TU Darmstadt / ULB / TUbiblio

Securing Industrial Remote Maintenance Sessions using Software-Defined Networking

Kern, Alexander ; Anderl, Reiner (2019)
Securing Industrial Remote Maintenance Sessions using Software-Defined Networking.
In: 2019 Sixth International Conference on Software Defined Systems (SDS)
doi: 10.1109/SDS.2019.8768719
Buchkapitel, Bibliographie

Kurzbeschreibung (Abstract)

Many modern business models of the manufacturing industry use the possibilities of digitization. In particular, the idea of connecting machines to networks and communication infrastructure is gaining momentum. However, in addition to the considerable economic advantages, this development also brings decisive disadvantages. By connecting previously encapsulated industrial networks with untrustworthy external networks such as the Internet, machines and systems are suddenly exposed to the same threats as conventional IT systems. A key problem today is the typical network paradigm with static routers and switches that cannot meet the dynamic requirements of a modern industrial network. Current security solutions often only threat symptoms instead of tackling the cause. In this paper we will therefore analyze the weaknesses of current networks and security solutions using the example of industrial remote maintenance. We will then present a novel concept of how Software-Defined Networking (SDN) in combination with a policy framework that supports attribute-based access control can be used to meet current and future security requirements in dynamic industrial networks. Furthermore, we will introduce an examplary implementation of this novel security framework for the use case of industrial remote maintenance and evaluate the solution. Our results show that SDN in combination with an Attribute-based Access Control (ABAC) policy framework is perfectly suited to increase flexibility and security of modern industrial networks at the same time.

Typ des Eintrags: Buchkapitel
Erschienen: 2019
Autor(en): Kern, Alexander ; Anderl, Reiner
Art des Eintrags: Bibliographie
Titel: Securing Industrial Remote Maintenance Sessions using Software-Defined Networking
Sprache: Englisch
Publikationsjahr: 25 Juli 2019
Ort: Rome, Italy
Verlag: IEEE
Buchtitel: 2019 Sixth International Conference on Software Defined Systems (SDS)
DOI: 10.1109/SDS.2019.8768719
URL / URN: https://ieeexplore.ieee.org/servlet/opac?punumber=8764267
Kurzbeschreibung (Abstract):

Many modern business models of the manufacturing industry use the possibilities of digitization. In particular, the idea of connecting machines to networks and communication infrastructure is gaining momentum. However, in addition to the considerable economic advantages, this development also brings decisive disadvantages. By connecting previously encapsulated industrial networks with untrustworthy external networks such as the Internet, machines and systems are suddenly exposed to the same threats as conventional IT systems. A key problem today is the typical network paradigm with static routers and switches that cannot meet the dynamic requirements of a modern industrial network. Current security solutions often only threat symptoms instead of tackling the cause. In this paper we will therefore analyze the weaknesses of current networks and security solutions using the example of industrial remote maintenance. We will then present a novel concept of how Software-Defined Networking (SDN) in combination with a policy framework that supports attribute-based access control can be used to meet current and future security requirements in dynamic industrial networks. Furthermore, we will introduce an examplary implementation of this novel security framework for the use case of industrial remote maintenance and evaluate the solution. Our results show that SDN in combination with an Attribute-based Access Control (ABAC) policy framework is perfectly suited to increase flexibility and security of modern industrial networks at the same time.

Freie Schlagworte: SDN, network security, industrial remote maintenance, industrial networks, ABAC, XACML
Fachbereich(e)/-gebiet(e): 16 Fachbereich Maschinenbau
16 Fachbereich Maschinenbau > Fachgebiet Datenverarbeitung in der Konstruktion (DiK) (ab 01.09.2022 umbenannt in "Product Life Cycle Management")
Hinterlegungsdatum: 10 Sep 2019 05:34
Letzte Änderung: 10 Sep 2019 05:34
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen