FOCUS
A control-driven autonomous authentication scheme for peer-to-peer control systems assisted industrial Internet of things
Salem Alkhalaf1
Accepted: 13 May 2021 / Published online: 28 May 2021
The Author(s), under exclusive licence to Springer-Verlag GmbH Germany, part of Springer Nature 2021
Abstract
Peer-to-Peer (P2P) networks are prominent in the Internet-of-things-assisted industrial environments for distributed computing and smart control systems. The problem arises with the independence and peer systems security due to anonymous access and security measures. In this paper, an innovative control-driven autonomous authentication scheme is proposed for improving the access security of P2P industrial systems. The proposed scheme provides authentication based on P2P system control requirements within its access time. The P2P control systems and their functionalities are provided with classified security measures for administering autonomous security. The advantage of offering autonomous protection is to prevent the sequence of security breaches and control sabotage. In this process, the control system requirements and authentications are paired by identifying the machines’ operating time and access time. For identification and grouping- based classification, support vector machines are used. It learns the sabotage and control requirements based on access and control time for providing a rupture-less industrial process. It helps to leverage the detection of autonomous adversaries in P2P industrial control systems. Besides, a less complex and latent-free security measure is achievable using the proposed scheme.
Keywords Anonymous authentication Control systemsIIoTP2P networksSVM classifier
1 Introduction
Internet of things (IoT) becomes an emerging technology in industrial applications and developed in many fields, such as transportation, healthcare, financial services, real estate, manufacturing industries, etc. (Huang et al.2019).
When two or more PCs are linked and resource-sharing without a separate server computer, a peer-to-peer network (P2P) shall become established. An ad hoc P2P network maybe a few computers connected to files via a Universal Serial Bus. The Internet of Things (IoT) defines the net- work of physical objects—‘‘things’’—including sensors, software, and others technology to communicate and exchange information through the Internet with other devices and systems. The Industrial Internet of Things
(IIoT) uses the emerging technologies of IoT for robots, big data analytics, smart sensors, etc. The only difference between the Internet of Things (IoT) and Industrial IoT is IIoT provides benefits for industrial purposes only, but all users can use IoT (Zhang et al. 2018). IIoT environment incorporated intelligent resources for sensing, interacting, and accumulating information about the data communica- tion framework. Curious influence over both the small and large scale industries has been exerted by the industrial IoT (Boyes et al. 2018). The IIoT succeeds with the develop- ment of Big Data Analytics and cloud computing. IIoT is being implemented in the previous process to reduce resource use and carbon discharge for industrial systems.
Innovative technology gives intelligent sensing, commu- nication, and accumulation of data communication systems in information resources. Innovative technology Artificial intelligence techniques allow computers to carry out complex tasks even as people can: understand the meaning of words, make decisions and manipulate complex objects in a node of perhaps increasing the value of forecast maintenance, followed by logistics (67%), reduction in operating costs (24%) and an increase in production Communicated by Vicente Garcia Diaz.
& Salem Alkhalaf
s.alkhalaf@qu.edu.sa
1 Department of Computer, College of Science and Arts in Ar Rass, Qassim University, Ar Rass, Saudi Arabia
https://doi.org/10.1007/s00500-021-05883-2(0123456789().,-volV)(0123456789().,- volV)
volume, more than 90% of the adopter cites system health as the primary reason for IoT adoption (18 percent). In industry 4.0, the transducer and other devices are con- nected with embedded computing, and networking became a fundamental component. It will be possible when IoT is equipped with fewer potential radio networks (Cao et al.
2019; Plaga et al. 2019). There are several problems of confidentiality and identity in P2P networks. As far as privacy is concerned, the data stream from a peer may be abused by colleagues who help relay the data. The VoIP apps, such as Skype, which route traffic on a P2P basis, provide a direct example. P2P applications are most often used for Internet sharing of music and videos. It can and is sometimes very risky to use P2P applications. Files that contain copyrighted materials to be downloaded and shared are illegal.
Industrial IoT carries new demand with various aspects, such as security, confidentiality, standardization, etc. A day’s integration of IT technologies increases the impor- tance of protecting against cyber-attacks became the main goal for designing industrial IoT systems (Al-Turjman and Alturjman2018). Security architecture, namely software- based isolation and dematerialization, covers Intel and Acorn RISC Machine architecture. For secure execution, a trusted podium module and Intel software protection expansion are used (Gebremichael et al. 2020). IoT sys- tems in industries consist of massive self-coordinating heterogeneous networks, which are commonly known as device swarms. An efficient swarm authentication module verifies software integrity in device swarms (Al-Turjman and Alturjman 2018). Fully homomorphic encryption (FHE), one of the cryptographic techniques, is designed to perform the arithmetic operations of encrypted data of IIoT devices. A certificate-less lightweight scheme is provided to ensure the authentication of data in IIoT devices. An authentication scheme based on a privacy-preserving bio- metric is used to secure communication between the Industrial IoT systems (Gebremichael et al. 2020, 2019).
When the Swarm connects, the Helix server is configured to allow it to be created automatically for new users in Perforce, and the user exists in LDAP. The Helix server configures this feature, and no Swarm setup is required. In general, three types of encryption are available: Symmet- rical key cryptography: It has a single universal key for the encryption and decryption of messages from the message sender and receiver. Features: The key and asymmetric key are not used. This algorithm provides cryptography. An authentication endpoint is a security mechanism that allows even approved devices to link to a particular network, site, or service. The method is also called authentication of the system. The password answer sent by the registered device ensures that the user has an approved user connection.
Internet connectivity for IIoT depends on a definite purpose to establish a link between the cloud, industry operations, and management systems. The smart devices in the Industrial IoT environment, paired keys are set by key management, mutual authentication among the devices for user certification, are characterized by privacy-preserving user authentication based on biometrics (BP2UA) (Sodhro et al. 2019; Das et al. 2017). Authentication provides permission for the sensor nodes in the IIoT devices and the gateway to rectify one another confidentially about their identity for the communication process to take place between each device in the IIoT environment (Sodhro et al.
