SIMON: A Domain-Agnostic Framework for Secure Design and Validation of Cyber Physical Systems

Yanambaka Venkata, Rohith

12 1900

Cyber physical systems (CPS) are an integration of computational and physical processes, where the cyber components monitor and control physical processes. Cyber-attacks largely target the cyber components with the intention of disrupting the functionality of the components in the physical domain. This dissertation explores the role of semantic inference in understanding such attacks and building resilient CPS systems. To that end, we present SIMON, an ontological design and verification framework that captures the intricate relationship(s) between cyber and physical components in CPS by leveraging several standard ontologies and extending the NIST CPS framework for the purpose of eliciting trustworthy requirements, assigning responsibilities and roles to CPS functionalities, and validating that the trustworthy requirements are met by the designed system. We demonstrate the capabilities of SIMON using two case studies – a vehicle to infrastructure (V2I) safety application and an additive manufacturing (AM) printer. In addition, we also present a taxonomy to capture threat feeds specific to the AM domain.

CPS

Cyber Physical Systems

Security

Additive manufacturing security

threat feeds

CYBERSECURITY IN THE PUR-1 NUCLEAR REACTOR

Styliani Pantopoulou (11189106)

27 July 2021

Nuclear systems heavily depend on Instrumentation and Control (I&C) entities for their protection, monitoring and control processes, all of which play an important role for their safety and security. The obsolescence of analog I&C systems, along with the increased costs for their maintenance, has rendered the adoption of digital control systems inevitable. Digitization offers numerous advantages to systems, ranging from precision in measurements to reduction in equipment and costs. However, it also comes with a number of challenges, most of which are related to increased failure risk, either from human or control systems error, and vulnerability to attacks, which can be a major threat to non-proliferation. These characteristics point to the category of Cyber Physical Systems (CPSs), namely collections of computational components that receive physical inputs from sensors, and are connected to feedback loops in order to adapt to new circumstances. The ever growing use of CPSs may increase the risk for cyber attacks, that threaten a system’s integrity and security. Plenty of research has been conducted on this topic. The focus of this work is to implement an architecture that can protect the system under review, namely Purdue University Reactor Number One (PUR-1), from these types of attacks. The reactor is physically modelled, through the use of point kinetics equations and reactivity calculations. Controllers existing in the plant are modelled and tuned for the purpose of controlling the reactor’s power. Mitigation of the cyber attacks is later examined through fault tolerance. One of the main ways to achieve fault tolerance in systems of this type is through redundant components, the so-called replicas. Replicas are later used in a process of voting, in order to detect failures. According to the Byzantine Fault Tolerance (BFT) protocol, which is the most popular protocol for this purpose, a maximum number of t faults can be tolerated by the system, when there are in total 3t+1 replicas in the system architecture. Redundancy, however, is not capable to keep a system safe by itself under all circumstances. For this purpose, software diversity is explored. According to this, software in the controllers gets diversified into distinct variants. Different software variants execute instructions, and other variants are expected to execute other actions. In the case where some tampered inputs crash (or deactivate) one of the variants, other variants take control and the system is tolerant against failures. Lastly, CPS inertia is exploited along with rollback recovery methods for the rebooting of the system after a failure. The actual algorithm for the system studied in this work uses three redundant controllers and performs as follows; the error term from the subtraction of the output from the setpoint is fed as input to the first two controllers, as well as to the delay queue connected to the third controller. The outputs of the first two controllers are compared, and then there are two cases of operation. In the case of a good message in the input, the variants in the controllers do not crash, thus the signal from the top two controllers reaches the plant. In the case of a bad message, at least one of the two controllers crashes, because at least one of the code variants fails due to the diversity. This automatically triggers the comparator, which sends a signal so that the output of the isolated controller is used and propagates towards the plant. After implementing a Graphical User Interface (GUI), which acts as a simulator and visualizes the system’s state, it is shown that PUR-1 is able to overcome bad messages regarding scram or control rod positions, when the protection architecture is activated. More specifically, when a bad message for scram is sent, the reactor manages to not drop its power level and continues to adjust the rod positions in order to achieve a specific power setpoint. Moreover, in the case of a bad message for the control rod positions, which means that the system is running open loop and thus is uncontrolled, the reactor manages to recover the rod positions and power level after some seconds. Conversely, when the protection system is deactivated, it is shown that bad messages regarding scram or rod positions are able to affect the reactor's state. In the case of the scram bad message, the reactor power drops immediately, while in the case of the rod position bad message, the power level changes uncontrollably.

