Posts

Join us for our next webinar!

 

Resilience Capabilities for the Factory of the Future

The webinar will provide insights to one of the key capabilities of CyberFactory#1: Resilience. The keynote speech is given by Sauli Eloranta, Professor of Practice at VTT, on “Industry challenge to resilience in the factory of the future”. Afterwards, experts from a number of project partners will discuss the different aspects that need to be considered for a resilient Factory of the Future. The first half focuses on access management approaches and protection of AIs. After a short Q&A, presentations are given on monitoring of the FoF and dealing with cyberattacks, followed by another Q&A.

 


Date: 28.04.2021

Time: 14.00 – 16.10 CEST

Registration: Click here.

 

14.00:             Welcome

Jarno Salonen, VTT

Keynote: Industry challenge to resilience in the factory of the future

Sauli Eloranta, VTT


14.20:             How to create trust with comprehensive identity and access management

Markku Korkiakoski, Netox

Don’t make me think: an intuitive access management approach

Diogo Santos, Sistrade


14.40:             How to protect AI from manipulation attempts

Ching-Yu Kao, Fraunhofer AISEC

Aspects of preventing AI manipulation

Seppo Heikura, Houston Analytics


15.00:              Q&A


15.10:             How to enhance resilience by monitoring the FoF

Mario Brauer, Airbus CyberSecurity Germany

Monitoring different aspects of human behaviour on the shop-floor

Jorge Oliveira, ISEP


15.30:             Architectural approach to effectively detect cyberattacks

Murat Lostar, Lostar

How to remediate and recover from a cyberattack

Jari Partanen, Bittium


15.50:              Q&A


16.00              Wrap Up

Jarno Salonen, VTT

 

Keynote Speaker:

Sauli Eloranta (Professor of Practice at VTT Technical Research Centre of Finland)

Sauli Eloranta, M. Sc. (Tech.), began working as Professor of Practice at VTT on 1 January 2020. Eloranta, elected the CTO of the Year in Finland in 2019, came to VTT with a long experience of promoting technology and digitisation in industry and maritime transport.

Before VTT, Eloranta acted as Head of Innovation and Technology at Rolls-Royce Marine, later Kongsberg Maritime. Eloranta earned the CTO of the Year title granted by the Federation of Finnish Technology Industries for his merits as an active influencer in the Finnish innovation scene and promotor of autonomous marine traffic. He chaired the One Sea Autonomous Maritime Ecosystem in 2016-2019. Sauli has chaired the Business Finland digital advisory board and is a member of the transport sector growth programme. In addition, he has been involved in supporting the collaboration of the private sector and societal actors.

In his role as Professor of Practice, Eloranta focuses on the overall resilience of the Finnish society. His area also covers cyber security, autonomous systems and smart transport & mobility. Recently, Sauli has given program management support to Finland´s Ministry of Economics & Employment (TEM) in establishing domestic production of face masks for public health care.

CyberFactory#1 Welcomes LISA to the Team

 

We are proud to announce that the CyberFactory#1 Consortium was joined by LISA Deutschland GmbH in February 2021. LISA Group is an internationally known company for Intelligent Systems and learning algorithms, and has extensive experinece in developing Systems for Aircraft and Space Operations.

Within the project LISA will provide an autonomous anomaly bot aimed at detecting cybersecurity anomalies to enhance production and manufacturing in the factory of the future. The bot will be used within the use cases of Airbus Defense and Space (Spain) but it can be applied to detect cybersecurity anomalies in any environment. You can read more about their addition to the project here.

 

 

Paper presentations at four conferences

We congratulate our colleagues from Fraunhofer AISEC for four paper presentations at academic conferences within the past months! Click on the titles below for more information on each paper.

This paper was presented at the DYNAMICS workshop on the 7th of December 2020 at the Annual Computer Security Applications Conference (ACSAC). The paper proposes a novel method to make deep learning models robust, which can be applied on different data sets, such as images, audios, languages. The results show this method is comparable to adversarial training method.

The paper is available to download here.

Authors: Philip Sperl and Konstantin Böttinger

Abstract: Neural Networks (NNs) are vulnerable to adversarial examples. Such inputs differ only slightly from their benign counterparts yet provoke misclassifications of the attacked NNs. The required perturbations to craft the examples are often negligible and even human imperceptible. To protect deep learning-based systems from such attacks, several countermeasures have been proposed with adversarial training still being considered the most effective. Here, NNs are iteratively retrained using adversarial examples forming a computational expensive and time consuming process often leading to a performance decrease. To overcome the downsides of adversarial training while still providing a high level of security, we present a new training approach we call \textit{entropic retraining}. Based on an information-theoretic-inspired analysis, entropic retraining mimics the effects of adversarial training without the need of the laborious generation of adversarial examples. We empirically show that entropic retraining leads to a significant increase in NNs’ security and robustness while only relying on the given original data. With our prototype implementation we validate and show the effectiveness of our approach for various NN architectures and data sets.

