摘要: | 5G 技術與智慧工廠的結合帶來製造業數位轉型的新時代。智慧工廠利用 5G 網路和其他先進技術,如工業物聯網(IIoT)、人工智慧(AI)和邊緣運算,並優化生產流程與提高效率並且推動創新。然而,隨著智慧工廠越來越多感測器節點的連接和數位化,智慧工廠也變得更容易受到網路安全威脅和干擾。因此,本論文研究主軸的本質是確保 5G 智慧工廠的安全和彈性,以保持運營的連續性,並保護有價值的資產,以及防範潛在風險。 我們生活中越來越依賴無線通訊技術,像是4G和5G。這些技術的不斷發展,以應對日益增長的需求,帶來各種垂直領域的創新的應用。然而,隨著新功能和技術的引入,也帶來新的資訊安全風險和威脅。 本論文旨在建置一個安全的5G智慧工廠實證研究,探討在智慧工廠環境中利用5G與工業物聯網(IIoT)技術來提高生產效率,同時解決IIoT設備的弱點及不斷演變的安全威脅。本論文建置非侵入式智慧感應器系統和5G邊緣運算閘道器,以及部署5G智慧工廠的資通安全主動偵測與防護系統,作為5G智慧工廠之設備電力與振動監測、用電安全、預知保養的需求與資通安全防護。利用非侵入式智慧感應器系統和5G邊緣運算閘道器鑑別機械故障與設備健康狀態並進行預知維護和保養,因此減輕對生產流程造成的干擾並減少日後維護監測系統所需的時間與人力資源。智慧工廠的主動偵測與防護系統的實證方式以機器學習建立智慧工廠網路的行為樣態,具備自動部署與威脅偵測能力。此外論文也分析IIoT和5G網路的攻擊與威脅,並提出相應的5G智慧工廠緩解措施。 本論文方法論為ABCD方法,以Active Scanner(弱點資訊主動式探測)、Behavior Mesh Monitor(網路行為監控)、Correlation in Defense(異質網路的關聯防禦)、Dynamic Honeypot(建構虛擬誘捕環境)的框架縮寫,建立安全的5G智慧工廠之場域實證。資料來源來自實際5G智慧工廠運作所產生的數據,進行分析與驗證。研究結果顯示,在5G智慧工廠中,透過分析智慧感測器所擷取的資料來鑑別機械故障與設備健康狀態,採用時域訊號特徵(time-domain signal features)進行分析,而故障形態診斷的正確性達到90%。另在主動偵測與防護系統可偵測網路異常和設備異常行為,偵測率可達90%以上與智慧工廠設備辨識率可達93%。未來,可以將ABCD方法應用於 5G 智慧工廠安全與其他相關議題,包括5G專網整合與應用。 歸納本論文的研究重點在於建立攻擊場景以利用系統漏洞並實證研究結果。我們發現工業物聯網(IIoT)網路中存在多個弱點,駭客可以利用這些弱點來攻擊並造成智慧工廠的資通安全問題。同時,我們對行動通訊系統進行深入研究與驗證,實際對5G行動電信業者所即存的訊令協定漏洞進行國際漫遊與簡訊滲透測試,亦透過利用MITRE ATT&CK框架,對5G行動網路的威脅和攻擊進行實證建模。在本論文中,實證5G行動網路的技術漏洞並提出5G行動網路的緩解措施方案。 本論文的重要性在於實證5G獨立組網(SA)與智慧工廠的工業物聯網(IIoT)的安全影響以及建置非侵入式智慧感應器系統和5G邊緣運算閘道器,用電力作為感測參數,不須要多sensor設備與部線,智慧型感測資料發送器就是採用電流感應電源幫發送器內的充電電池充電,不用額外供電即可提供發送器運作所需的電量,作為5G智慧工廠之設備電力與振動監測達到預知保養的需求與資通安全防護。本論文實證 5G 智慧工廠和工業物聯網所產生的工控安全與行動通訊軟體協定的威脅風險,並提出5G 智慧工廠主動偵測與防護的方法,以達成本論文的目標:建置安全的 5G 智慧工廠實證研究。 ;The convergence of 5G technology and smart factory has marked a new era of industrial transformation. Smart factories leverage the power of 5G networks and cutting-edge technologies like the Industrial Internet of Things (IIoT) and artificial intelligence (AI), and edge computing to optimize production processes, enhance efficiency, and drive innovation. However, as smart factories become increasingly connected and digitized, they also become more vulnerable to cybersecurity threats and disruptions. Therefore, ensuring the security and resilience of 5G-enabled smart factories is paramount to maintaining operational continuity, protecting valuable assets, and safeguarding against potential risks. Wireless communications, such as 4G and 5G, play a crucial role in our daily lives, making security a critical concern. These technologies have evolved significantly to meet our growing demands, incorporating new features and advancements. However, this evolution also introduces new security threats and vulnerabilities. This dissertation examines the security threats and weaknesses present in 5G-IIoT smart factories, which continue to evolve with both legacy and modern wireless communication software components and paradigms. Wireless communications, including 4G and 5G, are integral to our daily lives, making security a critical concern. While these technologies have evolved significantly to meet growing demands and incorporate new features, they also introduce new security threats and vulnerabilities. This dissertation examines the evolving security threats and weaknesses in 5G-IIoT smart factories, focusing on both legacy and modern wireless communication software components and paradigms.This dissertation takes an initial step toward addressing industrial needs by presenting a general method for identifying novel security issues in 5G smart factories, specifically at the intersection of IIoT and 5G communication. This contribution is based on an analysis of