Nuclear Engineering

Cybersecurity

PUR-1

cyber physical systems

Cooperative Autonomous Resilient Defense Platform for Cyber-Physical Systems

Azab, Mohamed Mahmoud Mahmoud

28 February 2013

Cyber-Physical Systems (CPS) entail the tight integration of and coordination between computational and physical resources. These systems are increasingly becoming vital to modernizing the national critical infrastructure systems ranging from healthcare, to transportation and energy, to homeland security and national defense. Advances in CPS technology are needed to help improve their current capabilities as well as their adaptability, autonomicity, efficiency, reliability, safety and usability.  Due to the proliferation of increasingly sophisticated cyber threats with exponentially destructive effects, CPS defense systems must systematically evolve their detection, understanding, attribution, and mitigation capabilities. Unfortunately most of the current CPS defense systems fall short to adequately provision defense services while maintaining operational continuity and stability of the targeted CPS applications in presence of advanced persistent attacks. Most of these defense systems use un-coordinated combinations of disparate tools to provision defense services for the cyber and physical components. Such isolation and lack of awareness of and cooperation between defense tools may lead to massive resource waste due to unnecessary redundancy, and potential conflicts that can be utilized by a resourceful attacker to penetrate the system.   Recent research argued against the suitability of the current security solutions to CPS environments. We assert the need for new defense platforms that effectively and efficiently manage dynamic defense missions and toolsets in real-time with the following goals: 1) Achieve asymmetric advantage to CPS defenders, prohibitively increasing the cost for attackers; 2) Ensure resilient operations in presence of persistent and evolving attacks and failures; and 3) Facilitate defense alliances, effectively and efficiently diffusing defense intelligence and operations transcending organizational boundaries. Our proposed solution comprehensively addresses the aforementioned goals offering an evolutionary CPS defense system. The presented CPS defense platform, termed CyPhyCARD (Cooperative Autonomous Resilient Defenses for Cyber-Physical systems) presents a unified defense platform to monitor, manage, and control the heterogeneous composition of CPS components. CyPhyCARD relies on three interrelated pillars to construct its defense platform. CyPhyCARD comprehensively integrates these pillars, therefore building a large scale, intrinsically resilient, self- and situation-aware, cooperative, and autonomous defense cloud-like platform that provisions adequate, prompt, and pervasive defense services for large-scale, heterogeneously-composed CPS. The CyPhyCARD pillars are: 1) Autonomous management platform (CyberX) for CyPhyCARD's foundation. CyberX enables application elasticity and autonomic adaptation to changes by runtime diversity employment, enhances the application resilience against attacks and failures by multimodal recovery mechanism, and enables unified application execution on heterogeneously composed platforms by a smart employment of a fine-grained environment-virtualization technology. 2) Diversity management system (ChameleonSoft) built on CyberX. ChameleonSoft encrypts software execution behavior by smart employment of runtime diversity across multiple dimensions to include time, space, and platform heterogeneity inducing a trace-resistant moving-target defense that works on securing CyPhyCARD platform against software attacks. 3) Evolutionary Sensory system (EvoSense) built on CyberX. EvoSense realizes pervasive, intrinsically-resilient, situation-aware sense and response system to seamlessly effect biological-immune-system like defense. EvoSense acts as a middle layer between the defense service provider(s) and the Target of Defense (ToD) creating a uniform defense interface that hides ToD's scale and heterogeneity concerns from defense-provisioning management. CyPhyCARD is evaluated both qualitatively and quantitatively. The efficacy of the presented approach is assessed qualitatively, through a complex synthetic CPS attack scenario. In addition to the presented scenario, we devised multiple prototype packages for the presented pillars to assess their applicability in real execution environment and applications. Further, the efficacy and the efficiency of the presented approach is comprehensively assessed quantitatively by a set of custom-made simulation packages simulating each CyPhyCARD pillar for performance and security evaluation.  The evaluation illustrated the success of CyPhyCARD and its constructing pillars to efficiently and effectively achieve its design objective with reasonable overhead. / Ph. D.

