Taxonomy for Cybersecurity Threat Attributes and Countermeasures in Smart Manufacturing Systems

Computer Science > Cryptography and Security [Submitted on 30 Dec 2023 (v1), last revised 1 Apr 2026 (this version, v2)] Taxonomy for Cybersecurity Threat Attributes and Countermeasures in Smart Manufacturing Systems Md Habibor Rahman (1), Rocco Cassandro (2), Thorsten Wuest (3), Mohammed Shafae (4) ((1) University of Massachusetts Dartmouth, (2) Western New England University, (3) University of South Carolina, (4) The University of Arizona) An attack taxonomy offers a consistent and structured classification scheme to systematically understand, identify, and classify cybersecurity threat attributes. However, existing taxonomies only focus on a narrow range of attacks and limited threat attributes, lacking a comprehensive characterization of manufacturing cybersecurity threats. There is little to no focus on characterizing threat actors and their intent, specific system and machine behavioral deviations introduced by cyberattacks, system-level and operational implications of attacks, and potential countermeasures against those attacks. To close this pressing research gap, this work proposes a comprehensive attack taxonomy for a holistic understanding and characterization of cybersecurity threats in manufacturing systems. Specifically, it introduces taxonomical classifications for threat actors and their intent and potential alterations in system behavior due to threat events. The proposed taxonomy categorizes attack methods/vectors and targets/locations and incorporates operational and system-level attack impacts. This paper also presents a classification structure for countermeasures, provides examples of potential countermeasures, and explains how they fit into the proposed taxonomical classification. Finally, the implementation of the proposed taxonomy is illustrated using two realistic scenarios of attacks on typical smart manufacturing systems, as well as several real-world cyber-physical attack incidents and academic case studies. The developed manufacturing attack taxonomy offers a holistic view of the attack chain in manufacturing systems, starting from the attack launch to the possible damages and system behavior changes within the system. Furthermore, it guides the design and development of appropriate protective and detective countermeasures by leveraging the attack realization through observed system deviations. Comments: 32 pages, 11 figures. This article has been published in the Journal of Intelligent Manufacturing. Link to the published version: this https URL Subjects: Cryptography and Security (cs.CR) Cite as: arXiv:2401.01374 [cs.CR]   (or arXiv:2401.01374v2 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2401.01374 Focus to learn more Journal reference: Journal of Intelligent Manufacturing, 1-27 (2025) Related DOI: https://doi.org/10.1007/s10845-025-02719-w Focus to learn more Submission history From: Mohammed Shafae [view email] [v1] Sat, 30 Dec 2023 02:11:02 UTC (1,952 KB) [v2] Wed, 1 Apr 2026 23:27:44 UTC (2,694 KB) Access Paper: view license Current browse context: cs.CR < prev   |   next > new | recent | 2024-01 Change to browse by: cs References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)