Yatagha, RomarickWaedt, KarlSchindler, JosefKirdan, ErkanKlein, MaikeKrupka, DanielWinter, CorneliaWohlgemuth, Volker2023-11-292023-11-292023978-3-88579-731-9https://dl.gi.de/handle/20.500.12116/43135The surging prominence of the Industrial Internet of Things (IIoT) introduces both unique prospects and complex issues for industrial control systems, notably within the cybersecurity sphere. Cybersecurity concerns are particularly acute for smart factories, entities that leverage IIoT capabilities like networked sensors and machine learning to streamline production. The heterogeneous devices from diverse manufacturers and vast interconnected networks heighten their susceptibility to cyber threats. This paper examines the contemporary cybersecurity landscape within smart factories, pinpointing current vulnerabilities and imminent threats. Drawing on this analysis, we put forth a suite of best practices and strategic measures to fortify IIoT networks, including but not limited to network segmentation and stringent access controls. We pay specific attention to network segmentation, a technique used to break down a computer network into manageable subnetworks, thus mitigating the risk of attacks. We propose an innovative network segmentation policy that leverages clustering, an unsupervised learning algorithm. This algorithm classifies network traffic into distinct categories based on, but not limited to, source and destination IP addresses, employed protocol, and packet size. This data-driven classification simplifies network segmentation and configuration, minimizing their complexity. The paper also underlines the critical role of employee training and awareness in establishing robust security practices, particularly for the design, integration, and deployment of IIoT devices and edge computing. Our findings offer actionable insights for industrial control systems operators and cybersecurity professionals, empowering them to fortify their IIoT networks against cyber threats effectively.enNetwork SegmentationMachine LearningCybersecurityIIoTEdge ComputingText/Conference Paper10.18420/inf2023_2041617-5468