Cyber Physical Systems

Security

Resilience

Cloud Computing

Autonomic Management

Decentralized safety architecture for cyberphysical production systems

Faller, Clemens, Schwoll, Artur

27 January 2022

In the context of the paper, a research work is shown to implement a networked decentralized safety architecture that replaces the central architecture. Thus, the safety system fits better into the rest of the automation structure. On the one hand, this is done by a clearer hardware structure, as there is now one safety controller per decentralized unit, which, analogous to the distributed automation system, communicates with the other stations via an Ethernet-based bus system, thus greatly reducing the wiring and commissioning effort. On the other hand, the decentralized processing allows a local shutdown of the safety-relevant components and an escalation of the emergency shutdown to other areas, depending on the emergency stop situation. This means that in the event of a safety-critical situation, the shutdown is reduced to what is necessary from a safety point of view, which increases system availability.

Securing Modern Cyberspace Using A Multi-Faceted Approach

Li, Yu

06 June 2019

No description available.

Computer Engineering

Security

cyber-physical systems

web server

social networks

Human-Interactions with Robotic Cyber-Physical Systems (CPS) for Facilitating Construction Progress Monitoring

Halder, Srijeet

23 August 2023

Progress monitoring in construction involves a set of inspection tasks with repetitive in-person observations on the site. The current manual inspection process is time-consuming, inefficient, inconsistent, and has many safety risks to project inspectors. Cyber-Physical Systems (CPS) are networks of integrated physical and cyber components, such as robots, sensors, actuators, cloud computing, artificial intelligence, and the building itself. Introducing CPS for construction progress monitoring can reduce risks involved in the process, improve efficiency, and enable remote progress monitoring. A robotic CPS uses a robot as the core component of the CPS. But human interaction with technology plays an important role in the successful implementation of any technology. This research studied the human-centered design of a CPS from a human-computer interaction perspective for facilitating construction progress monitoring that puts the needs and abilities of humans at the center of the development process. User experience and interactions play an important role in human-centered design. This study first develops a CPS framework to autonomously collect visual data and facilitate remote construction progress monitoring. The two types of interactions occur between the human and the CPS – the human provides input for the CPS to collect data referred to as mission planning, and CPS provides visual data to enable the human to perform progress analysis. The interaction may occur through different modalities, such as visual, tactile, auditory, and immersive. The goal of this research is to understand the role of human interactions with CPS for construction progress monitoring. The study answers five research questions – a) What robotic CPS framework can be applied in construction progress monitoring? b) To what extent is the proposed CPS framework acceptable as an alternative to traditional construction progress monitoring? c) How can natural interaction modalities like hand gestures and voice commands be used as human-CPS interaction modalities for the proposed CPS? d) How does the human interaction modality between the proposed CPS and its user affect the usability of the proposed CPS? e) How does the human interaction modality between CPS and its user affect the performance of the proposed CPS?. To answer the research questions, a mixed-method-based methodology is used in this study. First, a systematic literature review is performed on the use of robots in inspection and monitoring of the built environment. Second, a CPS framework for remote progress monitoring is developed and evaluated in lab conditions. Third, a set of industry experts experienced with construction progress monitoring are interviewed to measure their acceptance of the developed CPS and to collect feedback for the evaluation of the CPS. Fourth, two methodologies are developed to use hand gesture and voice command recognition for human-CPS interaction in progress monitoring. Fifth, the usability and performance of the CPS are measured for identified interaction modalities through a human subject study. The human subjects are also interviewed post-experiment to identify the challenges they faced in their interactions with the CPS. The study makes the following contributions to the body of knowledge – a) key research areas and gaps were identified for robots in inspection and monitoring of the built environment, b) a fundamental framework for a robotic CPS was developed to automate reality capture and visualization using quadruped robots to facilitate remote construction progress monitoring, c) factors affecting the acceptance of the proposed robotic CPS for construction progress monitoring were identified by interviewing construction experts, d) two methodologies for using hand gestures and voice commands were developed for human-CPS interaction in construction progress monitoring, e) the effect of human interaction modalities on the usability and performance of the proposed CPS was assessed in construction progress monitoring through user studies, f) factors affecting the usability and performance of the proposed CPS with different interaction modalities were identified by conducting semi-structured interviews with users. / Doctor of Philosophy / Progress monitoring in construction involves inspecting and observing the construction site in person. The current manual inspection process is slow, inefficient, inconsistent, and risky for inspectors. Cyber-Physical Systems (CPS) are networks that integrate physical and digital components like robots, sensors, cloud computing, and artificial intelligence. Implementing CPS in construction progress monitoring can reduce risks, improve efficiency, and enable remote monitoring. A robotic CPS uses a robot as its core component. However, acceptance of the technology by people in the industry is crucial for successful implementation. Past literature has suggested human-centered design of technology for better acceptance of the technology. This research focuses on the human-centered design of a robotic CPS for construction progress monitoring, by focusing on the role of human-CPS interactions. User experience and interactions are important in human-centered design. The study develops a CPS framework that autonomously collects visual data and facilitates remote progress monitoring. The interactions between humans and CPS involve the human providing input for data collection (called mission planning) and the CPS providing visual data for progress analysis. The research aims to understand the role of human interactions with CPS in construction progress monitoring and answers five research questions. To answer these questions, a mixed-methods methodology is used. The CPS framework is developed and evaluated in lab conditions, industry experts are interviewed for their acceptance and feedback, methodologies are developed to recognize hand gestures and voice commands for human-CPS interaction, and usability and performance of the CPS are measured through human subject studies. Key contributions are made in this research in terms of identification of the application domains of CPS in inspection and monitoring of buildings and infrastructure, a CPS framework for remote progress monitoring, identification of the factors affecting acceptance of CPS in construction progress monitoring, development of methodologies to use hand gestures and voice commands for interactions with CPS, assessment of the effect of interaction modalities on the user experience with the CPS.

