Cybersecurity in Industrial Revolution and Smart Cities: Comparison
Please note this is a comparison between Version 2 by Catherine Yang and Version 1 by Antonio Clim.

Cities have grown in development and sophistication throughout human history. Smart cities are the current incarnation of this process, with increased complexity and social importance. This complexity has come to involve significant digital components and has thus come to raise the associated cybersecurity concerns. Major security relevant events can cascade into the connected systems making up a smart city, causing significant disruption of function and economic damage.

  • smart city
  • cybersecurity
  • industry 4.0
  • industry 5.0

1. Digitalization of Industry 4.0 and Industry 5.0

Industry 4.0 is based on autonomous devices and other technologies that have facilitated the production process throughout the value chain. Therefore, this model of a smart factory based on these technological advances includes a section whereby the physical processes of the factory are monitored by systems controlled by computers [27][1]. Such systems have been developed in such a way that they contain a virtual copy of the physical world, producing decentralized decisions based on mechanisms surrounding self-organizations [28][2]. Consequently, this concept will lead to more digitization of the manufacturing industry so that physical objects will be effortlessly integrated into the information technology’s network. Thus, this will enable manufacturing systems to have vertical networking with their relevant business processes within an organization, as well as for the horizontally connected systems to have spatial dispersion value networks which can be regulated in real-time, from the moment an order has been placed up until the outgoing logistics of that particular order. As a result, we have differences across industries and the services offered tend to be less pertinent, since the digital technologies have a connection with the industrial products and services into mixed products, which are considered to be the hybrids, in that they do not only contain goods or services [28,29][2][3]. Therefore, it is worth mentioning how the Internet of Things, as well as the Internet of Services, are deemed the main elements within Industry 4.0 (see Figure 31).
Figure 31. Elements of Industry 4.0 [26].
Elements of Industry 4.0 [4].
Alternatively, another perspective on Industry 4.0 is with regard to CPPSs, which involve an online network with service machines structured similarly to social networks [30][5]. Therefore, these networks will connect IT with mechanical and electrical components and will communicate with one another through a network. For instance, advancements such as radio frequency identification (RFID) technology have been among the earliest forms of this technology, which has been under use since its inception. In the contemporary setting, smart machines will gradually share information regarding current levels of stock, faults, and issues, as well as changes in orders or demand levels [31,32,33][6][7][8]. Therefore, deadlines and processes are under extensive coordination in order to enhance efficiency, as well as improve capacity application, intime, as well as the quality of production, development, purchasing, and marketing. Therefore, CPPSs will not just network the machines within an industry on a daily basis, they will also develop a smart network surrounding ICT systems, machines, properties, smart products, and stakeholders throughout the life cycle of a product and the value chain [34,35,36,37][9][10][11][12]. Moreover, another significant aspect of Industry 4.0 is the possibility of interacting with other smart infrastructures, such as those associated with smart homes and buildings, smart grid, smart logistics, and smart mobility, as presented in Figure 42.
Figure 42. Industry 4.0 and the elements of digitalization [38].
Industry 4.0 and the elements of digitalization [13].
The connection to both business and social networks through the business web as well as the social web will play a mandatory role in the digital transformation of Industry 4.0. Furthermore, these industry-based interfaces and networks will be integrated into the IoT, such as data, people, and services [39,40][14][15]. Therefore, some of these smart industries will depend on various contemporary innovative technological advancements. For example, the application of ICT in the digitization of information and the integration of the system throughout different stages of the development of a product and its appropriate use, such as logistics and supply, is to be made within the company or its limits [41][16]. Second, network communications entail Internet and wireless technologies that allow people, products, and systems to interact, as well as connecting machines in manufacturing industries with relevant suppliers and distributors [31][6]. Third, cyber-physical systems which employ ICT in monitoring, as well as regulating physical systems and processes entail intelligent robots and embedded sensors, since they can be configured to adapt to their immediate product. In other instances, additive manufacturing devices, such as 3D printing devices, are used [42][17]. Moreover, the collection of different quantities of information and their exploitation and evaluation within the factory or by having cloud computing and big data analysis, virtualization, simulation, and modeling within the design of a given product, as well as the development of the manufacturing process, and the immense ICT-based support for the human worker, involve augmented reality, robots and cobots, and other intelligent tools [43,44][18][19]. These tools are represented in Figure 53.
