1. Introduction
The Industrial Revolutions had significant societal consequences, impacting various social, environmental, economic, and technological aspects. According to ref. [
1,
2], these revolutions have brought about significant changes, from using steam engines to implementing factories that marked the beginning of mechanized production, culminating in the interconnection and management of large amounts of data.
The three Industrial Revolutions significantly impacted society since the 19th century. The first revolution brought about the emergence of steam power; the second introduced electricity generation, mass production, the assembly line, and the division of labor. The third revolution brought the emergence of incandescent light bulbs, radio, television, telephone, telegraph, and even airplanes. Furthermore, this revolution was marked by the introduction of electronic technologies and information systems that enabled production automation [
3,
4,
5,
6].
According to ref. [
6], the technologies resulting from the Industrial Revolutions have provided people with a better quality of life, ensuring improved physical and mental working conditions. They have also helped develop new products, improved the experience between users and organizations, and advanced payment systems, wages, and worker rewards.
The 21st century is marked by significant technological advancements derived from previous revolutions, characterized as the Fourth Industrial Revolution or Industry 4.0. This recent revolution uses the Internet, integration of computer systems, digitalization of systems and processes, machine learning, autonomous robots, hyperconnectivity, big data, cloud systems, cyber–physical systems, and biotechnology, among others. These technologies are changing the way production is carried out, leading to the emergence of new business models, impacting the job market and enabling new forms of investment, communication, consumption, entertainment, education, and research [
6,
7,
8,
9].
Ref. [
7] argues that, with the Fourth Industrial Revolution, the entire industrial system is likely to undergo significant changes and impacts. Part of these impacts can be attributed to the growing use and dependence on the internet and modern digital technologies, which have become part of society’s everyday life. This brings not only opportunities for improvement and development but also risks and threats [
10,
11].
Ref. [
8] argues that Industry 4.0 has many positive aspects, allowing organizations to benefit from its evolution. However, the authors emphasize that associated risks cannot be disregarded and must be managed and analyzed. Ref. [
12] corroborates this by stating that Industry 4.0 can provide various benefits and opportunities for organizations but highlights that they must understand the challenges and risks of its implementation and conduct proper management.
Ref. [
13] states that risk management should be a continuous process to identify and determine the risks of a venture or action to be taken, as well as to know how to face and mitigate these risks in the most appropriate way. Risk management assumes that all aspects, whether interactions or interrelations, must be evaluated continuously, not as casual events. Furthermore, it should be considered that once identified, the risk should be treated in a way that minimizes its impact [
14].
Therefore, identifying the risks arising from the implementation of Industry 4.0 and creating a tool to measure them can bring benefits to the organization. This allows the organization to understand the risks involved in its processes, mitigate implementation risks, and use the tool as a diagnostic instrument for risk management. In this way, it is possible to ensure greater security in decision-making and proposals for development and advancement regarding Industry 4.0.
To take advantage of the opportunities provided by Industry 4.0, organizations need to innovate in their processes and when acquiring and implementing new technologies [
15]. However, the implementation of new technologies can overload technological systems and cause digital risks. Therefore, the effects of Industry 4.0 will only be fully effective when all possible risks are identified and addressed. The success of an organization and its competitiveness in the era of Industry 4.0 will depend on the minimization of risks and social, technical, and environmental challenges [
2,
16,
17].
Based on the above, this study aims to develop a theoretical model for the digital risks arising from the implementation of Industry 4.0 (TMR-I4.0).
This study is justified by the need to develop a theoretical model to categorize the risks that may arise from the implementation of Industry 4.0. Once identified, these risks can have a smaller impact on various spheres, such as social, economic, technological, environmental, cultural, and educational spheres, among others. Although the concept of Industry 4.0 is widely disseminated today, its implementation remains a major challenge for many organizations, especially regarding the understanding of the risks and impacts caused by the driving technologies of Industry 4.0 [
18].
Based on a systematic literature review, various studies on the risks associated with Industry 4.0 were identified [
2,
10,
12,
14,
19,
20,
21,
22,
23]. The study by [
24], in turn, investigates the essential aspects of implementing risk management using the PDCA cycle model.
Some studies on risk management focus on the supply chain [
25,
26,
27,
28]. Other studies investigate the risks of implementing Industry 4.0; however, many concentrate solely on the risks of cyberattacks and cybersecurity [
28,
29,
30,
31,
32].
Other studies, such as those by [
33,
34], examine the relationship between Industry 4.0 risks and job loss and changes in the organizational environment. Additionally, some works address the most significant risks for new business models [
35].