2020). Techniques to evaluate the strategy’s effectiveness include assessing domestic and external strengths that influence strategy implementation, evaluating business performance, and identifying appropriate corrective actions. Regulation of premises, Primary checks are designed to consistently and routinely monitor whether strategic surveillance remains steadfast in the strategy’s assumptions—control of special alerts and monitoring execution. For a machine to machine communication in Industrial IoT, LAKD (lightweight Authentication and key distribution) is used to exchange the data between the devices confidentially (Das et al.2018). Industrial Control Systems (ICS) is a general concept covering different control systems and related industrial process control instruments. These systems range from a few modular panel-assembled controls to massive, interconnected, and collaborative distributed control systems with thousands of connections on the ground. Systems obtain data from remote sensor process variable measurements (PVs), compare the data gained with necessary SPs, and derive command features, for example, the control valve, which are used to monitor the process through the final control elements (FCEs). Larger systems are usually implemented by SCADA (Surveillance and data acquisition systems) or DCS systems and PLCs (Programmable Logic Con- trollers); however, SCADA and PLC can be scaled down to small, regulate systems.
Xor, subtraction, addition, one-way hash function are performed by LAKD. Mutual authentication is obtained by BAN (borrows Abadi Needam) logic and AVISPA (Au- tomated Validation of Internet Security Protocols and Applications) tool during key distribution between the devices for sharing the data (Chen et al. 2014).
2 Related works
A blockchain-based Nonrepudiation network computing service scheme is proposed by Xu et al. (2019) for indus- trial IoT. In this work, blockchain act as a service publisher and an evidence recorder. The homomorphic hash-based
service verification method is used to operate the on-chain evidence. The evaluation result gives the efficacy and dependability are established by security analysis.
Lee et al. (2019) suggested reputation management for custom manufacturing services based on blockchain in the peer-to-peer networking environment. The manufacturer rating classification guides the decision-making of the customers. A cryptographic algorithm protects the digital signing and privacy of transactions. The characteristics and individuality of the approach are verified by comparing it with other related studies.
A robust Elliptic Curve Cryptography-based, provable secure Authentication protocol is implemented by Li et al.
(2019) with privacy-preserving for industrial IoT. The random oracle model provides security for the proposed method. Network simulator-3 result provided the efficient protocol for the industrial Internet of things and compared with other protocols for its security and reliability.
For industrial IoT, Shen et al. (2020) recommended blockchain-assisted secure device authentication (BASA) protocol. The authentication process oppressed the IBS (identity-based signature). An identification management mechanism is used to secure the privacy of the devices.
The session keys protect subsequent communication. The efficiency and effectiveness are obtained by conducting comprehensive experiments.
A secure attack detection framework is considered by Qureshi et al. (2019) for smart cities industrial IoT. The proposed framework detects attacks like a sinkhole, black hole, version number, and HELLO-flood. The parameters like true and false positive rate, end to end delay, etc., are used to evaluate the framework’s performance. The result makes the framework perfect for IPV6-based Routing Protocol for low power and lossy networks in the IIoT environment.
Xu et al. (2019) described an innovative manufacturing application using hierarchical trustful resource assignment (HTRA) in industrial IoT. Along with HTRA, TRA (trustful resource assignment), TCA (trust computing algorithm) based on VGCs (Vickrey Clarke groves) are used to allocate the resource for CPU and process the data at the CPC. Effective gateways and IIoT equipment improve each participant’s utility.
In Wang et al. (2018), a reputation incentive scheme for blockchain consensus of IIoT is introduced. Reward factors are used for cooperative behavior effectiveness, and revoking elements are used for non-cooperative behavior.
Implementing the reputation-based incentive module pro- vides benefits for IIoT with blockchain applications. Nodes collective behavior of the IIoT is encouraged by the pro- posed work.
A credit-based dynamical evaluation method was implemented by Shijie and Yingfeng (2020) for the
configuration of manufacturing services under IIoT. In the complex manufacturing system, the MSs (Manufacturing Services) Credit is evaluated by the Fuzzy analytics net- work process. A service scoring mechanism (SSM) is used to derive the credit-based manufacturing mode. The result gives the Credit way in real-time manufacturing service, and quick decisions are made along with improved cus- tomer satisfaction.
Defense in Depth is used by Mosterio-Sanchez et al.
(2020) for securing IIoT. For providing End to End secu- rity, ABE (attribute-based encryption) and combined Defense in Depth (DiD) are designed by analyzing the equivalent security strategy in Industries. The obtained result of the proposed work provides a secure framework for industry 4.0.
A privacy-preserving authentication for general directed graphs is proposed in AlZubi (2020). The proposed scheme is based on a cryptographic accumulator and digital signature scheme. A feasible solution is provided for authentication issues. By adaptive chosen message attack, the security of the system is verified. For real-time appli- cation, the effectiveness of the scheme is evaluated.
Based on an adaptive learning rate and momentum in IIoT, Yan et al. (2020) suggested Trustworthy network anomaly detection. HCA-MBGDALRM (Hinge classifica- tion algorithm based on mini-batch gradient descent with an adaptive learning rate and momentum) is used to reduce security attacks. The performance of the algorithm is improved by algorithm significance. For accelerating the swiftness of massive traffic datasets, a parallel framework for the proposed scheme is implemented.
Hassan et al. (2020; 2020) described a reliable cyber- attack detection model for increasing the trustworthiness in the IIoT. Cyber-attack of Supervisory control and data acquisition (SCADA) is detected by RS (ransom subspace) learning method with RT (random tree). RS reduces the sensitivity, and RT solves the over-fitting issues, and a high detection rate is achieved. The result shows that the pro- posed model improves the trustworthiness and security in IIoT.
In Tajalli et al. (2020), DoS-Resilient distributed opti- mal scheduling in a Fog supporting IIoT-based smart microgrid is proposed. The fog layer is suggested as a computation layer for reducing latency and provides information storage and local computation for industries.
Denial of service is overcome for improving the perfor- mance of the proposed work. Reliability, accuracy, and feasibility are enhanced as a result of the simulation.
A secure IIoT framework for resource management in intelligent manufacturing is discussed in Ahmad Ali AlZubi2019,2020. A clustering technique based on NDRF (node degree, distance, residual energy, and fitness) is used to improve the network’s lifetime. Softmax-DNN (deep
neural network) is used to reduce the latency and overhead in communication. The result of the proposed framework improves the energy efficiency, security of IIoT networks.
