Harmonized Monitoring for High Assurance Clouds

Bicaku, Ani; Balaban, Silvia; Tauber, Markus; Hudic, Aleksandar; Mauthe, Andreas; Hutchison, David

doi:10.1109/ic2ew.2016.20

Cited by 8 publications

(8 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The monitoring and standard compliance framework, built on our previous work [7], uses an Evidence Gathering Mechanism (EGM) to collect evidence from a number of components in the target system based on a set of measurable indicator points (MIPs). The MIPs, categorized in measurable security indicators (MSI), measurable safety indicators (MSFI) and other organizational indicators related to legal (MSLI), are extracted from existing standards and guidelines to address target system specific requirements (e.g.…”

Section: Fig 1: High Level View Of Standard Compliance Verificationmentioning

confidence: 99%

Monitoring Industry 4.0 applications for security and safety standard compliance

Bicaku

Schmittner

Tauber

et al. 2018

2018 IEEE Industrial Cyber-Physical Systems (ICPS)

Self Cite

View full text Add to dashboard Cite

In Industry 4.0 independent entities shall interoperate to allow flexible and customized production. To assure the parties that individual components are secured to inter-operate, we investigate automated standard compliance. The standard compliance is defined based on given sets of safety, security and organizational requirements from which are derived measurable indicator points. Those reflect configurations of systems recommended by security, safety or legally relevant standards and guidelines including organizational aspects, which help to demonstrate the state of compliance. We propose in this paper an initial approach to automate such assessment when components are inter-operating with each other by using a monitoring and standard compliance verification framework. This will assure the parties that services or devices within their organizations operate in a secure and standard compliant way, without compromising the underlying infrastructure.

show abstract

Section: Fig 1: High Level View Of Standard Compliance Verificationmentioning

confidence: 99%

Monitoring Industry 4.0 applications for security and safety standard compliance

Bicaku

Schmittner

Tauber

et al. 2018

2018 IEEE Industrial Cyber-Physical Systems (ICPS)

Self Cite

View full text Add to dashboard Cite

show abstract

“…In order to provide adequate security and safety levels for such a framework to function properly, services such as, authorization, authentication, certificate distribution, security logging and service intrusion are considered as well. Even though the focus of the project is to provide interoperability between devices using the ARROWHEAD framework and to integrate automation systems in these devices, security and safety aspects are also 6 www.arrowhead.eu considered. However legal (e.g., SLAs) aspects are not in the focus of the project.…”

Section: Relevant Activities In Cppsmentioning

confidence: 99%

“…The goal of this work is to provide an approach towards CPPS transparency and trustworthiness by considering the cloud and the edge devices as highly networked systems, incorporating a large number of IT systems and automation components. We consider security as not independent from other issues such as legal and safety and we will enhance our previous work [6] to address security in the CPPS with a special focus on secure end-to-end communication in Industry 4.0.…”

Section: Relevant Activities In Cppsmentioning

confidence: 99%

“…To make sure that the system is secured and the information can be trusted, measurable and automated dependabilities are needed to monitor security. By monitoring the MIPs we will extend our previous work [6] to address security in CPPS with a special focus on trustworthy end-toend communication in Industry 4.0. Our main contributions and preliminary results in this position paper are:…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Towards trustworthy end-to-end communication in industry 4.0

Bicaku

Maksuti

Palkovits-Rauter

et al. 2017

2017 IEEE 15th International Conference on Industrial Informatics (INDIN)

Self Cite

View full text Add to dashboard Cite

Industry 4.0 considers integration of IT and control systems with physical objects, software, sensors and connectivity in order to optimize manufacturing processes. It provides advanced functionalities in control and communication for an infrastructure that handles multiple tasks in various locations automatically. Automatic actions require information from trustworthy sources. Thus, this work is focused on how to ensure trustworthy communication from the edge devices to the backend infrastructure. We derive a meta-model based on RAMI 4.0, which is used to describe an end-to-end communication use case for an Industry 4.0 application scenario and to identify dependabilities in case of security challenges. Furthermore, we evaluate secure messaging protocols and the integration of Trusted Platform Module (TPM) as a root of trust for dataexchange. We define a set of representative measurable indicator points based on existing standards and use them for automated dependability detection within the whole system.

show abstract

“…The following list describes the proposed process steps in detail: 1) Define: the process starts by identifying and defining security risks for a cloud service. This can be achieved either by implementing a monitoring system [25] or by using any other method to identify security issues. In our use case the OWASP top 10 cloud security risks list was used and categorized by relevance and severity of consequences.…”

Section: Six Sigmamentioning

confidence: 99%

On the cost of cyber security in smart business

Ivkic

Wolfauer

Oberhofer

et al. 2017

2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)

Self Cite

View full text Add to dashboard Cite

In a world, as complex and constantly changing as ours cloud computing is a driving force for shaping the IT landscape and changing the way we do business. Current trends show a world of people, things and services all digitally interconnected via the Internet of Things (IoT). This applies in particular to an industrial environment where smart devices and intelligent services pave the way for smart factories and smart businesses. This paper investigates in a use case driven study the potential of making use of smart devices to enable direct, automated and voice-controlled smart businesses. Furthermore, the paper presents an initial investigation on methodologies for measuring costs of cyber security controls for cloud services.

show abstract

Harmonized Monitoring for High Assurance Clouds

Cited by 8 publications

References 10 publications

Monitoring Industry 4.0 applications for security and safety standard compliance

Monitoring Industry 4.0 applications for security and safety standard compliance

Towards trustworthy end-to-end communication in industry 4.0

On the cost of cyber security in smart business

Contact Info

Product

Resources

About