The second paper was also presented at the Annual Computer Security Applications Conference (ACSAC) 2020. The authors apply two visualization techniques to the ASR system Deepspeech and show significant visual differences between benign data and adversarial examples.

Authors: Karla Markert, Romain Parracone, Philip Sperl and Konstantin Böttinger.

Abstract: Security of automatic speech recognition (ASR) is becoming ever more important as such systems increasingly influence our daily life, notably through virtual assistants. Most of today’s ASR systems are based on neural networks and their vulnerability to adversarial examples has become a great matter of research interest. In parallel, the research for neural networks in the image domain has progressed, including methods for explaining their predictions. New concepts, referred to as attribution methods, have been developed to visualize regions in the input domain that strongly influence the image’s classification.  In this paper, we apply two visualization techniques to the ASR system Deepspeech and show significant visual differences between benign data and adversarial examples. With our approach we make first steps towards explaining ASR systems, enabling the understanding of their decision process.

The third paper was presented at the 4th ACM Computer Science in Cars Symposium (ACM CSCS 2020). This paper provides a short overview on recent literature to discuss the language bias towards English in current research. The preliminary findings underline that there are differences in the vulnerability of a German and an English ASR system.

Authors: Karla Markert, Donika Mirdita and Konstantin Böttinger

Abstract: Voice control systems in vehicles offer great advantages for drivers, in particular more comfort and increased safety while driving.  Being continuously enhanced, they are planned to comfortably allow access to the networked home via external interfaces. At the same time, this far-reaching control enables new attack vectors and opens doors for cyber criminals. Any attacks on the voice control systems concern the safety of the car as well as the confidentiality and integrity of the user’s private data. For this reason, the analysis of targeted attacks on automatic speech recognition (ASR) systems, which extract the information necessary for voice control systems, is of great interest. The literature so far has only dealt with attacks on English ASR systems. Since most drivers interact with the voice control system in their mother tongue, it is important to study language-specific characteristics in the generation of so-called adversarial examples: manipulated audio data that trick ASR systems. In this paper, we provide a short overview on recent literature to discuss the language bias towards English in current research. Our preliminary findings underline that there are differences in the vulnerability of a German and an English ASR system.

This paper was already presented at the IEEE European Symposium on Security and Privacy 2020 in September. It proposes an adversarial example detector by analysing dense layer activations of deep learning models.

The paper is available to download here.

Authors: Philip Sperl, Ching-Yu Kao, Peng Chen, Xiao Lei, and Konstantin Boettinger

Abstract: In this paper, we present a novel end-to-end framework to detect such attacks during classification without influencing the target model’s performance. Inspired by recent research in neuron-coverage guided testing we show that dense layers of DNNs carry security-sensitive information. With a secondary DNN we analyze the activation patterns of the dense layers during classification runtime, which enables effective and real-time detection of adversarial examples. This approach has the advantage of leaving the already trained target model and its classification accuracy unchanged. Protecting vulnerable DNNs with such detection capabilities significantly improves robustness against state-of-the-art attacks.Our prototype implementation successfully detects adversarial examples in image, natural language, and audio processing. Thereby, we cover a variety of target DNNs, including Long Short Term Memory (LSTM) architectures. In addition to effectively defend against state-of-the-art attacks, our approach generalizes between different sets of adversarial examples. Thus, our method most likely enables us to detect even future, yet unknown attacks.

Virtual Panel – CyberFactory: How to make the Factory of the Future efficient and secure?

On the 9th of December we held our virtual panel on “CyberFactory#1: How to make the factory of the future efficient and secure”. Our speakers, Adrien Bécue, İrem Hilavin and Jari Partanen, presented the project, the use-case of Vestel and aspects of FoF resilience before answering questions such as on human-machine relations or what the benefits of this project might be for companies that are not directly involved. Below you can find the presentation slides. We look forward to many more events in the new year!

 

 

Abstract:

As factories digitalise and adopt automation technologies, they unlock new business models, manufacturing processes and logistics methods – as well as alternative roles for the people and machines that work in the factory. At the same time, these processes result in more complex IT and OT systems, presenting novel cyber security challenges and potentially leading to dangerous new interdependencies.

