Date of Award


Degree Type


Degree Name

Doctor of Philosophy (PhD)


Mechanical and Aerospace Engineering


Young Bai Moon


Operational technology security;Reinforcement learning;Resiliency

Subject Categories

Engineering | Mechanical Engineering


Cyber-manufacturing systems (CMS) represent the future design vision for manufacturing systems, aiming to enhance product quality, and productivity, and reduce downtime. The third industrial revolution was driven by computer systems and automation, while the fourth industrial revolution was inspired by the internet, network, and connectivity. However, this integration also introduces vulnerabilities, particularly through false data injection attacks on sensors. Sensors play a pivotal role in the automation framework of manufacturing systems spanning five levels: process, operational, supervisory, plant, and enterprise. Sensors are instrumental in communicating information from the process level to the enterprise level. It also enables controllers at the process and operational/supervisory level to implement precise control algorithms that enable the functioning of cyber manufacturing systems in a predetermined sequence to yield the desired end product. Moreover, they provide real-time state estimation of the manufacturing systems to the plant controller. With this information, the plant control algorithms work to minimize any discrepancies between the manufacturing system’s output and the input required for optimal manufacturing operation. However, the integrity of the information from the sensors can be compromised by the actions of cyber attackers who may exploit vulnerabilities in the manufacturing system’s networks or control software. Hence jeopardizing the manufacturing system’s availability and potentially leading it into an unsafe operational state. The rising cyber threats on cyber manufacturing systems have motivated researchers to propose solutions aimed at enhancing resiliency. At a high level, these solutions draw inspiration from the cyber security domain and can be categorized into prevention and detection strategies. Prevention from cyber-attacks is achieved by enforcing constraints in the form of rules, and policies, or by incorporating modern methods of firewall, physical hash, and blockchain. While prevention strategies are crucial, they do not guarantee complete freedom from cyber threats and hence a detection strategy is advised. The objective of the detection strategy is to identify and flag anomalous behavior within the manufacturing systems. However, a notable gap within this literature is guidance on how to respond effectively once a sensor attack is detected. This critical aspect, post-detection recovery, remains underexplored and warrants further attention. This research addresses this gap by proposing a reinforcement learning recovery agent and introducing a four-layer recovery architecture. The architecture encompasses the systems layer, attack identification layer, data auditing and detection layer, and recovery layer. The systems layer identifies and categorizes the manufacturing system components within the five-layer automation hierarchy. The attack identification layer performs risk analysis to identify vulnerabilities, while the data auditing and detection layer collects and trains data for attack detection. The recovery layer focuses on training reinforcement learning agents to respond effectively to detected attacks. To validate this architecture, a testbed and manufacturing simulator are developed, featuring two robotic arms, a conveyor belt, and a drawing manufacturing process. Two distinct sensor attack scenarios are presented, and the proposed recovery agent’s performance is compared against a PID controller using critical manufacturing metrics: downtime, throughput, and efficiency. The research aims to enhance the resilience and security of manufacturing systems by effectively responding to sensor attacks. In conclusion, this research contributes to the evolving field of CMS security by proposing a novel recovery architecture and reinforcement learning-based recovery agent, filling a critical gap in post-detection response strategies. The validation through a manufacturing simulator demonstrates the potential of the proposed approach in minimizing the impact of sensor attacks and ensuring the continuous operation of CMS.


Open Access