Options
Development process for information security concepts in IIoT-based manufacturing
Citation Link: https://doi.org/10.15480/882.4635
Publikationstyp
Conference Paper
Date Issued
2022-06
Sprache
English
Institut
TORE-DOI
Start Page
316
End Page
331
Citation
31st International Conference on Flexible Automation and Intelligent Manufacturing (FAIM 2022)
Contribution to Conference
Publisher DOI
Scopus ID
Publisher
Springer
Peer Reviewed
true
Digital technologies are increasingly utilized by manufacturers to make processes more transparent, efficient and networked. Novel utilization elicits the challenge of preventing deployed information technology from compromising processual security. The digital enabling of formerly analog operation technology, the extensive use of information technology connectivity like MQTT, TCP/IP, Wi-Fi, and the deployment of IoT edge computing platforms create an application scenario for the Industrial Internet of Things (IIoT), which also introduces the associated vulnerabilities, which have been extensively exploited in the past. This paper introduces a development process for information security concepts designed for production scenarios based on the IIoT. This concept is then applied using an illustrative use case from aircraft production. The main contents of the development process include: Formulation of reasonable assumptions, system modelling, threat analysis including risk assessment, recommendation of countermeasures, reassessment after incorporating countermeasures. Specifically, a Data Flow Diagram as the model is developed, and a “risk first” variation of the STRIDE methodology is applied to identify threats and prioritize them. The aforementioned state-of-the-art methodologies are adjusted to our cyber-physical use case in the IIoT. The resulting concept aims to enable manufacturing processes to be digitized as sought. The adjustments to the methodologies are independent from our use case and may be suitable to a broad field of scenarios in the IIoT.
Subjects
Threat modelling
IIoT
STRIDE
Cyber-physical systems
Information security
Industry 4.0 · DFD
DDC Class
004: Informatik
600: Technik
620: Ingenieurwissenschaften
Publication version
publishedVersion
Loading...
Name
978-3-031-18326-3_31.pdf
Size
330.18 KB
Format
Adobe PDF