Auflistung nach Autor:in "Parekh, Mithil"
1 - 9 von 9
Treffer pro Seite
Sortieroptionen
- TextdokumentAligning with cybersecurity framework by modelling OT security(INFORMATIK 2020, 2021) Parekh, Mithil; Waedt, Karl; Tellabi, AsmaaBefore the last decade, production units and its related systems were considered nearly as island systems and were managed as an air-gaped in their daily operations. Information and network security was not an issue because their plant's safety and continues operations have the highest priority. In the recent years, many initiatives like smart factories, adopting Industry 4.0, complex mesh of connected devices and data privacy have shifted paradigm of value chain and trust model in the production environment. By this means, state-of-the-art manufacturing environment demands for the comprehensive framework and holistic approach to address cybersecurity that affects reliability of plant operations. Therefore, few standards are gradually evolving and are extended in to this field. The ISA/IEC 62443 is one of the standard series addresses the Security of Industrial Automation and Control Systems (IACS) throughout their lifecycle. On the other hand, NIST Special Publication 800–82 is a Guide to Industrial Control Systems Security and follows NIST CSF to address OT security. As with Operational Technology (OT) requirements in general, also considering to security-related requirements as per ISA/IEC 62443, ask for more effort to deal with it later. Accordingly, bearing in mind, the need for security from the beginning of the system engineering processes reduces the overall effort and complexity during the lifecycle of OT systems. The corresponding paradigm is called Security by Design. This paper proposes on how high level foundational security requirements from ISA/IEC 62443 can be modelled using AutomationML (AML) tool and consequently explains on how easy is to integrate seamlessly that model during the design phase of engineering process.
- KonferenzbeitragThe application of Articial Intelligence for Cyber Security in Industry 4.0(INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) Ben Zid, Ines; Parekh, Mithil; Waedt, Karl; Lou, XinxinThe use of Artificial Intelligence (AI) in different domains is continuously growing. In particular for cybersecurity, we can see the implementations of AI solutions, e.g. machine learning, in a wide range of applications from various domains. While some consider this step as risk for cybersecurity, others agree that it is in fact a solution to many issues as well. This leads to a higher necessity of having a right understanding as well as handling of cybersecurity controls that enforce meeting domain, project and application specific security targets. This implies that more efforts and resources have to be focused and invested towards cybersecurity. One reason for this is that attackers (threat agents) may integrate AI based algorithms and AI based evaluation of data, which forces the security staff to respond at a similar level. Thus, we are considering AI as a potential solution for satisfying a set of rising needs and objectives. In this paper, we present the concept for merging and integration of these three major domains and applications. Also, we detail the relevant motivations, requirements and challenges to be considered when coming to such combination.
- KonferenzbeitragGraded security forensics readiness of SCADA systems(Informatik 2016, 2016) Li, Jianghai; Bajramovic, Edita; Gao, Yuan; Parekh, Mithil
- KonferenzbeitragAn idea of using Digital Twin to perform the functional safety and cybersecurity analysis(INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) Lou, Xinxin; Guo, Yun; Gao, Yuan; Waedt, Karl; Parekh, MithilCurrent power plants, including nuclear power plants are based on digital technology. According to the Industry 4.0 concepts, similarly to the intelligent manufacturing for new factories, the use of digital twins for power plants is expected to progress. Researchers do the safety and cybersecurity analysis from various perspectives utilize different approaches, e.g. on the safety side, the FMEA (Failure Mode & Effect Analysis), FMECA (Failure mode, Effects and Criticality Analysis) are recommended by FAA (Federal Aviation Administration) to do the reliability analysis. On the cybersecurity part, researchers do the analysis only with a focus on the communication protocol, the code/memory level or on the system functionality. We have addressed refueling machines as an example for the joint consideration of functional safety and cybersecurity in previous publications. Whereas in this paper, we propose to do a functionality and cybersecurity analysis based on the digital twin of an ICS (Industrial Control System). We take the refueling machine as an example and discuss how to twin the refueling machine with high detail firstly. In addition, the possible way of how to model the ICS is discussed, e.g. the Automation ML will be used to describe the system, the OPC UA will be applied to implement the communication. Then the feasibility and benefit of analyzing the system functionality and cybersecurity based on the digital twin model are discussed.
- TextdokumentIntegrated Security Framework(INFORMATIK 2017, 2017) Gao, Yuan; Fischer, Robert; Seibt, Simon; Parekh, Mithil; Li, JianghaiThe increasing cyber threats require quick action from security experts to protect their industrial automation control system (IACS). For fulfilling the requirement, we propose to divided the classic cyber security analysis scope into three separated, yet interconnected domains: Threat, System and Security. Thus different groups of security professionals can work independently, and are not required to have the knowledge about the full scope. In addition, we proposed an asset-centric system architecture model to enable the modeling and simulation of attacks according to publicly known threats and vulnerabilities. Analysis based on the generated attack/defense trees can assist to manage and continuously monitor the deployed security controls. The proposed approach with tool supports reduces the workload of security experts as well as the incidents response team (IRT) towards an adaptive defense manner.
- KonferenzbeitragOpansec - security integrity monitoring for controllers(Informatik 2016, 2016) Parekh, Mithil; Gao, Yuan; Gupta, Deeksha; Luschmann, Christian
- KonferenzbeitragOperational Security Modeling and Analysis for IACS(INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) Gao, Yuan; Ben Zid, Ines; Lou, Xinxin; Parekh, MithilSecurity Certifications based on international standards, like ISO 27000 and IEC 62443 series, are strongly favored by industrial manufactures and (critical) facility owners. However, comparing to mature safety certification procedures, there is only a small portion of security certifications available on the market for the booming Industry 4.0 solutions and IoT/IIoT products. The major challenge is how to define a practical working scope, which is compatible with frequent system updates as well as creations of new systems by coupling supplier services. Meanwhile, the potential security impacts should be quantitatively predictable since some of them are tolerable, which are different from most of safety constraints. Thus, in this paper, we proposed an operational security model, which intends to support monitoring and analysis on a dynamically running system. It was extended from the 3-domains security model we proposed in previous work by introducing run-time perspectives and procedures. In addition, cooperating with the security in design concept, the proposed operational procedures were developed following the guidance of the security standard series IEC 62443. For addressing the external threats, Open Source Intelligence (OSINT) were involved to query whether some confidential information, like user-credentials and system vulnerabilities are already collected and publicly known to adversaries. The introduction of OSINT can support more transparent risk assessment approaches. As the conclusion, with the operational security model, we proposed a hybrid approach which consists of security certifications and continuous monitoring/consulting to solve the current challenge.
- TextdokumentSemi-Formal Representation and Evaluation of Security Properties(INFORMATIK 2017, 2017) Lou, Xinxin; Zid, Ines Ben; Parekh, Mithil; Gao, YuanIn life-critical and safety-critical systems, one small fault can lead to huge financial and personal damages. How to reduce system failure is an important question for engineers. After the software crisis, formal methods were proposed, which have been proved to effectively reduce the risk of failure. However, the formal method is somehow not as popular as expected, because it is not easy to master, and furthermore, lacks sufficient tools to support this method. In contrast, semi-formal method as a model-driven way is widely used in industry. In this paper, we attempt to apply an application of the semi-formal method to reduce security vulnerabilities of industrial systems. Furthermore, using CSlang, different Information Security Indicators (ISI) can be represented for Industrial Automation and Control Systems (IACS).
- KonferenzbeitragSIEM: policy-based monitoring of SCADA systems(Informatik 2016, 2016) Gao, Yuan; Xie, Xin; Parekh, Mithil; Bajramovic, Edita