Cyber risk in advanced manufacturing

1. +
Cyber Risk in Advanced
Manufacturing
Marco Armoni
Cyber Security Expert – A.I. Researcher
AIPSI – Italian Chapter of ISSA

2. AIPSI, Associazione Italiana Professionisti Sicurezza Informatica
 Capitolo italiano di ISSA, Information Systems Security Association, (www.issa.org)
• >>10.000 Soci, la più grande associazione non-profit di professionisti della Sicurezza ICT
 AIPSI è il punto di aggregazione sul territorio e di trasferimento di know-how per i professionisti della sicurezza
digitale, sia dipendenti sia liberi professionisti ed imprenditori del settore
 Primari obiettivi AIPSI
• Aiutare i propri Soci nella crescita professionale e quindi nella crescita del loro business
• offrire ai propri Soci servizi qualificati per tale crescita, che includono
• Convegni, workshop, webinar sia a livello nazionale che internazionale via ISSA
• Rapporti annuali e specifici OAD, Osservatorio attacchi Digitali in Italia
• Supporto nell’intero ciclo di vita professionale
• Formazione specializzata e supporto alle certificazioni, in particolare eCF Plus (EN 16234-1:2016, in Italia UNI
11506) Contribuire alla diffusione della cultura e la sensibilizzazione per la sicurezza informatica agli utenti
digitali
 Collaborazione con varie Associazioni ed Enti per eventi ed iniziative congiunte: AICA, Assintel, Assolombarda, Anorc,
CSA Italy, FidaInform, FTI, Inforav, Polizia Postale, Smau, i vari ClubTI sul territorio, ecc.
 Sede Centrale: Milano Sedi territoriali : Ancona-Macerata, Lecce, Torino, Verona-Venezia
 Contatti: aipsi@aipsi.org, segreteria@aipsi.org

3. Iniziativa OAD, Osservatorio Attacchi Digitali in Italia (ex OAI)
• Che cosa è
• Indagine via web sugli attacchi digitali intenzionali ai sistemi informatici in Italia
• Obiettivi iniziativa
• Fornire informazioni sulla reale situazione degli attacchi digitali in Italia
• Contribuire alla creazione di una cultura della sicurezza informatica in Italia, sensibilizzando in particolare i vertici delle
aziende/enti ed i decisori sulla sicurezza informatica
• Che cosa fa
• Indagine generale annuale e specifiche su argomenti caldi, condotte attraverso un questionario on-line indirizzato a CIO, CISO,
CSO, ai proprietari/CEO per le piccole aziende
• Come
• Rigore, trasparenza, correttezza, assoluta indipendenza (anche dagli Sponsor)
• Rigoroso anonimato per i rispondenti ai questionari
• Collaborazione con numerose Associazioni (Patrocinatori) per ampliare il bacino dei rispondenti e dei lettori
Tutti i Rapporti OAD ( e OAI) pubblicati dal 2008 ad oggi sono scaricabili gratuitamente da
https://www.aipsi.org/aree-tematiche/osservatorio-attacchi-digitali/precedenti-rapporti-oad-oai.html
AIPSI sta organizzando l’edizione OAD 2018: sul sito AIPSI troverete il Questionario chi vi invitiamo a compilare !!

4. Cyber Risk in Advanced Manufacturing
Manufacturers drive extensive innovation in products,
manufacturing process,
and industrial ecosystem relationships,
in order to compete in a changing global marketplace.

5. Cyber Risk in Advanced Manufacturing
Key cyber risk themes
 Executive and board level engagement
 Talent and human capital
 Industrial control systems (ICS)
 Connected products
 Industrial ecosystem
 Intellectual property

6. Cyber Risk in Advanced Manufacturing
Themes Evidences
 Engage the board to develop a business-driven cyber risk program
 Be purposeful in addressing talent-related challenges
 Remain vigilant in protecting critical IP investments
 Harden security, implement monitoring, and incident response for industrial control systems
 Design cyber risk management mechanisms into connected products before deployment
 Identify and address emerging cyber risks in the industrial ecosystem
 The changing nature of the cyberthreat landscape

7. Cyber Risk in Advanced Manufacturing
Threats
Normal Threats Consideration

8. Cyber Risk in Advanced Manufacturing

9. Cyber Risk in Advanced Manufacturing
Norse World
Cyber Attack Map

10. Cyber Risk in Advanced Manufacturing
Do You Have Considered
Manufacturing ?

11. Cyber Risk in Advanced Manufacturing
PLC / ICT Integration Layer
Threats
(Cyber Attack)
Threats
(Old Firmware
Default Option)

