Optimisation of Manufacturing Systems Using Time Synchronised Simulation

Svensson, Bo

January 2010

No description available.

Simulation based optimisation

virtual manufacturing

industrial control system

PLC

continuous simulation

parameter tuning

optimisation methods

Manufacturing engineering

Produktionsteknik

Toward Cyber-Secure and Resilient Networked Control Systems

Teixeira, André

January 2014

Resilience is the ability to maintain acceptable levels of operation in the presence of abnormal conditions. It is an essential property in industrial control systems, which are the backbone of several critical infrastructures. The trend towards using pervasive information technology systems, such as the Internet, results in control systems becoming increasingly vulnerable to cyber threats. Traditional cyber security does not consider the interdependencies between the physical components and the cyber systems. On the other hand, control-theoretic approaches typically deal with independent disturbances and faults, thus they are not tailored to handle cyber threats. Theory and tools to analyze and build control system resilience are, therefore, lacking and in need to be developed. This thesis contributes towards a framework for analyzing and building resilient control systems. First, a conceptual model for networked control systems with malicious adversaries is introduced. In this model, the adversary aims at disrupting the system behavior while remaining undetected by an anomaly detector The adversary is constrained in terms of the available model knowledge, disclosure resources, and disruption capabilities. These resources may correspond to the anomaly detector’s algorithm, sniffers of private data, and spoofers of control commands, respectively. Second, we address security and resilience under the perspective of risk management, where the notion of risk is defined in terms of a threat’s scenario, impact, and likelihood. Quantitative tools to analyze risk are proposed. They take into account both the likelihood and impact of threats. Attack scenarios with high impact are identified using the proposed tools, e.g., zero-dynamics attacks are analyzed in detail. The problem of revealing attacks is also addressed. Their stealthiness is characterized, and how to detect them by modifying the system’s structure is also described. As our third contribution, we propose distributed fault detection and isolation schemes to detect physical and cyber threats on interconnected second-order linear systems. A distributed scheme based on unknown input observers is designed to jointly detect and isolate threats that may occur on the network edges or nodes. Additionally, we propose a distributed scheme based on local models and measurements that is resilient to changes outside the local subsystem. The complexity of the proposed methods is decreased by reducing the number of monitoring nodes and by characterizing the minimum amount of model information and measurements needed to achieve fault detection and isolation. Finally, we tackle the problem of distributed reconfiguration under sensor and actuator faults. In particular, we consider a control system with redundant sensors and actuators cooperating to recover from the removal of individual nodes. The proposed scheme minimizes a quadratic cost while satisfying a model-matching condition, which maintains the nominal closed-loop behavior after faults. Stability of the closed-loop system under the proposed scheme is analyzed. / Ett resilient system har förmågan att återhämta sig efter en kraftig och oväntad störning. Resiliens är en viktig egenskap hos industriella styrsystem som utgör en viktig komponent i många kritiska infrastrukturer, såsom processindustri och elkraftnät. Trenden att använda storskaliga IT-system, såsom Internet, inom styrsystem resulterar i en ökad sårbarhet för cyberhot. Traditionell IT-säkerhet tar inte hänsyn till den speciella koppling mellan fysikaliska komponenter och ITsystem som finns inom styrsystem. Å andra sidan så brukar traditionell reglerteknik fokusera på att hantera naturliga fel och inte cybersårbarheter. Teori och verktyg för resilienta och cybersäkra styrsystem saknas därför och behöver utvecklas. Denna avhandling bidrar till att ta fram ett ramverk för att analysera och konstruera just sådana styrsystem. Först så tar vi fram en representativ abstrakt modell för nätverkade styrsystem som består av fyra komponenter: den fysikaliska processen med sensorer och ställdon, kommunikationsnätet, det digitala styrsystemet och en feldetektor. Sedan införs en konceptuell modell för attacker gentemot det nätverkade styrsystemet. I modellen så beskrivs attacker som försöker undgå att skapa alarm i feldetektorn men ändå stör den fysikaliska processen. Dessutom så utgår modellen ifrån att den som utför attacken har begränsade resurser i fråga om modellkännedom och kommunikationskanaler. Det beskrivna ramverket används sedan för att studera resilens gentemot attackerna genom en riskanalys, där risk definieras utifrån ett hots scenario, konsekvenser och sannolikhet. Kvantitativa metoder för att uppskatta attackernas konsekvenser och sannolikheter tas fram, och speciellt visas hur hot med hög risk kan identifieras och motverkas. Resultaten i avhandlingen illustreras med ett flertal numeriska och praktiska exempel. / <p>QC 20141016</p>

