Search Results (25)

Federated cyber–physical systems (CPSs) present unique security challenges due to their distributed nature and the need for secure communication between components from different administrative domains. Distributed ledger technology (DLT) offers a promising approach to implementing a resilient authentication and authorization mechanism and an immutable record of CPS identities and transactions in federated environments. However, using Distributed Ledger (DL) within a CPS raises some important questions regarding scalability, throughput, latency, and potential bottlenecks, which require effective modeling of DL performance. This paper proposes a novel approach to modeling distributed ledgers using Colored Timed Petri Nets (CPNs). We focus on the performance modeling of Hyperledger Fabric (HLF), a permissioned distributed ledger technology which provides a backbone for a Lightweight Authentication and Authorization Framework for Federated IoT (LAAFFI), a novel framework for secure communication between CPS devices. We implement our model using CPN Tools, a widely adopted CPN modeling software that provides advanced simulation, analysis, and performance monitoring features. Our model offers a robust framework for studying distributed ledger systems’ synchronization, throughput, and response time. It supports flexibility in modeling transaction validation and consensus algorithms, which provides an opportunity for adapting the model to future changes in HLF and modeling other DLs. We successfully validate our CPN model by comparing simulation results with experimental measurements obtained from a LAAFFI prototype. Full article

Decisions made during the design phase of mechatronic systems have a considerable influence on their entire life cycle. The persistent calls for environmental protection are driven by global megatrends promoting sustainability. Hence, opting for eco-designed mechatronic systems is now a fundamental cornerstone of manufacturers’ strategies. This paper is a generalization of the environmental assessment step of a sustainable design methodology applied to mechatronic systems with structural design freeze, which is only relevant for a limited set of admissible mechatronic solutions. The approach is adapted to cover any dimension of admissible solutions using hierarchical timed colored Petri nets (hierarchical TCPN) and simplified life cycle assessments (SLCAs). First, the SLCAs results are integrated into the hierarchical TCPN model. Next, a weighting process is introduced to ensure the classification of the heterogeneous impact categories derived from SLCAs according to agreed impact reduction criteria. Then, the candidate ecological solution and its design environmental matrix (DEM) are determined via simulations. The methodology is implemented using a regenerative braking system (RBS) with frozen structural specifications, focusing on its production phase and using CPN tools and OpenLCA software. It enables the selection of the candidate ecological RBS among a large set of admissible solutions. This selection is established without interrupting the normal design process but simply by adding an extra step. Full article

The NC-Link protocol, as an integrated communication protocol in the Computerized Numerical Control (CNC) machine tool industry, has drawn significant attention regarding its security since its inception. Although there have been studies proposing improvements to address security issues related to key management and message transmission, systematic security analysis of the protocol remains relatively weak. To better investigate and enhance the security of the NC-Link protocol, our research introduces a formal modeling and analysis method based on Colored Petri Nets (CPN). By establishing a CPN model of the protocol, we analyze the security issues present during communication and propose improvement measures for verification and analysis. First, we developed a CPN model for the NC-Link protocol and verified the model’s feasibility through simulation analysis. Subsequently, we introduced an attacker model to analyze the protocol’s authentication interaction process, revealing security issues, such as authentication vulnerabilities and key management flaws. Finally, we proposed an improved scheme addressing these issues and conducted a security validation and cost analysis of this scheme. The results show that the improved protocol reduces the computational overhead by 75% during the connection and interaction phases. This indicates that the improved protocol can achieve interactions at a faster speed while maintaining higher security and reliability. The implementation of this scheme provides new reference ideas for related research. Full article

This paper presents an approach for the verification of access control in smart contracts written in the Digital Asset Modeling Language (DAML). The approach utilizes Colored Petri Nets (CPNs) and their analysis tool CPN Tools. It is a model-driven-based approach that employs a new meta-model for capturing access control requirements in DAML contracts. The approach is supported by a suite of tools that fully automates all of the steps: parsing DAML code, generating DAML model instances, transforming the DAML models into CPN models, and model checking the generated CPN models. The approach is tested using several DAML scripts involving access control extracted from different domains of blockchain applications. Full article

Species identification of Listeria isolates remained a tedious process still based on culturing methods that, in recent years, have led to the description of many species that are not even part of the genus Listeria. It is advisable to provide new precise techniques since this taxon includes two pathogens that are usually transmitted through the food chain, Listeria monocytogenes and L. ivanovii. The approach, so-called multilocus phylogenetic analysis (MLPA) that uses several concatenated housekeeping gene sequences, provides accurate and affordable classification frameworks to easily identify Listeria species by simple Sanger sequencing. Fragments of seven housekeeping genes (gyrA, cpn60, parE, recA, rpoB, atpA, and gyrB) from 218 strains of all Listeria species currently described were used to build an MLPA of the concatenated sequence, a total of 4375 bp. All isolates subjected to identification were clustered within the species of Listeria sensu stricto, L. monocytogenes, L. innocua, and L. welshimeri, and some reference strains were reclassified as L. ivanovii and L. seeligeri. Housekeeping-gene sequencing has been demonstrated to represent a pragmatic tool that can be firmly considered in food control. Full article

