Wang, Yübo ; Anokhin, Oleg ; Anderl, Reiner (2017):
Concept and Use Case driven Approach for Mapping IT Security requirements on System Assets and Processes in Industrie 4.0.
In: Procedia CIRP, 63, In: Manufacturing Systems 4.0 – Proceedings of the 50th CIRP Conference on Manufacturing Systems, pp. 207-212, [Book Section]
Abstract
The fourth industrial revolution (Industrie 4.0) is distinguished by a growing network and intelligence of machines, products, services and data. This results in new business models and value chains, but also various risks, e.g. by hacker attacks, data theft or manipulation. Many companies consider Industrie 4.0 much as a security challenge other than an opportunity or enabler for new business models. Therefore, effective security methods to protect the Industrie 4.0 systems and its associated values and assets are needed. One of the aims of Industrie 4.0 is identifying and developing new, appropriate security practices for enterprises and especially for their production systems. Based on the connectivity infrastructure in the shop floor, the diversity in the corporate landscape of the global mechanical and plant engineering ultimately causes that every company has to develop its own way of IT and production security management. In the context of Industrie 4.0, an integral concept is needed, that connects the requirements from manufacturing automation and mechanical engineering to process engineering with the properties of cyber-physical systems as an Industrie 4.0 component and well-established core elements of IT security descriptions. Standards from industry associations and standardization committees have to be included. In this paper, a process model is developed, which consults RAMI 4.0 and well-established core elements of safety and IT security considering the standards IEC 61508 and IEC 62443. A use case driven approach is developed with the goal to demonstrate the functionalities and validation of the process model. In different iterations, the dynamic change of the system by mapping IT security requirements on system assets and processes will be presented. The purpose of the developed process model is to assign security measures to vulnerabilities and threats of a system for Industrie 4.0.
| Item Type: | Book Section |
|---|---|
| Erschienen: | 2017 |
| Creators: | Wang, Yübo ; Anokhin, Oleg ; Anderl, Reiner |
| Title: | Concept and Use Case driven Approach for Mapping IT Security requirements on System Assets and Processes in Industrie 4.0 |
| Language: | English |
| Abstract: | The fourth industrial revolution (Industrie 4.0) is distinguished by a growing network and intelligence of machines, products, services and data. This results in new business models and value chains, but also various risks, e.g. by hacker attacks, data theft or manipulation. Many companies consider Industrie 4.0 much as a security challenge other than an opportunity or enabler for new business models. Therefore, effective security methods to protect the Industrie 4.0 systems and its associated values and assets are needed. One of the aims of Industrie 4.0 is identifying and developing new, appropriate security practices for enterprises and especially for their production systems. Based on the connectivity infrastructure in the shop floor, the diversity in the corporate landscape of the global mechanical and plant engineering ultimately causes that every company has to develop its own way of IT and production security management. In the context of Industrie 4.0, an integral concept is needed, that connects the requirements from manufacturing automation and mechanical engineering to process engineering with the properties of cyber-physical systems as an Industrie 4.0 component and well-established core elements of IT security descriptions. Standards from industry associations and standardization committees have to be included. In this paper, a process model is developed, which consults RAMI 4.0 and well-established core elements of safety and IT security considering the standards IEC 61508 and IEC 62443. A use case driven approach is developed with the goal to demonstrate the functionalities and validation of the process model. In different iterations, the dynamic change of the system by mapping IT security requirements on system assets and processes will be presented. The purpose of the developed process model is to assign security measures to vulnerabilities and threats of a system for Industrie 4.0. |
| Book Title: | Manufacturing Systems 4.0 – Proceedings of the 50th CIRP Conference on Manufacturing Systems |
| Series: | Procedia CIRP |
| Series Volume: | 63 |
| Uncontrolled Keywords: | Industrie 4.0; IT security; Defense in Depth |
| Divisions: | 16 Department of Mechanical Engineering > Department of Computer Integrated Design (DiK) 16 Department of Mechanical Engineering |
| Date Deposited: | 05 Feb 2018 07:07 |
| URL / URN: | https://doi.org/10.1016/j.procir.2017.03.142 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Send an inquiry |
Options (only for editors)
 |
Show editorial Details |
Drucken
Impressum