Based on early results from the European research project CyberFactory#1, our panel discussed both the opportunities and challenges represented by the digitalisation and automation of factories, including what the transition towards a new factory system of systems may look like – but also the new threats that organisations may face if security and resilience are not prioritised early in the process.

 

Speakers:

Adrien Bécue, Project Leader CyberFactory#1, Head of Innovation, Airbus CyberSecurity, France

Jari Partanen, Task Leader CyberResilience, Head of Quality, Environment and Technology Management, Bittium, Finland

İrem Hilavin, Work Package Leader Integration & Validation, SW Design Architect, Vestel, Turkey

 

 

Towards resilient Factories of Future – Defining required capabilities for a resilient Factory of Future

Abstract

Ongoing digitalization and implementation of new techniques for the Factory of Future (FoF) brings up new opportunities as well new threats that must be concerned to conciliate optimization of the supply and manufacturing chain with the need for security, safety and resilience. The CyberFactory#1 project addresses these needs by providing a framework of possible capabilities for resilient FoF environments. To further define these capabilities an approach was used to define requirements and implementation planning based on Use-Cases and Misuse-Cases to enable the development of needed capabilities for resilient FoF.

Access to Document

https://www.researchgate.net/publication/342736698

Authors

Matthias Glawe (Airbus CyberSecurity), Linda Feeken (OFFIS e.V.-Institut für Informatik), Ching-Yu Kao (Fraunhofer AISEC), Elham Mirzaei (InSystems GmbH), Alexander Szanto (Brandenburgisches Institut für Gesellschaft und Sicherheit), Torsten Weinhold (Bombardier), Björn Wudka (HTW Berlin)

Conference

Automation 2020, 30 June – 1 July, Baden-Baden (Online)

Cite this

Glawe, M.; Feeken, L.; Kao, C.-Y.; Mirzaei, E.; Szanto, A.; Weinhold, T.; Wudka, B.: Towards resilient Factories of Future – Defining required capabilities for a resilient Factory of Future, in: Conference Paper Automation 2020, VDI-Berichte Nr. 2375, 2020.

Finnish Consortium with First Steps towards Improved FoF Security

When developing Factories of the Future, security is also an important aspect. CyberFactory#1 will respond to this challenge by developing a set of safety and security capabilities. One of these capabilities is cyber resilience. Although the development work has not yet started, CyberFactory#1’s Finnish partners prepared and presented a Cyber Resilience Starting Point Demo in the project review at Oulu in January.

Figure 1 A part o fthe demo set-up

Resilient communications

A key resilience function in FoF systems, including IIoT, is the ability to maintain constant connectivity to industrial control systems and other systems on a continuous basis. A single network may not provide sufficient reliability in critical manufacturin  g systems. Therefore, in order to build resilient manufacturing systems, a seamless network failover is relevant. The scenario in Figure 2 demonstrates IIoT device network switching for resilient communications.

Figure 2 Demo scenario 

Continuously up-to-date IIoT devices

A common flaw in IIoT systems is the cumbersome or non-existent update management system. Administrator needs to be provided with insight on the current rate of deployment of up-to-date and outdated devices, and with capability to monitor the update progress in real-time, using the device management console dashboards. The scenario in Figure 3 demonstrates the use of standards based device management (LWM2M) and the standard mechanism for updating IIoT gateway remotely.

Figure 3 Demo scenario for standards based device management and remote updates

Dynamic reconfiguration of IIoT devices

Dynamic security policies in IIoT devices are an important enabler for resilience of IIoT systems. Based on IIoT device produced data (and changes in certain data points) the security policy of the IIoT device gets updated from the device management server. This scenario demonstrated how dynamic reconfiguration enables the recovery from incidents and disaster situations.

The demo was created in collaboration with Bittium, Netox, VTT and Rugged Tooling, using the knowledge of each partner to create a realistic environment. “It was great to able to contribute to creating the traffic needed, and test our sensor in the mutually created environment”, says Esa from Rugged Tooling. “Bittium SafeMove® Analytics was adapted to the demo in order to demonstrate the fleet of the IIoT devices, in order to detect the devices and required updates for cyber resilient operations. We were also able to connect the system seamlessly and wirelessly with the cloud connectivity provided by Netox”” clarified Björn from Bittium.

This Starting Point Demo was a great collaboration effort and a remarkable first step towards the Kick-off of Work Package 5: FoF dynamic risk management and resilience in April 2020.

Involved Partners: Bittium, Netox, Rugged Tooling, VTT Technical Research Centre of Finland