In the world of manufacturing, cyberattacks can be difficult to detect and prevent, especially as more equipment and machinery become remotely accessible. However, researchers at the National Institute of Standards and Technology (NIST) and the University of Michigan have found a way to use digital twins to better protect manufacturing systems from cyber threats.
A digital twin is a virtual replica of a physical object that is closely tied to its physical counterpart. It collects and processes data in real-time, providing manufacturers with valuable insights on the performance and maintenance of their equipment. With the abundance of operational data generated by manufacturing processes, digital twins can also help to identify cyberattacks that may otherwise go undetected.
To put this idea into practice, the NIST and University of Michigan researchers developed a cybersecurity framework that uses digital twin technology, machine learning, and human expertise to detect potential cyberattacks on manufacturing systems. The framework was successfully tested on an off-the-shelf 3D printer in their lab.
Anomaly Detection
In the experiment, the researchers built a digital twin that emulated the 3D printing process and provided it with information from the real printer.
The team then launched waves of disturbances at the 3D printer. Some were innocent anomalies, such as an external fan causing the printer to cool, but others, some of which caused the printer to incorrectly report its temperature readings, represented something more nefarious.
The programs analyzing both the real and digital printers were pattern-recognizing machine learning models trained on normal operating data. If these models detected an irregularity, they passed the baton off to other computer models that checked whether the strange signals were consistent with anything in a library of known issues. Then the system categorized the irregularity as an expected anomaly or a potential cyber threat.
Human in the Loop
The final step in the process involved a human expert interpreting the system’s findings and making a decision. If the expert confirmed the cybersecurity system’s suspicions, the system would store the new anomaly in its database for future reference. This process enables the framework to learn and adapt to new threats over time, reducing the need for human intervention.
As digital twins become more common, they bring a range of benefits to manufacturers, but can also provide a larger attack surface for nefarious hackers.
The framework’s potential to learn and adapt over time can make it a valuable tool for both maintenance and monitoring of compromised systems.
You can read the full paper, titled “Digital Twin-Based Cyber-Attack Detection Framework for Cyber-Physical Manufacturing Systems” over at this link.
Come and let us know your thoughts on our Facebook, Twitter, and LinkedIn pages, and don’t forget to sign up for our weekly additive manufacturing newsletter to get all the latest stories delivered right to your inbox.