In the context of Industry 4.0, many studies discuss the ethical risks caused by the Fourth Industrial Revolution, as evidenced by the works of [
36,
37]. Small and Medium Enterprises (SMEs) also receive attention regarding the development and implementation of Industry 4.0 and their respective risks, as in the studies by [
38,
39,
40]. Finally, some studies investigate the risks of Industry 4.0, classifying them into dimensions such as economic, geopolitical, financial, technological, social, and natural [
13,
41,
42,
43].
Therefore, although several studies address the risks of Industry 4.0, none of them present a significant list of mapped and categorized risks nor mention the impacts that these risks can cause. This context reveals an interesting research gap to be explored and developed, in which the mapped risks can be quantified and evaluated, demonstrating that this study goes beyond the state of the art. From the mapping and understanding of these risks, an instrument for measurement and analysis can be developed.
Considering the business environment, this study will be used as a strategic tool for business managers to identify risks and prepare to face the challenges posed by the advancement of Industry 4.0 in the short and long term. This way, it will be possible to assess its possible effects in various spheres, such as social, environmental, economic, technological, cultural, organizational, educational, human, and political–legal.
The digital risks arising from the implementation of Industry 4.0 (TMR-I4.0) technologies can impact the future of manufacturing, as well as influence the future of the use of these technologies, their application, and functionality. Therefore, it is necessary to understand them to ensure their correct and effective use.
The remainder of this paper is organized as follows:
Section 2 provides a contextualization of Industry 4.0, outlining the four industrial revolutions and focusing on the current Industry 4.0. It then discusses the main technologies utilized by Industry 4.0, including big data, Blockchain, cloud computing, cyber–physical systems (CPS), Cybersecurity, artificial intelligence (AI), Internet of Things (IoT), Industrial Internet of Things (IIoT), machine learning, Additive Manufacturing (3D Printing), radio frequency identification (RFID), augmented/virtual reality, autonomous robots, and Simulation.
Section 3 details the methodology employed in this study, including the process of conducting a systematic literature review (SLR), as well as the procedures for bibliometric and content analysis.
Section 4 presents the results of the bibliometric analysis, the construction of the bibliographic portfolio, and the characterization and description of the dimensions and risks associated with the implementation of Industry 4.0, then concludes with the proposition of the theoretical model for digital risks arising from Industry 4.0 (TMR-I4.0). This section includes a description of each of the 43 risks identified through the systematic literature review process.
Section 5 discusses the implications of the study for industries and universities and proposes a research agenda for future studies. Finally,
Section 6 presents the conclusions and limitations of the study.
3. Materials and Methods
In this study, the objective of the systematic literature review was to build a bibliographic portfolio to identify the dimensions and digital risks arising from the implementation of Industry 4.0 (TMR-I4.0). To assist in this process, the Methodi Ordinatio (InOrdinatio) was chosen and proposed by Pagani, Kovaleski, and Resende [
104,
105].
For the authors, Methodi Ordinatio consists of systematizing and ordering articles, allowing for selection and classification according to the degree of relevance. Methodi is composed of three indicators: the impact factor of the journal in which the article was published, the number of citations the article has (usually obtained from Google Scholar), and the year of publication of the article. Based on these indicators, it is possible to classify articles by their relevance. Methodi consists of 9 steps, as presented in
Figure 3, which not only represents the steps of Methodi but also presents the sequence and some actions of the Systematic Literature Analysis.
The research was motivated by the need to build a bibliographic portfolio of articles to support the categorization of digital risks arising from Industry 4.0 (TMR-I4.0). As a result, the themes researched in this study were Industry 4.0 and Digital Risks.
A random search was conducted in the SCOPUS (SC) and WEB OF SCIENCE (WoS) databases, which were considered to include relevant articles and to be one of the most important databases for Production Engineering. The keywords used in this stage were “Industry 4.0” and ‘Risk*’. The preliminary search in the databases was conducted in April 2023. The objective of
Table 3 is to present the result of the preliminary search conducted in the databases. It can be observed from the table that the preliminary search returned 849 articles from SCOPUS and 763 from WEB OF SCIENCE, totaling 1612 articles.
From the preliminary research, it was necessary to define the research axes and keywords to be considered in the definitive search. To do this, the keywords found in the articles located in the previous stage were analyzed.
Table 4 presents the research axes used, as well as their variations.
According to
Table 4, the research axes were defined as “Industry 4.0” AND Risk AND Impact. Additionally, some variations of the research axes were used, such as Axis 1—(“Industry 4.0” OR “Industrie 4.0” OR “Fourth Industrial Revolution” OR “4th Industrial Revolution” OR “Smart Manufacturing” OR “Supply Chain 4.0” OR “Advanced Manufacturing”) AND Axis 2—(Risk OR Uncertainty OR Challenge OR “Risk Analysis”) AND Axis 3—Impact*.