robots

construction progress monitoring

human-computer interaction

cyber-physical systems

A Makerspace Cyber Physical System for Convergence Research

Moiz S Rasheed (17611824)

12 December 2023

<p dir="ltr">We are in the midst of the fourth industrial revolution, and manufacturers are looking<br>to digitally transform their processes in order to leverage new technologies such as adap-<br>tive automation, virtual reality and digital twin driven simulation. A key aspect of this<br>revolution compared to previous is the increased availability of data and accessibility of<br>machines throughout the production process enabled by cyber-physical systems (CPS) and<br>IoT. However, the integration of many devices is challenging, requiring significant capital<br>and expertise. This can limit smaller players from benefiting from technological gains as<br>well as stymie research, particularly advanced human-computer-interaction (HCI) investiga-<br>tions which are becoming increasingly relevant.<br>Thus in this thesis we develop a framework for CPS creation and communication that<br>is amenable to the needs of HCI and convergence research. We develop several middleware<br>components to bridge the communication gap of many common fabrication machines and<br>other devices. The middleware translates device specific protocols into a shared language to<br>alleviate the user interface (UI) programs of this responsibility and promote reuse. Addi-<br>tionally, we develop an extension to the glTF model format to leverage this shared protocol<br>to enable the UI to load and interact with an arbitrary number of devices in an intuitive<br>manner at runtime. Finally, we discuss several applications to demonstrate the system’s<br>utility for research.</p>

Human-computer interaction

Makerspaces

industrial IoT

Cyber-Physical Systems (CPSs)

