Difference between revisions of "Journal:Cyberbiosecurity for biopharmaceutical products"

From LIMSWiki
Jump to navigationJump to search
(Created stub. Saving and adding more.)
(Saving and adding more.)
Line 25: Line 25:
}}
}}
==Abstract==
==Abstract==
Cyberbiosecurity is an emerging discipline that addresses the unique vulnerabilities and threats that occur at the intersection of cyberspace and biotechnology. Advances in technology and manufacturing are increasing the relevance of cyberbiosecurity to the biopharmaceutical manufacturing community in the United States. Threats may be associated with the biopharmaceutical product itself or with the digital thread of manufacturing of biopharmaceuticals, including those that relate to supply chain and cyberphysical systems. Here, we offer an initial examination of these cyberbiosecurity threats as they stand today, as well as introductory steps toward paths for mitigation of cyberbiosecurity risk for a safer, more secure future.
Cyberbiosecurity is an emerging discipline that addresses the unique vulnerabilities and threats that occur at the intersection of cyberspace and [[biotechnology]]. Advances in technology and manufacturing are increasing the relevance of cyberbiosecurity to the biopharmaceutical manufacturing community in the United States. Threats may be associated with the biopharmaceutical product itself or with the digital thread of manufacturing of biopharmaceuticals, including those that relate to supply chain and cyberphysical systems. Here, we offer an initial examination of these cyberbiosecurity threats as they stand today, as well as introductory steps toward paths for mitigation of cyberbiosecurity risk for a safer, more secure future.


