4.2. Cybersecurity in IoUT
From health to military industries, the race of achieving the most and most valuable information is challenging. Especially in military operations, information is the key factor which will determine the successful outcome. However, special components of information should be considered, namely the CIA triad as mentioned above. Underwater assets rely strongly on ICTs, and this leads to numerous technical vulnerabilities, which bring privacy concerns and security to the forefront [
44]. Implementing an information security system or an intrusion detection system is not auxiliary, it is mandatory.
Establishment of a robust security underwater network architecture demands two prerequisites, i.e., determination of security requirements and comprehension of adversaries’ strategy to exploit a vulnerability. Accordingly, the adoption of a real-time monitoring concept extends the effectiveness of cyber-defenses and supports early alerts. Threat modeling and risk assessment are key solutions to counter these challenges. They can offer both prediction and rapid evaluation of system vulnerabilities. Andrei Brazhuk et al. [
86], with the aim to provide solutions to above issues, built an ontology-based model, which integrates well-known datasets (CVE, ATT&CK, etc.) in OWL and RDF formats. In consequence, relations between attack techniques, attack patterns, weaknesses and vulnerabilities are described, to decrease security vulnerabilities.
An interesting work about a dynamic risk assessment in autonomous ships is presented in [
87]. Interconnection of vast number of sensors, as well as overwhelming computations, increase complexity, which have consequently expanded the attack surface. With the aim to provide cyberattack scenarios, related to the navigation and propulsion systems, based on identified vulnerabilities, two methods are incorporated, i.e., Formal Safety Assessment (FSA), for ranking hazardous scenarios and Cyber Preliminary Hazard Analysis (CPHA), to conduct threat assessment for autonomous vessels.
Wormhole [
18,
55], a routing attack, in which malicious or compromised node eavesdrops data packets from nearby friendly assets and redistributes them to the attacker’s host, can be devastating. Dargah et al. [
88], present an approach to detect and mitigate wormhole attacks in a UWSN. More specifically, they propose a cooperative detection strategy, in which each node discovers its neighbors through a secure discovery protocol. Their approach is divided into three distinct phases i.e., discovery, silent monitoring, and detection. During the second phase, receiver nodes extract a hash-based signature and reply with report packets containing its ID and the time stamp of the signature, confirming their identity. After executing simulation experiments in OMNET++ (
https://omnetpp.org/, accessed on 20 November 2022), they validated their model.
Traditional routing schemes differ from these in IoUT. Propagation of acoustic signals in water does not allow the integration of terrestrial routing protocols. However, depth can facilitate this challenge. More specifically, in [
89], a depth-based secure routing (DBSR) protocol is proposed, based on the most widely used routing protocol in underwater sensor networks, i.e., depth-base routing protocol (DBR), which requires solely the depth information of assets to operate [
90]. DBSR broadens its capabilities by implementing distinct steps to enhance security. In particular, before initial communication, each node possesses its own key along with a public key, to use them for verification. Although the general concept of a pair of keys is widely incorporated by IT systems, energy limitations in underwater world can be crucial. Therefore, elliptic-curve cryptography (ECC)-based algorithms were utilized, to decrease the overall overhead of nodes.
Finally, a very common method for attack mitigation, is the deployment of honeypots Thus, organizations protect their real systems from external threats, by attracting adversaries and determining their strategy [
91]. Honeypots are usually placed near the assets they are attempting to mimic. An interesting survey for honeypots in IoT is presented in [
92], presenting a basic honeypot architecture, known as honeynet. Honeypots and honeynets can be classified in various categories based on their purpose, role, level of interaction, scalability, etc. This method is applicable in IoT and can be integrated by IoUT in several ways. Suratkar et al. [
91] present an interesting approach of an adaptive honeypot concept which, through a Q-learning method, supports the functionality of firewalls, and other security mechanisms for severity analysis. Furthermore, in [
93], dynamic interaction of a honeynet through reinforcement learning is proposed, resulting in risk analysis and adaptive security policies for effective automated decisions related to risk, cost, and time factors.
