With advances in computer and networking technologies, along with the increasing dependency on interconnected cyber-physical components, the threat of cyber-physical attacks against manufacturing is on the rise. As opposed to traditional cyber-attacks, cyber-physical attacks go beyond intellectual property theft and can affect the physical world. In manufacturing, such attacks can result in changed product designs, manipulated manufacturing equipment, and altered final products. For over a century, manufacturing systems have relied heavily on Quality Control (QC) systems to ensure stable processes and product integrity. However, previous research has suggested that current QC tools could be exploited by an adversary, making it difficult or even impossible to detect attacks. Unfortunately, there has been little to no effort to identify/understand opportunities where QC tools could be exploited, which is an essential step toward developing new cyber-security solutions for manufacturing. In response, this paper establishes a systematic approach to effectively categorize QC tool vulnerabilities. Furthermore, to highlight the importance of this research to the manufacturing community, the negative effects of exploiting QC tools by cyber-physical attacks are demonstrated in this paper. Finally, best practices and guidelines for better cyber-physical security in manufacturing are also presented.

随着计算机和网络技术的进步，以及对互连的网络物理组件的依赖性日益增加，网络物理攻击对制造业的威胁正在上升。与传统的网络攻击相反，网络物理攻击不仅可以盗窃知识产权，还可以影响物理世界。在制造过程中，此类攻击可能导致产品设计变更，制造设备被操纵以及最终产品变更。一个多世纪以来，制造系统一直严重依赖质量控制（QC）系统来确保稳定的过程和产品完整性。但是，先前的研究表明，攻击者可以利用当前的QC工具，从而很难甚至无法检测攻击。不幸，几乎没有努力去发现/理解可以利用QC工具的机会，这是开发用于制造的新网络安全解决方案的必不可少的步骤。作为回应，本文建立了一种有效地对QC工具漏洞进行分类的系统方法。此外，为强调这项研究对制造业的重要性，本文展示了通过网络物理攻击利用QC工具的负面影响。最后，还介绍了在制造业中提高网络物理安全性的最佳实践和指南。此外，为强调这项研究对制造业的重要性，本文展示了通过网络物理攻击利用QC工具的负面影响。最后，还介绍了在制造业中提高网络物理安全性的最佳实践和指南。此外，为强调这项研究对制造业的重要性，本文展示了通过网络物理攻击利用QC工具的负面影响。最后，还介绍了在制造业中提高网络物理安全性的最佳实践和指南。