Search Results (107)

To meet the increasingly strict requirements of modern communication, radar detection and electronic measurement systems for wide-bandwidth, low-insertion-loss and high-isolation signal routing, this paper presents a 16 × 16 programmable switch matrix that simultaneously achieves wideband operation (DC-40 GHz), low insertion loss (≤0.9 dB maximum), high isolation (>50 dB typical), and systematic modular scalability, a combination not found in existing implementations. The matrix, constructed with high-quality coaxial switches and optimized RF circuitry and electromagnetic structures, provides flexible and stable single-pole multi-throw (SPMT) signal routing across an ultra-wide frequency range from DC to 40 GHz. The switch matrix features a modular architecture, integrating multiple RF switching units, drive control circuits, and communication interface modules. This architecture achieves minimal signal path depth while maintaining full connectivity between any input and output port, directly minimizing cumulative insertion loss. Through precise impedance matching design and isolation structure optimization, the system still exhibits outstanding transmission characteristics at the 40 GHz high-frequency end: typical insertion loss does not exceed 0.9 dB, and the isolation between channels is better than 50 dB, effectively ensuring the integrity of signals in complex multi-channel environments. To meet the requirements of automated testing and remote control, the equipment integrates dual communication interfaces (serial port/network port), supports the SCPI command set and TCP/IP protocol, and can be conveniently embedded in various test platforms to achieve instrument interconnection and test process automation. Experimental verification shows that this matrix exhibits excellent switching stability and signal consistency across the entire 40 GHz, with a switching action time of less than 10 ms. Furthermore, it is capable of real-time topology reconfiguration via a microcontroller or FPGA. These innovations collectively deliver a switch matrix that meets the demanding requirements of 5G communication, millimeter-wave radar, and aerospace defense systems—applications where bandwidth, signal integrity, and system flexibility are paramount. Full article

In this work, the authors introduce an entirely solar-powered LoRa-based WSN consisting of several nodes, two stoplights, and four cameras. The system has been used to monitor the semi-rural area of Panni (FG), Puglia, Italy. The WSN has a totally custom implementation in both the node-gateway side and the gateway-user interface side. In particular, the communication framework is entirely IoT-based, featuring both the MQTT protocol, for the direct control of apparatuses from the system user interface, and the more traditional TCP/IP protocol, implemented on NB-IoT. The proposed system is entirely solar-powered and features a 34.68 mWh/day consumption. Around a single communication session, the average power consumption inside the single node amounts to 1.4 mW. This paper gives an overview of the proposed system, with detailed explanations of each part, and measurements retrieved over a wide period to assess the functionality of the system. Full article

The Internet of Things (IoT) has transformed modern life through interconnected devices enabling automation across diverse environments. However, its reliance on legacy network architectures has introduced significant security vulnerabilities and efficiency challenges—for example, when Datagram Transport Layer Security (DTLS) encrypts transport-layer communications to protect IoT traffic, it simultaneously blinds intermediate proxies that need to inspect message contents for protocol translation and caching, forcing a fundamental trade-off between security and functionality. This paper presents an architectural solution based on the Recursive InterNetwork Architecture (RINA) to address these issues. We analyze current IoT network stacks, highlighting their inherent limitations—particularly how adding security at one layer often disrupts functionality at others, forcing a detrimental trade-off between security and performance. A central principle underlying our approach is the role of structural symmetry in RINA’s design. Unlike the heterogeneous, protocol-specific layers of TCP/IP, RINA exhibits recursive self-similarity: every Distributed IPC Facility (DIF), regardless of its position in the network hierarchy, instantiates identical mechanisms and offers the same interface to layers above. This architectural symmetry ensures predictable, auditable behavior while enabling policy-driven asymmetry for context-specific security enforcement. By embedding security within each layer and allowing flexible layer arrangement, RINA mitigates common IoT attacks and resolves persistent issues such as the inability of Performance Enhancing Proxies to operate on encrypted connections. We demonstrate RINA’s applicability through use cases spanning smart homes, healthcare monitoring, autonomous vehicles, and industrial edge computing, showcasing its adaptability to both RINA-native and legacy device integration. Our mixed-methods evaluation combines qualitative architectural analysis with quantitative experimental validation, providing both theoretical foundations and empirical evidence for RINA’s effectiveness. We also address emerging trends including AI-driven security and massive IoT scalability. This work establishes a conceptual foundation for leveraging recursive symmetry principles to achieve secure, efficient, and scalable IoT ecosystems. Full article

