Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems

— The Internet of Things (IoT) has transformed many aspects of modern manufacturing, from design to production to quality control. In particular, IoT and digital manufacturing technologies have substantially accelerated product develop-ment-cycles and manufacturers can now create products of a complexity and precision not heretofore possible. New threats to supply chain security have arisen from connecting machines to the Internet and introducing complex IoT-based systems controlling manufacturing processes. By attacking these IoT-based manufacturing systems and tampering with digital files, attackers can manipulate physical characteristics of parts and change the dimensions, shapes, or mechanical properties of the parts, which can result in parts that fail in the field. These defects increase manufacturing costs and allow silent problems to occur only under certain loads that can threaten safety and/or lives. To understand potential dangers and protect manufacturing system safety, this paper presents two taxonomies: one for classifying cyber-physical attacks against manufacturing processes and another for quality control measures for counteracting these attacks. We systematically identify and classify possible cyber-physical attacks and connect the attacks with variations in manufacturing processes and quality control measures. Our tax-onomies also provide a scheme for linking emerging IoT-based manufacturing system vulnerabilities to possible attacks and quality control measures.


I. INTRODUCTION
HE Internet of Things (IoT) embeds electronics, software, and sensors into physical objects that collect and exchange data via network connections. IOT technologies have made manufacturing smarter by enabling manufacturing systems to evolve from loose collections of largely disjoint cyber and physical components into synergistic cyber-physical systems. The Internet-connected sensors, tooling, and control systems forming these IoT-based manufacturing systems enable the manufacturing and refinement of parts that heretofore were hard to produce cost-effectively.
The IoT plays an important role in improving the efficiency and productivity of manufacturing systems. For example, by connecting digital manufacturing technologies and Com-This work was supported in part by the National Science Foundation and Department of Homeland Security through Grant #CNS1446303.
puter-Aided Engineering (CAE) tools, designers and manufacturing engineers can substantially accelerate the product development-cycle. The use of IoT-based manufacturing systems, however, also expands opportunities for cyber-physical attacks against these systems. In particular, older pre-IoT equipment was not Internet-accessible and thus not exposed to cyber-attack like newer IoT-based manufacturing equipment.
For instance, with IoT-based manufacturing systems, critical manufacturing files are stored in computers connected to the Internet, as shown in Fig. 1. It is possible for an attacker across the Internet to remotely intercept and alter design files or machine configurations to create undetectable changes in a part that adversely affect a product's design intent, performance, or quality [1], [2], [3], [4]. Since the parts being attacked are installed in automobiles, jet engines, or artificial heart valves, the results could financially devastate manufacturers, e.g., by damaging equipment, incurring property losses, increasing warranty costs, losing customer trust, or threating human safety if these altered parts function improperly and fail in the field.
A fundamental concern with IoT-based manufacturing systems is that they enable the monitoring and control of previously

Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems
non-remotely accessible physical systems. If these Internet-connected IoT devices are not protected, the physical systems that they influence, such as the parts that a manufacturing facility produces, may be damaged. A famous example of critical IoT-based infrastructure being attacked is the Stuxnet malware that damaged nearly one-fifth of Iran's nuclear centrifuges [5]. The Stuxnet malware targeted programmable logic controllers and forced physical equipment to operate outside its design tolerances and led to centrifuge failures. Past IoT security research has explored cyber-vulnerabilities in industrial control systems, such as Supervisory Control and Data Acquisition (SCADA) controllers [6], which can force physical systems to operate outside of their safety tolerances. While these control systems are a crucial area of research, IoT-based manufacturing systems are also vulnerable to silent attacks that result in a manufactured part's physical characteristics no longer matching their design specifications, which could lead to critical and/or pre-mature failures in the field. Similar research has looked at flaws injected into computer hardware and software logic [7], [8]. Much less research, however, has focused on flaws injected into the physical parts themselves, which have no computational logic.
