Comprehensive Analysis of Cyber-Manufacturing Attacks Using a Cyber-Manufacturing Testbed

Abstract Cyber-Manufacturing Systems (CMS) are vulnerable to cyber-manufacturing attacks ironically because of its very beneficial advance: seamless integration with informational and operational entities. Beyond traditional cyber-attack practices, attackers against CMS have an enlarged attack vectors to penetrate CMS through and have a broader spectrum of eventual consequences. Although the significance of this new problem started being widely recognized, actual occurrences of cyber-manufacturing attacks — that can provide useful empirical data — have been relatively of a low number. Furthermore, recent research has been focused on developing solutions to prevent or detect cyber-manufacturing attacks. However, such solutions can be more effectively devised if a thorough understanding of the nature of various attacks is achieved first. To develop effective solutions against cyber-manufacturing attacks, it is of utmost important to understand motivations of the attacker, behaviors of the attacks, patterns of the attack, and impacts of these attacks. The comprehensive analysis of cyber-manufacturing attacks can be achieved by conducting an in-depth investigation of the attacks, identifying vulnerabilities caused by the attacks, and experimenting the attacks in a controlled CMS environment. This research presents how a cyber-manufacturing testbed can be utilized to achieve the above goal. It contributes toward the goal by accomplishing four tasks. First, it established a cyber-manufacturing system testbed. Second, the research identified attack surfaces in the designed testbed and performed an in-depth investigation for cyber-attacks that can infiltrate the established testbed. Based on the second task, it developed a ranking system. Finally, based on the ranking system, high-impact attack scenarios have been identified, demonstrated and analyzed on the cyber-manufacturing testbed.