Logo des Repositoriums
 

Cybersecurity Testing for Industry 4.0: Enhancing Deployments in operational I&C systems Through Adversarial Testing and Explainable AI

dc.contributor.authorNdiaye, Ndeye Gagnessiry
dc.contributor.authorKirdan, Erkin
dc.contributor.authorWaedt, Karl
dc.contributor.editorKlein, Maike
dc.contributor.editorKrupka, Daniel
dc.contributor.editorWinter, Cornelia
dc.contributor.editorGergeleit, Martin
dc.contributor.editorMartin, Ludger
dc.date.accessioned2024-10-21T18:24:17Z
dc.date.available2024-10-21T18:24:17Z
dc.date.issued2024
dc.description.abstractSeveral emerging technologies have substantially affected the scope and implementation of security testing. This includes the testing of cryptographic algorithm implementation, the security of Machine Learning (ML) and Artificial Intelligence (AI) algorithms, joint functional safety and security-related (IEC TR 63069) testing, security and privacy-related testing of big data and cloud computing, e.g. with regard to de-identification. This paper focuses on the security ML and AI implementations, examining their integration in industrial control and nuclear systems (IEC 62443). Special attention is given to security threats considered throughout the AI system life cycle specifically at design phase. We assess the entirety of the secure development lifecycle, which includes stages such as data and model management, risk assessment, and the enhancement of system robustness and resilience as specified by ISO/IEC 42001. To highlight the critical role of verification and validation (V&V), we conduct a proof-of-concept exploit targeted and gradual feature poisoning attack on a water treatment and distribution simulator fault detector. We achieve to demonstrate the impact of the attack on model robustness and performance through explainable metrics and pave the way for the development of a secure lifecycle framework, thereby increasing the chances of successful deployment.en
dc.identifier.doi10.18420/inf2024_169
dc.identifier.eissn2944-7682
dc.identifier.isbn978-3-88579-746-3
dc.identifier.issn2944-7682
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/45146
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofINFORMATIK 2024
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-352
dc.subjectIndustry 4.0
dc.subjectSecurity Testing
dc.subjectArtificial Intelligence (AI)
dc.subjectMachine Learning (ML)
dc.subjectSecure Development Lifecycle
dc.subjectVerification and Validation (V&V)
dc.subjectCybersecurity
dc.subjectExplainable AI (XAI)
dc.subjectFunctional Safety
dc.subjectCritical Infrastructure
dc.titleCybersecurity Testing for Industry 4.0: Enhancing Deployments in operational I&C systems Through Adversarial Testing and Explainable AIen
dc.typeText/Conference Paper
gi.citation.endPage1962
gi.citation.publisherPlaceBonn
gi.citation.startPage1947
gi.conference.date24.-26. September 2024
gi.conference.locationWiesbaden
gi.conference.sessiontitle9th IACS WS'24

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
Ndiaye_et_al_Cybersecurity_Testing.pdf
Größe:
1.06 MB
Format:
Adobe Portable Document Format