CyberFactory#1 Results Webinar in Finland


The webinar provides insights to the research and development work done by the Finnish consortium partners, Bittium, High Metal, Houston Analytics, Netox, Rugged Tooling and VTT during the past three years. We focuse on the ITEA project core themes, namely optimization and cybersecurity. The webinar starts with the host Jarno Salonen (Senior Scientist and the CyberFactory#1 project country coordinator) introducing the project briefly. Then the partners present their key results from the project and the participants may raise questions after each presentation.


Please note: The main language of this event is Finnish.

Jarno Salonen is a Senior Scientist in the Applied cybersecurity research team at VTT. He is the Finnish country coordinator of CyberFactory#1 and also coordinates VTT’s research in three other EU projects, namely SeCoIIA, CyberSec4Europe and Mind4Machines. He has a professional background of over 20 years in making the digital world a better place for ordinary users especially in the areas of cybersecurity, privacy, resilience and development of digital services.

Lauri Nurminen is a Vice President and entrepreneur at family owned company High Metal Oy. At High Metal he is responsible for marketing, sales and project management of CyberFactory#1. He has a professional background of over 15 years in translating the engineers’ ideas to customers. His goal is to transform a traditional manufacturing company to a technology and data-oriented company.

Antti Syväniemi is the  CEO and Founder of Houston Analytics Ltd. Antti possesses over 15 years of experience in the application of analytics to business processes. Prior to founding Houston Analytics, Antti  held executive positions in business development, CRM, customer and market intelligence and category management. Antti’s key focus areas include analytics-based management models and intelligent strategy processes.

Mirko Sailio is a research scientist in VTT Technical Research Centre of Finland with over 10 years of experience, concentrating on network security monitoring in complex networks. He’s interested in technical security, threat actors and in challenges of using AI/ML to increase network security.

Jari Partanen is the Director, Quality, Environment and Technology Management at Bittium. The target for Bittium in the Cyberfactory#1 project has been to create a consistent and secure information architecture, processes and information tools which enable real-time, partnered manufacturing and deliveries including various product support services and related information tools. Jari Partanen has been active researcher for over 20 years with over 20 peer-reviewed publications. Research interests include topics like cybersecurity, agile software development, real-time value delivery methods, innovation exploitation methods as well as mass customization techniques. Jari Partanen is actively engaged with wide number of European or Finnish research projects continuously.

Markku Korkiakoski is the Chief Operating Officer at Netox. He is responsible of Cyberfactory#1 project management at Netox and the task leader of 5.1. in workpackage 5. Markku has more than 20 years of professional experience and is an active member of the cyber security domain, both nationally and internationally. He is in the management board of Finnish Information Security Cluster, working group member in ENISA and chairman of the Industry Advisory Board in SERC (I/UCRC, National Science Foundation program, FIN-USA).

Risto Kauppi is CEO (act.) and major partner of Rugged Tooling. His main task in CyberFactory#1 is to seek for scalable business opportunities based on the research results of the project. Risto is a seasoned business professional with 25 years of experience of international partnerships and negotiations.

If you have any questions regarding the event please contact Jarno Salonen.


CyberFactory#1 at the ESM 2021: Invited Talks

The CyberFactory#1 consortium organised a second workshop at the 35th European Simulation and Modelling Conference, which took place on October 27th-29th. Similar to last year’s CyberFactory#1 workshop it consisted of invited talks and a paper session. This year, four speakers from our partners gave the keynotes at the conference, presenting one of our use-cases and covering different aspects of the factory of the future that increase the security and optimization of production. Check out the presentations below.


Invited Talks:


1. CyberFactory#1 – Protecting the Factory of the Future with CyberRanges and Digital Twins: the Roboshave Use-Case

Speaker: Adrien Bécue (Head of Innovation Airbus Cybersecurity, Elancourt, France)

2. Holistic Correlation of Events from increased Security and Safety of Factories of the Future

Speaker: Isabel Praça (Professor at ISEP and Researcher at GECAD, Porto, Portugal)

3. Realistic Simulation-based Fleet of cobots for FoF Optimization in Complex Scenarios

Speaker: Sergi Garcia (PAL Robotics, Barcelona, Spain)

4. CyberFactory#1 – Increasing the FoF Resilience with Modelling and Simulation Tools

Speaker: Jarno Salonen (Industrial Cybersecurity, VTT Technical Research Centre of Finland, Tampere, Finland)

Further information on the conference, the speakers and their topics can also be found here.