A graph-based security framework is modeled by George and Thampi (2020, 2018) for securing IIoT net- works from vulnerability exploitations. Security problems are addressed as graph-theoretic problems. For possible estimation of the network, the proposed model serves as a security framework. Risk mitigation strategies improve the security of the network. The proposed model’s perfor- mance is evaluated under the changing environment of IIoT networks through different security parameters.
2.1 CAAS
In IIoT, peer-to-peer networking is used to distribute the service to the end-machine that deploys the secure trans- mission. This peer-to-peer network is processed due to security measures and anonymous access to the machine. A formal representation of CAAS in IIoT is illustrated as a block diagram in Fig.1.
In this work, identification and grouping of operating time and access time are classified by SVM that address security breaches and control sabotage. Here, the CAAS method is used to control requirement and access time; the preliminary step is to monitor the field level. Cyber-secu- rity is critical as it covers everything related to the
protection of confidential data, PII, PHI, personal infor- mation, intellectual property, data, government, and busi- ness information systems from theft and damages targeted.
The goal behind the Internet is to provide devices that report themselves in real-time, improve efficiencies and make critical information available to the surface faster than a system relying on human intervention. ‘‘Security architecture’’ means defining the framework necessary to protect an organization’s IT infrastructure. Such a frame- work covers requirements, processes, and SOPs involved in preventing, minimizing, and investigating various threats. Intel Software Guard Extensions (Intel SGX) is a series of instructions that increase application code and data security, providing better protection against divulga- tion and alteration. Autonomous security robots are inde- pendent security & surveillance robots that integrate and evolve many different technologies to conduct security &
surveillance operations, such as reporting, tracking, investigating, and intruder detection. For many companies, safety is today a big concern. A lack of human labor is one of the significant benefits of using an autonomous ship, such as the M75. In reality, customers use Explore the differences cheaper than a crew, especially when it comes to safety work. ‘‘They need to have shifted; nobody can work 24 h a day,’’ they said. Authentication is the capacity to demonstrate that the individual or application appears to be the consumer or application. They will bind via the registration of devices information (pairing)—they first need to connect it with another Bluetooth device to use a Bluetooth device. Pairing is a bit of a call-swap exchange.
The mechanism and procedure for combining computer devices with a second computing device are revealed if these processes are identified and authenticated. On hard disc 708 is stored an application 760 containing computer instructions.
The following equation acquires the information from the industrial machine and monitors their state of action.
s¼ 1 mn
Y
ce
mhð Þ þr0 ukps
ð Þ tmþ ukþmh Pwa
ð1Þ The monitoring field level is used to analyze the state of the machine and provides the service promptly, here it deploys the number of machines, and it is represented as mn. The request and response is denoted asr0andpsin this service is termed asukand forwarding is represented aswa, it is performed as peer-to-peer networking. The monitoring is denoted ass, and time is termed astm, IIoT the machine mh request for the particular service, and in turn, the response is provided as the response by representing
ukþmh
Pwa
. Fig. 1 CAAS in IIoT
Here, it securely deploys the service forwarding to avoid anonymous access from other networks, leading to more complexity in the peer-to-peer network. In this manner, the data sharing is performed between the IIoT machines on the field layer; here, the control level is responsible for sharing the service with the device. Thus, a secure service transmission is performed between the machines in the IIoT environment. The following equation is used to ana- lyze the machine’s request and response to provide the service on time and decrease the delay factor.
s0¼Yuk
s
r0þmh
ð Þ wa
ps
þðt0ðukÞ=tm$Þ ðf0þceÞ ð2Þ The analysis of request and response of the user is computed in the above equation, here it deploys the service request on the field level from the machine, and in turn, the control level is used to provide the service as a response.
Thus, access is provided to the requested machine in IIoT on time, and it is formulated asðt0ðukÞ$=tm$Þ. Here control level is responsible for forwarding the service to the machine. The control level is denoted ast0, whereas field- level is termed asf0in this, the access is represented asce; the analysis is referred to ass0.
In this analysis phase, the machine’s request is acquired, monitors its security level, and provides the service as the response to the IIoT environment’s machine. Thus, it deploys the periodic monitoring of service and forwards;
secure access is reliably given to the machine in this phase.
Here, requests and responses are identified and examine secure access between the IIoT environment machines associated with decreases in the delay factor. Thus, the analysis is performed, and then the security is measured at the control level. They help to forward the service as a response that is equated as follows.
p¼ psþmh=uk
wa
X
t0
dð Þ þce sdiþtm
a0i0
þðmnceÞ t0ðbÞ ð3Þ The security is used to analyze whether the machine request is authenticated or not; by deploying this approach, the service is forwarded in a peer-to-peer network. Here, the service is provided to the secure machine and it is associated with the time factor, and it is computed as
dð Þ þce sdai0þti0m
h i
in this identification is referred to as d. The monitoring of request and response is carried out, and it includes both the operating and access time that is denoted asa0and i0.
Here, the security is termed as p, and the service is forwarded as the response that is evaluated by psþmwh=uk
a
. The control level is used to monitor the field level and
provides the resultant. In this manner, the security varies for different control level that deploys the secure access between the machines, for this authentication is performed, and it is termed asb. Thus, the security is maintained for a peer-to-peer network that is an autonomous process in the IIoT environment; here, the anonymous authentication is monitored on the control level. The below equation is used to provide access to the requested machine that deploys the authentication process.
d¼ Q
sða0þi0Þ r0ðmhÞ þðptmÞ ps¼b sþr0ðmhÞ
p
P
waðpsþtmÞ ukþf0 6¼b 9=
; ð4Þ The identification of the access provider to the machine is analyzed by equating Eq. (4); here, it is responsible for forwarding the service in a peer-to-peer network. Figure2 presents the request and response access for different mechanical devices.
The machine device varies for access that deploys the request and response from the number of the machine in IIoT. If the machine device increases then, the demand and response ratio is also improved. If the detection is increased, then the machine’s request at field level also shows a higher value, and response is provided securely (Fig.2). It relates to two derivations, such as equality and inequality for authentication of service in the IIoT envi- ronment responsible for security. The first derivation is equal to the authentication process; here the periodic monitoring is performed for the request and response between the machine that relates to the operating and access time, and it is denoted as Q
sða0þi0Þ r0ðmhÞ. In this manner, the security check is performed between the machines, and so it is equal to authentication.
