Currently, the entire manufacturing industry is subject to huge paradigm shifts and facing fresh opportunities, which are based on technical and business perspectives. According to (Herterich, Uebernickel and Brenner, 2015), conventionally, manufacturing firms have focused on selling tangible products; however, the organisations have also been offering product-related services throughout the lifecycle of products. In the past few years, most of the firms have increased revenues by providing product-related services, specifically in areas of maintenance, repair, and overhaul. Digital Intelligence Architecture
Increase demand for the service dominant paradigm to replace the traditional good dominant logic has brought a better understanding of recent business models in the conventionally goods-driven industries among scholars. Due to the increased revenue realized from servitisation, the services focused is becoming more important. In addition, a demand for full-service offerings that are integrated and increased focus on performance rather than just selling and providing maintenance is being observed.
(Leitão, Colombo and Karnouskos, 2016) also notes that since, traditionally, manufacturing companies are made up of electrical and mechanical components; hence, breakdowns lead to downtowns and become highly costly to the firms, a shift towards digital technologies. Currently, most of the industrial and consumer products possess sensors and connectivity, which enhance transformation of the service-oriented businesses or create new hybrid business models in the manufacturing industry where a high demand for equipment, reliability, and capabilities cutting across and transcending the conventional product boundaries exists. Digital Intelligence Architecture
According to (Williams, 2014), adopting such technological capabilities (indicated above) has immense results; for instance, by reducing product downtown through condition monitoring, and incorporating preventive and predictive maintenance. However, (Leitão, Colombo and Karnouskos, 2016)notes that pervasive digital technologies are a huge information security threat to the digitized service oriented business that highly relies on technology to thrive[H1] . For instance, denial of service attackshave increased in frequency and magnitude over the past few years. Therefore, current paradigm shift from the traditional product driven to the service-oriented manufacturing industry requires robust cyber-security techniques to survive; otherwise, a single cyber-attack can lead to immense losses due to huge recovery costs, or a total collapse of the business.
According to (Williams, 2014), previous studies have inadequately covered cyber-attack threat to the manufacturing industries. For instance, there exists limited information regarding effective techniques that can be utilised to quantify cyber-attack effects and determine cyber security requirements in a manufacturing system. However, (Ani, He and Tiwari, 2016)argues that data driven techniques possess immense potential to develop robust cyber-security defence mechanisms for the manufacturing systems.
(Ani, He and Tiwari, 2016)indicates that automated manufacturing systems depend on and output many data, which if, utilized effectively can assist in detecting cyber-attacks before they cause damage to the system. In addition, data for automated manufacturing systems can be used analyse effects of cyber-attacks on such systems, thereby, identifying effective response techniques. According to (Venter, 2014), increase in the use of digital technology in the manufacturing industry has attracted the use of artificial intelligence (AI) techniques, to speed up processes and increase efficiency. Digital Intelligence Architecture
Use of (AI) techniques, whereby machines systems can learn from the existing data and perform some action(s) without direct control of human beings, also requires that similar techniques be applied on cyber security, to ensure that threats detection and response in case of attacks can be performed in the same speed as the process. (Leitão, Colombo and Karnouskos, 2016) insists that failure to use robust AI techniques to improve cyber security in manufacturing industries can lead to dangerous attacks because automated systems function at a very high speed; hence, detecting and responding to attacks manually becomes in effective or impossible. Therefore, digital intelligence for data driven cyber security is a necessary component of automated service oriented manufacturing systems. Digital Intelligence Architecture
Develop a digital intelligence architecture for data-driven cyber security of a manufacturing system.
- To determine effective techniques for quantifying the effect of cyber-attack on a manufacturing system.
- To identify cyber security requirements in a manufacturing enterprise.
- To outline an effective defence architecture for securing manufacturing system.
- To develop an adaptive and autonomous cyber-attack security response architecture for manufacturing system.
- To validate the framework and model in (3) and (4).
