Editor's Choice


Protecting manufacturers from cyberattacks using digital twins

29 March 2023 Editor's Choice

As more robots and other manufacturing equipment become remotely accessible, new entry points for malicious cyberattacks are created. To keep pace with the growing cyber threat, a team of researchers at the National Institute of Standards and Technology (NIST) and the University of Michigan devised a cybersecurity framework that brings digital twin technology together with machine learning (ML) and human expertise to flag indicators of cyberattacks.

The NIST and University of Michigan researchers demonstrated the feasibility of their strategy by detecting cyberattacks aimed at a 3D printer. It was also noted that the framework could be applied to a broad range of manufacturing technologies.

Cyberattacks can be incredibly subtle and thus difficult to detect, but operational data describing what is occurring within machines – sensor data, error signals, and digital commands being issued or executed – could support cyberattack detection. However, directly accessing this kind of data in near-real time from operational technology devices, such as a 3D printer, could put the performance and safety of the process on the factory floor at risk.

“Typically, I have observed that manufacturing cybersecurity strategies rely on copies of network traffic that do not always help us see what is occurring inside a piece of machinery or process,” said NIST mechanical engineer Michael Pease, a co-author of the study. “As a result, some operational technology cybersecurity strategies seem analogous to observing the operations from the outside through a window; however, adversaries might have found a way onto the floor.”

Without looking under the hood of the hardware, cybersecurity professionals may be leaving room for malicious actors to operate undetected.

The digital mirror

Digital twins are closely tied to their physical counterparts, from which they extract data and run alongside in near-real time. Therefore, when it’s not possible to inspect a physical machine while it’s in operation, its digital twin is the next best thing.

In recent years, digital twins of manufacturing machinery have armed engineers with an abundance of operational data, helping them accomplish a variety of feats, including predicting when parts will start to break down and require maintenance. In addition to spotting routine indicators of wear and tear, however, digital twins could help find something more within manufacturing data, stated the authors of the study.

“Because manufacturing processes produce such rich data sets – temperature, voltage, current – and they are so repetitive, there are opportunities to detect anomalies that stick out, including cyberattacks,” said Dawn Tilbury, a professor of mechanical engineering at the University of Michigan and study co-author.

To seize the opportunity presented by digital twins for tighter cybersecurity, the researchers developed a framework entailing a new strategy, which they tested out on an off-the-shelf 3D printer.

The team built a digital twin to emulate the 3D printing process and provided it with information from the real printer. As the printer built a part (a plastic hourglass in this case), computer programs monitored and analysed continuous data streams including both measured temperatures from the physical printing head and the simulated temperatures being computed in real time by the digital twin.

The researchers launched waves of disturbances at the printer. Some were innocent anomalies, such as an external fan causing the printer to cool, but others represented something more nefarious. Even with the wealth of information at hand, the team’s computer programs distinguish a cyberattack from something more routine by using a process of elimination.

The programs analysing both the real and digital printers were pattern-recognising machine learning models trained on normal operating data. Therefore, the models were adept at recognising what the printer looked like under normal conditions, which meant that they could tell when things were out of the ordinary.

If these models detected an irregularity, they passed the baton off to other computer models that checked whether the strange signals were consistent with anything in a library of known issues, such as the printer’s fan cooling its printing head more than expected. Then the system categorised the irregularity as an expected anomaly or a potential cyber threat.

In the last step, a human expert is meant to interpret the system’s finding and then make a decision. Generally speaking, the human would either confirm the cybersecurity system’s suspicions or teach it a new anomaly to store in the database. And then as time goes on, the models in the system would theoretically learn more and more, and the human expert would need to be less involved.

In the case of the 3D printer, the team checked its cybersecurity system’s work and found it was able to correctly sort the cyberattacks from normal anomalies by analysing physical and emulated data.

Despite the promising experiment, the researchers’ next plan is to study how the framework responds to more varied and aggressive attacks, ensuring the strategy is reliable and scalable. “With further research, this framework could potentially be a huge win-win for both maintenance and monitoring, for indications of compromised operational technology systems,” Pease said.




Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

PCIe 7.0 technology. Too soon or not fast enough?
Spectrum Concepts Editor's Choice
Data scientists, AI system architects, IC designers, optical engineers, interconnect providers like Samtec, and other solutions providers, are rethinking system topologies.

Read more...
From the editor's desk: Trekkie on my mind
Technews Publishing Editor's Choice
This year’s exciting announcement was in the non-terrestrial network sector with many NTN chips being released, promising communications from anywhere on Earth.

Read more...
Cree: Illuminating the future of LED technology
Altron Arrow Editor's Choice Opto-Electronics
As a pioneer in this field, Cree LED has been instrumental in shaping the LED landscape, driving innovation and performance in this sector.

Read more...
RFID in aviation: the ultimate solution to baggage mishandling
Osiris Technical Systems Editor's Choice Telecoms, Datacoms, Wireless, IoT
Creating a solution that enables real-time tracking of airline baggage on a global scale seems like an impossible task when considering the number of airlines, airports, and passengers that flow through and between them.

Read more...
The power of UWB
EBV Electrolink Editor's Choice Telecoms, Datacoms, Wireless, IoT
Ultra-Wideband, the robust wireless communications technology commonly known as UWB, is such a versatile technology, capable of doing so many different things, that it can be hard to categorise.

Read more...
SBC with Intel N-series processor
Vepac Electronics Editor's Choice
The UP 710S represents the evolution of the credit card-sized form factor, adding new, sought-after features and performance.

Read more...
Eight ways temporary solder mask is used for electronic assembly
Testerion Editor's Choice Manufacturing / Production Technology, Hardware & Services
While it is most used to mask open vias in a wave soldering process, operators find all kinds of creative ways to use solder mask to solve process challenges.

Read more...
How ADI battery management solutions empower safer, smarter robots
Altron Arrow Editor's Choice Power Electronics / Power Management
Choosing an appropriate battery pack and its accompanying battery management system is a critical decision in designing an autonomous mobile robot.

Read more...
New element reduces power consumption of AI
Editor's Choice
By mimicking the energy-efficient operation of the human brain, TDK’s neuromorphic element could cut the power consumption of AI applications down to 1/100th of traditional devices.

Read more...
From humble beginnings to industry excellence
Seven Labs Technology Editor's Choice
Seven Labs strives to offer a more integrated service offering, which can provide customers with an easier route to acquiring the components and services they need. This offering includes various software- and service-related products.

Read more...