Efficiency and Security of Process Transparency in Production Networks—A View of Expectations, Obstacles and Potentials☆

Abstract Much of the resilience and flexibility of production networks lies in the transparency of processes that allows timely perception of actual process states and adequate decisions or intervention at the proper point of the production system. Such degree of observability and permeability do, however, bear risks of malevolent tapping or interference with the information stream which, in the case of production systems, can put both business and physical processes at risk, requiring careful exploration of security threats in horizontal and vertical integration, and individual end-to-end connections likewise. Also, different levels of networked production present specific needs—high throughput and low time lag on the shop-floor level, or tolerances for confidence, gambling and bounded-rational views in cross-company relations—that may conflict with security policies. The paper presents a systematic summary of such apparently contradicting preferences, and possible approaches of reconciliation currently perceived to be relevant on various abstraction levels of production networks.

[1]  Levente Buttyán,et al.  The Cousins of Stuxnet: Duqu, Flame, and Gauss , 2012, Future Internet.

[2]  Christof Paar,et al.  A Survey of Lightweight-Cryptography Implementations , 2007, IEEE Design & Test of Computers.

[3]  Andreas Willig,et al.  An autonomous framework for supporting energy efficiency and communication reliability in WSNs , 2013, 6th Joint IFIP Wireless and Mobile Networking Conference (WMNC).

[4]  Wouter Joosen,et al.  Data Protection Compliance Regulations and Implications for Smart Factories of the Future , 2016, 2016 12th International Conference on Intelligent Environments (IE).

[5]  Xenofon D. Koutsoukos,et al.  Self-Organizing WSN Protocol for Real-Time Communication Requirements , 2013, 2013 IEEE International Conference on Distributed Computing in Sensor Systems.

[6]  Dieter Gollmann,et al.  Vulnerabilities of cyber-physical systems to stale data - Determining the optimal time to launch attacks , 2014, Int. J. Crit. Infrastructure Prot..

[7]  Ulrike Cress,et al.  The Impact of Cognitive Anchors on Information-Sharing Behavior , 2013, Cyberpsychology Behav. Soc. Netw..

[8]  Kai Wang,et al.  LiveSec: Towards Effective Security Management in Large-Scale Production Networks , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[9]  Volker Roth,et al.  Internet-facing PLCs as a network backdoor , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[10]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[11]  Thomas Ristenpart,et al.  Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail , 2012, 2012 IEEE Symposium on Security and Privacy.

[12]  Weiwen Deng,et al.  AST: Activity-Security-Trust driven modeling of time varying networks , 2016, Scientific Reports.

[13]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[14]  Paul Fremantle,et al.  A security survey of middleware for the Internet of Things , 2015 .

[15]  B. Bhargava,et al.  Secure information sharing in digital supply chains , 2013, 2013 3rd IEEE International Advance Computing Conference (IACC).

[16]  Ing-Long Wu,et al.  Information sharing and collaborative behaviors in enabling supply chain performance: A social exchange perspective , 2014 .

[17]  Ahmad Khonsari,et al.  Detection and mitigation of sinkhole attacks in wireless sensor networks , 2014, J. Comput. Syst. Sci..

[18]  Russell Bent,et al.  Cyber-Physical Security: A Game Theory Model of Humans Interacting Over Control Systems , 2013, IEEE Transactions on Smart Grid.

[19]  Christian Kreibich,et al.  Detection of Intrusions and Malware, and Vulnerability Assessment, 7th International Conference, DIMVA 2010, Bonn, Germany, July 8-9, 2010. Proceedings , 2010, DIMVA.

[20]  Andrew P. Martin,et al.  An evolutionary game-theoretic framework for cyber-threat information sharing , 2015, 2015 IEEE International Conference on Communications (ICC).

[21]  Long-term growth and persistence with obsolescence , 2015 .

[22]  Bhavani M. Thuraisingham,et al.  Preventing Private Information Inference Attacks on Social Networks , 2013, IEEE Transactions on Knowledge and Data Engineering.

[23]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[24]  Theodore Tryfonas,et al.  A game theoretic defence framework against DoS/DDoS cyber attacks , 2013, Comput. Secur..

