Cyber security experts from opposite sides of the world are collaborating to map cyber security risks in advanced manufacturing and minimise the threat of cyber criminals extracting data from 5G-enabled shop floors.
CyAmast, a spin-out from the University of New South Wales (UNSW) in Sydney, is testing its revolutionary Internet of Things (IoT) cyber security solution on 5G-enabled devices at the University of Sheffield Advanced Manufacturing Research Centre (AMRC).
Adam de Jong, CyAmast CEO, says this is the first time the solution has been trialled on 5G equipment and in the event of a cyber-attack, it will make it possible to control and restrict rogue devices that are compromised.
“The CyAmast software is now running at AMRC North West in Lancashire, monitoring all 5G and wired network traffic. The AMRC’s cyber security researchers are using the tool to visualise, analyse, and monitor the devices on their network.
“In addition, this tool identifies and automatically generates profiles of each device based on its behaviour. It also provides real time and detailed information about all the relevant properties, such as the device’s IP address, gateway, operating system, MAC address, manufacturer type and continuously monitors behaviour for the detection of any cyber risks associated with its use. CyAmast software provides engineers at the AMRC with a lot of flexibility in identifying rogue devices, mitigating threats, and devising new policies”.
Sydney has a growing reputation as a global cybersecurity hub with the establishment of the New South Wales (NSW) Cyber Security Innovation Node (CSIN) in July 2019, aimed at growing the region’s cybersecurity sector. In July 2020, UNSW researchers raised $1.3m to fund spin-out business CyAmast based on its technology that protects Internet of Things (IoT) devices from cybercrime.
Adam added: “The use of IoT devices is growing rapidly in the manufacturing industry and leading to a new paradigm of smart factories that are capable of making autonomous and intelligent decisions. Devices and sensors collect, communicate, analyse, and act on information, offering new ways to improve manufacturing efficiency, reduce waste, and improve quality and therefore leading to more sustainable processes and reducing global carbon footprint.
“Operational technologies (OT) including robots, sensors, computer numerical control (CNC) machines, and building management systems (BMS) are now armed with an increasing amount of software intelligence, data connectivity and autonomy. The introduction of a sheer number of smart OT devices opens up an unprecedented level of cyber risk to the next generation manufacturing shop floors.”
The project will be based at AMRC North West, the newest facility in the University of Sheffield AMRC’s cluster of world-class research and development innovation centres. AMRC North West has a strong research focus into the connectivity solutions for the next generation manufacturing shop floors; its 5G Factory of the Future testbed, a £10m programme funded by the Department for Digital, Culture, Media and Sport, has been established to investigate how 5G technology can unlock future manufacturing challenges.
AMRC North West is also becoming a Low Carbon Smart Building Demonstrator, supported by the Lancashire Enterprise Partnership (LEP). This project will draw data from a large number of sources to measure, analyse and correlate various parameters including human occupancy, space usage, machine utilisation, power consumption, environmental conditions and the associated carbon footprint.
Abdul Wahab, architect of the AMRC North West’s research network, says the team is building a modern manufacturing network aimed at mimicking a visionary Industry 4.0 network.
He said: “The AMRC employs an army of IoT devices, from a matchbox-sized embedded electronic circuit to full-size, high-performance servers and data centre equipment to collect and analyse a large amount of data. These devices consist of a stack of technologies, including an operating system, data storage, communication protocols, gateways, software and management platforms.
“The heavy dependence on data transfer through IoT devices makes them vulnerable to cybersecurity threats. IT security traditionally involves management and on-site IT teams that support and ensure the safety and security of the hardware and data storage devices connected to the network. Their risk assessment software and policies focus mainly on unauthorised access, malicious software, and misuse of resources on the local network.
“These policies and methods are not effective against monitoring and securing these highly dynamic IoT-based systems. As more sensors are integrated into the system each day, there is a greater risk associated with these IoT devices. This requires robust technology to locate and understand the behaviour of these industrial devices.”
The project is a three-party collaboration between the AMRC, which offers a testbed of future manufacturing networks; CyAmast, which offers a commercial product for network-level security; and UNSW, which offers world-class research in developing systematic methods for behavioural characterisation and risk identification for connected assets.
Dr Aparajithan Sivanathan, head of digital technology at AMRC North West, says CyAmast’s cyber security tool will provide engineers with full visibility of their IT traffic.
He said: “Cybersecurity in manufacturing is a comparatively new field therefore it is not well understood, there is a lack of skills within the manufacturing industry, policies are not readily available, and even if they exist in rare cases, they are neither directly applicable nor tailored to the purpose.
“Although the need for stringent policies and practices is starting to be recognised in the manufacturing industry, cybersecurity aspects of manufacturing are often not yet part of the core operational and quality control processes. For instance, information-based risk and impact assessments are not carried out with the same level of rigour as health and safety or quality control assessment. Unlike physical assets, there are often no asset registers for the cyber components or service/machinate schedules in place.
“The interconnectivity is the key for the upcoming generation of OT systems, they need to make communications with many parts of the digital fabric, internally, to the internet, and cloud to get most out of them. However, they are loaded with complex software stacks and come from a multitude of vendors and therefore almost impossible to standardise, establish trust or predict their data transactions. Unless you catch them in the act, you might miss out on a rogue transaction.”
UNSW’s research team in the School of Electrical Engineering and Telecommunications, led by Dr Hassan Habibi Gharakheili, has pioneered methods to formally model and dynamically monitor the network behaviour of large-scale IoT networks using AI-based models.
Dr Habibi said: “We are delighted to be working in collaboration with CyAmast and the AMRC to address some of the most pressing challenges and cyber risks facing the new paradigm of smart manufacturing.
“Jointly, we can reduce the attack surface of Internet of Things (IoT) devices, automatically characterise behaviour, rate potential cyber risks, and monitor behaviour to ensure they conform to allowed network policies.”