To improve searches in the databases and return articles that are truly pertinent to the defined axes, boolean operators (OR and AND) were used, which helped in forming two sets of keywords (referred to as Queries). These Queries were used for the definitive searches in the databases. It is worth noting that the asterisk (*) was used in keywords and combinations as a wildcard term, allowing for searches of word variations, thereby yielding a greater number of results for the research.
The chosen databases were SCOPUS (SC), WEB OF SCIENCE (WoS), and SCIENCE DIRECT (SD). These databases were selected to contain relevant articles for the theme and to be the most important for Production Engineering. Furthermore, the choice of these databases was motivated by the fact that SCOPUS (SC) and WEB OF SCIENCE (WoS) encompass many other databases within their platforms, even though they are from different publishers. SCOPUS (SC), for example, belongs to Elsevier but also includes journals from other publishers.
Furthermore, it is important to mention that the WEB OF SCIENCE (WoS) and SCOPUS (SC) databases are considered bibliometric databases, while the others are considered bibliographic databases, often not presenting an impact factor due to the limitations of the publishers themselves (Emerald, Wiley, among others) [
106]. In this research stage, it was chosen not to delimit a time frame, and this filter was applied during the filtering stages of Methodi Ordinatio.
The definitive search in the databases was conducted in September 2023, resulting in a total of 912 articles. It is observed that the number of articles decreased compared to the preliminary search due to the Queries used. It is important to emphasize that although the number of articles decreased, this does not affect the study, as the results returned in the search with the Queries tend to be more focused on the study’s themes. To assist in managing all the returned studies, Mendeley Desktop
®, version 1.19.8, was used, which is a reference manager. Its use was chosen because it is free and has an easy and intuitive interface.
Figure 4 aims to present the Queries as well as the number of articles returned in each of these databases.
Five filters were applied: (i) Removal of duplicate articles; (ii) Exclusion based on time frame; (iii) Exclusion after reading the title; (iv) Exclusion after reading the abstract; (v) Exclusion after reading the full article.
The objective of
Figure 5 is to demonstrate the filtering criteria used in this study, as well as the number of articles excluded in each of the stages.
The qualitative analysis of the 118 articles was conducted with the assistance of the software QSR Nvivo
® version 10, which facilitated the identification of dimensions and the categorization of digital risks arising from the implementation of Industry 4.0 (TMR-I4.0), thus being a crucial step for the development of the study. For the bibliometric analysis of the articles, the Microsoft Excel
® version 2405 tool and the VOSviewer
® software version 1.6.20 were used. All readings and analyses were conducted with the aim of identifying the digital risks associated with Industry 4.0. After reading all 118 articles, 9 dimensions were identified in which digital risks could be grouped, as presented in
Figure 6.
In exploring the material, we sought to analyze the digital risks arising from the implementation of Industry 4.0 (TMR-I4.0). The last stage of content analysis consisted of the quantitative survey of the occurrence of each of the “nodes” created.
4. Results
4.1. Results of the Bibliometric Analysis
With the raw portfolio of articles obtained through Methodi Ordinatio, it was possible to identify some bibliometric characteristics of these studies.
It can be seen from
Figure 7 that the year with the highest number of articles was 2018, with 33 articles, corresponding to almost 28% of the total number of articles. Following that, there were the years 2019, with 29 articles, 2020, with 20 articles, and 2021, with 14 articles. This indicates that the theme of Industry 4.0 and digital risks has been widely discussed in recent years, justifying the relevance of this study to better understand this constantly evolving scenario.
With the final bibliographic portfolio of articles, it was also possible to analyze the countries with the highest representation of publications. For this analysis, all authors of each article were considered, so an article may have more than one country of affiliation.
Figure 8 presents the map with the main countries of author affiliation.
Three hundred seventy-seven authors and co-authors who participated in these studies were identified, resulting in an average of 3 authors per article. Germany is the country with the highest representation, with 54 authors. Brazil ranks second in the ranking, with 38 authors, followed by the United States (USA), with 24 authors, China (CN), with 22, Italy (IT), with 20, France (FR), with 18, and Slovakia (SK), with 15.
The next analysis conducted with the final bibliographic portfolio of articles was regarding the keywords found in the articles belonging to this portfolio. For this, the VOSviewer
® software version 1.6.20 was used to facilitate the identification and counting of the number of occurrences of these keywords.
Figure 9 aims to present these keywords and the clusters formed.
The formation of 33 clusters and a total of 297 items is identified in
Figure 9. The main cluster is composed of 20 items, which present some keywords used in the definitive search in the databases.
4.2. Dimensions and Risks of Industry 4.0
Based on all the analyses and bibliometric indicators, the next step consisted of analyzing the results of the content analysis, carried out with the aid of the software QSR Nvivo® version 10.