Cyber Security

Resilience

Industrial Control Systems

Fault-Tolerant Systems

Risk Management

Cyber säkerhet

Resiliens

Industriella Styrsystem

Riskanalys

Do projeto à fabricação : um estudo de aplicação da fabricação digital no processo de produção arquitetônica / From design to manufacturing : a study of the use of digital fabrication in the architectural production process

Barbosa Neto, Wilson, 1983-

24 August 2018

Orientador: Maria Gabriela Caffarena Celani / Dissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia Civil, Arquitetura e Urbanismo / Made available in DSpace on 2018-08-24T11:31:11Z (GMT). No. of bitstreams: 1 BarbosaNeto_Wilson_M.pdf: 18612146 bytes, checksum: d8fbaaa3aaa7ff8e9008c22519dc03e7 (MD5) Previous issue date: 2013 / Resumo: A utilização de técnicas de Fabricação Digital está cada vez mais presente no campo da arquitetura e construção por todo o mundo, devido aos avanços tecnológicos que os sistemas CAD (Computer-aided Design) e CAM (Computer-aided Manufacturing) têm proporcionado aos processos de concepção e produção da obra arquitetônica. As possibilidades que essas ferramentas oferecem aos arquitetos e projetistas abrem caminho para novas abordagens de projeto, que permitem o uso da produção automatizada sem a necessidade de uma padronização tão rígida como aquela imposta pelo sistema industrial. Entretanto, nota-se que a aplicação dos métodos de Fabricação Digital no processo de produção do espaço edificado no Brasil é lento, quando comparado a outros países onde a tecnologia necessária para o exercício da técnica já se encontra amplamente difundida. A presente pesquisa tem como foco investigar a aplicação da Fabricação Digital, por intermédio de processos file-to-factory na produção arquitetônica de elementos para a construção civil, mais especificamente com o uso de técnicas subtrativas de corte 2D. Após um levantamento sobre o estado da arte da área e o desenvolvimento de dois estudos de caso, o método utilizado foi a pesquisa-ação, por meio de um exercício de aplicação do conceito file-to-factory. O processo de projeto foi documentado detalhadamente e analisado para a sistematização dos procedimentos, que servirão de referência para futuras aplicações no campo da arquitetura. Espera-se, com isso, contribuir para a divulgação dessas novas tecnologias na produção arquitetônica no cenário brasileiro / Abstract: The use of Digital Fabrication techniques is increasingly present in the field of architecture and construction throughout the world. Systems such as CAD (Computer-aided Design) and CAM (Computer-aided Manufacturing) have provided technological advances to the architectural design and production process. The possibilities that these tools provide to architects and designers introduce new design approaches, which allow the use of automated production without the rigid standardization imposed by the industrial system. However, it can be noticed that the use of Digital Fabrication methods in the built environment production process in Brazil is slow when compared to other countries where the technology is widely incorporated. This research focuses on investigating the application of Digital Fabrication, through file-to-factory processes in the production of architectural elements for the construction industry, specifically with the use of 2D subtractive cutting techniques. After a survey on the state of the art in the field and two case studies, the method used was an action research through a file-to-factory exercise. The design process was documented in detail and analyzed in order to systematize the procedures as a reference for future applications in architecture. As a result we expect to contribute to the dissemination of these new technologies in architectural production in the Brazilian scenario / Mestrado / Arquitetura, Tecnologia e Cidade / Mestre em Arquitetura, Tecnologia e Cidade

Arquitetura e tecnologia

Sistemas CAD/CAM

Projeto arquitetônico

Architectural design - Data processing

3D Modeling

Zachytávání kybernetických hrozeb industriálních systémů / Capturing cyber-threats of industrial systems