Previous studies in the manufacturing area indicate that information security is critical in the manufacturing industries especially in these days of increased processes automation. According to Linton, Boyson, and Aje (2014), manufacturing has shifted from goods oriented to a services focused industry, whereby, most of the tasks such as are inventory management are highly automated with most of the work being done by machines rather than by human beings. For instance, current purchases and supply management systems can assess the level of inventory and available suppliers to determine the correct time for ordering a particular commodity and from which supplier and automatically do so with involving direct human aid. Digital Intelligence Architecture
Rongping (2014) also indicates that increasing manufacturing systems automation elicits a lot of data, which has become a serious problem to manage due to its dynamic frequency and of course its large volume among other things. However, Wu et al (2016), argues that Big Data management has experienced enormous progress, whereby, sophisticated technological techniques of data analysis have been devised. In addition previous data related studies have revealed that manufacturing industry data possess immense potential in managing information security threats and vulnerabilities due to the level of information they provide regarding the topic. Digital Intelligence Architecture
Venter (2014) also identifies that conventional information security management techniques have focused on countering particular information security threats and vulnerability without regarding the issue as system of threats. Linton, Boyson, and Aje (2014) acknowledges that approaching information security threats as system is the most efficient way to counter threat since particular techniques can lead to disastrous attacks for instance when one of the mitigation and control measures fail. Also, Williams (2014) insists that much of previous research in manufacturing industry have not focused on analysing the industry’s information security requirements, while few have superficially covered the topic.
Therefore, there exists, a wide shortage of system wide oriented techniques and knowledge of solving information security threats. With Big Datapossessing immense information regarding manufacturing industry information security systems, development and implementation of intelligent information security systems which can analyse data and counter security threats without involving human beings is required. Digital Intelligence Architecture
RQ1: How can the extent of damage from a cyber-attack to a manufacturing system be quantified?
RQ2: Can the cyber security needs of a manufacturing enterprise be accurately ascertained from data-driven vulnerability assessments?
RQ3: How can defence mechanisms be adopted effectively to secure a manufacturing system?
RQ4: Can response to cyber-attacks on manufacturing systems be adaptive and autonomous?
Quantitative and qualitative methods of research will be used simultaneously to conduct the proposed study; hence, mixed approaches will be utilized to collect primary data. The benefits of using mixed method techniques include the ability to generate adequate primary data for both qualitative and quantitative segments of the study hence assuring a wide perspective of the study topic(Creswell & Clark 2011). Reduction of biasness is another benefit of the technique since subjective-prone data from qualitative analysis can be validated using statistical analysis of the quantitative data. However, the approach possess several drawbacks such increased cost, effort, and time and the difficulty of handling large volumes of data.
Therefore, streamlining of the manufacturing industry, to identify, the right samples, which will give considerable enough information, while being cost effective, will done to counter the drawbacks of the mixed-method approach. Hence, a sample of 50 organizations will be selected from the enterprise manufacturing sector and manufacturing information system vendors, whereby, thirty of which are expected to take part in the study.
Random sampling will be used to identify a group of employees, and management members from enterprise and information system vendors’ organization in the manufacturing industry. The expected guaranteed response rate of the random samples in this study is expected to be 90%, which will be adequate sample to generate the expected primary data. According to Creswell and Clark (2011), random sampling attracts the problem of huge population representation but aids overcoming systemic bias.
A systematic literature review of secondary materials such as journals, books, magazines, newspapers, and corporate reports will be conducted. Such materials will be searched for in physical libraries and digital libraries as well, whereby, Proquest, Google Scholar, EBSCOhost will be considered. Keywords such as Big Data, IOT, Manufacturing Cyber-security, manufacturing cyber-security requirements, among others, will be used to identify relevant materials on the topic.
Literature reviews play a vital role in convenient study work support, without having to perform resource intensive quantitative research. Additionally, the reviews will aid in generating adequate knowledge to familiarize with the subject of study. Close-ended questionnaires, and semi structured interviews will be used to collect quantitative and qualitative primary data, whereby, questionnaires will focus on acquiring quantitative data, while interviews will be used to gather quantitative data. Analysis of the qualitative data will be done by categorizing the lengthy interview statements into evident themes or groups, whereby inferences can be drawn. Quantitative data will be analysed using statistical tools such SPSS and MS Excel.
