Software-defined cloud manufacturing for industry 4.0

AbstractMany of the world's leading industrial nations have invested in national initiatives to foster advanced manufacturing, innovation, and design for the globalized world. Much of this investment has been driven by visions such as Industry 4.0, striving to achieve a future where intelligent factories and smart manufacturing are the norm. Within this realm, innovations such as the Industrial Internet of Things, Cloud-based Design and Manufacturing (CBDM), and Social Product Development (SPD) have emerged with a focus on capitalizing on the benefits and economies of scale provided by Internet Protocol (IP) communication technologies. Another emerging idea is the notion of software-defined systems such as software-defined networks, which exploit abstraction and inexpensive hardware advancements in an effort to build more flexible systems. Recently, the authors have begun considering how the notion of software-defined systems might be harnessed to achieve flexible cloud manufacturing systems. As a result, this paper introduces the notion of Software-Defined Cloud Manufacturing (SDCM). We describe a basic SDCM architecture based on leveraging abstraction between manufacturing hardware and cloud-based applications, services, and platforms. The goal of SDCM is to advance Cloud-Based Manufacturing and other Industry 4.0 pillars by providing agility, flexibility, and adaptability while also reducing various complexity challenges

Towards data-driven cyber attack damage and vulnerability estimation for manufacturing enterprises

Defending networks against cyber attacks is often reactive rather than proactive. Attacks against enterprises are often monetary driven and are targeted to compromise data. While the best practices in enterprise-level cyber security of IT infrastructures are well established, the same cannot be said for critical infrastructures that exist in the manufacturing industry. Often guided by these best practices, manufacturing enterprises apply blanket cyber security in order to protect their networks, resulting in either under or over protection. In addition, these networks comprise heterogeneous entities such as machinery, control systems, digital twins and interfaces to the external supply chain making them susceptible to cyber attacks that cripple the manufacturing enterprise. Therefore, it is necessary to analyse, comprehend and quantify the essential metrics of providing targeted and optimised cyber security for manufacturing enterprises. This paper presents a novel data-driven approach to develop the essential metrics, namely, Damage Index (DI) and Vulnerability Index (VI) that quantify the extent of damage a manufacturing enterprise could suffer due to a cyber attack and the vulnerabilities of the heterogeneous entities within the enterprise respectively. A use case for computing the metrics is also demonstrated. This work builds a strong foundation for development of an adaptive cyber security architecture with optimal use of IT resources for manufacturing enterprises

Cybersecurity for Industry 4.0 Analysis for Design and Manufacturing

This book introduces readers to cybersecurity and its impact on the realization of the Industry 4.0 vision

A distributed firewall and active response architecture providing preemptive protection

Firewalls provide very good network security features. However, classical perimeter firewall deployments suffer from limitations due to complex network topologies and the inability to completely trust insiders of the network. Distributed firewalls are designed for alleviating these limitations. Intrusion detection is a mature technology and is very powerful when coupled with active response, which is the act of responding to intrusions without the need of human advisory. This paper describes an architecture that implements a distributed firewall with distributed active response. A fundamental result of the architecture is that it can provide proactive and preemptive security for hosts that deploy the system. Using the open-source software framework, the software implementing this proposed system will be provided to the research community so that the architecture can be extended by other researchers and so that newcomers to network security can start investigating security concepts quickly