A particularly vexing challenge of IoT-based manufacturing systems is that their underlying software and hardware is rarely updated [1], [2], [3]. This lack of updates leaves complex IoT-based manufacturing equipment exposed and vulnerable to attack on the Internet. Moreover, this update problem cannot be easily addressed as IoT-based manufacturing equipment is often extremely costly to purchase, amortized over decades, and very expensive to take out of production operation. Techniques and tools are therefore needed to help protect the physical parts that IoT-based manufacturing systems produce, while recognizing that these systems will always be at risk of cyber-attacks.
In contrast to traditional cyber-security, IoT-based manufacturing systems use physical equipment, which generates measurable phenomena (e.g., temperatures and vibrations) to produce physical products that can be inspected and tested to determine if they meet their requirements. The uniqueness of a cyber-physical attack against an IoT-based manufacturing system is the correlated cyber and physical manifestation of the attack in the manufactured part. This correlation can be used to model and predict the relationships between attacks, process data, product quality observations, and side-channel impacts for the purpose of attack detection and diagnosis.
The work presented in this paper helps answer the following questions: • What types of attacks are particular IoT-based manufacturing system processes vulnerable to? • What facets of a part can be attacked in a given IoT-based manufacturing system? • What quality control mechanisms could be put in place to lower risk in IoT-based manufacturing systems? • How can quality control and side channel measurements mitigate cyber-vulnerabilities in IoT-based manufacturing system?
• How does a newly disclosed cyber vulnerability impact a particular IoT-based manufacturing process?
To answer these questions, we have created two taxonomies: one for classifying cyber-physical attacks against IoT-based manufacturing processes and another for quality control measures for counteracting these attacks. These taxonomies catalog IoT-based manufacturing processes, attacks, and quality control measures, as well as model the relationship between specific attack types, vulnerabilities, equipment, processes, and quality control measures. They also help to bridge the gap between (1) the IoT cyber domain, where the research subjects are cyber infrastructure and software vulnerabilities, and (2) the physical domain, which includes manufacturing processes and quality control measures.
Our taxonomies provide a framework that researchers and practitioners from both cyber-security and IoT-based manufacturing can use and augment to understand the scope of vulnerabilities, how cyber vulnerabilities impact different processes, the types of cyber attributes that these attacks express, and their impacts on the physical properties of both the process execution and physical part outputs. This framework makes it easier to reason about cyber-physical security in manufacturing, catalog attacks and vulnerabilities as they emerge, and understand the relationship between specific attack types, equipment, processes, and side-channel impacts.
The remainder of this paper is organized as follows: Section II describes the taxonomies for the manufacturing process, cyber-physical attacks, and quality control measures; Section III explores a case study of a manufacturing industry partner using the proposed taxonomy; Section IV compares our research with related work; and Section V presents concluding remarks and future work.

II. TAXONOMIES
This section first reviews the workflow of manufacturing processes and examines key vulnerabilities in the process chains. We next introduce two taxonomies, one for classifying cyber-physical attacks against manufacturing processes and another for quality control measures for counteracting these attacks. Finally, we present how software vulnerabilities are linked to manufacturing processes and attacks.

A. Overview of Manufacturing Processes
Manufacturing systems are rarely the same for different types of manufactured products, but most of these systems share a similar workflow. A manufacturing system typically starts with product planning, then procures raw material, goes through various manufacturing processes, followed by assembly and inspection for quality control, and finally distribution of the products, as shown in Fig. 2. Our taxonomies focus on the chain of process steps ranging from design to manufacturing to inspection. Our analysis starts at product design and goes through the different manufacturing processes, up to inspection and quality control. A key differentiator between IoT-based manufacturing systems and traditional systems is that the former operate more like distributed software-reliant systems than the latter. Traditional manufacturing systems use significant numbers of manual steps and closed/locally managed control systems. Newer IoT-based manufacturing systems are remotely accessible and monitorable by designers, reconfigurable, and capture volumes of sensor and tool actuation data during operation. Moreover, these systems are driven by computer instructions that coordinate their constituent IoT sensors and tooling to produce a given part.
