Sixth generation (6G)-enabled massive network MANO orchestration, alongside distributed supervision and fully reconfigurable control logic that manages dynamic arrangement of network components, such as cell-free, Open-Air Interface (OAI) and RIS, is a potent enabler for the upcoming pervasive digitalization of the vertical use cases. In such a disruptive domain, artificial intelligence (AI)-driven zero-touch “Network of Networks” intent-based automation shall be able to guarantee a high degree of security, efficiency, scalability, and sustainability, especially in cross-domain and interoperable deployment environments (i.e., where points of presence (PoPs) are non-independent and identically distributed (non-IID)). To this extent, this paper presents a novel breakthrough, open, and fully reconfigurable networking architecture for 6G cellular paradigms, named 6G-BRICKS. To this end, 6G-BRICKS will deliver the first open and programmable O-RAN Radio Unit (RU) for 6G networks, termed as the OpenRU, based on an NI USRP-based platform. Moreover, 6G-BRICKS will integrate the RIS concept into the OAI alongside Testing as a Service (TaaS) capabilities, multi-tenancy, disaggregated Operations Support Systems (OSS) and Deep Edge adaptation at the forefront. The overall ambition of 6G-BRICKS is to offer evolvability, granularity, while, at the same time, tackling big challenges such as interdisciplinary efforts and big investments in 6G integration.

The fixed security solutions and related security configurations may no longer meet the diverse requirements of 6G networks. Open Radio Access Network (O-RAN) architecture is going to be one key entry point to 6G where the direct user access is granted. O-RAN promotes the design, deployment and operation of the RAN with open interfaces and optimized by intelligent controllers. O-RAN networks are to be implemented as multi-vendor systems with interoperable components and can be programmatically optimized through centralized abstraction layer and data driven closed-loop control. However, since O-RAN contains many new open interfaces and data flows, new security issues may emerge. Providing the recommendations for dynamic security policy adjustments by considering the energy availability and risk or security level of the network is something lacking in the current state-of-the-art. When the security process is managed and executed in an autonomous way, it must also assure the transparency of the security policy adjustments and provide the reasoning behind the adjustment decisions to the interested parties whenever needed. Moreover, the energy consumption for such security solutions are constantly bringing overhead to the networking devices. Therefore, in this paper we discuss XAI based green security architecture for resilient open radio access networks in 6G known as XcARet for providing cognitive and transparent security solutions for O-RAN in a more energy efficient manner.

The fixed security solutions and related security configurations may no longer meet the diverse requirements of 6G networks. Open Radio Access Network (O-RAN) architecture is going to be one key entry point to 6G where the direct user access is granted. O-RAN promotes the design, deployment and operation of the RAN with open interfaces and optimized by intelligent controllers. O-RAN networks are to be implemented as multi-vendor systems with interoperable components and can be programmatically optimized through centralized abstraction layer and data driven closed-loop control. However, since O-RAN contains many new open interfaces and data flows, new security issues may emerge. Providing the recommendations for dynamic security policy adjustments by considering the energy availability and risk or security level of the network is something lacking in the current state-of-the-art. When the security process is managed and executed in an autonomous way, it must also assure the transparency of the security policy adjustments and provide the reasoning behind the adjustment decisions to the interested parties whenever needed. Moreover, the energy consumption for such security solutions are constantly bringing overhead to the networking devices. Therefore, in this paper we discuss XAI based green security architecture for resilient open radio access networks in 6G known as XcARet for providing cognitive and transparent security solutions for O-RAN in a more energy efficient manner.

