A little over a year ago, a long-time colleague of mine, Professor Dirk Schaefer, and I started working on a book project. We set out on a new journey to produce an edited book for Springer International Publishing. Dirk and I have been conducting research together for about a decade, and our work has been mostly concerned with the intersection of information technology, advanced manufacturing and cybersecurity.
Recently, our work has focused on advanced manufacturing within the domain of Industry 4.0, which is sometimes referred to as the 4th Industrial Revolution. In a nutshell, Industry 4.0 deals with the technologies required to achieve what we call “smart manufacturing.” Smart manufacturing is achievable using modern technologies, such as the Internet of Things (IoT), the Industrial Internet of Things (IIoT), automation, cloud computing, Big Data processing, and highly integrated communication capabilities between all aspects of an advanced manufacturing environment (from the shop floor to the IT front and back offices to the cloud to supply-chains and etc.).
One very important aspect to the Industry 4.0 puzzle is cybersecurity. Without it, we will never be able to achieve the full potential of the Industry 4.0 vision. I believe there are vast opportunities on the horizon with Industry 4.0, with numerous unforeseen outcomes which will spur economic growth and significantly benefit societies all over the world in terms of new career opportunities. However, as an engineer working in cybersecurity, I know that the path will not be easy.
In order to make our mark on this endeavor, Dirk and I decided to focus our book on Cybersecurity and Industry 4.0. After over a year’s worth of work, our book, titled Cybersecurity for Industry 4.0: Analysis for Design and Manufacturing, is now available via Springer Publishing and Amazon. Colleges and universities that have library subscriptions with Springer have full access to all of the chapters. Moreover, the book is available as a hardcover and in electronic copy. In the next few paragraphs, I’ll give you an overview of each chapter in our book.
The objective of the book is to introduce readers to new research on cybersecurity for the Industry 4.0 landscape with an emphasis on Design and Manufacturing applications. It covers the technological foundations of cybersecurity within this domain and addresses existing threats faced by Industry 4.0 sectors along with existing state-of-the-art solutions. To provide a holistic perspective, the topic is discussed from the perspectives of both practical implementations in industry and cutting-edge academic research. This way, it benefits practicing engineers and decision-makers in industry, as well as researchers and educators in the design and manufacturing communities.
In Chapter 1, “Industry 4.0: An Overview of Key Benefits, Technologies, and Challenges,” Dirk and I provide details of Industry 4.0 technologies and paradigms to provide the reader with a good background of Industry 4.0 basics. The purpose of this chapter is to give the reader a better understanding of the cybersecurity aspects of the remaining chapters in the book.
In Chapter 2, “Customized Encryption of CAD Models for Cloud-enabled Collaborative Product Development,” Cai, Wang, Lu, and Li introduce an innovative and customized encryption approach to support secure product development collaboration. Their goal is to maintain the security of sensitive information in CAD models such as private intellectual property while simultaneously allowing the models to be shared in the cloud for effective product development collaboration across organizational boundaries.
Wegner, Graham and Ribble introduce in Chapter 3, titled “A New Approach to Cyber Physical Security in Industry 4.0,” a new paradigm using a direct-to-machine communication approach that limits and protects information flows to internal and subcontracted factory floor devices to complement perimeter security. The authors believe this to be an essential first step in creating secure manufacturing for Industry 4.0.
Chapter 4 introduces the reader to Forensic Analysis within the IIoT. In this chapter titled “SCADA System Forensic Analysis within IIoT,” Eden et al. focus on the need for incident response within Industry 4.0 environments. The chapter focuses on the forensic challenges and analysis within an IIoT and its physical infrastructure.
In Chapter 5, “Big Data Security Intelligence for Healthcare Industry 4.0,” Manogaran et al. provide an overview of how the healthcare industry can be viewed as an Industry 4.0 paradigm. The healthcare industry has started using technology based on the IoT and the IIoT. The data generated by healthcare ‘things’ should be managed with security and privacy in mind. The authors introduce their Meta Cloud-Redirection architecture and describe the security and privacy aspects of it.