Since IoT-based manufacturing processes perform the set of steps through which raw materials are transformed into a finished product, this section summarizes the basic and most commonly used manufacturing processes in industry today. In production systems, a combination of several processes may be required to manufacture a product, but understanding the characteristics of each individual process is essential to build accurate taxonomies.
There are several ways [9], [10] [11] to classify the different manufacturing processes involved in production, such as dividing them into the two groups shown in Fig. 3: 1. Processing operations, which add value to materials by transforming them from one state to another. Process operations can be further divided into solidification processes (such as casting that pours material in a cavity to fill when it cools down), deformation processes (such as forming that changes the shape of the material, without usually changing its original volume), subtractive processes (such as machining that changes the shape of the material through removing some of it, thereby decreasing its volume), additive processes (such as 3D printing that builds the shape of the material progressively by accumulating thin layers one on top of the other), surface processing (such as surface finishing done as a final step to improve the quality of the surface of the current product), and others (such as heat treatment, which enhances the property of the material itself, and particulate processing, where particles are consolidated together). 2. Joining operations, which bring two or more components together. Joining operations can be split into permanent joining processes (such as welding) and joining via mechanical components (such as fasteners). An overview of such grouping can be seen in Fig. 3, along with some (non-exhaustive) examples for each sub-group. These sub-groups are not necessarily mutually exclusive, e.g., a subtractive process may also be performed in surface processing operations.
Another concept we define is "part facet", which is a specific aspect or geometric structure of a part that is important to its performance. The facet type includes dimension (e.g., length, width, height), radius, weight, center of gravity, color, magnetism, surface roughness, tensile strength, yield strength, etc. Each manufacturing process is restricted by its characteristics, so it can only affect a subset of the part facets. For example, a turning process can change the dimensions of the part. Likewise, a heat treatment can change the yield strength of the part.

B. Design Artifacts to Code
An interesting facet of IoT-based manufacturing is that design files, such as solid geometry representations of parts, are eventually translated into computer instructions, such as G-Code, for a set of IoT machines indicating how to manufacture the part [12]. This process is a form of model-driven engineering, which is also used in software development [13]. Many of the attacks are analyzed based on the instruction set limitations of manufacturing equipment, which are directly connected to the physical capabilities of the equipment, and provide cyber-physical bounds on attacks. Due to the wide range of IoT-based manufacturing processes, this paper only concentrates on subtractive and additive processes, which serve as representatives of a larger group due to the fact that they are currently being used heavily in IoT environments. 1 For example, in Computer Aided Manufacturing (CAM) the products within these processes are created through Computer Aided Design (CAD) software. The design is then realized by coordination of Computer Numerically Controlled (CNC) machines or 3D printers through a network and driven by computer programmed commands, rather than being controlled by hand. Such extensive use and reliance on IoT devices and software systems invites new cyber-physical threats.
While subtractive and additive processes are significantly different, their integration into an IoT-based manufacturing system is relatively similar. Fig. 1 shows modern process chains for both an additive and a subtractive process, respectively. The process chain starts with a 3D CAD model, which is a digital representation of the shape and dimensions of an artifact.
For subtractive manufacturing, the 3D CAD model goes directly to CAM software as modern CAD/CAM systems are integrated. After the CAM step is completed, a generic toolpath file is generated and sent to the IoT machine's controllers. In the process chains shown in Fig. 1, users have ready access to the toolpath, which provides a set of instructions for the tool regarding its direction, speed, and path.
In additive manufacturing, the CAD model is translated into a model called "STL", which represents the solid geometry with a list of triangular facets that define a part's surface. Using machine-specific CAM software, this STL file is virtually sliced into layers that will be printed. Another algorithm generates commands that determine the additive manufacturing machine-specific toolpath to process each layer, which is typically written in G-Code and sent to a 3D printer's controllers across a network. These IoT systems allow designers to remotely print and monitor progress of arbitrary parts across the Internet.
