[ PDF |
BibTeX |
EndNote |
RIS |
Word ]
Cybersecurity Threats and Attacks in Modern Manufacturing
By Achim D. Brucker.
Modern manufacturing relies heavily on highly integrated IT systems. While various terms – such as Industry 4.0, Cyber-Physical Production Systems, and the Industrial Internet of Things (IIoT) – describe these systems, they all share a common characteristic: the fusion of enterprise software with sensors and actuators. This creates a complex IT landscape comprising devices with diverse computational capabilities, operating systems, and software versions. Additionally, many manufacturing environments must integrate legacy systems that were never designed to be connected to the internet, further complicating security efforts.
Beyond the inherent challenges of securing such heterogeneous environments, cyberattacks on manufacturing systems can have severe real-world consequences, extending beyond data breaches to physical disruptions and costly damages.
In this talk, I will first provide a brief introduction to modern manufacturing systems. I will then explore key cybersecurity threats, with a particular focus on attacks targeting process logic vulnerabilities that can be exploited by both external threat actors and insiders. As far as possible, identified threats will be illustrated by real world attacks. I will conclude the talk with a brief outlook on ongoing research developing tools to detect (and mitigate) cybersecurity threats in modern manufacturing.
Please cite this work as follows: A. D. Brucker, “Cybersecurity threats and attacks in modern manufacturing,” presented at the BSides exeter, Exeter, UK, Apr. 26, 2025. Author copy: https://logicalhacking.com/publications/talk-brucker-manufacturing-security-2025/
BibTeX
@Unpublished{ talk:brucker:manufacturing-security:2025,
author = {Achim D. Brucker},
date = {2025-04-26},
title = {Cybersecurity Threats and Attacks in Modern Manufacturing},
eventtitle = {BSides Exeter},
language = {english},
areas = {security},
venue = {Exeter, UK},
abstract = {Modern manufacturing relies heavily on highly integrated IT
systems. While various terms -- such as Industry 4.0,
Cyber-Physical Production Systems, and the Industrial Internet
of Things (IIoT) -- describe these systems, they all share a
common characteristic: the fusion of enterprise software with
sensors and actuators. This creates a complex IT landscape
comprising devices with diverse computational capabilities,
operating systems, and software versions. Additionally, many
manufacturing environments must integrate legacy systems that
were never designed to be connected to the internet, further
complicating security efforts.
Beyond the inherent challenges of securing such heterogeneous
environments, cyberattacks on manufacturing systems can have
severe real-world consequences, extending beyond data breaches
to physical disruptions and costly damages.
In this talk, I will first provide a brief introduction to
modern manufacturing systems. I will then explore key
cybersecurity threats, with a particular focus on attacks
targeting process logic vulnerabilities that can be exploited
by both external threat actors and insiders. As far as
possible, identified threats will be illustrated by real world
attacks. I will conclude the talk with a brief outlook on
ongoing research developing tools to detect (and mitigate)
cybersecurity threats in modern manufacturing. },
note = {Author copy: \url{https://logicalhacking.com/publications/talk-brucker-manufacturing-security-2025/}},
pdf = {https://logicalhacking.com/publications/talk-brucker-manufacturing-security-2025/talk-brucker-manufacturing-security-2025.pdf},
}