No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Edge-computing enhanced privacy protection for industrial ecosystems in the context of SMEs
... Gai et al. introduced the permissioned blockchain technique in terms of group signatures as well as hidden channel authorization to prevent the sensitive information being violated [21]. Giehl et al. proposed a privacy-aware EC framework in order to utilize the applications, i.e., optimizing the production ability, promoting industrial safety on the shap-floor [22]. Zhao et al. proposed a decentralized system in mobile edge computing with privacy preservation which keeps high reputation for IoV [23]. ...
Currently, Edge computing (EC) paradigm is adopted to provision the low-latency resources for the massive real-time services in Internet of vehicles (IoV). To alleviate the QoE (Quality of Experience) degradation of the vehicular users due to the uncertainties (e.g., resource conflicts and communicating interruption), software-defined network (SDN) is involved in the EC-enabled IoV to manage the cooperative operation of distributed edge nodes (ENs). However, the increasing privacy leakage for the IoV service offloading causes the disclosure of the sensitive information, including driving location, personal information of the driver, etc. Moreover, the regulation of SDN is practically insufficient, as the general control is incompetent to maintain balanced operation with the premise of efficient service utility. In view of these challenges, a secure
s
ervice
o
ffloading
me
thod, named SOME, is designed to promote IoV service utility and edge utility, meanwhile ensuring privacy security, in SDN-enabled EC. Specifically, an SDN-based framework for IoV service management is developed to address the inherent uncertainty of edge network by SDN controllers. Besides, the locality-sensitive-hash (LSH) is leveraged to realize utility- and privacy-aware service selection. Eventually, comparative experiments are implemented to verify the effectiveness of SOME.
Datenbasierte Modelle zur Werkzeugzustandsüberwachung erfordern eine große Datenmenge, deren Generierung für einzelne Unternehmen aufwendig ist. Das unternehmensübergreifende Zusammenführen von Daten als mögliche Lösung birgt jedoch das Risiko, geistiges Eigentum der Unternehmen offenzulegen. Um die Offenlegung zu verhindern und eine sichere Kollaboration zu ermöglichen, können Confidentiality-Protecting Technologies eingesetzt werden, deren Anwendung im Forschungsprojekt MINERVA untersucht wird.
This article presents the results of research with the main goal of identifying possible applications of edge computing (EC) in industry. This study used the methodology of systematic literature review and text mining analysis. The main findings showed that the primary goal of EC is to reduce the time required to transfer large amounts of data. With the ability to analyze data at the edge, it is possible to obtain immediate feedback and use it in the decision-making process. However, the implementation of EC requires investments not only in infrastructure, but also in the development of employee knowledge related to modern computing methods based on artificial intelligence. As the results of the analyses showed, great importance is also attached to energy consumption, both in ongoing production processes and for the purposes of data transmission and analysis. This paper also highlights problems related to quality management. Based on the analyses, we indicate further research directions for the application of edge computing and associated technologies that are required in the area of intelligent resource scheduling (for flexible production systems and autonomous systems), anomaly detection and resulting decision making, data analysis and transfer, knowledge management (for smart designing), and simulations (for autonomous systems).
