Featured Product
This Week in Quality Digest Live
Innovation Features
Jennifer Chu
Stamp-sized ultrasound adhesives produce clear images of heart, lungs, and other internal organs
Jill Roberts
Another way to know what’s too old to eat
Gregory Way
Drug designers are rethinking their response to medications that affect multiple targets
Del Williams
8-in. cable and disc systems are comparable to belt or bucket systems
Edmund Andrews
For creative collaboration, sometimes you can’t beat a face-to-face meeting

More Features

Innovation News
Gantry designs feature enhanced performance
New technology will allow customers to grow capacity, improve profit margins and gain efficiencies
Virtual reality training curriculum prepares organizations for rapid transformation
Meet the latest generation of LC xx6 encoders
Maximum work envelope in a small footprint
On-demand pipe flow measurement, no process interruptions
Products range from software to scanners

More News

Pat Toth


Cybersecurity and Industry 4.0: What You Need to Know

Smart factories can gain a competitive edge but face challenges and risks as part of the process

Published: Wednesday, June 8, 2022 - 12:01

This morning my favorite local news program had an interesting segment on new slang words and what they mean. The definitions probably weren’t necessary for millennials or generation Z, but for baby boomers like me, it was an eye-opening vocabulary lesson. I must admit I didn’t know what bougie (pronounced boojee) meant, even though I had heard it a few times—like when my niece said the wine glasses I used at Thanksgiving were bougie.

Perhaps you’ve heard some phrases lately that suddenly seem like they’re everywhere, such as Industry 4.0. When I first heard the term I wasn’t quite sure what it meant, but it seems to be one of the hottest phrases in manufacturing.

There have been four major technological trends during the past few hundred years that have revolutionized both industry and manufacturing. The first combined mechanization with steam and water power. The second combined mass production and electricity. The third was the rise of electronic and information technology (IT) systems as well as automation.

What is Industry 4.0?

Industry 4.0 refers to the newest phase of the Industrial Revolution. According to PwC Insights, Industry 4.0 “refers to the fourth industrial revolution, which connects machines, people, and physical assets into an integrated digital ecosystem that seamlessly generates, analyzes, and communicates data, and sometimes takes action based on that data without the need for human intervention.”

Industry 4.0 focuses heavily on interconnectivity, automation, machine learning, and real-time data. It encompasses the industrial internet of things (IIoT) and smart manufacturing. It joins physical production and operations with smart digital technology, machine learning, and big data to create better connected systems for companies that focus on manufacturing and supply chain management.

Every company is different, but each faces a common challenge—the need for connection and access to real-time insights across processes, products, and people.

Industry 4.0 is expected to revolutionize the industrial world, just as the use of steam power started the first Industrial Revolution during the late 1700s. The number of interconnected devices in use today provides an opportunity to collect information and allow for advanced decision-making in management and technology, which will greatly improve production. Industry 4.0 can help make data actionable. The availability of information across a system or systems can become a powerful tool if used properly.

These new technologies will serve to advance manufacturing, but they also introduce risk. Company-sensitive data may be streamed across a network of small, power-sensitive and deeply embedded devices, which is a completely different threat landscape than the PC-based approach most SMMs use today.

Four key areas of Industry 4.0

It’s helpful to think of Industry 4.0 in four overlapping pieces.

Cyber-physical systems (CPS) and cobots

According to NIST Special Publication 1500-201, Framework for Cyber-Physical Systems: Volume 1, “cyber-physical systems are smart systems that include engineered interacting networks of physical and computational components.” These systems are highly interconnected and integrated, providing new functionalities to improve quality of life and enabling technological advances in critical areas such as personalized healthcare, emergency response, traffic flow management, smart manufacturing, defense and homeland security, and energy supply and use. Cyber-physical systems (CPS) have great potential to enable innovative applications and affect multiple economic sectors in the worldwide economy.

CPS generally combine sensors and sensor networks with embedded computing to monitor and control the physical environment, with feedback loops that allow external stimuli to activate the system either through communication, control, or computing.

From a manufacturing industry perspective, a CPS is an internet-enabled physical entity, such as a pump or compressor, combined with computers and control components consisting of sensors and actuators.

Manufacturers are rapidly adopting the use of cobots, which are robots with direct physical interaction with a human user within a shared workspace. Cobots, just like traditional industrial robots, consist of a mechanical arm that can be programmed to perform tasks in a manufacturing facility, such as material handling, assembly, quality inspection, and packaging, while working alongside humans. Although safety risks have improved in recent years, cobots may introduce some risks. Their close coordination with humans requires a risk assessment to protect workers and equipment.

Internet of things (IoT) and big data

IoT refers to the network of devices that contain the hardware, software, firmware, and actuators that allow devices to connect, interact, and freely exchange data and information. IoT is about connecting “things,” such as objects and machines, to the internet and, eventually, to each other.

