TU Darmstadt / ULB / TUbiblio

Concept and Use Case driven Approach for Mapping IT Security requirements on System Assets and Processes in Industrie 4.0

Wang, Yübo ; Anokhin, Oleg ; Anderl, Reiner (2017)
Concept and Use Case driven Approach for Mapping IT Security requirements on System Assets and Processes in Industrie 4.0.
In: Manufacturing Systems 4.0 – Proceedings of the 50th CIRP Conference on Manufacturing Systems
Buchkapitel, Bibliographie

Kurzbeschreibung (Abstract)

The fourth industrial revolution (Industrie 4.0) is distinguished by a growing network and intelligence of machines, products, services and data. This results in new business models and value chains, but also various risks, e.g. by hacker attacks, data theft or manipulation. Many companies consider Industrie 4.0 much as a security challenge other than an opportunity or enabler for new business models. Therefore, effective security methods to protect the Industrie 4.0 systems and its associated values and assets are needed. One of the aims of Industrie 4.0 is identifying and developing new, appropriate security practices for enterprises and especially for their production systems. Based on the connectivity infrastructure in the shop floor, the diversity in the corporate landscape of the global mechanical and plant engineering ultimately causes that every company has to develop its own way of IT and production security management. In the context of Industrie 4.0, an integral concept is needed, that connects the requirements from manufacturing automation and mechanical engineering to process engineering with the properties of cyber-physical systems as an Industrie 4.0 component and well-established core elements of IT security descriptions. Standards from industry associations and standardization committees have to be included. In this paper, a process model is developed, which consults RAMI 4.0 and well-established core elements of safety and IT security considering the standards IEC 61508 and IEC 62443. A use case driven approach is developed with the goal to demonstrate the functionalities and validation of the process model. In different iterations, the dynamic change of the system by mapping IT security requirements on system assets and processes will be presented. The purpose of the developed process model is to assign security measures to vulnerabilities and threats of a system for Industrie 4.0.

Typ des Eintrags: Buchkapitel
Erschienen: 2017
Autor(en): Wang, Yübo ; Anokhin, Oleg ; Anderl, Reiner
Art des Eintrags: Bibliographie
Titel: Concept and Use Case driven Approach for Mapping IT Security requirements on System Assets and Processes in Industrie 4.0
Sprache: Englisch
Publikationsjahr: 2 Mai 2017
Buchtitel: Manufacturing Systems 4.0 – Proceedings of the 50th CIRP Conference on Manufacturing Systems
Reihe: Procedia CIRP
Band einer Reihe: 63
URL / URN: https://doi.org/10.1016/j.procir.2017.03.142
Kurzbeschreibung (Abstract):

The fourth industrial revolution (Industrie 4.0) is distinguished by a growing network and intelligence of machines, products, services and data. This results in new business models and value chains, but also various risks, e.g. by hacker attacks, data theft or manipulation. Many companies consider Industrie 4.0 much as a security challenge other than an opportunity or enabler for new business models. Therefore, effective security methods to protect the Industrie 4.0 systems and its associated values and assets are needed. One of the aims of Industrie 4.0 is identifying and developing new, appropriate security practices for enterprises and especially for their production systems. Based on the connectivity infrastructure in the shop floor, the diversity in the corporate landscape of the global mechanical and plant engineering ultimately causes that every company has to develop its own way of IT and production security management. In the context of Industrie 4.0, an integral concept is needed, that connects the requirements from manufacturing automation and mechanical engineering to process engineering with the properties of cyber-physical systems as an Industrie 4.0 component and well-established core elements of IT security descriptions. Standards from industry associations and standardization committees have to be included. In this paper, a process model is developed, which consults RAMI 4.0 and well-established core elements of safety and IT security considering the standards IEC 61508 and IEC 62443. A use case driven approach is developed with the goal to demonstrate the functionalities and validation of the process model. In different iterations, the dynamic change of the system by mapping IT security requirements on system assets and processes will be presented. The purpose of the developed process model is to assign security measures to vulnerabilities and threats of a system for Industrie 4.0.

Freie Schlagworte: Industrie 4.0; IT security; Defense in Depth
Fachbereich(e)/-gebiet(e): 16 Fachbereich Maschinenbau > Fachgebiet Datenverarbeitung in der Konstruktion (DiK) (ab 01.09.2022 umbenannt in "Product Life Cycle Management")
16 Fachbereich Maschinenbau
Hinterlegungsdatum: 05 Feb 2018 07:07
Letzte Änderung: 05 Feb 2018 07:07
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen