This paper proposes a cybersecurity monitoring framework tailored to multi-plant Flexible Manufacturing Systems. The framework combines Digital Twin technology, hierarchical SIEM and SOAR systems, and AI-based incident response. Addressing the limitations of traditional cybersecurity methods in distributed manufacturing scenarios, the proposed solution enables real-time threat detection, cross-facility correlation of events, automated incident responses, and an integrated threat-sharing platform. Initial evaluations indicate that the approach improves early anomaly detection and reduces false positives in threat detection. Ongoing and future research steps include incorporating advanced AI agents for automated mitigation, expanding simulations to more sophisticated attack vectors, optimizing system performance, minimizing false positives, and conducting comprehensive validation using various industrial protocols to ensure compliance with cybersecurity standards.
Enhanced Cybersecurity Monitoring in Multi-Plant Flexible Manufacturing Environments
Iannaccone, Antonio;Nardone, Roberto
2025-01-01
Abstract
This paper proposes a cybersecurity monitoring framework tailored to multi-plant Flexible Manufacturing Systems. The framework combines Digital Twin technology, hierarchical SIEM and SOAR systems, and AI-based incident response. Addressing the limitations of traditional cybersecurity methods in distributed manufacturing scenarios, the proposed solution enables real-time threat detection, cross-facility correlation of events, automated incident responses, and an integrated threat-sharing platform. Initial evaluations indicate that the approach improves early anomaly detection and reduces false positives in threat detection. Ongoing and future research steps include incorporating advanced AI agents for automated mitigation, expanding simulations to more sophisticated attack vectors, optimizing system performance, minimizing false positives, and conducting comprehensive validation using various industrial protocols to ensure compliance with cybersecurity standards.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