This article presents the results of research with the main goal of identifying possible applications of edge computing (EC) in industry. This study used the methodology of systematic literature review and text mining analysis. The main findings showed that the primary goal of EC is to reduce the time required to transfer large amounts of data. With the ability to analyze data at the edge, it is possible to obtain immediate feedback and use it in the decision-making process. However, the implementation of EC requires investments not only in infrastructure, but also in the development of employee knowledge related to modern computing methods based on artificial intelligence. As the results of the analyses showed, great importance is also attached to energy consumption, both in ongoing production processes and for the purposes of data transmission and analysis. This paper also highlights problems related to quality management. Based on the analyses, we indicate further research directions for the application of edge computing and associated technologies that are required in the area of intelligent resource scheduling (for flexible production systems and autonomous systems), anomaly detection and resulting decision making, data analysis and transfer, knowledge management (for smart designing), and simulations (for autonomous systems). View Full-Text
The implementation of Industry 4.0 technologies suggests significant impacts on production systems productivity and decision-making process improvements. However, many manufacturers have difficulty determining to what extent these various technologies can reinforce the autonomy of teams and operational systems. This article addresses this issue by proposing a model describing different types of autonomy and the contribution of 4.0 technologies in the various steps of the decision-making processes. The model was confronted with a set of application cases from the literature. It emerges that new technologies' improvements are significant from a decision-making point of view and may eventually favor implementing new modes of autonomy. Decision-makers can rely on the proposed model to better understand the opportunities linked to the fusion of cybernetic, physical, and social spaces made possible by Industry 4.0.
Big data continues to grow in the manufacturing domain due to increasing interconnectivity on the shop floor in the course of the fourth industrial revolution. The optimization of machines based on either real-time or historical machine data provides benefits to both machine producers and operators. In order to be able to make use of these opportunities, it is necessary to access the machine data, which can include sensitive information such as intellectual property. Employing the use case of machine tools, this paper presents a solution enabling industrial data sharing and cloud collaboration while protecting sensitive information. It employs the edge computing paradigm to apply differential privacy to machine data in order to protect sensitive information and simultaneously allow machine producers to perform the necessary calculations and analyses using this data.
This paper presents a study on detecting cyber attacks on industrial control systems (ICS) using convolutional neural networks. The study was performed on a Secure Water Treatment testbed (SWaT) dataset, which represents a scaled-down version of a real-world industrial water treatment plant. We suggest a method for anomaly detection based on measuring the statistical deviation of the predicted value from the observed value. We applied the proposed method by using a variety of deep neural network architectures including different variants of convolutional and recurrent networks. The test dataset included 36 different cyber attacks. The proposed method successfully detected 31 attacks with three false positives thus improving on previous research based on this dataset. The results of the study show that 1D convolutional networks can be successfully used for anomaly detection in industrial control systems and outperform recurrent networks in this setting. The findings also suggest that 1D convolutional networks are effective at time series prediction tasks which are traditionally considered to be best solved using recurrent neural networks. This observation is a promising one, as 1D convolutional neural networks are simpler, smaller, and faster than the recurrent neural networks.
In the research of location privacy protection, the existing methods are mostly based on the traditional anonymization, fuzzy and cryptography technology and little success in the big data environment, for example the sensor networks contain sensitive information, which is compulsory to be appropriately protected. Current trends such as "Industrie 4.0" and Internet of Things (IoT), generate, process, and exchange vast amounts of security-critical and privacy-sensitive data, which makes them attractive targets of attacks.However, previous methods overlooked the privacy protection issue, leading to privacy violation. In this paper, we propose a location privacy protection method that satisfying differential privacy constraint to protect location data privacy and maximize the utility of data and algorithm in Industrial Internet of Things.In view of the high value and low density of location data, we combine the utility with the privacy and builds a multilevel location information tree model. Furthermore, the index mechanism of differential privacy is used to select data according to the tree node accessing frequency. Finally, the Laplace scheme is used to add noises to accessing frequency of the selecting data. As is shown in the theoretical analysis and the experimental results, the proposed strategy can achieve significant improvements in terms of security, privacy, and applicability.
The fourth industrial revolution (Industrie 4.0) is distinguished by a growing network and intelligence of machines, products, services and data. This results in new business models and value chains, but also various risks, e.g. by hacker attacks, data theft or manipulation. Many companies consider Industrie 4.0 much as a security challenge other than an opportunity or enabler for new business models. Therefore, effective security methods to protect the Industrie 4.0 systems and its associated values and assets are needed. One of the aims of Industrie 4.0 is identifying and developing new, appropriate security practices for enterprises and especially for their production systems. Based on the connectivity infrastructure in the shop floor, the diversity in the corporate landscape of the global mechanical and plant engineering ultimately causes that every company has to develop its own way of IT and production security management.
