Industrial control systems (ICS) are considered cyber‐physical systems that join both cyber and physical worlds. Due to their tight interaction, where humans and robots co‐work and co‐inhabit in the same workspaces and production lines, cyber‐attacks targeting ICS can alter production processes and even bypass safety procedures. As an example, these cyber‐attacks could interrupt physical industrial processes and cause potential injuries to workers. In this article, we present SafeMan, a unified management framework based on the Edge Computing paradigm that provides high‐performance applications for the detection and mitigation of both cyber‐attacks and safety threats in industrial scenarios. Three use cases show specific threats in manufacturing as well as the SafeMan actions carried out to detect and mitigate them. In order to validate our proposal, a pool of experiments was performed with Electra, an industrial dataset with normal network traffic and different cyber‐attacks by using a given number of Modbus TCP and S7Comm devices. The experiments measured the runtime performance of anomaly detection techniques based on machine learning and deep learning to detect cyber‐attacks in control networks. The experimental results show that Neural Networks report the best performance, being able to examine 2¹⁷ feature vectors per second over Electra, and therefore demonstrating that it can be used as detection model for SafeMan in real scenarios.

中文翻译：

---

SafeMan：管理制造业网络安全性的统一框架

工业控制系统（ICS）被认为是结合了网络世界和物理世界的网络物理系统。由于它们之间的紧密交互，在相同的工作空间和生产线中，人与机器人协同工作并共同居住，针对ICS的网络攻击可以改变生产过程，甚至绕过安全程序。例如，这些网络攻击可能会中断物理工业流程，并可能对工人造成伤害。在本文中，我们介绍SafeMan，这是一个基于边缘计算范式的统一管理框架，该框架提供了高性能应用程序，用于检测和缓解工业场景中的网络攻击和安全威胁。三个用例显示了制造中的特定威胁，以及为检测和缓解威胁而采取的SafeMan措施。为了验证我们的建议，使用给定数量的Modbus TCP和S7Comm设备对具有正常网络流量和不同网络攻击的工业数据集Electra进行了一系列实验。实验测量了基于机器学习和深度学习的异常检测技术的运行时性能，以检测控制网络中的网络攻击。实验结果表明，神经网络报告了最佳性能，能够检查每秒在Electra上具有2 ^17个特征向量，因此证明它可以用作实际场景中SafeMan的检测模型。