Security Engineering with AutomationML – A Methodology for Modeling Security Decisions, Goals, Risks, and Requirements

A global view of security aspects along the entire life cycle of production plants and processes has become unavoidable due to increasing digitalization and networking. Without adequate protective measures against security risks, both the efficiency and the security of industrial automation systems are at risk. The integration of security properties into machinereadable information models such as AutomationML enables a systematic and detailed consideration of the security aspects of a system. This guideline provides recommendations for incrementally adding security properties to the information model. Two views are created to consider the requirements and perspectives of automation engineering and security engineering. Overall, this guide provides a practical and forward-looking method for advancing the integration of security in automation engineering. © 2023 The Authors.