Thrust 3: Cyber Infrastructure for Future Manufacturing

For the nodes to interact with the high-level planning and control layers, we introduce a safe and secure method for handling data. This thrust focuses on the implementation of the data layer, which will enable the network that connects the distributed nodes for various resources and processes. The research will emphasize improving workflows, specifically tailored to manufacturing, and security across the network.

Data within AR-CyMaN

The cyber-physical manufacturing network will capture, transmit, and collect sensory data via edge computing devices at private cloud servers. The private cloud servers at the manufacturing floor will store the data in databases and make the data available throughout the duration of the manufacturing processes, creating a distributed supply network. The cloud servers will serve multiple users and multiple machines with diverse sensors. We will investigate ML-driven distributed middleware platform, spanning across group of private cloud servers that will autonomously configure themselves according to manufacturing needs, and dynamically reconfigure themselves upon demands and resource changes. We will use machine learning algorithms within the distributed middleware to collect system states and resource data, learn from these data about resource demands, infer the response times based on co-dependent workflows, represented by micro-service tasks and operating over sensory data, and control end-users admission into the system so that existing users in the run-time system (distributed middleware) get delivered their computational tasks with required resources and achieve required Quality of Service. Furthermore, based on the inference of system state information, we will not only decide on the end-user admission into the manufacturing system, but also configure resources for the co-dependent supply chains so that resources are available when needed and each end-user in the system can complete the whole supply chain of tasks. We have done preliminary work on learning usage of system resources and controlling resources via the 4CeeD resource management system.

Resilient and Secure Edge Computing

Diverse manufacturing machines employ heterogeneous sensors in real-time that have a clear “normal” behavior of processing and delivery its products, represented by “normal” behavior of digital sensory data and delivery of messages to edge computing devices who collect the digital sensory data. Hence, if a failure or an anomaly occurs in the physical world, it will need to manifest itself in the digital world, yet there have to be software agents who detect the failure and abnormal behavior of machines and their sensors. However, the anomalies and failures do not happen only in the physical manufacturing world, represented in the sensory data as discussed in Thrust 1, but also in the digital world of computing and networking the digital devices.

We will investigate multi-level anomaly detectors, software agents residing at the edge computing devices who will carefully monitor three levels of failures, attacks and misconfigurations: (a) sensory data level, where sensors may either capture physical measurements of a machine in physical failure mode, or the sensors get misconfigured, hence send wrong data, or sensors are being attacked, sending poisonous data; (b) protocol and operation level, where edge devices detect abnormality in the protocol of operation over the sensor (e.g., a sensor will receive via network protocol from edge device/operator a remote command which should execute a READ operation, but due to attack or misconfiguration or human error, the remote command would be WRITE a value operation which could cause a failure of the manufacturing machine); (c) network traffic level where messages from sensors to edge device might be lost (black hole attack), or delayed (timing attack) or new messages are injected (denial of service attack). Our anomaly detectors at the edge computing device will analyze the incoming network sensory data and use machine learning algorithms at different timescales to analyze data and generate alerts for operators. We will utilize our expertise from a prior cyber-physical infrastructure system, the trustworthy power-grid where we have analyzed in detail the IED (Intelligent Electronic Devices) sensory data traffic in SCADA networks to identify anomalies for MODBUS and IEC 61850.

Furthermore, we strengthen the capabilities in manufacturing networks by providing analysis of alerts at the cloud server side and assist end-users with causal reasoning. We will explore analysis of causal attack poly-trees to infer from anomaly alert observations where the failures and attacks could have come from. Visualization of alerts and response to causes of alerts will be investigated to support the overall decision-making over monitored data. We have prior work on causal reasoning of network traffic anomalies for MODBUS SCADA network traffic, but has yet to be extended on data and operational level alerts, as well as in manufacturing networks. The identification of classes of failures, classes of safety and security requirements will assist in formalization of the resilience algorithms such as to adapt manufacturing networks to withhold attacks, misconfigurations, and human errors. This effort will be directly related to the findings in Thrust 1, where anomaly analysis is key in uncertain systems.