Auflistung nach Autor:in "Waedt, Karl"
1 - 10 von 24
Treffer pro Seite
Sortieroptionen
- Konferenzbeitrag3D modeling of selected assets, security zones and conduits(Informatik 2016, 2016) Seibt, Simon; Waedt, Karl; Delfs, Hans; Odorfer, Simon
- Konferenzbeitrag4th GI/ACMWorkshop on Standardization of I4.0 Automation and Control Systems(INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) de Meer, Jan; Waedt, Karl; Rennoch, Axel; Hof, Hans-Joachim
- TextdokumentThe 5th GI/ACM Workshop 2020 Scope and Draft Programme on Standardization of Secure and Safe Smart Manufacturing Systems with respect to IEC 62443 IACS(INFORMATIK 2020, 2021) deMeer, Jan; Waedt, Karl; Rennoch, Axel; Hof, Hans-JoachimThe 5th GI/ACM Workshop Programme on Standardization of Secure and Safe Production within Industrial Automation and Control Systems (IACS) took place virtually at September 28, 2020 at the Karlsruhe Institute of Technology (KIT) that hosted the 50th GI's yearly assembly (GI Informatik 2020 Jahrestagung): https://informatik2020.de/programm/workshops/
- TextdokumentAligning with cybersecurity framework by modelling OT security(INFORMATIK 2020, 2021) Parekh, Mithil; Waedt, Karl; Tellabi, AsmaaBefore the last decade, production units and its related systems were considered nearly as island systems and were managed as an air-gaped in their daily operations. Information and network security was not an issue because their plant's safety and continues operations have the highest priority. In the recent years, many initiatives like smart factories, adopting Industry 4.0, complex mesh of connected devices and data privacy have shifted paradigm of value chain and trust model in the production environment. By this means, state-of-the-art manufacturing environment demands for the comprehensive framework and holistic approach to address cybersecurity that affects reliability of plant operations. Therefore, few standards are gradually evolving and are extended in to this field. The ISA/IEC 62443 is one of the standard series addresses the Security of Industrial Automation and Control Systems (IACS) throughout their lifecycle. On the other hand, NIST Special Publication 800–82 is a Guide to Industrial Control Systems Security and follows NIST CSF to address OT security. As with Operational Technology (OT) requirements in general, also considering to security-related requirements as per ISA/IEC 62443, ask for more effort to deal with it later. Accordingly, bearing in mind, the need for security from the beginning of the system engineering processes reduces the overall effort and complexity during the lifecycle of OT systems. The corresponding paradigm is called Security by Design. This paper proposes on how high level foundational security requirements from ISA/IEC 62443 can be modelled using AutomationML (AML) tool and consequently explains on how easy is to integrate seamlessly that model during the design phase of engineering process.
- KonferenzbeitragThe application of Articial Intelligence for Cyber Security in Industry 4.0(INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) Ben Zid, Ines; Parekh, Mithil; Waedt, Karl; Lou, XinxinThe use of Artificial Intelligence (AI) in different domains is continuously growing. In particular for cybersecurity, we can see the implementations of AI solutions, e.g. machine learning, in a wide range of applications from various domains. While some consider this step as risk for cybersecurity, others agree that it is in fact a solution to many issues as well. This leads to a higher necessity of having a right understanding as well as handling of cybersecurity controls that enforce meeting domain, project and application specific security targets. This implies that more efforts and resources have to be focused and invested towards cybersecurity. One reason for this is that attackers (threat agents) may integrate AI based algorithms and AI based evaluation of data, which forces the security staff to respond at a similar level. Thus, we are considering AI as a potential solution for satisfying a set of rising needs and objectives. In this paper, we present the concept for merging and integration of these three major domains and applications. Also, we detail the relevant motivations, requirements and challenges to be considered when coming to such combination.
- TextdokumentFeature-based Comparison of Open Source OPC-UA Implementations(INFORMATIK 2020, 2021) Mühlbauer, Nikolas; Kirdan, Erkin; Pahl, Marc-Oliver; Waedt, KarlOPC UA is an industry-standard architecture for automation, process controlling and monitoring. It is a detailed and complex machine-to-machine communication protocol which makes it challenging to implement. The complexity of the protocol leads to heterogeneity among implementations. Today, there are several open-source implementations without a compliance certificate accredited by the OPC Foundation. Certified implementations undergo various tests to fulfil interoperability. Every implementation fits different use-cases and requirements as each of them comes with its own features. In this paper, we make a feature-based comparison of the most common open-source OPC UA implementations. We investigate their support for the essential features and functionalities. Furthermore, we evaluate their interoperability. Overall, our study shows that open-source implementations have good coverage of features and functionalities, especially open62541 and UA-.NETStandard. Furthermore, our tests show that they do not have any significant interoperability issue.
