TY - JOUR
T1 - SafeMan
T2 - A unified framework to manage cybersecurity and safety in manufacturing industry
AU - Perales Gómez, Ángel Luis
AU - Fernández Maimó, Lorenzo
AU - Huertas Celdrán, Alberto
AU - García Clemente, Félix J.
AU - Gil Pérez, Manuel
AU - Martínez Pérez, Gregorio
N1 - Funding Information:
This work has been funded by Spanish Ministry of Science, Innovation and Universities, FEDER funds, under grant RTI2018‐095855‐B‐I00, and the Government of Ireland, through the IRC post‐doc fellowship (grant code GOIPD/2018/466).
Publisher Copyright:
© 2020 John Wiley & Sons, Ltd.
PY - 2021/3
Y1 - 2021/3
N2 - Industrial control systems (ICS) are considered cyber-physical systems that join both cyber and physical worlds. Due to their tight interaction, where humans and robots co-work and co-inhabit in the same workspaces and production lines, cyber-attacks targeting ICS can alter production processes and even bypass safety procedures. As an example, these cyber-attacks could interrupt physical industrial processes and cause potential injuries to workers. In this article, we present SafeMan, a unified management framework based on the Edge Computing paradigm that provides high-performance applications for the detection and mitigation of both cyber-attacks and safety threats in industrial scenarios. Three use cases show specific threats in manufacturing as well as the SafeMan actions carried out to detect and mitigate them. In order to validate our proposal, a pool of experiments was performed with Electra, an industrial dataset with normal network traffic and different cyber-attacks by using a given number of Modbus TCP and S7Comm devices. The experiments measured the runtime performance of anomaly detection techniques based on machine learning and deep learning to detect cyber-attacks in control networks. The experimental results show that Neural Networks report the best performance, being able to examine 217 feature vectors per second over Electra, and therefore demonstrating that it can be used as detection model for SafeMan in real scenarios.
AB - Industrial control systems (ICS) are considered cyber-physical systems that join both cyber and physical worlds. Due to their tight interaction, where humans and robots co-work and co-inhabit in the same workspaces and production lines, cyber-attacks targeting ICS can alter production processes and even bypass safety procedures. As an example, these cyber-attacks could interrupt physical industrial processes and cause potential injuries to workers. In this article, we present SafeMan, a unified management framework based on the Edge Computing paradigm that provides high-performance applications for the detection and mitigation of both cyber-attacks and safety threats in industrial scenarios. Three use cases show specific threats in manufacturing as well as the SafeMan actions carried out to detect and mitigate them. In order to validate our proposal, a pool of experiments was performed with Electra, an industrial dataset with normal network traffic and different cyber-attacks by using a given number of Modbus TCP and S7Comm devices. The experiments measured the runtime performance of anomaly detection techniques based on machine learning and deep learning to detect cyber-attacks in control networks. The experimental results show that Neural Networks report the best performance, being able to examine 217 feature vectors per second over Electra, and therefore demonstrating that it can be used as detection model for SafeMan in real scenarios.
KW - anomaly detection
KW - cybersecurity
KW - deep learning
KW - industrial control system
KW - machine learning
KW - safety
UR - http://www.scopus.com/inward/record.url?scp=85089084831&partnerID=8YFLogxK
U2 - 10.1002/spe.2879
DO - 10.1002/spe.2879
M3 - Article
AN - SCOPUS:85089084831
SN - 0038-0644
VL - 51
SP - 607
EP - 627
JO - Software - Practice and Experience
JF - Software - Practice and Experience
IS - 3
ER -