Machine learning is a prevalent Artificial Intelligence technique that is being implemented in industry, as part of Industry 4.0 - the so called fourth industrial revolution introducing internet technologies to industry. In industry, machine learning applications include industrial design, process control, robotics and assembly. Though machine learning offers clear benefits to industry in terms of automation and efficiency

improvements, these machine learning systems are susceptible to a broad range of attacks that can lead to the disclosure of intellectual property, disruptions to operations and, in the case of machine learning systems acting as industrial control systems, harm to property and persons.

As per other emerging technologies, such as the Internet of Things, machine learning presents a variety of challenges in the management of cyber security risks. 

 

In Industry 4.0, material challenges include modelling vulnerabilities of machine learning systems due to the lack of a theoretical basis to rule out attacks, risk modelling the complexity and connectivity of systems in Industry 4.0, managing the risk in continually evolving ecosystems and processes in Industry 4.0, and a lack of a catalogue of controls to assist in a determination of relevant machine learning controls to apply. With such challenges, how then can the cyber security risk management of a machine learning system in Industry 4.0 be performed?

 

To this end, we propose a cyber security risk management framework that allows for the management of these machine learning cyber security risks in Industry 4.0. The bases for this risk management framework are a risk model, developed as part of this study, of the machine learning risks and an analysis undertaken of the material challenges risk management faces in Industry 4.0. A selection of cyber security risk methods and techniques is performed and enhancements proposed.

 

The resulting framework consists of the CORAS risk methodology, further enhanced to meet these key challenges, an enhanced Open Group Standard methodology on Dependency Modelling, instantiations of HAZOP for machine learning systems, a security assessment mechanism for the adversarial training of machine learning systems, catalogues of machine learning threats and security controls, and a standard of machine learning controls with implementation guidance. To validate the risk management framework, a case study involving a machine learning system connected to a factory was conducted and expert reviews of the framework were undertaken. The risk management framework may be used in Industry 4.0 to manage the cyber security risks to machine learning systems.

  

READ PDF>

 

 

 

 

  • A cybersecurity information sharing process for Storm Su...
    Master CS/Jeroen Gaiser
    >
  • A cybersecurity info...
    Master CS/Jeroen Gaiser
    >
  • A cybersecurity information sharing process for Storm Su...
    Master CS/Jeroen Gaiser
    >
  • Can NL trust 5G?
    Master CS/Farley Wazir
    >
  • Can NL trust 5G?
    Master CS/Farley Wazir
    >
  • Can NL trust 5G?
    Master CS/Farley Wazir
    >
  • ConsensusPKI. Data driven public key ecosystem backed by...
    Master CS/Volkan Kaya
    >
  • ConsensusPKI. Data d...
    Master CS/Volkan Kaya
    >
  • ConsensusPKI. Data driven public key ecosystem backed by...
    Master CS/Volkan Kaya
    >
  • Evaluating server-side internet proxy detection methods
    Master CS/Hans Hoogstraaten
    >
  • Evaluating server-si...
    Master CS/Hans Hoogstraaten
    >
  • Evaluating server-side internet proxy detection methods
    Master CS/Hans Hoogstraaten
    >
  • Fake news, or framed news, that is the question
    Master CS/Elserike Looije
    >
  • Fake news, or framed...
    Master CS/Elserike Looije
    >
  • Fake news, or framed news, that is the question
    Master CS/Elserike Looije
    >
  • Fighting in the fifth dimension
    Master CS/John van Veenhuizen
    >
  • Fighting in the fift...
    Master CS/John van Veenhuizen
    >
  • Fighting in the fifth dimension
    Master CS/John van Veenhuizen
    >
  • Managing risks in the cyber realm: From a traditional to...
    Master CS/Emma Meines
    >
  • Managing risks in th...
    Master CS/Emma Meines
    >
  • Managing risks in the cyber realm: From a traditional to...
    Master CS/Emma Meines
    >
  • Multi-stakeholder roadmap for implementing consumer vuln...
    Master CS/Hinko Bastiaanse
    >
  • Multi-stakeholder ro...
    Master CS/Hinko Bastiaanse
    >
  • Multi-stakeholder roadmap for implementing consumer vuln...
    Master CS/Hinko Bastiaanse
    >
  • Public Private Partnership in the French National Cyber...
    Master CS/René Marchal
    >
  • Public Private Partn...
    Master CS/René Marchal
    >
  • Public Private Partnership in the French National Cyber...
    Master CS/René Marchal
    >
  • Public-Private Partnerships in Indian Industrial IoT.
    Master CS/Chandrasekhar Muppiri
    >
  • Public-Private Partn...
    Master CS/Chandrasekhar Muppiri
    >
  • Public-Private Partnerships in Indian Industrial IoT.
    Master CS/Chandrasekhar Muppiri
    >
  • The Design of a Risk Management Framework for Machine Le...
    Master CS/Antony Hibbert
    >
  • The Design of a Risk...
    Master CS/Antony Hibbert
    >
  • The Design of a Risk Management Framework for Machine Le...
    Master CS/Antony Hibbert
    >