Function-driven cyber-physical security in smart manufacturing - Software and Systems Modeling

As manufacturing evolves with cyber-physical systems (CPSs), ensuring security across all components—no matter how small—is critical to preventing system-wide failures. While frameworks like Reference Architectural Model Industrie 4.0 (RAMI 4.0) structure industrial processes, they overlook security, leaving CPS vulnerable to cyber-physical threats. The increasing convergence of Information Technology and Operational Technology has further expanded the attack surface, exposing industrial automation to new vulnerabilities. This study investigates how security risks in automated manufacturing systems can be managed. Our study systematically reviews the literature, employing Information System Security Risk Management-based risk assessment and threat analysis to identify gaps in existing security frameworks. To bridge these gaps, we introduce the functions, assets, security threats, and mitigation techniques (FAST) method for assessing and mitigating security risks in CPS-driven manufacturing. Our findings highlight underexplored vulnerabilities across RAMI 4.0 layers, emphasising the need for security frameworks tailored to industrial automation. The FAST method provides a structured and scalable way to CPS security, ensuring that security measures integrate seamlessly with industrial operations while addressing previously overlooked vulnerabilities.