The fixed security solutions and related security configurations may no longer meet the diverse requirements of 6G networks. Open Radio Access Network (O-RAN) architecture is going to be one key entry point to 6G where the direct user access is granted. O-RAN promotes the design, deployment and operation of the RAN with open interfaces and optimized by intelligent controllers. O-RAN networks are to be implemented as multi-vendor systems with interoperable components and can be programmatically optimized through centralized abstraction layer and data driven closed-loop control. However, since O-RAN contains many new open interfaces and data flows, new security issues may emerge. Providing the recommendations for dynamic security policy adjustments by considering the energy availability and risk or security level of the network is something lacking in the current state-of-the-art. When the security process is managed and executed in an autonomous way, it must also assure the transparency of the security policy adjustments and provide the reasoning behind the adjustment decisions to the interested parties whenever needed. Moreover, the energy consumption for such security solutions are constantly bringing overhead to the networking devices. Therefore, in this paper we discuss XAI based green security architecture for resilient open radio access networks in 6G known as XcARet for providing cognitive and transparent security solutions for O-RAN in a more energy efficient manner.

This article proposes a security protection technology based on active dynamic defense technology. Solved unknown threats that traditional rule detection methods cannot detect, effectively resisting purposeless virus spread such as worms; Isolate new unknown viruses, Trojans, and other attack threats; Strengthen terminal protection, effectively solve east-west horizontal penetration attacks in the internal network, and enhance the adversarial capabilities of the internal network. Propose modeling user behavior habits based on machine learning algorithms. By using historical behavior models, abnormal user behavior can be detected in real-time, network danger can be perceived, and proactive changes in network defense strategies can be taken to increase the difficulty of attackers. To achieve comprehensive and effective defense, identification, and localization of network attack behaviors, including APT attacks.

The innovation introduced by connectivity brings about significant changes in the industrial environment leading to the fourth industrial revolution, known as Industry 4.0. However, the integration and connectivity between industrial systems have significantly increased the risks and cyberattack surfaces. Nowadays, Virtualization is added to the security field to provide maximum protection against toxic attacks at minimum costs. Combining paradigms such as Software Defined Networking (SDN), and Network Function Virtualization (NFV) can improve virtualization performance through Openness (unified control of heterogeneous hardware and software resources), Flexibility (remote management and rapid response to changing demands), and Scalability (a faster cycle of innovative services deployment). The present paper proposes a Virtualized Security for Industry 4.0 (ViSI4.0), based on both SDN and Network Security Function Virtualisation (NSFV), to prevent attacks on Cyber-Physical System (CPS). Since industrial devices are limited in memory and processing, vNSFs are deployed as Docker containers. We conducted experiments to evaluate the performances of IIoT applications when using virtualized security services. Results showed that many real-time IIoT applications are still within their latency tolerance range. However, the additional delays introduced by virtualization have an impact on IIoT applications with very strict delays.

The power communication network based on 5G network slicing is an important foundation to support smart grid, and the bearing of small granularity power regulation and control class services depends on the slicing soft isolation technology, and the data isolation between each soft isolation channel is crucial. In this paper, we propose a new symmetric cryptographic algorithm based on random coding, and establish a hybrid encryption method based on this symmetric algorithm, combined with SM2 and SM3 algorithms, which is suitable for encrypting the data of power regulation and control services. It is also verified through simulation that the proposed hybrid encryption method has high encryption efficiency while ensuring security.

Advanced persistent threat (APT) attack is one of the most serious threats to power system cyber security. ATT\&CK framework integrates the known historical and practical APT attack tactics and techniques to form a general language for describing hacker behavior and an abstract knowledge base framework for hacker attacks. Combined with the ATT\&CK for ICS framework, this paper combed the known attack techniques used by viruses or hacker groups aimed at cyberattacks on infrastructure, especially power systems. Then found the corresponding mitigations for each attack technique, and merged them. Next, we listed the high frequency and important mitigations for reference. At last, we proposed a cyber security defense model suitable for ICS to provide a reference for security teams on how to apply ATT\&ck; other similar cyberattack frameworks.