In IoT-based manufacturing, each component of these process chains are linked through the IoT infrastructure, which poses potential risks of external cyber-physical attacks. In fact, two case studies [2], [3] conducted recently at Virginia Tech showed how to target a different component in each chain, as highlighted in Fig. 1. In the case of the additive manufacturing process, a cyber-physical attack modified the STL file to create a part with an internal void [3]. In the case of the subtractive manufacturing process commands in the machine toolpaths were altered, thereby producing an incorrect part [2].
Examining the process chains of both additive and subtractive manufacturing demonstrates how vulnerable modern manufacturing is to cyber-physical attacks, e.g.: • Both the STL and toolpath files are plain text without any encryption or encoding, which means these files can be intercepted and tampered/replaced. By modifying these files, attackers can bring parts out of specifications, add undesired 1 The attack taxonomy presented in Section II.C can also be applied to other manufacturing processes. part features, or alter part mechanical properties.
• An attack can propagate through an entire process chain. For example, altering a CAD file in transit across a network between IoT components will result in changes in the translated STL/toolpath file. If attacks cannot be prevented in previous processes, any quality control measures in later processes are meaningless.

C. A Taxonomy of Cyber-physical attacks against Manufacturing Processes
Below we describe possible types of cyber-physical attacks against manufacturing system processes in IoT environments. An attack can be characterized by an attack flow where attackers exploit certain vulnerabilities through some attack vectors to attack some targets and produce an impact. The key elements in this attack flow are shown in Fig. 4 and described in detail as follows: 1) Attack vectors refer to paths where attackers can gain unauthorized access to the IoT system. Possible attack vectors include social engineering, malware like viruses or Trojans, insufficient authentication (attackers can get permission by brute force or bypass authentication), etc.
2) Vulnerabilities in the IoT-based manufacturing system can include a compromised worker, OS/Software vulnerability, or weak authentication mechanism.
3) Attack targets can be manufactured products, the IoT machines used for manufacturing, Computerized Maintenance Management System (CMMS) or intellectual property, such as CAD design files or specifications. 4) Attack impacts can be classified into three categories: • Confidentiality attacks compromise the intellectual property of design model files. Design models may be highly confidential since they represent valuable business secrets for manufacturing companies. If these files are stolen by competitors and are used to reproduce similar products, substantial economic loss can be incurred for the company. • Availability attacks affect the availability of manufacturing resources as they target manufacturing machines and tools. These attacks could deliberately slow down manufacturing processes by breaking down the controlling computers or damaging the manufacturing machines. • Integrity attacks tamper with design models or configuration files of a manufacturing product line, thereby changing the geometric dimensions or mechanical properties of a part so it does not meet its designed requirements. Based on the attack target, integrity attacks can be further categorized into material attacks and structure attacks, which are all shown in Fig. 4.
Material attacks are attacks that change the physical properties, such as material strength, surface roughness, color or magnetism of the manufacturing parts. A coordinate measuring machine can detect vertex movement. 3. Indents/protrusions: small indents or protrusions can be created on the surface of a part, resulting in fit issues or rough surface finish. 4. Internal void: a small volume created inside a part is undetectable by visual inspection since the void is completely enclosed. The void does not change the dimensions of a part, so it is also undetectable by a coordinate measuring machine. The void can impact a part's mechanical properties, e.g., if placed in a load bearing location, the void can make the part fail more easily. Additive manufacturing can create internal voids due to its layer-by-layer building process, but subtractive manufacturing cannot create internal voids. Availability attack includes Equipment attacks that aimed at IoT-based manufacturing equipment. For example, attackers can change machine configurations to force the equipment to operate outside its tolerance, causing damage to the machine, or accelerating wear and tear on the machine.
There is a relation between IoT-based manufacturing processes and cyber-physical attacks. Some attacks are only possible with the presence of certain manufacturing processes. For example, subtractive manufacturing processes, such as milling or turning generally, cannot create internal voids in manufactured parts. In contrast, 3D printing's flexibility makes it vulnerable to many kinds of attacks, including internal void attacks. Table I presents a mapping between common manufacturing processes and their corresponding potential attack types. These relationships enable us to narrow down the possible attack types based on the manufacturing processes being used.