While IoT collects data from physical objects like a sensor, big data allows for more efficient and effective processing and storage of these data. The combination of IoT and big data enables collecting and analyzing data to improve production.

Cloud manufacturing (CMfg)

Both internal and external cloud applications in manufacturing can transform resources and capabilities into services. These services can then be managed and operated in a unified way, which allows resources and capabilities to be shared. Cloud manufacturing (CMfg) can provide safe and reliable, high quality, inexpensive, and on-demand manufacturing services for the whole manufacturing lifecycle.

CMfg is a type of parallel, networked, and distributed system consisting of an integrated and interconnected, virtualized service pool, known as a “manufacturing cloud,” of manufacturing resources and capabilities. It also includes capabilities of intelligent management and on-demand use of services to provide solutions for all kinds of users involved in manufacturing a product.


All systems that collect and communicate data are there to make industrial and manufacturing practices more efficient and autonomous. This is the foundational piece of Industry 4.0.

Technology serves to connect previously discrete systems through hardware and software, provide information transparency, augment the human decision-making process, allow for real-time decision making, and decentralize decisions within technological systems so the frequency of human interference is reduced.

All four pieces of Industry 4.0 hinge on the interconnection of:
• Machinery and production management systems
• Information across manufacturing processes
• Information throughout the manufacturing lifecycle

Communications are vital to success

Interconnections rely on communication among machines, sensors, and people. Communications must be protected and are vital to successfully implementing Industry 4.0.

With Industry 4.0, communications and cybersecurity can’t be viewed as isolated processes. To take full advantage of the opportunities that Industry 4.0 has to offer, manufacturers of all sizes will need to understand its capabilities and potential risks.

Let’s consider an example of Industry 4.0 implementation for a medium-sized manufacturer.

AthCo is a manufacturer of athletic apparel and has recently achieved rapid growth after the launch of its new athleisure collection. AthCo currently uses an enterprise resource planning (ERP) system and a customer relationship management (CRM) system. A great deal of data are produced from the ERP, CRM, and the “back office,” including transaction information. These data allow AthCo to communicate internally as well as with its customers, suppliers, and business partners.

Despite all these available data, AthCo is struggling to predict outcomes on the factory floor. At first glance the factory appears to be running well, but some production issues have come to light. Sewing machines often stop working with little or no warning, control systems produce errors at the time of production, and inaccurate production costs are resulting from data gathered across several systems. Businesses are complex, and errors in data collection often stem from various systems measuring things differently.

An Industry 4.0 approach will help AthCo achieve greater productivity and eliminate problems with machine failures and control systems. By adding sensors throughout the factory, AthCo could:
• Monitor production flow in real time
• Reduce waste and product rework
• Monitor inventory production

Data collected by sensors could be sent to the cloud for analysis, which would help to create predictive models and develop condition-based maintenance alerts.

Factory engineers could then reduce machine downtime and increase factory output by accurately predicting machine failures. Factory managers could monitor and manage the factory floor remotely. Variables such as temperature could be monitored to save energy and reduce overhead costs. Operational managers could use sensor data to view production-line status and make necessary adjustments to manage costs. The research and development department could gain insights into patterns from multiple clients, track equipment failures, and reengineer problems for better factory performance. Field service managers could identify when to deploy resources for predictive maintenance, which would minimize equipment failures and equipment services costs.

Industry 4.0 would enable better use of data across all of AthCo’s departments. Data would be presented in an easily digestible format, delivering actionable information and assisting in business modernization. Industry 4.0 would allow for better communication among internal departments as well as with customers and suppliers.

Although implementing Industry 4.0 appears to solve many of AthCo’s production issues, new cybersecurity concerns might be introduced. Using sensors and remote access could provide entry points for hackers, cybercriminals, or industry competitors to gain access to AthCo’s systems. Before implementing new technologies, a cyber risk assessment should be performed to provide a full understanding of the company’s cybersecurity needs and capabilities. AthCo should understand the benefits and the potential cybersecurity risks that implementing Industry 4.0 may introduce.

The MEP National Network can help

Industry 4.0 is a term we can expect to hear more of as manufacturers begin to adapt its concepts. Cybersecurity will be an important aspect of integrating IT and OT. The future success of the next phase of the Industrial Revolution will depend on Industry 4.0. Companies should contact their local MEP Center for assistance in implementing an Industry 4.0 approach.

First published May 11, 2022, on NIST’s Manufacturing Innovation Blog.


About The Author

Pat Toth’s picture

Pat Toth

Pat Toth has over 30 years of experience in cybersecurity and worked on various NIST cybersecurity guidance documents including “NISTIR 7621 Small Business Information Security: The Fundamentals.”