The second derivation is not equal to authentication because the service from the control level is not forwarded;
here, the periodic monitoring is not performed, and it is termed as sþr0pðmhÞ
P
waðpsþtmÞ. Thus, the authentica- tion is performed to provide secure service sharing between
Fig. 2 Request and Response Access
the machines in IIoT that deploys operating and access time. In this authentication process, the security is balanced for service and access time to maintain the security, for this classification method is proposed as SVM. Figure3 pre- sents the ratio of service provider identification under dif- ferent anonymity factors is illustrated.
The machine device varies for the identification per- centage that deploys anonymity shows wavy range. If the identification of machine requests is improved, anonymity is also maximized for machines. The anonymity for 0.8 values shows a higher identification ratio than the 0.4 value (Fig.3).
2.2 Classification process
The SVM is a classification method used in the peer-to- peer networks and differentiates the operating and access time and decreases the anonymous authentication. This SVM is used to determine the requirement and permit time for the requested machine and provide security. The CAAS is used at the control level to monitor the condition, and access time in this peer-to-peer authentication is evaluated reliably. The following equation is used to classify the requirement and access time and avoids anonymous access in the IIoT environment.
s0ð Þ ¼t0
P#ðqeþukÞ dþp l0
þðo0ðr0Þ=waÞ;8Requirements
# wap Qbþuk
þðf0ceÞ þðs/i0Þ;8Access Time
9>
>=
>>
; ð5Þ The control level analysis is computed in the above equation, and it classifies the requirement and access time that includes the peer-to-peer authentication. Here the first derivation relates to the condition, and here it checks with the previous state of request and provides the resultant; the last state is denoted aso0. If the machine is necessary to perform a particular task, it deploys the secure service
forwarding to the requested machine. This requirement phase is associated with data forwarding that deploys authentication between the engine in IIoT, and it is per- formed on time.
The second derivation relates to the access time, and it is monitored periodically, and it is represented as
f0ce
ð Þ þðs=i0Þ; in this field-level device is used to request the service. In this manner, the control level iden- tifies the secure machine and provides the service to the requested user that is associated with authentication, and it is represented as Qwap
bþuk
. Figure4a, b presents the classification illustration of requirements and access time- based processes.
Thus, the SVM classifies the requirement and access time to provide secure data forwarding in IIoT, and the grouping of operating time and access time is estimated below equation.
o¼ ukf0
i0/di
þXi0
a0
sþo0 d
½s0ð Þ þuk ðtm/pÞ ½psþb ð6Þ The grouping of requirement and access time is per- formed in Eq. (6), in this periodic monitoring of service is evaluated, and it is represented assþod0
. By formulating s0ð Þ þuk ðtm/pÞ
½ the analysis is carried out for the requested service in this security is provided on time. Here, authen- tication is performed for the requested user. It deploys the classification of requirements and access time for the number of machines in IIoT.
The grouping is referred to as o monitoring performed on time-related to the classification of operating and access time for the machine. The control system is responsible for forwarding the service to the machine; thus, it is associated with the detection process and responds promptly. The grouping is used in SVM to differentiate the margin that includes the hard and soft margin; this hyperplane is selected between the operating and access time. The fol- lowing equation is used to estimate and differentiate the operating and access time related to the security and autonomous control system.
D¼Ywa
d
sgr
uk
þðtml0Þ #
|fflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflffl{zfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflffl}
a0
þ psgr
Pce
X
di
sþ# ð Þ p
|fflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflffl{zfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflfflffl}
i0
ð7Þ The differentiating of time is evaluated for the operating and access for the requested machine. This process deploys the classification between the requirement and authentica- tion. The differentiation is denoted as D, here, both the Fig. 3 Access Provider Identification for Different Machine Devices
active and access time is evaluated in this it forwards the service to the requested machine. The periodic monitoring is performed to analyze the authentication, including the margin separation, such as hard and soft. The margin is termed asgr and it relates to timely processing, and it is denoted asQwa
d sgur
k
here it evaluates the classification.
In Figs.5a, b and6a, b, the grouping and margin separation process for requirements and access time are illustrated, respectively.
The margin is separated from deciding between the machine request and response, and it is represented as
psgr
Pce
P
diðsþ#Þhere the classification is performed.
The monitoring is used to detect the anonymous access to the requested machine in this security is maintained to decreases the delay. This differentiating is used for oper- ating an access time that deploys authentication for the autonomous process for peer-to-peer network. The fol- lowing equation is used to monitor anonymous access
periodically, address the misdetection, and improve authentication and security.
sð Þ ¼ce dwa i0
þXl0
p
qeb
ð Þ ð#þt0/f0Þ dið Þ b ps ð8Þ The monitoring of access is performed to forward the service to the requested machine, and it is denoted as
dwa
i0
, here it includes the access time from the classifi- cation method. Here, the requirement and access time are monitored, and security for the different control systems by evaluating CAAS. The classification method is used for the requirement and access time and identifies the anonymous control system by deploying SVM. The security is modi- fied due to the secure access forwarded to the machines in peer-to-peer networking in IIoT associated with the control system.
In this manner, the access is provided by identifying whether a security is maintained or not; if it is an authen- ticated machine, the service is provided; otherwise, it is Figure 4 aRequirements
Classification.bAccess Time Classification
Figure 5 aGrouping.bMargin Separation for Requirements
denied. Here the response is given to the established machine, and it is denoted asdið Þ b psin this, it evaluates the security for the number of the machine. Thus, the margin selection is made by formulating the following equation associated with hard and soft margin.
j0¼ 1 mn Y
o
qeþi0
ð Þ þ ðp=a0Þ ½ðynþbÞ ðdiþt0Þ gro0
ð9Þ The margin selection is computed in the above equation, and it is represented asj0in this, the number of machines is considered by grouping and classification method. Its pre- vious state selects the margin in this it deploys requirement and access time, and it is associated with security and authentication. The hyperplane differentiate the hard and soft margin, and it deploys the security between the machines and it is denoted as½ðynþbÞ ðdiþt0Þ.