New State of the Art Document

The new State of the Art document provides an overview on factories of the future (FoF) resilience. It is structured along the four key enabling capabilities related to the resilience of the factory of the future that are considered to be vital, namely:

  • Human/machine access & trust management
  • Robust machine learning ability
  • Human/machine behaviour watch
  • Cyber resilience capability

Resilience in the factory of the future is significant due to the nature of modern manufacturing that is increasingly based on large supply chain networks with real-time information exchange as well as other Industry 4.0 characteristics such as the Industrial Internet of Things, cloud repositories and machine learning. As the ever-increasing digitalisation introduces new cyber threats, FoF operators need to identify and mitigate these threats, taking into account not only their own operations, but also all the other potential vulnerable parts of the entire manufacturing supply chain. By identifying the threats and vulnerabilities within the supply chain, they can strengthen the weakest links which can be production machines, connections, network devices or even employees. Strengthening the weakest links consists among other things of assigning the necessary security policies and access rights and restrictions to users and devices, designing and developing protective measures to factory assets and its supporting technologies such as machine learning (ML) and artificial intelligence (AI), monitoring anomalies and other irregularities, training personnel to detect and perform mitigation actions, but also planning and practicing the remediation and recovery of factory assets in case of a cyber-attack. After all, it is not about whether a cyber-attack will happen, but when and especially how fast are we able to detect it.


Download: State of the Art – Factory of the Future Resilience

Other State of the Art Documents:

Factorys of the Future: State of the Art in Modelling and Simulation

State of the Art – Factory of the Future Optimization


Call for papers for our second CyberFactory#1 Workshop at the ESM2021!

Call for Papers to be presented at the 35th European Simulation and Modelling Conference

October 27 – October 29, 2021, Rome, Italy

2. Workshop: CyberFactory – Optimization & Resilience of Factories of the Future

This workshop focuses on the development and application of methods for modeling and simulation of CPS for the factory of the future (FoF). With the advent of Industry 4.0, digitalization and automation processes have moved into the focus of industry. The primary goal is not the optimization of a single production plant, but of the factory as a whole by the marriage of physical assets and advanced digital technologies, such as the internet of things (IoT), artificial intelligence (AI) and robots. From a modeling perspective, the individual components of the factory thus become cyber-physical systems (CPS) that communicate, analyze, and act upon information, enabling more flexible and responsive production. This track focuses on the development and application of methods for modeling and simulation of CPS for the factory of the future (FoF).

The organizers invite contributions with a focus towards CPS in the FoF that describe problem statements, trends, and emerging ideas in the engineering and application of CPS in industrial production.

Topics include, but are not limited to:

  • Requirements on CPS modeling for optimization and resilience of the FoF
  • Architectures for the FoF
  • Application of existing CPS models to industry: benefits and gaps
  • Usage of digital twins for optimization and resilience in the FoF
  • Data lake exploitation for the FoF
  • Models & Simulations for the identification of threats on safety and security in the FoF
  • Tool support for modeling & simulation of the FoF
  • Uncertainties and predictions in the FoF models
  • Modeling of human-machine-interaction in the FoF
  • Distributed manufacturing
  • Cyber resilience modeling for the FoF

Paper format:

Participants may submit a 5 page full paper or an 8 page extended paper (single spaced, double column) in PDF format. Paper formatting guidelines and templates can be found at All accepted papers will be published in the ESM’2020 Conference Proceedings.

Workshop format:

The workshop will be held as part of the European Simulation and Modeling Conference (ESM) 2021 to take place in Rome, Italy on October 27-29, 2021. It will feature peer-reviewed paper presentations organized according to the topics defined above. Papers not exceeding 8 pages must be submitted electronically via email in PDF format and must be conform to the submission guidelines.

Each submission will be reviewed by at least three members of the Program Committee and will be evaluated on the basis of originality, importance of contribution, soundness, evaluation, quality of presentation and appropriate comparison to related work. The program committee as a whole will make final decisions about which submissions to accept for presentation at the conference.

Important Dates:

Paper Submission deadline:                           Jun 25th, 2021
Notification of acceptance/rejection:      Aug 21th, 2021
Camera ready paper:                                          Sep 27th, 2021
Workshop:                                                                Oct 27th-29th, 2021


Adrien Bécue (Airbus Cybersecurity)
Frank Oppenheimer (OFFIS e.V.)
Ilhan Kaya (Vestel)
Ingo Stierand (OFFIS e.V.)
Isabel Praça (Instituto Superior de Engenharia do Porto)
Jarno Salonen (VTT Technical Research Centre of Finland Ltd)
Linda Feeken (OFFIS e.V.)

Linda Feeken,

Webinar: Resilience Capabilities for the Factory of the Future


The webinar will provide insights to one of the key capabilities of CyberFactory#1: Resilience. The keynote speech is given by Sauli Eloranta, Professor of Practice at VTT, on “Industry challenge to resilience in the factory of the future”. Afterwards, experts from a number of project partners will discuss the different aspects that need to be considered for a resilient Factory of the Future. The first half focuses on access management approaches and protection of AIs. After a short Q&A, presentations are given on monitoring of the FoF and dealing with cyberattacks, followed by another Q&A.