Figure 53. Tools of digitalization in industry 4.0 [45].
Tools of digitalization in industry 4.0 [20].

2. Major Vulnerabilities of Digital Technologies in Industries

The nature of cyberattacks directed at contemporary industries is based on targeting of well-known vulnerabilities within digital technologies which are central to Industry 4.0 and Industry 5.0 [46][21]. The first source of vulnerabilities is the continued use of insecure legacy systems that have reduced maintenance. This is common for cities which have been stacking layers of old infrastructure, which depends on old technology and software. Moreover, these systems have not been updated or upgraded in a very long time and they have not evolved into more advanced and secure systems [47][22]. Therefore, having such technologies for industry can give rise to vulnerabilities when it comes to contemporary systems, since they are likely to contain forever-day exploits that are understood to be the loopholes in legacy software products that are no longer supported by their vendors, meaning that the system will never be patched [48][23]. Additionally, even when considering new technologies, it will be hard to determine and roll out the patches on the critical operational systems, which will always need to be on.
Another major vulnerability is the use of weakly tested software, as well as weak data encryption protocols to secure the systems used in these industries. Studies have stated that there are about 30 errors and other exploit bugs in about 1000 lines of code [49,50][24][25], and when it comes to a contemporary heterogeneous system which is being used in industries and smart cities, it has millions of lines of code that have the potential of producing zero-day exploits for various system hacks, malware, and viruses. In addition, studies of industries and smart cities have shown that most of their IT systems were developed without maximum security. Here we refer to the fact that there are no user authentication methods and default or weak passwords are used [51][26]. Furthermore, vendors, stakeholders, and governments within these industries have used their technological systems without conducting in-depth cybersecurity testing and drills, which would have been necessary considering some of the security issues which can arise based on how different systems are operated.
Thirdly, vulnerabilities can produce cascade effects, which can cause cyberattacks, and the factors involve the interrelations between industrial technologies and the system. This creates the grounds to develop various cascade effects through disruptions or failures, hence generating knock-on effects which cause more failure in different significant services, such as utilities. For example, when a telecommunications system is under a cyber-attack, the infrastructure is overloaded, and this may lead to failures of emergency response or traffic management system. Therefore, this makes the issue a significant security risk within an urban operating system, whereby there are various systems that have been interconnected, reflecting a system-of-systems approach in the management of services within the city and its infrastructures. As a result, it will nullify the mitigating impact of using the siloed approach, which is perceived as an entirely individual system, whereby there is a physically independent telecommunication cabling as well as a source of power among other systems [52,53,54][27][28][29]. Therefore, in case there is a successful cyber-attack on the electricity grid in a specific place, there will be sizeable cascading effects because that service supports numerous activities such as distributing power to workplaces, homes, hospitals, and many other infrastructures.
Lastly, human error and intentional malfeasance of dissatisfied personnel within a workplace can be another reason for system vulnerabilities because technical exploits can be immensely assisted by the errors people make. For example, when an employee responds to phishing messages or emails, the insertion of infected external drives into computers and installation of malware and viruses can be some of the ways these actors can play a crucial role towards a cyber-attack [55,56][30][31]. There are other instances whereby the software of a particular infrastructure could be weak in their system designs, in the sense that they can comfortably and secretively be sabotaged with the help of the rogue employees or former employees (see Figure 64). Therefore, it is worth noting that the aforementioned vulnerabilities can be worsened by various factors, considering that at times it is unclear who is mandated to maintain the security across the complex infrastructure and system. Moreover, vulnerabilities also appear when there are many stakeholders and other institutions which have worked together in the development of designs, supplying software and hardware, as well as in the operation and use of different components.
