Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems

The Internet of Things (IoT) has transformed many aspects of modern manufacturing, from design to production to quality control. In particular, IoT and digital manufacturing technologies have substantially accelerated product development- cycles and manufacturers can now create products of a complexity and precision not heretofore possible. New threats to supply chain security have arisen from connecting machines to the Internet and introducing complex IoT-based systems controlling manufacturing processes. By attacking these IoT-based manufacturing systems and tampering with digital files, attackers can manipulate physical characteristics of parts and change the dimensions, shapes, or mechanical properties of the parts, which can result in parts that fail in the field. These defects increase manufacturing costs and allow silent problems to occur only under certain loads that can threaten safety and/or lives. To understand potential dangers and protect manufacturing system safety, this paper presents two taxonomies: one for classifying cyber-physical attacks against manufacturing processes and another for quality control measures for counteracting these attacks. We systematically identify and classify possible cyber-physical attacks and connect the attacks with variations in manufacturing processes and quality control measures. Our taxonomies also provide a scheme for linking emerging IoT-based manufacturing system vulnerabilities to possible attacks and quality control measures

GIVE-AND-TAKE KEY PROCESSING for Cloud- linked IoT

Internet of Things (IoT) is estimated there are over a billion internet users and rapidly increasing. But there are more things on the internet than there are people on the internet. This is what it has been generally mean, when it has been say internet of things. There are millions and millions of devices with sensors that are linked up together using networks that generate a sea of data. The problem is all data needs to remain secured, unchanged, and persisted at each stage of an IoT solution. This includes distributed components, communication infrastructure, back-end analytics and database servers, across potentially remote locations and adverse environments. In any case, it is helpless against eavesdropping which represents a risk to privacy and security of the client. The security of data traffic winds up plainly vital since the communications over open network happen frequently. It is along these lines basic that the data traffic over the system is encrypted. To give the QoS, the Cloud- linked IoT security is the essential part of the service providers. This paper is concentrating on issue identifying with the Cloud- linked IoT security in virtual condition. It has been propose a technique GIVE-AND-TAKE KEY PROCESSING for giving data process and security in Cloud- linked IoT using Elliptical Curve Cryptography ECC and Hash Map. Encourage, depicts the security services incorporates generation of key, encryption and decryption in virtual condition

Strategies for the Development of IT Disaster Recovery Plans in the Manufacturing Industry

Information technology (IT) leaders have reported technology disruptions because of natural disasters, terror attacks, or adversarial threats. Information technology leaders are concerned with technology disruptions, as these disruptions are costing organizations as much as $22,000 per minute. Grounded in Zachman’s framework, the purpose of this qualitative multiple case study was to explore strategies IT managers in the manufacturing industry use to develop IT disaster recovery (DR) plans to support business operations. The participants included 3 manufacturing IT professionals, 2 Department of Defense manufacturing infrastructure specialists, and 1outsourcing contractor, each from firms located in the central United States who successfully developed IT DR plans to support business operations. Data collection comprised of interviews and documentation. I used Braun and Clarke’s (2006) six-step process for thematic analysis to identify 5 themes: contingency planning by priority, testing plans, levels of recovery, time requirements for recovery, and costs associations. The implications for positive social change include the potential for IT managers and leaders to contribute to strategic development of IT DR plans and prevent economic disruption for consumers, communities, and society during disaster events

Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems

The Internet of Things (IoT) has transformed many aspects of modern manufacturing, from design to production to quality control. In particular, IoT and digital manufacturing technologies have substantially accelerated product development- cycles and manufacturers can now create products of a complexity and precision not heretofore possible. New threats to supply chain security have arisen from connecting machines to the Internet and introducing complex IoT-based systems controlling manufacturing processes. By attacking these IoT-based manufacturing systems and tampering with digital files, attackers can manipulate physical characteristics of parts and change the dimensions, shapes, or mechanical properties of the parts, which can result in parts that fail in the field. These defects increase manufacturing costs and allow silent problems to occur only under certain loads that can threaten safety and/or lives. To understand potential dangers and protect manufacturing system safety, this paper presents two taxonomies: one for classifying cyber-physical attacks against manufacturing processes and another for quality control measures for counteracting these attacks. We systematically identify and classify possible cyber-physical attacks and connect the attacks with variations in manufacturing processes and quality control measures. Our taxonomies also provide a scheme for linking emerging IoT-based manufacturing system vulnerabilities to possible attacks and quality control measures

Intrusion Detection for Cyber-Physical Attacks in Cyber-Manufacturing System

In the vision of Cyber-Manufacturing System (CMS) , the physical components such as products, machines, and tools are connected, identifiable and can communicate via the industrial network and the Internet. This integration of connectivity enables manufacturing systems access to computational resources, such as cloud computing, digital twin, and blockchain. The connected manufacturing systems are expected to be more efficient, sustainable and cost-effective. However, the extensive connectivity also increases the vulnerability of physical components. The attack surface of a connected manufacturing environment is greatly enlarged. Machines, products and tools could be targeted by cyber-physical attacks via the network. Among many emerging security concerns, this research focuses on the intrusion detection of cyber-physical attacks. The Intrusion Detection System (IDS) is used to monitor cyber-attacks in the computer security domain. For cyber-physical attacks, however, there is limited work. Currently, the IDS cannot effectively address cyber-physical attacks in manufacturing system: (i) the IDS takes time to reveal true alarms, sometimes over months; (ii) manufacturing production life-cycle is shorter than the detection period, which can cause physical consequences such as defective products and equipment damage; (iii) the increasing complexity of network will also make the detection period even longer. This gap leaves the cyber-physical attacks in manufacturing to cause issues like over-wearing, breakage, defects or any other changes that the original design didn’t intend. A review on the history of cyber-physical attacks, and available detection methods are presented. The detection methods are reviewed in terms of intrusion detection algorithms, and alert correlation methods. The attacks are further broken down into a taxonomy covering four dimensions with over thirty attack scenarios to comprehensively study and simulate cyber-physical attacks. A new intrusion detection and correlation method was proposed to address the cyber-physical attacks in CMS. The detection method incorporates IDS software in cyber domain and machine learning analysis in physical domain. The correlation relies on a new similarity-based cyber-physical alert correlation method. Four experimental case studies were used to validate the proposed method. Each case study focused on different aspects of correlation method performance. The experiments were conducted on a security-oriented manufacturing testbed established for this research at Syracuse University. The results showed the proposed intrusion detection and alert correlation method can effectively disclose unknown attack, known attack and attack interference that causes false alarms. In case study one, the alarm reduction rate reached 99.1%, with improvement of detection accuracy from 49.6% to 100%. The case studies also proved the proposed method can mitigate false alarms, detect attacks on multiple machines, and attacks from the supply chain. This work contributes to the security domain in cyber-physical manufacturing systems, with the focus on intrusion detection. The dataset collected during the experiments has been shared with the research community. The alert correlation methodology also contributes to cyber-physical systems, such as smart grid and connected vehicles, which requires enhanced security protection in today’s connected world

State of the art of cyber-physical systems security: An automatic control perspective

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds light on how security is actually addressed when dealing with cyber-physical systems from an automatic control perspective. The provided map of 138 selected studies is defined empirically and is based on, for instance, application fields, various system components, related algorithms and models, attacks characteristics and defense strategies. It presents a powerful comparison framework for existing and future research on this hot topic, important for both industry and academia