14.00:             Welcome

Jarno Salonen, VTT

Keynote: Industry challenge to resilience in the factory of the future

Sauli Eloranta, VTT

14.20:             How to create trust with comprehensive identity and access management

Markku Korkiakoski, Netox

Don’t make me think: an intuitive access management approach

Diogo Santos, Sistrade

14.40:             How to protect AI from manipulation attempts

Ching-Yu Kao, Fraunhofer AISEC

Aspects of preventing AI manipulation

Seppo Heikura, Houston Analytics

15.00:              Q&A

15.10:             How to enhance resilience by monitoring the FoF

Mario Brauer, Airbus CyberSecurity Germany

Monitoring different aspects of human behaviour on the shop-floor

Jorge Oliveira, ISEP

15.30:             Architectural approach to effectively detect cyberattacks

Murat Lostar, Lostar

How to remediate and recover from a cyberattack

Jari Partanen, Bittium

15.50:              Q&A

16.00              Wrap Up

Jarno Salonen, VTT


Keynote Speaker:

Sauli Eloranta (Professor of Practice at VTT Technical Research Centre of Finland)

Sauli Eloranta, M. Sc. (Tech.), began working as Professor of Practice at VTT on 1 January 2020. Eloranta, elected the CTO of the Year in Finland in 2019, came to VTT with a long experience of promoting technology and digitisation in industry and maritime transport.

Before VTT, Eloranta acted as Head of Innovation and Technology at Rolls-Royce Marine, later Kongsberg Maritime. Eloranta earned the CTO of the Year title granted by the Federation of Finnish Technology Industries for his merits as an active influencer in the Finnish innovation scene and promotor of autonomous marine traffic. He chaired the One Sea Autonomous Maritime Ecosystem in 2016-2019. Sauli has chaired the Business Finland digital advisory board and is a member of the transport sector growth programme. In addition, he has been involved in supporting the collaboration of the private sector and societal actors.

In his role as Professor of Practice, Eloranta focuses on the overall resilience of the Finnish society. His area also covers cyber security, autonomous systems and smart transport & mobility. Recently, Sauli has given program management support to Finland´s Ministry of Economics & Employment (TEM) in establishing domestic production of face masks for public health care.

CyberFactory#1 Welcomes LISA to the Team


We are proud to announce that the CyberFactory#1 Consortium was joined by LISA Deutschland GmbH in February 2021. LISA Group is an internationally known company for Intelligent Systems and learning algorithms, and has extensive experinece in developing Systems for Aircraft and Space Operations.

Within the project LISA will provide an autonomous anomaly bot aimed at detecting cybersecurity anomalies to enhance production and manufacturing in the factory of the future. The bot will be used within the use cases of Airbus Defense and Space (Spain) but it can be applied to detect cybersecurity anomalies in any environment. You can read more about their addition to the project here.



Are there hidden costs of untrusted technology in 5G private networks?

In some European metropolitan areas, you can already see a 5G symbol on your mobile phone display. Nevertheless, most networks are still in the planning phase and mobile network operators (MNOs for short) have not yet made a final decision on which equipment provider they will purchase the network technology from. This applies even more to private corporate networks, so-called campus networks, despite the decision being potentially significant for the security of the factory of the future.

In many European countries, there are currently discussions about the economic possibilities in connection with the new mobile communications standard 5G. This concerns possible leaps in productivity, but also the security gaps and dependencies associated with greater networking that would arise if these new mobile networks were built with Chinese technology, for example. As a result of these discussions, some states have excluded untrusted network equipment suppliers from building domestic 5G networks or set the regulatory hurdles so high that the result is tantamount to a ban.  The question which is slowly moving up the agenda is: is it necessary to also regulate private networks with respect to the technology they use? From the perspective of an economist this should only be the case if using untrusted technology has a detrimental effect on customers, suppliers or employees for which they are not compensated. Economist call that negative externalities.

Network equipment providers for 5G networks are expected to have a high level of trustworthiness in order to participate in an infrastructure that controls large parts of a factory of the future. It is particularly difficult for Chinese suppliers to establish this credibility. They are often seen as untrustworthy, operating from a country without sufficient rule of law, which exercises strict state control over their business conduct and management. Moreover, Western intelligence agencies, cybersecurity firms and the media regularly report that China is the country of origin for numerous attempts at industrial espionage.

If companies with such origins are nevertheless involved in the deployment of 5G networks in Europe, this will come at a significant cost. Only part of these costs are incurred by the company operating the network and choosing the network providers. A large part of the costs must be borne by other parts of society, which in absence of further regulation have no influence on the choice of network provider.

