TU Darmstadt / ULB / TUbiblio

Securing Industrial Remote Maintenance Sessions using Software-Defined Networking

Kern, Alexander and Anderl, Reiner (2019):
Securing Industrial Remote Maintenance Sessions using Software-Defined Networking.
In: 2019 Sixth International Conference on Software Defined Systems (SDS), Rome, Italy, IEEE, pp. 72-79, DOI: 10.1109/SDS.2019.8768719,
[Online-Edition: https://ieeexplore.ieee.org/servlet/opac?punumber=8764267],
[Book Section]

Abstract

Many modern business models of the manufacturing industry use the possibilities of digitization. In particular, the idea of connecting machines to networks and communication infrastructure is gaining momentum. However, in addition to the considerable economic advantages, this development also brings decisive disadvantages. By connecting previously encapsulated industrial networks with untrustworthy external networks such as the Internet, machines and systems are suddenly exposed to the same threats as conventional IT systems. A key problem today is the typical network paradigm with static routers and switches that cannot meet the dynamic requirements of a modern industrial network. Current security solutions often only threat symptoms instead of tackling the cause. In this paper we will therefore analyze the weaknesses of current networks and security solutions using the example of industrial remote maintenance. We will then present a novel concept of how Software-Defined Networking (SDN) in combination with a policy framework that supports attribute-based access control can be used to meet current and future security requirements in dynamic industrial networks. Furthermore, we will introduce an examplary implementation of this novel security framework for the use case of industrial remote maintenance and evaluate the solution. Our results show that SDN in combination with an Attribute-based Access Control (ABAC) policy framework is perfectly suited to increase flexibility and security of modern industrial networks at the same time.

Item Type: Book Section
Erschienen: 2019
Creators: Kern, Alexander and Anderl, Reiner
Title: Securing Industrial Remote Maintenance Sessions using Software-Defined Networking
Language: English
Abstract:

Many modern business models of the manufacturing industry use the possibilities of digitization. In particular, the idea of connecting machines to networks and communication infrastructure is gaining momentum. However, in addition to the considerable economic advantages, this development also brings decisive disadvantages. By connecting previously encapsulated industrial networks with untrustworthy external networks such as the Internet, machines and systems are suddenly exposed to the same threats as conventional IT systems. A key problem today is the typical network paradigm with static routers and switches that cannot meet the dynamic requirements of a modern industrial network. Current security solutions often only threat symptoms instead of tackling the cause. In this paper we will therefore analyze the weaknesses of current networks and security solutions using the example of industrial remote maintenance. We will then present a novel concept of how Software-Defined Networking (SDN) in combination with a policy framework that supports attribute-based access control can be used to meet current and future security requirements in dynamic industrial networks. Furthermore, we will introduce an examplary implementation of this novel security framework for the use case of industrial remote maintenance and evaluate the solution. Our results show that SDN in combination with an Attribute-based Access Control (ABAC) policy framework is perfectly suited to increase flexibility and security of modern industrial networks at the same time.

Title of Book: 2019 Sixth International Conference on Software Defined Systems (SDS)
Place of Publication: Rome, Italy
Publisher: IEEE
ISBN: 978-1-7281-0722-6
Uncontrolled Keywords: SDN, network security, industrial remote maintenance, industrial networks, ABAC, XACML
Divisions: 16 Department of Mechanical Engineering
16 Department of Mechanical Engineering > Department of Computer Integrated Design (DiK)
Date Deposited: 10 Sep 2019 05:34
DOI: 10.1109/SDS.2019.8768719
Official URL: https://ieeexplore.ieee.org/servlet/opac?punumber=8764267
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)

View Item View Item