TY - GEN
T1 - Assessing Severity of Cyber-Attack Threats against Cyber-Manufacturing Systems
AU - Espinoza-Zelaya, Carlos
AU - Moon, Young
N1 - Publisher Copyright:
Copyright © 2022 by ASME.
PY - 2022
Y1 - 2022
N2 - The threats of cyber-attacks against Cyber-manufacturing systems (CMS) pose production manager with a unique challenge. The timing, target, severity of their occurrence is all uncertain and yet decisions need to be made in real time to ensure the achievement of production goals under their advent. This paper proposes a systemic approach to estimate threat severity in three different dimensions, (i) disruption potential, (ii) total economic impact, and (iii) non-tangible losses. A model resilient testbed CMS is presented, which is a system with prevention, detection, redundancy, and recovery mechanisms implemented against cyber-attacks. We evaluate the potential threat by analyzing the state of production factors and the characteristics of the potential responses that the system has set in place. The severity of the attack cannot be defined in advance given that the level of disruption that can create is not an absolute value but rather dependent on the state of the system at it time of its occurrence. To address this uncertainty, we utilize an expected value equation in which we take the worst-case scenario and take actions to ensure the system remains resilient. Decisions are taken to minimize cost while ensuring the fulfillment of the production goals.
AB - The threats of cyber-attacks against Cyber-manufacturing systems (CMS) pose production manager with a unique challenge. The timing, target, severity of their occurrence is all uncertain and yet decisions need to be made in real time to ensure the achievement of production goals under their advent. This paper proposes a systemic approach to estimate threat severity in three different dimensions, (i) disruption potential, (ii) total economic impact, and (iii) non-tangible losses. A model resilient testbed CMS is presented, which is a system with prevention, detection, redundancy, and recovery mechanisms implemented against cyber-attacks. We evaluate the potential threat by analyzing the state of production factors and the characteristics of the potential responses that the system has set in place. The severity of the attack cannot be defined in advance given that the level of disruption that can create is not an absolute value but rather dependent on the state of the system at it time of its occurrence. To address this uncertainty, we utilize an expected value equation in which we take the worst-case scenario and take actions to ensure the system remains resilient. Decisions are taken to minimize cost while ensuring the fulfillment of the production goals.
KW - cyber-manufacturing
KW - resilience
KW - severity
UR - http://www.scopus.com/inward/record.url?scp=85148685099&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85148685099&partnerID=8YFLogxK
U2 - 10.1115/IMECE2022-94493
DO - 10.1115/IMECE2022-94493
M3 - Conference contribution
AN - SCOPUS:85148685099
T3 - ASME International Mechanical Engineering Congress and Exposition, Proceedings (IMECE)
BT - Advanced Manufacturing
PB - American Society of Mechanical Engineers (ASME)
T2 - ASME 2022 International Mechanical Engineering Congress and Exposition, IMECE 2022
Y2 - 30 October 2022 through 3 November 2022
ER -