- KonferenzbeitragGeneration of Plausible Synthetic Data for Stego-Malware Detection for Inter-zone IACS Protocols(INFORMATIK 2023 - Designing Futures: Zukünfte gestalten, 2023) Edeh, Natasha; Altschaffel, Robert; Waedt, KarlISO/IEC 27002:2022 distinguishes between the following types of security controls corrective: preventive, detective and corrective. The focus of this paper is on the support for testing of detective security controls for Industrial Automation and Control Systems. More specifically we will only address the generation of synthetic data that can be used for the detection of selected, advanced detective security controls. The proposed approach will be justified, while a comprehensive validation of the effectiveness of the synthetic data is beyond the scope of this paper. This work aims to contribute to the comprehension and improvement of security measures in Industrial Automation and Control Systems by focusing on the development of synthetic data and its consequences for the identification of specific detective security controls.
- TextdokumentGossip protocol approach for a decentralized energy market with OPC UA client-server communication(INFORMATIK 2020, 2021) Schindler, Josef; Tellabi, Asmaa; Waedt, KarlGossiping is a well-researched protocol that enables decentralized information sharing. Being comparable to viruses spreading in a biological population, such concepts of data sharing are also called epidemic protocol. Without wanting to be impious with respect to recent pandemics, we propose its usage to facilitate a peer-to-peer (P2P) market for sharing energy between flexible loads or generation units, respectively. Gossip algorithms have been proposed several times in the context of power sharing in transmission grids. Our main contribution is the integration of such scenario with OPC UA. Comprising security by design, good interoperability attributes, several, well-maintained stack implementations and a widespread usage in automation, it reveals to be an outstanding framework for the proposed use case that will be explained in the first sections. After describing underlying physical models and the setup scenario, we will compare the results of the scenario that was conducted on non-OPC UA modules and an OPC UA implementation. Mostly, the performance is questioned at the comparison, still some beneficial concepts of OPC UA can be highlighted in the conclusion: Security controls can be added to the system at the Application Layer where Attribute Based Access Control (ABAC) can be performed, which allows a fine granularity of privileges expressed for subjects (agents in the gossiping algorithms) and objects (energy related assets) via semi-formal security policies. Additionally, UA Discovery service allows for plug and play availability. Concluding, a framework for a very efficient large-area algorithm is presented here to be researched in further work.
- KonferenzbeitragAn idea of using Digital Twin to perform the functional safety and cybersecurity analysis(INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) Lou, Xinxin; Guo, Yun; Gao, Yuan; Waedt, Karl; Parekh, MithilCurrent power plants, including nuclear power plants are based on digital technology. According to the Industry 4.0 concepts, similarly to the intelligent manufacturing for new factories, the use of digital twins for power plants is expected to progress. Researchers do the safety and cybersecurity analysis from various perspectives utilize different approaches, e.g. on the safety side, the FMEA (Failure Mode & Effect Analysis), FMECA (Failure mode, Effects and Criticality Analysis) are recommended by FAA (Federal Aviation Administration) to do the reliability analysis. On the cybersecurity part, researchers do the analysis only with a focus on the communication protocol, the code/memory level or on the system functionality. We have addressed refueling machines as an example for the joint consideration of functional safety and cybersecurity in previous publications. Whereas in this paper, we propose to do a functionality and cybersecurity analysis based on the digital twin of an ICS (Industrial Control System). We take the refueling machine as an example and discuss how to twin the refueling machine with high detail firstly. In addition, the possible way of how to model the ICS is discussed, e.g. the Automation ML will be used to describe the system, the OPC UA will be applied to implement the communication. Then the feasibility and benefit of analyzing the system functionality and cybersecurity based on the digital twin model are discussed.
- TextdokumentINFORMATIK 2017 WS#13(INFORMATIK 2017, 2017) de Meer, Jan; Waedt, Karl; Rennoch, AxelDer 2te internationale GI/ACM I4.0 Security Standardisation (ISS) Workshop auf der GI Jahrestagung 2017, fasst Sicherheits-gepaart mit Zuverlässigkeitsaspekten von Produktionsanlagen, z.B. in einer Smart Factory, die den Anforderungen der Multi-Teile-Norm IEC 62443[IEC14] für Industrielle Automatisierungs-und Kontrollsysteme (IACS) entspricht, genauer ins Auge. Industrieanlagen haben eine eigene inhärente Struktur, die in dem Referenz-Architekturmodell RAMI4.0 [ZVEI15], erstellt von einem Verbandskonsortium, geführt von ZVEI, skizziert ist. Diese Struktur fällt ins Gewicht, wenn ein Security-by-Design-Ansatz für verbundene, verteilte Industrieanlagen gewählt wird. Unter Sicherheit für IAC-Systemen werden hierbei im weitesten Sinne Systemeigenschaften und -fähigkeiten verstanden, die im sog. 'Pentagon of Trust' [JdM16] genannt werden, nämlich Vertrauen in vernetzte Produktionsanlagen und -geräten, Geheimhaltung von Fabrikationsdatensätzen, prüfbare Beachtung von Regulierungen und Gesetzen, Garantierung der Funktionalität von Produktionsanlagen und die einsichtige Anwendbarkeit von Anlagen und Geräten, was in ähnlicher Weise auch für vernetzte Geräte im sog. Internetz der Dinge (IoT -Internet of Things) gilt. Der 2te GI/ACM I4.0 WS strukturiert sich in die Handlungsgebiete: Architektur und Frameworks, Industrielle Erfahrung -Best Practice, Formalisierung und IACS Semantiken.
- «
- 1 (current)
- 2
- 3
- »