SCADA and remote monitoring systems employ a communications protocol called DNP3. The Distributed Network Protocol is a popular open-standard protocol. As a result, any manufacturer can create DNP3 equipment that works with other DNP3 devices. Since its launch in 1993, the Distributed Network Protocol—also referred to as DNP3—has gained widespread popularity. This protocol was created to communicate the condition of essential infrastructure, enabling dependable remote control, making it an instantly deployable solution for monitoring distant locations. The groundbreaking work on the protocol is typically attributed to GE-Harris Canada (previously Westronic, Inc.). However, a wide range of firms are presently using this protocol in a number of industrial applications, including power utilities. Three tiers of the OSI seven-layer functions model make up DNP3. The application layer, data link layer, and transport layer are these layers. Additionally, DNP3 can be sent via a TCP/IP network or a serial bus link. Full article

Manual alignment between the trocar, surgical instrument, and robot during minimally invasive surgery (MIS) can be time-consuming and error-prone, and many existing systems do not provide autonomous localization and pose estimation. This paper presents an artificial intelligence (AI)-assisted, vision-guided framework for automated localization and positioning of the ATHENA parallel surgical robot. The proposed approach combines an Intel RealSense RGB–depth (RGB-D) camera with a You Only Look Once version 11 (YOLO11) object detection model to estimate the 3D spatial coordinates of key surgical components in real time. The estimated coordinates are streamed over Transmission Control Protocol/Internet Protocol (TCP/IP) to a programmable logic controller (PLC) using Modbus/TCP, enabling closed-loop robot positioning for automated docking. Experimental validation in a controlled setup designed to replicate key intraoperative constraints demonstrated submillimeter positioning accuracy (≤0.8 mm), an average end-to-end latency of 67 ms, and a 42% reduction in setup time compared with manual alignment, while remaining robust under variable lighting. These results indicate that the proposed perception-to-control pipeline is a practical step toward reliable autonomous robotic docking in MIS workflows. Full article

The Transport Layer Security (TLS) protocol is widely used nowadays to create secure communications over TCP/IP networks. Its purpose is to ensure confidentiality, authentication, and data integrity for messages exchanged between two endpoints. In order to facilitate its integration into widely used applications, the protocol is typically implemented through libraries, such as OpenSSL, BoringSSL, LibreSSL, WolfSSL, NSS, or mbedTLS. These libraries encompass functions that execute the specialized TLS handshake required for channel establishment, as well as the construction and processing of TLS records, and the procedures for closing the secure channel. However, these software libraries may contain vulnerabilities or errors that could potentially jeopardize the security of the TLS channel. To identify flaws or deviations from established standards within the implemented TLS code, a specialized tool known as TLS-Anvil can be utilized. This tool also verifies the compliance of TLS libraries with the specifications outlined in the Request for Comments documents published by the IETF. TLS-Anvil conducts numerous tests with a client/server configuration utilizing a specified TLS library and subsequently generates a report that details the number of successful tests. In this work, we exploit the results obtained from a selected subset of TLS-Anvil tests to generate rules used for anomaly detection in Suricata, a well-known signature-based Intrusion Detection System. During the tests, TLS-Anvil generates .pcap capture files that report all the messages exchanged. Such files can be subsequently analyzed with Wireshark, allowing for a detailed examination of the messages exchanged during the tests and a thorough understanding of their structure on a byte-by-byte basis. Through the analysis of the TLS handshake messages produced during testing, we develop customized Suricata rules aimed at detecting TLS anomalies that result from flawed implementations within the intercepted traffic. Furthermore, we describe the specific test environment established for the purpose of deriving and validating certain Suricata rules intended to identify anomalies in nodes utilizing a version of the OpenSSL library that does not conform to the TLS specification. The rules that delineate TLS deviations or potential attacks may subsequently be integrated into a threat detection platform supporting Suricata. This integration will enhance the capability to identify TLS anomalies arising from code that fails to adhere to the established specifications. Full article

In the classic energy sector, as well as in the manufacturing and process industries, Programmable Logic Controller (PLC) systems are used for electrical substation control. However, PLCs frequently do not support the communication protocols defined on the standard International Electrotechnical Commission (IEC) 61850. Therefore, this paper presents a vendor-independent method for the integration of Protection and Control (P&C) Intelligent Electronic Devices (IEDs), components of the substation bay level, in PLCs from the substation station level. The method can be used with legacy and modern controllers that offer an open communication interface, where the use of Transmission Control Protocol/Internet Protocol (TCP/IP) is supported. Since many legacy systems offer an open communication interface, this method makes it possible to reuse PLCs, bringing cost efficiency and ecological benefits. The method can be used in a single or redundant way since redundancy is always required in power distribution control. A prototype was developed for the integration over IEC 61850 Manufacturing Message Specification (MMS), and its functional validation is presented in this paper. This solution, besides reducing hardware and software acquisition costs, also contributes to a reduction in electronic waste (E-Waste) and the achievement of Sustainable Development Goals (SDGs). Full article