Considering the paradigm shift in the manufacturing industry from the product-focused to service-oriented manufacturing organizations due to immense potential that the latter possesses, the study will focus on the information security requirements, such as managing the ever increasing attacks for instance, denial of service attacks and reducing vulnerabilities, of the modern manufacturing[H2] . In addition, acknowledging that service oriented manufacturing heavily relies on automated process, which pose a high risk of cyber-attacks, the proposed research will focus on understanding cyber-security in the state-of-the-art manufacturing.
Specifically, the emergence of robust technologies such as the Internet of Things (IoT) and Big-Data, which introduce new opportunities and risks such as improved AI and cyber-attacks respectively, is one of the motivationshere; service-oriented manufacturing will be perceived in the context of such information technology capabilities. In this regard, ways to develop digital intelligence architecture, which rely on data to provide improved cyber security in the manufacturing sector will be explored in the proposed study. Specifically, the proposed research will examine the possibility of using data-driven techniques to quantify requirements of cyber security, develop efficient defence mechanisms, create adaptive and autonomous response techniques, and assess the damage of cyber-attacks in manufacturing.
The study will primarily focus on developing a data driven information security system, with digital intelligence capabilities, to counter ever increasing cyber-security threats in the manufacturing industry. In that regard, the study will seek to understand effective strategies for cyber-attack effects on manufacturing system quantification and establish cyber-security requirements in a manufacturing oriented business. Further, the research aims at outlining a working defence architecture for manufacturing systems and create an independent and adaptive cyber-attack security architecture for quick recovery in case of attacks in the manufacturing systems. Finally, the study will consider validating the proposed framework and model. Digital Intelligence Architecture
In pursuit of the above, the study will identify an adequate sample of manufacturing industries with automated services especially purchases and supply chains. Further, some manufacturing industry system developers will be considered. Finally, the study will analyse previous studies conducted less than ten years ago. With that kind of approach, it is expected that adequate information will be generated to enable valid conclusions regarding the research gap identified in this proposal. However, several challenges are expected in the process of undertaking the task.
One of the major limitations of the study most of the areas that will be considered, such as Big Data and IoT, are very dynamic ;hence, are changing at a very high speed due to the level of investment in terms of research and finance that the fields are getting (Babiceanu & Seker 2016).Therefore, if such changes are too much, they might make the study conclusions irrelevant because they will not reflect the situation on the ground, especially if they take place within the time of carrying out of research. In addition, the issue of dynamic technologies being factored in the study will affect the time that its conclusion will remain relevant.
Sampling is another limitation of the study, whereby, identifying an adequate sample to represent the entire manufacturing industry will is not possible; hence, the findings might not represent the entire industry. According to Boyson (2014) manufacturing industry is so diverse such that acquiring a good representation of every firm might take large samples; hence, studies involving such samples might take large amount of time to conduct. Therefore, the study will have to use streamlining techniques whereby realistic samples can be achieved to conduct the research.
This section will involve reviewing of the existing literature related to cyber security in the manufacturing sector to identify the possibility of using data driven techniques to prevent, and effectively responding to cyber-attacks incidences. Peer reviewed journal articles are considered the best sources provide information related to business continuity in the manufacturing industry. The selecting of databases was done based on relevance to the study area. In addition, a number of accessed resources databases were re-categorised and reviewed for easy organisation, among which are: Digital Intelligence Architecture
Table 1: Resource Database Listing
|Digital Libraries||Scopus, IeeeXplore, ACM, Web of Science, Google Scholars.|
|Electronic Resources||Elsevier Science Journal, Springer Journals.|
Table 2: Research method for scientific references
|Search Terms||(Cyber Security * AND Data-Driven * AND Manufacturing *) AND (Cyber Security and Big Data* AND Manufacturing*). Cyber Security – Data-Driven Cyber Security – Big Data Security – Cyber-Physical Security – Manufacturing Cyber Security|
|Review Date||Resources with publication dates from 2013-2017.|
|Relevance||Resources listed as far as the first forty.|
|Language||Resources with publication in English Language.|
|Authorship||Resources with clearly indicated authors.|
Figure 1 Resource Database Documents by year
Figure 2 Resource Database Documents by subject area
The review was done based on four major areas of manufacturing security as noted from current literatures. These include
- Theories related to data driven strategies and cyber security.