As a typical information system, a cloud file system enables the storage, retrieval, and management of data on remote servers or server clusters. The reliable design of such systems is critical to ensure the security of data and availability of services. However, designing correct-by-construction systems is challenging due to the complexity of and concurrency inherent in cloud file systems. Further, existing works on cloud file system analysis often focus on specific systems or lack formal modeling and verification, leading to potential design flaws and security vulnerabilities. To address these issues, we propose MSCFS-RP, which is a formal analysis model based on colored Petri nets. Leveraging the strengths of colored Petri nets in representing diverse information types with colored tokens and defining explicit rules for concurrent interactions, our model captures the writing and reading processes of clients, meta servers, and clusters. With strong formalism and support for verification using CPN Tools, we rigorously evaluate key properties such as replication consistency under various scenarios. The results demonstrate that MSCFS-RP satisfies these properties, validating its effectiveness and trustworthiness in managing information within cloud storage systems. Full article

This paper presents a formal security analysis of the ISA100.11a standard protocol using the Colored Petri Net (CPN) modeling approach. Firstly, we establish a security threat model for the ISA100.11a protocol and provide a detailed description and analysis of the identified security threats. Secondly, we use the CPN tool to model the protocol formally and conduct model checking and security analysis. Finally, we analyze and discuss the results of the model checking, which demonstrate that the ISA100.11a standard protocol may have vulnerabilities when certain security threats exist, and provide some suggestions to enhance the security of the protocol. This research provides a certain level of security assurance for the ISA100.11a standard protocol and serves as a reference for similar security research on protocols. Full article

The European Installation Bus(EIB) protocol, also known as KNX/EIB, is widely used in building and home automation. An extension of the KNX/EIB protocol, EIBsec, is primarily designed to meet the requirements for data transmission security in distributed building automation systems. However, this protocol has some security issues in the request, key distribution, and identity authentication processes. This paper employs a formal analysis method that combines Colored Petri Net (CPN) theory with the Dolev-Yao attack model to evaluate and enhance the EIBsec protocol. It utilizes the CPN Tools to conduct CPN modeling analysis on the protocol and introduces a security assessment model to carry out intrusion detection and security assessment. Through this analysis, vulnerabilities in the protocol, such as tampering and replay attacks, are identified. To address these security concerns, we introduce hash verification and timestamp judgment methods into the original protocol to enhance its security. Subsequently, based on the improved protocol, we conduct CPN modeling and verify the security of the new scheme. Finally, through a comparison and analysis of the performance and security between the original protocol and the improved scheme, it is found that the improved scheme has higher security. Full article

The purpose of this study is to show how coloured Petri nets can be used to select the crossing rules guaranteeing that two ships avoid collisions at sea in accordance with the international regulations on this matter. This paper is exclusively focused on the solution to this small sub-problem within the overall “Collision Avoidance System” that the authors of the present study are currently developing. For easier understanding, the overall system is also briefly presented. How the Petri net in the CPN Tools software is fed with “Real Time Real World” data is presented. These data are generated outside the Petri net from the function block to predict a possible collision and from the current meteorological data. We also demonstrate how the rule selections made by the Petri net are transferred from the CPN Tools software into the “Real Time Real World”. This transferred information is used outside the Petri net in the function block to calculate avoidance routes. The definition of the colour sets that are used and the individual operations applied to these colour sets in the coloured Petri net are presented. Full article

A smart contract is a special form of computer program that runs on a blockchain and provides a new way to implement financial and business transactions in a conflict-free and transparent environment. In blockchain systems such as Ethereum, smart contracts can handle and autonomously transfer assets of considerable value to other parties. Hence, it is particularly important to ensure that smart contracts function as intended since bugs or vulnerabilities may lead, and indeed have led, to substantial economic losses and erosion of trust for blockchain. While a number of approaches and tools have been developed to find vulnerabilities, formal methods present the highest level of confidence in the security of smart contracts. In this paper, we propose a formal solution to model a smart contract based on colored Petri nets (CPNs). Herein, we focus on the most common type of security bugs in smart contract, i.e., reentrancy bugs, which led to a serious financial loss of around USD 34 million for the Cream Finance project in 2021. We present a hierarchical CPN modelling method to analyze potential security vulnerabilities at the contract’s source code level. Then, modeling analysis methods such as correlation matrix, state space report and state space graph generated via CPN Tools simulation are exploited for formal analysis of smart contracts. The example shows the full state space and wrong path in accordance with our expected results. Finally, the conclusion was verified on the Ethereum network based on the Remix platform. Full article

The Internet Printing Protocol (IPP) is a bridge between hosts and printers, and is supported by more than 98 percent of printers today. In addition to supporting local use, the IPP protocol also supports online use. Although this can expand the scope of its application, it has also introduced potential risks to user data. IPP has security components that should be able to guarantee confidentiality, integrity, and non-repudiation. In order to verify whether its security components can achieve this goal, this study modeled the 0-RTT authentication process of the IPP protocol based on Petri net theory and CPN Tools, introducing the improved Dolev–Yao adversary model to perform security evaluation on the protocol model. The result showed that the server could not resist the adversary’s replay attacks on early data. Accordingly, we proposed an improved authentication scheme that introduced a random number signature to enhance the server’s anti-replay capability. Using the same attack model to verify, the result proved that the new scheme was feasible and effective. The method used in this article could easily observe the movement of the security protocol message flow and the specific actions of each participant (including the adversary), which ensured researchers could easily locate the protocol defects and make improvements. Full article