Dobrík, Andrej

January 2020

S vedomím že kybernetické útoky stoja korporácie každoročne miliardy, počínajúc neoprávnenými útokmi, distribuovanými útokmi odmietnutia služieb (DDOS) až po vírusy a počítačové červy atď., prichádza problém s nástrojmi, ktoré majú k dispozícii správcovia systému. Táto diplomová práca sa venuje skúmaniu jedného z takýchto nástrojov, Honeypot. Presnejšie, Honeypot zariadeniam pre priemyselné riadiace systémy. Od historicky počiatočných implementácií takýchto systémov, cez analýzu súčasných riešení až po vytvorenie nového riešenia Honeypot, s vysokou mierou interakcie a následným nasadením na nový virtuálny súkromný server, po ktorom nasleduje analýza narušení, ktoré sa vyskytnú počas obdobia nasadenia.

Optimal and Resilient Control with Applications in Smart Distribution Grids

Paridari, Kaveh

January 2016

The electric power industry and society are facing the challenges and opportunities of transforming the present power grid into a smart grid. To meet these challenges, new types of control systems are connected over IT infrastructures. While this is done to meet highly set economical and environmental goals, it also introduces new sources of uncertainty in the control loops. In this thesis, we consider control design taking some of these uncertainties into account. In Part I of the thesis, some economical and environmental concerns in smart grids are taken into account, and a scheduling framework for static loads (e.g., smart appliances in residential areas) and dynamic loads (e.g., energy storage systems) in the distribution level is investigated. A robust formulation is proposed taking the user behavior uncertainty into account, so that the optimal scheduling cost is less sensitive to unpredictable changes in user preferences. In addition, a novel distributed algorithm for the studied scheduling framework is proposed, which aims at minimizing the aggregated electricity cost of a network of apartments sharing an energy storage system. We point out that the proposed scheduling framework is applicable to various uncertainty sources, storage technologies, and programmable electrical loads. In Part II of the thesis, we study smart grid uncertainty resulting from possible security threats. Smart grids are one of the most complex cyber-physical systems considered, and are vulnerable to various cyber and physical attacks. The attack scenarios consider cyber adversaries that may corrupt a few measurements and reference signals, which may degrade the system’s reliability and even destabilize the voltage magnitudes. In addition, a practical attack-resilient framework for networked control systems is proposed. This framework includes security information analytics to detect attacks and a resiliency policy to improve the performance of the system running under the attack. Stability and optimal performance of the networked control system under attack and by applying the proposed framework, is proved here. The framework has been applied to an energy management system and its efficiency is demonstrated on a critical attack scenario. / <p>QC 20160830</p>

Resilient Control

Robust Control

Optimal Control

Smart Distribution Grid

Industrial Control Systems

Microgrids

Demand Response

Energy

Control Engineering

Reglerteknik

Diagnóstico y propuesta de mejora de la cultura de seguridad de una empresa de bebidas

Avendaño Romero, Fidel

03 March 2023

La presente investigación tiene como objetivo formular una propuesta que mejore la cultura de seguridad actual de la Empresa 123, ya que una de las problemáticas identificadas es la no priorización de la seguridad y la aceptación del riesgo, esto a pesar del trabajo de los encargados de SSOMA. Para reducir el índice de incidentes, accidentes y días perdidos por descanso médico, e incrementar la competitividad y mejorar la imagen de la Empresa 123, se plantea la implementación del Sistema de Gestión de la Seguridad y Salud en el Trabajo (SGSST) basado en la normativa internacional ISO 45001. Mediante la propuesta se plantean estrategias como el Gemba Walk, reporte del trabajador, comité de seguridad y auditorias para lograr el liderazgo e involucramiento de todos los entes identificados como stakeholders de la Empresa 123. La principal herramienta a utilizarse en la medición del clima de prevención es el cuestionario Nórdico del NOSACQ-50, el cual es aplicado con el propósito de medir el grado de efectividad de la propuesta. Finalmente, la propuesta planteada resulta factible para la Empresa 123, ya que se tiene un beneficio tangible de S/. 68, 680 y un beneficio intangible de 6.9 en una escala de 1 a 10 del grado de impacto positivo, los cuales son superiores al costo de la implementación de S/. 37, 169.

Control de procesos--Mejoramiento

Bebidas--Industria y comercio

Controle preditivo aplicado à planta piloto de neutralização de pH. / Predictive control applied to a pH neutralization pilot plant.

