Abstract
In manufacturing, concepts like the Internet of Things or Cyber-physical Systems accelerate the development from traditional production facilities towards smart factories. Thereby, emerging digital technologies increasingly connect information networks with production processes, forming complex smart factory networks (SFNs). Due to their reliance on information flows and the high degree of cross-linking, SFNs are, in particular, vulnerable to IT availability risks caused by attacks and errors. Against this backdrop, we present a modelling approach for analyzing the effects of IT threats on production processes. Based on Petri Nets, we provide modular SFN components for modelling SFN architectures and for simulating stochastic attack and error propagation. With this, we support the analysis and comparison of different SFN architectures regarding spreading effects, availability of information and production components, and associated effects on productivity. Our approach enables and serves as a foundation for decision support on SFN layouts from a risk perspective and the derivation of IT security mitigation measures in both research and practice. We evaluate our artefact by implementing and applying a software prototype in artificial and real-life settings.
This is a preview of subscription content, access via your institution.
Data Availability
The datasets generated and analysed during the current study are available from the corresponding author on reasonable request.
Code Availability
The software prototype used during the current study is available in a public repository (https://www.dropbox.com/sh/sb1hjh5l1uczm6d/AAA1jECKT069lAxlvatYQI3ca?dl=0; GitHub upon acceptance).
Notes
https://www.dropbox.com/sh/sb1hjh5l1uczm6d/AAA1jECKT069lAxlvatYQI3ca?dl=0 [GitHub upon acceptance]
References
van der Aalst, W.M.P. (1993): Interval timed coloured petri nets and their analysis. In: 1993 Intl Conf on Application and Theory of Petri Nets, S. 453–472.
van der Aalst, W. M. P. (2006). Matching observed behavior and modeled behavior: An approach based on Petri nets and integer programming. Decision Support Systems, 42(3), 1843–1859. https://doi.org/10.1016/j.dss.2006.03.013
Acatech (2013). Recommendations for implementing the strategic initiative INDUSTRIE 4.0. Final report of the Industrie 4.0 Working Group. Accessible under: https://www.acatech.de/publikation/umsetzungsempfehlungen-fuer-das-zukunftsprojekt-industrie-4-0-abschlussbericht-des-arbeitskreises-industrie-4-0/. Accessed 28 Jan 2022.
Albert, R., Jeong, H., & Barabasi, A.-L. (2000). Error and attack tolerance of complex networks. Nature, 406(6794), 378–382. https://doi.org/10.1038/35019019
Amin, S., Schwartz, G. A., & Hussain, A. (2013). In quest of benchmarking security risks to cyber-physical systems. IEEE Network, 27(1), 19–24. https://doi.org/10.1109/MNET.2013.6423187
Amiri, Amin., Cavusoglu, Hasan., Benbasat, Izak. (2014). When is IT Unavailability a Strategic Risk?: A Study in the Context of Cloud Computing. In: ICIS.
Arns, M., Fischer, M., Kemper, P., & Tepper, C. (2002). Supply chain modelling and its analytical evaluation. Journal of the Operational Research Society, 53(8), 885–894. https://doi.org/10.1057/palgrave.jors.2601381
Arshad, N., Heimbigner, D., & Wolf, A. L. (2005). Dealing with failures during failure recovery of distributed systems. ACM SIGSOFT Notes, 30(4), 1. https://doi.org/10.1145/1082983.1083067
Ash, J., & Newth, D. (2007). Optimizing complex networks for resilience against cascading failure. Physica A: Statistical Mechanics and its Applications, 380, 673–683. https://doi.org/10.1016/j.physa.2006.12.058
Ashelm, M., Jansen, J., Smolka, K.M. (2018). Cyberkriminelle erpressen Krauss Maffei. Frankfurter Allgemeine Zeitung. Frankfurt a. M. Accessible under: https://www.faz.net/aktuell/wirtschaft/diginomics/cyberkriminelle-erpressen-krauss-maffei-f-a-z-exklusiv-15928434.html. Accessed 28 Jan 2022.