- Game Theory for Cyber Security
- Deterrence Theory and Cyberspace.
- Quantifying the Damage of Cyber Attacks.
- Ascertaining Cyber Security Requirements.
- Adaptive and Autonomous Response to Cyber Attacks.
A summarised representation of the reviewed papers and application areas are presented in table below:
Table 3: Elements considered in the research
|N||Paper||Authors||Elements considered in the research|
|Introduction||Theories Related to Data Driven Strategies and Cyber Security||Quantifying the Damage of Cyber Attacks||Ascertaining Cyber Security Requirements||Adaptive and Autonomous Response to Cyber Attacks||Overview and Open Research Areas|
|Game Theory for Cyber Security||Deterrence Theory and Cyberspace|
|Review of cybersecurity issues in industrial critical infrastructure: manufacturing in perspective||Ani and Tiwari (2017)||P||P|
|Big Data and virtualization for manufacturing cyber-physical systems: A survey of the current status and future outlook||Babiceanu and Seker (2016)||P||P||There is the issue of cyber security, whereby, defense architecture based on game theory.|
|Cyber supply chain risk management: Revolutionizing the strategic control of critical IT systems||Boyson (2014)||P||P||Strategies based on game theory to information and cyber security issues is attracting immense interest to establish the nature of warfare between attackers and defenders|
|Smart Cities as Cyber-Physical Social Systems||Cassandras (2016)||P||Cyber risks estimation may never become an accurate science, the understanding of the reasons that cyber risks forecasts are inefficient is improving|
|The impact of cyber-physical systems on industrial services in manufacturing||Herterich et al (2015)||P||Manufacturing firms have focused on selling tangible products|
|Cyber security in the supply chain: A perspective from the insurance industry||Keegan (2014)||P||P||P||Information technology and infrastructure has made significant milestones in the recent past, thereby providing fresh opportunities.Effective security solutions|
|Subspace Methods for Data Attack on State Estimation: A Data Driven Approach||Kim, Tong and Thomas (2015)||P||Cyber risks highly depends on the type of business nuclear (outage, insurer)|
|Research letter: Issues of cyber supply chain security in Korea||Kim and Im (2014)||P||Build robust defence mechanisms, which might make attackers to stand down, knowing the cost of attacking is higher compared to the benefits realized.Focuses on retaliation, when an attack occurs.|
|Industrial automation based on cyber-physical systems technologies: Prototype implementations and challenges||Leitão, Colombo and Karnouskos (2016)||P||P||P||P||Cyber security teams in an organization not only need the results of raw scanning, but also are required to establish, which vulnerabilities compose a real threat|
|The challenge of cyber supply chain security to research and practice–An introduction’||Linton, Boyson and Aje (2014)||P||Varying games have been built in a bid to illustrate different demands for effective information warfare approaches.|
|Attack tolerant architecture for big data file systems||Madan and Banik (2014)||P||Cyber and land possess immense similarities in that entry barriers are minimal, there are numerous players, and there exists a concealment loophole|
|A Deep Convolutional Neural Network for Anomalous Online Forum Incident Classification||Pomponiu and Thing (2017)||P||There exists no organization, which can eliminate cyber risks.Business have to adopt the correct choices concerning cyber threats, acknowledging that risk mitigation is critical.|
|Data-driven analytics for cyber-threat intelligence and information sharing||Qatar et al. (2017)||P||The cyber risks is the most critical asset a company can possess.Understanding lower and upper boundaries of risks requires gathering of the general business, operational, and technical data, which can be modelled against the possible risks|
|Security in the cyber supply chain: A Chinese perspective||Rongping and Yonggang (2014)||P||P||Companies can estimate the percentage of customers that they will lose in future due to cyber-attacks.Organizations can use past incidences to identify applications with the highest risks.|
|Security issues in the security cyber supply chain in South Africa||Venter (2014)||P||P||The modern organization faces numerous vulnerabilities across the networked applications and infrastructure.|
|Security in the cyber supply chain: Is it achievable in a complex, interconnected world?||Williams (2014)||P||P||P||P||P||Game theoretic techniques are used conduct tactical analysis of existing options to respond to a cyber-threat|
There exists several theories related to cyber security, which are very helpful in understanding the requirements of cyber security that include risk mitigation approaches, defence mechanisms, and attack response strategies, among others. An in-depth discussion of such theories is provided below. Digital Intelligence Architecture
According to Keegan (2014), information technology and infrastructure has made significant milestones in the recent past, thereby providing fresh opportunities; however, complete security is yet to be achieved in the cyberspace. While there exist effective security solutions, they are ad hoc (focus on particular problems, which they designed to address) and do not possess a framework for quantitative decision-making; therefore, they fail to adequately respond to dynamic scenario.