Figure 64. Representation of cyber security risks posed by humans considering the benign or malicious intent and the level of computational competence [57].
Representation of cyber security risks posed by humans considering the benign or malicious intent and the level of computational competence [32].

3. Cybersecurity Risks in Industry 4.0 and 5.0

The technological advancements that constitute the basis for Industry 4.0 have raised various issues concerning their security and overall safety, therefore stating that these developments in the technological paradigm are a direct indication of opportunities and challenges [58][33]. According to the study conducted for the Associated Chambers of Commerce of India (ASSOCHAM) [59][34], Industry 4.0 and Industry 5.0 will prioritize talent over money as a form of investment because the use of elements such as IoT, Artificial Intelligence, blockchain, and other emerging technologies is growing exponentially. These elements can be used to improve governance, consulting, and general digitalization of the major industries [60][35]. The adoption and implementation of these technologies will improve various operational capacities, talent acquisition, and the delivery of applications in various organizations and sectors. Therefore, the process of integrating a concept within an industry is actually about opening up the IT infrastructure of that industry, thus making it more vulnerable to errors and susceptible to cyber-attacks.
Moreover, it is worth noting that cyber intruders will not stop at anything, considering that as the industry advances, they will also refine their techniques for breaching systems [61][36]. As a result, such cyber-attacks targeting penetration into the control systems of various organizations will become a threat to the facilities’ production. In case of such attacks, industry computers are usually controlled from a remote location, and in turn, the intruders can have access or spy on their targeted objective [62,63][37][38]. Such attacks have been made possible by malware that exploits firewalls or security holes, and oftentimes, network monitoring software cannot detect such intrusions.
Considering that these technological opportunities are also in tandem with their associated cybersecurity risks, it would be necessary for industries to have a complete understanding of the impact of adopting these technologies on their security [64,65,66][39][40][41]. For such industries to capitalize on the fourth and fifth industrial revolutions, they will need to have the necessary contingencies and measures in place that will ensure that their cybersecurity is in tandem with Industry 4.0 and Industry 5.0 [67,68][42][43]. Therefore, factors such as integrated data protection frameworks, as well as sector-specific security baselines will help industries find sustainable advantages from their contemporary technological revolution. It is worth noting that the government, as well as other institutions, are also faced with challenges in their cybersecurity, as they are required to have their platforms resilient to threats so that they can facilitate the adoption of ever-changing and disrupting technology [56,69][31][44]. In addition, conventional information security practices could offer the required strategies, but this would not offer sufficient protection for industries considering how technology has been evolving over the years.
Regarding the promise of the impact of cybersecurity plans on organizations, some of the appropriate frameworks that industries can focus on as well as commit to should have some common attributes. For example, the framework should be able to develop capabilities that can detect threats and respond to them adequately and proactively, as well as be able to make use of artificial intelligence in identifying patterns so that IT systems can be monitored through smart technology [70,71,72,73][45][46][47][48]. Such frameworks should also offer an integrated approach towards cybersecurity, whereby there will be a holistic strategy towards the landscape of a threat instead of implementing security technologies in silos. Lastly, it is essential for the framework to create a well-built connection with its respective institutions throughout its sectors and those of the government for the purposes of sharing research, intelligence, information, and capacity development. As these technologies are developing and scaling up, it is essential to involve human resources, training, and education [74,75,76][49][50][51] as the cornerstones of industrial progress, because upon the successful adoption of these technologies, there will be demand for new skills and expertise.

References

  1. Blichfeldt, H.; Faulland, R. Performance effects of digital technology adoption and product & service innovation—A process-industry perspective. Technovation 2021, 105, 102275.
  2. Rojko, A. Industry 4.0 Concept: Background and Overview. Int. J. Interact. Mob. Technol. 2017, 115, 77–90.
  3. Costa, D.G.; Vasques, F.; Portugal, P.; Aguiar, A. A Distributed Multi-Tier Emergency Alerting System Exploiting Sensors-Based Event Detection to Support Smart City Applications. Sensors 2019, 20, 170.