Atamli, A. W., Martin, A., (2014) Threat-Based Security Analysis for the Internet of Things. In: 2014 Intl Workshop on Secure IoT, S. 35–43.
Barber, K. D., Dewhurst, F. W., Burns, R. L. D. H., & Rogers, J. B. B. (2003). Business-process modelling and simulation for manufacturing management. Business Process Management Journal, 9(4), 527–542. https://doi.org/10.1108/14637150310484544
Beese, J., Haki, M. K., Aier, S., & Winter, R. (2019). Simulation-based research in information systems. Business and Information Systems Engineering, 61(4), 503–521. https://doi.org/10.1007/s12599-018-0529-1
Berger, S., Häckel, B., & Häfner, L. (2021). Organizing self-organizing systems: A terminology, taxonomy, and reference model for entities in cyber-physical production systems. Information Systems Frontiers, 23(2), 391–414. https://doi.org/10.1007/s10796-019-09952-8
Billington, J. (1988). Extending coloured petri nets (University of Cambridge, computer laboratory, UCAM-CL-TR-148). Accessible under: https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-148.pdf. Accessed 28 Jan 2022.
Boucher, T. O., Jafari, M. A., & Meredith, G. A. (1989). Petri net control of an automated manufacturing cell. Computers & Industrial Engineering, 17(1–4), 459–463. https://doi.org/10.1016/0360-8352(89)90105-8
Brettel, M., Friederichsen, N., Keller, M., & Rosenberg, M. (2014). How virtualization, decentralization and network building change the manufacturing landscape: An industry 4.0 perspective. Intl Journal of Information & Communication Engineering, 8(1), 1–8. https://doi.org/10.5281/zenodo.1336426
Broy, M.; Cengarle, M. V.; Geisberger, E. (2012): Cyber-Physical Systems: Imminent Challenges. In: Radu Calinescu and David Garlan (Hg.): Large-scale complex IT systems. Development, operation and management, Bd. 7539. Springer, S. 1–28.
van Brussel, H., Peng, Y., & Valckenaers, P. (1993). Modelling flexible manufacturing systems based on Petri nets. CIRP Annals, 42(1), 479–484. https://doi.org/10.1016/S0007-8506(07)62490-1
Buldyrev, S. V., Parshani, R., Paul, G., Stanley, H. E., & Havlin, S. (2010). Catastrophic cascade of failures in interdependent networks. Nature, 464(7291), 1025–1028. https://doi.org/10.1038/nature08932
Cardenas, A. A.; Amin, S.; Sastry, S. (2008): Secure Control: Towards Survivable Cyber-Physical Systems. In: 2008 Intl Conference on Distributed Computing Systems, S. 495–500.
Cardenas, A. A.; Amin, S..; Sinopoli, B..; Giani, A.; Perrig, A.; Sastry, S. (2009): Challenges for Securing Cyber Physical Systems. In: Workshop on Future Directions in Cyber-Physical Systems Securiy, S. 1–4.
Christensen, S., & Hansen, N. D. (1993). Coloured Petri nets extended with place capacities, test arcs and inhibitor arcs. In M. A. Marsan (Ed.), Application and theory of Petri. Springer.
Culot, G., Nassimbeni, G., Orzes, G., & Sartor, M. (2020). Behind the definition of industry 4.0: Analysis and open questions. International Journal of Production Economics, 226, 107617. https://doi.org/10.1016/j.ijpe.2020.107617
Danziger, M., Shekhtman, L., Bashan, A., Berezin, Y., & Havlin, S. (2016). Vulnerability of interdependent networks and networks of networks. In Garas (Ed.), Interconnected networks (pp. 79–99). Springer.