Advanced Persistent Threats (APTs) have been a major challenge in securing both Information Technology (IT) and Operational Technology (OT) systems. APT is a sophisticated attack that masquerade their actions to navigates around defenses, breach networks, often, over multiple network hosts and evades detection. It also uses “low-and-slow” approach over a long period of time. Resource availability, integrity, and confidentiality of the operational cyber-physical systems (CPS) state and control is highly impacted by the safety and security measures in place. A framework multi-stage detection approach termed “APT$_\textrmDASAC$” to detect different tactics, techniques, and procedures (TTPs) used during various APT steps is proposed. Implementation was carried out in three stages: (i) Data input and probing layer - this involves data gathering and pre-processing, (ii) Data analysis layer; applies the core process of “APT$_\textrmDASAC$” to learn the behaviour of attack steps from the sequence data, correlate and link the related output and, (iii) Decision layer; the ensemble probability approach is utilized to integrate the output and make attack prediction. The framework was validated with three different datasets and three case studies. The proposed approach achieved a significant attacks detection capability of 86.36\% with loss as 0.32\%, demonstrating that attack detection techniques applied that performed well in one domain may not yield the same good result in another domain. This suggests that robustness and resilience of operational systems state to withstand attack and maintain system performance are regulated by the safety and security measures in place, which is specific to the system in question.

This paper investigates the output feedback security control problem of switched nonlinear systems (SNSs) against denial-of-service (DoS) attacks. A novel switched observer-based neural network (NN) adaptive control algorithm is established, which guarantees that all the signals in the closed-loop system remain bounded. Note that when a DoS attacker is active in the Sensor-Controller channel, the controller cannot acquire accurate information, which leads to the standard backstepping technique not being workable. A set of NN adaptive switching-like observers is designed to tackle the obstacle for each subsystem. Further, by combining the proposed observer with the backstepping technique, an NN adaptive controller is constructed and the dynamic surface control method is borrowed to surmount the complexity explosion phenomenon. Finally, an illustrative example is provided to demonstrate the effectiveness of the proposed control algorithm.

From financial transactions to digital voting systems, identity management, and asset monitoring, blockchain technology is increasingly being developed for use in a wide range of applications. The problem of security and privacy in the blockchain ecosystem, which is now a hot topic in the blockchain community, is discussed in this study. The survey’s goal was to investigate this issue by considering several sorts of assaults on the blockchain network in relation to the algorithms offered. Following a preliminary literature assessment, it appears that some attention has been paid to the first use case; however the second use case, to the best of my knowledge, deserves more attention when blockchain is used to investigate it. However, due to the subsequent government mandated secrecy around the implementation of DES, and the distrust of the academic community because of this, a movement was spawned that put a premium on individual privacy and decentralized control. This movement brought together the top minds in encryption and spawned the technology we know of as blockchain today. This survey paper also explores the genesis of encryption, its early adoption, and the government meddling which eventually spawned a movement which gave birth to the ideas behind blockchain. It also closes with a demonstration of blockchain technology used in a novel way to refactor the traditional design paradigms of databases.

Understanding dynamic human behavior based on online video has many applications in security control, crime surveillance, sports, and industrial IoT systems. This paper solves the problem of classifying video data recorded on surveillance cameras in order to identify fragments with instances of shoplifting. It is proposed to use a classifier that is a symbiosis of two neural networks: convolutional and recurrent. The convolutional neural network is used for extraction of features from each frame of the video fragment, and the recurrent network for processing the temporal sequence of processed frames and subsequent classification.

Vulnerability Detection 2022 - Aiming at the problems of low detection accuracy and poor robustness of the existing zero-speed detection methods, an effective gait cycle segmentation method is adopted and a Bayesian network model based on inertial sensor measurements and kinematics knowledge is introduced to infer the zero-speed interval; The method can effectively reduce the ambiguity of the zero velocity (ZV) boundary. S upport vector machine has the advantages of versatility, simple calculation, high operation efficiency and perfect theory. It is a relatively mature and efficient algorithm in the current network security situation algorithm. And a looped Bayesian network model for probabilistic safety assessment of simple feedback control systems is established.

