Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Dynamic secure remote control for industrie 4.0

Dynamische sichere Fernüberwachung für Industrie 4.0
: Damle, Sonal
: Khondoker, Rahamatullah; Larbig, Pedro; Waidner, Michael

Darmstadt, 2017, 80 pp.
Darmstadt, TU, Master Thesis, 2017
Master Thesis
Fraunhofer SIT ()
Industrie 4.0; Secure Remote Control; industry 4.0; dynamic security; automatic security

Industrie 4.0, a new term coined for the fourth industrial revolution, aims to connect the production machine (such as Programmable Logic Controller - PLC) inside the production network (factory machines such as drilling machine, lathe machine are connected to each other forming a network) to the Internet. Such formed production network and its components can be monitored and repaired remotely, and in turn will result in higher productivity efficiency. Component inside the industrial production network is referred as the production machine. With the connection of the production machine to the Internet, new security challenges are introduced, such as an intrusion via remote access, an unauthorized use of remote maintenance access, malware infection, etc. Present industrial IT networks strategies to detect and manually solve the problems in case of an error is not sufficient to mitigate these security challenges. Therefore, a new concept needs to be developed, which provides access to the production machine for the duration of remote maintenance. Access must be provided for limited duration, as opening an access port to the production machine for longer duration (than required for maintenance work) may allow intruders and attackers to exploit the open port to modify the production machine configuration details. The access to the production machine must also be provided in minimum time, reducing the Mean Time to Repair (MTTR). The production machine expert is referred as the support engineer. By providing access to the support engineer in minimum time will result in early resolution of an error, as compared to the software engineer travelling to the production machines location. In the context of the German national Industrie 4.0 reference project called IUNO, a new approach for network management, based on Software Defined Networking (SDN), is investigated to protect production network and its components from the network attacks. SDN, a network management approach reduces the efforts for the network configuration, providing dynamic configuration. SDN decouples the networks control plane from the networks forwarding plane, and the former controls the later with the various commercial (such as Ciscos OpFlex ) as well as open source protocols (such as OpenFlow [5]). In this work, a novel approach has been proposed, designed, implemented and evaluated, leveraging SDN and SaltStack (a remote configuration management tool), to provide dynamic secure remote control service to the production machine. This work shows, that it is possible to provide remote access to the production machine, dynamically on demand for limited duration utilizing SDN. Furthermore it shows, that it is possible to provide secure remote access to the production machine utilizing the public key infrastructure (PKI). The evaluation shows, that the remote access to the production machine can be provided in a short time span (for example, within minutes, depending on the network latency).