Dempsey, K.; Chawla, N. S.; Johnson, A.; Johnston, R.; Jones, A. C.; Orebaugh, A. et al. (2011): Information Security Continuous Monitoring for Federal information Systems and Organizations. National Institute of Standards and Technology. U.S. Department of Commerce.
Desel, J., Esparza, J. (1995). Free choice Petri nets. In: Cambridge tracts in theoretical computer science.
van Do, L., Fillatre, L., Nikiforov, I., & Willett, P. (2017). Security of SCADA systems against cyber–physical attacks. IEEE Aerospace and Electronic Systems Magazine, 32(5), 28–45. https://doi.org/10.1109/MAES.2017.160047
Dotoli, M.; Fanti, M. P. (2005) A Generalized Stochastic Petri Net Model for Management of Distributed Manufacturing Systems. In: 2005 44th IEEE Conf on Decision & Control, S. 2125–2130.
D'Souza, K. A., & Khator, S. K. (1994). A survey of Petri net applications in modeling controls for automated manufacturing systems. Computers in Industry, 24(1), 5–16. https://doi.org/10.1016/0166-3615(94)90004-3
Dufourd, C., Finkel, A., & Schnoebelen, P. (1998). Reset nets between decidability and undecidability. In K. G. Larsen, S. Skyum, & G. Winskel (Eds.), Automata, languages and programming (pp. 103–115). Springer.
Dzung, D., Naedele, M., von Hoff, T. P., & Crevatin, M. (2005). Security for industrial communication systems. Proceedings of the IEEE, 93(6), 1152–1177. https://doi.org/10.1109/JPROC.2005.849714
Erdős, P., & Rényi, A. (1960). On the evolution of random graphs. Publication of the Mathematical Institute of the Hungarian Academy of Sciences, 5(1), 17–60.
Fridgen, G., Stepanek, C., & Wolf, T. (2015). Investigation of exogenous shocks in complex supply networks – A modular Petri net approach. Intl Journal of Production Research, 53(5), 1387–1408. https://doi.org/10.1080/00207543.2014.942009
Frustaci, M., Pace, P., Aloi, G., & Fortino, G. (2018). Evaluating critical security issues of the IoT world: Present and future challenges. IEEE Internet of Things Journal, 5(4), 2483–2495. https://doi.org/10.1109/JIOT.2017.2767291
Galloway, B., & Hancke, G. P. (2013). Introduction to industrial control networks. IEEE Communication Surveys and Tutorials, 15(2), 860–880. https://doi.org/10.1109/SURV.2012.071812.00124
Gao, J., Buldyrev, S. V., Stanley, H. E., & Havlin, S. (2012). Networks formed from interdependent networks. Nature Physics, 8(1), 40–48. https://doi.org/10.1038/NPHYS2180
Genge, B., Kiss, I., & Haller, P. (2015). A system dynamics approach for assessing the impact of cyber attacks on critical infrastructures. Intl Journal of Critical Infrastructure Protection, 10, 3–17. https://doi.org/10.1016/j.ijcip.2015.04.001
Ha, S., & Suh, H.-W. (2008). A timed colored Petri nets modeling for dynamic workflow in product development process. Computers in Industry, 59(2–3), 193–209. https://doi.org/10.1016/j.compind.2007.06.016
Häckel, B., Hänsch, F., Hertel, M., & Übelhör, J. (2018). Assessing IT availability risks in smart factory networks. Business Research. https://doi.org/10.1007/s40685-018-0071-5
Häckel, B.; Übelhör, J. (2017): Development of Dynamic Key Figures for the Identification of Critical Components in Smart Factory Information Networks. In: ECIS 2017 25, S. 2767–2776.
Hallikas, J., Karvonen, I., Pulkkinen, U., Virolainen, V.-M., & Tuominen, M. (2004). Risk management processes in supplier networks. International Journal of Production Economics, 90(1), 47–58. https://doi.org/10.1016/j.ijpe.2004.02.007
Hermann, M.; Pentek, T.; Otto, B. (2016): Design Principles for Industrie 4.0 Scenarios. In: 49th Hawaii International Conference on System Sciences, S. 3928–3937.