With the result of the content analysis, it was possible to identify 9 dimensions of risks for Industry 4.0, as described in
Table 5. In this table, the source and reference correspond to the number of authors who cited each dimension, and the representativeness percentage corresponds to the number of times the dimension was cited divided by the total number of articles in the final bibliographic portfolio.
It is observed that the social dimension was the most cited by 13 authors, corresponding to a percentage of 11.02% of the bibliographic portfolio of articles. Next, the economic and environmental dimensions had 12 and 10 occurrences, corresponding to 10.17% and 8.47%, respectively. The dimensions least cited by the authors were the political–legal, with 3 occurrences, and the cultural, with 2 occurrences, corresponding to 2.54% and 1.69% of the final bibliographic portfolio.
It is important to note that the technological dimension had only 8 occurrences, corresponding to a percentage of 6.78%. However, this does not mean that it is not important. It was observed that many studies in the final bibliographic portfolio of articles cite technological risks, indicating their relevance. However, some of these studies consider technological risk individually, without integrating it into a specific dimension or grouping of risks.
Having established the 9 dimensions used for this study and considering the goal of developing a theoretical model for the digital risks arising from the implementation of Industry 4.0 (TMR-I4.0), it became necessary to group the 43 digital risks mapped into these 9 dimensions. Then, in
Table 6, one can understand the meaning of each of these digital risks.
It is worth noting that none of the 118 articles in the bibliographic portfolio addressed these 9 dimensions in a comprehensive manner. Some of these articles only address the economic, social, and environmental dimensions, which are considered the sustainability tripod. Other studies map risks, but none of them classify and map the quantity of risks found in the literature for this study, which corroborates the need for this study.
To facilitate the identification of all 43 digital risks arising from the implementation of Industry 4.0,
Table 7 aims to illustrate each of these risks and the authors who identify and describe them. This classification was based on the affinity of the digital risk with the dimension.
After identifying the 43 risks, it was possible to develop the Theoretical Risk Model for Digital Risks arising from the implementation of Industry 4.0 (TRM-I4.0). The model was developed by considering all identified risks and categorizing them according to the literature. The risks were grouped into dimensions, as shown in
Figure 10.
After categorizing the risks, the next step of the study involved explaining each of these risks.
4.3. Characterization of Risks Arising from Industry 4.0
4.3.1. Environmental Risks
The Risk of Climate Change, according to [
41,
62,
68,
80], is related to the climatic consequences that the spread of Industry 4.0 can cause, stemming from atmospheric pollution resulting from emissions of pollutants such as carbon dioxide or due to the burning of a high amount of fossil fuels such as coal, oil, and others. The Risk of High Energy Consumption corresponds to the high energy consumption due to the operation of the technologies used in industrial processes. Some of the technologies used in the context of Industry 4.0 are operated using energy, which can significantly increase consumption and lead to depletion [
39,
45,
51,
62,
64].
The Risk of High Consumption of Natural Resources, as highlighted by [
2,
11,
23,
62,
80], refers to the increased use of natural resources that may become scarce. In this case, all natural resources that are abundant in nature but can be lost and not recovered due to their high usage are considered. The Risk of Natural Disasters occurs due to the exploitation of natural resources, which, when performed inadequately, contributes to environmental imbalance, resulting in catastrophic situations such as pollution, flooding, fires, and others [
11,
39,
64,
72].
4.3.2. Cultural Risks
The Risk of Lack of Trust characterizes individuals’ expectations that may be broken due to misinterpretation or some factor that compromises the relationship between them [
71,
75]. On the other hand, the Risk of Lack of Digital Culture is related to the unfamiliarity or resistance to the use of digital technologies, which is sometimes resisted due to a lack of understanding of the technology and the benefits it can offer [
19].
Finally, the Customer Acceptance Risk is conditioned by resistance to the use of technological innovations from Industry 4.0; hence, customers do not support the new features or services offered [
82,
84,
85,
87,
88,
113].
4.3.3. Economic Risks
The Risk of High Investment and Implementation Costs is associated with the substantial amount that industries must expend to acquire and implement Industry 4.0 technologies. These technologies enhance digital infrastructure but come with high investment costs and a high degree of complexity [
2,
5,
11,
12,
13,
43,
44,
59,
75,
82,
84,
85,
86,
112,
114,
116,
117].
The Risk of Lack of Financial Resources, as highlighted by [
22,
71,
117], reflects the scarcity of financial resources to invest in Industry 4.0 technologies. This lack of resources is also reflected in the lack of support from organizations and public and governmental bodies. The Risk of Uncertainty in Financial Return occurs when the investment made does not yield the expected financial return. Due to the high cost of implementing technologies, the return may not be as expected, resulting in financial loss [
2,
35,
84,
85,
88,
117,
118].