With regard to the above information, Babiceanu and Seker (2016) proposed a holistic approach to the issue of cyber security, whereby, defense architecture based on game theory were found to possess immense potential regarding information system security. Boyson (2014) explains game theory as mathematical language to describe strategic interactions and possible outcomes. Strategies based on game theory to information and cyber security issues is attracting immense interest to establish the nature of warfare between attackers and defenders. Williams (2014) explains that game theoretic techniques are used conduct tactical analysis of existing options to respond to a cyber-threat. Leitão, Colombo and Karnouskos (2016) also notes that varying games have been built in a bid to illustrate different demands for effective information warfare approaches. Digital Intelligence Architecture
The department of computer science, Memphis University, proposed one of the game theory based solutions, known as GIDA (Game Inspired Defence Architecture). The department proposed a semi-autonomous architecture for cyber-security that was supposed to leverage a game theory to fight cyber-attacks. In the architecture, the system administrator was supposed to take a “carrot and stick” strategy to prevent an adversary.
The carrot a stick strategy is policy providing punishment and rewards to induce the adversary behaviour. A game model was the brain of the GIDA, which was supposed to choose the countermeasure after an in-depth analysis reward and cost. The game model was not attack or countermeasure specific. The department also envisioned wrapping a self-testing software module over particular parts of the system, consisting of, trade-off among the security, performance, and cost. Digital Intelligence Architecture
The solution envisioned by Memphis University also was supposed to be a distributed architecture having three parts: an administrative console, a group of game agents including the central coordinator, and a dynamic honey net. The three parts interacted in a semi-autonomous manner to offer a means of identifying, evaluating, and acting upon net flows. Particularly, the honey net offered a way of redirecting malicious flows to the honey pots instantiated dynamically to observe malicious activity and its forensic data. The administrative console was designed to offer a user interface, which allowed network state data correlation, conduct forensic of the data related to the honeypot, offer a messaging channel, and configure varying parts of the system.
According to Williams (2014), AVOIDIT is cyber security concept using a game theory, particularly a cyber-attack taxonomy offering attack vectors classification to enhance defenders with the dissemination of defence mechanisms. Memphis University utilizes five classifiers in the characterization of an attack’s nature that are classification by the target of attack, attack vector, operational impact, defence and informational impact. The solution is presented in a tree-like structure, for proper classification of common vulnerabilities, and vectors of attack utilized to launch cyber-attacks. The design of AVOIDIT was expected to provide a base for cyber security community and enhance continuous growth as defences and attacks become more complicated. Digital Intelligence Architecture
Memphis University expected AVOIDIT to become a repository schema for knowledge management system (KMS) in a local network. KMS exploits the ability of utilizing knowledge from experts and previous data to come up with a system where sharing of information in the entire organization is possible. The objective of the concept is to come up with an organization, that is, attack resilient in all of its functional areas. Knowledge management was expected to enhance accurate flow of attack data within the organization. The knowledge management system for the AVOID it classifier was designed to utilize a GIDA (Game Theoretic Inspired Architecture) system for the investigation of action attacker and defender action space determination applicability. KMS for AVOIDIT was expected to enhance integration of attack information into GIDA to enhance easy location of relevant defence approaches by the game agents.