Even though security mechanisms become constantly more sophisticated, the main challenge of cyber warfare remains, i.e., the precedence of cyber adversaries. Every protective asset is vulnerable to be compromised or avoided. Therefore, the probability factor should be a principal component in defending strategies. Issue of uncertainty in both domains, cybersecurity and IoUT, can be taken as an advantage, by incorporating semantic knowledge and reasoners. Strong interoperability between underwater assets, such as UUVs and nodes, in combination with a robust security system can give early alerts about potential exploitation.
4.3. Simulation of Cybersecurity and Interoperability in IoUT
Assuming that an underwater network has been established taking into consideration the cybersecurity and interoperability aspects, we should be able to ensure its robustness, effectiveness, and operability. Simulation software allows engineers and scientists to predict the outcome of operational scenarios using data from the real-world. For example, companies take advantage of simulation software to design their products in the digital world, without the need for repetition of expensive and time-consuming physical representations. To realize the benefits of simulation, we can think of the designing of a UUV/AUV with specific requirements and characteristics, based on the hazardous environment it operates in. Simulation engineers can change environmental conditions unlimited times in a protected and monitored area, in order to measure its durability in various situations or to reach the limits of the system’s endurance and extract quickly, accurately and cost-efficiently, its failure points. Especially in the IoUT domain, where danger is a major factor, and heterogeneity exists in plethora, simulation facilitates procedures tremendously, without affecting the accuracy of results. In this review, we mainly focus on the simulation of trajectories of UUVs/AUVs and their cooperation, as well as on the cybersecurity issues that appear. To achieve efficient simulation in different domains, several tools need to be available. Co-simulation of these tools is a very challenging research topic, due to their heterogeneity. Co-simulation is the joint simulation of loosely coupled stand-alone sub-simulators, taking into consideration their heterogeneity [
94].
One of the goals of our research is to simulate the underwater environment in which underwater assets will interoperate, as well as assets’ communication. Qualnet Network Simulation Software (
https://www.scalable-networks.com/products/qualnet-network-simulation-software, accessed on 20 November 2022) is a scalable simulation tool for replicating live networks; it is used for commercial and military purposes, as well as by governments and educational organizations around the world. In addition, Qualnet provides a wide range of libraries and popular protocols, such as the Military and Radios library and Network (ARP, IPv4) and internet protocols (FTP, HTTP). It can run accurate simulations and analyze networks efficiently. This tool is utilized in related work [
95], in which the simulation of an SDN (
https://sdn.ieee.org/outreach/resources, accessed on 20 November 2022) IoUT was successfully established. Furthermore, it can model numerous nodes and supports the designing of new protocol models and the optimization of existing models. WOSS (World Ocean Simulation System,
http://telecom.dei.unipd.it/ns/woss/, accessed on 20 November 2022) is another open-source simulation tool, developed in C++, which enables the integration of existing underwater channel simulator (NS-2,
https://ns2simulator.com/ns2-download/ 20 November 2022, NS-3,
https://ns3simulation.com/network-simulator-software/, accessed on 20 November 2022, etc.); the user can input environmental data and as an output can have a channel realization. Aqua-Sim (
https://github.com/rmartin5/aqua-sim-ng, accessed on 20 November 2022), an open-source underwater simulator which supports a vast number of protocols and features, provides simulation of acoustic signals and packet collisions in UWSNs, as well as a three-dimensional deployment. This simulation tool is the most widely utilized by researchers and it is based on the famous NS-2 (Network Simulator) tool, which is written also in C++ and is highly suitable for UWSNs. Its association with a visual tool, and support of monitoring node placement, movement, and packet flow, allow users even more complex experimentation [
96]. Another well-known simulation tool is SUNRISE (Sensing, Monitoring and Actuating) [
97]; it is an environment-based testbed for UWSN, designed by La Sapienza University. It supports scalability and heterogeneity across various domains and real-time environments. Its main advantage over the rest of the tools is its ability to span different types of underwater environments in various locations. In addition, the SUNRISE2SUNSET plug-in [
