Co-evolution of products-processes-production systems or ‘industrial symbiosis’ with minimum need of new resources

Smarter equipment and manufacturing systems with self-diagnosis (temperature, vibrations, noise) and embedded sensing, memory or active architecture, with functional materials allowing them to adjust work processes and operations to variances in structure, shape and material composition (right first time manufacture).. Capture of machine data through this inherent ‘smartness’ for communication between machines (for M2M), at factory level and through supply chains for a systems approach to manufacturing and meeting customer demand. New equipment components taking advantage of new designs and advanced materials (e.g. gears and transmissions providing longer lifetime of equipment, active surfaces that can embed and release lubricant when needed (higher pressures or temperatures))

https://en.wikipedia.org/wiki/Augmented_reality

https://en.wikipedia.org/wiki/Virtual_reality

Advanced machine interaction with humans through ubiquity of mobile devices will enable users to receive relevant production and enterprise-specific information regardless of their geographical location and tailored to the context and the skills/responsibilities they own. Interactions with ICT infrastructures and equipment will be natural language-like

https://en.wikipedia.org/wiki/Data_visualization ; http://www.visual-analytics.eu/faq

Data acquisition is the process of sampling signals that measure real world physical conditions and converting the resulting samples into digital numeric values that can be manipulated by a computer. Data acquisition systems, abbreviated by the acronyms DAS or DAQ, typically convert analog waveforms into digital values for processing. The components of data acquisition systems include:

• Sensors, to convert physical parameters to electrical signals.
• Signal conditioning circuitry, to convert sensor signals into a form that can be converted to digital values.
• Analog-to-digital converters, to convert conditioned sensor signals to digital values.

 
Data acquisition applications are usually controlled by software programs developed using various general purpose programming languages
So, as a summary, Data acquisition is in itself a vast group of protocols, technologies, sensors, hardware and software…

(from https://en.wikipedia.org/wiki/Data_acquisition)

Data modeling in software engineering is the process of creating a data model for an information system by applying certain formal techniques. (from https://en.wikipedia.org/wiki/Data_modeling)

Authorisation is the process of allowing an entity (humans, systems or devices) to access information systems or facilities where information and processing capabilities are being stored. More practical in an industrial setting for Digital Manufacturing Platforms, an authorized person can get access to an operational machine in order to update it, or investigate its contents. Unauthorized access could be someone who has been able to access the network from the outside, performing actions that have not been authorized and cannot be justified.

Authentication is a means to assess the authorization rules of an entity by means of a set of instruments. In the case of Digital Manufacturing Platforms it would be the instruments like user name and password, and in addition a second factor such as a physical token or a mobile phone that can authenticate the person accessing the platform. The physical token connects the person to something he has, the password to something he knows. 

A third A in the AAA-architecture is related to Access. Once authorized, and authenticated, access can be granted to the location, system, application, and / or information. Access control levels can thus be set up on different layers. These can be physical (access to the country, to the plant, to the building, the room and the environment where the system is located), and logical (using authentication technologies). In Digital Manufacturing Platforms this means the systems could be accessible only on premise, in the factory or for instance in the (private or public) cloud. As a result different access mechanisms needs to be considered, depending on the risk and intended security levels and controls. 

https://en.wikipedia.org/wiki/AAA_(computer_security) ; https://en.wikipedia.org/wiki/Authorization

API's (and REST API's) need to be carefully protected through mechanisms limiting access on the basis of identity and authorizing and authenticating through managed and controlled mechanisms. Usually certificates and IP-addresses are being used to restrict access to API's, but a more granular approach is advisable from a Security Architecture perspective. Other architectures being used as Integratio Protocols in Digital Manufacturing Platforms are JSON (for its near real time capabilities) and MQ (message bus architectures). The letter being less secure, since it provides a continuous stream of information which is being sent to a destination. 