During the cold war, the preferred popular framework for military doctrine and analysis to explain nuclear weapons influence and to conclude that nuclear powers, would not conflict with each other due to the fear of the consequences. Since then, the theoretical framework to cyberspace, as cyber deterrence. While the domains have some similar characteristics; for instance, the offensive advantage, acknowledging the difficulty and costliness of defence, there exist significant differences.
Deterrence theory dates back to the 1920s and 30s when the first flight bombers were regarded as unstoppable using the defensive mechanisms. Strategists thought that huge attacks on one’s city would only be prevented, if the opponents feared counterattacks with similar magnitude, which is known as deterrence by punishment. Convincing the opponents that their objective will be denied, in case they attack is another approach of deterrence, also known as deterrence by denial. Digital Intelligence Architecture
According to Kim and Im (2014), deterrence theory occurs in two approaches, whereby the first one is build robust defence mechanisms, which might make attackers to stand down, knowing the cost of attacking is higher compared to the benefits realized. The second approach focuses on retaliation, when an attack occurs. However, Leitão, Colombo and Karnouskos (2016) argues that the approach is not very popular in the cyber space due to the problem of identifying the source of attack.
Williams (2014) also adds that the problem of unmasking the source is a major obstacle to the applicability of the approach because digital domain naturally lenders itself to anonymity. Therefore, Williams (2014) indicates that the issue of unmasking the source attracts the third component of deterrence in the cyber space, which is known as attribution. The attribution approach of deterrence postulates a three-pronged strategy, acknowledging that responses vary between non-state and state actors. According to Madan and Banik (2014), cyber and land possess immense similarities in that entry barriers are minimal, there are numerous players, and there exists a concealment loophole. However, Ani and Tiwari (2017) indicates that cyber is also different from land in that the geographic separation between the attacker and the defender can be very large. Hence, combining the geographic separation problem and the issue of concealment, results to an immense difficulty in the attribution approach, which may diminish the fear of retaliation in the cyber world. Therefore, the first line of approach should be developing a robust defence, which is a combination of strong software and hardware to make attacks almost impossible. The second approach should be dealing with the few possible attacks in a retaliatory manner. Digital Intelligence Architecture
Cyber breaches might be the most expensive threats to companies; however, there exists few firms, which can estimate the cyber risks exposure. According to Linton, Boyson and Aje (2014), most of the companies rely on qualitative methods such as ‘heat maps’, which provide a low or high description of risks, using vague estimates, whereby the frequent small and rare large losses are lumped up together. Williams (2014) notes that such kind of an approach cannot assist managers to accurately estimate the cost of risks; hence, establishing where to invest in terms of cyber security is not possible. Therefore; in most cases, corporations adopt the wrong cyber security capabilities and obtain inadequate insurance protection to the cyber risks.
Pomponiu and Thing (2017) notes that there exists no organization which can eliminate cyber risks; hence, business have to adopt the correct choices concerning cyber threats, acknowledging that risk mitigation is critical. Cassandras (2016) indicates that, although, cyber risks estimation may never become an accurate science, the understanding of the reasons that cyber risks forecasts are inefficient is improving. Digital Intelligence Architecture
According to Qatar et al. (2017), accurate estimation of the cyber risks is the most critical asset a company can possess. Qatar et al. (2017) also notes that cyber risks fall into two categories that are those related to services shutdown, and that compromise data that range from corporate secrets, bank accounts, to sensitive data. Kim, Tong and Thomas (2015) also notes that estimating cyber risks highly depends on the type of business; for instance, a utility company’s biggest risk might be a nuclear outage, while insurer firm may be hacking or losing data. Digital Intelligence Architecture
Qatar et al. (2017) also notes that understanding lower and upper boundaries of risks requires gathering of the general business, operational, and technical data, which can be modelled against the possible risks. Keegan (2014) notes that, utilizing external and internal data related to business and operations, companies can be able to estimate probable and maximum losses for a period of one to three years, in similar manner as estimating future revenues. In addition, Rongping and Yonggang (2014), notes that companies can also estimate the percentage of customers that they will lose in future due to cyber-attacks, or the level of stock valuation due to bad reputation in case of a an attack. Organizations can also use past incidences to identify applications with the highest risks.