'''Keywords''': cyberbiosecurity, cybersecurity, biopharmaceutical manufacturing, engineering biology, cell therapy, gene therapy, supply chain
'''Keywords''': cyberbiosecurity, cybersecurity, biopharmaceutical manufacturing, engineering biology, cell therapy, gene therapy, supply chain
==Introduction==
Cyberbiosecurity is an emerging discipline encompassing vulnerabilities and corrective measures needed to address the unique risks existing at the intersection of cybertechnology and [[biotechnology]]. An early, inclusive definition of cyberbiosecurity is “understanding the vulnerabilities to unwanted surveillance, intrusions, and malicious and harmful activities which can occur within or at the interfaces of comingled life and medical sciences, cyber, cyber-physical, supply chain and infrastructure systems, and developing and instituting measures to prevent, protect against, mitigate, investigate, and attribute such threats as it pertains to security, competitiveness, and resilience.”<ref name="MurchCyber18">{{cite journal |title=Cyberbiosecurity: An Emerging New Discipline to Help Safeguard the Bioeconomy |journal=Frontiers in Bioengineering and Biotechnology |author=Murch, R.S.; So, W.K.; Buchholz, W.G. et al. |volume=6 |pages=39 |year=2018 |doi=10.3389/fbioe.2018.00039}}</ref>
To place context around the area of cyberbiosecurity, it is worth reviewing the established terms that contribute to this emerging discipline. Cybersecurity considers the security of digital [[information]] that is propagated and stored through networks of connected electronic devices.<ref name="LordWhat19">{{cite web |url=https://digitalguardian.com/blog/what-cyber-security |title=What is cyber security? Definition, best practices & more |author=Lord, N. |work=Digital Guardian |date=15 May 2019}}</ref> In general, biosecurity refers to the threat to living organisms and the environment due to exposures to biological agents, such as pathogens, whether occurring naturally or intentionally created.<ref name="IMNRCGlob06">{{cite book |url=https://www.nap.edu/catalog/11567/globalization-biosecurity-and-the-future-of-the-life-sciences |title=Globalization, Biosecurity, and the Future of the Life Sciences |author=Institute of Medicine and National Research Council of the National Academies |publisher=National Academies Press |year=2006 |isbn=0309654181}}</ref> A cyber-biological interface results when biological information is measured, monitored, or altered, and converted to digital information, or in the reverse, when digital information is used to manipulate a biological system. Similarly, a cyber-physical interface occurs when a physical mechanism is controlled or monitored by a digital means, such as the computer controlled mixing speed of a bioreactor. Importantly, cyber-physical interfaces may alter biological properties, blurring the lines of individualized definitions. Our intent in this publication is not to further refine the definition of cyberbiosecurity, as we believe that is best done through ongoing dialog within relevant stakeholder communities. Therefore, we rely on a working understanding of cyberbiosecurity as stated by Peccoud ''et al.''<ref name="PeccoudCyber18">{{cite journal |title=Cyberbiosecurity: From Naive Trust to Risk Awareness |journal=Trends in Biotechnology |author=Peccoud, J.; Gallegos, J.E.; Murch, R. et al. |volume=36 |issue=1 |pages=4–7 |year=2018 |doi=10.1016/j.tibtech.2017.10.012 |pmid=29224719}}</ref>, in referring to “the new risks emerging at the frontier between cyberspace and biology.” For the purposes of this paper, we focus on cyberbiosecurity for the manufacture of biopharmaceuticals, to raise awareness of the existing risks that will be compounded through innovation in both the emerging types of biologically-manufactured therapies and the increasingly automated processes used to develop and manufacture them.
The biopharmaceutical industry contributes nearly one trillion dollars to the U.S. economy, and has been highly successful in industrializing biotechnologies to produce biologic therapeutics.<ref name="PhRMATheEcon17">{{cite web |url=http://phrma-docs.phrma.org/files/dmfile/PhRMA_GoBoldly_Economic_Impact.pdf |format=PDF |title=The Economic Impact of the U.S. Biopharmaceutical Industry: 2015 National and State Estimates |author=TEConomy Partners |publisher=Pharmaceutical Research and Manufacturers of America |date=October 2017 |accessdate=14 March 2019}}</ref> Biopharmaceutical products, or biologics, use engineered biological systems as platforms to manufacture therapeutic products to prevent or treat a variety of health conditions, such as cancer, diabetes, autoimmune disorders, and microbial infections. These products include vaccines, traditional protein therapeutics such as monoclonal antibodies, as well as emerging biotechnologies such as cell and [[Genomics|gene therapies]].
Although the processes differ in how various classes of therapeutics are manufactured, in each process, information flows repeatedly between biological information (i.e., genetic) and cyber (i.e., digital) information. Securing this information flow through thoughtful assessment of vulnerabilities and threats for biopharmaceutical manufacturing is critical for public health, economic security, and national security. The focus of this publication is to illuminate these vulnerabilities and threats to encourage the broad stakeholder community to work toward the development of appropriate risk mitigation strategies, both for the current state-of-the-art and for the emerging technologies that represent the future state of the industry. Novel threats to the security of biological and related information along interfaces relevant to human health and manufacturing processes will continue to emerge as innovation progresses.
The interface of biological and digital information in biomanufacturing creates two primary concerns in evaluating cyberbiosecurity vulnerabilities, that recur throughout multiple processes in the end-to-end workflow (see Figure 1 in Peccoud ''et al.''<ref name="PeccoudCyber18" />). The first concern is the nature of the biological manufacturing platform, as information contained in biological systems is subject to both evolution and context in ways that may not be well-understood or predictable. The variation that biological systems introduce in manufacturing presents risks for product consistency. The industry has developed extensive bioprocess control strategies and release testing to mitigate risks for established classes of biotherapeutics to ensure consistent product with minimal lot-to-lot variability. However, this biological variation presents challenges for innovating flexible scaling of existing large-batch processes. The issue of inherent biological variation is a critical challenge in the manufacture of emerging classes of gene and cellular therapies where typical small-batch manufacturing across a wider diversity of product types precludes the reliance on large historical data sets to allow identification of subtle process deviation. For these small-batch products, subtle genetic deviation during cellular expansion steps may be magnified ''in vivo'' due to differences between the host and the patient.
The second area of concern is the integrity of the data associated with the biopharmaceutical manufacturing process, including data related to supply chain and cyberphysical systems. Biopharmaceutical manufacturers are complex organizations that rely on technology as part of daily operations to tightly monitor and control biopharmaceutical production processes. The notion of a digital thread, which refers to data that follows a product and informs decisions throughout its life cycle, can be applied to the biopharmaceutical industry.<ref name="WangTheFut18">{{cite journal |title=The Future of Manufacturing: A New Perspective |journal=Engineering |author=Wang, B. |volume=4 |issue=5 |pages=722–28 |year=2018 |doi=10.1016/j.eng.2018.07.020}}</ref> The digital thread of the manufacturing of biopharmaceuticals includes data that support the development and scale up of the manufacturing process, clinical data, post-approval data, and the equipment used to manufacture the product. As the number of interconnected devices and systems that inform digital threads increases, cybersecurity vulnerability increases, because one vulnerable device can result in a threat that compromises a single point, or an entire process, system, or supply chain. Further, as a result of greater dependence on automation and decentralized manufacturing, the security of information transfer from site to site is critical to ensure the efficacy of the production process. While many cybersecurity concerns related to biopharmaceutical processes can be mitigated by existing best practices, standards, and regulations, the additional complexities at the cyber-biological interfaces during biopharmaceutical manufacturing processes, described below, warrant further examination.