4.3.4. Educational Risks
The Risk of Lack of Understanding of the Resources and Limitations of New Technologies represents the lack of understanding about the technologies used by Industry 4.0 [
39,
75].
The Risk of Lack of Research on Industry 4.0, according to [
2,
12,
112], is related to the lack of incentive for research on Industry 4.0. This happens when companies do not provide opportunities to acquire new knowledge.
4.3.5. Human Risks
The Risk of Shortage of Qualified Labor corresponds to the difficulty that companies face in finding qualified workers to operate the new technologies. Due to the highly advanced nature of these technologies, adequate qualification of employees is essential [
11,
17,
22,
24,
43,
44,
53,
64,
66,
71,
77,
82,
84,
91,
120,
121].
The Risk of Interpretation Incapacity, according to [
39,
117], occurs when employees, due to lack of training and qualification, are unable to interpret and make decisions based on data generated by digital technologies and systems. The Risk of Employee Retraining or Job Transformation represents the adaptation of employees’ positions due to job transformation [
59,
84,
117,
120].
Finally, Occupational Risk occurs when employees are exposed to conditions that can cause discomfort and distress. These situations typically arise due to excessive noise, heat, cold, and other factors [
14,
17,
76,
83,
97,
122].
4.3.6. Organizational Risks
In the view of [
10,
11,
64,
112,
117], the Risk of the Lack of a Qualified Management Team symbolizes when a company does not have a qualified management team, which can compromise the outcome of the implementation of Industry 4.0. The Risk of Low Understanding of the Implications of Industry 4.0 is related to the low understanding that the project management team has about the implications of Industry 4.0, and they do not understand the advantages and disadvantages that these technologies can cause [
8,
16,
22,
35,
79,
84,
85,
112,
113,
135].
The Risk of Supply Chain Disruption represents the failure to meet demand for orders. Non-compliance may be related to a lack of suppliers, inputs, raw materials, and others [
11,
16,
20,
25,
26,
43,
63,
71,
72,
82,
84,
85,
86,
112,
116,
122].
The Risk of Organizational Process Changes, as seen by [
15,
84], arises due to alterations caused by the implementation of digital technologies. The Risk of New Business Models emerges, according to [
15,
87,
91,
117], due to changes caused by the advent of Industry 4.0. Consequently, new opportunities arise, altering job positions and management practices. The Risk of Coordination, Collaboration, and Communication Problems, also according to [
71,
112], consists of a lack of communication between management and employees. Furthermore, it may occur that senior management is unable to coordinate and collaborate on the implementation of Industry 4.0 technologies and concepts.
4.3.7. Political–Legal Risks
The Risk of Lack of Political and Governmental Support occurs when a company does not receive political and governmental support to encourage Industry 4.0, either to acquire new technologies or to develop any action related to the fourth industrial revolution [
39,
71,
84,
112].
The Risk of Ethical Issues, according to [
112,
117,
122], represents situations in which ethical issues and principles may be violated due to some leakage of information or data. Meanwhile, the Risk of Legislative Changes arises from changes in labor and other legislations [
11,
39,
84].
4.3.8. Social Risks
The Risk of Lack of Skilled Labor, according to [
39,
53,
117,
123], represents the shortage of skilled labor for the operation of Industry 4.0 technologies.
The Risk of Unemployment often occurs due to the replacement of human jobs by machines and technologies [
2,
6,
9,
12,
41,
53,
74,
84,
111,
121,
124].
The Risk of Social Inequality arises from the advent of Industry 4.0, which is often caused by the exclusion of a portion of society. This exclusion often affects those with lower professional qualifications, for example [
41,
44,
62,
67,
91,
111,
119,
125,
126].
4.3.9. Technological Risks
The Risk of Lack of Integration between Systems and Equipment, also known as Interoperability, occurs due to the lack of integration of systems or equipment due to their conditions. These conditions, besides causing low reliability in data and information, also cause lower efficiency in communication transmission, making information transfer difficult [
3,
7,
23,
58,
62,
65,
75,
76,
82,
84,
89,
112].
The Risk of Lack of Cybersecurity and Data Protection is characterized by the absence of security systems and programs for computers, networks, and software, which can result in a lack of protection of information and data in the company, facilitating access by malicious individuals [
2,
12,
19,
22,
29,
30,
31,
35,
42,
58,
69,
71,
72,
77,
84,
85,
110,
112,
117,
122,
127].
The Risk of Data Insecurity and Vulnerability occurs when data generated by digital technologies are exposed to vulnerability due to the lack of data protection software. In this situation, important information can be altered or even deleted [
2,
12,
22,
35,
64,
69,
122,
128].