Favaro, Juliana

27 September 2012

Uma das técnicas de controle avançado que vem ganhando destaque no cenário econômico e ecológico, focando maior sustentabilidade e a otimização dos processos, é o controle preditivo, o qual já vem sendo aplicado em indústrias químicas e petroquímicas. Esta dissertação trata do desenvolvimento de um controle preditivo aplicado a uma planta piloto de neutralização de pH, presente no Laboratório de Controle de Processos Industriais da Escola Politécnica da Universidade de São Paulo. O desenvolvimento do projeto pode ser dividido em quatro etapas: implementação das malhas de controle regulatório, identificação dos sistemas, construção do controlador preditivo, aplicações e análises experimentais. Na primeira etapa foi necessário estudar o sistema em questão e implementar algumas malhas internas usando controladores PID. Na segunda etapa foi realizada a identificação do modelo da planta, ressaltando que pontos de operação e ajuste de parâmetros internos são determinantes para a modelagem. Já na terceira etapa desenvolveu-se um controlador preditivo, através de softwares auxiliares como o MATLAB e o IIT 800xA da ABB, que foram utilizados para o desenvolvimento e implementação do algoritmo de controle. Por fim, na última etapa, foi feita a análise e comparação dos resultados, quando se submete à planta a um controlador PID, quando aplicado um controlador preditivo em cascata com controladores PID e quando se utiliza apenas o controlador preditivo com ação direta nos atuadores. / The predictive control is an advanced control technique which has gained evidence in the economic and ecological context because the search for sustainability and process optimization. This control has already been applied by the chemical and petrochemical industries. The purpose of this project is to develop a predictive controller which will be applied in a pH neutralization plant located in the Industrial Processes Control Laboratory at Polytechnic School of the University of São Paulo. The development of this project can be divided into four stages: implementation of regulatory control loops, identification of the system, construction of the predictive controller, applications and experimental analysis. The first step is necessary in order to study the plant and to implement some internal loops using PID controllers. In the second step, the identification process of the plant model will be done. It is important to note that operating points and internal parameter settings are very important for modeling. In the third stage, using the model obtained from the identification process, a predictive controller is built from auxiliary software such as MATLAB and IIT 800xA (by ABB), which will be used for the development and implementation of the control algorithm. Finally, the last step consists in collecting and analyzing the results of the pH neutralization plant. At this stage the responses of each controller will be compared: PID controller, MPC controller in cascade mode with PID and MPC controller acting directly on actuators.

Controle de nível

Controle de pH

Controle industrial

Controle PID

Controle preditivo

Identificação de sistemas

Industrial control

Level control

Multivariable system

pH control

PID control

Predictive control

Sistema multivariável

System identification

Assessment and enforcement of wireless sensor network-based SCADA systems security / Évaluation et mise en oeuvre de la sécurité dans les systèmes SCADA à base de réseaux de capteurs sans fil

Bayou, Lyes

19 June 2018

La sécurité des systèmes de contrôle industriel est une préoccupation majeure. En effet, ces systèmes gèrent des installations qui jouent un rôle économique important. En outre, attaquer ces systèmes peut non seulement entraîner des pertes économiques, mais aussi menacer des vies humaines. Par conséquent, et comme ces systèmes dépendent des données collectées, il devient évident qu’en plus des exigences de temps réel, il est important de sécuriser les canaux de communication entre ces capteurs et les contrôleurs principaux. Ces problèmes sont plus difficiles à résoudre dans les réseaux de capteurs sans fil (WSN). Cette thèse a pour but d’aborder les questions de sécurité des WSN. Tout d’abord, nous effectuons une étude de sécurité approfondie du protocole WirelessHART. Ce dernier est le protocole leader pour les réseaux de capteurs sans fil industriels (WISN). Nous évaluons ses forces et soulignons ses faiblesses et ses limites. En particulier, nous décrivons deux vulnérabilités de sécurité dangereuses dans son schéma de communication et proposons des améliorations afin d’y remédier. Ensuite, nous présentons wIDS, un système de détection d’intrusion (IDS) multicouches qui se base sur les spécifications, spécialement développé pour les réseaux de capteurs sans fil industriels. L’IDS proposé vérifie la conformité de chaque action effectuée par un noeud sans fil sur la base d’un modèle formel du comportement normal attendu. / The security in Industrial Control Systems is a major concern. Indeed, these systems manage installations that play an important economical role. Furthermore, targeting these systems can lead not only to economical losses but can also threaten human lives. Therefore, and as these systems depend on sensing data, it becomes obvious that additionally to real-time requirement, it is important to secure communication channels between these sensors and the main controllers. These issues are more challenging inWireless Sensor Networks (WSN) as the use of wireless communications brings its own security weaknesses. This thesis aims to address WSN-based security issues. Firstly, we conduct an in-deep security study of the WirelessHART protocol. This latter is the leading protocol for Wireless Industrial Sensor Networks (WISN) and is the first international approved standard. We assess its strengths and emphasize its weaknesses and limitations. In particular, we describe two harmful security vulnerabilities in the communication scheme of WirelessHART and propose improvement in order to mitigate them. Secondly, we present wIDS, a multilayer specification based Intrusion Detection System (IDS) specially tailored for Wireless Industrial Sensor Networks. The proposed IDS checks the compliance of each action performed by a wireless node based on a formal model of the expected normal behavior.

