Requirements Analysis for the Evaluation of Automated Security Risk Assessments

被引：0

作者：

Ehrlich, Marco ^{[1
]}

Lukas, Georg ^{[2
]}

Trsek, Henning ^{[1
]}

Jasperneite, Juegen ^{[3
]}

Kastner, Wolfgang ^{[4
]}

Diedrich, Christian ^{[5
]}

机构：

[1] OWL Univ Appl Sci & Arts, InIT Inst Ind IT, D-32657 Lemgo, Germany

[2] Rt Solut De GmbH, Ind Secur, D-50968 Cologne, Germany

[3] Fraunhofer IOSB INA, D-32657 Lemgo, Germany

[4] TU Wien Informat, A-1040 Vienna, Austria

[5] Otto von Guericke Univ, D-39106 Magdeburg, Germany

来源：

2024 IEEE 20TH INTERNATIONAL CONFERENCE ON FACTORY COMMUNICATION SYSTEMS, WFCS | 2024年

关键词：

Industry; 4.0; Security; Risk Assessment; Automation; Requirements; Evaluation; Verification; SAFETY;

D O I：

10.1109/WFCS60972.2024.10540830

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The overall Industry 4.0 developments and the highly dynamic threat landscape enhance the need for continuous security engineering of industrial components, modules, and systems. Security risk assessments play a major role to ensure a secure operation of Industrial Automation and Control Systems (IACSs) but are mostly neglected due to missing resources and a lack of human experts for the sophisticated manual tasks. Therefore, a method for information and process modelling regarding the automation of security risk assessments has been previously designed, but not yet evaluated. This work in progress begins the evaluation of the automated security risk assessment concept by investigating the related work and identifying the main deficits. The results include a requirements analysis for the verification and an outlook towards future evaluation aspects.

引用

页码：180 / 183

页数：4

共 41 条

[1]

[Anonymous], 2019, Plattform Industrie 4.0. Diskusspapier-Verwaltungsschale in der Praxis

[2]

Aven T, 2014, UNCERTAINTY IN RISK ASSESSMENT: THE REPRESENTATION AND TREATMENT OF UNCERTAINTIES BY PROBABILISTIC AND NON-PROBABILISTIC METHODS, P1, DOI 10.1002/9781118763032

[3] Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System [J].

Brenner, Bernhard ;

Hollerer, Siegfried ;

Bhosale, Pushparaj ;

Sauter, Thilo ;

Kastner, Wolfgang ;

Fabini, Joachim ;

Zseby, Tanja .

IEEE OPEN JOURNAL OF THE INDUSTRIAL ELECTRONICS SOCIETY, 2023, 4 :287-303

[4]

Broring A., 2022, Master Thesis

[5]

Broring A., 2021, 12 JAHR KOMM AUT KOM

[6]

Cook A, 2016, 4 INT S ICS SCADA CY, P84

[7]

Diedrich C., 2018, LEITK MESS AUT AUT B

[8]

Drath R., 2023, OPC UA und AutomationML: Zielbild und Handlungsempfehlungen f ur industrielle Interoperabilitat, Diskussionspapier

[9]

Eckhart M., 2020, IEEE Transactions on Dependable and Secure Computing

[10] QualSec: An Automated Quality-Driven Approach for Security Risk Identification in Cyber-Physical Production Systems [J].

Eckhart, Matthias ;

Ekelhart, Andreas ;

Biffl, Stefan ;

Lueder, Arndt ;

Weippl, Edgar .

IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, 2023, 19 (04) :5870-5881

← 1 2 3 4 5 →