Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

SDN-based security policy module for Industry 4.0 remote maintenance

: Papp, Katalin
: Khondoker, Rahamatullah; Weber, Frank; Larbig, Pedro; Massacci, Fabio; Waidner, Michael

Darmstadt, 2017, 67 S.
Darmstadt, TU, Master Thesis, 2017
Master Thesis
Fraunhofer SIT ()
SDN; security policy; industry 4.0; Remote Maintenance Security; SDN security

The Industry 4.0 paradigm aims to introduce smart factories which employ a high degree of automation and interconnectivity of the elements of their production networks. These factories are composed of autonomous production machines which can predict breakdowns or failures, and are capable of decision making. Human supervision is minimized, but in some cases, a human expert might be needed. To reduce the costs of travel, it is desirable to employ a remote maintenance procedure. As this opens up possible security breaches, a security policy must be designed and enforced in the remote maintenance system. This thesis proposes a Software Defined Networking (SDN) based solution to enforce a security policy in the remote maintenance scenario. This solution is implemented as an application module for the Open Network Operating System (ONOS) SDN controller interacting with the policy management tool AuthZForce. The security requirements have been gathered from industry standards such as ISO 27033, and the recommendations of the German Federal Office of Information Security (BSI) for remote maintenance. The derived security policy rules are represented in the eXtensible Access Control Markup Language (XACML). The designed security policy module is tested in a virtual testbed, to show that an extensible ONOS application can serve as a policy enforcement tool in the remote maintenance scenario.