D. A Taxonomy of Quality Control in IoT-based manufacturing Processes
We now present a second taxonomy of the quality control (QC) measures in manufacturing processes. QC is an indispensable component in modern manufacturing to ensure products meet their quality requirements. Various QC measures exist, each with its own detectable problems. For example, dimension measurement can detect scaling attacks, though it is ineffective against mechanical property attacks. Fig. 5. shows our taxonomy of QC in manufacturing processes. These QC measures can be applied to either the physical or cyber domains of IoT-based manufacturing. The measures applied to the physical domain usually measure the physical or mechanical properties of manufacturing parts to assess whether the desired requirements have been met. Based on the measured properties, QC measures are usually non-destructive and can be classified into three groups: physical characteristics, mechanical properties, and side-channel impacts. QC measures for physical characteristics include visual inspection, dimension measure, weight measure, 3D laser scanning, X-rays, and CTs.
Mechanical properties refer to how parts behave under load. For example, strength is the resistance of a material to deformation from an external load [14]. Elasticity is the ability of a material to return to its original shape after the load is removed [14]. Hardness is the ability of a material to resist indentation and scratching [14]. These properties cannot be visually inspected, so tests must be run with specialized equipment to analyze these aspects of a part. QC measures often are combined with statistical analysis techniques since these tests may be expensive, destructive, or time consuming. Sophisticated sampling and acceptance techniques are employed based on statistical models, including Statistical Process Control (SPC) [15], Six Sigma [16], acceptance sampling [17], etc. Samples are chosen and analyzed in place of every part [18].
Side-channel impacts are mostly discussed in cryptography and refer to cases where attackers do not leverage information from plaintext or ciphertext, but from physical characteristics of cryptosystems. For instance, hardware has varying power con-sumption when doing different computations, such as adding and multiplying. By observing the power consumption of a cryptosystem, it is possible to deduce the key bits of RSA [19] or even to break the key [20]. Some other side-channel impacts include timing delays [20], electromagnetic leaks [21], temperature [22], or radiation [21]. QC in IoT-based manufacturing can measure side-channel impacts as well, to determine if a manufacturing process deviates from its designed specifications.
Linking QC measures with the attack types described in Section II.C can help determine which measure is effective against which attack type. A subset of the correspondences is shown in Table II.

E. Deducing Attack Threats from Software Vulnerabilities
A common misconception in the cyber-security community is that attacks can be avoided by simply employing the latest software versions and best practices. However, many IoT systems such as manufacturing equipment have long lifetimes, prohibitively high upgrade costs and need to remains operational continuously, and therefore cannot be migrated to the latest operating systems or manufacturing software versions. A key challenge, therefore, is to protect a complex IoT-based manufacturing process built on equipment with buggy or outdated software that cannot be easily upgraded to newer and more secure versions.
To determine what attacks could be launched with known cyber vulnerabilities and what quality control measures should be taken to detect possible attacks, we have connected our attack taxonomy with the National Vulnerability Database (NVD) [23], The NVD is a U.S. government repository of vulnerability management data, which uses the Common Vulnerability Scoring System (CVSS) [24] to evaluate the severity of vulnerabilities. The CVSS defines a set of metrics to describe the characteristics of vulnerabilities. The metrics includes six vectors that are described below. The first three of these vectors in CVSS are organized in terms of exploitability: • Access vector (AV) measures an attacker's ability to successfully exploit a vulnerability based on how remote an attacker can be from a networking perspective [25]. There are three possible values for Access Vector: Local, Adjacent Network, and Network. An Access Vector of value "Network" (AV: N) means the vulnerability must be exploitable without requiring physical (i.e., local) or adjacent network access. Often, AV: N vulnerabilities can be exploited from IP addresses on the Internet. An Access Vector of value "Adjacent Network" means the vulnerability must be exploitable through a broadcast or collision domain. An Access Vector of value "Local" means the vulnerability must only be exploitable via physical access, such as proximity to a device or local shell access. • Access complexity measures the complexity of the attack required to exploit the vulnerability after the attacker gained the access to the target system already [25]. • Authentication measures the number of times an attacker needs to authenticate to the target system to exploit a vulnerability [25]. The Access Complexity and Authentication vectors describe the degree of difficulty, but not possibility of an attack, which are not relevant to our taxonomy, so we omit their discussions here.
