Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Applicability of Security Standards for Operational Technology by SMEs and Large Enterprises

: Wagner, Patrick; Hansch, Gerhard; Konrad, Christoph; John, Karl-Heinz; Bauer, Jochen; Franke, Jörg


Institute of Electrical and Electronics Engineers -IEEE-; IEEE Industrial Electronics Society -IES-:
25th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA 2020. Proceedings : Vienna, Austria - Hybrid, 08 - 11 September 2020
Piscataway, NJ: IEEE, 2020
ISBN: 978-1-7281-8956-7
ISBN: 978-1-7281-8957-4
International Conference on Emerging Technologies and Factory Automation (ETFA) <25, 2020, Vienna; Online>
Bayerisches Staatsministerium für Wirtschaft, Landesentwicklung und Energie StMWi
Informations- und Kommunikationstechnik Bayern; IuK585
IT-Sicherheit in der Produktion
Conference Paper
Fraunhofer AISEC ()
OT; security; standards; production facilities; SME

Establishing adequate cybersecurity for their operational technology (OT) is an existential challenge for manufacturing enterprises. Domain-specific security standards should provide essential support in this challenge. However, they cannot be implemented equally for enterprises of all sizes. We investigate to what extent domain-specific security standards for operational technology are applicable by small and medium-sized as well as large manufacturing enterprises, and how their individual need for action can be identified and addressed. We support our investigation with the results of two independent surveys among manufacturers about their needs for cybersecurity support. In the course of this investigation, we learned that most domain-specific security standards are well applicable to large enterprises. In contrast, small and medium-sized enterprises (SME) seek the support of security experts, who, for their part, are often struggling with a lack of experience in operational technology. To facilitate this cooperation, we provide an introduction for OT- and cybersecurity-experts to the respective basic concepts of their collaborators.