Example: blockchain

https://en.wikipedia.org/wiki/Distributed_ledger

The resources layer addresses standards regarding the distribution of all participating physical Industry 4.0 components. This includes equipment and machinery (typically at field and process level), control systems, applications and network infrastructure.

The communication layer includes standards regarding integration and communication protocols as well as related mechanisms that contribute to interoperability of components. Also includes the provision of services for control of the integration processes

The information layer focuses on standards that regulate information flows, information objects and data models being used by components, services and their functions to exchange information. A common semantic base is the key requirement to ensure consistent integration of different data and achieve interoperability between components at this layer.

The function layer includes standards that cumulate common functions derived from applications, systems and components. Remote access and horizontal integration take place within the layer to ensures the integrity of the information and conditions in the process and the integration of the technical level.

The business layer focuses on standards that represent business objectives and the resulting overall processes regarding the exchanged information at the lower layers. The layer addresses regulatory and market perspectives, business models, business cases and products, business processes and regulations influencing business models.

The international standard IEC 61499, addressing the topic of function blocks for industrial process measurement and control systems, was initially published in 2005. The specification of IEC 61499 defines a generic model for distributed control systems and is based on the IEC 61131 standard. (see https://en.wikipedia.org/wiki/IEC_61499 and IEC 61499 - International Electrotechnical Commission.

IEC 61131 is an IEC standard for programmable controllers. (see also https://en.wikipedia.org/wiki/IEC_61131, https://webstore.iec.ch/searchform&q=61131)

MQTT (MQ Telemetry Transport) is an open OASIS and ISO standard (ISO/IEC PRF 20922) lightweight, publish-subscribe network protocol that transports messages between devices. (From https://en.wikipedia.org/wiki/MQTT)

OPC Unified Architecture (OPC UA) is a machine to machine communication protocol for industrial automation developed by the OPC Foundation.
(see https://en.wikipedia.org/wiki/OPC_Unified_Architecture)

http://www.onem2m.org/

Time-Sensitive Networking (TSN) is a set of standards under development by the Time-Sensitive Networking task group of the IEEE 802.1 working group. The standards define mechanisms for the time-sensitive transmission of data over Ethernet networks. (See https://en.wikipedia.org/wiki/Time-Sensitive_Networking)

IEEE 802.15.4 is a technical standard which defines the operation of low-rate wireless personal area networks (LR-WPANs). (from https://en.wikipedia.org/wiki/IEEE_802.15.4)

https://www.gs1.org

Canonical object messaging standard (see https://oagi.org)

Universal Business Language (UBL) is an open library of standard electronic XML business documents for procurement and transportation such as purchase orders, invoices, transport logistics and waybills. UBL was developed by an OASIS Technical Committee with participation from a variety of industry data standards organizations.  Version 2.1 was approved as an OASIS Standard in November 2013 and an ISO Standard (ISO/IEC 19845:2015) in December 2015

(From https://en.wikipedia.org/wiki/Universal_Business_Language)

SensorThings API is an Open Geospatial Consortium (OGC) standard providing an open and unified framework to interconnect IoT sensing devices, data, and applications over the Web. It is an open standard addressing the syntactic interoperability and semantic interoperability of the Internet of Things. It complements the existing IoT networking protocols such CoAP, MQTT, HTTP, 6LowPAN. While the above-mentioned IoT networking protocols are addressing the ability for different IoT systems to exchange information, OGC SensorThings API is addressing the ability for different IoT systems to use and understand the exchanged information. As an OGC standard, SensorThings API also allows easy integration into existing Spatial Data Infrastructures or Geographic Information Systems.

(from https://en.wikipedia.org/wiki/SensorThings_API)

IPC-CFX is an electronics manufacturing industry developed standard forming the foundation/backbone of Industry 4.0 Applications.  (From: http://www.ipc-cfx.org)

The W3C Web Ontology Language (OWL) is a Semantic Web language designed to represent rich and complex knowledge about things, groups of things, and relations between things.  (from https://www.w3.org/OWL/)

Which are the target groups? Which new markets and users will be connected?

