Asynchronous federated learning based zero trust architecture for the next generation industrial control systems

IF 4.4 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2025-06-20 DOI:10.1016/j.comnet.2025.111459

Fei Lv , Hangyu Wang , Zhiwen Pan , Rongkang Sun , Shuaizong Si , Weidong Zhang , Shichao Lv , Limin Sun

{"title":"Asynchronous federated learning based zero trust architecture for the next generation industrial control systems","authors":"Fei Lv , Hangyu Wang , Zhiwen Pan , Rongkang Sun , Shuaizong Si , Weidong Zhang , Shichao Lv , Limin Sun","doi":"10.1016/j.comnet.2025.111459","DOIUrl":null,"url":null,"abstract":"<div><div>The zero-trust architecture (ZTA) is an emerging technology for ensuring the security of next-generation industrial control systems (ICSs). However, ICSs are complex and characterised by diverse equipment, cyber-physical integration, dynamic network topologies and stringent real-time demands, which present significant challenges to ZTA implementation. Moreover, as enterprises increasingly share data to identify advanced business patterns, the risk of data breaches escalates during the digitalisation and intelligent transformation process. To address these issues, this article proposes a ZTA for next-generation ICSs based on asynchronous federated deep learning (FDL). Both physical and cyber information is considered in trust evaluations, except for subject and object attributes. This can significantly enhance the accuracy of zero-trust decision-making. Furthermore, a novel grouping-based asynchronous federated learning algorithm is proposed to reduce the aggregation delay experienced by different devices, grouping those with similar computing capabilities and business urgency requirements. Additionally, optimising model aggregation enhances the model’s adaptability to swift changes in ICSs environments. Through rigorous validation in a real gas pipeline system in our laboratory, we demonstrated the effectiveness of our proposed ZTA, showing that it is superior to alternative methodologies.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111459"},"PeriodicalIF":4.4000,"publicationDate":"2025-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625004268","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

The zero-trust architecture (ZTA) is an emerging technology for ensuring the security of next-generation industrial control systems (ICSs). However, ICSs are complex and characterised by diverse equipment, cyber-physical integration, dynamic network topologies and stringent real-time demands, which present significant challenges to ZTA implementation. Moreover, as enterprises increasingly share data to identify advanced business patterns, the risk of data breaches escalates during the digitalisation and intelligent transformation process. To address these issues, this article proposes a ZTA for next-generation ICSs based on asynchronous federated deep learning (FDL). Both physical and cyber information is considered in trust evaluations, except for subject and object attributes. This can significantly enhance the accuracy of zero-trust decision-making. Furthermore, a novel grouping-based asynchronous federated learning algorithm is proposed to reduce the aggregation delay experienced by different devices, grouping those with similar computing capabilities and business urgency requirements. Additionally, optimising model aggregation enhances the model’s adaptability to swift changes in ICSs environments. Through rigorous validation in a real gas pipeline system in our laboratory, we demonstrated the effectiveness of our proposed ZTA, showing that it is superior to alternative methodologies.

查看原文本刊更多论文

基于异步联邦学习的下一代工业控制系统零信任体系结构

零信任架构（ZTA）是确保下一代工业控制系统（ics）安全的新兴技术。然而，集成通信系统是复杂的，具有不同的设备、网络物理集成、动态网络拓扑和严格的实时性要求，这对ZTA的实施提出了重大挑战。此外，随着企业越来越多地共享数据以识别先进的业务模式，在数字化和智能转型过程中，数据泄露的风险也在上升。为了解决这些问题，本文提出了基于异步联邦深度学习（FDL）的下一代集成系统的ZTA。在信任评估中，除了主体和客体属性之外，还考虑了物理和网络信息。这可以显著提高零信任决策的准确性。在此基础上，提出了一种新的基于分组的异步联邦学习算法，将具有相似计算能力和业务紧急需求的设备分组，以减少不同设备的聚合延迟。此外，优化模型聚合增强了模型对ics环境快速变化的适应性。通过在实验室的真实天然气管道系统中进行严格验证，我们证明了我们提出的ZTA的有效性，表明它优于其他方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.