Cybersecurity Testing for Industry 4.0: Enhancing Deployments in operational I&C systems Through Adversarial Testing and Explainable AI
| dc.contributor.author | Ndiaye, Ndeye Gagnessiry | |
| dc.contributor.author | Kirdan, Erkin | |
| dc.contributor.author | Waedt, Karl | |
| dc.contributor.editor | Klein, Maike | |
| dc.contributor.editor | Krupka, Daniel | |
| dc.contributor.editor | Winter, Cornelia | |
| dc.contributor.editor | Gergeleit, Martin | |
| dc.contributor.editor | Martin, Ludger | |
| dc.date.accessioned | 2024-10-21T18:24:17Z | |
| dc.date.available | 2024-10-21T18:24:17Z | |
| dc.date.issued | 2024 | |
| dc.description.abstract | Several emerging technologies have substantially affected the scope and implementation of security testing. This includes the testing of cryptographic algorithm implementation, the security of Machine Learning (ML) and Artificial Intelligence (AI) algorithms, joint functional safety and security-related (IEC TR 63069) testing, security and privacy-related testing of big data and cloud computing, e.g. with regard to de-identification. This paper focuses on the security ML and AI implementations, examining their integration in industrial control and nuclear systems (IEC 62443). Special attention is given to security threats considered throughout the AI system life cycle specifically at design phase. We assess the entirety of the secure development lifecycle, which includes stages such as data and model management, risk assessment, and the enhancement of system robustness and resilience as specified by ISO/IEC 42001. To highlight the critical role of verification and validation (V&V), we conduct a proof-of-concept exploit targeted and gradual feature poisoning attack on a water treatment and distribution simulator fault detector. We achieve to demonstrate the impact of the attack on model robustness and performance through explainable metrics and pave the way for the development of a secure lifecycle framework, thereby increasing the chances of successful deployment. | en |
| dc.identifier.doi | 10.18420/inf2024_169 | |
| dc.identifier.isbn | 978-3-88579-746-3 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/45146 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | INFORMATIK 2024 | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-352 | |
| dc.subject | Industry 4.0 | |
| dc.subject | Security Testing | |
| dc.subject | Artificial Intelligence (AI) | |
| dc.subject | Machine Learning (ML) | |
| dc.subject | Secure Development Lifecycle | |
| dc.subject | Verification and Validation (V&V) | |
| dc.subject | Cybersecurity | |
| dc.subject | Explainable AI (XAI) | |
| dc.subject | Functional Safety | |
| dc.subject | Critical Infrastructure | |
| dc.title | Cybersecurity Testing for Industry 4.0: Enhancing Deployments in operational I&C systems Through Adversarial Testing and Explainable AI | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 1962 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 1947 | |
| gi.conference.date | 24.-26. September 2024 | |
| gi.conference.location | Wiesbaden | |
| gi.conference.sessiontitle | 9th IACS WS'24 |
Dateien
Originalbündel
1 - 1 von 1
Lade...
- Name:
- Ndiaye_et_al_Cybersecurity_Testing.pdf
- Größe:
- 1.06 MB
- Format:
- Adobe Portable Document Format