Towards Resilient PLM Architectures: Cyber Threats,Security Mechanisms, and Industrial Implications
##plugins.themes.bootstrap3.article.main##
Abstract
Implementation of Product Life cycle Management (PLM) systems in firms
from aerospace, automotive, and manufacturing industries helps in efficiently managing design, production, as well as the maintenance information of the company. PLMs help in managing the information at different levels and stages of the company. However, Exploitation of cloud computing, Internet of Things (IoT), and advanced supply chains poses these industries to multiple cyber threats. This document highlights the PLM applications life cycle from design and development to production, maintenance, and eventual decommissioning, highlighting the impact
of significant cyber attacks at each stage. We focus on real-world vulnerabilities and attack vectors, like CVE-2021-37161 and Team center’s CAD file tampering, SQL in PTC Windchill, supply chain insider threats, and cloud misconfigurations. Analyzing breaches and defense frameworks reveals the application of ZTA (Zero Trust Architecture), AI-driven anomaly detection, and blockchain with integrity verification as viable countermeasure frameworks. We highlight the pressing importance of embedding security-by-design methodologies in PLM ecosystems
while addressing the risks of AI-augmented cyber assaults and quantum computing. This research provides groundwork to aid industries and academicians in strengthening cyber defenses for PLM systems in the scope of a converging industry 4.0.
References
1. Cárdenas, A.A., Amin, S. & Sastry, S. (2021). Research challenges for the security of control systems, In: Proc. 3rd Conf. Hot Topics in Security (HotSec).
2. Chauhan, N. Kumar, R. & Saini, R. (2021). Cyber forensics in Industry 4.0: Challenges and trends. J. Inf. Secur. Appl. 62, 103029.
3. Conti, M. et.al. (2018). Internet of Things security and forensics: Challenges and opportunities, Future Gener. Comput. Syst., 78, 544–
546.
4. D’Elia, A. & Bellini, P. (2020). A blockchain-based approach to securing product lifecycle data, IEEE Access, 8, 145378–145393.
5. Ghosh, S. & Simanta, S. (2021). Security implications in product lifecycle management systems: A review, International Journal of Computer Applications, 165(2), 21–26.
6. Guo, C. & Zhang, X. (2020). Access control and secure sharing of PLM data based on blockchain, In: Proc. IEEE Int. Conf. Ind. Informatics, pp. 165–170.
7. Jain, A. & Singh, A. (2021). Network forensics: Analysis of techniques, tools, and challenges, ACM Comput. Surv., 54(3), 1–34.
8. Jang-Jaccard, J. & Nepal, S. (2014). A survey of emerging threats in cybersecurity, J. Comput. Syst. Sci., 80(5), 973–993.
9. Huang, H. et al. (2019). Digital twin-driven smart manufacturing: Framework and challenges, IEEE Trans. Ind. Informat. 15(4), 2340–
2352.
10. ISO/IEC 27001:2013, (2023). Information security management systems – Requirements, International Organization for Standardization, Geneva, Switzerland.
11. IEC 62443, (2018). Industrial communication networks – Network and system security, International Electrotechnical Commission.
12. Kaur, P. & Kaur, D. (2020). Cyber security concerns in smart PLM systems. Int. J. Sci. Eng. Res., 11(6): 183–189.
13. Kishorre Annanth V, M. et.al. (2019). Intelligent manufacturing in the context of industry 4.0: A case study of siemens industry.
14. Lone, A.M. & Mir, A. (2020). Forensic analysis of cybersecurity attacks in industrial networks: A review. IEEE Access. 8, 161569–161589.
15. McKendry, D.A., Whitfield, R.I. & Duffy, A.H.B. (2021). Product lifecycle management implementation for high value engineering to
order programmes: An informational perspective. Elsevier Inc.
16. Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Available: https://bitcoin.org/bitcoin.pdf
17. National Institute of Standards and Technology, (2018). Framework for improving critical infrastructure cybersecurity. NIST, Gaithersburg, MD, USA, Version 1.1.
18. Neef, K. D., Böhme, M. & von Wangenheim, G. (2018). Cybersecurity in the context of product lifecycle management: Challenges and opportunities, In: Proc. Int. Conf. Cybersecurity (CYBER), 2018, pp. 34–40.
19. Reyna, M. et.al. (2018). On blockchain and its integration with IoT:
Challenges and opportunities. Future Gener. Comput. Syst., 88, 173–
190.
20. Shafiq, M. O. & Chimka, J. (2022). Cybersecurity and risk assessment in the PLM ecosystem, Procedia Computer Science, 200, 1204 1211.
21. Tao, F. Qi, Q., Liu, A. & Kusiak, (2018). A. Data-driven smart manufacturing. J. Manuf. Syst. 48, 157–169.
22. Waqas, M. et al. (2020). Industrial cybersecurity: Threats and attacks, IEEE Access, 8, 108774–108785.
23. Xu, L. Chen, Z. & Wang, Z. The application of blockchain in industrial manufacturing: A review, IEEE Access. 9, 17993–18000.
24. Xu, L. He, W. & Li, S. (2014). Internet of Things in industries: A survey, IEEE Trans. Ind. Informat. 10(4), 2233–2243.
25. Yang, C., Liu, Z. & Qin, Y. (2021). Cybersecurity for industry 4.0: Analysis for design and manufacturing. Boca Raton, FL, USA: CRC Press.
26. Yang, J. & Wang, W. (2021). Forensic readiness of Industry 4.0 manufacturing systems. In: Proc. IEEE Conf. Ind. Cybersecurity, pp. 209–214.
27. Zhang, Y. et.al. (2018). Cybersecurity threats and countermeasures in the Industry 4.0 era: A survey, Comput. Ind., 101, 1–15.
28. Zheng, Z, et.al. (2017). An overview of blockchain technology: Architecture, consensus, and future trends, In: Proc. IEEE Int. Congress Big Data, pp. 557–564.
License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.