The margin is selected with the previous state of machine processing and performs the authentication for the autonomous machine in a peer-to-peer network. The access time is decreased by detecting the anonymous control system in IIoT; in this, it evaluates the classification and grouping of requirements and access time. For every requested machine, access is provided promptly; here, it checks whether it is an authenticated or not and forwards the services. Thus, its previous state makes the margin selection, and the hyperplane is used for the decision- making process, and it is equated in the following equation.
j0ð Þ ¼yn Xuk
s
grþqeþi0
#
ðltmÞ þ ðsð Þ=bÞuk
ðpsþpÞ gr ð10Þ
The best hyperplane is separated by using SVM; in this, it detects the control system and analysis the anonymous control system that deploys the SVM method. The
selection of hyperplane is denoted as j0ðynÞ in this, it deploys the margin that relates to the hard and soft margin in SVM; in this, it evaluates the authentication. Here, the access time is decreased between the peer-to-peer network, and it classifies the operating and access time that evaluates the autonomous process. The authentication is used to evaluate the service and monitor periodically, and it is denoted as ðsð Þ=bÞ; in this, the response is provideduk securely.
The margin selection is used to deploy the secure ser- vice forwarding in this classification is performed for the requirement and access time. The CAAS is used to decrease the security level that responds on time in the IIoT environment; here, the hyperplane is used to decide whe- ther the service is forwarded. Thus, hyperplane decide to provide secure service by performing authentication in the control system to the machine, and it is denoted as
psþp
ð Þ gr, the decision is represented as l. Thus, the upcoming equation is used to perform the authentication for the secure machine that deploys Eq. (8) for better performances.
b¼r
j0 gr
o0ð Þ þl yn dið Þt0 mhð Þr0
þpða0þi0=DþukÞ þ½#ð Þ þce s0ð Þtm ðwaþpsÞ
ð11Þ The authentication is provided to the requested machine in IIoT. In this, it deploys the CAAS method that is asso- ciated with operating and access time. If the machine requests a particular service, the authenticated machine is provided with the response on time performing this improves the security from the anonymous access. The differentiating is performed by selecting the margin and utilizing the hyperplane by the previous machine process- ing state. The security level changes for every control Figure 6 aGrouping.bMargin
Separation for Access Time
system, and it is equated as yn mdiðt0Þ
hðr0Þ
it relates to the hyperplane decision-making approach.
Its service differentiates the operating and access time, and it is represented asða0þi0=DþukÞin this, the security is provided to the machine and shows lesser access time.
The authentication is performed for every access from the machine and ensures the security periodically that is denoted as ½#ð Þ þce s0ðtmÞ. Thus, the authentication is carried out in the above equation. The monitoring is per- formed for the operating and access time and computed in the following equation from the classification phase.
s0ðmhÞ ¼ 1 mn
þY
gr
j0ð Þ þyn ða0þi0Þ ðpþo=dÞ þðkskaÞ þs ð12Þ It is used to find whether the machine’s security is the same or different; if it is the same, it is given to the machine; else, it denied it. The monitoring is performed by deploying the SVM method associated with the require- ment and authentication method by evaluating the hyper- plane. The hyperplane in SVM is used to find the margin selection and provides the security for the machine, denoted as j0ð Þ þyn ða0þi0Þ. Figure7a, b illustrate the grouping and anonymity factors for different machines and epochs of the SVM classification.
The epochs vary for the grouping for the number of the device associated with identifying request and response. If the epochs increase then, the grouping for the operating and access time also increases. It shows a lesser grouping of machine epochs for value ten compare to 40 (Fig.7a).
The epochs vary for anonymity and demonstrate the value ranges from high to low or maintains the constant. Suppose the machine device is increased for varying ranges from 10 to 40 and shows lesser anonymity. If the machine device
decreases then, the anonymity for the proposed work is increased for epochs (Fig.7b).
The security level is checked by identifying the group- ing of operating and access time of the machine, and it is represented as ðpþo=dÞ; by performing this, it distin- guishes the similar and dissimilar time, and it is termed as ksandka. The periodic monitoring is carried out to find the similarity and dissimilarity of services in the hyperplane selection process that is denoted asðkskaÞ þs. Thus, if the operating and access time is the same, the service is provided; else, it is denied. The following equation is used to evaluate the margin optimization from similar and dis- similar services.
h¼Xyn
grðj0mnÞ þt0 psþf0 luk
Y
ce
dþða0i0Þ þðb=qeÞ sðtmÞ
ð13Þ In the above equation, margin optimization is computed.
It is termed ash, here the margin and hyperplane are used to decide the working of machine state and analyze the operating and access time. The response is forwarded to the machine from the control system to field level, and it is represented ast0 plusþf0
k
. Here, the classification method is used to differentiate the requirement and authentication of service and perform periodic monitoring to analyze the similar and dissimilar operating and access time. The detection is performed validating the following equation in this it decreases the access time and delays; in this, it enhances by identifying the misdetection.
q¼Y
s
hða0þi0Þ þ waþmh
Pgrþj0
p
qeþl þðdidÞ þX
o0þyn
ð Þ l0 ð14Þ
Figure 7 aGrouping Analysis.bAnonymity Analysis
The detection is done to improve the security in IIoT and avoids the service forwarding to anonymous process;
by performing this, it decreases the delay; it is termed asl0. The operating and access time are considered to deploy the security among the machine, and it is represented as
waþmh
Pg
rþj0
qp
eþl
, in this requirement and authentication is performed reliably. Here, similar and dissimilar methods are used to authenticate the IIoT environment better and respond to the control system’s field level. Thus, the scope of this proposed work is addressed by evaluating the SVM and the CAAS method and shows better security for peer- to-peer networking. Table 1 presents the tabulation of authentication success % and detection % for different grouping and anonymity factors.
The grouping factor for varying authentication success percentages shows a low high range of values for anon- ymity. If the grouping factor increases then, the anonymity percentage also increases, and it shows better authentica- tion. If the machine’s anonymity decreases, the authenti- cation is improved; it shows a vice versa processing for grouping factor (Table1). The grouping factor for varying detection percentages is done anonymously, ranging from 0.4, 0.6, and 0.8. If the detection is increased, the anon- ymity decreased for varying grouping factors associated with the machine number. It shows lesser anonymity for grouping factor value from 0.8 compared to 0.4 (Table1).
