Abstract
Industrie 4.0 (I4.0) in Germany—or Industrial Internet 4.0, as it is called internationally—are key initiatives in order to bring digitization into the automation domain by taking advantage of recent technology advancements such as the Internet of Things (IoT). The core concept for I4.0 is the digital twin or asset administration shell (AAS), as it is called by the German Plattform Industrie 4.0 initiative. It shall provide a machine-readable description of I4.0 components, being available over the entire lifecycle and being used for various advanced use cases and services.
Security has been an increasingly known and needed aspect during the last years and is a key requirement to make I4.0 actually happen. In a previous paper we proposed concepts for integrating authorization tightly into OPC Unified Architecture (OPC UA)-based information models. OPC UA is a new and promising industrial technology, which could be used to implement AAS concepts. The current proposals for AAS define necessary security concepts; however, there is no work explaining how these concepts can be implemented in OPC UA. This paper closes this gap by elaborating on realization alternatives in OPC UA. Furthermore, we extend our basic performance evaluation with more realistic data access patterns based on I4.0 use cases, showing the applicability of our approach in practice.
Zusammenfassung
Industrie 4.0 (I4.0) – international oft auch als Industrial Internet 4.0 bezeichnet – ist eine Initiative, welche die aktuellen Fortschritte in Bereichen wie Internet der Dinge (IoT) nutzt, um Digitalisierung in der Automatisierungsdomäne zu stärken. Ein Kernkonzept für I4.0 ist der digitale Zwilling, welcher von der deutschen Initiative Plattform Industrie 4.0 als Verwaltungsschale bezeichnet wird. Die Verwaltungsschale soll eine maschinenlesbare Beschreibung einer I4.0-Komponente zur Verfügung stellen. Sie ist über den gesamten Lebenszyklus verfügbar und für vielfältige höherwertige Anwendungsfälle und Dienste nutzbar. Security war über die letzten Jahre ein immer wichtiger werdendes, notwendiges Thema und wird dies auch bleiben. Security ist daher auch ein Schlüsselelement für I4.0. In einer vorherigen Publikation wurden Konzepte zur tieferen Integration von Autorisierung in OPC Unified Architecture (OPC UA)-basierte Informationsmodelle vorgeschlagen. OPC UA ist eine neue und vielversprechende industrielle Technologie, die genutzt werden kann, um Verwaltungsschalen-Konzepte zu implementieren. Derzeitige Vorschläge für die Verwaltungsschale definieren notwendige Security-Konzepte; es gibt jedoch keine Arbeiten, die erklären, wie diese Konzepte in OPC UA implementiert werden können. Diese Publikation schließt diese Lücke und arbeitet alternative Realisierungen mittels OPC UA aus. Zudem wird die grundlegene Performanz-Evaluierung auf Basis von I4.0-Anwendungsfällen durch realistischere Zugriffsmuster erweitert, um die Anwendbarkeit des beschriebenen Ansatzes in der Praxis zu zeigen.
Funding statement: The authors were supported by German Federal Ministry of education and research (BMBF) in the scope of BaSys 4.0 Project (Föderkennzeichen 01|S16022).
About the authors
Johannes Schmitt is senior scientist at the Networks and Devices team at ABB Corporate Research in Ladenburg, Germany. Johannes holds a PhD in Electrical engineering from the TU Darmstadt, Germany. His research interests include information-centric concepts and communication for automation systems, and OPC UA on embedded or mobile devices up to cloud based systems.
Thomas Gamer is research team leader of the Networks and Devices team at ABB Corporate Research in Ladenburg, Germany. The team‘s research focus is on future solutions for orchestration of industrial networks as well as device integration and information provisioning for industrial systems. He received the PhD in computer science from Karlsruhe Institute of Technology (KIT) in 2010. His recent work focused on autonomy in industrial systems, integrated solutions for building automation systems as well as Industry 4.0 and cyber security.
Marie C. Platenius-Mohr is scientist at the Software Systems and Architecture team at ABB Corporate Research in Ladenburg, Germany. Before, she was a postdoctoral researcher at the Software Engineering Group of the Heinz Nixdorf Institute at Paderborn University. There, she led the software architecture team of the Collaborative Research Centre 901 On-The-Fly Computing. She received the PhD in computer science from Paderborn University in 2016. Her research interests include Internet of Things, software architecture, and model-driven & component-based software engineering.
Somayeh Malakuti is senior scientist at the Software Systems and Architecture team at ABB Corporate Research in Ladenburg, Germany. Before, she was a postdoctoral researcher at the chair of software technology at TU Dresden and Twente University, Netherlands, where she also received the PhD in computer science. Her research interests include software architecture of industrial systems, digital twin and Industry 4.0, as well as application of software product lines in industrial environments.
Sören Finster is scientist at the Networks and Devices team at ABB Corporate Research in Ladenburg, Germany. Before, he worked at WIBU-SYSTEMS AG as a IT security architect and lead the embedded security team. He graduated at Karlsruhe Institute of Technology (KIT) with a PhD in Computer Science in 2014. His research interests include embedded industrial security, privacy-enhancing technologies, and Industry 4.0.