Interactions with other (commercial) digital platforms indicate how developed solutions are interoperable with legacy systems or how future interaction with other solutions is anticipated.
 

Other eco-system aspects can be:

• What are the value chain implications?
• Is the network open or closed? Is there an intention to expand?
• Is it a vertical, sectorial platform or a cross-cutting, horizontal platform?
• How are the relationships defined?

Platform as a Service (PaaS) or application platform as a Service (aPaaS) or platform base service is a category of cloud computing services that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. (from https://en.wikipedia.org/wiki/Platform_as_a_service)

Software as a service (SaaS /sæs/) is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software".  (from https://en.wikipedia.org/wiki/Software_as_a_service)

https://nl.wikipedia.org/wiki/Infrastructure_as_a_service

Pay-per-use or pay-per-duration-of-use implies that users are charged pro-rata of how much they used the service (in terms of consumed resources, computing power,... or in terms of the duration of the use of the service)

Pay-per-saved-unit-of-X or pay-per-added-value implies that the user pays pro-rate the added value that the service is generating

Proprietary software is non-free computer software for which the software's publisher or another person retains intellectual property rights—usually copyright of the source code, but sometimes patent rights. (from https://en.wikipedia.org/wiki/Proprietary_software)

Open-source software (OSS) is a type of computer software whose source code is released under a license in which the copyright holder grants users the rights to study, change, and distribute the software to anyone and for any purpose. Open-source software may be developed in a collaborative public manner. According to scientists who studied it, open-source software is a prominent example of open collaboration. (from https://en.wikipedia.org/wiki/Open-source_software)

Digital platforms will be successful if they provide a clear value proposition to the user groups  involved. In general, digital platforms offer added-value basd upon three main mechanisms:

• Reduction of transaction costs
• Network effects
• Use of data integration for new services (mainly optimisation) and business models

Based upon these mechanisms, added-value can be created in a variety of perspectives (see 'Added Value and Impact').

SCM: Supply Chain Management ; CRM: Customer Relationship Management

Dedicated ERP software implemented

Supply chain management system implemented
 

Forecasting of required capabilities (link with Autonomous Smart Factories)

Common digital platform used for tenders and bidding (dynamically connecting to new suppliers/customers)

Product Data management Systems

Product Life Cycle systems integrating Computer Aided Design and Product Data Management systems.

Customer Relationship Management systems

Physical and logical password should be considered from the overall taxonomy and as part of one of the Digital Pathways, as Physical and Logical Access provisioning. Physical passwords here are types of authentication technologies and can be voice commands, fingerprints, or simple presence (by means of an electronic token that an operator carries). Logical passwords here are both pincodes, passphrases or even certificates or hash keys, that support the specific levels of security. Both are considering the mechanism of access control for security in this pathway.

Access control is a key component of security and cybersecurity to any system, being it a physical (gates, doors, equipment, ...) or logical (application, service, activity, ...) one.

Under this heading, the purpose is to clarify that access control should be mandatory for every system being operated in a manufacturing environment. Access control levels can be very low, by providing everybody access to an application on the factory floor. But at least it has considered that only people on the factory floor should be getting access. That physical constraint can be taken into account. This means that from a risk perspective, unaccompanied visitors or subcontractors without oversight could also get access to this system. 

By considering access control as a fundamental security mechanism, based upon a risk approach, controls can be further built in, relating back to the types of users, or moments of intervention. Least access principles should be applied, in order to only provide access after a specific given thought. For instance, the system can have a regular user (an operator), a floormanager or head of production (being capable to override a decision from an operator), a service engineer (maintainance) and an administrator. 

These roles should allow different levels of access to the systems and can be related to specific risks related to them, and to the overall risk consideration. Physical passwords can be considered into the application as additional means to identify the specfic roles. 

