Cybersecurity for Industry 4.0

A new revolution known as Industry 4.0 is occurring where countless elements comprising industrial systems are being interfaced with internet communication technologies to form the smart factories and manufacturing organizations of the future. Industry 4.0 and its associated technologies are currently being driven by disruptive innovation that promises to bring countless new value creation opportunities across all major market sectors. However, existing Internet technologies are plagued by cybersecurity and data privacy issues that will present major challenges and roadblocks for adopters of Industry 4.0 technologies. Industry 4.0 will face traditional cybersecurity issues along with its very own unique security and privacy challenges. If these challenges are not appropriately addressed, the true potential of Industry 4.0 may never be achieved. This chapter provides a brief overview of several key Industry 4.0 technologies and paradigms in order to give the reader a better understanding of the cybersecurity aspects of the remaining chapters in the book.

Collaborative product development via cloud has changed the information distribution, organization and management means of traditional product design. Under this new paradigm, product information needs to be shared flexibly to meet collaborators’ requirements. Feature-based Computer Aided Design (CAD) models contain abundant intellectual property information. It is paramount to maintain the security of the sensitive information in CAD models while sharing other information of the models in cloud for effective collaboration. The developed security research works for CAD models are still far away from meeting collaboration requirements. In this chapter, an innovative customized encryption approach to support product development collaboration is presented. The approach is composed of a customized encryption algorithm for feature-based CAD models, a key based authorization algorithm for users to decrypt shared features in the models, and a customized geometric transformation algorithm for effective protection mode-based visualization of the models during collaboration. By using this approach, CAD models can be flexibly encrypted to realize the customized sharing of features used for collaboration and protection of other features of the models according to collaboration requirements. A complex case study has been used to verify and illustrate the effectiveness of the approach to industrial applications.

This chapter presents a new paradigm that limits and protects information flows to internal and subcontracted factory floor devices to complement perimeter security as essential first steps to secure manufacturing as it embraces Industry 4.0.

A new wave of industrial technology has emerged in the form of Industry 4.0, which has seen a progression from electronic devices and IT (Information Technology) systems that automate production advance to a new revolution of Cyber-Physical Production Systems used for Smart Manufacturing and Smart Factories via IIoT (Industrial Internet of Things). As more and more devices are becoming connected and networked to allow for Smart Manufacturing to take place the number of data sources significantly increases as a result. Real-time Information is then becoming increasingly interlinked across multiple industries for a more efficient productivity process and a reduction in cost. Aside from Smart manufacturing and factories, Industry 4.0 has already seen huge advances in infrastructure management, energy management, transportation and building and home automation. With such industries relying so heavily on real-time data from connected sensors the security of these systems are at risk due to the reliance on low-latency and reliable communication for critical processes. The increase of interconnected networks and devices across the Internet significantly increases the amount of entry points into these systems, increasing their vulnerability and allowing outsiders to take advantage of any weaknesses within them. This has already been highlighted by the events of Stuxnet, Havex, Black Energy and the German Steel Mill that targeted ICS (Industrial Control Systems) and SCADA (Supervisory Control and Data Acquisition) Systems causing catastrophic results. The use of SIEM (Security Information and Event Management) services, IDS (Intrusion Detection Systems), IPS (Intrusion Prevention Systems) and firewalls may be implemented within ICS but only operate on the perimeters of their networks or segmented networks and not at the lower operational level where critical processes rely on speed and availability simply because by doing so could introduce latency between critical processes. When events do occur, regardless of whether an incident is accidental or deliberate, an immediate incident response should take place. This chapter focusses on the forensic challenges and analysis of the physical infrastructure that underpins the systems operating within IIoT. It discusses the development of SCADA system architecture over the past few decades and how it has arrived at IIoT, creating the new generation of SCADA systems. The chapter then discusses the current available tools that exist that can help carry out a forensic investigation of a SCADA system operating within IIoT space before closing with a suggested SCADA Incident Response Model.

Nowadays, sensors are playing a vital role in almost all applications such as environmental monitoring, transport, smart city applications and healthcare applications and so on. Especially, wearable medical devices with sensors are essential for gathering of rich information indicative of our physical and mental health. These sensors are continuously generating enormous data often called as Big Data. It is difficult to process and analyze the Big Data for finding valuable information. Thus effective and secure architecture is needed for organizations to process the big data in integrated industry 4.0. These sensors are continuously generating enormous data. Hence, it is difficult to process and analyze the valuable information. This chapter proposes a secure Industrial Internet of Things (IoT) architecture to store and process scalable sensor data (big data) for health care applications. Proposed Meta Cloud-Redirection (MC-R) architecture with big data knowledge system is used to collect and store the sensor data (big data) generated from different sensor devices. In the proposed system, sensor medical devices are fixed with the human body to collect clinical measures of the patient. Whenever the respiratory rate, heart rate, blood pressure, body temperature and blood sugar exceed its normal value then the devices send an alert message with clinical value to the doctor using a wireless network. The proposed system uses key management security mechanism to protect big data in industry 4.0.

