UML4IoT—A UML-based approach to exploit IoT in cyber-physical manufacturing systems

Internet of Things (IoT) is changing the world. The manufacturing industry has already identified that the IoT brings great opportunities to retain its leading position in economy and society. However, the adoption of the IoT changes the development process of the manufacturing system and raises many challenges. In this paper, the modern manufacturing system is considered as a composition of cyber-physical, cyber and human components, and IoT is used as a glue for their integration as far as their cyber interfaces are concerned. An approach based on a UML profile for the IoT is presented to fully automate the generation process of the IoT-compliant layer that is required for the cyber-physical component to be effectively integrated into the modern IoT manufacturing environment. The approach can also be applied at the source code level specification of the component in case that a UML design specification is not available. A prototype implementation of the myLiqueur production laboratory system is used to demonstrate the applicability and effectiveness of the UML4IoT approach.     

Modeling and simulation of complex manufacturing phenomena using sensor signals from the perspective of Industry 4.0

This article presents a methodology defined as semantic modeling to create computable virtual abstractions of complex manufacturing phenomena denoted as phenomena twins from the perspective of the fourth industrial revolution (also known as Smart Manufacturing, Connected Factory, Industry 4.0, and so forth). The twins are created such that they become friendly to both sensor signals and new-generation web technology (i.e., the semantic web). The efficacy of the proposed modeling approach is demonstrated by creating a phenomenon twin of cutting force (a highly complex and stochastic phenomenon associated with all material removal processes) and also by representing it using the semantic web. The relevant epistemological and systemological issues (e.g., those of meta-models, ontology, classification/trustworthiness/provenance of knowledge associated with the webized phenomenon twin) are also discussed. This article will help developers of embedded (e.g., cyber-physical) systems needed for functionalizing Industry 4.0.     

基于实体-数据的物联网服务建模

物联网服务作为信息世界软件服务通过物联网向现实世界的延伸,其在物联网系统具有重要的作用.然而,不同于传统Web服务,物联网服务具有现实感知、数据驱动、异构分布、时空相关等新特点,使得现有的服务模型不足以对物联网服务有效刻画,进而也不能满足物联网应用中的后续服务发现、服务卸载、服务组合等需求.在凝练分析物联网服务建模需求和已有物联网服务模型的基础上,提出了一种基于实体-数据的物联网服务建模框架,该框架提出了服务、实体、数据三元信息融合的物联网服务模型概念及概念关系,重点定义了服务、实体、数据的时空属性及时空依赖关系,以支持基于时空相关性的物联网服务关联表示与分析,并通过扩展OWL-S(ontology Web language for services)给出了基于实体-数据的物联网服务描述方式.最后,结合一个高速公路物联网应用案例对模型的使用方式和效果进行了讨论.     

Development of foundation models for Internet of Things

With the advent of the Internet of Things (IoT) that offers capabilities to identify and connect worldwide physical objects into a unified system, the importance of modeling and processing IoT data has become significantly accentuated. IoT data is substantial in quantity, noisy, heterogeneous, inconsistent, and arrives at the system in a streaming fashion. Due to the unique characteristics of IoT data, the manipulation of IoT data for practical applications has encountered many fundamental challenging problems, such as data modeling and processing. This paper proposes the infrastructure for an IoT prototype system that aims to develop foundation models for IoT data. We illustrate major modules in the IoT prototype, as well as their functionalities, and provide our vision of the key techniques used for tacking the critical problems in each module.     

基于区块链的分布式物联网信任管理方法研究

随着物联网(Internet of things, IoT)技术的发展,在不同的物联网之间逐渐形成了大规模、异构化、动态化的分布式物联网环境.分布式物联网内的设备间与物联网管理机构间存在着广泛的合作需求,为此需要在其中建立信任机制以促进合作.然而,现有的信任机制研究大部分脱离于物联网环境,没有考虑物联网设备计算与存储能力有限且差异较大这一特点,造成抽象信任机制研究无法直接应用于物联网中;另一方面,现有的物联网信任问题研究都依赖于额外的可信第三方或域间信任假设,这在实际中是难以实现的.为了解决上述问题,借助区块链与风险理论,提出一种适用于分布式物联网的信任管理方法.具体地,将信任量化为对期望信用与风险的考察,并借助区块链实现信任数据的有效共享与安全性.实验与分析表明:该方案能够有效量化信任,保护数据不被篡改,且能够以较低的存储开销维护系统的正常运行.     