Three other vectors in CVSS are organized in term of impact: • The Confidentiality Metric measures the attacker's ability to obtain unauthorized access to information from an application or system [25]. If no information or data is exposed due to exploitation, the Confidentiality metric receives a value of "None". If only partial information is disclosed due to exploitation (the attacker cannot control what is obtained), the Confidentiality metric receives a value of "Partial". If an attacker has complete read access to all information and data on a system, the Confidentiality metric receives a value of "Complete". The compromise of confidentiality metric means the vulnerability can help attackers gain "read" access to the system. The "read" access will make it possible to launch confidentiality attacks that are discussed in Section II.C. • The Integrity Metric measures an attacker's ability to manipulate or remove data from a product or system [25]. There are three possible values for this metric: None (I: N), Partial (I: P), and Complete (I:C). "None" is used when vulnerability exploitation cannot manipulate data. For example, an information leak only exposes information but unauthorized modification is not possible. A "Partial" impact to Integrity implies limited or uncontrolled modifications to files are possible by exploiting a vulnerability. An Integrity metric of "Complete" means an attacker is able to modify any system files or data in the system. The compromise of integrity metric means the vulnerability can help attackers gain "write" access to the system. The "write" access will make it possible to launch integrity attacks. Integrity attacks usually need to change the critical part of design files or machine configurations, a "partial" impact is not sufficient because attackers cannot make predictable changes. The partial value is therefore treated the same as no value. • The Availability Metric measures an attacker's ability to disrupt or prevent access to services or data [25]. Vulnerabilities can impact availability by affecting hardware, software, and network resources. For example, vulnerabilities can make it possible for attackers to flood network bandwidth, exhaust CPU or system memory. There are three possible values for this metric: None (A: N), Partial (A: P), and Complete (A: C). The compromise of availability metric means it is possible to launch availability attacks. The cyber infrastructure refers to the computing equipment controlling physical manufacturing processes. Each computer equipment has several characteristics, such as operating system version (Windows XP, Windows 7, etc.), manufacturing software version (CAD, CAM software), and network connectivity status (Internet, LAN or None). The characteristic of the computers can be mapped to the exploitability vectors of vulnerabilities. A vulnerability with an access vector of "Internet" will only affects computers with an Internet connection. We now examine some vulnerabilities from the NVD to see how they can be connected to our proposed taxonomy. As shown in Table III, CVE-2014-7268 is a vulnerability whose description is "Buffer overflow in AClient in Symantec Deployment Solution 6. 9

and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors."
The prerequisites of vulnerability CVE-2014-7268 are installations of Symantec Deployment Solution on Windows XP or Server 2003 operation systems and local access to the computers involved in the IoT-based manufacturing process. If these prerequisites are met, this vulnerability can be exploited to launch attacks that result in "complete" confidentiality, integrity, and availability impacts, which means all the attacks in our taxonomy shown in Fig. 4  Windows RT Gold and 8.1 allows local users to obtain sensitive information via a crafted application that continues to execute during a subsequent user's login session, also known as "Windows CSRSS Elevation of Privilege Vulnerability"." This vulnerability just impacts confidentiality, so only confidentiality attacks can be launched and manufacturers need not prepare for integrity attacks or availability attacks. Moreover, manufacturers need not do anything if the manufacturing design files are publically available, i.e., intentionally not confidential.
