skip to main content

DOE PAGESDOE PAGES

Title: Framework for Identifying Cybersecurity Risks in Manufacturing

Increasing connectivity, use of digital computation, and off-site data storage provide potential for dramatic improvements in manufacturing productivity, quality, and cost. However, there are also risks associated with the increased volume and pervasiveness of data that are generated and potentially accessible to competitors or adversaries. Enterprises have experienced cyber attacks that exfiltrate confidential and/or proprietary data, alter information to cause an unexpected or unwanted effect, and destroy capital assets. Manufacturers need tools to incorporate these risks into their existing risk management processes. This article establishes a framework that considers the data flows within a manufacturing enterprise and throughout its supply chain. The framework provides several mechanisms for identifying generic and manufacturing-specific vulnerabilities and is illustrated with details pertinent to an automotive manufacturer. Finally, in addition to providing manufacturers with insights into their potential data risks, this framework addresses an outcome identified by the NIST Cybersecurity Framework.
Authors:
 [1] ;  [2] ;  [2] ;  [2] ;  [3] ;  [2]
  1. Sandia National Lab. (SNL-CA), Livermore, CA (United States)
  2. Univ. of California, Berkeley, CA (United States)
  3. Purdue Univ., West Lafayette, IN (United States)
Publication Date:
Report Number(s):
SAND-2014-19551J
Journal ID: ISSN 2351-9789; PII: S2351978915010604
Grant/Contract Number:
AC04-94AL85000
Type:
Accepted Manuscript
Journal Name:
Procedia Manufacturing
Additional Journal Information:
Journal Volume: 1; Journal Issue: C; Conference: 43. North American Manufacturing Research Conference, NAMRC 43, UNC Charlotte, NC (United States), 8-12 Jun 2015; Journal ID: ISSN 2351-9789
Publisher:
Elsevier
Research Org:
Sandia National Lab. (SNL-CA), Livermore, CA (United States)
Sponsoring Org:
USDOE National Nuclear Security Administration (NNSA)
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING; Cybersecurity; Risk; Data Analytics; Advanced Manufacturing
OSTI Identifier:
1340252