In recent years, the importance of more intuitive and flexible human-machine interfaces is growing due to the rapid progress of Industry 5.0. Virtual Reality (VR) interfaces offer an unmatched immersion level and are a natural choice for enabling efficient interaction between human operator and production control systems. However, intensive data exchange, extension of the attack surface and exposure of sensitive information inherent to VR technology make cybersecurity concerns the impediments to a wider implementation of industrial VR interfaces.

The present research focuses on vulnerabilities specific to VR-enabled Industry 5.0 human-machine interfaces to allow the mitigation measures prioritization. Several typical cyber threats were singled out in previous studies but not analysed within an appropriate methodology to compare possible impacts, time and resources needed for mitigation or response actions in order to assure the production continuity and information security. Industrial machine interface and VR interface are prone to identity spoofing, exploitation of vulnerabilities and malicious software; network infrastructure may face eavesdropping, data tampering, delay, signal jamming. For a comprehensive industrial data platform, an extended data flow diagram has been built and the STRIDE methodology has been applied to analyse threats and define the respective countermeasures implementing a multi-layered security approach to prevent compromising VR-enabled remote operation control sequences. Proposed safeguards are inputs for a simulation that allows optimisation resource usage to meet the acceptable risks for the system.Attack simulations show that without a proper prioritization, limited resources of development and response forces can be rapidly exhausted by the attacker which will lead to adverse impact on business continuity and loss of the sensitive data. Current research suggests the proactive strategy and the systemic approach for threat and countermeasures prioritisation based on quantitative modelling and compliant with best practices in the field.