As the ease with which any data are collected and transmitted increases,
more privacy concerns arise leading to an increasing need to protect and preserve
it. Much of the recent high-profile coverage of data mishandling and public mis-
leadings about various aspects of privacy exasperates the severity. The Smart Grid
(SG) is no exception with its key characteristics aimed at supporting bi-directional
information flow between the consumer of electricity and the utility provider. What
makes the SG privacy even more challenging and intriguing is the fact that the very
success of the initiative depends on the expanded data generation, sharing, and pro-
cessing. In particular, the deployment of smart meters whereby energy consumption
information can easily be collected leads to major public hesitations about the tech-
nology. Thus, to successfully transition from the traditional Power Grid to the SG
of the future, public concerns about their privacy must be explicitly addressed and
fears must be allayed. Along these lines, this chapter introduces some of the privacy
issues and problems in the domain of the SG, develops a unique taxonomy of some
of the recently proposed privacy protecting solutions as well as some if the future
privacy challenges that must be addressed in the future.
Recent advances in manufacturing industry has paved way for a systematical deployment of Cyber-Physical Systems (CPS), within which information from all related perspectives is closely monitored and synchronized between the physical factory floor and the cyber computational space. Moreover, by utilizing advanced information analytics, networked machines will be able to perform more efficiently, collaboratively and resiliently. Such trend is transforming manufacturing industry to the next generation, namely Industry 4.0. At this early development phase, there is an urgent need for a clear definition of CPS. In this paper, a unified 5-level architecture is proposed as a guideline for implementation of CPS.
Critical infrastructure Supervisory Control and Data Acquisition (SCADA) systems have been designed to operate on closed, proprietary networks where a malicious insider posed the greatest threat potential. The centralization of control and the movement towards open systems and standards has improved the efficiency of industrial control, but has also exposed legacy SCADA systems to security threats that they were not designed to mitigate. This work explores the viability of machine learning methods in detecting the new threat scenarios of command and data injection. Similar to network intrusion detection systems in the cyber security domain, the command and control communications in a critical infrastructure setting are monitored, and vetted against examples of benign and malicious command traffic, in order to identify potential attack events. Multiple learning methods are evaluated using a dataset of Remote Terminal Unit communications, which included both normal operations and instances of command and data injection attack scenarios.
A new method for the analytical prediction of stability lobes in milling is presented. The stability model requires transfer functions of the structure at the cutter - workpiece contact zone, static cutting force coefficients, radial immersion and the number of teeth on the cutter. Time varying dynamic cutting force coefficients are approximated by their Fourier series components, and the chatter free axial depth of cuts and spindle speeds are calculated directly from the proposed set of linear analytic expressions without any digital iteration. Analytically predicted stability lobes are compared with the lobes generated by time domain and other numerical methods available in the literature.
Privacy has become increasingly important to the database community which is reflected by a noteworthy increase in research
papers appearing in the literature. While researchers often assume that their definition of “privacy” is universally held
by all readers, this is rarely the case; so many papers addressing key challenges in this domain have actually produced results
that do not consider the same problem, even when using similar vocabularies. This paper provides an explicit definition of
data privacy suitable for ongoing work in data repositories such as a DBMS or for data mining. The work contributes by briefly
providing the larger context for the way privacy is defined legally and legislatively but primarily provides a taxonomy capable
of thinking of data privacy technologically. We then demonstrate the taxonomy’s utility by illustrating how this perspective
makes it possible to understand the important contribution made by researchers to the issue of privacy. The conclusion of
this paper is that privacy is indeed multifaceted so no single current research effort adequately addresses the true breadth
of the issues necessary to fully understand the scope of this important issue.