97] allows users to simulate, emulate and test novel underwater systems (at-sea). Additionally, OMNeT++ is a very simple but effective, extensive, modular simulation library and framework for building network simulators. It provides an excellent programming guide and has a library of simulation classes [
98]. Numerous and various protocols are supported and provide a GUI (graphical user interface) for execution. The UDMSim simulation platform was developed to support a data mulling-oriented solution. This tool merges the AUV Motion and Localization (AML) simulator and NS-3 [
99] and is capable of reproducing realistic scenarios with localization errors and providing evaluation of underwater communications, by simulating the signal and connection losses during an operation. GloMoSim (global mobile information system simulator) is another simulation tool which provides scalability to networks with a vast number of heterogeneous devices. It supports a vast number of networking protocols, both for wired and wireless networks. The main disadvantages of this tool are the poor documentation, and its rare updates. Lightweight simulation and detailed visualization are two main advantages of TOSSIM (
https://networksimulationtools.com/tossim-in-wsn/, accessed on 20 November 2022), a discrete event simulator. It provides a powerful GUI and supports a wide range of network interactions. Furthermore, it provides a simple yet mighty emulator for WSNs (wireless sensor networks). While TOSSIM can be utilized for fast and representative results, its lack of accuracy in real-world results and several self-made assumptions of this tool, can be important deterrents for its selection. Routing schemes in communication can be very complex. Finally, a network emulation software which provides huge capabilities and realistic environment to network and security professionals is EVE-NG (emulated virtual environment next generation,
https://www.eve-ng.net/, accessed on 20 November 2022). It supports cloud networking and over 1000 nodes per simulation. In addition, it allows users to extract information about the quality bandwidth, delay, jitter, and loss characteristics of communications.
Table 3 presents general information of the experimented simulation tools and
Table 4 provides their comparison based on specific features.
As presented in this review, security is linked to interoperability, and therefore we should be able to simulate both types of issues in an underwater network. With the aim to propose a simulation environment for interoperability issues and cyberattacks that compromise communication by gaining control of data flow (packet sniffing), a related work presents the open-source PyPower tool (
https://github.com/rwl/PYPOWER/, accessed on 20 November 2022) [
107]. PyPower is a project developed in Python, providing a Power-Attack simulation engine which captures the behavior of components in the protection layer. As mentioned in previous sections, another dangerous cyberattack that can demolish a communication network is a DoS or DDoS attack. In related work [
108], a powerful networking tool is represented under the name Graphic Network Simulator 3 (GNS3), for modeling DDoS attacks; GNS3 is a well-known tool for the network engineering domain. It comes with a free and commercial license. The advantage of GNS3 is that virtual and real devices are combined easily in order to simulate attacks, such as packet traffic in NS-2 simulator. Another effective framework for cyber-security tasks and dynamic scenario design is HackIt (
https://github.com/marcan/hackit, accessed on 20 November 2022) This is an open-source tool developed mainly in Python2 (
https://www.python.org/download/releases/2.0/, accessed on 20 November 2022) and Flask (
https://flask.palletsprojects.com/en/2.2.x/, accessed on 20 November 2022), with many essential features such as network nodes, strategies, and commands [
109]. The interesting part is that it is suitable to simulate deception scenarios such as honeypots, to lure cyber-adversaries and investigate hackers’ decisions. More specifically, in related work [
110], a real-world scenario was simulated; the objective was to steal credit card information from a web server by sniffing network’s traffic. To counter these assaults, they have inserted deceptive servers in the architecture, acting as honeypots and involved human participants to exploit the network. HackIt facilitates the extraction of very useful information about this method of deception, supporting the cybersecurity domain in a network environment with real human attackers. Another powerful simulation tool is Foreseeti (