Hevner, A. R. (2007). A three-cycle view of design science research. Scandinavian Journal of Information Systems, 19(2), 87–92.
Hevner, A. R., March, S. T., Park, J., & Ram, S. (2004). Design science in information systems research. MIS Quarterly, 28(1), 75–105. https://doi.org/10.2307/25148625
Iivari, J. (2007). A paradigmatic analysis of information systems as a design science. Scandinavian Journal of Information Systems, 19(2), 39–64.
Ivanov, D., Dolgui, A., Sokolov, B., Werner, F., & Ivanova, M. (2016). A dynamic model and an algorithm for short-term supply chain scheduling in the smart factory industry 4.0. International Journal of Production Research, 54(2), 386–402. https://doi.org/10.1080/00207543.2014.999958
Janicki, R., & Koutny, M. (1995). Semantics of inhibitor nets. Information and Computation, 123, 1–16. https://doi.org/10.1006/inco.1995.1153
Jensen, K. (1987). Coloured Petri nets. In G. Rozenberg (Ed.), Advances in Petri nets (254th ed., pp. 248–299). Springer (Lecture Notes in Computer Science).
Jensen, K. (1991): Coloured Petri Nets: A High Level Language for System Design and Analysis. In: Jensen (Hg.): High-level Petri nets, S. 44–119.
Kämper, S. (1991). On the appropriateness of Petri nets in model building and simulation. Systems Analysis Modelling Simulation, 8(9), 689–714.
Kang, C. M., Hong, Y. S., Huh, W. T., & Kang, W. (2015). Risk propagation through a platform: The failure risk perspective on platform sharing. IEEE Transactions on Engineering Management, 62(3), 372–383. https://doi.org/10.1109/TEM.2015.2427844
Krueger, R. A., & Casey, M. A. (2014). Focus groups. A practical guide for applied research (5th ed.). SAGE.
Kupreev, O., Badovskaya, E., Gutnikov, A. (2019). DDoS Reports. DDoS Attacks in Q3 2019. Kaspersky Labs. Accessible under: https://securelist.com/ddos-report-q3-2019/94958/. Accessed 28 Jan 2022.
de La Mota, Flores, I., Guasch, A., Piera, A. M., & Mujica, M. M. (2017). Robust modelling and simulation. Springer International Publishing.
Lasi, H., Fettke, P., Kemper, H.-G., Feld, T., & Hoffmann, M. (2014). Industry 4.0. Business & Information Systems Engineering, 6(4), 239–242. https://doi.org/10.1007/s12599-014-0334-4
Lee, E. A., (2008) Cyber Physical Systems: Design Challenges. In: IEEE Intl Symposium on Object Oriented Real-Time Distributed Computing, 363–369.
Lee, J., Bagheri, B., & Kao, H.-A. (2015). A cyber-physical systems architecture for industry 4.0-based manufacturing systems. Manufacturing Letters, 3, 18–23. https://doi.org/10.1016/j.mfglet.2014.12.001
Li, L. (2018). China's manufacturing locus in 2025: With a comparison of “made-in-China 2025” and “industry 4.0”. Technological Forecasting and Social Change, 135, 66–74. https://doi.org/10.1016/j.techfore.2017.05.028
Long, F., Zeiler, P., & Bertsche, B. (2016). Modelling the production systems in industry 4.0 and their availability with high-level Petri nets. IFAC-PapersOnLine, 49(12), 145–150. https://doi.org/10.1016/j.ifacol.2016.07.565
Lucke, D., Constantinescu, C., & Westkämper, E. (2008). Smart factory - a step towards the next generation of manufacturing. In M. Mitsuishi (Ed.), Manufacturing systems and Technologies for the new Frontier (pp. 115–118). Springer.