  4. Deloitte, Challenges and Solutions for the Digital Transformation and Use of Exponential Technologies. Available online: https://manufacturing.report/whitepapers/industry-40-challenges-and-solutions-for-the-digital-transformation-and-use-of-exponential-technologies (accessed on 20 November 2022).
  5. Ferreira, F.; Faria, J.; Azevedo, A.L.; Marques, A.L. Industry 4.0 as Enabler for Effective Manufacturing Virtual Enterprises. In Collaboration in a Hyperconnected World; Afsarmanesh, H., Camarinha-Matos, L., Soares, A., Eds.; Springer: Berlin, Germany, 2016; pp. 274–285.
  6. Nagy, J.; Oláh, J.; Erdei, E.; Máté, D.; Popp, J. The Role and Impact of Industry 4.0 and the Internet of Things on the Business Strategy of the Value Chain—The Case of Hungary. Sustainability 2018, 10, 3491.
  7. Angelopoulos, A.; Michailidis, E.T.; Nomikos, N.; Trakadas, P.; Hatziefremidis, A.; Voliotis, S.; Zahariadis, T. Tackling Faults in the Industry 4.0 Era—A Survey of Machine-Learning Solutions and Key Aspects. Sensors 2020, 20, 109.
  8. Aslam, F.; Aimin, W.; Li, M.; Ur Rehman, K. Innovation in the Era of IoT and Industry 5.0: Absolute Innovation Management (AIM) Framework. Information 2020, 11, 124.
  9. Pérez, F.; Irisarri, E.; Orive, D.; Marcos, M.; Estevez, E. A CPPS Architecture approach for Industry 4.0. In Proceedings of the 20th Conference on Emerging Technologies & Factory Automation, Luxembourg, 8–11 September 2015.
  10. Botlíková, M.; Botlík, J. Local Extremes of Selected Industry 4.0 Indicators in the European Space—Structure for Autonomous Systems. J. Risk Financ. Manag. 2020, 13, 13.
  11. Butt, J. A Strategic Roadmap for the Manufacturing Industry to Implement Industry 4.0. Designs 2020, 4, 11.
  12. Cioffi, R.; Travaglioni, M.; Piscitelli, G.; Petrillo, A.; De Felice, F. Artificial Intelligence and Machine Learning Applications in Smart Production: Progress, Trends, and Directions. Sustainability 2020, 12, 492.
  13. Avvanz Global, Digital Transformation—Transform, Optimize and Scale Organizations to Become Profitable Leveraging Digital Transformation Singapore. Available online: https://www.avvanz.com/digital-transformation-2/ (accessed on 9 November 2022).
  14. McKinsey & Company. Industry 4.0: How to Navigate Digitization of the Manufacturing Sector. Available online: http://www.forschungsnetzwerk.at/downloadpub/mck_industry_40_report.pdf (accessed on 2 February 2019).
  15. Ingaldi, M.; Ulewicz, R. Problems with the Implementation of Industry 4.0 in Enterprises from the SME Sector. Sustainability 2020, 12, 217.
  16. Chalmeta, R.; Santos-Deleón, N.J. Sustainable Supply Chain in the Era of Industry 4.0 and Big Data: A Systematic Analysis of Literature and Research. Sustainability 2020, 12, 4108.
  17. Lee, K.-L.; Roesinger, A.; Hommel, U. Development and Practice of Industrie 4.0 in China—Practical Experience of a German Industrial Software Company in China. Sci 2022, 4, 28.
  18. Vermesan, O.; Bröring, A.; Tragos, E.; Serrano, M.; Bacciu, D.; Chessa, S.; Gallicchio, C.; Micheli, A.; Dragone, M.; Saffiotti, A.; et al. Internet of robotic things: Converging sensing/actuating, hypoconnectivity, artificial intelligence and IoT Platforms. In Cognitive Hyperconnected Digital Transformation: Internet of Things Intelligence Evolution; Vermesan, O., Bacquet, J., Eds.; River Publishers: Alsbjergvej, Denmark, 2017; Volume 1, pp. 97–155.
