Auflistung nach Schlagwort "Cyber Security"
1 - 5 von 5
Treffer pro Seite
Sortieroptionen
- ZeitschriftenartikelGuest editorial: Information security methodology and replication studies(it - Information Technology: Vol. 64, No. 1-2, 2022) Wendzel, Steffen; Caviglione, Luca; Mileva, Aleksandra; Lalande, Jean-Francois; Mazurczyk, WojciechThis special issue presents five articles that address the topic of replicability and scientific methodology in information security research, featuring two extended articles from the 2021 International Workshop on Information Security Methodology and Replication Studies (IWSMR). This special issue also comprises two distinguished dissertations.
- TextdokumentINFORMATIK 2017 WS#13(INFORMATIK 2017, 2017) de Meer, Jan; Waedt, Karl; Rennoch, AxelDer 2te internationale GI/ACM I4.0 Security Standardisation (ISS) Workshop auf der GI Jahrestagung 2017, fasst Sicherheits-gepaart mit Zuverlässigkeitsaspekten von Produktionsanlagen, z.B. in einer Smart Factory, die den Anforderungen der Multi-Teile-Norm IEC 62443[IEC14] für Industrielle Automatisierungs-und Kontrollsysteme (IACS) entspricht, genauer ins Auge. Industrieanlagen haben eine eigene inhärente Struktur, die in dem Referenz-Architekturmodell RAMI4.0 [ZVEI15], erstellt von einem Verbandskonsortium, geführt von ZVEI, skizziert ist. Diese Struktur fällt ins Gewicht, wenn ein Security-by-Design-Ansatz für verbundene, verteilte Industrieanlagen gewählt wird. Unter Sicherheit für IAC-Systemen werden hierbei im weitesten Sinne Systemeigenschaften und -fähigkeiten verstanden, die im sog. 'Pentagon of Trust' [JdM16] genannt werden, nämlich Vertrauen in vernetzte Produktionsanlagen und -geräten, Geheimhaltung von Fabrikationsdatensätzen, prüfbare Beachtung von Regulierungen und Gesetzen, Garantierung der Funktionalität von Produktionsanlagen und die einsichtige Anwendbarkeit von Anlagen und Geräten, was in ähnlicher Weise auch für vernetzte Geräte im sog. Internetz der Dinge (IoT -Internet of Things) gilt. Der 2te GI/ACM I4.0 WS strukturiert sich in die Handlungsgebiete: Architektur und Frameworks, Industrielle Erfahrung -Best Practice, Formalisierung und IACS Semantiken.
- TextdokumentModel-based Integrity Monitoring of Industrial Automation And Control Systems(INFORMATIK 2022, 2022) Peters,Ludger; Khalaf,Mahmoud; Waedt,Karl; Schindler,Josef; Belaidi,SiwarThis paper aims to enhance cyber security within Electrical Power Systems (EPS) of power plants by extending and using an updated plant simulator. In this paper, we assume a sophisticated attacker, as part of an Advanced Persistent Threat (APT), who gradually damages or manipulates primary assets (in the sense of ISO/IEC 27005:2018, e. g. main cooling water pumps, feedwater pumps, safety valves, and circuit breakers). Accordingly, we assume that the attack agent performs gradual manipulations at the application level. Detecting and predicting a potential anomaly is designed and implemented based on machine learning of expected behavior. The paper will include examples of attacks executed over an extended time period by gradually manipulating combinations of analog and binary signal values or set-points. Challenges related to the training of the detection algorithms, avoidance of false positives, and concise reporting to non-security domain experts will also be addressed.
- ZeitschriftenartikelQuantitative visual computing(it - Information Technology: Vol. 64, No. 4-5, 2022) Schreiber; Falk; Weiskopf, DanielThis special issue presents five articles that address the topic of replicability and scientific methodology in information security research, featuring two extended articles from the 2021 International Workshop on Information Security Methodology and Replication Studies (IWSMR). This special issue also comprises two distinguished dissertations.
- KonferenzbeitragRisk-Oriented Security Engineering(Automotive - Safety & Security 2017 - Sicherheit und Zuverlässigkeit für automobile Informationstechnik, 2017) Ebert, ChristofVirtually every connected system will be attacked sooner or later. A 100% secure solution is not feasible. Therefore, advanced risk assessment and mitigation is the order of the day. Risk-oriented security engineering for automotive systems helps in both designing for robust systems as well as effective mitigation upon attacks or exploits of vulnerabilities. Security must be integrated early in the design phase of a vehicle to understand the threats and risks to car functions. The security analysis provides requirements and test vectors and adequate measures can be derived for balanced costs and efforts. The results are useful in the partitioning phase when functionality is distributed to ECUs and networks. We will show with concrete examples how risk-oriented cyber security can be successfully achieved in automotive systems. Three levers for automotive security are addressed: (1) Product, i.e., designing for security for components and the system, (2) Process, i.e., implementing cyber security concepts in the development process and (3) Field, i.e., ensuring security concepts are applied during service activities and effective during regular operations.