Dr.-Ing.

Schneider, Daniel

Filters

4
12
Reset filters

Settings
Now showing 1 - 10 of 12
  • Publication
    The Global State of Security in Industrial Control Systems: An Empirical Analysis of Vulnerabilities around the World
    ( 2021)
    Anton, Simon Daniel Duque
    ;
    Fraunholz, Daniel
    ;
    Krohmer, Daniel
    ;
    Reti, Daniel
    ;
    Schneider, Daniel
    ;
    Schotten, Hans Dieter
    Operational Technology (OT)-networks and -devices, i.e. all components used in industrial environments, were not designed with security in mind. efficiency and ease of use were the most important design characteristics. However, due to the digitisation of industry, an increasing number of devices and industrial networks is opened up to public networks. This is beneficial for administration and organisation of the industrial environments. However, it also increases the attack surface, providing possible points of entry for an attacker. Originally, breaking into production networks meant to break an Information Technology (IT)-perimeter first, such as a public website, and then to move laterally to Industrial Control Systems (ICSs) to influence the production environment. However, many OT-devices are connected directly to the Internet, which drastically increases the threat of compromise, especially since OT-devices contain several vulnerabilities. In this work, the presence of OT-devices in the Internet is analysed from an attacker's perspective. Publicly available tools, such as the search engine Shodan and vulnerability databases, are employed to find commonly used OT-devices and map vulnerabilities to them. These findings are grouped according to country of origin, manufacturer, and number as well as severity of vulnerability. More than 13000 devices were found, almost all contained at least one vulnerability. European and Northern American countries are by far the most affected ones.
  • Publication
    Safety and Security Coengineering in Embedded Systems
    ( 2019)
    Schneider, Daniel
    ;
    Braband, Jens
    ;
    Schoitsch, Erwin
    ;
    Uhrig, Sascha
    ;
    Katzenbeisser, Stefan
  • Publication
    B-space. Dynamic management and assurance of open systems of systems
    ( 2018)
    Schneider, Daniel
    ;
    Trapp, Mario
    Connected cars, freely configurable operating rooms, or autonomous harvesting fleets: dynamically emerging open systems of systems will shape a new generation of systems opening up a vast potential for new kinds of applications. In light of the hard-to-predict structure and behavior of such systems, assuring their safety will require some disruptive changes of established safety paradigms. Combining current research results from different disciplines with industrial experience, this paper dares to think out of the box and look beyond the limits of traditional safety assurance. It structures upcoming challenges posed by the emergence of open systems of systems, tries to shift existing paradigms to meet those new challenges, and proposes an abstract conceptual framework building on comprehensive interlinked multi-concern runtime models for dynamically assuring the safety as well as other properties of open systems of systems. As there currently is no comprehensive realization of the framework, we discuss what kind of approaches could fit into which parts of the framework and exemplify this for the case of conditional safety certificates.
  • Publication
    I-SafE: An integrated safety engineering tool
    ( 2015)
    Antonino, Pablo
    ;
    Velasco, David S.
    ;
    Schneider, Daniel
    ;
    Trapp, Mario
    ;
    Reich, Jan
    Traditionally, safety engineering has been a matter of tables and textual documents and even of pen and paper. Even in the age of computerization, this did has not really changed significantly, as the state of the practice in safety engineering is nowadays dominated by Excel sheets and Word files. Nevertheless, a range of computer-aided safety analysis and modeling techniques have emerged and are being put to good use. The problem here is, however, that there is a lack of profound integration between different safety artifacts on the one hand and the general engineering artifacts on the other hand. In addition, between the different safety analysis techniques and the regular engineering techniques, there is usually a range of different tools in use that are not really compatible with each other. To overcome this problem, we conceptualized and implemented an integrated multi-analyses and multi-viewpoint safety engineering tool that enables tight integration between different models within and across different engineering disciplines. This paper gives an overview of the main features of this tool.
  • Publication
    Five major reasons why safety and security haven't married (yet)
    ( 2015)
    Amorim, Tiago Luiz Buarque de
    ;
    Schneider, Daniel
    ;
    Nguyen, Viet Yen
    ;
    Schmittner, Christoph
    ;
    Schoitsch, Erwin
    Cyber-Physical Systems (CPS) offer tremendous promise. Yet their breakthrough is stifled by deeply-rooted challenges to assuring their combined safety and security. We present five major reasons why established engineering approaches need to be rethought.
  • Publication
    EMC² AIPP, ARTEMIS CALL 2013
    ( 2014)
    Schneider, Daniel
    ;
    Armengaud, Eric
    ;
    Schoitsch, Erwin
    ;
    Hufeld, Knut
  • Publication
    Sicher vernetzt. Funktionssicherheit von vernetzter Software am Beispiel Smart Farming
    ( 2013)
    Knodel, Jens
    ;
    Schneider, Daniel
    Die Vernetzung von Maschinen und Arbeitsgeräten ermöglicht es, Vorteile gegenüber den Wettbewerbern zu schaffen. Zur Untersuchung der damit einhergehenden Herausforderungen hat das Fraunhofer IESE das Living Lab Smart Farming eingerichtet. Im Artikel wird skizziert, wie bedingte modulare Safety-Nachweise eine Möglichkeit zur Evaluierung der Funktionssicherheit zur Laufzeit schaffen.