  19. Coronado, E.; Venture, G. Towards IoT-Aided Human–Robot Interaction Using NEP and ROS: A Platform-Independent, Accessible and Distributed Approach. Sensors 2020, 20, 1500.
  20. Intelegain Technologies. The Ultimate Guide to IoT-Driven Digital Transformation in Manufacturing. Available online: https://www.intelegain.com/the-ultimate-guide-to-iot-driven-digital-transformation-in-manufacturing/ (accessed on 10 November 2022).
  21. Rodríguez-Lera, F.J.; Matellán-Olivera, V.; Balsa-Comerón, J.; Guerrero-Higueras, M.; Fernández-Llamas, C. Message Encryption in Robot Operating System: Collateral Effects of Hardening Mobile Robots. Front. ICT 2018, 5, 21.
  22. Kitchin, R.; Dodge, M. The (In) Security of Smart Cities: Vulnerabilities, Risks, Mitigation, and Prevention. J. Urban Technol. 2017, 26, 47–65.
  23. Cerrudo, C. An Emerging US (and World) Threat: Cities Wide Open to Cyber Attacks. Available online: https://ioactive.com/pdfs/IOActive_HackingCitiesPaper_CesarCerrudo.pdf (accessed on 10 December 2019).
  24. Wiggers, K. AI Spots Critical Microsoft Security Bugs 97% of the Time. Available online: https://venturebeat.com/2020/04/16/ai-spots-critical-microsoft-security-bugs-97-of-the-time (accessed on 7 April 2020).
  25. Ashkenazi, A. App Shielding vs. Bug Bounty Programs: In Pursuit of Fortified Mobile Applications. Available online: https://jaxenter.com/app-shielding-mobile-163474.html (accessed on 18 December 2019).
  26. Liddell, P.; Archibald, G.; Pyke, S. Digital Supply Chain—The Hype and the Risks. Available online: https://assets.kpmg/content/dam/kpmg/au/pdf/2018/digital-supply-chain-hype-and-risks.pdf (accessed on 20 September 2019).
  27. Little, R.G. Managing the risk of cascading failure in complex urban infrastructures. In Disrupted Cities, 1st ed.; Graham, S., Ed.; Routledge: London, UK, 2009; Volume 1, pp. 27–39.
  28. Mourad, A.; Yang, R.; Lehne, P.H.; De La Oliva, A. A Baseline Roadmap for Advanced Wireless Research Beyond 5G. Electronics 2020, 9, 351.
  29. Bajracharya, R.; Shrestha, R.; Jung, H. Future Is Unlicensed: Private 5G Unlicensed Network for Connecting Industries of Future. Sensors 2020, 20, 2774.
  30. Lacy, M.; Prince, D. Securitization and the global politics of cybersecurity. Glob. Discourse Interdiscip. J. Curr. Aff. 2018, 8, 100–115.
  31. Verizon Communications Inc. 2021 Data Breach Investigations Report. Available online: https://www.verizon.com/business/resources/reports/dbir/2021/masters-guide/ (accessed on 5 August 2022).
  32. King, Z.M.; Henshel, D.S.; Flora, L.; Cains, M.G.; Hoffman, B.; Sample, C. Characterizing and Measuring Maliciousness for Cybersecurity Risk Assessment. Front. Psychol. 2018, 9, 39.
  33. Yeboah-Ofori, A.; Islam, S. Cyber Security Threat Modeling for Supply Chain Organizational Environments. Future Internet 2019, 11, 63.
  34. Ernst & Young. Cybersecurity for Industry 4.0: Cybersecurity Implications for Government, Industry and Homeland Security. Available online: https://www.ey.com/Publication/vwLUAssets/ey-cybersecurity-for-industry-4-0/$File/ey-cybersecurity-for-industry-4-0.pdf (accessed on 10 April 2019).
