There is no fixed way to protect a smart factory. This is because the system configuration differs depending on the factory, as does the presence of vulnerabilities in the system and the impact on the business when the system operation is delayed or stopped. While cyberattacks that threaten smart factories cannot be ignored, we recognize that it is a struggle to decipher which security method is sufficient and which is insufficient within your organization's specific system, as well as where to start.
In order to design a secure system, it is necessary to grasp the current situation, set goals, consider ways to fill the goals alongside the current skills gap, and repeat the execution. In other words, it is necessary to set goals before considering countermeasures, and risk assessment is required even before setting those goals. This document does not explain the theory of risk assessment, it is rather intended to simulate risk assessment practices using an example of a fictitious smart factory. The risk assessment described in this document aims to assess and prioritize the risks of the entire smart factory environment, including IT. If you would like to see the document, please download from the link below.