As an example, to enhance the security of an application in a manufacturing environment from Level 1 to Level 3, there will be administrator access needed to operate a specific machine or function, instead of simply pushing the button to power up a specific machine. This can be trivial, as a sawing machine that can only be used by an operator qualified to use it, up until ensuring only oversight happens when a maintenance engineer updates the machine via a usb-token and leaves additional malware on the machines. 

Malware is a broad term that describes a computer program (software) that was intentionally developed to cause damage to a computer system, mainly with the intention in financial gains - but more frequently to cause business interruptions, being held hostage or to simply steal information. 

For over two decades malwares have existed, specifically written to exploit vulnerabilities in computer systems, that can be used for personal gains. It is a form of cybercrime to use them, to break into someone else system. In most countries in the world, it is not a crime to develop malware - only to exploit it against someone else. 

Malwares exist in many different forms. What used to be viruses, that were sent generally via email in the past, have transformed into specifically engineered pieces of software for specific purposes - the most infamous one today being Stuxnet. For viruses, security software and firewalls have been equipped to detect them and quarantaine them before they can even be seen by the destination email address. But through phising attacks (emails with a malicious hyperlink - URL) or man in the middle attacks (website that have been compromised and redirect traffic) users are still being exposed to malware. 

Malware can also enter by means of USB-sticks, pieces of software that don't belong on an industrial control systems or manufacturing system (games, apps, ...) which can sometimes contain malware of pieces of them. 

Ransomware is a form of malware that typically starts encrypting data, once it has been activated. To decrypt a ransom has to be paid. Ransomware can be avoided by 1) frequently upgrading the underlying software to avoid exploitation of vulnerabilities, 2) isolating the industrial systems from office and other types of systems, 3) restricting access to the systems by means of physical and logical limitations.

APTs (Advanced Persistent Threats) usually are a combination of multiple attacks and threats, intended towards a specific target. APT's will combine the detection of vulnerabilities with the exploitation of malware and ransomware. APT's are typically being coordinated by nation state actors or organized crime. 

Digital Manufacturing Platforms should be concerned about the abuse of their platforms by malicious users, and should prevent by all means available man in the middle attacks or similar attacks where redirects of the platform end up on the download of malwares. By running the Digital Manufacturing Platforms in the cloud, additional security measures can be put in place specifically monitoring the activities of specific containers for unexpected calls or actions. Manufacturing companies should further give notice to the continuous protection of end point devices and active monitoring of network traffic on top of the detection of malicious activities. 

The process of recording activities happening on an IT system, including OT systems operated via IT. Monitoring and logging typically occurs on network level, where packages are being sent over TCP/IP (internet protocol) and captured at the edges, in the controlling entities (routers and gateways) or as an in-line device (such as a firewall, ids or ips). Network traffic typically records origin and destination IP address, the type of application, and contents. Some of the traffic could have been encrypted. 

Network traffic can be captured via a monitoring port on network devices. This results in the recording of all events that have been instructed to be logged. During the monitoring phase, this near real time data can be evaluated and analyzed. On the basis of the traffic patterns can be detected that allow the understanding of how applications (such as ransomware) arrives inside the organization or on how confidential data might leave the organization. 

Logging also happens on the device level, allowing to identify the activities taking place on the device (types of applications being used and identities of people accessing the devices). This allows to identify a user with a certain transaction, or allows better for the detection of data manipulation or data theft to take place. With Machine Learning techniques some behavioral actions on a network will be detected prior to the malicious action of theft or abuse taking place. On the basis of patterns and pattern recognition, actions and events which are being used by criminals can be detected and indicating that an incident is taking place. 

By utilising similar data from the outside, incidents happening in other locations, in other factories and companies can be recorded and similar patterns (signatures) can be signaled amongst trusted partners. This allows for preventative instructions inside the intrusion prevention systems, which will be able to block IP addresses, block users and applications. 