12. Cyber Risk in Advanced Manufacturing
Manufacturing
Security
Cyber Safety Maintenance

13. Cyber Risk in Advanced Manufacturing
Proposal for an A.I. Security and Maintenance
Monitoring System

14. Cyber Risk in Advanced Manufacturing
Project Reseach History
Earth Modeling (Parallel Computing for Large Data)
First Diagnostic Helper System (Decisional Matrix)
(Isabel Project)  Spinoff
Diagnostic Helper System I Release (Neural Network)
Diagnosis from real time data
Diagnostic Helper System II Release (Neural Network + Bayesian Network)
Diagnosis and Prediction from real time data

15. Cyber Risk in Advanced Manufacturing
 Manufacturing Sensor System

16. Cyber Risk in Advanced Manufacturing
 Manufacturing Sensor System

17. Cyber Risk in Advanced Manufacturing
Neuron
Neuron Replication
Neural Network
Neural Elaboration

18. Cyber Risk in Advanced Manufacturing
 Neuron Function

19. Cyber Risk in Advanced Manufacturing
 Neuronal Network

20. Cyber Risk in Advanced Manufacturing
 Simple Neural Network Learning (Perceptron)

21. Cyber Risk in Advanced Manufacturing
 Cyber Threat Detection Using Neural Network

22. Cyber Risk in Advanced Manufacturing
 First System Module (Data Acquisition  Analysis Module)
Automated
Manufacturing
System Lines
(Sensors)
Analysis Module
(Dataset Comparison 
Decision Matrix 
Regression Process)

23. Cyber Risk in Advanced Manufactoring
 Dataset Comparison  Decision Matrix
From Neural Processor
AlarmConsole
TriggerActions
Regression To Learn Data

24. Cyber Risk in Advanced Manufacturing
 Decision Tree Simulation

25. Cyber Risk in Advanced Manufacturing
 Decision Tree Pratical Example

26. Cyber Risk in Advanced Manufacturing
 Bayesian Network & Prediction Module
Analysis Module
(Dataset Comparison 
Decision Matrix 
Regression Process)
Prediction
Message
Bayesian
Network

27. Cyber Risk in Advanced Manufacturing
 Bayesian Probability Formula

28. Cyber Risk in Advanced Manufacturing
 Bayesian Network Distribution

29. Cyber Risk in Advanced Manufacturing
 Bayesian Network Example

30. Cyber Risk in Advanced Manufacturing
 BBN for System Health

31. Cyber Risk in Advanced Manufacturing
 BBN  NPT (Node Probability Table)

32. Cyber Risk in Advanced Manufacturing
 BBN  NPT Graphic Representation

33. Cyber Risk in Advanced Manufacturing
 Classification with Bayesian Network
Number to recognize
Percentage of recognition

34. Cyber Risk in Advanced Manufacturing
 Health and Cyber Threats Monitoring and Management System Structure
DataAcquisition
NeuralNetwork
Classification
IssueAnalysis
DecisionMatrix
Bayesian
Network
Prediction
Alarm Console
Triggered Action
Probability
Determination

35. Cyber Risk in Advanced Manufacturing
 Health and Cyber Threats Monitoring and Management System Structure
 Deterministic (Neuron) and Probabilistic (Bayes) Approach
 Simple to Understand  Logical Approach with Simple Logical
Mathematical Theories
 Simple to Compile  Python Language Oriented
 Simple to integrate with more PLC System through Data Gateway
 Simple to Organize for many Manufacturing System

36. Cyber Risk in Advanced Manufacturing
 Effect of Cyber Attack on PLC (Real Simulation from CNN)
First Effect after Hacking
Machine Crash after Hacking

37. Cyber Risk in Advanced Manufacturing
 Health and Cyber Threats Monitoring and Management System Structure
The Future ?
 Autogeneration Neurons + Autogeneration Synapsis to increase data
mining (classification & elaboration)
 Data Gathering direct from Signals (collect direct on sensors with IP
sensors)

38. Cyber Risk in Advanced Manufacturing
Thank You
For Information and Mathematical Paper email to: marco.armoni@studioarmoni.com
Marco Armoni
Cyber Security Expert – A.I. Researcher