Systèmes industriels

Réseaux de capteurs sans fil

WirelessHART

Analyse de protocoles

Détection d’intrusions

Industrial Control Systems

Wireless Sensor Networks

WirelessHART

Protocol analysis

Intrusion Detection

004

Risk monitoring with intrusion detection for industrial control systems / Surveillance des risques avec détection d'intrusion pour les systèmes de contrôle industriels

Muller, Steve

26 June 2018

Les cyberattaques contre les infrastructures critiques telles que la distribution d'électricité, de gaz et d'eau ou les centrales électriques sont de plus en plus considérées comme une menace pertinente et réaliste pour la société européenne. Alors que des solutions éprouvées comme les applications antimalware, les systèmes de détection d'intrusion (IDS) et même les systèmes de prévention d'intrusion ou d'auto-cicatrisation ont été conçus pour des systèmes informatiques classiques, ces techniques n'ont été que partiellement adaptées au monde des systèmes de contrôle industriel. En conséquence, les organisations et les pays font recours à la gestion des risques pour comprendre les risques auxquels ils sont confrontés. La tendance actuelle est de combiner la gestion des risques avec la surveillance en temps réel pour permettre des réactions rapides en cas d'attaques. Cette thèse vise à fournir des techniques qui aident les responsables de la sécurité à passer d'une analyse de risque statique à une plateforme de surveillance des risques dynamique et en temps réel. La surveillance des risques comprend trois étapes, chacune étant traitée en détail dans cette thèse : la collecte d'informations sur les risques, la notification des événements de sécurité et, enfin, l'inclusion de ces informations en temps réel dans une analyse des risques. La première étape consiste à concevoir des agents qui détectent les incidents dans le système. Dans cette thèse, un système de détection d'intrusion est développé à cette fin, qui se concentre sur une menace persistante avancée (APT) qui cible particulièrement les infrastructures critiques. La deuxième étape consiste à traduire les informations techniques en notions de risque plus abstraites, qui peuvent ensuite être utilisées dans le cadre d'une analyse des risques. Dans la dernière étape, les informations collectées auprès des différentes sources sont corrélées de manière à obtenir le risque auquel l'ensemble du système est confronté. Les environnements industriels étant caractérisés par de nombreuses interdépendances, un modèle de dépendance est élaboré qui prend en compte les dépendances lors de l'estimation du risque. / Cyber-attacks on critical infrastructure such as electricity, gas, and water distribution, or power plants, are more and more considered to be a relevant and realistic threat to the European society. Whereas mature solutions like anti-malwareapplications, intrusion detection systems (IDS) and even intrusion prevention or self-healing systems have been designed for classic computer systems, these techniques have only been partially adapted to the world of Industrial ControlSystems (ICS). As a consequence, organisations and nations fall back upon risk management to understand the risks that they are facing. Today's trend is to combine risk management with real-time monitoring to enable prompt reactions in case of attacks. This thesis aims at providing techniques that assist security managers in migrating from a static risk analysis to areal-time and dynamic risk monitoring platform. Risk monitoring encompasses three steps, each being addressed in detail in this thesis: the collection of risk-related information, the reporting of security events, and finally the inclusion of this real time information into a risk analysis. The first step consists in designing agents that detect incidents in the system. In this thesis, an intrusion detection system is developed to this end, which focuses on an advanced persistent threat (APT) that particularly targets critical infrastructures. The second step copes with the translation of the obtained technical information in more abstract notions of risk, which can then be used in the context of a risk analysis. In the final step, the information collected from the various sources is correlated so as to obtain the risk faced by the entire system. Since industrial environments are characterised by many interdependencies, a dependency model is elaborated which takes dependencies into account when the risk is estimated.