The Risk of Cyberattacks is considered by many authors to be the main risk arising from the advent of Industry 4.0. This type of attack occurs due to the invasion of computers and systems, often by hackers. Through this invasion, valuable data and information can be leaked or even modified, all due to system vulnerabilities [
2,
11,
19,
24,
28,
29,
30,
31,
32,
35,
39,
41,
45,
51,
52,
59,
61,
69,
70,
75,
76,
77,
82,
84,
97,
111,
125,
127,
128,
129,
130].
The Risk of Low Quality of Existing Data, according to [
3,
65,
73,
92,
112,
131], refers to data that have low reliability in the information due to improper collection or even misinterpretation of information. Low-quality data can lead to erroneous decisions, inefficient systems, and unreliable information. The Risk of Inefficient Data occurs when there is an overload of data. These data are generated in systems or devices that, due to having a very high volume of information, partially or totally compromise the performance of the systems [
7,
35,
63,
65,
85,
91,
132].
The Risk of High Automation, according to [
15,
34,
57,
122], refers to the integration of various automated systems and components that facilitate the development and execution of activities and tasks that for years have been carried out through manual labor but which over the years have been replaced by automated components, thus enabling the optimization of production processes. Meanwhile, the Risk of Artificial Intelligence Errors, according to [
35,
39,
114], arises from inconsistencies and failures presented by artificial intelligence that may not have been properly prepared to provide consistent and reliable information.
The Risk of Lack of Technological Infrastructure occurs when the internet network cannot support the large amount of information and data generated constantly, resulting in poor system and technological equipment performance [
7,
45,
64,
71,
73,
89,
112,
133]. The Risk of Hyperconnectivity arises from the large volume of data generated, which can result in failures, from the simplest to the most complex, potentially spreading and compromising the entire system [
7,
35,
52,
63,
77,
115,
125].
The Risk of Signal Interference, as noted by [
45,
64,
85,
89,
128,
133], results from equipment overload, directly impacting signal transmission and potentially causing low efficiency and reliability in information transfer. The Risk of Privacy Invasion occurs when information and data are used by third parties without the proper consent of users, clients, or even company employees [
51,
52,
61,
77,
78,
89,
130,
134].
Finally, the Risk of Data Leakage stands out, which involves the disclosure of private and confidential data, whether intentional or unintentional, without prior authorization and consent [
2,
3,
12,
59,
78,
85,
91,
129].
In the context of Industry 4.0, technological risks are a concern not only for industries but also for national security [
136,
137]. Cyberattacks [
11,
39,
59,
70], lack of data protection [
2,
12,
29,
35,
122], information leaks [
59,
78], and deficiencies in technological infrastructure [
112,
115,
133] can pose a significant threat, exposing the data and information of an entire nation.
It is essential to invest in security systems that prevent attacks on the national technological infrastructure as well as attacks on defense systems, which can compromise national operations. Additionally, it is crucial to protect against data leaks, whether governmental or not, which expose sensitive information and compromise public security [
136,
137].
To mitigate these risks, a significant investment in public security systems is necessary [
136,
137]. Only then will it be possible to minimize these threats and protect national security in the context of Industry 4.0.
Another approach that can be considered in the technological dimension is quantum risks, which are associated with quantum computing and quantum cryptography. For this reason, security systems must be active and efficient to prevent cryptographic algorithms from being broken, which could compromise the generated data [
138,
139].
Additionally, quantum cryptography systems are costly, and their implementation can be complex [
138,
140], posing a major challenge for data security and a high-cost risk for these technologies [
11,
64,
84,
116].
Finally, according to [
138,
139,
140,
141], quantum computing and cryptography, besides having a high implementation cost, are highly complex, making it difficult to find qualified personnel to operate these technologies.
Therefore, both national security risks and quantum computing risks should be considered if an industry works with complex security systems and large volumes of data, requiring effective strategies for implementation.
Once understood, the risks were grouped based on the occurrences of sources and their references in order to weigh each of these risks according to their frequency, as presented in
Table 8. The risks were classified and organized with the assistance of QSR Nvivo
® version 10 software.
It is observed that the Technological Risks (TR) dimension presented the highest number of risks in its categorization, with 13 mapped risks. Next, we have the Human Risks (HR) and Organizational Risks (OR) dimensions, with six risks each. Following them, the Environmental Risks (ER) dimension with four risks, followed by the Cultural Risks (CR), Economic Risks (EC), political–legal risks (PL), and social risks (SR) dimensions with three risks each. Finally, we have the Educational Risks (ED) dimension with two risks, totaling 43 digital risks.
The weighting of these risks occurs due to their frequency; the higher the frequency, the more important the risk becomes and, consequently, should be minimized as soon as identified. In this context, it is observed that the risk of cyberattacks is the most addressed in the literature, considered the most critical, followed by the risk of high investment and implementation costs. Risks considered less harmful, according to the literature, include the risk of lack of trust, lack of digital culture, lack of understanding of the resources and limitations of new technologies, inability to interpret data, organizational changes in processes, coordination, collaboration, and communication problems, and errors in artificial intelligence.