References
1. Plattform Industrie 4.0. Technical report, Federal Ministry for Economic Affairs and Energy. http://www.plattform-i40.de/.Search in Google Scholar
2. Aspects of the Research Roadmap in Application Scenarios. Working paper, Plattform Industrie 4.0, July 2016. https://www.plattformi40.de/I40/Redaktion/EN/Downloads/Publikation/aspects-of-the-researchroadmap.pdf.Search in Google Scholar
3. OPC Unified Architecture, release 1.04. Specification, OPC Foundation, November 2017.Search in Google Scholar
4. Security der Verwaltungsschale. Discussion paper, Plattform Industrie 4.0, February 2017. https://www.plattform-i40.de/I40/Redaktion/DE/Downloads/Publikation/security-der-verwaltungsschale.pdf.Search in Google Scholar
5. Sichere Kommunikation für Industrie 4.0. Discussion paper, Plattform Industrie 4.0, June 2017. https://www.plattform-i40.de/I40/Redaktion/DE/Downloads/Publikation/hm-2018-sichere-kommunikation.pdf.Search in Google Scholar
6. Details of the Asset Administration Shell. Specification, Plattform Industrie 4.0, November 2018. https://www.plattform-i40.de/I40/Redaktion/DE/Downloads/Publikation/2018-verwaltungsschale-im-detail.pdf.Search in Google Scholar
7. Sichere Implementierung von OPC UA für Betreiber, Integratoren und Hersteller. Discussion paper, Plattform Industrie 4.0, April 2018. https://www.plattform-i40.de/I40/Redaktion/DE/Downloads/Publikation/hm-2018-opc.pdf.Search in Google Scholar
8. Structure of the Administration Shell. International paper, Plattform Industrie 4.0, April 2018. https://www.plattform-i40.de/I40/Redaktion/EN/Downloads/Publikation/hm-2018-trilaterale-coop.pdf.Search in Google Scholar
9. Randy Armstrong and Paul Hunkar, The OPC UA Security Model For Administrators. Whitepaper, OPC Foundation, July 2010.Search in Google Scholar
10. OPC Foundation. OPC UA—Pioneer of the 4th industrial (r)evolution. Brochure, 2014.Search in Google Scholar
11. T. Gamer, J. Schmitt, R. Braun and A. Schramm, OPC UA-Integrated Authorization Concept for the Industrial Internet of Things (IIoT). In Proceedings of Computing Conference 2018, pp. 1055–1067, Springer, June 2018.10.1007/978-3-030-01174-1_81Search in Google Scholar
12. RDF Working Group. Resource Description Framework (RDF). Specification, W3C, February 2014. https://www.w3.org/RDF/, accessed Oct 2017.Search in Google Scholar
13. R. Huang, F. Liu and Pan Dongbo, Research on OPC UA Security. In Proceedings of 5th IEEE Conference on Industrial Electronics and Applications, pp. 1439–1444, June 2010.10.1109/ICIEA.2010.5514836Search in Google Scholar
14. IEC. Field device integration (FDI)—Part 1: Overview. International Standard 62769-1, May 2015.Search in Google Scholar
15. IEC. Field device integration (FDI)—Part 5: Information Model. International Standard 62769-5, May 2015.Search in Google Scholar
16. IEC. Field device integration (FDI)—Part 6: Device Package. International Standard 62769-6, May 2015.Search in Google Scholar
17. IEC. OPC Unified Architecture—Part 4: Services OPC UA Part 04. Tr, March 2015.Search in Google Scholar
18. IEC. OPC Unified Architecture—Part 1: Overview and concepts. Specification, November 2017.Search in Google Scholar
19. IEC. OPC Unified Architecture—Part 2: Security Model. Specification, August 2018.Search in Google Scholar
20. J. Imtiaz and J. Jasperneite, Scalability of OPC-UA Down to the Chip Level Enables Internet of Things. In Proceedings of 11th IEEE International Conference on Industrial Informatics (INDIN), pp. 500–505, July 2013.10.1109/INDIN.2013.6622935Search in Google Scholar
21. Liam Power and Darek Kominek, Keys To Developing an Embedded UA Server. Whitepaper, Matrikon, 2013.Search in Google Scholar
22. Constantin Wagner, Julian Grothoff, Ulrich Epple, Rainer Drath, Somayeh Malakuti, Sten Grüner, Michael Hoffmeister and Patrick Zimmermann, The role of the Industry 4.0 asset administration shell and the digital twin during the life cycle of a plant. In ETFA 2017, pp. 1–8, 2017.10.1109/ETFA.2017.8247583Search in Google Scholar
23. K. Zeilenga, Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map. RFC 4510, IETF, June 2016.Search in Google Scholar
© 2019 Walter de Gruyter GmbH, Berlin/Boston
