Options
Loading...
Akademische Titel
Ehemalige FH Mitarbeiterin
Scopus Author ID
57136815200
Status
exstaff
Research Outputs
Now showing 1 - 10 of 15
- PublicationAutomated and Secure Onboarding for System of Systems(IEEE, 2021-08-03)
; ; ; ; ; Delsing, JerkerThe Internet of Things (IoT) is rapidly changing the number of connected devices and the way they interact with each other. This increases the need for an automated and secure onboarding procedure for IoT devices, systems and services. Device manufacturers are entering the market with internet connected devices, ranging from small sensors to production devices, which are subject of security threats specific to IoT. The onboarding procedure is required to introduce a new device in a System of Systems (SoS) without compromising the already onboarded devices and the underlying infrastructure. Onboarding is the process of providing access to the network and registering the components for the first time in an IoT/SoS framework, thus creating a chain of trust from the hardware device to its hosted software systems and their provided services. The large number and diversity of device hardware, software systems and running services raises the challenge to establish a generic onboarding procedure. In this paper, we present an automated and secure onboarding procedure for SoS. We have implemented the onboarding procedure in the Eclipse Arrowhead framework. However, it can be easily adapted for other IoT/SoS frameworks that are based on Service-oriented Architecture (SoA) principles. The automated onboarding procedure ensures a secure and trusted communication between the new IoT devices and the Eclipse Arrowhead framework. We show its application in a smart charging use case and perform a security assessment.154 1Scopus© Citations 7 - PublicationImpact of Critical Infrastructure Requirements on Service Migration Guidelines to the Cloud(IEEE, 2015)
; ; Pallas, FrankA high level of information security in critical infrastructure IT systems and services has to be preserved when migrating their IT services to the cloud. Often various legislative and security constraints have to be met in line with best practice guidelines and international standards to perform the migration. To support the critical infrastructure providers in migrating their services to the cloud we are developing a process based migration guideline for critical infrastructure providers focusing on information security. First of all we investigate, via questionnaires, how the importance of individual security topics covered in such guidelines differentiates between industry stakeholders and critical infrastructure providers. This supports the selection of relevant security topics and the considered guidelines and standards, which we survey in search for common relevant security topics. Subsequently we present the analysis of the above-mentioned security requirements and how they affect a here developed taxonomy for a process-based security guideline. Furthermore we present potential service migration use cases and how our methodology would affect the migration of secure critical infrastructure services.151 1Scopus© Citations 4 - PublicationSelf-Adaptation Applied to MQTT via a Generic Autonomic Management Framework(IEEE, 2019-02)
; ; ; Delsing, JerkerManufacturing enterprises are constantly exploring new ways to improve their own production processes to address the increasing demand of customized production. However, such enterprises show a low degree of flexibility, which mainly results from the need to configure new production equipment at design and run time. In this paper we propose self-adaptation as an approach to improve data transmission flexibility in Industry 4.0 environments. We implement an autonomic manager using a generic autonomic management framework, which applies the most appropriate data transmission configuration based on security and business process related requirements, such as performance. The experimental evaluation is carried out in a MQTT infrastructure and the results show that using self-adaptation can significantly improve the trade-off between security and performance. We then propose to integrate anomaly detection methods as a solution to support self-adaptation by monitoring and learning the normal behavior of an industrial system and show how this can be used by the generic autonomic management framework.471 1Scopus© Citations 4 - PublicationGeneric Autonomic Management as a Service in a SOA-based Framework for Industry 4.0Cyber-physical production systems are engineered systems that are built from, and depend upon, the seamless integration of computational algorithms and physical components. In order to make these systems interoperable with each other for addressing Industry 4.0 applications a number of service-oriented architecture frameworks are developed. Such frameworks are composed by a number of services, which are inherently dynamic by nature and thus imply the need for self-adaptation. In this paper we propose generic autonomic management as a service and show how it can be integrated in the Arrowhead framework. We propose generic and reusable interfaces for each phase of the autonomic control loop in order to increase the usability of the service for other frameworks and application systems, while reducing the software engineering effort. To show the utility of our approach in the Arrowhead framework we use a climate control application as a representative example.
424 1Scopus© Citations 10 - PublicationTowards Resilience Metrics for Future Cloud Applications(2016)
; ; An analysis of new technologies can yield insight into the way these technologies will be used. Inevitably, new technologies and their uses are likely to result in new security issues regarding threats, vulnerabilities and attack vectors. In this paper, we investigate and analyse technological and security trends and their potential to become future threats by systematically examining industry reports on existing technologies. Using a cloud computing use case we identify potential resilience metrics that can shed light on the security properties of the system.147 1Scopus© Citations 4 - PublicationTowards trustworthy end-to-end communication in industry 4.0(IEEE, 2017)
; ; ; ; 173 1Scopus© Citations 13 - PublicationEstablishing a Chain of Trust in a Sporadically Connected Cyber-Physical System(IEEE, 2021-05)
; ; ; ; ; 126 1 - PublicationConnected cars — Threats, vulnerabilities and their impact(IEEE, 2018-05)
; ; ; ; Delsing, JerkerThe growing demand for interoperability between system components within a connected car has led to new security challenges in automotive development. The existing components, based on established technology, are often being combined to form such a connected car. For such established technologies, individual, often sector specific threat and vulnerability catalogs exist. The aim of this paper is to identify blocks of established technologies in a connected car and to consolidate the corresponding threat and vulnerability catalogs relevant for the individual constituent components. These findings are used to estimate the impact on specific system components and subsystems to identify the most crucial components and threats.212 1Scopus© Citations 15 - PublicationTowards Modelling a Cloud Application's Life Cycle(2016-09)
; ; ; ; Wagner, C.149 1Scopus© Citations 2 - PublicationOn the Cost of Security Compliance in Information Systems(International Institute of Informatics and Systemics, 2019)
; ; ; 571 2914