It is important to note that, although mentioned a few times in the literature, these risks still exist, albeit with a low probability of occurrence, which should not be ignored by industries. A mitigation plan for all risks, when identified or anticipated, should be developed and implemented. Finally, it is emphasized that the weighting criterion in this study was considered according to the frequency of occurrences in which the risks were mentioned in the literature.
It is known that Industry 4.0 has been altering production methods and service delivery. Therefore, it is important to emphasize that the risks identified and listed in this study are those that can directly impact production and are related to the industrial sector.
On the other hand, Industry 4.0 technologies also impact how some services are offered, such as in healthcare. The advancement of these technologies stemming from Industry 4.0 has significantly contributed to improving healthcare, whether through telemedicine, electronic patient records, digital integration between clinics and hospitals, or the use of artificial intelligence for diagnostics, among others [
142,
143,
144,
145,
146,
147].
Many of these services are connected to the internet, stored in the cloud, and generate large amounts of data, thereby increasing the likelihood of cyberattacks, privacy invasions, data leaks, lack of cybersecurity, and data protection. This is due to the digitization and interconnection of healthcare systems, which can compromise the availability and reliability of patient-related data [
11,
29,
127,
145,
146,
148].
Furthermore, a significant factor that can represent a risk to health in this Industry 4.0 scenario is the issue of inequality. In many cases, the resources needed to access certain services may not be available to everyone, further increasing social disparity. Therefore, this risk may also be associated with the social risks arising from Industry 4.0 [
146,
149,
150,
151].
5. Implications of the Study
5.1. Implications of Risks for Industry 4.0
The study developed a theoretical model to better understand the digital risks arising from the implementation of Industry 4.0 (TMR-I4.0). As the driving technologies of Industry 4.0 are incorporated into organizations, changes in various spheres of society are inevitable. It is crucial to understand these changes and the risks associated with them so that management can anticipate these risks and develop strategic solutions to ensure that productive systems and society as a whole are not harmed by the advancement of Industry 4.0.
Technological risks are more likely to occur with the new industrial and technological scenario; however, educational, environmental, political–legal risks, among others, should not be ignored. All these risks, regardless of their nature, need to be analyzed and mitigated to ensure harmony between industry, technology, and society.
Industry 4.0, as mentioned by [
59], corresponds to the adoption of new technologies across the economic sphere, aiming for a digital ecosystem through the integration of all production components and systems. Therefore, understanding the existing risks can be a determining factor in the integration of digital systems and components.
Understanding the relationship between Industry 4.0 and Risk Management is crucial nowadays. It is no longer feasible to implement technologies, systems, or software without evaluating the risks and impacts they may cause. Understanding how these risks arise and then measuring and analyzing them by managers, directors, and coordinators can ensure the maturity and readiness of the organization regarding the implementation of Industry 4.0. If the risks caused by the implementation are significant, a contingency plan should be developed to minimize the impacts of technology use.
Although the topic of Industry 4.0 and its associated risks is still considered emergent, it is essential to address this theme, as the technologies involved can significantly impact the way we use the Internet, tools, and methods. When applied correctly, these technologies have the potential to bring substantial benefits.
5.2. Implications of Industry 4.0 Risks for Universities
Understanding how Industry 4.0 and its risks affect not only the industrial environment but also society is crucial. It is important to understand the impacts that these digital technologies can have on the environment in which we live and what changes may occur. This article offers a broad review of the literature, presenting the risks arising from the implementation of Industry 4.0 technologies (TMR-I4.0). Through the identification of these risks, it is possible to measure, evaluate, and even mitigate them.
The analysis revealed that, although current literature highlights the risk of cyberattacks and lack of data protection as one of the main challenges of Industry 4.0, other risks, such as climate change, high investment costs, and lack of a qualified management team, can cause equally significant damage. This can be explained by the fact that most studies focus on technological risks as the main threat of Industry 4.0, overlooking other equally important risks.
It is crucial for academia to develop methods and tools to measure the risks of Industry 4.0, ensuring that companies can adopt these technologies safely and efficiently. Furthermore, collaboration between industry and professionals studying these risks is essential to ensure that technologies are implemented responsibly and sustainably.
Therefore, this study is essential for advancing knowledge about the risks of Industry 4.0 and developing more precise tools for their analysis and mitigation. Collaboration between academia and industry is essential to ensure that technologies are implemented safely and efficiently, considering not only technological risks but also environmental, social, economic, and other risks.
