Logo des Repositoriums
 

Scalable backend representation of security posture of IIoT systems

Kurzanzeige
dc.contributor.authorKreho,Edin
dc.contributor.authorDjeukoua,Roger
dc.contributor.authorGuiraud,Timothée
dc.contributor.authorWaedt,Karl
dc.contributor.editorDemmler, Daniel
dc.contributor.editorKrupka, Daniel
dc.contributor.editorFederrath, Hannes
dc.date.accessioned2022-09-28T17:10:06Z
dc.date.available2022-09-28T17:10:06Z
dc.date.issued2022
dc.description.abstractThe focus of this paper is the scalable modelling and database representation of cybersecurity postures as part of a framework for modelling of security artefacts. A cybersecurity posture describes the current state of protection of a system. During the lifecycle phases of a power plant or manufacturing facility this includes the semi-formal database representation of all components and subsystems of automation equipment, the controlled aggregates, the related sensors and the applied security controls. The type of database choice is discussed based on the need to serve as web backend server and scalable multi-user use. The frontend part of a comprehensive security artefacts modelling framework is not in the focus of this paper. One focus will be on the modelling related to network security artefacts as supporting assets. This will include all network devices and network endpoints with segregations between networks by physically unidirectional security gateways and firewalls. The primary assets (that are controlled or monitored) will be selected and can include pumps, pressurizers, valves, motors, circuit breakers and similar. The important part of the modelling is to be able to represent the potential attack vectors via supporting assets up to the primary assets that may potentially be destroyed or degraded by an attack. An important aspect of the data modeling is the security grading, as present in industrial environments, but not covered by the common IT security standards (like ISO/IEC 2700x). The current state of the art of tools and frameworks that cover a part of the intended data modelling will be outlined. The backend of a document based (e.g. MongoDB) database for modelling the relations will be presented in more detail. The backend semi-formal representation takes into account the semi-formal approach of structuring of the supporting assets, structuring of primary assets, linking between assets and association of Application Security Controls in the sense of ISO/IEC 27034-5 and ISO/IEC 27034-5-1 (for XML/JSON representation) to supporting assets.[ IS17] [IS18] A web framework will be used to interact with the backend data representation. Approaches to compare different revisions of a security posture will be outlined. This will help in planning and regularly monitoring the progress of a security posture, e.g. with regard to security audit preparations.en
dc.identifier.doi10.18420/inf2022_134
dc.identifier.isbn978-3-88579-720-3
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/39489
dc.language.isoen
dc.publisherGesellschaft für Informatik, Bonn
dc.relation.ispartofINFORMATIK 2022
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-326
dc.subjectCybersecurity
dc.subjectIndustrial Automation and Control System
dc.subjectIndustrial Internet Of things
dc.subjectConcurrent cybersecurity Modelling
dc.subjectPrimary Assets
dc.subjectSupporting Assets
dc.subjectSdocument-oriented database
dc.titleScalable backend representation of security posture of IIoT systemsen
gi.citation.endPage1564
gi.citation.startPage1557
gi.conference.date26.-30. September 2022
gi.conference.locationHamburg
gi.conference.sessiontitle7th GI/ACM I4.0 Workshop on Industrial Automation and Control Systems

Dateien

Originalbündel
1 - 1 von 1
Vorschaubild nicht verfügbar
Name:
industrial_04.pdf
Größe:
780.6 KB
Format:
Adobe Portable Document Format
Herunterladen

Sammlungen

P326 - INFORMATIK 2022 - Informatik in den Naturwissenschaften