March, S. T., & Smith, G. F. (1995). Design and natural science research on information technology. Decision Support Systems, 15(4), 251–266. https://doi.org/10.1016/0167-9236(94)00041-2
March, S. T., & Storey, V. C. (2008). Design science in the information systems discipline. An introduction to the special issue on design science research. MIS Quarterly, 32(4), 725–730.
Miehle, D.; Häckel, B.; Pfosser, S.; Übelhör, J. (2019): Modeling IT Availability Risks in Smart Factories: a Stochastic Petri Nets Approach. In: Business & Information Systems Engineering.
Monostori, L., Kádár, B., Bauernhansl, T., Kondoh, S., Kumara, S., Reinhart, G., et al. (2016). Cyber-physical systems in manufacturing. CIRP Annals, 65(2), 621–641. https://doi.org/10.1016/j.cirp.2016.06.005
Murata, T. (1989). Petri nets: Properties, analysis and applications. Proceedings of the IEEE, 77(4), 541–580. https://doi.org/10.1109/5.24143
Nawir, M.Amir, A.; Yaakob, N.; Lynn, O. B. (2016): Internet of Things (IoT): Taxonomy of security attacks. In: 2016 3rd Intl Conference on Electronic Design, S. 321–326.
Olenick, D. (2019). Spirit AeroSystems confirms ASCO Industries cyberattack. SC Magazine. London. Accessible under: https://www.scmagazine.com/home/security-news/ransomware/asco-industries-silent-on-ransomware-attack/. Accessed 28 Jan 2022.
Osterrieder, P., Budde, L., & Friedli, T. (2020). The smart factory as a key construct of industry 4.0: A systematic literature review. International Journal of Production Economics, 221, S. 107476. https://doi.org/10.1016/j.ijpe.2019.08.011
Pasqualetti, F., Dorfler, F., & Bullo, F. (2013). Attack detection and identification in cyber-physical systems. IEEE Transactions on Automatic Control, 58(11), 2715–2729. https://doi.org/10.1109/TAC.2013.2266831
Peffers, K., Tuunanen, T., Rothenberger, M. A., & Chatterjee, S. (2007). A design science research methodology for information systems research. Journal of Management Information Systems, 24(3), 45–77. https://doi.org/10.2753/MIS0742-1222240302
Peterson, J. L. (1977). Petri Nets. ACM Computing Surveys, 9(3), 223–252. https://doi.org/10.1145/356698.356702
Petri, C. A. (1966). Communication with automata. Diploma thesis. Technical University of Darmstadt.
Pries-Heje, J.; Baskerville, R.; Venable, J. R. (2008): Strategies for Design Science Research Evaluation. In: European Conf on Information Systems, S. 255–266.
Radziwon, A., Bilberg, A., Bogers, M., & Madsen, E. S. (2014). The smart factory: Exploring adaptive and flexible manufacturing solutions. Procedia Engineering, 69, 1184–1190. https://doi.org/10.1016/j.proeng.2014.03.108
Ramchandani, C. (1973): Analysis of Asynchronos Concurrent Systems by Timed Petri Nets. Diss. Massachusetts Institute of Technology.
Razzaq, M., & Ahmad, J. (2015). Petri net and probabilistic model checking based approach for the modelling, simulation and verification of internet worm propagation. PLoS One, 10(12). https://doi.org/10.1371/journal.pone.0145690
Reisig, W. (2013). Understanding Petri Nets. Springer.
Rowley, J. (2012). Conducting research interviews. Management Research Review, 35(3/4), 260–271. https://doi.org/10.1108/01409171211210154
Ryan, J., & Heavey, C. (2006). Process modeling for simulation. Computers in Industry, 57(5), 437–450. https://doi.org/10.1016/j.compind.2006.02.002
Sadeghi, A-R.; Wachsmann, C.; Waidner, M. (2015): Security and privacy challenges in industrial internet of things. In: 52nd ACM/EDAC/IEEE Design Automation Conference, S. 1–6.