Finally the monitoring and logging is important for forensics. Once an incident has happened, the recorded sessions allow to understand what exactly happened, collect evidence and use as a means for future preventive actions. 

In Digital Manufacturing Platforms a logging facitlity should be enabled allowing to record the manipulations and transactions that have happened inside the platform itself, and recording the access and identity of the persons who have been controlling the platform itself. 

Penetration Testing (Pentesting) is a term used by Cybersecurity practitioners to describe the process of diligently assessing potential vulnerabilities in the information security infrastructure, including in the case of Manufacturing and Industrial environments also operational technology infrastructures. It typically uses a series of tools to automate the process, but will make use of the expert experiences focusing on known tricks and vulnerabilities. The goal for the pentester is to detect and report the leaks, but not to exploit them. It is also refered to as ethical hacking, in the perspective of not intentionally manipulating equipment, data, stealing data or leaving exploitable software behind. Pentesting is the ultimate means to demonstrate both the capabilities of the security infrastructure, as it is the way to identify the shortcomings upfront. A pentesting report will allow security managers to support their activities by indicating risks, threats, vulnerabilities and indicating the needs for a risk management process. Companies with a higher level of maturity will organize a systemic approach, allowing for pentesting to take place periodically, or following specific changes happening inside the infrastructure. This can also take place in the form of contests, having for instance red teams (the attackers) playing against the defenders (blue team); both utilizing their experiences of pentesting. With a Responsible Disclosure, organizatoins and individuals can call upon the community of ethical hackers (white hats) to help identifying vulnerabilities. These will be reported sometimes in return for a small bonus. Large hacking contests can be organized to test complete platforms. When vulnerabilities are found in technologies, including Platforms which are being sold, they are being reported as CVE's after a grace period of the reporting for about 3 to 6 months. For Digital Manufacturing Platforms pentesting should also take place in the platform itself, by performing software testing and testing the Platform being put into an operational environment, as it uses web and internet technologies making it susceptible for exploitation. 

Transmission data protection is the description of the security used for the communication of the data. 

This can be Tranmission Layer Protocol (TLP) when considering two or more systems communicating directly communicating with each other over the internet, and securing the communication itself by means of encryption and decryption on either end. 

Other means can be by using (other) VPN technologies, where usually an encryption layer between devices and applications running VPN-type services and applications are being used. 

Public operators such as Internet Services Providers, Mobile Operators, ... in most cases use encryption technologies to protect the data transmssion over the public network, when providing specific business to business services. In 3G, 4G and the up and coming 5G mobile data provisioning transmission data protection has been enabled.

However, operators and platform providers should assure themselves about which transmission data has been facilitated, or should require a security baseline for it. Additionally, digital platform can start providing transmission security as part of the platform. This will be especially necessary when working with edge devices transmitting and cloud platforms receiving data. 

Transmission data protection should also be considered for machines and equipment on site, or nearby. Many robot instructions and  their commands for instance, are being transmitted  in clear text. Many technologies exist today to prevent this from happening, even at high speeds.

The tranmission data itself should also be protected and prevented from leaking. The transmission data can also be used as a control protocol, checking the transmission for arrival and audit. 

Following a risk analysis, and upon the choice of a risk framework and definition of security policies, a password policy can be derived. 

The password policy is to be set up by organizations, both end user organizations manufacturers and digital platform and system providers.

Password policies should at least include :
- strong passwords or passphrases
- users to regularly update their passwords
- advise the use of multifactor (use an additional authentication device)

Digital Platform providers should provide a mechanism for single sign on or federated authentication, allowing for passwords not to be stored into the platform itself, but by accepting tokens from third party suppliers. 

Physical Security refers to the part of physical access control, borders, gates, identity verfication, passport control, manned guard services, videosurveillance, biometrics and related components. Physical security also considers physical attacks such as terrorist and criminal attacks, fire and water challenges. 

Multi-factor authentication describes the necessity for using more than 1 token as a proof of identity. As an example, when a user logs on to to a digital platform the basic means of authentication are user name and password. 

