Insider attack scenario assessment framework

Jinwoo Song, Xinyu He, Young Moon

Research output: Chapter in Book/Entry/PoemConference contribution


Cyber Manufacturing Systems (CMS) brings improvements to the manufacturing system and offers an information-transparent environment. Although CMS’s enhanced system brings many advantages to its manufacturing process, it is at a higher risk of security breach ironically due to its accessibility and connectivity. Therefore, implementing CMS without adequate security measures will make the system vulnerable to intruders including insiders. To identify insider threats, a risk assessment-based framework has been explored by many researchers in the information security community. however, less work has been done to analyze CMS’s vulnerabilities. Therefore, an Insider Attack Scenario Assessment Framework (IASAF) is proposed in this paper. IASAF is developed to detect the system’s security vulnerabilities and evaluate the insider attack scenarios by using five domains including: actor, preparation, implementation, consequence, and recovery. To validate and demonstrate the effectiveness of the framework, a testbed was used to study a case.

Original languageEnglish (US)
Title of host publicationAdvanced Manufacturing
PublisherAmerican Society of Mechanical Engineers (ASME)
ISBN (Electronic)9780791885567
StatePublished - 2021
EventASME 2021 International Mechanical Engineering Congress and Exposition, IMECE 2021 - Virtual, Online
Duration: Nov 1 2021Nov 5 2021

Publication series

NameASME International Mechanical Engineering Congress and Exposition, Proceedings (IMECE)


ConferenceASME 2021 International Mechanical Engineering Congress and Exposition, IMECE 2021
CityVirtual, Online


  • Attack detection
  • Cyber-physical manufacturing system
  • Insider attack
  • Insider threats
  • Manufacturing
  • Risk assessment framework
  • Vulnerability

ASJC Scopus subject areas

  • Mechanical Engineering


Dive into the research topics of 'Insider attack scenario assessment framework'. Together they form a unique fingerprint.

Cite this