Smart Factory Security: A Case Study on a Modular Smart Manufacturing System

Abstract Smart manufacturing systems are an attractive target for cyber attacks, because they embed valuable data and critical equipment. Despite the market is driving towards integrated and interconnected factories, current smart manufacturing systems are still designed under the assumption that they will stay isolated from the corporate network and the outside world. This choice may result in an internal architecture with insufficient network and system compartmentalization. As a result, once an attacker has gained access, they have full control of the entire production plant because of the lack of network segmentation. With the goal of raising cybersecurity awareness, in this paper we describe a practical case study showing attack scenarios that we have validated on a real modular smart manufacturing system, and suggest practical security counter measures. The testbed smart manufacturing system is part of the Industry 4.0 research laboratory hosted by Politecnico di Milano, and comprises seven assembly stations, each with their programmable logic controllers and human-computer interfaces, as well as an industrial robotic arm that performs pick-and-place tasks. On this testbed we show two indirect attacks to gain initial access, even under the best-case scenario of a system not directly connected to any public network. We conclude by showing two post-exploitation scenarios that an adversary can use to cause physical impact on the production, or keep persistent access to the plant. We are unaware of a similar security analysis performed within the premises of a research facility, following a scientific methodology, so we believe that this work can represent a good first step to inspire follow up research on the many verticals that we touch.