Options
Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC
Now showing
1 - 3 of 3
-
PublicationSecurity Risk Assessments: Modeling and Risk Level Propagation( 2023)
;Angermeier, Daniel ;Wester, Hannah ;Beilke, Kristian ;Hansch, GerhardEichler, JörnSecurity risk assessment is an important task in systems engineering. It is used to derive security requirements for a secure system design and to evaluate design alternatives as well as vulnerabilities. Security risk assessment is also a complex and interdisciplinary task, where experts from the application domain and the security domain have to collaborate and understand each other. Automated and tool-supported approaches are desired to help manage the complexity. However, the models used for system engineering usually focus on functional behavior and lack security-related aspects. Therefore, we present our modeling approach that alleviates communication between the involved experts and features steps of computer-aided modeling to achieve consistency and avoid omission errors. We demonstrate our approach with an example. We also describe how to model impact rating and attack feasibility estimation in a modular fashion, along with the propagation and aggregation of these estimations through the model. As a result, experts can make local decisions or changes in the model, which in turn provides the impact of these decisions or changes on the overall risk profile. Finally, we discuss the advantages of our model-based method. -
PublicationApplicability of Security Standards for Operational Technology by SMEs and Large Enterprises( 2020)
;Hansch, Gerhard ;Konrad, Christoph ;John, Karl-Heinz ;Bauer, JochenFranke, JörgEstablishing adequate cybersecurity for their operational technology (OT) is an existential challenge for manufacturing enterprises. Domain-specific security standards should provide essential support in this challenge. However, they cannot be implemented equally for enterprises of all sizes. We investigate to what extent domain-specific security standards for operational technology are applicable by small and medium-sized as well as large manufacturing enterprises, and how their individual need for action can be identified and addressed. We support our investigation with the results of two independent surveys among manufacturers about their needs for cybersecurity support. In the course of this investigation, we learned that most domain-specific security standards are well applicable to large enterprises. In contrast, small and medium-sized enterprises (SME) seek the support of security experts, who, for their part, are often struggling with a lack of experience in operational technology. To facilitate this cooperation, we provide an introduction for OT- and cybersecurity-experts to the respective basic concepts of their collaborators. -
PublicationPacket-wise compression and forwarding of industrial network captures( 2017)
;Hansch, GerhardNetwork traffic captures are necessary for a variety of security applications like identification of malicious patterns or training of intrusion detection systems. While monitoring of enterprise networks is common practice, it is rarely done for industrial production environments due to low bandwidth, confidential production data and sensitive legacy components. To address these challenges, we present methods for non-interfering recording, compression, and transmission of industrial network packet captures. Since a large portion of industrial network traffic consists of status reports that change only slightly, we replace recurring byte strings per connection to reduce the data sent, which also provides a form of concealment We evaluate our approach by a prototypical implementation on self-generated and publicly available industrial network captures and compare our substitution algorithm to the standard zlib algorithm as well as a combination of both methods.