Skip to main content

Advertisement

SpringerLink
Log in

Security in industrial IoT – quo vadis?

Sicherheit im industriellen Internet der Dinge – Wohin führt der Weg

  • Originalarbeiten
  • Published:
e & i Elektrotechnik und Informationstechnik Aims and scope Submit manuscript

Abstract

Within Industrie 4.0, Internet technologies are a key component to enable horizontal integration and thus novel business scenarios such as smart services for maintenance. However, in the past several years numerous targeted attacks on industrial control systems have been discovered. This paper highlights the diverse threat landscape and then describes a stratified security architecture for a specific industrial scenario from an ongoing research project. The resulting system uses a Broker-based data exchange infrastructure and hardware-based security to provide transparent and end-to-end protected data exchange.

Zusammenfassung

Das Internet und Internet-Technologien sind zentrale technologische Komponenten, welche im Rahmen von Industrie 4.0 horizontale Integration und somit neue Geschäftsszenarien ermöglichen, z. B. intelligente Instandhaltungsdienstleistungen. Gleichzeitig wurden in den letzten Jahren etliche gezielte Angriffe auf industrielle Systeme entdeckt. Diese Arbeit zeigt die vielfältige Bedrohungslandschaft auf und beschreibt in Folge eine geschichtete Sicherheitsarchitektur für ein industrielles Szenario aus einem laufenden Forschungsprojekt. Das entwickelte System setzt auf eine Vermittler-basierte Datenaustauschinfrastruktur und Hardwaresicherheitstechnologien, um einen transparenten und Ende-zu-Ende geschützten Datenaustausch zu ermöglichen.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.

Similar content being viewed by others

Notes

  1. http://www.tuv-sud.com/news-media/news-archive/potential-attackers-can-be-anywhere, accessed: 2016-08-12.

  2. http://shodan.io, accessed: 2016-08-12.

  3. http://censys.io, accessed: 2016-08-12.

  4. http://www.arrowhead.eu, accessed: 2016-08-12.

References

  1. Anderl, R. (2014): Industrie 4.0—advanced engineering of smart products and smart production. In 19th international seminar on high technology.

    Google Scholar 

  2. Anderson, R., Bond, M., Clulow, J., Skorobogatov, S. (2006): Cryptographic processors—a survey. Proc. IEEE, 94(2), 357–369.

    Article  Google Scholar 

  3. Bauernhansl, T., Hompel, M., Vogel-Heuser, B. (2014): Industrie 4.0 in Produktion, Automatisierung und Logistik. Berlin: Springer.

    Book  Google Scholar 

  4. Bencsáth, B., Pék, G., Buttyán, L., Felegyhazi, M. (2012): The cousins of Stuxnet: Duqu, Flame, and Gauss. Future Internet, 4(4), 971–1003.

    Article  Google Scholar 

  5. Bundesamt für Sicherheit in der Informationstechnik (BSI) (2016): Die Lage der IT-Sicherheit in Deutschland 2015.

  6. Drath, R., Horch, A. (2014): Industrie 4.0: hit or hype? IEEE Ind. Electron. Mag., 8(2), 56–58.

    Article  Google Scholar 

  7. Hermann, M., Pentek, T., Otto, B. (2015): Design principles for Industrie 4.0 scenarios: a literature review. Dortmund: Technische Universität Dortmund.

    Google Scholar 

  8. Hertel, M. (2015): Risiken der Industrie 4.0 – Eine Strukturierung von Bedrohungsszenarien der Smart Factory. HMD, Prax. Wirtsch.inform., 52(5), 724–738.

    Article  Google Scholar 

  9. Herterich, M. M., Uebernickel, F., Brenner, W. (2015): The impact of cyber-physical systems on industrial services in manufacturing. Proc. CIRP, 30, 323–328.

    Article  Google Scholar 

  10. Kagermann, H., Riemensperger, F., Hoke, D., Helbig, J., Stocksmeier, D., Wahlster, W., Schweer, D. (2014): Smart service welt recommendations for the strategic initiative web-based services for businesses. Berlin: Acatech—National Academy of Science and Engineering.

    Google Scholar 

  11. Kagermann, H., Wahlster, W., Helbig, J. (2013): Umsetzungsempfehlungen für das Zukunftsprojekt Industrie 4.0: Abschlussbericht des Arbeitskreises Industrie 4.0. Deutsche Akademie der Technikwissenschaften.

  12. Langner, R. (2011): Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv., 9(3), 49–51.

    Article  Google Scholar 

  13. Lesjak, C., Bock, H., Hein, D., Maritsch, M. (2016, July): Hardware-secured and transparent multi-stakeholder data exchange for Industrial IoT. In INDIN 2016. IEEE Press (to appear).

  14. Lesjak, C., Hein, D., Hofmann, M., Maritsch, M., Aldrian, A., Priller, P., Pregartner, G. (2015): Securing smart maintenance services: hardware-security and TLS for MQTT. In INDIN 2015 (pp. 1243–1250). New York: IEEE Press.

    Google Scholar 

  15. Priller, P., Aldrian, A., Ebner, T. (2014): Case study: from legacy to connectivity migrating industrial devices into the world of smart services. In ETFA 2014. New York: IEEE Press.

    Google Scholar 

  16. Sadeghi, A. R., Wachsmann, C., Waidner, M. (2015): Security and privacy challenges in industrial internet of things. In Proceedings of the 52nd annual design automation conference (p. 54). New York: ACM.

    Google Scholar 

  17. Sandaruwan, G. P. H., Ranaweera, P. S., Oleshchuk, V. A. (2013): PLC security and critical infrastructure protection. In 2013 8th IEEE international conference on industrial and information systems, ICIIS (pp. 81–85). New York: IEEE Press.

    Chapter  Google Scholar 

  18. Dierks, T., Rescorla, E. (2008): The transport layer security (TLS) protocol version 1.2. RFC 5246.

Download references

Author information

Authors and Affiliations

  1. Design Center Graz, Infineon Technologies Austria AG, Babenbergerstraße 10, 8010, Graz, Österreich

    Christian Lesjak, Norbert Druml, Rainer Matischek, Thomas Ruprechter & Gerald Holweg

Authors
  1. Christian Lesjak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Norbert Druml
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rainer Matischek
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Thomas Ruprechter
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Gerald Holweg
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Norbert Druml.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lesjak, C., Druml, N., Matischek, R. et al. Security in industrial IoT – quo vadis?. Elektrotech. Inftech. 133, 324–329 (2016). https://doi.org/10.1007/s00502-016-0428-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00502-016-0428-4

Keywords

Schlüsselwörter

Search

Navigation