Therefore, although challenging, quantifying of cyber risks is feasible using data oriented techniques. Most companies, especially in the manufacturing industries should drop the inaccurate qualitative techniques and adopt data related methods of risks analysis. Using data related techniques companies can budget for the future attacks because they can achieve a smaller margin of error in estimating the costs of future attacks compared to the past.
According Keegan (2014), the current methodologies for assessing risk fail to fit real in the wild attack data, while the post attack risk mitigation techniques are have more impacts, are highly dangerous to the organization, and increasingly costly compared to pre disaster mitigation techniques. With the current techniques that are based on (CVSS) Common Vulnerability Scoring System possessing several fatal flaws, new mechanisms, probably data driven techniques, are required. Digital Intelligence Architecture
Babiceanu and Seker (2016) notes that for an organization to utilize the plethora of data to adopt intelligent decisions, which reduce the risk to infrastructure and applications, there are several things that must be done to enhance action ability and value ability of such information. One such action is correlating and cleaning the vulnerability scanner data whereby the False Positives are extracted from the vulnerability assessment results by testing out probable exploits while utilizing multiple sources of data to flag possible False Negatives. When the best solution is established for each security layer; the probability of landing on a specific vulnerability multiple times and identified by varying sources increases. In addition, chances of having multiple vulnerabilities being flagged on multiple fields of the same category increases; hence, the developer can solve a number of problems using one fix.
The next step of making data valuable and actionable is correlating between disparate data sources, which involves techniques such as data mining vulnerability assessment, reviewing of results, and penetration testing. Since the ultimate goal is to come up with an automated and intelligent solution that can solve multiple security issues, action number three involves relating asset groups of risks to each other. Action 3 enhances understanding of existing risks to a particular platform through mapping of the platform’s assets together, including related security vulnerabilities. Rongping and Yonggang (2014) indicates that developing of intelligent systems for cyber security using the steps described above, heavily relies on data, whereby the understanding of the requirements is highly understood. For instance, step one, which involves removing of False Negatives, increases the understanding of system requirements, whereby the relevant on ones are separated with the least relevant, while step three improves the understanding of cyber-security platforms requirements through mapping of vulnerability and risks involved. Digital Intelligence Architecture
According to Venter (2014), the modern organization faces numerous vulnerabilities across the networked applications and infrastructure; however, only a few vulnerabilities cause most of internet breaches. The real-time risk, which a specific vulnerability poses to a company, is highly critical compared to its density, volume, and previous rankings. Leitão, Colombo and Karnouskos (2016) insists that cyber security teams in an organization not only need the results of raw scanning, but also are required to establish, which vulnerabilities compose a real threat.
Williams (2014) indicates that serious cyber security teams assess risk across the entire asset layers such as host and networks, applications, and databases. Williams (2014) also explains that most organizations dealing with a considerable large environment are not struggling with managing data from vulnerability penetration test, assessment, and modelling of threats to fix critical sections first.
According to Leitão, Colombo and Karnouskos (2016), there exist no cyber-security threat defence mechanism that can guarantee total security free of attacks. Therefore, adaptive and autonomous techniques to respond to attacks when they happen are required, whereby; the time taken to recover from disasters should be as minimum as possible. Venter (2014) also insists that response mechanisms should be able to learn from an attack to prevent similar attacks in future. Such response mechanisms get better in terms of efficiency as they encounter more and more attacks. Digital Intelligence Architecture
Ani, U. P. D., He, H. (Mary) and Tiwari, A. (2016) ‘Review of cybersecurity issues in industrial critical infrastructure: manufacturing in perspective’, Journal of Cyber Security Technology. Taylor & Francis, 0(0), pp. 1–43. doi: 10.1080/23742917.2016.1252211.