Even when the factory of the future decides which providers to procure 5G network technology from, they do not take all costs into account – either because they are hidden costs that will be incurred later (life-cycle costs) or because they are borne by others than the MNOs (external costs). Of course, many security-related costs will also occur if 5G networks are built exclusively with trusted technology. However, these costs will be lower because a trusted provider is a cooperating partner in securing the network from external influences.

If non-trusted providers are a part of a private 5G network, additional efforts will have to be made

  • to test and verify the software updates provided.
  • to share information with other private network operators, government agencies responsible for network security, and with suppliers and customers of the cyber factory of the future. New information sharing and analysis centers need to be established among industry participants.
  • to build additional sensors into the network to monitor network traffic and detect unintended data flows to third parties.
  • To develop and integrate new AI tools into network management as an early warning system for covert data exfiltration.
  • to devote resources to enforce regulatory policies and compliance to compensate for the lack of trust in the network.
  • to cover damages caused by cyber-attacks by spending (more) money on cyber insurance to deal with the financial consequences.

If a 5G network contains untrusted technology, more of the burden to protect data or machines controlled over the network falls on the operator, but potentially also on other parts of their value chain. The latter will have to spend more resources on classic cybersecurity tools or will have to leave the value chain that makes the cyber-factory of the future and thus will not be able to realize potential productivity gains.

European 5G technology providers will have a hard time competing with companies that do not need to make a profit in order to stay in the 5G business – for example because they are backed by a state for strategic reasons. To internalize the external costs and to guarantee a level playing field, it should be considered to not only regulate nationwide networks, but to include private 5G campus networks. The goal is to either exclude non-trusted technology or to require operators of campus networks to invest in the necessary additional protection when using non-trusted technology.

Authors: Johannes Rieckmann and Tim Stuchtey, BIGS

A more detailed description and estimate of the hidden costs of untrusted vendors in 5G networks can be found in the policy paper and the country studies for Germany, France, Italy and Portugal. The virtual presentation of the policy paper takes place on the 16th of March at 2pm (CET).

Virtual Panel – CyberFactory: How to make the Factory of the Future efficient and secure?

On the 9th of December we held our virtual panel on “CyberFactory#1: How to make the factory of the future efficient and secure”. Our speakers, Adrien Bécue, İrem Hilavin and Jari Partanen, presented the project, the use-case of Vestel and aspects of FoF resilience before answering questions such as on human-machine relations or what the benefits of this project might be for companies that are not directly involved. Below you can find the presentation slides. We look forward to many more events in the new year!




As factories digitalise and adopt automation technologies, they unlock new business models, manufacturing processes and logistics methods – as well as alternative roles for the people and machines that work in the factory. At the same time, these processes result in more complex IT and OT systems, presenting novel cyber security challenges and potentially leading to dangerous new interdependencies.

Based on early results from the European research project CyberFactory#1, our panel discussed both the opportunities and challenges represented by the digitalisation and automation of factories, including what the transition towards a new factory system of systems may look like – but also the new threats that organisations may face if security and resilience are not prioritised early in the process.



Adrien Bécue, Project Leader CyberFactory#1, Head of Innovation, Airbus CyberSecurity, France

Jari Partanen, Task Leader CyberResilience, Head of Quality, Environment and Technology Management, Bittium, Finland

İrem Hilavin, Work Package Leader Integration & Validation, SW Design Architect, Vestel, Turkey



Towards Digital Twins for Optimizing the Factory of the Future


Logistics are essential regarding the efficiency of factories, and therefore their optimization increases productivity. This paper presents an approach and an initial implementation for optimizing a fleet of automated transport vehicles, which transports products between machines in the factory of the future. The approach exploits a digital twin derived from a model of the factory representing the artifacts and information flow required to build a valid digital twin. It can be executed faster than real-time in order to assess different configurations, before the best-fitting choice is applied to the real factory. The paper also gives an outlook on how the digital twin will be extended in order to use it for additional optimization aspects and to improve resilience of the transport fleet against anomalies.

Access to Document (upon request)



Patrick Eschemann, Phillip Borchers, Linda Feeken, Ingo Stierand, Jan Zernickel & Martin Neumann

Paper Presentation at ISAmI 2020

Prof. Dr. Isabel Praça of the School of Engineering (ISEP) / Polytechnic Institute of Porto (IPP) will present a paper titled: “FullExpression – Using transfer learning in the classification of human emotions” at ISAmI 2020 – the International Symposium on Ambient Intelligence – later in October this year.

The paper addresses the topic of how emotions can be detected to pave the way for mental states like fatigue, lack of attention, or similar symptoms detection. This is ISEP background research with the intention to apply it to the capabilities of Human Machine optimization and safety capabilities of CyberFactory.