In industry, more and more expertise containing data to be transmitted. It is therefore necessary to set both in protecting the network against cyber attacks as well as the software and know-how protection to also avoid interference of network communication, such as tampering and counterfeiting.
Intelligent factories contain today and even more so in the future industrial 4.0 more and more knowledge about the products formed in the form of digital data in the production process. The flexibility to produce down to the number 1 and produce different products without conversion, makes this necessary. Accordingly, the degree of crosslinking is constantly increasing. The use of intelligent sensors and actuators and their integration with control systems and MES systems to Big Data in the cloud are unstoppable. But they also bring new risks: piracy by copying the data and software reverse engineering and the risk of manipulation by altering the production data, or software in controllers and intelligent devices. The article describes threats and conservation objectives and mechanisms for communication over networks and the software used in the Appendices.
threats and protection objectives
Industrial products in a to produce complex, automated process with optimal productivity and reliable consistent quality is the core demanding task, the operator would like to focus exclusively. In view of over 200 published annually vulnerabilities alone in industrial control systems and reports of increasing cyber attacks and espionage they find themselves faced with the additional task of making their critical processes robust against such attacks. So headline in the Frankfurter Allgemeine Zeitung on 31.3.2014 »Cyber criminals earn more than drug dealers” and showed how number and price performance of so-called Exploit kits increase, ready available software construction kits for attacks on known vulnerabilities.
In addition, manufacturers must ensure their competitive advantage, protect the know-how contained in their products and ensure that their products work as expected. Figures for the last VDMA study on piracy of April 2014 speak for themselves: hit 7.9 billion euros damage solely with German engineering, 9 of 10 manufacturers with more than 500 employees. In addition, with 72 percent of reverse engineering, that is the cutting of the products and analyzing the software algorithms, the primary source for the production of counterfeits. Here, Germany is to China as a source of plagiarism already at # 2, which shows the global nature of the challenge.
The threats and measures for their defense can be broken down as follows protection goals.
. 1 Availability: The availability of the production process is traditionally done by plant operators with the highest priority protection objective. Endangered, it is both unauthorized access and targeted attacks as well as untargeted faults such as the unchecked spread of malicious software, or other network “accidents” that can lead to denial-of-service situations.
. 2 Confidentiality: The protection of data in motion against unauthorized reading on the network and programs and data at rest against spying and reverse engineering is usually guaranteed by encrypted transmission and storage
3.. Integrity: measures for data integrity to prevent messages on the path from the sender to the receiver (unnoticed) can be modified; Measures to protect against software integrity that programs be manipulated and can reach unacceptable programs as malicious software to run.
. 4 Authenticity: The protection goal of a certificate of authenticity and identity data transmitters and receivers is pursued at different levels, at the network level (authenticity of network devices), the application level (authenticity of software applications, between which data are exchanged) and, where appropriate user level (authenticity of the people who run the applications and use). Common mechanisms for this purpose today are preferably based on the template or the exchange of digital certificates with trusted classified signatures.
The Authenticity is essential for that build schemas for authorization, ie defined and controlled authorization to perform certain functions or for reading and writing data depends on the proven identity and related role in the system.
- http://www.elektroniknet.de/anbieterkompass/?anbieter=8872995
- http://www.elektroniknet.de/anbieterkompass/?anbieter=1033771
No comments:
Post a Comment