Research Outputs

2022 2022 2021 2021 2020 2020 2019 2019 2018 2018 2017 2017 0.0 0.0 0.5 0.5 1.0 1.0 1.5 1.5 2.0 2.0 2.5 2.5 3.0 3.0
Now showing 1 - 10 of 12
  • Publication
    Establishing a Chain of Trust in a Sporadically Connected Cyber-Physical System
    (IEEE, 2021-05) ; ; ;
    Stummer, Anna 
    ;
    ; ;
    Pirker, Dominic 
    ;
    Schmittner, Christoph 
    ;
    Delsing, Jerker 
    Drone based applications have progressed significantly in recent years across many industries, including agriculture. This paper proposes a sporadically connected cyber-physical system for assisting winemakers and minimizing the travel time to remote and poorly connected infrastructures. A set of representative diseases and conditions, which will be monitored by land-bound sensors in combination with multispectral images, is identified. To collect accurate data, a trustworthy and secured communication of the drone with the sensors and the base station should be established. We propose to use an Internet of Things framework for establishing a chain of trust by securely onboarding drones, sensors and base station, and providing self-adaptation support for the use case. Furthermore, we perform a security analysis of the use case for identifying potential threats and security controls that should be in place for mitigating them.
      126  1
  • Publication
    Monitoring Industry 4.0 Applications for Security and Safety Standard Compliance
    (IEEE, 2018-05) ;
    Schmittner, Christoph 
    ;
    ;
    Delsing, Jerker 
    In Industry 4.0 independent entities shall inter-operate to allow flexible and customized production. To assure the parties that individual components are secured to inter-operate, we investigate automated standard compliance. The standard compliance is defined based on given sets of security and safety requirements from which are derived measurable indicator points. Those reflect configurations of systems recommended by security, safety or legally relevant standards and guidelines, which help to demonstrate the state of compliance. We propose in this paper an initial approach to automate such assessment when components are inter-operating with each other by using a monitoring and standard compliance verification framework. This will assure the parties that services or devices within their organizations operate in a secure and standard compliant way, without compromising the underlying infrastructure.
      176  1Scopus© Citations 19
  • Publication
    Generic Autonomic Management as a Service in a SOA-based Framework for Industry 4.0
    (IEEE, 2019-10) ; ;
    Delsing, Jerker 
    Cyber-physical production systems are engineered systems that are built from, and depend upon, the seamless integration of computational algorithms and physical components. In order to make these systems interoperable with each other for addressing Industry 4.0 applications a number of service-oriented architecture frameworks are developed. Such frameworks are composed by a number of services, which are inherently dynamic by nature and thus imply the need for self-adaptation. In this paper we propose generic autonomic management as a service and show how it can be integrated in the Arrowhead framework. We propose generic and reusable interfaces for each phase of the autonomic control loop in order to increase the usability of the service for other frameworks and application systems, while reducing the software engineering effort. To show the utility of our approach in the Arrowhead framework we use a climate control application as a representative example.
      424  1Scopus© Citations 10
  • Publication
    Self-Adaptation Applied to MQTT via a Generic Autonomic Management Framework
    (IEEE, 2019-02) ; ;
    Settanni, Giuseppe 
    ;
    ;
    Delsing, Jerker 
    Manufacturing enterprises are constantly exploring new ways to improve their own production processes to address the increasing demand of customized production. However, such enterprises show a low degree of flexibility, which mainly results from the need to configure new production equipment at design and run time. In this paper we propose self-adaptation as an approach to improve data transmission flexibility in Industry 4.0 environments. We implement an autonomic manager using a generic autonomic management framework, which applies the most appropriate data transmission configuration based on security and business process related requirements, such as performance. The experimental evaluation is carried out in a MQTT infrastructure and the results show that using self-adaptation can significantly improve the trade-off between security and performance. We then propose to integrate anomaly detection methods as a solution to support self-adaptation by monitoring and learning the normal behavior of an industrial system and show how this can be used by the generic autonomic management framework.
      471  1Scopus© Citations 4
  • Publication
    Towards trustworthy end-to-end communication in industry 4.0
    (IEEE, 2017) ; ; ; ;
    Matischek, Rainer 
    ;
    Schmittner, Christoph 
    ;
    Mantas, Georgios 
    ;
    Thron, Mario 
    ;
    Delsing, Jerker 
    Industry 4.0 considers integration of IT and control systems with physical objects, software, sensors and connectivity in order to optimize manufacturing processes. It provides advanced functionalities in control and communication for an infrastructure that handles multiple tasks in various locations automatically. Automatic actions require information from trustworthy sources. Thus, this work is focused on how to ensure trustworthy communication from the edge devices to the backend infrastructure. We derive a meta-model based on RAMI 4.0, which is used to describe an end-to-end communication use case for an Industry 4.0 application scenario and to identify dependabilities in case of security challenges. Furthermore, we evaluate secure messaging protocols and the integration of Trusted Platform Module (TPM) as a root of trust for dataexchange. We define a set of representative measurable indicator points based on existing standards and use them for automated dependability detection within the whole system.