Theoretical results strongly suggest that in order to learn the kind of complicated functions that can repre- sent high-level abstractions (e.g. in vision, language, an d other AI-level tasks), one needs deep architec- tures. Deep architectures are composed of multiple levels of non-linear operations, such as in neural nets with many hidden layers or in complicated propositional formulae re-using many sub-formulae. Searching the parameter space of deep architectures is a difficult opti mization task, but learning algorithms such as those for Deep Belief Networks have recently been proposed to tackle this problem with notable success, beating the state-of-the-art in certain areas. This paper d iscusses the motivations and principles regarding learning algorithms for deep architectures, in particular those exploiting as building blocks unsupervised learning of single-layer models such as Restricted Boltzmann Machines, used to construct deeper models such as Deep Belief Networks.
Modern cyber physical systems (CPSs) has widely being used in our daily lives because of development of information and communication technologies (ICT). With the provision of CPSs, the security and privacy threats associated to these systems are also increasing. Passive attacks are being used by intruders to get access to private information of CPSs. In order to make CPSs data more secure, certain privacy preservation strategies such as encryption, and k-anonymity have been presented in the past. However, with the advances in CPSs architecture, these techniques also need certain modifications. Meanwhile, differential privacy emerged as an efficient technique to protect CPSs data privacy. In this paper, we present a comprehensive survey of differential privacy techniques for CPSs. In particular, we survey the application and implementation of differential privacy in four major applications of CPSs named as energy systems, transportation systems, healthcare and medical systems, and industrial Internet of things (IIoT). Furthermore, we present open issues, challenges, and future research direction for differential privacy techniques for CPSs. This survey can serve as basis for the development of modern differential privacy techniques to address various problems and data privacy scenarios of CPSs.
Recent trends in manufacturing and industry accelerate the interconnection of industrial control systems between each other and over public networks. This brings an increase of cyber attack impact with it as the number of potential targets rises and the consequences of the attacks gain in severity. In order to build secure manufacturing systems, it is paramount to measure the possible impact of cyber attacks. This is required to evaluate security controls towards their effectiveness in attack scenarios.
In this work, a proposal for an impact assessment framework in manufacturing is given. A suitable attacker model for execution of the attacks is provided. An evaluation metric for quantifying attack impact on manufacturing systems is developed. A light-weight modeling technique is presented and used to study the impact of cyber attacks on a cellular assembly setup. Different attack scenarios are implemented and simulated within the framework. The simulations provide detailed insight and illustrate attack impact.
Customer-individual production in manufacturing is a current trend related to the Industrie 4.0 paradigm. Creation of design files by the customers is becoming more frequent. These design files are typically generated outside the company boundaries and then transferred to the organization where they are eventually processed and scheduled for production. From a security perspective, this introduces new attack vectors targeting producing companies. Design files with malicious configuration parameters can threaten the availability of the manufacturing plant resulting in financial risks and can even cause harm to humans. Human verification of design files is error-prone why an automated solution is required. A graph-theoretic modeling framework for machine tools capable of verifying the security of product designs is proposed. This framework is used to model an exemplary production process implemented in a wood processing plant based on the experiences of a real-world case study. Simulation of the modeled scenario shows the feasibility of the framework. Apart from security verification, the approach can be adopted to decide if a product design can be manufactured with a given set of machine tools.
The success of the Internet of Things and rich cloud services have helped create the need for edge computing, in which data processing occurs in part at the network edge, rather than completely in the cloud. Edge computing could address concerns such as latency, mobile devices' limited battery life, bandwidth costs, security, and privacy.
A private stream aggregation (PSA) system contributes a user's data to a data aggregator without compromising the user's privacy. The system can begin by determining a private key for a local user in a set of users, wherein the sum of the private keys associated with the set of users and the data aggregator is equal to zero. The system also selects a set of data values associated with the local user. Then, the system encrypts individual data values in the set based in part on the private key to produce a set of encrypted data values, thereby allowing the data aggregator to decrypt an aggregate value across the set of users without decrypting individual data values associated with the set of users, and without interacting with the set of users while decrypting the aggregate value. The system also sends the set of encrypted data values to the data aggregator.
