Security Issues and Privacy Concerns in Industry 4.0 Applications

Keywords: Network forensic, digital forensics, cloud forensics, cloud computing services, M2M communication application, fourth industrial revolution, impact and issues in Industry 4.0 cloud application

Nowadays, several organizations use cloud resources offered by a cloud service provider as an external IT-infrastructure for their organization. Cloud computing has emerged as a highly powerful and most popular field over the past few years, the significant aspect of which is getting more focus on virtual crime and cyber-threat activities that are IT-based services [1]. As a result, digital forensics has gained increasing importance as a cloud investigation technology. Cloud computing security imposes several new challenges in between M2M communication technology [2, 3]. In this chapter, we address critical cloud security issues, network forensics investigation challenges, machine communication interruption, and the impact on industry 4.0 application.

Network forensics (NF) is a crucial sub-branch of digital forensics (DF), itself a branch of forensics science, in which experts and law enforcement capture, record and analyze network events, and discover the source of attacks and cyber incidents [4] that enhance security in the cyber environment. Simson Garfinkel writes, “network forensics systems can be one of two kinds either catch-it-as-you-can or stop, look and listen to system” [5]. Catch-it-as-you-can is a network approach in which packages pass through a certain traffic point, catch packages, and subsequently store analysis in batch mode. The approach requires a huge amount of memory storage that usually involves a Redundant Array of Inexpensive Disks or Redundant Array of Independent Disks (RAID) system. On the other side, Stop, Look, and Listen is a network approach in which individual package analysis is carried out in an initial way; only certain information stores in the memory for future analysis. Undoubtedly, this type of method used less memory storage but needs more processing power to tackle the incoming traffic on the network environment.

In computer forensics, data is more often seized in disk storage, which makes it easier to obtain; unlike DF, NF is more difficult to carry out data while it is transmitted across the network and then lost in a short time [6]. Anyone planning to apply NF tools for analysis data needs to know about the privacy laws; privacy and data protection laws restrict active tracking as well as analysis of network traffic without explicit permission. In the network and IT infrastructure, NF is used in a proactive fashion to dig out flaws; however, the scope includes shoring up defenses by the officers of information security and IT administrators against future cyber-attacks.

The digital transformation of production, manufacturing, and several other related industries that value process creation have led to the fourth industrial revolution [9], is a new phase in the organization and control of chain value interchangeably [7]. Industry 4.0 is concerned with those areas that are not usually classified such as smart cities where industry applications cannot perform their own rights [8]. In the first industrial revolution, the advent of mechanization, water, and steam power made a huge and positive impact on the traditional industry. In short, the first revolution boosted industrial production; the second industrial revolution revolved around using electricity, mass production, and assembly lines. Industry 3.0 was the revolution of electronics, IT systems, and automation at the industrial level that led to Industry 4.0, which is [10] associated with the cyber-physical system.

The Industry 4.0 briefly elaborates the automation growth trend and data exchange in industrial technology as well as processes within the manufacturing industry, such as Artificial Intelligence (AI), Cloud Computing (CC), the Internet of Things (IoT), the Industrial Internet of Things (IIoT), Cyber-Physical Systems (CPS), Cognitive Computing, Smart Manufacture (SM), and Smart Factories (SF). The mentioned automation creates individual manufacturing systems; the machines in industries are augmented with multiple sensors and network connectivity to monitor an entire process of the production and make decisions autonomously [12]. However, augmentation of machines and wireless connectivity can highly advance industrial and manufacturing systems, create robust response times, and allow for a near real-time machine-to-machine communication. Nevertheless, the revolution relates to the digital twin technologies; these technologies make real-world virtual versions of installations, processes, and real-time applications that can enhance testing to make cost-effective decentralized decisions.

The virtual copies allowing the cyber-physical machine to communicate with each other also create a real-time data exchange for human staff and automation interconnectivity between transparent information, processes, and technical assistance for industry 4.0 manufacturing [11]. Industry 4.0 demonstrates the business models, for example, offline programming for arc welding, take adoptive controls, and the overall processes of product design architecture and automotive industry 4.0 businesses implementation as well as a variety of smart factories all around the world.

A new concept evolved in Industry 4.0: machine-to-machine (M2M) communication, which is becoming an increasingly important technology in the entire domain. M2M refers to the concept where two devices exchange information with each other, such as sending and receiving data. The communication that occurs between devices is autonomous; no human intervention is required for the overall process of exchanging information. The wireless connectivity [13] between interrelated devices automatically exchanges and analyzes data in the cloud. The Internet of Things (IoT) enabled integrating several M2M systems and cloud computing that process all data by using the cloud web platform.

This chapter highlights the distinct types of connectivity used between machines for communication. The most used connectivity [16] is: (i) Radiofrequency identification (RFID), which has a maximum range up to 10 meters that indicate the limitation of this type of connectivity; (ii) Bluetooth and Wireless-Fidelity (Wi-Fi), the most useable and reliable wireless connectivity for communication, with the range limitation from 10-20 meters in the case of Bluetooth and approximately 50 meters in the case of Wi-Fi; and (iii) low-frequency connectivity [15], which has a range of up to 1000 kilometers, such as GSM network and satellite.

In general, the applications and the area of M2M connectivity that can be applied and used widely most probably apply to all domains. Likewise, it is successfully utilized in the artificial intelligence industry [14], allowing devices to communicate with each other and make autonomous decisions. Some established and used crucial industrial M2M applications that enhance the productions in the manufacturing industry are: (i) intelligent stock control, (ii) data collection for processing, (iii) just-in-time implementation, (iv) automated maintenance, and many more.

The National Institute of Standard and Technology (NIST) defines cloud computing as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources” [17]. Cloud computing is considered as a new business model throughout the world, computing as a utility [18]; there are five essential characteristics of the cloud: (i) on-demand self-service, (ii) resource pooling, (iii) rapid expansion, (iv) broad network access, and (v) measured service. Furthermore, cloud computing has three service models [19] for cloud users, such as software, platform, and infrastructure. In the same manner, Forensics-as-a-Service is the emerging technology in the area of cloud computing that facilitates investigators to perform digital crime investigation tasks utilizing the services of the cloud. Cloud categorizes four distinct deployment models, public, private, commercial, and hybrid models, a proper way to deliver cloud services to cloud users. In cloud computing, this is intended to serve as a way of making broad comparisons of cloud deployment strategies, services models, and describing the actual baseline [20], for using cloud computing in the best manner.