5.3. Implications for Research
From mapping the risks caused by the implementation of Industry 4.0, the generated knowledge was consolidated, and thus, the results of the analysis presented some opportunities for future research, serving as an agenda of opportunities for future studies, such as the following:
- (a)
To provide more conclusive analyses and results regarding the identified risks, it is necessary to understand not only the risks themselves but also the impacts they can have on various spheres. This includes evaluating environmental, social, economic, and political–legal impacts as well as other relevant areas. This broader understanding will allow for a more comprehensive and effective approach to managing Industry 4.0 risks.
- (b)
Investigating the risks associated with each technology during its implementation, identifying specificities and potential challenges that may arise. This process of detailed analysis will help develop more effective and personalized mitigation strategies for each Industry 4.0 technology.
- (c)
The theoretical model proposed in this study is dynamic and adaptable, which means that, depending on its scope of application and investigation, dimensions and their respective risks can be added or removed. Therefore, it is possible to broaden the scope of the literature review to identify the risks caused by Industry 4.0 that are associated with healthcare services. Adding healthcare as a new dimension and discussing the risks pertaining to this new dimension is then suggested.
- (d)
It is also worth noting that quantum risks can be investigated and further detailed through a new systematic literature review, which could provide insights and practical implications of the technologies in the context of Industry 4.0.
- (e)
Additionally, expert opinions can reveal new risks that have not yet been disclosed or analyzed in the literature, which would allow an advancement of the state of the art regarding the theme of risks of Industry 4.0.
- (f)
Based on this validation with experts, a model for measuring digital risks could be developed for application in the industrial environment.
- (g)
Investigate whether, with the advancement of concepts and the introduction of new concepts of digital transformation and even Industry 5.0, these risks have been expanded and if new risks have emerged.
- (h)
It is also worth noting that from the measurement of these risks, great insights and responses can be obtained. For example, identifying how artificial intelligence can help in the management and mitigation of risks, listing the main challenges currently faced due to the risks caused by Industry 4.0, how the issue of human work is affected by the increasingly latent use of digital technologies, and how legislation will be affected by the necessary adaptations due to ethical and political–legal issues, among others.
Therefore, the great importance of this study, as well as the need for understanding and analyzing the digital risks arising from the implementation of Industry 4.0, are evident. This study will serve as a theoretical foundation for the development of new methodologies and analysis methods for assessing risks and impacts. It is considered a robust work due to the consistency of the methodological rigor used in the construction of the theoretical model. The study will serve as a starting point for academia and industry to join forces to unravel great mysteries that still pervade the realm of Industry 4.0 and its risks.
6. Conclusions
This study aimed to develop a theoretical model for the digital risks arising from the implementation of Industry 4.0 (TMR-I4.0). The objective was achieved through a consistent, systematic literature review, which allowed the identification of 43 digital risks, allocated into 9 dimensions.
The study highlighted that the advent of Industry 4.0 has triggered a series of issues that must be considered and cannot be overlooked. Industry 4.0 has brought changes not only in how technologies are used, or just with the intensification of their use, but has also altered the production system, the role of professionals, how legislation should behave and act, and how these changes can impact the future of society.
Therefore, it becomes essential to understand the risks caused by the digital transformation generated by Industry 4.0 for the subsequent identification of the changes and impacts that these may cause. In summary, this study presented a consistent, systematic literature review where digital risks were mapped.
From the categorization of the risks, they were grouped into dimensions so that more accurate analyses could be performed, thus building a theoretical model for digital risks. These dimensions were called environmental, cultural, economic, educational, human, organizational, political–legal, social, and technological. From these dimensions and each of the 43 digital risks, it will be possible to identify how each of the digital technologies arising from Industry 4.0 (such as artificial intelligence, machine learning, big data, augmented reality, and others) can influence the development of risks and impacts.
Finally, the study presented some trends and implications for future and agenda studies, serving as a guide for suggestions for future work. The study is relevant for academia as it presents a consistent risk mapping and for industry as, from this mapping and categorization, an assessment tool could be developed to further assist industries in the risk and impact assessment process, as this is increasingly becoming a topic of discussion in large industrial environments.
It is noted as a limitation of the study that the theoretical approach uses keywords to search for terms in the studies. Keywords such as digital transformation and Industry 5.0 are terms that could have been considered during the search for articles. Additionally, the study used only one categorization and the proposition of a theoretical model made by the literature, requiring validation by specialists to corroborate or refute what was found as a result of this study.
On the other hand, the study promoted a theoretical discussion and advanced the literature by mapping the latent digital risks of Industry 4.0, constructing a theoretical model for the analysis of these digital risks, and presenting an agenda for future studies to continue this research. As a result, it will be possible to diagnose digital risks accurately, thus providing a more robust technological implementation and consequently reducing the probability of risks.