This paper addresses the need for accessible and interoperable supervision solutions within the Industry 4.0 paradigm, particularly for small-scale or resource-constrained environments. The proposed system integrates a web-based architecture using opensource technologies to enable real-time industrial monitoring and data acquisition. A hybrid setup was developed, combining a virtual glass manufacturing process in Factory IO with a physical three-phase induction motor controlled by a Modicon M580 PLC. The system architecture includes a local HMI developed in Control Expert and a remote interface built with React and Node.js, both synchronized through a MySQL 8.0 database populated via Python 3.13 using the Modbus TCP/IP protocol. Experimental results demonstrate consistent data synchronization, reliable multi-platform integration, and an average end-to-end latency of 156 ms, validating the feasibility of the approach for IIoTbased applications. The solution demonstrates how general-purpose web technologies can be effectively repurposed for industrial use, offering a cost-effective and scalable alternative to traditional SCADA systems. The proposed architecture is easily replicable, adaptable to various process configurations, and suitable for academic, prototyping, and SME environments. Full article

The original Modbus specification for RS-485 and RS-232 buses supported broadcast transmission. As the protocol evolved into Modbus-TCP, to use the TCP transport, this useful feature was lost, likely due to the point-to-point nature of TCP connections. Later proposals did not restore the broadcast transmission capability, although they used UDP as transport and UDP, by itself, would have supported it. Moreover, they did not address the inherent lack of reliable delivery of UDP, leaving datagram loss detection and recovery to the application layer. This paper describes a novel redesign of Modbus-UDP that addresses the aforementioned shortcomings. It achieves a mean round-trip time of only 38% with respect to Modbus-TCP and seamlessly supports a previously published protocol based on Modbus broadcast. In addition, the built-in retransmission of Modbus-UDP reacts more efficiently than the equivalent Modbus-TCP mechanism, exhibiting 50% of its round-trip standard deviation when subject to a 1% two-way IP datagram loss probability. Combined with the lower overhead of UDP versus TCP, this makes the redesigned Modbus-UDP protocol better suited for a variety of Industrial Internet of Things systems with limited computing and communication resources. Full article

Traditional industrial robot programming methods often pose high usage thresholds due to their inherent complexity and lack of standardization. Manufacturers typically employ proprietary programming languages or user interfaces, resulting in steep learning curves and limited interoperability. Moreover, conventional systems generally lack capabilities for remote control and real-time status monitoring. In this study, a novel approach is proposed by integrating digital twin technology with traditional robot control methodologies to establish a virtual–real mapping architecture. A high-precision and efficient digital twin-based control platform for industrial robots is developed using the Unity3D (2022.3.53f1c1) engine, offering enhanced visualization, interaction, and system adaptability. The high-precision twin environment is constructed from the three dimensions of the physical layer, digital layer, and information fusion layer. The system adopts the socket communication mechanism based on TCP/IP protocol to realize the real-time acquisition of robot state information and the synchronous issuance of control commands, and constructs the virtual–real bidirectional mapping mechanism. The Unity3D platform is integrated to develop a visual human–computer interaction interface, and the user-oriented graphical interface and modular command system effectively reduce the threshold of robot use. A spatially curved part welding experiment is carried out to verify the adaptability and control accuracy of the system in complex trajectory tracking and flexible welding tasks, and the experimental results show that the system has high accuracy as well as good interactivity and stability. Full article

The convergence of Operational Technology (OT) and Information Technology (IT) networks has become increasingly prevalent with the growth of Industrial Internet of Things (IIoT) applications. This shift, while enabling enhanced automation, remote monitoring, and data sharing, also introduces new challenges related to communication latency and cybersecurity. Oftentimes, legacy OT protocols were adapted to the TCP/IP stack without an extensive review of the ramifications to their robustness, performance, or safety objectives. To further accommodate the IT/OT convergence, protocol gateways were introduced to facilitate the migration from serial protocols to TCP/IP protocol stacks within modern IT/OT infrastructure. However, they often introduce additional vulnerabilities by exposing traditionally isolated protocols to external threats. This study investigates the security and reliability implications of migrating serial protocols to TCP/IP stacks and the impact of protocol gateways, utilizing two widely used OT protocols: Modbus TCP and DNP3. Our protocol analysis finds a significant safety-critical vulnerability resulting from this migration, and our subsequent tests clearly demonstrate its presence and impact. A multi-tiered testbed, consisting of both physical and emulated components, is used to evaluate protocol performance and the effects of device-specific implementation flaws. Through this analysis of specifications and behaviors during communication interruptions, we identify critical differences in fault handling and the impact on time-sensitive data delivery. The findings highlight how reliance on lower-level IT protocols can undermine OT system resilience, and they inform the development of mitigation strategies to enhance the robustness of industrial communication networks. Full article