Neural Network Security - With the development of computer and network technology, industrial control systems are connecting with the Internet and other public networks in various ways, viruses, trojans and other threats are spreading to industrial control systems, industrial control system information security issues are becoming increasingly prominent. Under this background, it is necessary to construct the network security evaluation model of industrial control system based on the safety evaluation criteria and methods, and complete the safety evaluation of the industrial control system network according to the design scheme. Based on back propagation (BP) neural network’s evaluation of the network security status of industrial control system, this paper determines the number of neurons in BP neural network input layer, hidden layer and output layer by analyzing the actual demand, empirical equation calculation and experimental comparison, and designs the network security evaluation index system of industrial control system according to factors affecting industrial control safety, and constructs a safety rating table. Finally, by comparing the performance of BP neural network and multilinear regression to the evaluation of the network security status of industrial control system through experimental simulation, it can be found that BP neural network has higher accuracy for the evaluation of network security status of industrial control system.

Network Control Systems Security - This study focuses on the stability issue of network control systems (NCSs) under possible hybrid attacks (HAs), which has important research value in network security. Firstly, the HAs method of deception cyber attacks (CAs) and random CAs are studied, which broadly consider the complexity of the types of attacks. Secondly, a novel time-delay-product boundary looped function (BLF) is developed, fully considering the delay and sampling information. In addition, the initial constraints of the criterion on the matrices are effectively relaxed. Then, a new dynamic memory sample data (DMSD) controller under HAs is constructed to control the asymptotical stable (AS) of NCSs. Finally, a numerical experiment is presented to verify the correctness and feasibility of the theory.

Network Control Systems Security - The huge advantages of cloud computing technology and the bottlenecks in the development of traditional network control systems have prompted the birth of cloud control systems to address the shortcomings of traditional network control systems in terms of bandwidth and performance. However, the information security issues faced by cloud control systems are more complex, and distributed denial-of-service (DDoS) attacks are a typical class of attacks that may lead to problems such as latency in cloud control systems and seriously affect the performance of cloud control systems. In this paper, we build a single-capacity water tank cloud control semi-physical simulation system with heterogeneous controllers and propose a DDoS attack detection method for cloud control systems based on bidirectional long short-term memory neural network (BiLSTM), study the impact of DDoS attacks on cloud control systems. The experimental results show that the BiLSTM algorithm can effectively detect the DDoS attack on the cloud control system.

Network Control Systems Security - Machine tool is known as the mother of industry. CNC machine tool is the embodiment of modern automatic control productivity. In the context of the rapid development of the industrial Internet, a large number of equipment and systems are interconnected through the industrial Internet, realizing the flexible adaptation from the supply side to the demand side. As the a typical core system of industrial Internet, CNC system is facing the threat of industrial virus and network attack. The problem of information security is becoming more and more prominent. This paper analyzes the security risks of the existing CNC system from the aspects of terminal security, data security and network security. By comprehensively using the technologies of data encryption, identity authentication, digital signature, access control, secure communication and key management, this paper puts forward a targeted security protection and management scheme, which effectively strengthens the overall security protection ability.

Network Control Systems Security - This paper is concerned with the observer-based control design for a continuous linear networked control systems under denial of service attacks. In order to save network communication resources, a new flexible event-triggered control strategy is designed on the premise that denial of service attacks are power-limited pulse width modulation interference. Considering this influence of denial of service attacks on event-triggered state, the maximum system performance lost is calculated. The sufficient conditions of system stability are derived by using the Lyapunov functional method. The constructive design of the controller is expressed in terms of linear matrix inequalities. Finally, the theoretical results are verified by a simulation example.

Network Control Systems Security - With the rapid development of mobile communication technology and broadband wireless access technology, various wireless communication technologies emerge in an endless stream. Different technologies differ in network performance indicators and service features. Therefore, a single communication technology cannot be applied to various complex application scenarios. This paper mainly studies the design of security monitoring and management system of heterogeneous ATC network based on association algorithm. This paper designs and implements a security monitoring management system for network security perception. Based on the above research results and according to the data characteristics and scene requirements of the air traffic control system, the data organization method and monitoring management technology oriented to network security perception are combined with the air traffic control system to carry out the ground application and reverse verification of the feasibility of the scheme.