==References==
==References==
Line 33: Line 47:


==Notes==
==Notes==
This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added.
This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added. The original article listed references alphabetically; this version, by design, lists them in order of appearance.


<!--Place all category tags here-->
<!--Place all category tags here-->

Revision as of 18:04, 15 July 2019

Full article title Cyberbiosecurity for biopharmaceutical products
Journal Frontiers in Bioengineering and Biotechnology
Author(s) Mantle, Jennifer L.; Rammohan, Jayan; Romatseva, Eugenia F.; Welch, Joel T.; Kauffman, Leah R.;
McCarthy, Jim; Schiel, John; Baker, Jeffrey C.; Strychalski, Elizabeth A.; Rogers, Kelley C; Lee, Kelvin H.
Author affiliation(s) National Institute for Innovation in Manufacturing Biopharmaceuticals, National Institute of Standards and Technology,
U.S. Food and Drug Administration
Primary contact Email: KHL at udel dot edu
Editors Murch, Randall S.
Year published 2019
Volume and issue 7
Page(s) 116
DOI 10.3389/fbioe.2019.00116
ISSN 2296-4185
Distribution license Creative Commons Attribution 4.0 International
Website https://www.frontiersin.org/articles/10.3389/fbioe.2019.00116/full
Download https://www.frontiersin.org/articles/10.3389/fbioe.2019.00116/pdf (PDF)

Abstract

Cyberbiosecurity is an emerging discipline that addresses the unique vulnerabilities and threats that occur at the intersection of cyberspace and biotechnology. Advances in technology and manufacturing are increasing the relevance of cyberbiosecurity to the biopharmaceutical manufacturing community in the United States. Threats may be associated with the biopharmaceutical product itself or with the digital thread of manufacturing of biopharmaceuticals, including those that relate to supply chain and cyberphysical systems. Here, we offer an initial examination of these cyberbiosecurity threats as they stand today, as well as introductory steps toward paths for mitigation of cyberbiosecurity risk for a safer, more secure future.

Keywords: cyberbiosecurity, cybersecurity, biopharmaceutical manufacturing, engineering biology, cell therapy, gene therapy, supply chain

Introduction

Cyberbiosecurity is an emerging discipline encompassing vulnerabilities and corrective measures needed to address the unique risks existing at the intersection of cybertechnology and biotechnology. An early, inclusive definition of cyberbiosecurity is “understanding the vulnerabilities to unwanted surveillance, intrusions, and malicious and harmful activities which can occur within or at the interfaces of comingled life and medical sciences, cyber, cyber-physical, supply chain and infrastructure systems, and developing and instituting measures to prevent, protect against, mitigate, investigate, and attribute such threats as it pertains to security, competitiveness, and resilience.”[1]

To place context around the area of cyberbiosecurity, it is worth reviewing the established terms that contribute to this emerging discipline. Cybersecurity considers the security of digital information that is propagated and stored through networks of connected electronic devices.[2] In general, biosecurity refers to the threat to living organisms and the environment due to exposures to biological agents, such as pathogens, whether occurring naturally or intentionally created.[3] A cyber-biological interface results when biological information is measured, monitored, or altered, and converted to digital information, or in the reverse, when digital information is used to manipulate a biological system. Similarly, a cyber-physical interface occurs when a physical mechanism is controlled or monitored by a digital means, such as the computer controlled mixing speed of a bioreactor. Importantly, cyber-physical interfaces may alter biological properties, blurring the lines of individualized definitions. Our intent in this publication is not to further refine the definition of cyberbiosecurity, as we believe that is best done through ongoing dialog within relevant stakeholder communities. Therefore, we rely on a working understanding of cyberbiosecurity as stated by Peccoud et al.[4], in referring to “the new risks emerging at the frontier between cyberspace and biology.” For the purposes of this paper, we focus on cyberbiosecurity for the manufacture of biopharmaceuticals, to raise awareness of the existing risks that will be compounded through innovation in both the emerging types of biologically-manufactured therapies and the increasingly automated processes used to develop and manufacture them.

The biopharmaceutical industry contributes nearly one trillion dollars to the U.S. economy, and has been highly successful in industrializing biotechnologies to produce biologic therapeutics.[5] Biopharmaceutical products, or biologics, use engineered biological systems as platforms to manufacture therapeutic products to prevent or treat a variety of health conditions, such as cancer, diabetes, autoimmune disorders, and microbial infections. These products include vaccines, traditional protein therapeutics such as monoclonal antibodies, as well as emerging biotechnologies such as cell and gene therapies.

