Intrusion Detection System for Cyber-Manufacturing System

Abstract

Cyber-manufacturing system (CMS) offers a blueprint for future manufacturing systems in which physical components are fully integrated with computational processes in a connected environment. Similar concepts and visions have been developed to different extents and under different names—“Industrie 4.0” in Germany, “Monozukuri” in Japan, “Factories of the Future” in the EU, and “Industrial Internet” by GE. However, CMS opens a door for cyber–physical attacks on manufacturing systems. Current computer and information security methods—firewalls and intrusion detection system (IDS), etc.—cannot detect the malicious attacks in CMS with adequate response time and accuracy. Realization of the promising CMS depends on addressing cyber–physical security issues effectively. These attacks can cause physical damages to physical components—machines, equipment, parts, assemblies, products—through over-wearing, breakage, scrap parts or other changes that designers did not intend. This research proposes a conceptual design of a system to detect cyber–physical intrusions in CMS. To accomplish this objective, physical data from the manufacturing process level and production system level are integrated with cyber data from network-based and host-based IDSs. The correlations between the cyber and physical data are analyzed. Machine learning methods are adapted to detect the intrusions. Three-dimensional (3D) printing and computer numerical control (CNC) milling process are used as examples of manufacturing processes for detecting cyber–physical attacks. A cyber–physical attack scenario is presented with preliminary results to illustrate how the system can be used.