In Chapter 6, “Decentralized Cyber Physical Systems: A Paradigm for Cloud-based Smart Factory of Industry 4.0,” Zhang et al. introduce the conceptual model and operation mechanism of decentralized cyber-physical systems (CPS), which enables manufacturers to utilize a cloud-based agent approach to create an intelligent collaborative environment for product creation. Similar to Chapter 1, Chapter 6 details many key underlying technologies of Industry 4.0.
Chapter 7 introduces the reader to direct digital manufacturing and its cybersecurity needs. In this chapter, titled “Applying and Assessing Cybersecurity Controls for Direct Digital Manufacturing (DDM) Systems,” Glavach, LaSalle-DeSantis and Zimmerman address cybersecurity threats to the DDM community. They provide a case study detailing a security assessment performed on an additive manufacturing system and present protocols and recommendations for security best practices for DDM systems.
In Chapter 8, “The Resource Usage Viewpoint of Industrial Control System Security: An Inference-based Intrusion Detection System,” Nair et al. introduce cybersecurity mechanisms for Industrial Control Systems. Their premise is that one can infer CPU load by remotely profiling the network traffic emitted by an ICS device and use that inference to detect potentially malicious modifications to the behavior of the ICS device.
In Chapter 9, “Practical Security Aspects of the Internet of Things,” Mehnen et al. introduce a set of key security issues related to the implementation of the IoT in an industrial mechanical engineering context. The authors provide a real-world example concerning remote maintenance of CNC machine tools, which illustrates the different threat scenarios related to IoT in practice.
The authors detail various aspects of Big Data and Cloud Manufacturing but focus on improving security at the Edge of IoT, which is where data is collected, transmitted, and eventually transferred back to the physical actuators. The authors aim is to introduce a generic overview of real-world IoT security issues as well as giving a deeper technical example-supported insight into practical considerations for designing IoT systems for practical use in business.
Finally, the book concludes with Chapter 10, “Cybersecurity for Industry 4.0 and Advanced Manufacturing Environments with Ensemble Intelligence.” In this final chapter, Dirk and I discuss how machine learning approaches using ensemble intelligence can be achieved. Ensemble intelligence is a promising technique that utilizes multiple machine learning instances to solve a given problem. The idea is based on collective intelligence whereby the answer to a problem is often more accurate when answered collectively than when answered solely by any single entity within the collection.
For example, many types of game shows use a form of this technique when contestants are given an opportunity to answer a question using help from the audience. It turns out that within the machine learning world, this technique proves to be very beneficial in terms of producing intelligent systems that have higher levels of classification and prediction accuracy.
Building on this idea of ensemble intelligence, we describe in Chapter 10 how cyberattack detection and response mechanisms can be integrated into a Software-Defined Cloud Manufacturing system. The cyberattack detection algorithm described in this chapter is based on ensemble intelligence using a collection of neural networks whose outputs are fed into a neuro-evolved neural network oracle. The neuro-evolved oracle is a feed-forward, artificial neural network whose design parameters such as the number of neural nodes, the number of hidden layers, and the types of activation functions used by the oracle are chosen in an optimal manner by using a genetic algorithm for the parameter selection process.
The oracle produces an optimized classification output that is used to provide feedback to active attack response mechanisms within the software-defined cloud manufacturing system. The underlying goal of this chapter is to show how machine learning approaches can be used to defend critical Industry 4.0 systems as well as other Internet-driven systems.
This book is one of the first collections of works related to various aspects of Industry 4.0 and its cybersecurity needs. Hopefully, this collection of work will make a small contribution to the overall goal of achieving higher levels of security in our advanced manufacturing environments of the near-tomorrow. If you read the book, we hope you will find it to be informative and useful for your cybersecurity and Industry 4.0 research efforts.
To learn more about how Tripwire help prevent, detect and correct IT issues in your critical infrastructure watch this video: