Industrial Security

Industry 4.0 is expected to transform the industrial landscape and intelligent production processes towards the creation of customized products, increased flexibility and efficiency of manufacturing, and advanced automation. It incorporates digitalization and the Internet of Things. The new features require establishing information networks that connect machinery, facilities, and devices. Therefore, Industry 4.0 also leads to an increased risk of cyber-attacks from external threats.

Industrial espionage and sabotage are becoming a significant threat, and, due to increased network connectivity, the risks will continue to grow. Attacks on industrial plants can lead to a loss of reputation and direct financial damage, for those who provide the infrastructure and for those who operate plant and machinery. In extreme cases, in sensitive areas, lack of security and protection from attackers can lead to exposure of safety of those plants.

In the light of these threats, there is a need for security solutions that take future developments into account. This requires integrating necessary security measures into facilities and machinery at an early stage of the product design and development (Security by Design). Nevertheless, there is still the need for solutions that enhance security at existing sites that are in operation now. This includes the provision of security for specific components, communication channels, embedded systems, and control mechanisms.

Expertise

  • Security analysis of core components such as PLCs, addressing their security levels
  • Secure remote access, maintenance, and updates
  • Providing security for manufacturing equipment and plant networks
  • Secure machine-to-machine communication
  • Providing security for field bus communication
  • Protection for service processes (e.g., managing function activations and maintenance modes being accessible only by authorized technicians)
  • Support in the development of manipulation-resistant components
  • Securing data by bridging the gap between virtual and real-world production environments

Publications

  • K. Böttinger, D. Schuster and C. Eckert. "Detecting Fingerprinted Data in TLS Traffic". AsiaCCS 2015.
  • M. Hutle. “Zukunft der Industriesysteme.”. In: Industrie Management 1/2013.
  • M. Hutle. “Neue Anforderungen an die Automation: Security by Design”. In: IT & Production 06/2012, available here
  • F. Stumpf. “Sicherheit von Industrie- und Automatisierungssystemen“. In: SPS-Magazin Ausgabe 3/2012, available here