      173  1Scopus© Citations 14
  • Publication
    Automated and Secure Onboarding for System of Systems
    (IEEE, 2021-08-03) ; ; ; ;
    Péceli, Bálint 
    ;
    Singler, Gábor 
    ;
    Kovács, Kristóf 
    ;
    ;
    Delsing, Jerker 
    The Internet of Things (IoT) is rapidly changing the number of connected devices and the way they interact with each other. This increases the need for an automated and secure onboarding procedure for IoT devices, systems and services. Device manufacturers are entering the market with internet connected devices, ranging from small sensors to production devices, which are subject of security threats specific to IoT. The onboarding procedure is required to introduce a new device in a System of Systems (SoS) without compromising the already onboarded devices and the underlying infrastructure. Onboarding is the process of providing access to the network and registering the components for the first time in an IoT/SoS framework, thus creating a chain of trust from the hardware device to its hosted software systems and their provided services. The large number and diversity of device hardware, software systems and running services raises the challenge to establish a generic onboarding procedure. In this paper, we present an automated and secure onboarding procedure for SoS. We have implemented the onboarding procedure in the Eclipse Arrowhead framework. However, it can be easily adapted for other IoT/SoS frameworks that are based on Service-oriented Architecture (SoA) principles. The automated onboarding procedure ensures a secure and trusted communication between the new IoT devices and the Eclipse Arrowhead framework. We show its application in a smart charging use case and perform a security assessment.
      154  1Scopus© Citations 9
  • Publication
    Towards flexible and secure end-to-end communication in industry 4.0
    (IEEE, 2017) ; ; ; ;
    Haas, Sarah 
    ;
    Delsing, Jerker 
    The digital transformation of industrial production is driven by the advance of cyber-physical production systems (CPPS) within which raw materials, machines and operations are interconnected to form a sophisticated network. Making such systems self-adaptable is a priority concern for the future implementation of Industry 4.0 application scenarios. In this position paper, we design a meta-model and use it as a tool to describe an end-to-end communication use case from an ongoing research project. Based on this use case we develop a business process performance and security trade-off model, which shows that maximazing both parameters at the same time is not possible, thus an efficient balance between them has to be achieved. Motivated by the result, we propose self adaptation as a solution towards a flexible and secure end-to-end communication in Industry 4.0. To identify and document the self-adaptation points in a structured methodological and lightweight way we use the bespoken meta-model.
      118  165Scopus© Citations 16
  • Publication
    Engineering of IoT automation system
    (CRC Press, 2017)
    Carlsson, Oscar 
    ;
    Vera, Daniel 
    ;
    Arceredillo, Eduardo 
    ;
    ;
    Bilal, Ahmad 
    ;
    Schmittner, Christoph 
    ;
    Plosz, Sandor 
    ;
    Ruprechter, Thomas 
    ;
    Aldrian, Andreas 
    ;
    Delsing, Jerker 
      184
  • Publication
    Connected cars — Threats, vulnerabilities and their impact
    (IEEE, 2018-05) ; ;
    Schmittner, Christoph 
    ;
    ; ;
    Delsing, Jerker 
    The growing demand for interoperability between system components within a connected car has led to new security challenges in automotive development. The existing components, based on established technology, are often being combined to form such a connected car. For such established technologies, individual, often sector specific threat and vulnerability catalogs exist. The aim of this paper is to identify blocks of established technologies in a connected car and to consolidate the corresponding threat and vulnerability catalogs relevant for the individual constituent components. These findings are used to estimate the impact on specific system components and subsystems to identify the most crucial components and threats.
      216  1Scopus© Citations 15
  • Publication
    Security standard compliance and continuous verification for Industrial Internet of Things
    (Sage, 2020) ; ;
    Delsing, Jerker 
    Due to globalization and digitalization of industrial systems, standard compliance is gaining more attention. In order to stay competitive and remain in business, different sectors within industry are required to comply with multiple regulations. Compliance aims to fulfill regulations by including all measures imposed by laws and standards. Every device, application, or service implements several technologies at many levels, and standards support interoperability across them. They help to create global markets for industries and enable networked development in order to be successful and sustainable. This work highlights the importance of standard compliance and continuous verification in industrial Internet of Things and implements an automatic monitoring and standard compliance verification framework. In this work, we focus on security, safety, and organizational aspects of industrial Internet of Things. We identify a number of standards and best practice guidelines, which are used to extract security, safety, and organizational measurable indicator points. In addition, a metric model is provided that forms the basis for the necessary information needed for compliance verification, including requirements, standards, and metrics. Also, we present the prototype of the monitoring and standard compliance verification framework used to show the security compliance of an industrial Internet of Things use case.
      122  1829Scopus© Citations 16