Logo des Repositoriums

Auflistung nach Autor:in "Schindler, Josef"

1 - 7 von 7
  • Textdokument
    Gossip protocol approach for a decentralized energy market with OPC UA client-server communication
    (INFORMATIK 2020, 2021) Schindler, Josef; Tellabi, Asmaa; Waedt, Karl
    Gossiping is a well-researched protocol that enables decentralized information sharing. Being comparable to viruses spreading in a biological population, such concepts of data sharing are also called epidemic protocol. Without wanting to be impious with respect to recent pandemics, we propose its usage to facilitate a peer-to-peer (P2P) market for sharing energy between flexible loads or generation units, respectively. Gossip algorithms have been proposed several times in the context of power sharing in transmission grids. Our main contribution is the integration of such scenario with OPC UA. Comprising security by design, good interoperability attributes, several, well-maintained stack implementations and a widespread usage in automation, it reveals to be an outstanding framework for the proposed use case that will be explained in the first sections. After describing underlying physical models and the setup scenario, we will compare the results of the scenario that was conducted on non-OPC UA modules and an OPC UA implementation. Mostly, the performance is questioned at the comparison, still some beneficial concepts of OPC UA can be highlighted in the conclusion: Security controls can be added to the system at the Application Layer where Attribute Based Access Control (ABAC) can be performed, which allows a fine granularity of privileges expressed for subjects (agents in the gossiping algorithms) and objects (energy related assets) via semi-formal security policies. Additionally, UA Discovery service allows for plug and play availability. Concluding, a framework for a very efficient large-area algorithm is presented here to be researched in further work.
  • Konferenzbeitrag
    Interoperability of fast charging station with battery booster
    (INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) Schindler, Josef; Watson, Venesa; Waedt, Karl
    Before a high proportion of Electric Vehicles (EV) will be deployed, sufficient charging infrastructure for these EVs must be provided. In Germany, this deployment is hindered by the lack of a universal standard for the geometry of the charging plugs, the different charging voltage levels, the structure of data that is provided by the charging station and so forth. Related standards such as ISO/IEC 15118 and ISO/IEC 61850, respectively addresses front-end communication between EVs and common charging stations and defines communication messages for grid automation. Whilst ISO/IEC 15118 does address interoperability between charging infrastructures from different manufacturers, its restriction to front-end communication limits the extent of advanced interoperability. In this paper, we investigate the interoperability on battery boosted charging stations based on OPC Unified Architecture (OPC UA). OPC UA, powered by the OPC Foundation, is the primary interoperability standard for Industry 4.0 (I4.0). OPC UA enables data exchange regardless of the manufacturer of individual components. OPC UA can be implemented in embedded devices and controllers without considering additional “black boxes”, “windows boxes” or gateways in front of the equipment. This level of interoperability provides significant cost-saving for the utilities during all lifecycle phases. It also ensures transparent data acquisition for customers. In this paper, an example of fast charging station with battery booster is used to demonstrate the interoperability feature of OPC UA compared to that of ISO/IEC 15118. Also, their differing structure makes it necessary to consider these charging stations separately from common ones. Therefore, various data representation formats are utilized to show information sharing within two model user groups.
  • Konferenzbeitrag
    Optimizing OPC UA Deployments on Node.js through Advanced Logging Techniques
    (INFORMATIK 2023 - Designing Futures: Zukünfte gestalten, 2023) Kirdan, Erkan; Schindler, Josef; Waedt, Karl
    This paper explores the value and benefits of implementing advanced logging techniques within OPC UA deployments in Node.js. OPC UA is a leading protocol for interoperable and secure data exchange in industrial automation and IoT, among other complex data communication systems. Adopting sophisticated logging strategies can optimize its deployments on Node.js. The paper uses a case study to demonstrate the real-world impact of integrating robust logging solutions into OPC UA deployments. It underscores how such practices can improve system reliability, increase debugging efficiency, enhance security, and understand system performance. This valuable insight aids developers and system administrators in managing and maintaining complex OPC UA deployments, reinforcing the critical role of a well- implemented logging strategy. By analyzing a specific instance of an OPC UA server-client pair implemented in Node.js, the paper invites a broader discussion around the optimization strategies that could further strengthen the robustness and security of OPC UA systems. It aims to open avenues for more research, encouraging a continuous drive towards more efficient and secure industrial automation and data communication systems.