物联网技术在信息化建设中的应用

物联网作为当前迅猛发展的新技术,势必带来一场深刻的科技变革.但是,作为一种新兴的信息产业,发展物联网存在各个方面的问题.对物联网的技术及应用进行了研究,分析了物联网的发展及应用现状,指出了影响物联网发展的因素,以及对物联网发展的探索.     

Anomaly Detection for Industrial Internet of Things Cyberattacks

The evolution of the Internet of Things (IoT) has empowered modern industries with the capability to implement large-scale IoT ecosystems, such as the Industrial Internet of Things (IIoT). The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational and financial harm to organizations. To preserve the confidentiality, integrity, and availability of IIoT networks, an anomaly-based intrusion detection system (IDS) can be used to provide secure, reliable, and efficient IIoT ecosystems. In this paper, we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks. The proposed anomaly-based IDS is divided into three phases: pre-processing, feature selection, and classification. In the pre-processing phase, data cleaning and normalization are performed. In the feature selection phase, the candidates’ feature vectors are computed using two feature reduction techniques, minimum redundancy maximum relevance and neighborhood components analysis. For the final step, the modeling phase, the following classifiers are used to perform the classification: support vector machine, decision tree, k-nearest neighbors, and linear discriminant analysis. The proposed work uses a new data-driven IIoT data set called X-IIoTID. The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%, a sensitivity rate of 99.59%, a specificity rate of 99.58%, and a low false positive rate of 0.4%.     

物联网与绿色智能建筑

针对智能建筑的发展模式,结合智慧地球与物联网,本文阐述了物联网与视联网的相关技术,并分析了物联网在智能建筑中的应用,最后指出物联网、视联网是实现智能城市建筑的关键技术,而建筑智能化系统工程是物联网、视联网的应用基础。     

Cyber Security and Privacy Issues in Industrial Internet of Things

The emergence of industry 4.0 stems from research that has received a great deal of attention in the last few decades. Consequently, there has been a huge paradigm shift in the manufacturing and production sectors. However, this poses a challenge for cybersecurity and highlights the need to address the possible threats targeting (various pillars of) industry 4.0. However, before providing a concrete solution certain aspect need to be researched, for instance, cybersecurity threats and privacy issues in the industry. To fill this gap, this paper discusses potential solutions to cybersecurity targeting this industry and highlights the consequences of possible attacks and countermeasures (in detail). In particular, the focus of the paper is on investigating the possible cyber-attacks targeting 4 layers of IIoT that is one of the key pillars of Industry 4.0. Based on a detailed review of existing literature, in this study, we have identified possible cyber threats, their consequences, and countermeasures. Further, we have provided a comprehensive framework based on an analysis of cybersecurity and privacy challenges. The suggested framework provides for a deeper understanding of the current state of cybersecurity and sets out directions for future research and applications.     

SG-Edge: 电力物联网可信边缘计算框架关键技术

随着国家电网电力物联网的逐步推进,作为其核心支撑技术的边缘计算框架逐渐成为研究热点.首先,总结了物联网和边缘计算框架方面的已有研究工作;其次,通过分析电力物联网在业务场景、边缘计算、信息安全等方面的关键技术难题,提出了一种适应于电力物联网的可信边缘计算框架SG-Edge;随后,结合边缘框架的可信防护关键难题,给出了硬件可信引导、软件行为动态度量等关键技术方法;最后,从业务适应性、安全性以及性能等方面对SG-Edge进行了全面评估,并对未来研究可能面临的挑战进行了展望.     