2.3 Performance assessment
The performance of the proposed scheme is analyzed using experimental analysis performed by considering 40 oper- ating devices. The IoT platform is modeled with four users requesting 150 processes to be executed using the machines. In this scenario, three access points are placed, and five control systems are used. The control systems are used to monitor the device’s performance in 10 min intervals. The performance is considered anonymous if the request/ response is not accepted or processed within 18 s
and 42s. The metrics evaluated in this experimental anal- ysis are detection ratio, complexity (time), latency, access control, and control failure. The classification is performed for 600 trials (epochs) using the SVM. For verifying the proposed scheme’s consistency, the existing methods from George and Thampi (2020), Yan et al. (2020), and Hassan et al. (2020) contributions are considered.
2.4 Detection
The detection for the proposed work increases for varying machine devices that are associated with security and autonomous control system, and it is represented as
t0ðukÞ=tm
ð Þ. The service is provided to the requested machine in this it forwards the service promptly. Thus, it relates to identifying operating and access time, and it is associated with SVM classification. In this manner, the service from the field level is accessed from the control system by providing security for the authenticated machine. Here, it deploys the detection in a reliable manner related to the delay and service loss. The periodic moni- toring is done for the efficient forwarding of service to the requested machine as the response. The SVM is used to select the margin, and it is associated with the hyperplane of the decision-making approach. In this case, the control level’s security is initialized by detecting every request from the machine in IIoT. Thus, the analysis is evaluated by classifying the service that deploys better optimization, and it is denoted as psþmwh=uk
a
. The service is forwarded to the requested machine that is associated with operating and access time. The classification of requirements and authentication is evaluated by periodic monitoring of ser- vices in IIoT (Refer to Fig.8).
2.5 Complexity
The complexity is decreased for varying machine devices and time; thus, the access time is minimized. Therefore,
Table 1 Authentication % and Detection % for Grouping and Anonymity Factors
Grouping Factor Authentication Success % Detection %
Anonymity = 0.4 Anonymity = 0.6 Anonymity = 0.8 Anonymity = 0.4 Anonymity = 0.6 Anonymity = 0.8
0.4 85.695 79.622 75.011 88.677 84.551 82.189
0.5 86.857 80.746 75.367 89.914 84.64 82.553
0.6 87.307 80.791 77.054 90.201 84.731 82.67
0.7 87.745 84.053 77.136 90.471 85.297 83.611
0.8 88.03 85.887 78.551 93.348 87.237 83.92
0.9 94.735 85.933 80.253 93.437 87.689 84.6
both the similarities and dissimilar of service are evaluated by monitoring the control system. The field layer is used to assess the efficient processing that deploys the SVM method, and it is represented assþr0pðmhÞ
. The security is monitored by identifying the classification and grouping of services in IIoT. The misdetection of service is evaluated by differentiating the optimization of analysis with the previous state. The complexity is minimized for the num- ber of machine requests for assistance. The authentication is assessed from the classification method. Here, the complexity of service is evaluated reliably; this hyperplane is selected from the SVM method. The differentiating of service is considered to analyze the similarities and dis- similar that deploys the authentication. The operating and access time is monitored and provides security, and it is denoted as ðqeþukÞ dþpl0
. The identification of service is evaluated by grouping and classification of services that deploy the decision-boundary. The optimization of service is monitored to improve the misdetection in autonomous machines in IIoT. Here, the number of machines’ com- plexity is associated with the hyperplane selection with the SVM method [Refer to Fig.9a, b].
2.6 Latency
The latency for the detection percentage is minimized by deploying the classification related to the SVM method.
The classification is done for operating and access time. It is associated with forwarding the service as the response.
The decision-boundary is evaluated in a reliable manner that relates to the monitoring of services periodically. Here the authentication is performed by equating uikf0
0=di
in this field, the level is used to forward the request to the machine. The identification of service is used to provide
the periodic monitoring of service; whether similar or dissimilar, the response is provided reliably. Here, the service is provided to the requested user on time, and it evaluates the margin selection method. The margin selec- tion is used to analyze the machine request and response phase that deploys the SVM classification. Thus, both the operating and access time is classified in this SVM method to improve the detection percentage. If the detection per- centage is increased, then the latency is decreased for the number of requested machines. By formulatingod0½psþb the response is provided to the authenticated machine in IIoT that ensures the control system’s security level (Refer to Fig. 10).
2.7 Access control
The proposed work’s access control varies for the machine responsible for forwarding the service to the requested machine on time. Here it deploys the operating and access time from the SVM classification method that relates to the security. In IIoT, the service is requested from the field level, and in turn, the control system provides the service promptly, and it is represented as ðtml0Þ #D. The differentiating of operating and access time is performed by deploying the grouping for autonomous machines in IIoT. The access control is given to the requested user that evaluates the identification of service reliably. Thus, the proposed work’s security level is improved if access con- trol is increased by detecting service handling mismatch. A similar service is provided to the requested machine, and it is denoted as ð#þt0=f0Þ ps. In this decision, the boundary is used to analyze the hyperplane in SVM and deploy the machine’s security. Thus, access control is provided on time to the requested machine that evaluates the service requirement and authentication. The classifi- cation model analyzes secure data forwarding to the machine that deploys reliable security. Only an authenti- cated machine is provided with the service on time asso- ciated with the operating and access time (Refer to Fig.11).
2.8 Control failure
In Fig.12, the control failure for the proposed work decreased for varying detection percentages compares to the existing three methods. The previous state is important to analyze the detection, and it is represented as
ynþb
ð Þ ðdiþt0Þ
½ . Here the authentication and require- ment from the machines are monitored and responds promptly. Thus, the failure is due to delay and service loss;
it is addressed by classifying the authentication’s operating and access time. Here, the margin selection is made by Fig. 8 Detection Ratio Analysis
evaluating service identification by differentiating the requirement, and authentication and grouping are per- formed to provide the modified service’s security. For every computation step, the security level differs, and the modification is done periodically to ensure the authenti- cation. The forwarding of service in a reliable manner is
done by formulating ½#ð Þ þce s0ðtmÞ ðwaþpsÞ here access control is used to identify the machine state. From the control system, the service is forwarded to the field- level devices. The security administered is represented as
pþo=d
ð Þ. The security modification is done to analyze the misdetection of service that avoids anonymous control access. Thus, control failure for the proposed work shows lesser value. The above comparative analysis is tabulated in Tables2 and3for machine devices and detection ratio.
