Disclosed are a method and apparatus for controlling a device in the Internet of Things, and a gateway device and a storage medium, which relate to the technical field of the Internet of Things. The method comprises: acquiring remote access attribute information of all resource links, wherein the remote access attribute information is used for indicating whether a corresponding resource link is allowed to be remotely accessed; when there is a first resource link, remote access attribute information corresponding to the first resource link indicates that the first resource link is allowed to be remotely accessed, and an operation request sent by a client device on the basis of the first resource link is received, triggering a server device to execute a functional operation corresponding to the first resource link.

Examples of techniques for event prediction in a control communication network are disclosed. Aspects include determining state data associated with one or more devices associated with a control communication network, generating, by a machine learning model, a feature vector comprising a plurality of features extracted from the state data, and determining one or more event predictions associated with the control communication network based at least in part on the feature vector.

An abnormality analysis device including: an overall information obtainer that obtains overall information indicating an overall feature amount of a manufacturing system; an overall abnormal degree calculator that calculates an overall abnormal degree that is an abnormal degree of a whole of the manufacturing system by statistically processing the overall information; an individual information obtainer that obtains individual information indicating a feature amount of each of the plurality of constituent elements; an individual abnormal degree calculator that calculates an individual abnormal degree that is an abnormal degree of each of the plurality of constituent elements by statistically processing the individual information; and a determiner that determines whether or not the overall abnormal degree exceeds a threshold value, wherein the individual abnormal degree calculator calculates the individual abnormal degree when the determiner determines that the overall abnormal degree exceeds the threshold value.

A method, arrangement, computer program and computer program product for improving communication between devices of an industrial automation system running automation applications as well as to such an industrial automation system. The devices include a first and a second endpoint device of a communication path for a data stream through a time sensitive network and for which a corresponding application has an application cycle time at which the first and second endpoint device are to transmit data to each other. The first endpoint device detects a communication degradation of the data stream, which communication degradation is indicative of congestion and performs a congestion limiting activity from a group of congestion limiting activities, which group at least includes an activity of increasing the application cycle time of the data stream.

The described methods and systems enable process control devices to transmit and receive device variable values in a manner that enables the receiving device to verify the integrity of the received values on a variable-by-variable basis. To facilitate verification of integrity, any desired number of variables in a message may have a data integrity check in the message. For each received value that has a data integrity check, the receiving device can calculate its own data integrity check based on the received value and a seed (known to both the transmitting and receiving devices), which it can then compare to the received data integrity check to verify if the received value has been altered during communication.

The described techniques enable a skid communicator tool to quickly change network settings to those required by a particular skid or network in a process control environment with which a user of the tool wishes to establish communication. These techniques are helpful because skids and networks in process control environments often require different network settings for any device attempting to communicate with the skids or network, and a user often must manually load these network settings every time she wants to communicate with a different network or skid. By contrast, the techniques enable the skid communicator tool to seamlessly connect to, disconnect from, and reconnect to any of the skids or other networks requiring different network settings with minimal input from the user, thus enabling a user to easily move through and interact with different areas, units, or equipment of the process control environment.

In some embodiments, identifying a replay attack in an industrial control system of an industrial asset includes receiving a first set of time series data associated with an ambient condition of one or more first monitoring nodes at a first location of the industrial control system. An actual system feature value for the industrial asset is determined based upon the first set of time series data. A second set of time series data indicative of the ambient condition at a second location is received, and a nominal system feature value is determined based upon the second set of time series data. A correlation between the actual feature value and the nominal system feature value is analyzed to determine a correlation result. A request received by the industrial control system is selectively categorized as a replay attack based upon the correlation result.

The described methods and systems enable process control devices to transmit and receive device variable values in a manner that enables the receiving device to verify the integrity of the received values on a variable-by-variable basis. To facilitate verification of integrity, any desired number of variables in a message may have a data integrity check in the message. For each received value that has a data integrity check, the receiving device can calculate its own data integrity check based on the received value and a seed (known to both the transmitting and receiving devices), which it can then compare to the received data integrity check to verify if the received value has been altered during communication.

A method for generating malicious samples against an industrial control system based on adversarial learning is provided. With the method, the adversarial samples for the industrial control intrusion detection system based on the machine learning method is calculated using the adversarial learning technology and the optimization algorithm. The attack sample that can be detected by the intrusion detection system before generates a corresponding new adversarial sample after being processed with this method. This adversarial sample still maintain the attack effect after evading the original intrusion detector (being identified as normal). The present disclosure effectively ensures the security of the industrial control system and prevents accidents by actively generating malicious samples against the industrial control system.

The described techniques enable a skid communicator tool to quickly change network settings to those required by a particular skid or network in a process control environment with which a user of the tool wishes to establish communication. These techniques are helpful because skids and networks in process control environments often require different network settings for any device attempting to communicate with the skids or network, and a user often must manually load these network settings every time she wants to communicate with a different network or skid. By contrast, the techniques enable the skid communicator tool to seamlessly connect to, disconnect from, and reconnect to any of the skids or other networks requiring different network settings with minimal input from the user, thus enabling a user to easily move through and interact with different areas, units, or equipment of the process control environment.