Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Towards Computer-Aided Security Life Cycle Management for Critical Industrial Control Systems

 
: Patzer, Florian; Meshram, A.; Birnstill, Pascal; Haas, Christian; Beyerer, Jürgen

:

Luiijf, Eric (Ed.):
Critical Information Infrastructures Security. 13th International Conference, CRITIS 2018 : Kaunas, Lithuania, September 24-26, 2018; Revised Selected Papers
Cham: Springer International Publishing, 2019 (Lecture Notes in Computer Science 11260)
ISBN: 978-3-030-05848-7 (Print)
ISBN: 978-3-030-05849-4 (Online)
S.45-56
International Conference on Critical Information Infrastructures Security (CRITIS) <13, 2018, Kaunas>
Englisch
Konferenzbeitrag
Fraunhofer IOSB ()
ICS Security; critical infrastructure security; security-by-design; automated vulnerability assessment; security life cycle management; defense-in-depth; knowledge base

Abstract
Critical infrastructure experienced a transformation from isolated towards highly (inter-)connected systems. This development introduced a variety of new cyber threats, causing high financial damage, threatening lives and affecting the society. Known examples are Stuxnet, WannaCry and the attacks on the Ukrainian power grid. To prevent such attacks, it is indispensable to properly design, assess and maintain countermeasures and security strategies throughout the whole life cycle of the critical systems. For this, security has to be considered and assessed for every system design and redesign. However, common assessment tools and methodologies are not executed on a detailed system knowledge and therefore they are enhanced with penetration tests. Unfortunately, performing only abstract assessments is inadequate and penetration tests endanger the availability of the tested systems. Therefore, the latter cannot be performed on live systems executing critical processes. In this paper, we address these issues for Industrial Control Systems and explain how new concepts for continuous security-by-design or model-based system monitoring and automated vulnerability assessments can resolve them by exploiting new Industry 4.0 developments.

: http://publica.fraunhofer.de/dokumente/N-548902.html