Manufacturing cybersecurity threat attributes and countermeasures: Review, meta-taxonomy, and use cases of cyberattack taxonomies

Abstract

The threat of cyberattacks on smart manufacturing systems has been rapidly growing with the potential for a multitude of different attack types, varying from traditional espionage to sabotaging physical assets and products. A thorough and systematic understanding of the different elements of cyberattacks, from motivation to potential consequences and respective countermeasures, is a crucial stepping-stone towards proactive management of manufacturing cybersecurity risks. This understanding is essential for developing the necessary tools to identify, prevent, detect, diagnose, and mitigate cyberattacks. In response, several attack taxonomies have been proposed in the literature as methods for recognizing and categorizing various attributes of cyberattacks, including potential attack vectors/methods, targets/locations, and consequences. However, those taxonomies only cover selected attack attributes depending on the research focus, sometimes accompanied by inconsistent naming and definitions. These seemingly different taxonomies often overlap and can complement each other to create a comprehensive knowledge base of cyberattack attributes that is currently missing in the literature. Additionally, there is a missing link from creating structured knowledge by using a taxonomy to applying this structure for cybersecurity tools development and aiding practitioners in using it. To tackle these challenges, first, this article reviews and analyzes current taxonomical classifications of manufacturing cybersecurity threat attributes and countermeasures, as well as the proliferation of the scope and coverage in current taxonomies. As a result, these taxonomies are compiled into a more comprehensive and consistent meta-taxonomy for the smart manufacturing space. The resulting meta-taxonomy provides a holistic analysis of current taxonomies and integrates them into a unified structure. Based on this structure, this paper identifies gaps in current attack taxonomies and provides directions for future improvements. Finally, the paper introduces potential use cases for attack taxonomies in smart manufacturing systems for assessing security threats and their associated risks, devising risk mitigation strategies, and informing the application of cybersecurity frameworks.