Abstract
The Industrial Internet of Things (IIoT) enables the connection of industrial operational technology (OT) with information technology (IT). However, the convergence of IT and OT has the drawback that machines become increasingly vulnerable to cyber attacks. Therefore, security aspects for OT areas require special attention. The integration of Security Operations Centers (SOC) and OT offers a possible solution approach. A SOC is related to the people, processes and technologies that provide awareness through the detection, containment, and remediation of IT threats. The basis for integrating an IIoT-based SOC are well defined processes and their information needs. In this respect, the discipline of Business Process Management (BPM) offers numerous established methods, concepts and technologies for the systematic modeling and system-supported execution and analysis of processes. This paper aims to highlight the opportunities that the application of BPM concepts holds for IIoT security management. Based on the IIoT security management process, we show several exemplary ways how to leverage BPM methods for improving IIoT security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Conklin, W.A.: IT vs. OT security: a time to consider a change in CIA to include resilience. In: 49th Hawaii International Conference on System Sciences (HICSS), pp. 2642–2647. IEEE (2016)
Vielberth, M., Böhm, F., Fichtinger, I., Pernul, G.: Security operations center: a systematic study and open challenges. IEEE Access 8, 227756–227779 (2020)
Dumas, M., La Rosa, M., Mendling, J., Reijers, H.: Fundamentals of Business Process Management. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-662-56509-4
VDI/VDE: Informationssicherheit in der industriellen Automatisierung - Allgemeines Vorgehensmodell. VDI/VDE 2182 Blatt 1:2011–01 (2020)
International Electrotechnical Commission: IEC 62443 Security for Industrial Automation and Control Systems (2018)
Stoiber, C., Schönig, S.: Process-aware decision support model for integrating internet of things applications using AHP. In: Proceedings of the 23rd International Conference on Enterprise Information Systems (ICEIS), pp. 869–876 (2021)
Erasmus, J., Vanderfeesten, I., Traganos, K., Grefen, P.: Using business process models for the specification of manufacturing operations. Comput. Indust. 123, 103927 (2020)
Zarour, K., Benmerzoug, D., Guermouche, N., Drira, K.: A systematic literature review on BPMN extensions. Bus. Process Manage. J. 26(6), 1473–1503 (2019)
Altuhhova, O., Matulevičius, R., Ahmed, N.: An extension of business process model and notation for security risk management. Int. J. Inf. Syst. Model. Des. 4(4), 93–113 (2013)
Mendling, J., Reijers, H.A., van der Aalst, W.M.: Seven process modeling guidelines. Inf. Softw. Technol. 52, 127–136 (2010)
Avila, D.T., dos Santos, R.I., Mendling, J., Thom, L.H.: A systematic literature review of process modeling guidelines and their empirical support. Bus. Process Manage. J. 27, 1–23 (2020)
Schönig, S., Aires, A.P., Ermer, A., Jablonski, S.: Workflow support in wearable production information systems. In: Mendling, J., Mouratidis, H. (eds.) CAiSE 2018. LNBIP, vol. 317, pp. 235–243. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-92901-9_20
Bonchi, F., Castillo, C., Gionis, A., Jaimes, A.: Social network analysis and mining for business applications. Trans. Intell. Syst. Technol. (TIST) 2(3), 1–37 (2011)
Acknowledgement
This work is funded by the “Bavarian Ministry of Economic Affairs, Regional Development and Energy” within the project INduStrial IoT Security Operations CenTer (INSIST).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Schönig, S., Hornsteiner, M., Stoiber, C. (2022). Towards Process-Oriented IIoT Security Management: Perspectives and Challenges. In: Augusto, A., Gill, A., Bork, D., Nurcan, S., Reinhartz-Berger, I., Schmidt, R. (eds) Enterprise, Business-Process and Information Systems Modeling. BPMDS EMMSAD 2022 2022. Lecture Notes in Business Information Processing, vol 450. Springer, Cham. https://doi.org/10.1007/978-3-031-07475-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-07475-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-07474-5
Online ISBN: 978-3-031-07475-2
eBook Packages: Computer ScienceComputer Science (R0)