Although the processes differ in how various classes of therapeutics are manufactured, in each process, information flows repeatedly between biological information (i.e., genetic) and cyber (i.e., digital) information. Securing this information flow through thoughtful assessment of vulnerabilities and threats for biopharmaceutical manufacturing is critical for public health, economic security, and national security. The focus of this publication is to illuminate these vulnerabilities and threats to encourage the broad stakeholder community to work toward the development of appropriate risk mitigation strategies, both for the current state-of-the-art and for the emerging technologies that represent the future state of the industry. Novel threats to the security of biological and related information along interfaces relevant to human health and manufacturing processes will continue to emerge as innovation progresses.

The interface of biological and digital information in biomanufacturing creates two primary concerns in evaluating cyberbiosecurity vulnerabilities, that recur throughout multiple processes in the end-to-end workflow (see Figure 1 in Peccoud et al.[4]). The first concern is the nature of the biological manufacturing platform, as information contained in biological systems is subject to both evolution and context in ways that may not be well-understood or predictable. The variation that biological systems introduce in manufacturing presents risks for product consistency. The industry has developed extensive bioprocess control strategies and release testing to mitigate risks for established classes of biotherapeutics to ensure consistent product with minimal lot-to-lot variability. However, this biological variation presents challenges for innovating flexible scaling of existing large-batch processes. The issue of inherent biological variation is a critical challenge in the manufacture of emerging classes of gene and cellular therapies where typical small-batch manufacturing across a wider diversity of product types precludes the reliance on large historical data sets to allow identification of subtle process deviation. For these small-batch products, subtle genetic deviation during cellular expansion steps may be magnified in vivo due to differences between the host and the patient.

The second area of concern is the integrity of the data associated with the biopharmaceutical manufacturing process, including data related to supply chain and cyberphysical systems. Biopharmaceutical manufacturers are complex organizations that rely on technology as part of daily operations to tightly monitor and control biopharmaceutical production processes. The notion of a digital thread, which refers to data that follows a product and informs decisions throughout its life cycle, can be applied to the biopharmaceutical industry.[6] The digital thread of the manufacturing of biopharmaceuticals includes data that support the development and scale up of the manufacturing process, clinical data, post-approval data, and the equipment used to manufacture the product. As the number of interconnected devices and systems that inform digital threads increases, cybersecurity vulnerability increases, because one vulnerable device can result in a threat that compromises a single point, or an entire process, system, or supply chain. Further, as a result of greater dependence on automation and decentralized manufacturing, the security of information transfer from site to site is critical to ensure the efficacy of the production process. While many cybersecurity concerns related to biopharmaceutical processes can be mitigated by existing best practices, standards, and regulations, the additional complexities at the cyber-biological interfaces during biopharmaceutical manufacturing processes, described below, warrant further examination.


References

  1. Murch, R.S.; So, W.K.; Buchholz, W.G. et al. (2018). "Cyberbiosecurity: An Emerging New Discipline to Help Safeguard the Bioeconomy". Frontiers in Bioengineering and Biotechnology 6: 39. doi:10.3389/fbioe.2018.00039. 
  2. Lord, N. (15 May 2019). "What is cyber security? Definition, best practices & more". Digital Guardian. https://digitalguardian.com/blog/what-cyber-security. 
  3. Institute of Medicine and National Research Council of the National Academies (2006). Globalization, Biosecurity, and the Future of the Life Sciences. National Academies Press. ISBN 0309654181. https://www.nap.edu/catalog/11567/globalization-biosecurity-and-the-future-of-the-life-sciences. 
  4. 4.0 4.1 Peccoud, J.; Gallegos, J.E.; Murch, R. et al. (2018). "Cyberbiosecurity: From Naive Trust to Risk Awareness". Trends in Biotechnology 36 (1): 4–7. doi:10.1016/j.tibtech.2017.10.012. PMID 29224719. 
  5. TEConomy Partners (October 2017). "The Economic Impact of the U.S. Biopharmaceutical Industry: 2015 National and State Estimates" (PDF). Pharmaceutical Research and Manufacturers of America. http://phrma-docs.phrma.org/files/dmfile/PhRMA_GoBoldly_Economic_Impact.pdf. Retrieved 14 March 2019. 
  6. Wang, B. (2018). "The Future of Manufacturing: A New Perspective". Engineering 4 (5): 722–28. doi:10.1016/j.eng.2018.07.020. 

Notes

This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added. The original article listed references alphabetically; this version, by design, lists them in order of appearance.