Machine Tools Fingerprinting for Distributed Numerical Control Systems

As machine tools are connected to Industrial Ethernet and external interfaces in the wave of the fourth industrial revolution, new attacks and vulnerabilities are emerging. However, there is little security analysis on Distributed Numerical Control (DNC) system and Computerized Numerical Control (CNC) system. Researchers have demonstrated how to combine the characteristics of Industrial Control System (ICS) to augment existing Intrusion Detection System (IDS) solutions. To the best of our knowledge, there is no such work on DNC network. In response to this situation, a fingerprinting method is proposed as an enhancement technology to existing IDS for DNC systems. The first step is to extract the number of data collection points of each machine tool and the length of TCP payload of each packet. And the second step is to use data response processing times of machine tools to construct unique fingerprint for each machine. Finally, the optimum period slice k is selected and classification accuracy is evaluated using a real-world dataset from a small-scale smart factory. It is demonstrated that our fingerprinting method can be a valuable tool to enhance IDS for DNC network.