Intrusion Detection System for Cyber-Manufacturing System

Cyber-manufacturing system (CMS) offers a blueprint for future manufacturing systems in which physical components are fully integrated with computational processes in a connected environment. Similar concepts and visions have been developed to different extents and under different names-"Industrie 4.0" in Germany, "Monozukuri" in Japan, " Factories of the Future" in the EU, and "Industrial Internet" by GE. However, CMS opens a door for cyber-physical attacks on manufacturing systems. Current computer and information security methods-firewalls and intrusion detection system (IDS), etc.-cannot detect the malicious attacks in CMS with adequate response time and accuracy. Realization of the promising CMS depends on addressing cyber-physical security issues effectively. These attacks can cause physical damages to physical components-machines, equipment, parts, assemblies, products-through over-wearing, breakage, scrap parts or other changes that designers did not intend. This research proposes a conceptual design of a system to detect cyber-physical intrusions in CMS. To accomplish this objective, physical data from the manufacturing process level and production system level are integrated with cyber data from network-based and host-based IDSs. The correlations between the cyber and physical data are analyzed. Machine learning methods are adapted to detect the intrusions. Three-dimensional (3D) printing and computer numerical control (CNC) milling process are used as examples of manufacturing processes for detecting cyber-physical attacks. A cyber-physical attack scenario is presented with preliminary results to illustrate how the system can be used.