In addition to the password (single authentication), the user can be asked for a physical token (RFID-key, ID-card, ...). This can also be a mobile phone, an authenticator app token, a SecurID or Digipass token, or biometric (fingerprint, facial recognition, ...) elements.

In security terminology this related to the concept on assuring someone's identity by something the user knows (password) and something he/she has (physical token). Additional layers can be built into this concept in order to further improve and strenghten the security levels. 

When proving someone's identity at the front gate on the basis of an ID-card, Driver License or verifiable photo-ID, it can be enhanced with a log into the system that the person has reached the premise. With his personal RFID-token, he will be able to access his office. Meanwhile video surveillance camera's might have identified him in the building. Finally when logging on to his system on the network, he can be asked for an authentication code coming from his company mobile phone. 

These additional levels of authentication harden the security and can be continuously expanded, depending on the security levels required. 

Security training and awareness entails awareness creation, security information sessions an materials, education, educational programs, certification of people and all related formats and programs designed to inform and support people in understanding about cybersecurity.

Training & education

Security training programs will need to be an integrated part of a security strategy and policy. Next to the definition of risk, design of security policies describing how people should be getting or not getting access to specific environments, the people operating these environment should be instructed properly. 
Security training and education can be system and operation specific, but needs also to accompany the company and plant specific guidelines in security. 

Training and education should be a continuous activity, including repetition of elements of importance and strategic relevance. 

Security education programs should be adapted to specific departments, or groups of people, depending on their levels of maturity, systems access and responsibilities. 

Security education can be educational programs outside of the organizations, at specific dedicated educational organizations (private, high schools, universities, ... ) or within the organization itself. Some companies organize a one day educational course on cybersecurity, while others provide access to courses online. 

These educational programs can be followed by assessments, and can lead to the provision of certificates of attendance or qualification. 

Programs related to Cybersecurity can be CISSP (Certified Information Security Professional), CISM (Certified Information Security Manager), CISA (Certified Informatio Security Auditor). 

Other Cybersecurity educational programs will relate to specific components in the Cybersecurity architecture, such as Firewall, Monitoring, Identity & Access expert.

Organizations can provide educational programs from within their internal organizations (own developments or licensed from educational organizations), or can develop a specific cybersecurity program dedicated to a specific application or service which has been developed. 

Awareness

Cybersecurity awareness programs are more informative than educational programs, typically less attention demanding, less lengthy, but aimed to a specific series of rules, or oriented to relate to a specific behavior instead of knowledge transfer. 

The awareness program can indicate that the company is concerned over cybersecurity and draws attention to its employees how to handle incoming emails, watch out for suspicious behavior, means to detect that it is suspicious and what NOT to do with it. It can indicate the impact by means of a short movie, without going into detail on the whole architecture behind it. 

Cyber incident reponse capability is referred to as the means of an organization to cope with a cyber incident. Usually organized in a dedicated CSIRT (CyberSecurity Incident Response Team) or a CERT (Cyber Emergency Response Team) has developed a procedure for dealing with incidents (leakages, break-ins, attacks, ...) being detected in the organization and taking the necessary measures to mitigate, prevent and respond. This dedicated team should be empowered to be in control to prevent additional loss, and to fight an attack as it happens. That means that they are required to have a good understanding of the infrastructure and have the necessary means to deflect, increase security, limit access and ensure forensic means to collect during an incident. They should be in direct response and interaction with the crisis management team. During normal operations they will support the organization Security Operations (SOC) Team onsite or remote in coping with day to day alarms, investigating their threat levels and managing with the investigation of minor incidents. 

More information on th organization of CSIRTS can be find with various sources such as : https://resources.sei.cmu.edu/asset_files/Handbook/2003_002_001_14102.pdf

A dedicated organization is working with different developments and challenges of the CSIRT and CERT teams moving forwards, called FIRST https://www.first.org/