Role based modelling in support of configurable manufacturing system design

Ding, Chenghua

January 2010

Business environments, in which any modern Manufacturing Enterprise (ME) operates, have grown significantly in complexity and are changing faster than ever before. It follows that designing a flexible manufacturing system to achieve a set of strategic objectives involves making a series of complex decisions over time. Therefore manufacturing industry needs improved knowledge about likely impacts of making different types of change in MEs and improved modelling approaches that are capable of providing a systematic way of modelling change impacts in complex business processes; prior to risky and costly change implementation projects. An ability to simulate the execution of process instances is also needed to control, animate and monitor simulated flows of multiple products through business processes; and thereby to assess impacts of dynamic distributions and assignments of multiple resource types during any given time period. Further more this kind of modelling capability needs to be integrated into a single modelling framework so as to improve its flexibility and change coordination. Such a modelling capability and framework should help MEs to achieve successfully business process re-engineering, continuous performance development and enterprise re-design. This thesis reports on the development of new modelling constructs and their innovative application when used together with multiple existing modelling approaches. This enables human and technical resource systems to be described, specified and modelled coherently and explicitly. In turn this has been shown to improve the design of flexible, configurable and re-usable manufacturing resource systems, capable of supporting decision making in agile manufacturing systems. A newly conceived and developed Role-Based Modelling Methodology (R-BMM) was proposed during this research study. Also the R-BMM was implemented and tested by using it together with three existing modelling approaches namely (1) extended Enterprise Modelling, (2) dynamic Causal Loop Diagramming and (3) Discrete Event Simulation Modelling (via software PlantSimulation ®). Thereby these three distinct modelling techniques were deployed in a new and coherent way. The new R-BMM approach to modelling manufacturing systems was designed to facilitate: (1) Graphical Representation (2) Explicit Specification and (3) Implementation Description of Resource systems. Essentially the approach enables a match between suitable human and technical resource systems and well defined models of processes and workflows. Enterprise Modelling is used to explicitly define functional and flexibility competencies that need to be possessed by suitable role holders. Causal Loop Diagramming is used to reason about dependencies between different role attributes. The approach was targeted at the design and application of simulation models that enable relative performance comparisons (such as work throughput, lead-time and process costs) to be made and to show how performance is affected by different role decompositions and resourcing policies. The different modelling techniques are deployed via a stepwise application of the R-BMM approach. Two main case studies were carried out to facilitate methodology testing and methodology development. The chosen case company possessed manufacturing characteristics required to facilitate testing and development; in terms of significant complexity and change with respect to its products and their needed processing structures and resource systems. The first case study was mainly designed to illustrate an application, and benefits arising from application, of the new modelling approach. This provided both qualitative and quantitative results analysis and evaluation. Then with a view to reflecting on modelling methodology testing and to address a wider scope manufacturing problem, the second case study was designed and applied at a different level of abstraction, to further test and verify the suitability and re-usability of the methodology. Through conceiving the new R-BMM approach, to create, analyse and assess the utility of sets of models, this research has proposed and tested enhancements to current means of realising reconfigurable and flexible production systems.

620

Trusted Software Updates for Secure Enclaves in Industrial Control Systems

Gunjal, Abhinav Shivram

18 September 2017

Industrial Control Systems (ICSs) manage critical infrastructures such as water treatment facilities, petroleum refineries, and power plants. ICSs are networked through Information Technology (IT) infrastructure for remote monitoring and control of physical processes. As ICSs integrate with IT infrastructure, IT vulnerabilities are carried over to the ICS environment. Previously proposed process controller security architectures maintain safe and stable plant operation even in the presence of attacks that exploit ICS vulnerabilities. Security architectures are process control system-level solutions that leverage isolated and trusted hardware (secure enclaves) for ICS security. Upon detecting an intrusion, the secure enclave switches control of the physical process to a high assurance controller, making a fail-safe plant operation. The process control loop components have an average lifespan of several decades. During this time, electromechanical components of process control loop may undergo aging that alters their characteristics and affects control loop performance. To deal with component aging and to improve control algorithm flexibility, updates to control loop parameters are required. Plant model, process control loop system specifications, and control algorithm-based security mechanisms at the secure enclave require parameter updates. ICSs have hundreds of process control components that may need be installed in hazardous environments and distributed across hundreds of square kilometers. Updating each component physically may lead to accidents, expensive travel, and increased downtime. Some ICS have allowable downtime of only 5 minutes per year. Hence, remote updates are desirable. A proposed dedicated and isolated hardware module at the secure enclave provides authentication of the update and ensures safe storage in a non-volatile memory. A protocol designed for update transmission through an untrusted ICS network provides resilience against network integrity attacks such as replay attacks. Encryption and authentication of the updates maintain integrity and confidentiality. During the normal plant operation, the hardware module is invisible to the other modules of the process control loop. The proposed solution is implemented on Xilinx Zynq-7000 programmable System-on-Chip to provide secure enclave updates. / Master of Science

Industrial control systems

programmable logic controller

industrial control systems security

secure enclaves

software updates

configurable system-on-chip

A Trusted Autonomic Architecture to Safeguard Cyber-Physical Control Leaf Nodes and Protect Process Integrity

Chiluvuri, Nayana Teja

16 September 2015

Cyber-physical systems are networked through IT infrastructure and susceptible to malware. Threats targeting process control are much more safety-critical than traditional computing systems since they jeopardize the integrity of physical infrastructure. Existing defence mechanisms address security at the network nodes but do not protect the physical infrastructure if network integrity is compromised. An interface guardian architecture is implemented on cyber-physical control leaf nodes to maintain process integrity by enforcing high-level safety and stability policies. Preemptive detection schemes are implemented to monitor process behavior and anticipate malicious activity before process safety and stability are compromised. Autonomic properties are employed to automatically protect process integrity by initiating switch-over to a verified backup controller. Subsystems adhere to strict trust requirements safeguarding them from adversarial intrusion. The preemptive detection schemes, switch-over logic, backup controller, and process communication are all trusted components that are separated from the untrusted production controller. The proposed architecture is applied to a rotary inverted pendulum experiment and implemented on a Xilinx Zynq-7000 configurable SoC. The leaf node implementation is integrated into a cyber-physical control topology. Simulated attack scenarios show strengthened resilience to both network integrity and reconfiguration attacks. Threats attempting to disrupt process behavior are successfully thwarted by having a backup controller maintain process stability. The system ensures both safety and liveness properties even under adversarial conditions. / Master of Science

Process control systems

cyber-physical systems

autonomic systems

programmable logic controller

remote terminal unit

human-machine interface

Field programmable gate arrays

trust

configurable system-on-chip

heterogeneous computing

high-level synthesis