Towards data-driven cyber attack damage and vulnerability estimation for manufacturing enterprises

Defending networks against cyber attacks is often reactive rather than proactive. Attacks against enterprises are often monetary driven and are targeted to compromise data. While the best practices in enterprise-level cyber security of IT infrastructures are well established, the same cannot be said for critical infrastructures that exist in the manufacturing industry. Often guided by these best practices, manufacturing enterprises apply blanket cyber security in order to protect their networks, resulting in either under or over protection. In addition, these networks comprise heterogeneous entities such as machinery, control systems, digital twins and interfaces to the external supply chain making them susceptible to cyber attacks that cripple the manufacturing enterprise. Therefore, it is necessary to analyse, comprehend and quantify the essential metrics of providing targeted and optimised cyber security for manufacturing enterprises. This paper presents a novel data-driven approach to develop the essential metrics, namely, Damage Index (DI) and Vulnerability Index (VI) that quantify the extent of damage a manufacturing enterprise could suffer due to a cyber attack and the vulnerabilities of the heterogeneous entities within the enterprise respectively. A use case for computing the metrics is also demonstrated. This work builds a strong foundation for development of an adaptive cyber security architecture with optimal use of IT resources for manufacturing enterprises