Dr.-Ing.

Schneider, Daniel

Filters

4
8
Reset filters

Settings
Now showing 1 - 8 of 8
  • Publication
    The Global State of Security in Industrial Control Systems: An Empirical Analysis of Vulnerabilities around the World
    ( 2021)
    Anton, Simon Daniel Duque
    ;
    Fraunholz, Daniel
    ;
    Krohmer, Daniel
    ;
    Reti, Daniel
    ;
    Schneider, Daniel
    ;
    Schotten, Hans Dieter
    Operational Technology (OT)-networks and -devices, i.e. all components used in industrial environments, were not designed with security in mind. efficiency and ease of use were the most important design characteristics. However, due to the digitisation of industry, an increasing number of devices and industrial networks is opened up to public networks. This is beneficial for administration and organisation of the industrial environments. However, it also increases the attack surface, providing possible points of entry for an attacker. Originally, breaking into production networks meant to break an Information Technology (IT)-perimeter first, such as a public website, and then to move laterally to Industrial Control Systems (ICSs) to influence the production environment. However, many OT-devices are connected directly to the Internet, which drastically increases the threat of compromise, especially since OT-devices contain several vulnerabilities. In this work, the presence of OT-devices in the Internet is analysed from an attacker's perspective. Publicly available tools, such as the search engine Shodan and vulnerability databases, are employed to find commonly used OT-devices and map vulnerabilities to them. These findings are grouped according to country of origin, manufacturer, and number as well as severity of vulnerability. More than 13000 devices were found, almost all contained at least one vulnerability. European and Northern American countries are by far the most affected ones.
  • Publication
    Safety and Security Coengineering in Embedded Systems
    ( 2019)
    Schneider, Daniel
    ;
    Braband, Jens
    ;
    Schoitsch, Erwin
    ;
    Uhrig, Sascha
    ;
    Katzenbeisser, Stefan
  • Publication
    B-space. Dynamic management and assurance of open systems of systems
    ( 2018)
    Schneider, Daniel
    ;
    Trapp, Mario
    Connected cars, freely configurable operating rooms, or autonomous harvesting fleets: dynamically emerging open systems of systems will shape a new generation of systems opening up a vast potential for new kinds of applications. In light of the hard-to-predict structure and behavior of such systems, assuring their safety will require some disruptive changes of established safety paradigms. Combining current research results from different disciplines with industrial experience, this paper dares to think out of the box and look beyond the limits of traditional safety assurance. It structures upcoming challenges posed by the emergence of open systems of systems, tries to shift existing paradigms to meet those new challenges, and proposes an abstract conceptual framework building on comprehensive interlinked multi-concern runtime models for dynamically assuring the safety as well as other properties of open systems of systems. As there currently is no comprehensive realization of the framework, we discuss what kind of approaches could fit into which parts of the framework and exemplify this for the case of conditional safety certificates.
  • Publication
    EMC² AIPP, ARTEMIS CALL 2013
    ( 2014)
    Schneider, Daniel
    ;
    Armengaud, Eric
    ;
    Schoitsch, Erwin
    ;
    Hufeld, Knut
  • Publication
    Sicher vernetzt. Funktionssicherheit von vernetzter Software am Beispiel Smart Farming
    ( 2013)
    Knodel, Jens
    ;
    Schneider, Daniel
    Die Vernetzung von Maschinen und Arbeitsgeräten ermöglicht es, Vorteile gegenüber den Wettbewerbern zu schaffen. Zur Untersuchung der damit einhergehenden Herausforderungen hat das Fraunhofer IESE das Living Lab Smart Farming eingerichtet. Im Artikel wird skizziert, wie bedingte modulare Safety-Nachweise eine Möglichkeit zur Evaluierung der Funktionssicherheit zur Laufzeit schaffen.
  • Publication
    Conditional safety certification of open adaptive systems
    ( 2013)
    Schneider, Daniel
    ;
    Trapp, Mario
    In recent years it has become more and more evident that openness and adaptivity are key characteristics of next-generation distributed systems. The reason for this is not least due to the advent of computing trends like ubiquitous computing, ambient intelligence, and cyber-physical systems, where systems are usually open for dynamic integration and able to react adaptively to changing situations. Despite being open and adaptive, it is a common requirement for such systems to be safe. However, traditional safety assurance techniques, both state-of-the-practice and state-of-the-art ones, are not sufficient in this context. We have recently developed some initial solution concepts based on conditional safety certificates and corresponding runtime analyses. In this article we show how to operationalize these concepts. To this end, we present in detail how to specify conditional safety certificates, how to transform them into suitable runtime models, and how these models finally support dynamic safety evaluations.
  • Publication
    Offene Software-Architekturen für das Auto der Zukunft
    ( 2012)
    Knodel, Jens
    ;
    Schneider, Daniel
    In den letzten Jahren ist ein herausragender Trend für produktintegrierte, software-intensive Systeme zu beobachten - die zunehmende Vernetzung. Sei es Smart Energy oder Smart Health etc., in fast allen Domänen wird vernetzt: eingebettete Systeme untereinander, eingebettete Systeme an Informationssysteme angebunden oder eingebettete Systeme ergänzt um mobile Endgeräte als zusätzliche Bedienelemente. Auch das klassische Automobil ist auf dem besten Weg, zum Smart Car zu werden. Doch wie kann dieser Weg technisch beschritten werden? Welche Lösungen bietet das Software Engineering hier schon heute an? Das Fraunhofer-Institut IESE widmet sich einer der wesentlichen technischen Herausforderungen: "offenen Architekturen".