New Threats for Old Manufacturing Problems: Secure IoT-Enabled Monitoring of Legacy Production Machinery

  • Stefano Tedeschi
  • Christos Emmanouilidis
  • Michael Farnsworth
  • Jörn Mehnen
  • Rajkumar Roy
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 513)


The digitization of manufacturing through the introduction of Industrie 4.0 technologies creates additional business opportunities and technical challenges. The integration of such technologies on legacy production machinery can upgrade them to become part of the digital and smart manufacturing environment. A typical example is that of industrial monitoring and maintenance, which can benefit from internet of things (IoT) solutions. This paper presents the development of an-IoT-enabled monitoring solution for machine tools as part of a remote maintenance approach. While the technical challenges pertaining to the development and integration of such solutions in a manufacturing environment have been the subject of relevant research in the literature, the corresponding new security challenges arising from the introduction of such technologies have not received equal attention. Failure to adequately handle such issues is a key barrier to the adoption of such solutions by industry. This paper aims to assess and classify the security aspects of integrating IoT technology with monitoring systems in manufacturing environments and propose a systematic view of relevant vulnerabilities and threats by taking an IoT architecture point of view. Our analysis has led to proposing a novel modular approach for secure IoT-enabled monitoring for legacy production machinery. The introduced approach is implemented on a case study of machine tool monitoring, highlighting key findings and issues for further research.


Production machinery monitoring Internet of things Security 



This work is being undertaken with the EPSRC, grant number EP/I033246/1 and in collaboration with the group Kennametal and has been conducted in the Through-life Engineering Services Centre at Cranfield. Many thanks to the DMG Mori which made the CNC turn-mill Centre NTX 1000/W available for this research.


  1. 1.
    Deshpande, A., Pieper, R.: Legacy machine monitoring using power signal analysis. In: Proceedings of the ASME 2011 International Manufacturing Science and Engineering Conference (MSEC), Corvallis, Oregon, USA, 13–17 June 2011Google Scholar
  2. 2.
    Miorandi, D., Sicari, S., De Pellegrini, F., Chlamtac, I.: Survey internet of things: vision, applications and research challanges. Ad Hoc Netw. 10(7) (2012)Google Scholar
  3. 3.
    Vermesan, O., Friess, P.: Internet of Things - From Research and Innovation to Market Deployment. River Publishers (2014)Google Scholar
  4. 4.
    Eric Byres, P., Lowe J.: The myths and facts behind cyber security risks for industrial control systems. In: VDE Congress, VDE Association for Electrical, Electronic & Information Technologies, Berlin, October 2004Google Scholar
  5. 5.
    Chae, H., Shahzad, A., Irfan, M., et al.: Industrial control system vulnerability and security issues and future enhancements. Adv. Sci. Technol. Lett. [Internet] 95; 144–148.
  6. 6.
    Uchenna, P., Ani, D., He, H.(M.)., Tiwari, A.: Review of cybersecurity issues in industrial critical infrastructure: manufacturing in perspective. J. Cyber Secur. Technol. 1(1) (2017)Google Scholar
  7. 7.
    Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T.: Comprehensive experimental analyses of automotive attack surfaces. In: USENIX Conference on Security. USENIX Association (2011)Google Scholar
  8. 8.
    Costin, A., Zaddach, J., Francillon, A., Balzarotti, D.: A large-scale analysis of the security of embedded firmwares. In: USENIX Conference on Security Symposium. USENIX Association (2014)Google Scholar
  9. 9.
    Cui, A., Stolfo, S.J.: A quantitative analysis of the insecurity of embedded network devices: Results of a wide-area scan. In: Annual Computer Security Applications Conference (ACSAC). ACM (2010)Google Scholar
  10. 10.
    Shahrjerdi, D., Rajendran, J., Garg, S., Koushanfar, K., Karri, R.: Shielding and securing integrated circuits with sensors. In: International Conference on Computer-Aided Design (ICCAD). IEEE (2014)Google Scholar
  11. 11.
    Rostami, M., Koushanfar, F., Karri, R.: A primer on hardware security: models, methods, and metrics. Proc. IEEE (2014)Google Scholar
  12. 12.
    Szekeres, L., Payer, M., Wei, T., Song, D.: Eternal war in memory. In: 2013 IEEE Symposium on Security and Privacy (SP) (2013)Google Scholar
  13. 13.
  14. 14.
    Koushanfar, F., Sadeghi, A.R., Seudie, H.: Eda for secure and dependable cybercars: Challenges and opportunities. In: Proceedings of the 49th Annual Design Automation Conference (ACM) (2012)Google Scholar
  15. 15.
    Hernandez, G., Arias, O., Buentello, D., Jin, Y.: Smart nest thermostat: a smart spy in your home. In: Black Hat USA (2014)Google Scholar
  16. 16.
    Wurm, J., Arias, O., Hoang, K., Sadeghi, A.R, Jin, Y.: Security analysis on consumer and industrial IoT devices. In: 21st Asia and South Pacific Design Automation Conference (ASP-DAC) (2016)Google Scholar
  17. 17.
    Skorobogatov, S.: Fault attacks on secure chips: from glitch to flash. In: Design and Security of Cryptographic Algorithms and Devices (ECRYPT II) (2011)Google Scholar
  18. 18.
    Lemos, R.: Sony left passwords, code-signing keys virtually unprotected. eWeek (2014).
  19. 19.
    Ray, S., Bhadra, J.: Security challenges in mobile and IoT systems. In: 29th IEEE International System on Chip Conference, SOCC 2016, Seattle, United States, 6 September 2016, pp. 256–361 (2016)Google Scholar
  20. 20.
    PR Newswire: Computer virus strikes CSX transportation computers (2003)Google Scholar
  21. 21.
    Kabay, M.: Attacks on power systems: hackers, malware (2010)Google Scholar
  22. 22.
    Miller, M., Rowe, D.: A survey SCADA of and critical infrastructure incidents. In: Proceedings of the 1st Annual Conference on Research in Information Technology, RIIT 2012, Calgary, Alberta, Canada, 11–13 October 2012Google Scholar
  23. 23.
    Vijayan, J.: Stuxnet renews power grid security concerns (2010)Google Scholar
  24. 24.
    Igure, V.M., Laughter, S.A., Williams, R.D.: Security issues in SCADA networks. Comput. Secur. 25(7), 498–506 (2006)CrossRefGoogle Scholar
  25. 25.
    Tedeschi, S., Mehnen, J., Roy, R.: IoT security hardware framework for remote maintenance of machine tools. In: Second International Conference on Internet of Things, Data and Cloud Computing (ICC 2017), Cambridge, Churchill College, UK, 22–23 March 2017. (in press)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2017

Authors and Affiliations

  • Stefano Tedeschi
    • 1
  • Christos Emmanouilidis
    • 1
  • Michael Farnsworth
    • 1
  • Jörn Mehnen
    • 2
  • Rajkumar Roy
    • 1
  1. 1.Manufacturing DepartmentCranfield UniversityCranfieldUK
  2. 2.Design, Manufacture and Engineering Management DepartmentUniversity of StrathclydeGlasgowUK

Personalised recommendations