Abstract
Emerging smart manufacturing technologies combine physical production networks with digital IT systems, resulting in complex smart factory networks, which are especially vulnerable to IT security risks, such as IT component non-availabilities. Companies must employ extensive IT security measures to secure their production facilities. However, complex network structures and inherent dependencies of smart factory networks complicate corresponding investment decisions and increase the need for appropriate decision support. We develop a risk assessment model that supports companies in the investment decision-making process regarding IT security measures by identifying and evaluating the most critical areas of the information network while considering the underlying production network. For this purpose, IT availability risks are quantified by means of graph theory, matrix notation, and value-at-risk. Our model provides a structured approach and considers network structures and interdependencies. The insights gained by our model present a profound economic basis for investment decisions on IT security measures. By applying our model in an exemplary real-world setting, we analyze various IT security measures and their risk reduction effect.
Highlights
Technological trends, such as the Internet of Things (IoT), cyber-physical systems (CPS), and other smart manufacturing technologies turn conventional production facilities into so-called smart factories (Lasi et al 2014)
The insights gained by our model present a profound economic basis for investment decisions on IT security measures
Especially IT security risks are of central importance as smart factory networks rely on communication and real-time information synchronization and, depend on the underlying IT systems, which are mandatory for the reliable operation of the production infrastructure (Zuehlke 2010; Yoon et al 2012; Tupa et al 2017)
Summary
Technological trends, such as the Internet of Things (IoT), cyber-physical systems (CPS), and other smart manufacturing technologies turn conventional production facilities into so-called smart factories (Lasi et al 2014). The Stuxnet incident revealed that the interconnectedness of applications presents a serious security issue and demonstrated that even the control system’s disconnection from the Internet as well as personal access restrictions are insufficient as protection for industrial control systems (Karnouskos 2011) Considering these threat scenarios, companies must employ IT security measures to secure their CPS infrastructure against IT availability risks. To support companies in their corresponding decision processes, we develop a structured approach for the identification and evaluation of a smart factory network’s most critical areas regarding IT availability risks and formulate the following two research questions: RQ1 How can a smart factory network, consisting of dependent and connected production components and IT systems, be modeled and formalized?.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