Security and Privacy Issues of Mobile Cyber-physical Systems

Shang, Jiacheng

January 2020

Cyber-physical systems (CPS) refer to a group of systems that combine the real physical world with cyber components. Traditionally, the applications of CPS in research and the real world mainly include smart power grid, autonomous automobile systems, and robotics systems. In recent years, due to the fast development of pervasive computing, sensor manufacturing, and artificial intelligence technologies, mobile cyber-physical systems that extend the application domains of traditional cyber-physical systems have become increasingly popular. In mobile cyber-physical systems, devices have rich features, such as significant computational resources, multiple communication radios, various sensor modules, and high-level programming languages. These features enable us to build more powerful and convenient applications and systems for mobile users. At the same time, such information can also be leveraged by attackers to design new types of attacks. The security and privacy issues can exist in any application of mobile CPS. In terms of defense systems, we focus on three important topics: voice liveness detection, face forgery detection, and securing PIN-based authentication. In terms of attack systems, we study the location privacy in augmented reality (AR) applications. We first investigate the voice replay attacks on smartphones. Voice input is becoming an important interface on smartphones since it can provide better user experience compared with traditional typing-based input methods. However, because the human voice is often exposed to the public, attackers can easily steal victims' voices and replay it to victims' devices to issue malicious commands. To defend the smartphone from voice replay attacks, we propose a novel liveness detection system, which can determine whether the incoming voice is from a live person or a loudspeaker. The key idea is that voices are produced and finalized at multiple positions in human vocal systems, while the audio signals from loudspeakers are from one position. By using two microphones on the smartphone to record the voice at two positions and measure their relationship, the proposed system can defend against voice replay attacks with a high success rate. Besides smartphones, voice replay attacks are also feasible on AR headsets. However, due to the special hardware positions, the current voice liveness detection system designed for smartphones cannot be deployed on AR headsets. To address this issue, we propose a novel voice liveness detection system for AR headsets. The key insight is that the human voice can propagate through the internal body. By attaching a contact microphone around the user's temple, we can collect the internal body voice. A voice is determined from a live person as long as the collected internal body voice has a strong relationship with the mouth voice. Since the contact microphone is cheap, tiny, and thin, it can be embedded in current AR headsets with minimal additional cost. Next, we propose a system to detect the fake face in real-time video chat. Recent developments in deep learning-based forgery techniques largely improved the ability of forgery attackers. With the help of face reenactment techniques, attackers can transfer their facial expressions to another person's face to create fake facial videos in real-time with very high quality. In our system, we find that the face of a live person can reflect the screen light, and this reflected light can be captured by the web camera. Moreover, current face forgery techniques cannot generate such light change with acceptable quality. Therefore, we can measure the correlation and similarity of the luminance changes between the screen light and the face-reflected light to detect the liveness of the face. We also study to leverage IoT devices to enhance the privacy of some daily operations. We find that the widely used personal identification number (PIN) is not secure and can be attacked in many ways. In some scenarios, it is hard to prevent attackers from obtaining the victim's PIN. Therefore, we propose a novel system to secure the PIN input procedure even if the victim's PIN has been leaked. The basic idea is that different people have different PIN input behavior even for the same PIN. Even though attackers can monitor the victim's PIN input behaviors and imitate it afterward, the biological differences among each person's hands still exist and can be used to differentiate them. To capture both PIN input behavior and the biological features, we install a tiny light sensor at the center of the PIN pad to transfer the information into a light signal. By extracting useful features from multiple domains, we can determine whether the PIN input is from the same person with high accuracy. Besides designing new defense systems, we also show that sensory data and side-channel information can be leveraged to launch new types of attacks. We conduct a study on the network traffic of location-based AR applications. We find that it is feasible to infer the real-time location of a user using the short-time network traffic if the downloading jobs are related to the current location. By carefully deploying fake AR contents at some locations, our attack system can infer the location of the user with high accuracy by processing noisy network traffic data. / Computer and Information Science

Computer Science

Attack

Mobile Cyber-physical System

Privacy

Security

A BDI AGENT BASED FRAMEWORK FOR MODELING AND SIMULATION OF CYBER PHYSICAL SYSTEMS

REN, QIANGGUO

January 2011

Cyber-physical systems refer to a new generation of synergy systems with integrated computational and physical processes which interact with one other. The development and simulation of cyber-physical systems (CPSs) are obstructed by the complexity of the subsystems of which they are comprised, fundamental differences in the operation of cyber and physical elements, significant correlative dependencies among the elements, and operation in dynamic and open environments. The Multiple Belief-Desire-Intention (BDI) agent system (BDI multi-agent system) is a promising choice for overcoming these challenges, since it offers a natural way to decompose complex systems or large scale problems into decentralized, autonomous, interacting, more or less intelligent entities. In particular, BDI agents have the ability to interact with, and expand the capabilities of, the physical world through computation, communication, and control. A BDI agent has its philosophical grounds on intentionality and practical reasoning, and it is natural to combine a philosophical model of human practical reasoning with the physical operation and any cyber infrastructure. In this thesis, we introduce the BDI Model, discuss implementations of BDI agents from an ideal theoretical perspective as well as from a more practical perspective, and show how they can be used to bridge the cyber infrastructure and the physical operation using the framework. We then strengthen the framework's performance using the state-of-the-art parallel computing architecture and eventually propose a BDI agent based software framework to enable the efficient modeling and simulation of heterogeneous CPS systems in an integrated manner. / Electrical and Computer Engineering