We introduce Concentrated Differential Privacy, a relaxation of Differential Privacy enjoying better accuracy than both pure differential privacy and its popular "(epsilon,delta)" relaxation without compromising on cumulative privacy loss over multiple computations.
The problem of privacy-preserving data analysis has a long history spanning multiple disciplines. As electronic data about individuals becomes increasingly detailed, and as technology enables ever more powerful collection and curation of these data, the need increases for a robust, meaningful, and mathematically rigorous definition of privacy, together with a computationally rich class of algorithms that satisfy this definition. Differential Privacy is such a definition. After motivating and discussing the meaning of differential privacy, the preponderance of this monograph is devoted to fundamental techniques for achieving differential privacy, and application of these techniques in creative combinations, using the query-release problem as an ongoing example. A key point is that, by rethinking the computational goal, one can often obtain far better results than would be achieved by methodically replacing each step of a non-private computation with a differentially private implementation. Despite some astonishingly powerful computational results, there are still fundamental limitations – not just on what can be achieved with differential privacy but on what can be achieved with any method that protects against a complete breakdown in privacy. Virtually all the algorithms discussed herein maintain differential privacy against adversaries of arbitrary computational power. Certain algorithms are computationally intensive, others are efficient. Computational complexity for the adversary and the algorithm are both discussed. We then turn from fundamentals to applications other than query-release, discussing differentially private methods for mechanism design and machine learning. The vast majority of the literature on differentially private algorithms considers a single, static, database that is subject to many analyses. Differential privacy in other models, including distributed databases and computations on data streams is discussed. Finally, we note that this work is meant as a thorough introduction to the problems and techniques of differential privacy, but is not intended to be an exhaustive survey – there is by now a vast amount of work in differential privacy, and we can cover only a small portion of it.
Supervisory Control and Data Acquisition (SCADA) systems control and monitor industrial and critical infrastructure functions, such as electricity, gas, water, waste, railway, and traffic. Recent attacks on SCADA systems highlight the need for stronger SCADA security. Thus, sharing SCADA traffic data has become a vital requirement in SCADA systems to analyze security risks and develop appropriate security solutions. However, inappropriate sharing and usage of SCADA data could threaten the privacy of companies and prevent sharing of data. In this paper, we present a privacy preserving strategy-based permutation technique called PPFSCADA framework, in which data privacy, statistical properties and data mining utilities can be controlled at the same time. In particular, our proposed approach involves: (i) vertically partitioning the original data set to improve the performance of perturbation, (ii) developing a framework to deal with various types of network traffic data including numerical, categorical and hierarchical attributes: (iii) grouping the portioned sets into a number of clusters based on the proposed framework; and (iiii) the perturbation process is accomplished by the alteration of the original attribute value by a new value (clusters centroid). The effectiveness of the proposed PPFSCADA framework is shown through several experiments on simulated SCADA, intrusion detection and network traffic data sets. Through experimental analysis, we show that PPFSCADA effectively deals with multivariate traffic attributes, producing compatible results as the original data, and also substantially improving the performance of the five supervised approaches and provides high level of privacy protection.
The pervasiveness of location-aware devices has spawned extensive research in trajectory data mining, resulting in many important real-life applications. Yet, the privacy issue in sharing trajectory data among different parties often creates an obstacle for effective data mining. In this paper, we study the challenges of anonymizing trajectory data: high dimensionality, sparseness, and sequentiality. Employing traditional privacy models and anonymization methods often leads to low data utility in the resulting data and ineffective data mining. In addressing these challenges, this is the first paper to introduce local suppression to achieve a tailored privacy model for trajectory data anonymization. The framework allows the adoption of various data utility metrics for different data mining tasks. As an illustration, we aim at preserving both instances of location-time doublets and frequent sequences in a trajectory database, both being the foundation of many trajectory data mining tasks. Our experiments on both synthetic and real-life data sets suggest that the framework is effective and efficient to overcome the challenges in trajectory data anonymization. In particular, compared with the previous works in the literature, our proposed local suppression method can significantly improve the data utility in anonymous trajectory data.
