Development of a model for the analysis and separation of service and useful traffic in cyber-physical systems

Abstract

The object of the study is the processes of formation, transmission and processing of service and useful traffic in cyber-physical systems of Smart Manufacturing Ecosystem multi-level architecture type, vulnerable to cyberattacks aimed at compromising control data, authentication and coordination. In modern computer networks, service traffic determines the stability and security of the infrastructure, since any distortion or interception of service traffic can lead to disruption of the system as a whole. In smart systems, industrial Internet of Things and critical infrastructure, the volume of service messages reaches significant scales, because it is they that support the synchronism of thousands of systems in real time. The paper investigates the problem of protecting service traffic in Smart Manufacturing Ecosystem cyber-physical systems. A mathematical model of service and useful traffic segmentation is proposed, which takes into account the criteria of stability (access segmentation, integrity and authenticity control) and security (probability of compromise, channel criticality, level of trust in the transmission medium). To construct an integral risk indicator, the convolution method is used, which allows combining different types of parameters and determining the feasibility of dividing traffic for target analysis. The study was conducted using industrial protocols Modbus, DNP3, OPC UA, MQTT and HTTP, which are widely used in production networks. It was shown that the use of the model allows reducing the integral risk of attacks on service traffic by an average of 15–20% compared to approaches without segmentation. The developed model forms a scientific basis for creating methods and practical cyber protection solutions that ensure increased resilience of the Smart Manufacturing infrastructure and are able to withstand current and future challenges in the field of cybersecurity.