Fluorescent silver coordination polymer nanoparticles (Ag-TPA CPNs) were synthesized using a combination of terephthalic acid (TPA) and silver nitrate via an ultrarapid microwave-assisted strategy within 15 min. The Ag-TPA CPNs displayed a high fluorescent quantum yield (QY = 20.19%) and large Stokes shift (~200 nm), with two emission peaks at 490 nm and 520 nm under an excitation wavelength of 320 nm. A fluorescent “turn-off” method using fluorescent Ag-TPA CPNs was applied to detect the alkaline phosphatase (ALP) activity on the basis of the ALP-catalyzed hydrolysis of ascorbic acid 2-phosphate (AA2P) to ascorbic acid (AA), and the AA product triggered the reduction of Ag⁺ ions into silver nanoparticles. The fluorescent lifetime of Ag-TPA CPNs decreased from 3.93 ms to 3.80 ms after the addition of ALP, which suggests that this fluorescent “turn-off” detection of ALP activity is a dynamic quenching process. The fluorescent intensity had a linear relationship with the concentration of ALP in the range of 0.2–12 mU/mL (r = 0.991) and with a limit of detection (LOD) of 0.07 mU/mL. It showed high selectivity in ALP detection towards metal ions and amino acids, as well as other enzymes such as horseradish peroxidase, glucose oxidase, tyrosinase, trypsin, lysozyme, and superoxides. When it was applied for the fluorescent “turn-off” detection of ALP activity in serum samples, mean recovery levels ranging from 99.5% to 101.2% were obtained, with relative standard deviations (RSDs) lower than 4% accuracy. Therefore, it is an efficient and accurate tool for analyzing ALP levels in biosamples. Full article

Simulation is a powerful process for perfectly planning and dimensioning web systems. However, a successful analysis using a simulation model usually requires variable load intensities. Furthermore, as the client’s behavior is subject to frequent changes in modern web systems, such models need to be adapted as well. Based on web systems observation, we come across the need for tools that allow flexible definitions of web systems load profiles. We propose Timed Colored Petri Nets (TCPN) event generators for web environments that could be used to drive simulations for performance evaluation. The article proposes the systematization of the generators for future development. The theoretical part focuses on a classification with a division into deterministic/stochastic and untimed/timed generators. Next, in this study, we investigate representative models of generators from different classes based on the formalism of TCPN. We perform model design and simulation processes using CPN Tools software. Finally, we present a case study involving workload analysis of a web system that processes requests from the designed generator. Full article

Machine-to-machine (M2M) communication is one of the critical technologies of the industrial Internet of Things (IoT), which consists of sensors, actuators at the edge, and servers. In order to solve the security and availability problems regarding communication between edge devices with constrained resources and servers in M2M communication, in this study we proposed an authentication and session establishment protocol based on physical unclonable functions (PUFs). The scheme does not require clock synchronization among the devices, and it circumvents the situation where the authentication phase has to use a high computational overhead fuzzy extractor due to PUF noise. The protocol contains two message interactions, which provide strong security and availability while being lightweight. The security modelling is based on CPN Tools, which verifies security attributes and attack resistance in the authentication phase. After considering the design of the fuzzy extractor and scalability, the proposed scheme significantly reduces the computational overhead by more than 93.83% in the authentication phase compared with other schemes using PUFs. Meanwhile, under the guarantee of availability, the communication overhead is maintained at a balanced and reasonable level, at least 19.67% lower than the solution using XOR, hashing, or an elliptic curve. Full article

With the rapid development of the Internet of Vehicles, the increase in vehicle functional requirements has led to the continuous increase in complex electronic systems, and the in-vehicle network is extremely vulnerable to network attacks. The controller area network (CAN) bus is the most representative in-vehicle bus technology in intra-vehicular networks (IVNs) for its flexibility. Although the current framework to protect the safety of CAN has been proposed, the safety communication mechanism between electronic control units (ECUs) in the vehicle network is still weak. A large number of communication protocols focus on the addition of safety mechanisms, and there is a lack of general protocol formal modeling and security assessment. In addition, many protocols are designed without considering key updates and transmission, ECUs maintenance, etc. In this work, we propose an efficient in-vehicle authentication and key transmission scheme. This scheme is a certificateless framework based on identity cryptography, which can not only ensure the security of the in-vehicle network but also meet the real-time requirements between ECUs. Moreover, this scheme can reduce the complexity of key management for centralized key generators. To evaluate the security of this scheme, we adopt a protocol model detection method based on the combination of the colored Petri net (CPN) and the Dolev–Yao attack model to formally evaluate the proposed protocol. The evaluation results show that the proposed scheme can effectively prevent three types of man-in-the-middle attacks. Full article