Network Control Systems Security - With the development of computer and network technology, industrial control systems are connecting with the Internet and other public networks in various ways, viruses, trojans and other threats are spreading to industrial control systems, industrial control system information security issues are becoming increasingly prominent. Under this background, it is necessary to construct the network security evaluation model of industrial control system based on the safety evaluation criteria and methods, and complete the safety evaluation of the industrial control system network according to the design scheme. Based on back propagation (BP) neural network’s evaluation of the network security status of industrial control system, this paper determines the number of neurons in BP neural network input layer, hidden layer and output layer by analyzing the actual demand, empirical equation calculation and experimental comparison, and designs the network security evaluation index system of industrial control system according to factors affecting industrial control safety, and constructs a safety rating table. Finally, by comparing the performance of BP neural network and multilinear regression to the evaluation of the network security status of industrial control system through experimental simulation, it can be found that BP neural network has higher accuracy for the evaluation of network security status of industrial control system.

Network Control Systems Security - Plaintext transmission is the major way of communication in the existing security and stability control (SSC) system of power grid. Such type of communication is easy to be invaded, camouflaged and hijacked by a third party, leading to a serious threat to the safe and stable operation of power system. Focusing on the communication security in SSC system, the authors use asymmetric encryption algorithm to encrypt communication messages, to generate random numbers through random noise of electrical quantities, and then use them to generate key pairs needed for encryption, at the same time put forward a set of key management mechanism for engineering application. In addition, the field engineering test is performed to verify that the proposed encryption method and management mechanism can effectively improve the communication in SSC system while ensuring the high-speed and reliable communication.

Network Control Systems Security - The analysis shows how important Power Network Measuring and Characterization (PSMC) is to the plan. Networks planning and oversight for the transmission of electrical energy is becoming increasingly frequent. In reaction to the current contest of assimilating trying to cut charging in the crate, estimation, information sharing, but rather govern into PSMC reasonable quantities, Electrical Transmit Monitoring and Management provides a thorough outline of founding principles together with smart sensors for domestic spying, security precautions, and control of developed broadening power systems.

Network Control Systems Security - With the development of industrial informatization, information security in the power production industry is becoming more and more important. In the power production industry, as the critical information egress of the industrial control system, the information security of the Networked Control System is particularly important. This paper proposes a construction method for an information security platform of Networked Control System, which is used for research, testing and training of Networked Control System information security.

Network on Chip Security - With the advancements in VLSI technology, Tiled Chip Multicore Processors (TCMP) with packet switched Network-on-Chip (NoC) have emerged as the backbone of the modern data intensive parallel multi-core systems. Tight timeto-market and cost constraints have forced chip manufacturers to use third-party IPs in sophisticated TCMP designs. This dependence over third party IPs has instigated security vulnerabilities in inter-tile communication that cannot be detected at manufacturing and testing phases. This includes possibility of having malicious circuits like Hardware Trojans (HT). NoC is the likely target of HT insertion due to its significance and positional advantage from system and communication standpoints. Recent research shows that HTs can manipulate control fields of NoC packets and leads to dead flit attacks that has the potential to disrupt the on-chip communication resulting in application level stalling. In this paper, we propose run time detection of such dead flit attacks by analyzing packet movement behaviours. We also propose a cost effective mitigation mechanism by re-routing the packets around the HT infected router. Our experimental study with real benchmarks on 8x8 mesh TCMP evaluates the effectiveness of the proposed solution.

Network on Chip Security - This paper designs a network security protection system based on artificial intelligence technology from two aspects of hardware and software. The system can simultaneously collect Internet public data and secret-related data inside the unit, and encrypt it through the TCM chip solidified in the hardware to ensure that only designated machines can read secret-related materials. The data edgecloud collaborative acquisition architecture based on chip encryption can realize the cross-network transmission of confidential data. At the same time, this paper proposes an edge-cloud collaborative information security protection method for industrial control systems by combining endaddress hopping and load balancing algorithms. Finally, using WinCC, Unity3D, MySQL and other development environments comprehensively, the feasibility and effectiveness of the system are verified by experiments.