基于ROS与Contiki的物联网环境下数据采集机器人设计

提出了一种基于ROS与OpenWrt、Contiki的新型物联网系统方案ROS-IOT.分为两个部分：物联网系统的搭建与此系统下数据采集机器人的设计.感知层传感节点采用Contiki协议栈实现传感节点的组网与数据传递;接入网关采用运行Openwrt操作系统的无线路由器,网关接入模块实现协议动态转换,设置转换地址池、数据汇聚、处理,并基于rosserial_embeddedLinux上递至ROS网络等功能,实现各层数据流通;应用层基于websocket技术设计了与ROS网络数据交互的web服务,可实现与感知层、机器人的双向交互.机器人采用运行ROS环境的树莓派作为主控设备,电机驱动板采用stm32单片机.机器人的软件设计采用基于ROS Topic与ROS_bridge的通讯机制,使得机器人更加容易地融入物联网系统,并且在此基础上拓展更多服务.     

Internet of Things for the Future of Smart Agriculture: A Comprehensive Survey of Emerging Technologies

This paper presents a comprehensive review of emerging technologies for the internet of things(IoT)-based smart agriculture.We begin by summarizing the existing surveys and describing emergent technologies for the agricultural IoT,such as unmanned aerial vehicles,wireless technologies,open-source IoT platforms,software defined networking(SDN),network function virtualization(NFV)technologies,cloud/fog computing,and middleware platforms.We also provide a classification of IoT applications for smart agriculture into seven categories:including smart monitoring,smart water management,agrochemicals applications,disease management,smart harvesting,supply chain management,and smart agricultural practices.Moreover,we provide a taxonomy and a side-by-side comparison of the state-ofthe-art methods toward supply chain management based on the blockchain technology for agricultural IoTs.Furthermore,we present real projects that use most of the aforementioned technologies,which demonstrate their great performance in the field of smart agriculture.Finally,we highlight open research challenges and discuss possible future research directions for agricultural IoTs.     

物联网认证协议综述

物联网设备数量的大规模增长以及人工智能技术的逐步升级给物联网安全带来了严峻的挑战.由于大部分物联网设备具有无键盘输入、CPU结构简单、存储容量小、计算和通信能力弱等特点,以及物联网网络的体系结构和计算机网络的不同,传统的认证协议无法在物联网环境中通用.因此,设计适用于物联网环境的认证协议是保证物联网安全必不可少的环节.本文介绍了物联网认证协议研究的背景以及近几年物联网认证协议的研究进展,分析了物联网认证协议与传统计算机网络认证协议的不同,指出了物联网认证协议中常用的技术和数学方法,包括椭圆曲线加密、秘密共享、量子密码学等,然后从用户与设备认证、设备与服务器认证、设备与设备认证三个方面来介绍物联网认证协议研究的最新研究成果,最后讨论了物联网认证协议未来研究方向.     

基于集群架构的物联网终端动态认证仿真

为有效提高物联网终端认证的安全性,基于集群架构对物联网终端动态进行认证仿真。设计的认证策略主要基于双注册因子和对应认证结构,包括常数量和编码特征密匙,在此基础上设定集群架构下物联网双因子注册流程,第一认证因子与服务器达成一致,通过用户初始注册信息终端服务器生成注册凭证,第二因子通过SAS服务器认证,并生成注册会话密匙,完成最终双因子注册,根据注册因子,以X.509V3作为核心签发结构,构造认证数字证书,搭配公共密匙基础设置(PKI),确定身份认证协议,采用"挑战-应答"的形式完成物联网移动终端的认证实现集群架构下,当前物联网终端的整体认证工作。实验数据表明,在标准内核攻击下,设计的物联网终端认证方法可以有效保证自身数据的完整性,提高认证安全和可信性。     

一种适用于物联网的群组接入认证协议

无线局域网与3G网络互联可作为物联网业务的承载。针对现有接入认证方案中的安全和群组通信问题,提出一种基于可扩展身份验证协议认证框架的群组接入认证协议。在初始化和注册阶段完成设备群组的建立,在认证和密钥协商阶段实现设备的安全接入。与传统EAP-AKA协议相比,该协议采用基于椭圆曲线密码体制的Diffie-Hellman密钥交换协议以保证前向安全性,通过先到设备完成群认证向量的获取,并与后来者共享认证的方式,实现群组认证功能并提高认证效率。分析结果表明,该协议提供相互认证并能抵抗多种类型的攻击,有效减少了群组认证开销,可满足物联网的业务要求。     