Gestion de risque en temps réel

Surveillance des risques

Modélisation de dépendances

Systèmes industriels

Détection d'intrusions

Real-Time risk management

Risk monitoring

Dependency modelling

Industrial control systems

Intrusion detection

004

Segmentation and segregation mechanisms and models to secure the integration of Industrial control Systems (ICS) with corporate system / Mécanismes et modèles de segmentation et de ségrégation pour sécuriser l'intégration des systèmes de contrôle industriel (ICS) avec les systèmes d'entreprise

Es-Salhi, Khaoula

11 July 2019

Sécuriser des systèmes industriels, et en particulier des systèmes intégrés au système d'information, devient l'une des préoccupations les plus urgentes qui inquiètent non seulement tous les acteurs industriels mais aussi les gouvernements. Un nombre très important d'entités industrielles et d'infrastructures sont si critiques que toute cyber attaque réussie contre ces entités peut causer d'énormes dégâts aux entreprises, à l'environnement et plus gravement à la sécurité nationale et à la sûreté des personnes. Cette thèse étudie l'intégration des systèmes ICS avec les systèmes d'entreprise d'un point de vue sécurité. Notre objectif est d'étudier les vulnérabilités de sécurité des systèmes industriels intégrés et de proposer des modèles et des mécanismes pour améliorer leur sécurité et les protéger contre les attaques complexes. Après avoir réalisé une étude approfondie sur les vulnérabilités des systèmes ICS intégrés (IICS) et les solutions de sécurité existantes, nous nous sommes concentrés sur l'étude de la technique de défense en profondeur et son applicabilité aux systèmes ICS intégrés. Nous avons alors défini une nouvelle méthode générique de segmentation pour les IICS, SONICS, qui permet de simplifier la segmentation des IICS en se concentrant uniquement sur les aspects qui sont réellement significatifs pour la segmentation. Nous avons ensuite développé une version améliorée de SONICS, RIICS, une méthode de segmentation pour les systèmes IICS qui comble les lacunes de SONICS en se concentrant sur le risque en plus des spécificités techniques et industrielles. Pour compléter la méthode de segmentation, nous avons étudié les solutions de ségrégation et de contrôle d'accès. Nous avons proposé un nouveau modèle de contrôle de flux basé sur DTE (Domain Type Enforcement) pour les systèmes ICS intégrés. / Securing ICS systems, and especially integrated ones, is becoming one of the most urgent issues that disquiets not only all industrial actors but also governments. Very important number of industrial entities and infrastructures are so critical that any non contained cyber attack on these entities can cause huge damage to business, to environment and more gravely to national security and people safety.This thesis studies the integration of ICS with Corporate systems from a security standpoint. Our goal is to study integrated ICS systems security vulnerabilities and suggest models and mechanisms to improve their security and protect them against ceyberattacks. After conducting a study on the vulnerabilities of integrated ICS systems (IICS) and the existing security solutions, we focused on the study of defence in depth technique and its applicability to integrated ICS systems. We defined a new generic segmentation method for IICS, SONICS, which simplifies the segmentation of IICS by focusing only on spects that are really significant for segmentation. We next developed an improved version of SONICS, RIICS (Risk based IICS Segmentation), a segmentation method for IICS systems that fills the SONICS gaps by focusing on risk on top of technical and industrial specifications. To complement the segmentation method, we studied segregation and access control solutions. We proposed a new DTE-based l (Domain Type Enforcement) flow control model for integrated ICS systems.

Systèmes de contrôle industriel

Segmentation

Ségrégation

Contrôle d'accès

Domain-type enforcement

Integration

Industrial control systems

Segmentation

Segregation

Access control

Domain-type enforcement

004