The trend of future manufacturing requires manufacturers to sustainable optimize the utilization of resources (e.g. people, equipment, material, methods, and environment) to lean produce high quality product, and quickly adapts to changes of market demands and supply chain partners. German’s Industry 4.0 has attracted extensive attention in the world in recent years, which is believed to be a new paradigm to meet the ever changing requirements of future manufacturing. Industry 4.0 focuses on building cyber-physical systems (CPS) based product creation eco-system with highly flexible and reasonable cost with just-in-time reactivity. However, on the way to build such an eco-system is still need effort to investigate technological foundations of CPS and deeply cognitive understanding of key concepts with considering the context of implementation of industry 4.0 landscape. In the context, this chapter introduces the conceptual model and operation mechanism of decentralized cyber-physical systems (CPS), which enables manufacturers to utilize a cloud-based agent approach to create an intelligent collaborative environment for product creation. A brief introduction to the connotation of industry 4.0 and smart factory of industry 4.0 from the perspective of China’s industry and academic is given. The concept of decentralized cyber-physical systems agents is proposed and discussed, with the focus on conceptual model, operation mechanism and key technologies. After that, a cloud-based smart manufacturing paradigm is presented. The architecture and business process model of such a paradigm is developed. Finally, a case study of how a manufacturing enterprise uses the proposed paradigm to implement the smart factory of industry 4.0 in China. This study benefits both academic researchers and industrial engineers and decision makers with the proposed paradigm as well as case study.

This chapter will address cybersecurity threats to the Direct Digital Manufacturing (DDM) community, including potential attack scenarios and motivations. Many of these insights are the result of direct observation. As an illustrative example, we will discuss the details of a security assessment performed on an Additive Manufacturing (AM) system used for rapid prototyping and complex part production within the defense industry. Protocols and associated recommendations for incorporating security best practices during system installation and subsequent operation will also be presented.

Programmable Logic Controllers (PLC) are a part of a broader category of systems commonly known as Industrial Control Systems (ICS). These systems are primarily used to monitor and control various manufacturing and distribution processes, such as switches, pumps, or centrifuges. Since these devices perform relatively the same tasks throughout their lifetime, they likely have a fixed and predictable CPU load or usage for extended periods of time. Our work is primarily based on the premise that we are able to infer CPU load by remotely profiling the network traffic emitted by an ICS device and use that inference to detect potentially malicious modifications to the behavior of the ICS device. This is in stark contrast to traditional (e.g., signature and rule-based) and even other non-traditional (e.g., power fingerprinting and backplane traffic monitoring) intrusion detection mechanisms for ICS networks, since our approach does not require signature or rule updates, special access to ICS backplane devices, or additional software to be installed on the ICS device. In previous work, we have demonstrated that it is feasible to use network traffic and machine learning to remotely infer the typical task cycle periods (i.e., CPU load) for an ABB RTU560 (contains a built-in PLC), even on a lightly loaded network one hop away. We now extend this capability to inferring the presence of anomalous CPU load behavior by introducing a Stuxnet-type threat model (i.e., state-sponsored root-kit) to showcase our prototype’s detection ability (i.e., the ability to discern normal baseline states from those introduced by a threat). The main benefits of this approach are that: (1) it requires no additional software to be installed on the ICS devices to communicate with the monitor node, (2) the tool is low maintenance, since there are no software updates or signatures to be continuously installed on each ICS device, and (3) the risk of a centralized network-based monitor node being compromised is lower than if it were host-based software on each ICS device due to a reduced attack surface. Our overall prototype tool implements a graphical user interface (GUI) that can be used to monitor and alert on a small-sized to medium-sized ICS network of IP-based RTUs or PLCs similar to the ABB RTU560.

Industry 4.0 and with that the Internet of Things (IoT) are expected to revolutionize the industrial world. The vast amount of interconnected devices bear the great opportunity to collect valuable information for advancing decision making in management and technology to improve through-life management of a product. Cyber-physical systems and the Internet of Services will revolutionize our current world through fully interconnected communication where information and services are becoming ubiquitous. The availability of information across a system of systems can be very powerful when utilized properly and harnessed adequately. The vast network of small, power-sensitive and often deeply embedded devices that are streaming potentially commercially sensitive data over long periods of time poses an entirely different type of threat than known from the conventional PC world. Adequate and sensible measures need to be taken right at the design stage of IoT devices in order to take best advantage of Industry 4.0 technology. This chapter introduces a set of key security issues related to the implementation of IoT in an industrial mechanical engineering context. A real-world example concerning remote maintenance of CNC machine tools illustrates the different threat scenarios related to IoT in practice. The paper touches on Big Data and Cloud Manufacturing but will remain focused on improving security at the Edge of IoT, i.e. where data is collected, transmitted and eventually transferred back to the physical actuators. The aim of this chapter is to introduce a generic overview of real-world IoT security issues as well as giving a deeper technical example-supported insight into practical considerations for designing IoT systems for practical use in business.

Traditional cybersecurity architectures incorporate security mechanisms that provide services such as confidentiality, authenticity, integrity, access control, and non-repudiation. These mechanisms are used extensively to prevent computer and network intrusions and attacks. For instance, access control services prevent unauthorized access to cyber resources such as computers, networks, and data. However, the modern Internet security landscape is characterized by attacks that are voluminous, constantly evolving, extremely fast, persistent, and highly sophisticated Schnackenberg et al. (2000), Anuar et al. (2010). These characteristics impose significant challenges on preventive security services. Consequently, methodologies that enable autonomic detection and response to cyberattacks should be employed synergistically with prevention techniques in order to achieve effective defense-in-depth strategies and robust cybersecurity systems. This is especially true for the critical systems belonging to Industry 4.0 systems. In this chapter, we describe how we have integrated cyberattack detection and response mechanisms into our Software-Defined Cloud Manufacturing architecture. The cyberattack detection algorithm described in this chapter is based on ensemble intelligence with neural networks whose outputs are fed into a neuro-evolved neural network oracle. The oracle produces an optimized classification output that is used to provide feedback to active attack response mechanisms within our software-defined cloud manufacturing system. The underlying goal of this chapter is to show how computational intelligence approaches can be used to defend critical Industry 4.0 systems as well as other Internet-driven systems.