  35. Košťál, K.; Helebrandt, P.; Belluš, M.; Ries, M.; Kotuliak, I. Management and Monitoring of IoT Devices Using Blockchain. Sensors 2019, 19, 856.
  36. Tariq, F.; Khandaker, M.; Wong, K.K.; Imran, M.; Bennis, M.; Debbah, M. A Speculative Study on 6G. Available online: https://arxiv.org/pdf/1902.06700v2.pdf (accessed on 3 March 2022).
  37. Alkhalil, A.; Ramadan, R.A. IoT Data Provenance Implementation Challenges. In Proceedings of the 8th International Conference on Ambient Systems, Networks and Technologies, Madeira, Spain, 16–19 May 2017.
  38. Martens, C.D.P.; da Silva, L.F.; Silva, D.F.; Martens, M.L. Challenges in the implementation of internet of things projects and actions to overcome them. Technovation 2022, 118, 102427.
  39. Li, Y.; Liu, Q. A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments. Energy Rep. 2021, 7, 8176–8186.
  40. Cremer, F.; Sheehan, B.; Fortmann, M.; Kia, A.N.; Mullins, M.; Murphy, F.; Materne, S. Cyber risk and cybersecurity: A systematic review of data availability. Geneva Pap. Risk Insur. Issues Pract. 2022, 47, 1–39.
  41. Khan, N.S.; Chishti, M.A.; Saleem, M. Identifying Various Risks in Cyber-Security and Providing a Mind-Map of Network Security Issues to Mitigate Cyber-Crimes. In Proceedings of the 2nd International Conference on Communication, Computing and Networking, Chandigarh, India, 29–30 March 2018.
  42. Xu, X.; Lu, Y.; Vogel-Heuser, B.; Wang, L. Industry 4.0 and Industry 5.0-Inception, conception and perception. J. Manuf. Syst. 2021, 61, 530–535.
  43. Veksler, V.D.; Buchler, N.; Hoffman, B.E.; Cassenti, D.N.; Sample, C.; Sugrim, S. Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users. Front. Psychol. 2018, 9, 691.
  44. Microsoft Security, The 2021 Microsoft Digital Defense Report. Microsoft Corporation. Available online: https://info.microsoft.com/ww-landing-Microsoft-Digital-Defense-Report-Gate.html (accessed on 5 April 2022).
  45. Radanliev, P.; De Roure, D.C.; Nicolescu, R.; Huth, M.; Montalvo, R.M.; Cannady, S.; Burnap, P. Future developments in cyber risk assessment for the internet of things. Comput. Ind. 2018, 102, 14–22.
  46. Pupillo, L.; Fantin, S.; Ferreira, A.; Polito, C. Artificial Intelligence and Cybersecurity: Technology, Governance and Policy Challenges—Final Report of a CEPS Task Force. Centre for European Policy Studies (CEPS), 2021. Available online: https://www.ceps.eu/wp-content/uploads/2021/05/CEPS-TFR-Artificial-Intelligence-and-Cybersecurity.pdf (accessed on 9 October 2022).
  47. Raimundo, R.; Rosário, A. The Impact of Artificial Intelligence on Data System Security: A Literature Review. Sensors 2021, 21, 7029.
  48. Das, R.; Sandhane, R. Artificial Intelligence in Cyber Security. J. Phys. Conf. Ser. 2021, 1964, 042072.
  49. Hamada, T. Determinants of Decision-Makers’ Attitudes toward Industry 4.0 Adaptation. Soc. Sci. 2019, 8, 140.
  50. Coşkun, S.; Kayıkcı, Y.; Gençay, E. Adapting Engineering Education to Industry 4.0 Vision. Technologies 2019, 7, 10.
  51. Haidine, A.; El Hassani, S.; Aqqal, A.; El Hannani, A. The Role of Communication Technologies in Building Future Smart Cities. In Smart Cities Technologies; Da Silva, I.N., Flauzino, R.A., Eds.; IntechOpen: Rijeka, Croatia, 2016; pp. 58–71.
More
ScholarVision Creations