we demonstrate exceptional performance and high-quality models. Moreover, our experiments provide empirical evidence for rediscovering pre-defined processes and successfully detecting two distinct MQTT attacks in a simulated IoT network.

Process-Aware Intrusion Detection in MQTT Networks

Handle everyday research tasks with reliable, citation-backed results

Your personal Research Agent to handle research tasks with citation-backed results

Popular Tasks used by Researchers

How can I help with your research?

Meet SciSpace

Get more enhanced response by uploading the PDFs you want me to reference.

No relevant PDFs in your library

SciSpace is the AI research assistant for academics. Run systematic literature reviews on 280M+ papers, and write papers with cited sources. Trusted by 1M+ students, PhDs & researchers.

SciSpace | AI for Research

Analyze PDFs

Code & Manuscripts

Funding & Grants

Literature & Patents

Medical & Clinical Data

Systematic Review

Visualize & Present

Web & Data

Build a Google Scholar-like website for your research.

Build a website

Create charts and images for your research

Create a Chart

Write a paper for submission to a journal

Draft a manuscript

Patent Search

Design eye-catching scientific posters in minutes.

Scientific Poster Generation

Systematic Literature Review

One task is running at the moment. Your messages will be shown right after.

Drag and drop or click here to browse

Loved by <highlight>1 million+</highlight> researchers

Extract a list of specific topics and their sources from unstructured text

Topics

Compare and analyze relevant papers that matches with your search

Papers

Get insights from PDFs and bookmarked papers from your library

My library

Recent searches

Try searching for:

Catch AI-generated content in scholarly and non-scholarly content

{ai} Detector

Ai Writer

Get PDF Summaries, highlighted text explanations 

Chat with PDF

Effortlessly create in-text citations and bibliographies in APA and 2,500 other formats

Citation generator

Get explanations, summaries, and answers on academic papers

Ease up your research workflow with {scispace}'s cohort of exciting AI tools

Elevate your academic writing skills and convey your ideas the way you want

Paraphraser

Explore our range of reading and writing tools

Your file is being prepared and should be ready in a few minutes. If it's a large file, it might take a bit longer. You can close this window, and we'll email you the file when it's done.

You have reached a maximum limit of <strong>{limit}</strong> columns in the table. Remove at least <strong>1</strong> column to add or create another one.

Philip Empl

Author Tools

Chat about Author