https://foreseeti.com/, accessed on 20 November 2022). Its AI-based predictive cyberattack simulation functionality supports users to automate threat mitigation and risk assessment and identify fast and accurately incoming cyber threats. It provides cloud simulation capability as well as custom scenario-based attack simulations. Moreover, its ability to recommend the implementation of new security mechanisms to existing vulnerabilities, allows users to reduce the attack surface. Infection Monkey (
https://github.com/guardicore/monkey, accessed on 20 November 2022) is an agent-based attack simulation tool designed to test networks. The ease of configuration and the broad pool of libraries for manual configuration allow analysts to decide on new security implementations accurately and efficiently. Its main disadvantage is that the extracted information is presented after the completion of the attack. A powerful simulation tool, developed mainly for Active Directory (AD,
https://en.wikipedia.org/wiki/Active_Directory, accessed on 20 November 2022) reconnaissance, is BloodHound (
https://github.com/BloodHoundAD/BloodHound, accessed on 20 November 2022). It is a JavaScript web application providing a built-in database, and users can utilize it to identify and unveil attack paths in order to counter vulnerabilities. Moreover, the MITRE Attack Framework is a globally accessible knowledge base for adversary strategies, used for the development of threat models in numerous organizations and security community [
111]. Several cyber security frameworks are built on this, such as the CALDERA (
https://github.com/mitre/caldera/, accessed on 20 November 2022); an open-source active research project by MITRE. It provides a plethora of separate repositories in order to extend its capabilities and utilize it in specific cases involving both offensive (red) and defensive (blue) operations [
112]. Finally, NeSSi2 (Network Security Simulator,
http://www.nessi2.de/index.html, accessed on 20 November 2022) is a network simulation tool which was developed exclusively for security purposes. With a variety of features, as well as detection algorithm plug-ins, it is used for security search and evaluation purposes [
113], offering distributed simulation to reduce time of process. Scalability, fidelity, and extensibility are the main benefits of this framework, facilitating integration of applications, importation of a network topology or its automatic creation and cooperation with third-party software such as the well-known Wireshark (
https://www.wireshark.org/docs/, accessed on 20 November 2022) [
114].
Table 5 provides a brief comparison of experimented cybersecurity simulation tools.
During numerous trials with underwater environment simulation tools, we have discovered another active stand-alone open-source tool, namely Gazebo (
https://github.com/osrf/gazebo, accessed on 20 November 2022) [
102,
103]. In addition to its scalability, ease of installation and handling, it is suitable for integration with ROS. This feature allows us to represent a swarm of UUVs in a UWSN. Our plans include this extension, in order to be able to represent packet flows during communications, as well as their protocols and the integration of the SLAM (simultaneous localization and mapping) ontology [
120].
In addition, a plethora of co-simulation tools exist across various domains. Open Simulation Platform (OSP,
https://opensimulationplatform.com/, accessed on 20 November 2022) is an open-source initiative for co-simulation of the maritime industry. The motivation of this project is the constant growth of complexity of systems and software of ships, and other maritime/offshore assets, resulting in several difficulties in their designing. Another co-simulation method, which utilizes a bunch of tools, is presented in related work of Le et al. [
121]. By combining cyber-physical components, as well as cybersecurity scenarios, it evaluates the impact of security threats of a communication network. In this procedure, a combination of network and power system simulation tools is established. In another related work [
115], a co-simulation framework, called GridAttackSim is proposed, to simulate various cyber threats and their consequences in a smart grid infrastructure. The simulation output can be visualized and compared to recognize malicious behaviors and strategies of adversaries. The framework uses three different simulation tools.
Finally, the upcoming trend of our era cannot be omitted. Above IoT lies a new technology, the digital twin [
122], which emerged to replace most of the simulation tools that delimited solely in the prediction functionality. New generation platforms can manage any type of virtual and physical entities interoperating in the Internet of Everything (IoE), replicate any kind of processes, predict how they will perform, and act based on these predictions towards optimizing performance and available resources. This new kind of simulation platform (sense, analyze, act) is introduced in the era of the digital twin.