Toward Resilience in Mixed Critical Industrial Control Systems: A Multi-Disciplinary View
Robert-Jeron ReifertMartin Krawczyk-BeckerLaurin PrenzelSvyatoslav PavlichkovMohammad Al KhatibSandesh Athni HiremathManar Al-AskaryNaim BajçincaSebastian SteinhorstAydin Sezgin
0
Citation
93
Reference
10
Related Paper
Abstract:
Future industrial control systems face the need for being highly adaptive, productive, and efficient, yet providing a high level of safety towards operating staff, environment, and machinery. These demands call for the joint consideration of resilience and mixed criticality to exploit previously untapped redundancy potentials. Hereby, resilience combines detection, decision-making, adaption to, and recovery from unforeseeable or malicious events in an autonomous manner. Enabling the consideration of functionalities with different criticalities, mixed criticality allows prioritizing safety-relevant over uncritical functions. While both concepts on their own feature a huge research branch throughout various disciplines of engineering-related fields, the synergies of both paradigms in a multi-disciplinary context are commonly overlooked. In industrial control, consolidating these mechanisms while preserving functional safety requirements under limited resources is a significant challenge. In this contribution, we provide a multi-disciplinary perspective of the concepts and mechanisms that enable criticality-aware resilience, in particular with respect to system design, communication, control, and security. Thereby, we envision a highly flexible, autonomous, and scalable paradigm for industrial control systems, identify potentials along the different domains, and identify future research directions. Our results indicate that jointly employing mixed criticality and resilience has the potential to increase the overall systems efficiency, reliability, and flexibility, even against unanticipated or malicious events. Thus, for future industrial systems, mixed criticality-aware resilience is a crucial factor towards autonomy and increasing the overall system performance.Keywords:
Mixed criticality
Resilience
Industrial control system
Ukrainian
Cite
Citations (2)
Mixed criticality
Cite
Citations (8)
National critical infrastructure and industrial processes are heavily reliant on automation, monitoring and control technologies, including the widely used Supervisory Control and Data Acquisition (SCADA) systems. The growing interconnection of these systems with corporate networks exposes them to cyber attacks, with several security incidents reported over the last few decades. This study provides a classification scheme for categorising security incidents related to critical infrastructure and industrial control systems. The classification scheme is applied to analyse 242 security incidents on critical infrastructure and industrial control networks, which were reported between 1982 and 2014. The results show interesting patterns, with key points highlighted for the purpose of improving the way we plan for and direct efforts toward protecting critical infrastructure and industrial networks.
SCADA
Industrial control system
Control system security
Critical infrastructure protection
Cyber-attack
Cite
Citations (31)
Mixed criticality
Cite
Citations (14)
At present, mixed-criticality systems have become the development trend of embedded systems, such as in power edge computing, avionics safety control and car safety driving scenarios. In the existing advanced flexible mixed-criticality (FMC) model, the method of calculating compensation requirements may have a large number of low-criticality invalid compensation, which will greatly reduce the overall performance of low-criticality tasks. In response to this problem, our paper improves the method of reducing the service level of low-criticality tasks, from reducing the execution time of low-criticality tasks to now extending the period of low-criticality tasks, and proposes the corresponding FMCI-EDF-VD scheduling algorithm. Experimental results show that flexible mixed criticality improved (FMCI) model can manage the decline in service levels of low-criticality tasks more wisely and reduce invalid compensation for low-criticality tasks. Compared with existing FMC, our method can always perform better in ensuring the completion of high-criticality tasks while scheduling more low-criticality tasks under different circumstances.
Mixed criticality
Cite
Citations (0)
Assessment of the critical infrastructure (CI) criticality is an essential task in the task complex to ensure the protection of CI. The article shows the significant distinction between criticality assessment and risk assessment. Based on the concept of criticality, the paper presents the method to the categorization of CI and critical information infrastructure (CII) facilities, along with the developed procedure for identifying and categorizing CI and CII facilities. The presented method allows the development of cybersecurity procedures for various critical infrastructure facilities.
Critical infrastructure protection
Cite
Citations (2)
This work focuses on Design Space Exploration for embedded systems based on heterogeneous parallel architectures and subjected to mixed-criticality constraints. In particular, it presents a criticality-aware evolutionary approach integrated into a reference Electronic System Level HW/SW Co-Design flow
Mixed criticality
Design space exploration
Design flow
Cite
Citations (6)
Current adaptive mixed criticality scheduling policies assume a high criticality mode in which all low criticality tasks are descheduled to ensure that high criticality tasks can meet timing constraints derived from certification approved methods. In this paper we present a new scheduling policy, Adaptive Mixed Criticality - Weakly Hard, which provides a guaranteed minimum quality of service for low criticality tasks in the event of a criticality mode change. We derive response time based schedulability tests for this model. Empirical evaluations are then used to assess the relative performance against previously published policies and their schedulability tests.
Mixed criticality
Cite
Citations (49)
Mixed-criticality models are an emerging paradigm for the design of real-time systems because of their significantly improved resource efficiency. However, formal mixed-criticality models have traditionally been characterized by two impractical assumptions: once \textit{any} high-criticality task overruns, \textit{all} low-criticality tasks are suspended and \textit{all other} high-criticality tasks are assumed to exhibit high-criticality behaviors at the same time. In this paper, we propose a more realistic mixed-criticality model, called the flexible mixed-criticality (FMC) model, in which these two issues are addressed in a combined manner. In this new model, only the overrun task itself is assumed to exhibit high-criticality behavior, while other high-criticality tasks remain in the same mode as before. The guaranteed service levels of low-criticality tasks are gracefully degraded with the overruns of high-criticality tasks. We derive a utilization-based technique to analyze the schedulability of this new mixed-criticality model under EDF-VD scheduling. During runtime, the proposed test condition serves an important criterion for dynamic service level tuning, by means of which the maximum available execution budget for low-criticality tasks can be directly determined with minimal overhead while guaranteeing mixed-criticality schedulability. Experiments demonstrate the effectiveness of the FMC scheme compared with state-of-the-art techniques.
Mixed criticality
Cite
Citations (0)
Mixed-criticality models are an emerging paradigm for the design of real-time systems because of their significantly improved resource efficiency. However, formal mixed-criticality models have traditionally been characterized by two impractical assumptions: once any high-criticality task overruns, all low-criticality tasks are suspended and all other high-criticality tasks are assumed to exhibit high-criticality behaviors at the same time. In this paper, we propose a more realistic mixed-criticality model, called the flexible mixed-criticality (FMC) model, in which these two issues are addressed in a combined manner. In this new model, only the overrun task itself is assumed to exhibit high-criticality behavior, while other high-criticality tasks remain in the same mode as before. The guaranteed service levels of low-criticality tasks are gracefully degraded with the overruns of high-criticality tasks. We derive a utilization-based technique to analyze the schedulability of this new mixed-criticality model under EDF-VD scheduling. During run time, the proposed test condition serves an important criterion for dynamic service level tuning, by means of which the maximum available execution budget for low-criticality tasks can be directly determined with minimal overhead while guaranteeing mixed-criticality schedulability. Experiments demonstrate the effectiveness of the FMC scheme compared with state-of-the-art techniques.
Mixed criticality
Cite
Citations (36)