IIoT and smart factory security incidents, as well as emerging trends in 5G technologies and attacker capabilities. Establishes a wireless, non-intrusive smart sensor system and a 5G edge computing gateway, alongside deploying active detection and protection systems for the cybersecurity of 5G smart factories. These systems meet the needs of monitoring equipment power and vibration, ensuring electrical safety, predictive maintenance, and cybersecurity protection. By using non-intrusive smart sensor systems and 5G edge computing gateways to identify mechanical faults and assess equipment health, predictive maintenance and upkeep can be performed, reducing production disruptions and decreasing the time and human resources required for future maintenance and monitoring. The empirical approach to active detection and protection systems in smart factories employs machine learning to establish behavioral patterns in smart factory networks, featuring automatic deployment and threat detection capabilities. Furthermore, the dissertation analyzes attacks and threats to IIoT and 5G networks, proposing corresponding mitigation measures for 5G smart factories.The dissertation′s methodology involves an in-depth analysis of the security and resilience properties of 5G-enabled smart factories. By conducting real-world experiments, we identify previously unknown vulnerabilities impacting 5G security. The methodology follows the ABCD approach, which stands for Active Scanner (active vulnerability information detection), Behavior Mesh Monitor (network behavior monitoring), Correlation in Defense (correlated defense of heterogeneous networks), and Dynamic Honeypot (construction of virtual honeypot environments). This framework establishes a secure 5G smart factory field trial. Data sources come from raw data generated by the actual operation of 5G smart factories, which are analyzed and verified. The research results show that in 5G smart factories, by analyzing data captured by smart sensors to identify mechanical faults and assess equipment health, fault pattern diagnosis accuracy can reach 90% through the analysis of time-domain signal features. Additionally, the active detection and protection system can detect network anomalies and abnormal equipment behavior, achieving a detection rate of over 90% and an equipment identification rate of 93%. This dissertation involved constructing attacks to exploit vulnerabilities, demonstrating the practicality of our findings. Various security issues were uncovered in each system analyzed, and several defense and mitigation solutions were presented to address these issues. The summary of this resaerch results is as follows: First, several security issues in IIoT networks that can be exploited by network adversaries were identified. Second, security weaknesses in signaling protocols of mobile communication systems were uncovered. Additionally, a MITRE ATT&CK framework was presented to model the threats and attacks on 5G mobile networks.Throughout this dissertation, numerous technical vulnerabilities affecting 5G-enabled smart factory were uncovered and addressed. Crucially, a versatile approach for conducting impactful security research where 5G Stand Alone (SA) networks intersect with the Industrial Internet of Things (IIoT) in smart factory was introduced and verified. The primary objective are to develop a Proactive Detection and Defense platform and validate its performance and security features in a reproducible test environment. |