[25]  Wouter Joosen,et al.  HProxy: Client-Side Detection of SSL Stripping Attacks , 2010, DIMVA.

[26]  Eric Cole,et al.  Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization , 2012 .

[27]  Hehua Yan,et al.  Cloud-assisted industrial cyber-physical systems: An insight , 2015, Microprocess. Microsystems.

[28]  Sacha Brostoff,et al.  Transforming the ‘Weakest Link’ — a Human/Computer Interaction Approach to Usable and Effective Security , 2001 .

[29]  Manish M. Patel,et al.  Security attacks in wireless sensor networks: A survey , 2013, 2013 International Conference on Intelligent Systems and Signal Processing (ISSP).

[30]  Jay Lee,et al.  A Cyber-Physical Systems architecture for Industry 4.0-based manufacturing systems , 2015 .

[31]  Adrian Perrig,et al.  SMATT: Smart Meter ATTestation Using Multiple Target Selection and Copy-Proof Memory , 2012, CSA 2012.

[32]  Edgar R. Weippl,et al.  Advanced social engineering attacks , 2015, J. Inf. Secur. Appl..

[33]  Wouter Joosen,et al.  Empirical evaluation of a privacy-focused threat modeling methodology , 2014, J. Syst. Softw..

[34]  Chris Hankin,et al.  Game Theory Meets Information Security Management , 2014, SEC.

[35]  Russell J. Clark,et al.  Resonance: dynamic access control for enterprise networks , 2009, WREN '09.

[36]  Jiafu Wan,et al.  Implementing Smart Factory of Industrie 4.0: An Outlook , 2016, Int. J. Distributed Sens. Networks.

[37]  Avishai Wool,et al.  Implementing public-key cryptography on passive RFID tags is practical , 2015, International Journal of Information Security.

[38]  Shamik Sengupta,et al.  Cyber-Investment and Cyber-Information Exchange Decision Modeling , 2015, 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems.

[39]  T. Jones,et al.  Methods on Determining the Investment in IT Security , 2014 .

[40]  Jan Olhager,et al.  Supply chain integration and performance: The effects of long-term relationships, information technology and sharing, and logistics integration , 2012 .

[41]  K. Tan,et al.  Effects of managerial ties and trust on supply chain information sharing and supplier opportunism , 2014 .

[42]  InduShobha N. Chengalur-Smith,et al.  An Empirical Investigation of Extensible Information Sharing in Supply Chains: Going Beyond Dyadic , 2014, Inf. Resour. Manag. J..

[43]  Marc Dacier,et al.  Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures (Dagstuhl Seminar 14292) , 2014, Dagstuhl Reports.

[44]  Avishalom Tor,et al.  Overcoming Impediments to Information Sharing , 2003 .

[45]  Nadya Bartol,et al.  Cyber supply chain security practices DNA – Filling in the puzzle using a diverse set of disciplines , 2014 .

[46]  Zhao Yang Dong,et al.  Will electrical cyber–physical interdependent networks undergo first-order transition under random attacks? , 2016 .

[47]  Birgit Vogel-Heuser,et al.  Industrie 4.0 in Produktion, Automatisierung und Logistik , 2014 .

[48]  Dietmar P. F. Möller,et al.  Digital Manufacturing/Industry 4.0 , 2016 .

[49]  David Evans,et al.  Reverse-Engineering a Cryptographic RFID Tag , 2008, USENIX Security Symposium.

[50]  Beipeng Mu,et al.  NetSecu: A Collaborative Network Security Platform for In-network Security , 2011, 2011 Third International Conference on Communications and Mobile Computing.

[51]  G.M. Coates,et al.  A Trust System Architecture for SCADA Network Security , 2010, IEEE Transactions on Power Delivery.

[52]  Charles V. Wright,et al.  Inference Attacks on Property-Preserving Encrypted Databases , 2015, CCS.

[53]  Maurizio A. Spirito,et al.  The VIRTUS Middleware: An XMPP Based Architecture for Secure IoT Communications , 2012, 2012 21st International Conference on Computer Communications and Networks (ICCCN).

[54]  Ibrahim Sogukpinar,et al.  Scalable risk assessment method for cloud computing using game theory (CCRAM) , 2015, Comput. Stand. Interfaces.