一个物联网异构数据接入系统ChukwaX

针对物联网感知层异构数据的接入问题,提出一个接入系统ChukwaX。该系统采用层次化系统结构以分散系统压力,利用适配器模型解决异构协议的适配问题,支持传感网络的动态接入,从而满足本地自治与随意接入的需求。实验结果表明,ChukwaX能达到预期的设计要求,并且具有较好的系统可扩展性。     

A human-in-the-loop manufacturing control architecture for the next generation of production systems

In recent years, the introduction of Industry 4.0 technologies in the manufacturing landscape promoted the development of smart factories characterised by relevant socio-technical interactions between humans and machines. In this context, understanding and modelling the role of humans turns out to be crucial to develop efficient manufacturing systems of the future. Grounding on previous researches in the field of Human-in-the-Loop and Human Cyber-Physical Systems, the paper aims at contributing to a deep reflection about human-machine interaction in the wider perspective of Social Human-in-the-Loop Cyber-Physical Production Systems, in which more agents collaborate and are socially connected. After presenting an evolution of manufacturing control organisations, an architecture to depict social interactions in smart factories is proposed. The proposed architecture contributes to the representation of different human roles in the smart factory and the exploration of both hierarchical and heterarchical data-driven decision-making processes in manufacturing.     

面向物联网的高速数据交换节点设计方法

针对当前高速数据交换节点设计方法存在功耗高、整体性能低下的问题,提出一种新的面向物联网的高速数据交换节点设计方法.设计了节点所处物联网的拓扑结构,并分析设计了调制模块、码字相加模块和解调模块.令每个和高速数据交换节点的IP模块经输入端口与输出端口和交换节点相连,在各输入端口处设置一个缓冲队列,通过调制模块读取数据,传输至码字加法器模块进行加法运算,将计算结果发送至各个解调模块进行处理后,把数据传输至目的IP模块.通过码分多址技术实现高速数据交换节点的软件设计.实验结果表明,所提方法带宽使用率高、传输速度快、响应能力强.     

物联网中基于智能合约的访问控制方法

针对物联网中设备资源受限、连接数量大、动态性强等特点,传统的集中式访问控制技术已不完全适用,如何在物联网环境中实现安全高效的访问控制授权成为亟待解决的关键问题.对此,提出一种基于层级区块链的物联网分布式体系架构(distributed architecture based on hierarchical blockchain for Internet of things, DAHB).在该架构中以基于属性的访问控制(attribute-based access control, ABAC)模型为基础,采用智能合约的方式实现对物联网设备基于属性的域内和跨域的灵活、动态、自动化的访问控制.同时,在属性度量中增加信任值与诚实度动态评估不同域间和设备间的信任关系,保证实体能够履行合约的信用能力和稳定性.理论分析和实验结果表明：该方案比现有方案更有效解决物联网访问控制中存在的轻量级、灵活性、细粒度和安全性问题.     

面向物联网的改进PBFT共识算法

随着物联网的发展,高效的共识算法是区块链技术应用于物联网的关键.针对实用拜占庭容错(practical Byzantine fault tolerance, PBFT)算法在物联网场景中通信次数多、未考虑共识功耗、共识时延高等问题,本文提出了一种基于二分K均值算法的改进PBFT共识算法(binary K-means practical Byzantine fault tolerance algorithm,BK-PBFT).首先,获取节点地理坐标并计算节点综合评价值,通过二分K均值算法将节点划分为一个双层多中心聚类集群.然后,先在下层集群再在上层集群对区块进行PBFT共识.最后,集群验证执行并存储区块,完成共识.此外,本文证明了当节点均匀分布在每个簇时算法通信次数可以达到最少,以及通信次数最少时的最优聚类数.分析与仿真结果表明,本文算法可以有效减少通信次数、降低共识功耗和共识时延.