Quantum computing challenges the mathematical problems anchoring the security of the classical public key algorithms. For quantum-resistant public key algorithms, the National Institute of Standards and Technology (NIST) has undergone a multi-year standardization process and selected the post-quantum cryptography (PQC) public key digital signatures of Dilithium, Falcon, and SPHINCS⁺. Finding common ground to compare these algorithms can be difficult because of their design differences, including the fundamental math problems (lattice-based vs. hash-based). We use a visualization model to show the key/signature size vs. security trade-offs for all PQC algorithms. Our performance analyses compare the algorithms’ computational loads in the execution time. Building on the individual algorithms’ analyses, we analyze the communication costs and implementation overheads when integrated with Public Key Infrastructure (PKI) and with Transport Layer Security (TLS) and Transmission Control Protocol (TCP)/Internet Protocol (IP). Our results show that the lattice-based algorithms of Dilithium and Falcon induce lower computational overheads than the hash-based algorithms of SPHINCS⁺. In addition, the lattice-based PQC can outperform the classical algorithm with comparable security strength; for example, Dilithium 2 and Falcon 512 outperform RSA 4096 in the TLS handshake time duration. Full article

Industrial Control Systems (ICS) have become increasingly vulnerable to cyber threats due to the growing interconnectivity with enterprise networks and the Industrial Internet of Things (IIoT). Among these threats, Address Resolution Protocol (ARP) spoofing presents a critical risk to the integrity and reliability of Modbus TCP/IP communications, particularly in environments utilizing Siemens S7 programmable logic controllers (PLCs). Traditional defense methods often rely on host-based software solutions or cryptographic techniques that may not be practical for legacy or resource-constrained industrial environments. This paper proposes a novel, lightweight hardware device designed to detect and mitigate ARP spoofing attacks in Modbus TCP/IP networks without relying on conventional computer-based infrastructure. An experimental testbed using Siemens S7-1500 and S7-1200 PLCs (Siemens, Munich, Germany) was established to validate the proposed approach. The results demonstrate that the toolkit can effectively detect malicious activity and maintain stable industrial communication under normal and adversarial conditions. Full article

Hybrid simulation integrates numerical and experimental techniques to analyze structural responses under static and dynamic loads. It physically tests components that are not fully characterized while modeling the rest of the structure numerically. Over the past two decades, hybrid testing platforms have become increasingly modular and versatile. This paper presents the development of a robust hybrid testing software framework at the National Laboratory for Civil Engineering (LNEC), Portugal, and evaluates the efficiency of its algorithms. The framework features a LabVIEW-based control and interface application that exchanges data with OpenSees via the OpenFresco middleware using a TCP/IP protocol. Designed for slow to real-time hybrid testing, it employs a predictor–corrector algorithm for motion control, enhanced by an adaptive time series (ATS)-based error tracking and delay compensation algorithm. Its modular design facilitates the integration of new simulation tools. The framework was first assessed through simulated hybrid tests, followed by validation via a hybrid test on a two-bay, one-story steel moment-resisting frame, where one exterior column was physically tested. The results emphasized the importance of the accurate system identification of the physical substructure and the precise calibration of the actuator control and delay compensation algorithms. Full article

Blockchain technology, as a distributed ledger technology, is becoming increasingly popular in various fields. However, the performance limitations of blockchain networks hinder their further development. Existing research on optimizing blockchain communication mechanisms based on P2P networks is constrained by the end-to-end transmission principles of TCP/IP networks, which lead to network congestion and bandwidth wastage during large-scale blockchain content distribution. Meanwhile, studies on ICN-based blockchain systems primarily focus on blockchain communication protocol implementation and compatibility within ICN/NDN networks. However, research on blockchain communication mechanisms in hybrid IP/ICN networking environments remains limited, failing to fully leverage ICN’s advantages to enhance the communication efficiency of existing blockchain P2P networks. To address this issue, this paper proposes BLOCK-ICN, an ICN-based blockchain network communication architecture compatible with IP networks. BLOCK-ICN enables ICN nodes with computing and storage capabilities to deploy blockchain applications, while maintaining compatibility with P2P networks. By leveraging ICN multicast technology, the architecture provides relay acceleration services for blockchain data dissemination. Specifically, in terms of network topology, BLOCK-ICN classifies network domains based on delay information provided by an enhanced resolution system and establishes select domain gateways based on data flow forwarding dependencies, thereby constructing a hierarchical and structured relay network topology. Regarding the broadcast protocol, ICN nodes perform parallel broadcasting via ICN multicast, and upon receiving messages, they further disseminate them to P2P nodes, reducing the overall network broadcast latency and bandwidth consumption. We extended SimBlock to implement and evaluate BLOCK-ICN. Simulation results demonstrated that, in a Bitcoin network with 16,000 nodes and an ICN node ratio of 1%, the broadcast delays for propagating blockchain data to 90% and 50% of the network were reduced by 25% and 33.2%, respectively, compared to Bitcoin. Full article