With all the relationships established above, we can connect vulnerabilities, IoT-based manufacturing processes, cyber-physical attacks and quality control measures all together, as we show in Fig. 6. The characteristics of the IoT-based manufacturing processes reveal the vulnerabilities exposed and thus determine what cyber-physical attacks could be launched. Each cyber-physical attack has its effects either in the physical domain or the cyber domain. We can choose the QC measures that capture the provisioned attack effects, thereby enabling better defenses against cyber-physical attacks in IoT-based manufacturing systems.

III. CASE STUDY
An increasing number of manufacturing companies have embraced the Internet of Things to revolutionize the way they manufacture. Information technology infrastructure has been used extensively in design, manufacturing processes and quality control for accessing the information of physical objects and for manipulating the physical objects. The tight integration of hardware and software enables a more efficient production management. While modern manufacturing companies are enjoying the benefits the IoT brings, most of them are unaware of the potential cyber-security risks they may face.
To demonstrate how our taxonomies can be applied to modern manufacturing systems to assess cyber-security risks, we visited an industry partner to collect related information and map them to our approach. This company provides additive manufacturing services that allow customers to submit their own parts designs to facilitate production.
The general process flow of this company is shown in Fig. 7. A customer submits parts through a web portal or directly through email to a product engineer, who then coordinates with the customer to determine the printability and best material/process. The part files (in CAD or STL format) will be saved to the network drive. The process engineer checks the file for common problems, such as thin walls or extra shells, and adjusts the files if necessary. Machines will also be checked before printing. After that, the parts will be printed (along with witness bars) and will go through QC measures. If the parts pass inspection, they will be shipped to customers; otherwise, they will be scrapped or reworked. The IT infrastructure in this manufacturing company consists of three categories of computers: engineers' computers, 3D printer computers, and inspection station computers. Files are stored on a networked server connected to all computers. There are no restrictions on USB drives and all computers have USB access. No personal computers are allowed, but work laptops can be taken home and can remotely access the server. Many computers run outdated operating systems, including Windows XP and Windows 7. Most computers are connected with the Internet to access the design files from network drive. For computers without the need to access design files, many cannot be unplugged due to the restriction of Digital rights management (DRM) systems or software activation.
This company applies many QC measures, including digital file checks, machine process checks, material quality checks, and part quality checks. Digital file checks verify the STL file and determine if there are any inverted normals, holes, or non-closed shells. Machine process checks include assessing laser power, IR sensor, or O2 sensor to ensure the machine is operating normally. Material quality checks includes checking the powder mix ratio and the melt flow index to see the powder batch being used meet the requirements. Part quality checks include dimension measure, visual inspection, and tensile test. Dimension measures are performed with Faro Arm, a coordinate measuring machine, and manually by human with calipers. We applied our taxonomies to conduct a systematic risk assessment for this manufacturing company. Fig. 8 shows an example product line that consists of a single process: 3D printing. Vulnerability "CVE-2015-2453" presented in Section II.D will impact all computers running Windows 7 with "complete" confidential impact. Since the project engineer's computer is running Windows 7 and the STL file is stored in this computer, the vulnerability will allow attackers to launch confidentiality attacks to steal the design files.
Vulnerability CVE-2014-7268 will impact all the computers running Symantec Deployment Solution 6.9 or earlier on Windows XP with "complete" confidentiality/integrity/availability impact, which means attackers could launch integrity attacks by gaining write access to computers controlling 3D printer and inspection station.

IV. RELATED WORK
Prior work has explored various types of security issues in cyber-physical systems. For example, Cardenas et al. [26] discuss key challenges for securing cyber-physical systems and Sridhar et al. [27] model the security risks for the Electric Power Grid. However, they do not consider the domain knowledge of manufacturing in their security models.
Taxonomies have been proposed for cyber-attacks in information technology (IT) systems [28], [29]. While the taxonomies are useful for manufacturing systems to defend traditional cyber-attacks, these taxonomies do not capture the physical effects of the attacks on IoT-based manufacturing systems. In IoT-based manufacturing systems, the attacks on the controlling systems can directly impact the physical world.