Engineering

Computer Engineering

Bdi Agents

Cyber-physical System

Security and Privacy for Internet of Things: Authentication and Blockchain

Sharaf Dabbagh, Yaman

21 May 2020

Reaping the benefits of the Internet of Things (IoT) system is contingent upon developing IoT-specific security and privacy solutions. Conventional security and authentication solutions often fail to meet IoT requirements due to the computationally limited and portable nature of IoT objects. Privacy in IoT is a major issue especially in the light of current attacks on Facebook and Uber. Research efforts in both the academic and the industrial fields have been focused on providing security and privacy solutions that are specific to IoT systems. These solutions include systems to manage keys, systems to handle routing protocols, systems that handle data transmission, access control for devices, and authentication of devices. One of these solutions is Blockchain, a trust-less peer-to-peer network of devices with an immutable data storage that does not require a trusted party to maintain and validate data entries in it. This emerging technology solves the problem of centralization in systems and has the potential to end the corporations control over our personal information. This unique characteristic makes blockchain an excellent candidate to handle data communication and storage between IoT devices without the need of oracle nodes to monitor and validate each data transaction. The peer-to-peer network of IoT devices validates data entries before being added to the blockchain database. However, accurate authentication of each IoT device using simple methods is another challenging problem. In this dissertation, a complete novel system is proposed to authenticate, verify, and secure devices in IoT systems. The proposed system consists of a blockchain framework to collect, monitor, and analyze data in IoT systems. The blockchain based system exploits a method, called Sharding, in which devices are grouped into smaller subsets to provide a scalable system. In addition to solving the scalability problem in blockchain, the proposed system is secured against the 51% attack in which a malicious node tries to gain control over the majority of devices in a single shard in order to disrupt the validation process of data entries. The proposed system dynamically changes the assignment of devices to shards to significantly decrease the possibility of performing 51% attacks. The second part of the novel system presented in this work handles IoT device authentication. The authentication framework uses device-specific information, called fingerprints, along with a transfer learning tool to authenticate objects in the IoT. The framework tracks the effect of changes in the physical environment on fingerprints and uses unique IoT environmental effects features to detect both cyber and cyber-physical emulation attacks. The proposed environmental effects estimation framework showed an improvement in the detection rate of attackers without increasing the false positives rate. The proposed framework is also shown to be able to detect cyber-physical attackers that are capable of replicating the fingerprints of target objects which conventional methods are unable to detect. In addition, a transfer learning approach is proposed to allow the use of objects with different types and features in the environmental effects estimation process. The transfer learning approach was also implemented in cognitive radio networks to prevent primary users emulation attacks that exist in these networks. Lastly, this dissertation investigated the challenge of preserving privacy of data stored in the proposed blockchain-IoT system. The approach presented continuously analyzes the data collected anonymously from IoT devices to insure that a malicious entity will not be able to use these anonymous datasets to uniquely identify individual users. The dissertation led to the following key results. First, the proposed blockchain based framework that uses sharding was able to provide a decentralized, scalable, and secured platform to handle data exchange between IoT devices. The security of the system against 51% attacks was simulated and showed significant improvements compared to typical blockchain implementations. Second, the authentication framework of IoT devices is shown to yield to a 40% improvement in the detection of cyber emulation attacks and is able to detect cyber-physical emulation attacks that conventional methods cannot detect. The key results also show that the proposed framework improves the authentication accuracy while the transfer learning approach yields up to 70% additional performance gains. Third, the transfer learning approach to combine knowledge about features from multiple device types was also implemented in cognitive radio networks and showed performance gains with an average of 3.4% for only 10% relevant information between the past knowledge and the current environment signals. / Doctor of Philosophy / The Internet of things (IoT) system is anticipated to reach billions of devices by the year 2020. With this massive increase in the number of devices, conventional security and authentication solutions will face many challenges from computational limits to privacy and security challenges. Research on solving the challenges of IoT systems is focused on providing lightweight solutions to be implemented on these low energy IoT devices. However these solutions are often prone to different types of attacks. The goal of this dissertation is to present a complete custom solution to secure IoT devices and systems. The system presented to solve IoT challenges consists of three main components. The first component focuses on solving scalability and centralization challenges that current IoT systems suffer from. To accomplish this a combination of distributed system, called blocchain, and a method to increase scalability, called Sharding, were used to provide both scalability and decentralization while maintaining high levels of security. The second component of the proposed solution consists of a novel framework to authenticate the identity of each IoT device. To provide an authentication solution that is both simple and effective, the framework proposed used a combination of features that are easy to collect, called fingerprints. These features were used to model the environment surrounding each IoT device to validate its identity. The solution uses a method called transfer learning to allow the framework to run on different types of devices. The proposed frameworks were able to provide a solution that is scalable, simple, and secured to handle data exchange between IoT devices. The simulation presented showed significant improvements compared to typical blockchain implementations. In addition, the frameworks proposed were able to detect attackers that have the resources to replicate all the device specific features. The proposed authentication framework is the first framework to be able to detect such an advanced attacker. The transfer learning tool added to the authentication framework showed performance gains of up to 70%.

Blockchain

Internet of things (IoT)

Cyber-Physical Systems

Authentication