Salfner, F.; Wolter, K. (2009): A Petri net model for service availability in redundant computing systems. In: Manuel D. Rossetti (Hg.): Proceedings of the 2009 Winter Simulation Conference. 2009 Winter Simulation Conference. Austin. IEEE, S. 819–826.
Sargent, R. G. (2013). Verification and validation of simulation models. Journal of Simulation, 7(1), 12–24. https://doi.org/10.1057/jos.2012.20
Schuh, G., Potente, T., Varandani, R., Hausberg, C., & Fränken, B. (2014). Collaboration moves productivity to the next level. Procedia CIRP, 17, 3–8. https://doi.org/10.1016/j.procir.2014.02.037
Selic, B., & Gérard, S. (2013). Modeling and analysis of real-time and embedded systems with UML and MARTE. Developing cyber-physical systems. Elsevier Science (The MK / OMG Press).
Shameli-Sendi, A., Aghababaei-Barzegar, R., & Cheriet, M. (2016). Taxonomy of information security risk assessment (ISRA). Computers & Security, 57, 14–30. https://doi.org/10.1016/j.cose.2015.11.001
Smith, G. E., Watson, K. J., Baker, W. H., & Pokorski II, J. A. (2007). A critical balance: Collaboration and security in the IT-enabled supply chain. Intl Journal of Production Research, 45(11), 2595–2613. https://doi.org/10.1080/00207540601020544
Sonnenberg, C.; Vom Brocke, J. (2012): Evaluations in the Science of the Artificial – Reconsidering the Build-Evaluate Pattern in Design Science Research. In: 7th DESRIST Conference, S. 381–397.
Sun, Y., Li, L., Shi, H., & Chong, D. (2020). The transformation and upgrade of China's manufacturing industry in industry 4.0 era. Systems Research and Behavioral Science, 37(4), 734–740. https://doi.org/10.1002/sres.2714
Szpyrka, M., & Jasiul, B. (2017). Evaluation of cyber security and modelling of risk propagation with Petri nets. Symmetry, 9(3), 1–32. https://doi.org/10.3390/sym9030032
Tsinarakis, G. J.; Valavanis, K. P.; Tsourveloudis, N. C.: (2003) Modular Petri net based modeling, analysis and synthesis of dedicated production systems. In: Intl Conference on Robotics S. 3559–3564.
Tupa, J., Simota, J., & Steiner, F. (2017). Aspects of risk management implementation for industry 4.0. Procedia Manufacturing, 11, 1223–1230. https://doi.org/10.1016/j.promfg.2017.07.248
Valk, Rüdiger (1981): Generalizations of Petri nets. In: Gruska, Chytil (Hg.) Mathematical foundations of computer science, Bd. 118, S. 140–155.
Vavra, Jan; Hromada, Martin (2015): An evaluation of cyber threats to industrial control systems. In: 2015 Intl Conference on Model Transformation, S. 1–5.
Venable, J., Pries-Heje, J., & Baskerville, R (2012). A comprehensive framework for evaluation in design science research. Design Science Research in Information Systems, 7286, 423–438.