Taxonomies have also been proposed for cyber-attacks in the IoT systems. For example, Zhu et al. [6] analyze the cyber-attacks on Supervisory Control and Data Acquisition systems. No equivalent taxonomy has been proposed, however, to systematical classify possible cyber-physical attacks in manufacturing systems and provides a framework to reason about the relationship between attack types, processes, equipment and quality control measures.
Integrated circuit manufacturing faces similar security challenges as cyber-physical manufacturing systems [30]. Taxonomies have been developed for hardware Trojans [7], [8], [30], which are maliciously injected logic in integrated circuits. Tehranipoor et al. [7] survey the design and taxonomy of hardware Trojan. Detection methodologies for hardware Trojans are also discussed in their survey. Jin et al. [8] present different implementations of hardware Trojans and show that traditional functional testing can be useless in detecting hardware Trojans.
Quality control in integrated circuits aims to detect if a manufactured circuit matches its original design [8]. Since circuits cannot be easily deconstructed for testing, side-channel detection is widely used as a QC measure for defending against hardware Trojans. Researchers have developed various side-channel methods including timing delays [31], power analysis [32] for detecting hardware Trojans. Cyber-physical attacks in manufacturing systems differ from hardware Trojan in that the manufactured parts are not electronic in nature and there is no computational logic to verify the functions [33].

V. CONCLUDING REMARKS
The Internet of Things (IoT) has transformed many aspects of modern manufacturing. IoT-based manufacturing systems, however, are much more vulnerable to cyber-physical attacks than traditional manufacturing systems. Given the importance of IoT-based manufacturing systems throughout the supply chains in modern economies, identifying and remediating these vulnerabilities is of paramount importance [34].
To understand potential dangers and protect manufacturing system safety, this paper presents two taxonomies: one for classifying cyber-physical attacks against IoT-based manufacturing processes and another for quality control measures for counteracting these attacks. These taxonomies provide guidance for evaluating IoT-based manufacturing system security by delineating the research space and helps to codify and relate research approaches to one another. These taxonomies also build connections between IoT-based manufacturing processes, attacks, and quality control measures.
Based on creating our taxonomies and applying them in the context of the case study in Section III, we have identified the following lessons learned: • Manufacturing companies can benefit from these taxonomies to reason more effectively about what possible attacks could happen to their IoT-based manufacturing process chains, as well as ascertain which quality control measures are needed to detect defects resulting from cyber-attacks on IoT-based manufacturing infrastructure. • Ensuring the security of IoT-based manufacturing systems is a cross-disciplinary problem that can be solved most effectively by collaborative efforts of researchers from both cyber-security and mechanical engineering. Moreover, knowledge of cyber-security should be explained in manufacturing terms to enable meaningful reasoning. • There is a tradeoff between quality control measure coverage and the costs. Enforcing more quality control measures can examine more aspects of the products, but with a higher cost. Our taxonomies can help eliminate quality control measures that are not necessary and prioritize quality control measures that ensure quality attributes that requirements manufacturers value the most. Now that we have created these taxonomies, our next step is to develop an analysis tool to emulate current IoT-based manufacturing systems. Given IoT-based manufacturing process structures, system configurations, and budgets, this analysis tool will provide quality control recommendations on where and how to test. We also plan to explore what side-channel information can be utilized to detect attacks and develop algorithms to detect attacks by processing side-channel data in IoT-based manufacturing processes. (1) mobile security and data collection, (2) high-precision mobile augmented reality, (3) mobile device and supporting cloud infrastructure power and configuration optimization, and (4) applications of mobile cyber-physical systems in multi-disciplinary domains, including energy-optimized cloud computing, smart grid systems, healthcare/manufacturing security, next-generation construction technologies, and citizen science. His research has been licensed and transitioned to industry, where it won an Innovation Award at CES 2013, attended by over 150,000 people, was a finalist for the Technical Achievement at Award at SXSW Interactive, and was a top 3 for mobile in the Accelerator Awards at SXSW 2013.