Bayesian Networks for Cybersecurity Decision Support: Enhancing Human-Machine Interaction in Technical Systems

WoS Article

en

The increasing digitization of manufacturing and the integration of CNC and industrial control systems into the industry 4.0 environment have introduced new cybersecurity risks that directly affect operational reliability. Traditional deterministic risk-assessment methods used for securing ICS-such as SCADA, PLC, and CNC systems-struggle to address uncertainty, dynamic operating conditions, and complex dependencies between technical and organizational factors. To overcome these limitations, this study develops a Bayesian Network (BN) model that captures probabilistic relationships between machine-level configuration parameters, network conditions, and potential security incidents. The model is applied to a CNC machining center (ZPS MCG1000i), where it supports scenario-based prediction of cybersecurity risks and provides interpretable outputs suitable for operator decision-making and human-machine interaction. The results demonstrate that BNs are effective in environments with limited data availability and high uncertainty, offering transparent and quantifiable insights into how specific misconfigurations-such as active remote access or irregular firmware updates-elevate overall system exposure. The proposed approach aligns with current regulatory and standardization requirements, including the NIS2 Directive (EU 2022/2555), ISO/IEC 27001:2022, ISO/IEC 27005:2022, and Regulation (EU) 2024/2847 (Cyber Resilience Act), which define cybersecurity obligations for products with digital elements. The study provides a reproducible and future-oriented methodology for integrating cybersecurity into machinery-safety evaluation in modern industrial environments.

bayesian networks, cybersecurity, CNC machines, human-machine interaction, NIS2 directive, Cyber Resilience Act (CRA)

2026-03-21

MDPI

Applied Sciences-Basel

16

6

3053/1–3053/18

18