TU Darmstadt / ULB / TUbiblio

Concept and Use Case driven Approach for Mapping IT Security requirements on System Assets and Processes in Industrie 4.0

Wang, Yübo and Anokhin, Oleg and Anderl, Reiner (2017):
Concept and Use Case driven Approach for Mapping IT Security requirements on System Assets and Processes in Industrie 4.0.
In: Manufacturing Systems 4.0 – Proceedings of the 50th CIRP Conference on Manufacturing Systems, pp. 207-212, [Online-Edition: https://doi.org/10.1016/j.procir.2017.03.142],
[Book Section]

Abstract

The fourth industrial revolution (Industrie 4.0) is distinguished by a growing network and intelligence of machines, products, services and data. This results in new business models and value chains, but also various risks, e.g. by hacker attacks, data theft or manipulation. Many companies consider Industrie 4.0 much as a security challenge other than an opportunity or enabler for new business models. Therefore, effective security methods to protect the Industrie 4.0 systems and its associated values and assets are needed. One of the aims of Industrie 4.0 is identifying and developing new, appropriate security practices for enterprises and especially for their production systems. Based on the connectivity infrastructure in the shop floor, the diversity in the corporate landscape of the global mechanical and plant engineering ultimately causes that every company has to develop its own way of IT and production security management. In the context of Industrie 4.0, an integral concept is needed, that connects the requirements from manufacturing automation and mechanical engineering to process engineering with the properties of cyber-physical systems as an Industrie 4.0 component and well-established core elements of IT security descriptions. Standards from industry associations and standardization committees have to be included. In this paper, a process model is developed, which consults RAMI 4.0 and well-established core elements of safety and IT security considering the standards IEC 61508 and IEC 62443. A use case driven approach is developed with the goal to demonstrate the functionalities and validation of the process model. In different iterations, the dynamic change of the system by mapping IT security requirements on system assets and processes will be presented. The purpose of the developed process model is to assign security measures to vulnerabilities and threats of a system for Industrie 4.0.

Item Type: Book Section
Erschienen: 2017
Creators: Wang, Yübo and Anokhin, Oleg and Anderl, Reiner
Title: Concept and Use Case driven Approach for Mapping IT Security requirements on System Assets and Processes in Industrie 4.0
Language: English
Abstract:

The fourth industrial revolution (Industrie 4.0) is distinguished by a growing network and intelligence of machines, products, services and data. This results in new business models and value chains, but also various risks, e.g. by hacker attacks, data theft or manipulation. Many companies consider Industrie 4.0 much as a security challenge other than an opportunity or enabler for new business models. Therefore, effective security methods to protect the Industrie 4.0 systems and its associated values and assets are needed. One of the aims of Industrie 4.0 is identifying and developing new, appropriate security practices for enterprises and especially for their production systems. Based on the connectivity infrastructure in the shop floor, the diversity in the corporate landscape of the global mechanical and plant engineering ultimately causes that every company has to develop its own way of IT and production security management. In the context of Industrie 4.0, an integral concept is needed, that connects the requirements from manufacturing automation and mechanical engineering to process engineering with the properties of cyber-physical systems as an Industrie 4.0 component and well-established core elements of IT security descriptions. Standards from industry associations and standardization committees have to be included. In this paper, a process model is developed, which consults RAMI 4.0 and well-established core elements of safety and IT security considering the standards IEC 61508 and IEC 62443. A use case driven approach is developed with the goal to demonstrate the functionalities and validation of the process model. In different iterations, the dynamic change of the system by mapping IT security requirements on system assets and processes will be presented. The purpose of the developed process model is to assign security measures to vulnerabilities and threats of a system for Industrie 4.0.

Title of Book: Manufacturing Systems 4.0 – Proceedings of the 50th CIRP Conference on Manufacturing Systems
Series Name: Procedia CIRP
Volume: 63
Uncontrolled Keywords: Industrie 4.0; IT security; Defense in Depth
Divisions: 16 Department of Mechanical Engineering > Department of Computer Integrated Design (DiK)
16 Department of Mechanical Engineering
Date Deposited: 05 Feb 2018 07:07
Official URL: https://doi.org/10.1016/j.procir.2017.03.142
Export:

Optionen (nur für Redakteure)

View Item View Item