A Flexible Security Analytics Service for the Industrial IoT

Empl, Philip; Pernul, Günther

doi:10.1145/3445969.3450427

Cited by 8 publications

(2 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Modelling approaches as a foundation for threat analyses, specifically also in IIoT contexts, vary, while the most common approach is to model the system as a data flow diagram (DFD) [13][14][15][16][17][18][19]. DFDs are based on the stages of digital data and model datain-use as processes, data-at-rest as data stores and data-in-transit as data flows.…”

Section: System Modellingmentioning

confidence: 99%

“…STRIDE is the most common methodology for threat analyses, but due to its genesis in software security at Microsoft, suffers from shortcomings regarding use cases which increasingly differ from classical OS and software security [22]. However, STRIDE is used as a basis for threat analyses in the IIoT domain [14][15][16][17][18][19]. STRIDE provides six classes of common threats which facilitate the brainstorming process.…”

Section: Threat Analysismentioning

confidence: 99%

See 1 more Smart Citation

Development Process for Information Security Concepts in IIoT-Based Manufacturing

Koch

Eggers

Schüppstuhl

2022

Lecture Notes in Mechanical Engineering

View full text Add to dashboard Cite

Digital technologies are increasingly utilized by manufacturers to make processes more transparent, efficient and networked. Novel utilization elicits the challenge of preventing deployed information technology from compromising processual security. The digital enabling of formerly analog operation technology, the extensive use of information technology connectivity like MQTT, TCP/IP, Wi-Fi, and the deployment of IoT edge computing platforms create an application scenario for the Industrial Internet of Things (IIoT), which also introduces the associated vulnerabilities, which have been extensively exploited in the past. This paper introduces a development process for information security concepts designed for production scenarios based on the IIoT. This concept is then applied using an illustrative use case from aircraft production. The main contents of the development process include: Formulation of reasonable assumptions, system modelling, threat analysis including risk assessment, recommendation of countermeasures, reassessment after incorporating countermeasures. Specifically, a Data Flow Diagram as the model is developed, and a “risk first” variation of the STRIDE methodology is applied to identify threats and prioritize them. The aforementioned state-of-the-art methodologies are adjusted to our cyber-physical use case in the IIoT. The resulting concept aims to enable manufacturing processes to be digitized as sought. The adjustments to the methodologies are independent from our use case and may be suitable to a broad field of scenarios in the IIoT.

show abstract