The chip regeneration mechanism during chatter is influenced by vibrations in three directions when milling cutters with ball end, bull nose, or inclined cutting edges are used. A three dimensional chatter stability is modeled analytically in this article. The dynamic milling system is formulated as a function of cutter geometry, the frequency response of the machine tool structure at the cutting zone in three Cartesian directions, cutter engagement conditions and material property. The dynamic milling system with nonlinearities and periodic delayed differential equations is reduced to a three dimensional linear stability problem by approximations based on the physics of milling. The chatter stability lobes are predicted in the frequency domain using the proposed analytical solution, and verified experimentally in milling a Titanium alloy with a face milling cutter having circular inserts.
In 1977 Dalenius articulated a desideratum for statistical databases: nothing about an individual should be learnable from
the database that cannot be learned without access to the database. We give a general impossibility result showing that a
formalization of Dalenius’ goal along the lines of semantic security cannot be achieved. Contrary to intuition, a variant
of the result threatens the privacy even of someone not in the database. This state of affairs suggests a new measure, differential privacy, which, intuitively, captures the increased risk to one’s privacy incurred by participating in a database. The techniques
developed in a sequence of papers [8, 13, 3], culminating in those described in [12], can achieve any desired level of privacy
under this measure. In many cases, extremely accurate information about the database can be provided while simultaneously
ensuring very high levels of privacy.
We consider how an untrusted data aggregator can learn desired statistics over multiple participants ’ data, without compromising each individual’s privacy. We propose a construction that allows a group of participants to periodically upload encrypted values to a data aggregator, such that the aggregator is able to compute the sum of all participants ’ values in every time period, but is unable to learn anything else. We achieve strong privacy guarantees using two main techniques. First, we show how to utilize applied cryptographic techniques to allow the aggregator to decrypt the sum from multiple ciphertexts encrypted under different user keys. Second, we describe a distributed data randomization procedure that guarantees the differential privacy of the outcome statistic, even when a subset of participants might be compromised. 1
Dierential privacy is a recent notion of privacy tailored to the problem of statistical disclosure control: how to release statistical information about a set of people without compromising the the privacy of any individual (7). We describe new work (10, 9) that extends dierentially private data analysis beyond the traditional setting of a trusted curator operating, in perfect isolation, on a static dataset. We ask How can we guarantee dierential privacy, even against an adversary that has access to the algorithm's internal state, eg, by subpoena? An algorithm that achives this is said to be pan-private. How can we guarantee dierential privacy when the algorithm must continually produce outputs? We call this dierential privacy under continual observation . We also consider these requirements in conjunction.
A nonintrusive appliance load monitor that determines the energy
consumption of individual appliances turning on and off in an electric
load, based on detailed analysis of the current and voltage of the total
load, as measured at the interface to the power source is described. The
theory and current practice of nonintrusive appliance load monitoring
are discussed, including goals, applications, load models, appliance
signatures, algorithms, prototypes field-test results, current research
directions, and the advantages and disadvantages of this approach
relative to intrusive monitoring
Generic procedure model to introduce industrie 4.0 in small and medium-sized enterprises
- Y Wang
- G Wang
Recommendations for implementing the strategic initiative INDUSTRIE 4.0: Securing the future of German manufacturing industry; final report of the Industrie 4.0 Working Group
- H Kagermann
- J Helbig
- A Hellinger
- W Wahlster
MTConnect - OPC UA Companion Specification
- M Institute
Recommendations for implementing the strategic initiative INDUSTRIE 4.0: Securing the future of German manufacturing industry; final report of the Industrie 4.0 Working Group
- kagermann