The proposed CAAS achieves 4.92% high detection for the different machine devices, 14.11% less time (com- plexity), and 6.6% high access control.
The proposed CAAS reduces control failure, time (complexity), and latency by 13.6%, 12.33%, and 18.52%, respectively, for different detection ratios.
Fig. 9 Figure Time (Complexity) Analysis foraMachine Devices.bDetection %
Fig. 10 Latency Analysis
Fig. 11 Access Control Factor Analysis
Fig. 12 Control Failure Analysis
3 Conclusion
Internet-of-Things-assisted industrial environments pro- vides ubiquitous access to control systems for handling different processes. An IoT system consists of sensors/de- vices that ‘‘talk’’ to the cloud through some connectivity.
When the data are collected in the cloud, the software can process it and decide to operate by sending an alert or automatically changing sensors/devices without the user having to provide it. The collection and sharing of data is an essential component of business activities. It contributes to business development and operation and improves the management of data. The data can be interpreted, exchanged, and processed to use IoT technology to increase the company’s productivity and performance. The problem in security arises if ubiquitous access is misled due to anonymous human or device interventions. For addressing this problem, control-driven autonomous authentication scheme is proposed and discussed in this paper. The proposed scheme identifies reliable and secure control systems based on their access and security levels.
The energy required to get a particle from the inside of a medium and break through the surface is used, especially by metal photoelectric and thermionic electron emissions.
In solid-state physics, the work function (sometimes spel- led work function) is the minimum thermodynamic work (i.e., energy) required to remove an electron from a solid to a point in the vacuum immediately beyond the concrete surface. Reliability is a unique characteristic that defines a component’s reliability. Therefore, the part performs the desired function and meets business aims and consumer needs under certain conditions for a certain period. By using support vector classifiers, the differentiations and grouping of secure access control systems are performed.
The secure control systems with controlled authentication for reliable request/ response processing are thus identified.
Action prevention for the proper application of industrial automation and control systems (intentional or uninten- tional). These control systems manage vital resources, including energy, oil production, water, transportation, production, and transport. They rely on machines, net- works, operating systems, applications, and programmable security checks, respectively. The Stuxnet worms were found in 2010 and were sensitive to cyber incidents. Cyber- security rules require increased safety for control systems running vital infrastructure have been adopted by the United States and other governments. Many other names, such as SCADA protection, PCN security, industrial net- work security, industrial system control (ICS) cybersecu- rity, operational technology (OT) security, and cyber control system security, have been identified to control the safety of the system. The grouping and differentiation processes are modified through continuous monitoring of the control systems and their security levels. Sensors are examined by monitoring systems, and their findings are recorded. Control systems accept sensor values and hard- ware actuators—control systems. Detect the intruders in a house; the system must track the sensors on doors and windows. The idea of establishing a monitoring and control mechanism is to seize opportunities to improve the situa- tion, i.e., to modify alternatives and prevent crisis controls.
Essential clarification about secure control systems with controlled authentication for reliable request/ response processing is thus identified. It helps to detect any changes in the security level for preventing control failures. Secu- rity controls are available to minimize or reduce the danger to such properties. They provide all types of policies, procedures, techniques, methods, solutions, schemes, Table 2 Comparative Analysis (Machine Devices)
Metrics George and Thampi (2020) Yan et al. (2020) Hassan et al. (2020) CAAS (Proposed)
Detection % 81.809 86.378 89.756 90.896
Time (ms) 226.089 213.745 187.236 120.523
Access Control Factor 0.905 0.925 0.933 0.943
Table 3 Comparative Analysis (Detection %)
Metrics George and Thampi (2020) Yan et al. (2020) Hassan et al. yyy (2020) CAAS (Proposed)
Control Failure 0.129 0.106 0.069 0.056
Time (ms) 208.247 195.363 166.996 119.83
Latency (ms) 846.503 741.948 724.339 628.129
actions, or devices to help achieve this objective. Examples that can be recognized include firewalls, monitoring sys- tems, and antivirus programs. Preventive controls encom- pass protocols, standards, procedures, encryption methods, firewalls, and physical barriers. The IoT platform aids the peer-to-peer validation of the control systems by incorpo- rating different security measures preventing sabotages in the industrial process. IoT allows regular items ’technical’
to enable them without manual intervention to transmit data and automate tasks. An IoT system can be as basic as a wearable health monitoring device or as complex as an intelligent town with sensors around its different regions.
There seems to be a danger to the network of consumers if the IoT system has any security vulnerabilities. This vul- nerability could attack and harm other systems. Sensors, networking, data processing, and the user interface are the major components of IoT systems. The IoT communication usually is focused on data generation or/and data collection devices (sensors/actuators). The proposed scheme’s per- formance is verified using different metrics, and it is seen that it reduces time complexity, latency, control failure, and latency. In contrast, it improves the detection ratio and access control. It is verified for different machines and detection percentile.
Acknowledgements Researchers would like to thank Scientific Research, Qassim University, for funding this project’s publication.
Declarations
Conflict of interest The authors declare that they have no conflict of interest.
Ethical approval This article does not contain any studies with human participants or animals performed by any of the authors.
References
AA AlZubi, A Alarifi, M Al-Maitah, O Alheyasat (2020) Multi-sensor information fusion for Internet of Things assisted automated guided vehicles in smart city. Sustain Cities Soc, online version, pp 102539.