Verbeek, H. M. W., Wynn, M. T., van der Aalst, W. M. P., & ter Hofstede, A. H. M. (2010). Reduction rules for reset/inhibitor nets. Journal of Computer and System Sciences, 76(2), 125–143. https://doi.org/10.1016/j.jcss.2009.06.003
Wagner, S. M., & Neshat, N. (2010). Assessing the vulnerability of supply chains using graph theory. International Journal of Production Economics, 126(1), 121–129. https://doi.org/10.1016/j.ijpe.2009.10.007
Wang, S., Wan, J., Li, D., & Zhang, C. (2016). Implementing smart factory of Industrie 4.0: An outlook. International Journal of Distributed Sensor Networks, 12(1), 3159805. https://doi.org/10.1155/2016/3159805
Wu, T., Blackhurst, J., & O’grady, P. (2007). Methodology for supply chain disruption analysis. International Journal of Production Research, 45(7), 1665–1682. https://doi.org/10.1080/00207540500362138
Xu, L. D., Xu, E. L., & Li, L. (2018). Industry 4.0: State of the art and future trends. International Journal of Production Research, 56(8), 2941–2962. https://doi.org/10.1080/00207543.2018.1444806
Yadav, S. B., & Dong, T. (2014). A comprehensive method to assess work system security risk. Communications of the Association for Information Systems, 34, 8. https://doi.org/10.17705/1CAIS.03408
Yoon, J.-S., Shin, S.-J., & Suh, S.-H. (2012). A conceptual framework for the ubiquitous factory. International Journal of Production Research, 50(8), 2174–2189. https://doi.org/10.1080/00207543.2011.562563
Zambon, E., Etalle, S., Wieringa, R. J., & Hartel, P. (2011). Model-based qualitative risk assessment for availability of IT infrastructures. Software and Systems Modeling, 10(4), 553–580. https://doi.org/10.1007/s10270-010-0166-8
van der Zee, Durk-Jouke (2009): Building Insightful Simulation Models Using Formal Approaches. A Case Study On Petri Nets. In: Manuel D. Rossetti (eds.): Proceedings of the 2009 Winter Simulation Conference. 2009 Winter Simulation Conference. Austin. IEEE, S. 886–898.
van der Zee, D.-J. (2011). Building insightful simulation models using Petri nets — A structured approach. Decision Support Systems, 51(1), 53–64. https://doi.org/10.1016/j.dss.2010.11.028
Zhang, C., Wang, S., Wan, J., Zhang, D., Li, D., & Zhang, C. (2016). Towards smart factory for industry 4.0: A self-organized multi-agent system with big data based feedback and coordination. Computer Networks, 101, 158–168. https://doi.org/10.1016/j.comnet.2015.12.017
Zhou, M., & Venkatesh, K. (2000). Modeling, simulation and control of flexible manufacturing systems. In A petri net approach (p. 6). World Scientific (Series in intelligent control and intelligent automation).
Zuehlke, D. (2010). SmartFactory—Towards a factory-of-things. Annual Reviews in Control, 34(1), 129–138. https://doi.org/10.1016/j.arcontrol.2010.02.008
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Competing Interests
The authors have no relevant financial or non-financial interests to disclose.
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendices
Appendix
Appendix B – Description of Artefact Instantiation as Software Prototype
We implemented an instantiation of our artefact as a software prototype in order to provide a proof of concept and evaluate its real-world fidelity and applicability by applying it in artificial and naturalistic settings. The software allows us to create different scenarios defining SFNs and simulate stochastic events and their impact on the availability of components. It was built using standard software development concepts and implemented using the numerical computing environment and programming language MATLAB, which is often chosen in scientific research due to its expressiveness and flexibility. We did not use traditional PN modelling software because there is no tool available that covers all used PN extensions and allows us to add additional functionality such as import and export of scenarios and static stochastic (Monte Carlo) simulation. Additionally, MATLAB offers high flexibility and reusability of components. Therefore, PNs are instantiated and manipulated in matrix notation, and the prototype uses built-in MATLAB functionality to simulate stochastic events. All modules of the implementation have been extensively tested to allow for robust, reproducible results. The simulation code can be accessed.Footnote 1
Rights and permissions
About this article
Cite this article
Berger, S., van Dun, C. & Häckel, B. IT Availability Risks in Smart Factory Networks – Analyzing the Effects of IT Threats on Production Processes Using Petri Nets. Inf Syst Front (2022). https://doi.org/10.1007/s10796-022-10243-y
Accepted:
Published:
DOI: https://doi.org/10.1007/s10796-022-10243-y
Keywords
- Smart factory network
- Information network
- Production network
- IT availability risks
- Attack propagation
- Petri nets