Logo des Repositoriums

Auflistung nach Schlagwort "Industrial Automation and Control System"

1 - 3 von 3
  • Textdokument
    Interactive graphical modeling of security artefacts for abstracted Industry 4.0 automation systems
    (INFORMATIK 2022, 2022) Tchuegoue Djeukoua,Louis Roger; Kreho,Edin; Belaidi,Siwar; Waedt,Karl
    The frontend and backend are found in all software and therefore also on all websites. These two terms describe two different layers that make up programs or pages. About two thirds of all companies have their own website, and most employees use computers.Globally, cyberattacks are becoming more prominent and spreading to multiple areas, and the move to Industry 4.0 requires increased security measures. Important security precautions must be taken from the development of industrial devices that use the Industrial Internet of Things, with IEC 62443, ISO/IEC 27001, and their integration into the architecture of existing information and automation systems must be secure. IEC 62443 focuses on the IT security of so-called industrial automation and control systems (IACS), which are necessary for the safe and reliable operation of automated factories or infrastructures. ] Since security breaches are inevitable, it is also important to implement detection and response mechanisms in industrial automation and control systems (IACS). Together, these measures will enable various organizations to achieve an appropriate level of resilience. This paper discusses the interactive graphical representation of large-scale industrial automation systems for the purpose of modeling and evaluating cybersecurity during all phases of the industrial equipment life cycle. In addition, it addresses the expressiveness and scalability of front-end graphical problems by assuming that a multi-user back-end server with a semi-formal representation of cybersecurity-related artifacts is available, at least in software prototype form.
  • Textdokument
    New cybersecurity standards for IACS of the nuclear power industry in China
    (INFORMATIK 2022, 2022) Guo,Yun; Wang,Junjie
    As of June 2022, China has ranked second with respect to the number of nuclear power plants (NPPs) under construction and in operation in the world. It’s expected that China's installed nuclear power capacity will reach about 70 million kilowatts by 2025. At present, industrial control systems of China's new NPPs have adopted digital industrial ones, and existing NPPs are gradually evolving from a mixture of digital and analog to full digital technology, which has brought great challenges to the cyber security of nuclear power plants. The cyber attack on the industrial control systems of NPPs may not only lead to interruptions in the production process, but also may cause nuclear safety incidents. Therefore the Standardization Administration of the People's Republic of China and relevant industry regulatory departments have respectively developed national and industry level standards regarding the cybersecurity of industrial control systems of nuclear power plants in recent years. This report introduces China's new standards on the cyber security of industrial control systems in NPPs, analyzes their relationship with relevant international standards, puts forward the issues that need to be considered regarding the coordination of those standards, and provides reference for the subsequent development of new international standards.
  • Textdokument
    Scalable backend representation of security posture of IIoT systems
    (INFORMATIK 2022, 2022) Kreho,Edin; Djeukoua,Roger; Guiraud,Timothée; Waedt,Karl
    The focus of this paper is the scalable modelling and database representation of cybersecurity postures as part of a framework for modelling of security artefacts. A cybersecurity posture describes the current state of protection of a system. During the lifecycle phases of a power plant or manufacturing facility this includes the semi-formal database representation of all components and subsystems of automation equipment, the controlled aggregates, the related sensors and the applied security controls. The type of database choice is discussed based on the need to serve as web backend server and scalable multi-user use. The frontend part of a comprehensive security artefacts modelling framework is not in the focus of this paper. One focus will be on the modelling related to network security artefacts as supporting assets. This will include all network devices and network endpoints with segregations between networks by physically unidirectional security gateways and firewalls. The primary assets (that are controlled or monitored) will be selected and can include pumps, pressurizers, valves, motors, circuit breakers and similar. The important part of the modelling is to be able to represent the potential attack vectors via supporting assets up to the primary assets that may potentially be destroyed or degraded by an attack. An important aspect of the data modeling is the security grading, as present in industrial environments, but not covered by the common IT security standards (like ISO/IEC 2700x). The current state of the art of tools and frameworks that cover a part of the intended data modelling will be outlined. The backend of a document based (e.g. MongoDB) database for modelling the relations will be presented in more detail. The backend semi-formal representation takes into account the semi-formal approach of structuring of the supporting assets, structuring of primary assets, linking between assets and association of Application Security Controls in the sense of ISO/IEC 27034-5 and ISO/IEC 27034-5-1 (for XML/JSON representation) to supporting assets.[ IS17] [IS18] A web framework will be used to interact with the backend data representation. Approaches to compare different revisions of a security posture will be outlined. This will help in planning and regularly monitoring the progress of a security posture, e.g. with regard to security audit preparations.