Abuhasel KA, Khan MA (2020) A secure industrial internet of things (IIoT) framework for resource management in smart manufac- turing. IEEE Access 8:117354–117364
Ahmad Ali AlZubi (2019) Location assisted delay-less service discovery method for IoT environments. Comput Commun 150:405–412
Al-Maitah M, AlZubi AA, Alarifi A (2019) An optimal storage utilization technique for IoT devices using sequential machine learning. Comput Netw 152:98–105
Al-Turjman F, Alturjman S (2018) Context-sensitive access in industrial internet of things (IIoT) healthcare applications. IEEE Trans Industr Inf 14(6):2736–2744
AlZubi AA, Al-Maitah M, Alarifi A (2019) A best-fit routing algorithm for non-redundant communication in large-scale. IoT Based Netw 152:106–113
Baskaran SBM, Raja G, Bashir AK, Murata M (2017) QoS-aware frequency-based 4G?relative authentication model for next generation LTE and its dependent public safety networks. IEEE Access 5:21977–21991
Boyes H, Hallaq B, Cunningham J, Watson T (2018) The industrial internet of things (IIoT): an analysis framework. Comput Ind 101:1–12
Cao, Y., Jia, F., & Manogaran, G. (2019). Efficient traceability systems of steel products Using Blockchain-based Industrial Internet of Things. IEEE Transactions on Industrial Informatics Chen S, Yang L, Zhao C, Varadarajan V, Wang K (2020) Double- blockchain assisted secure and anonymous data aggregation for fog-enabled smart grid. Engineering
Das AK, Wazid M, Kumar N, Vasilakos AV, Rodrigues JJ (2018) Biometrics-based privacy-preserving user authentication scheme for cloud-based industrial Internet of Things deploy- ment. IEEE Internet Things J 5(6):4900–4913
Deep S, Zheng X, Jolfaei A, Yu D, Ostovari P, Bashir AK (March 2020) A survey of security and privacy issues in the Internet of Things from the layered context. Wiley, Transactions on Emerging Telecommunications Technologies
Gebremichael T, Ledwaba LP, Eldefrawy MH, Hancke GP, Pereira N, Gidlund M, Akerberg J (2020) Security and privacy in the industrial internet of things: current standards and future challenges. IEEE Access 8:152351–152366
George G, Thampi SM (2018) A graph-based security framework for securing industrial IoT networks from vulnerability exploita- tions. IEEE Access 6:43586–43601
Guido Dartmann, Houbing Song, and Anke Schmeink. Big Data Analytics for Cyber-Physical Systems: Machine Learning for the Internet of Things. ISBN: 9780128166376. Elsevier, 2019, pp. 1–360.
Hassan MM, Gumaei A, Huda S, Almogren A (2020) Increasing the trustworthiness in the industrial IoT networks through a reliable cyberattack detection model. IEEE Trans Ind Inf 16(9):6154–6162
Huang K, Zhang X, Mu Y, Wang X, Yang G, Du X, Guizani M (2019) Building redactable consortium blockchain for industrial Internet-of-Things. IEEE Trans Industr Inf 15(6):3670–3679 Lee Y, Lee KM, Lee SH (2019) Blockchain-based reputation
management for custom manufacturing service in the peer-to- peer networking environment. Peer Peer Network Appl 13(2):671–683
Li X, Niu J, Bhuiyan MZA, Wu F, Karuppiah M, Kumari S (2018) A robust ECC-based provable secure authentication protocol with privacy preserving for industrial internet of things. IEEE Trans Ind Inf 14(8):3599–3609
McNinch M, Parks D, Jacksha R, Miller A (2019) Leveraging IIoT to improve machine safety in the mining industry. Min Metall Explor 36(4):675–681
Mosteiro-Sanchez A, Barcelo M, Astorga J, Urbieta A (2020) Securing IIoT using defence-in-depth: towards an end-to-end secure industry 4.0. J Manuf Syst 57:367–378
Plaga S, Wiedermann N, Anton SD, Tatschner S, Schotten H, Newe T (2019) Securing future decentralised industrial IoT infrastruc- tures: challenges and free open source solutions. Futur Gener Comput Syst 93:596–608
Qureshi KN, Rana SS, Ahmed A, Jeon G (2020) A novel and secure attacks detection framework for smart cities industrial internet of things. Sustain Cities Soc 61
Sabina Jeschke, Christian Brecher, Houbing Song, and Danda Rawat, Industrial Internet of Things: Cybermanufacturing Systems.
ISBN: 978–3–319–42558–0, Cham, Switzerland: Springer, 2017, pp. 1–715.
Shen M, Liu H, Zhu L, Xu K, Yu H, Du X, Guizani M (2020) Blockchain-assisted secure device authentication for cross-
domain industrial IoT. IEEE J Select Areas Commun 38(5):942–954
Shijie W, Yingfeng Z (2020) A credit-based dynamical evaluation method for the smart configuration of manufacturing services under Industrial Internet of Things. J Intell Manuf
Sodhro AH, Pirbhulal S, Muzammal M, Zongwei L (2020) Towards blockchain-enabled security technique for industrial internet of things based decentralized applications. J Grid Comput, pp 1–14.
Sundarasekar R, Shakeel PM, Baskar S, Kadry S, Mastorakis G, Mavromoustakis CX, Gn V (2019) Adaptive energy aware quality of service for reliable data transfer in under water acoustic sensor networks. IEEE Access 7: 80093–80103 Tajalli SZ, Mardaneh M, Taherian-Fard E, Izadian A, Kavousi-Fard
A, Dabbaghjamanesh M, Niknam T (2020) DoS-resilient distributed optimal scheduling in a fog supporting IIoT-based smart microgrid. IEEE Trans Ind Appl 56(3):2968–2977 Wang EK, Liang Z, Chen C-M, Kumari S, Khan MK (2020) PoRX: a
reputation incentive scheme for blockchain consensus of IIoT.
Future Gener Comput Syst 102:140–151
Xu X, Han M, Nagarajan SM, Anandhan P (2020) Industrial Internet of Things for smart manufacturing applications using hierarchi- cal trustful resource assignment. Comput Commun 160:423–430 Xu Y, Ren J, Wang G, Zhang C, Yang J, Zhang Y (2019) A blockchain-based nonrepudiation network computing service scheme for industrial IoT. IEEE Trans Ind Inf 15(6):3632–3641 Yan X, Xu Y, Xing X, Cui B, Guo Z, Guo T (2020) Trustworthy network anomaly detection based on an adaptive learning rate and momentum in IIoT. IEEE Trans Ind Inf 16(9):6182–6192 Zhang D, Chan CC, Zhou GY (2018) Enabling Industrial Internet of
Things (IIoT) towards an emerging smart energy system. Global Energy Interconnect 1(1):39–47
Zhu F, Wu W, Zhang Y, Chen X (2019) Privacy-preserving authentication for general directed graphs in industrial IoT. Inf Sci 502:218–228
Publisher’s Note Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