Babiceanu, R. F. and Seker, R. (2016) ‘Big Data and virtualization for manufacturing cyber-physical systems: A survey of the current status and future outlook’, Computers in Industry. Elsevier B.V., 81, pp. 128–137. doi: 10.1016/j.compind.2016.02.004.
Boyson, S. (2014) ‘Cyber supply chain risk management: Revolutionizing the strategic control of critical IT systems’, Technovation. Elsevier, 34(7), pp. 342–353. doi: 10.1016/j.technovation.2014.02.001.
Cassandras, C. G. (2016) ‘Smart Cities as Cyber-Physical Social Systems’, Engineering. THE AUTHORS, 2(2), pp. 156–158. doi: http://dx.doi.org/10.1016/J.ENG.2016.02.012.
Herterich, M. M., Uebernickel, F. and Brenner, W. (2015) ‘The Impact of Cyber-physical Systems on Industrial Services in Manufacturing’, Procedia CIRP. Elsevier B.V., 30, pp. 323–328. doi: 10.1016/j.procir.2015.02.110.
Keegan, C. (2014) ‘Cyber security in the supply chain: A perspective from the insurance industry’, Technovation. Elsevier, 34(7), pp. 380–381. doi: 10.1016/j.technovation.2014.02.002.
Kim, J., Tong, L., Thomas, R. J. and Fellow, L. (2015) ‘Subspace Methods for Data Attack on State Estimation : A Data Driven Approach’, 63(5), pp. 1102–1114.
Kim, K. C. and Im, I. (2014) ‘Research letter: Issues of cyber supply chain security in Korea’, Technovation, 34(7), pp. 387–388. doi: 10.1016/j.technovation.2014.01.003.
Leitão, P., Colombo, A. W. and Karnouskos, S. (2016) ‘Industrial automation based on cyber-physical systems technologies: Prototype implementations and challenges’, Computers in Industry, 81, pp. 11–25. doi: 10.1016/j.compind.2015.08.004.
Linton, J. D., Boyson, S. and Aje, J. (2014) ‘The challenge of cyber supply chain security to research and practice – An introduction’, Technovation, 34(7), pp. 339–341. doi: 10.1016/j.technovation.2014.05.001.
Madan, B. B. and Banik, M. (2014) ‘Attack Tolerant Architecture for Big Data File Systems’, ACM SIGMETRICS Performance Evaluation Review, 41(4), pp. 65–69. doi: 10.1145/2627534.2627556.
Qamar, S., Anwar, Z., Rahman, M. A., Al-Shaer, E. and Chu, B.-T. (2017) ‘Data-driven analytics for cyber-threat intelligence and information sharing’, Computers & Security. Elsevier Ltd, 67, pp. 35–58. doi: 10.1016/j.cose.2017.02.005.
Rongping, M. and Yonggang, F. (2014) ‘Security in the cyber supply chain: A Chinese perspective’, Technovation. Elsevier, 34(7), pp. 385–386. doi: 10.1016/j.technovation.2014.02.004.
Security, C. (2017) ‘A Deep Convolutional Neural Network for Anomalous Online Forum Incident Classification’, 0. doi: 10.3233/978-1-61499-744-3-57.
Venter, H. S. (2014) ‘Security issues in the security cyber supply chain in South Africa’, Technovation. Elsevier, 34(7), pp. 392–393. doi: 10.1016/j.technovation.2014.02.005.
Williams, C. (2014) ‘Security in the cyber supply chain: Is it achievable in a complex, interconnected world?’, Technovation, 34(7), pp. 382–384. doi: 10.1016/j.technovation.2014.02.003.
Wu, D., Terpenny, J., Zhang, L., Gao, R., Kurfess, T. 2016, ‘Fog-Enabled Architecture for Data-Driven Cyber-Manufacturing Systems’, Proceedings of the ASME 2016 International Manufacturing Science and Engineering Conference MSEC2016 June 27-July 1, 2016, Blacksburg, Virginia, USA.
Creswell, J & Clark, V 2011, Designing and conducting mixed methods research, SAGE Publications.
explain what is the huge threat?
[H2]explain the requirements of the modern manufacturing?