  • Textdokument
    Secure OPC UA Server configuration for smart charging stations
    (INFORMATIK 2021, 2021) Schindler, Josef; Kirdan, Erkin; Waedt, Karl
    Direct-To-Consumer (D2C) marketing recently gains popularity in society by bypassing unnecessary mediators and thus avoiding cost. In Information and Communication Technology (ICT) terms, it is comparable with Machine-To-Machine (M2M) communication overcoming additional mediators, i.e. remote servers. In this paper, we research M2M communication for battery boosted charging station. Therefore, we consider a setup comprising an OPC Unified Architecture (OPC UA) Client and OPC UA Server. The server represents the smart charging station, where the client can reserve time slots for charging sessions. In this paper, we answer how to facilitate this using the different services provided by OPC UA. Additionally, we apply an OPC UA Metasploit module on two differently - according to the function manuals - configured OPC UA Servers. Afterwards, we validate the results.
  • Textdokument
    Secure Unidirectional Security Gateways for Industrie 4.0
    (INFORMATIK 2021, 2021) Moussi Djeukoua, Christele Larissa; Guiraud, Timothee; Bajramovic, Edita; Schindler, Josef; Waedt, Karl
    Secure data exchange between different geographical sites (e.g. industrial manufacturing facilities, power plants, research labs, and manufacturer test facilities) is an important part of cybersecurity. It is for example addressed by section 13 “Communications Security” of ISO/IEC 27002:2013. ISO/IEC 27033-4:2014 gives guidance for securing communications between networks using security gateways (firewall, application firewall, Intrusion Protection System, etc.). While the newest part of the multipart ISO/IEC 27033 standards series, ISO/IEC WD 27033-7 “Information technology Network security Part 7: Guidelines for network virtualization security” is more on the abstraction of physical components involved in communication, this paper aims to emphasize the fiber optical network communication-based security between very specific Cyber-Physical Systems (CPS). In this case, secure means a strictly reduced feedback channel. According to ISO/IEC 27033-4, essentially, the approaches described in this paper would be classified as physically unidirectional security gateways. In this paper, requirements and concepts will be presented which are beneficial for a scalable use in Industry 4.0 applications for highest (hardware-enforced) unidirectional communication and which can coexist with Firewall and Demilitarized Zone (DMZ) approaches that are also needed for complex IACS architectures.
  • Konferenzbeitrag
    Security challenges and best practices for resilient IIoT Networks: Network Segmentation
    (INFORMATIK 2023 - Designing Futures: Zukünfte gestalten, 2023) Yatagha, Romarick; Waedt, Karl; Schindler, Josef; Kirdan, Erkan
    The surging prominence of the Industrial Internet of Things (IIoT) introduces both unique prospects and complex issues for industrial control systems, notably within the cybersecurity sphere. Cybersecurity concerns are particularly acute for smart factories, entities that leverage IIoT capabilities like networked sensors and machine learning to streamline production. The heterogeneous devices from diverse manufacturers and vast interconnected networks heighten their susceptibility to cyber threats. This paper examines the contemporary cybersecurity landscape within smart factories, pinpointing current vulnerabilities and imminent threats. Drawing on this analysis, we put forth a suite of best practices and strategic measures to fortify IIoT networks, including but not limited to network segmentation and stringent access controls. We pay specific attention to network segmentation, a technique used to break down a computer network into manageable subnetworks, thus mitigating the risk of attacks. We propose an innovative network segmentation policy that leverages clustering, an unsupervised learning algorithm. This algorithm classifies network traffic into distinct categories based on, but not limited to, source and destination IP addresses, employed protocol, and packet size. This data-driven classification simplifies network segmentation and configuration, minimizing their complexity. The paper also underlines the critical role of employee training and awareness in establishing robust security practices, particularly for the design, integration, and deployment of IIoT devices and edge computing. Our findings offer actionable insights for industrial control systems operators and cybersecurity professionals, empowering them to fortify their IIoT networks against cyber threats effectively.
  • Textdokument
    Supporting Security in Industrial Automation and Control Systems using Domain-Specific Modelling
    (INFORMATIK 2021, 2021) Altschaffel, Robert; Hempel, Ivo; Keil, Oliver; Schindler, Josef; Szemkus, Martin; Dittmann, Jana; Lange, Matthias; Waedt, Karl; Ding, Yongjian
    This paper explores how domain specific modelling can be used to support the identification of potential vulnerabilities and risks in Industrial Automation and Control Systems (IACS) to enhance security by enabling a mitigation of these vulnerabilities. This approach can be used to support already deployed IACS or to include Security-by-Design and Security Defence-in-Depth principles in the planning of future facilities. This paper explores the requirements for such a modelling approach including domain and security specific aspects. Three interlinked aspects of IACS which require different modelling approaches are identified leading to three distinct types of models: Infrastructure, cyber-process, and physical process. These three types are relevant for different attack vectors and to judge the potential impact of any attack. This paper shows examples for these three models and how these models can be used to identify vulnerabilities with the aim to close them.