Logo des Repositoriums

Auflistung nach Schlagwort "IEC 62443"

1 - 4 von 4
  • Konferenzbeitrag
    Harmonizing physical and IT security levels for critical infrastructures
    (SICHERHEIT 2018, 2018) Chille, Vanessa; Mund, Sybille; Möller, Andreas
    We present a concept for finding an appropriate combination of physical security and IT security measures such that a comprehensive protection is provided. In particular, we consider security for critical infrastructures, such as railway systems. For classifying physical security measures, the so-called Protection Classes from the standard EN 50600 are used in our approach. To provide comprehensive protection for a system under consideration, these sets of explicit physical security measures need to be combined with other kinds of security, such as IT security and organizational security. We present a new classification approach named 'Type of Attack(er)' that allows for taking all aspects of security into joint consideration, and harmonizes physical and IT security levels by creating a link between EN 50600 and IEC 62443.
  • Textdokument
    Interoperability and Security Challenges of Industry 4.0
    (INFORMATIK 2017, 2017) Watson, Venesa; Tellabi, Asmaa; Sassmannahausen, Jochen; Lou, Xinxin
    Industrie 4.0 (I4.0) is the fourth industrial revolution, which will see the digital transformation of manufacturing, through the integration on Industrial Internet of Things (IIoT), Data and Services, and the convergence of Information Technology (IT) and Operational Technology (OT). With any such transformation, there exists challenges that must first be addressed for a successful outcome. For I4.0, these are interoperability and security, which respectively arise from the interconnection of devices from different manufacturers and/or with different communication protocols; and the interconnection of networks with competing critical and non-critical traffic, and the increased access to initially isolated networks. This paper presents an overview of standards, such as IEC 62443, the ISO 27000 series, IEC 62541 Open Connectivity Unified Architecture (OPC UA) and Time Sensitive Networks (TSN) (IEEE 1722-2016), which addresses these challenges.
  • Textdokument
    Operational Security Analysis and Challenge for IoT Solutions
    (INFORMATIK 2020, 2021) Gao, Yuan; Lou, Xinxin
    The marketing engagement of Internet of Things (IoT) shows a wide vista together with Industry 4.0 regarding modern manufacturing and services. However, the evolution of technologies and rising regulation concerns regarding security and privacy are bring challenges to IoT solutions. On one side, the security analysis of IoT solutions has to consider the security posture in a much wider scope including both edge and cloud sides even across global geo-locations. On the other side, new regulation requirements demand a full tracking of data access. In addition, authorizations should be evaluated explicitly and can be revoked any time for maximizing data protection. Both challenges can be solved by implementing a novel security model targeting those requirements while zero trust model is a good candidate. Thus in this paper, we compared the most commonly used perimeter security model and the zero trust model under the circumstance for modern IoT solutions. Furthermore, from the regulation perspective, the concepts of zero trust model are analyzed to show its compliance with regulation requirements. For easing the discussion of IoT solutions, a general IoT architecture is proposed and relevant zero trust model implementations are described. Especially, the zero trust model relevant security controls are highlighted as a guidance for the design of IoT solutions. As the conclusion, we propose a general implementation of zero trust model within the context of IoT solution to solve the challenges facing by the industry.
  • Konferenzbeitrag
    Operational Security Modeling and Analysis for IACS
    (INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) Gao, Yuan; Ben Zid, Ines; Lou, Xinxin; Parekh, Mithil
    Security Certifications based on international standards, like ISO 27000 and IEC 62443 series, are strongly favored by industrial manufactures and (critical) facility owners. However, comparing to mature safety certification procedures, there is only a small portion of security certifications available on the market for the booming Industry 4.0 solutions and IoT/IIoT products. The major challenge is how to define a practical working scope, which is compatible with frequent system updates as well as creations of new systems by coupling supplier services. Meanwhile, the potential security impacts should be quantitatively predictable since some of them are tolerable, which are different from most of safety constraints. Thus, in this paper, we proposed an operational security model, which intends to support monitoring and analysis on a dynamically running system. It was extended from the 3-domains security model we proposed in previous work by introducing run-time perspectives and procedures. In addition, cooperating with the security in design concept, the proposed operational procedures were developed following the guidance of the security standard series IEC 62443. For addressing the external threats, Open Source Intelligence (OSINT) were involved to query whether some confidential information, like user-credentials and system vulnerabilities are already collected and publicly known to adversaries. The introduction of OSINT can support more transparent risk assessment approaches. As the conclusion, with the operational security model, we proposed a hybrid approach which consists of security certifications and continuous monitoring/consulting to solve the current challenge.