Options
Tauber, Markus
Research Outputs
Towards a Security Baseline for IaaS-Cloud Back-Ends in Industry 4.0
2017-12, Bauer, Elisabeth, Schluga, Oliver, Maksuti, Silia, Bicaku, Ani, Hofbauer, David, Ivkić, Igor, Wöhrer, Alexander, Tauber, Markus
The popularity of cloud based Infrastructure-as-a- Service (IaaS) solutions is becoming increasingly popular. However, since IaaS providers and customers interact in a flexible and scalable environment, security remains a serious concern. To handle such security issues, defining a set of security parameters in the service level agreements (SLA) between both, IaaS provider and customer, is of utmost importance. In this paper, the European Network and Information Security Agency (ENISA) guidelines are evaluated to extract a set of security parameters for IaaS. Furthermore, the level of applicability and implementation of this set is used to assess popular industrial and open-source IaaS cloud platforms, respectively VMware and OpenStack. Both platforms provide private clouds, used as backend infrastructures in Industry 4.0 application scenarios. The results serve as initial work to identify a security baseline and research needs for creating secure cloud environments for Industry 4.0.
Operations security evaluation of IaaS-cloud backend for industry 4.0
2018-03, Schluga, Oliver, Bauer, Elisabeth, Bicaku, Ani, Maksuti, Silia, Tauber, Markus, Wöhler, Alexander
The fast growing number of cloud based Infrastructure-as-a-Service instances raises the question, how the operations security depending on the underlying cloud computing infrastructure can be sustained and guaranteed. Security standards provide guidelines for information security controls applicable to the provision and use of the cloud services. The objectives of operations security are to support planning and sustaining of day-to-day processes that are critical with respect to security of information environments. In this work we provide a detailed analysis of ISO 27017 standard regarding security controls and investigate how well popular cloud platforms can cater for them. The resulting gap of support for individual security controls is furthermore compared with outcomes of recent cloud security research projects. Hence the contribution is twofold, first we identify a set of topics that still require research and development and secondly, as a practical output, we provide a comparison of popular industrial and open-source platforms focusing on private cloud environments, which are important for Industry 4.0 use cases.
Monitoring Industry 4.0 Applications for Security and Safety Standard Compliance
2018-05, Bicaku, Ani, Schmittner, Christoph, Tauber, Markus, Delsing, Jerker
In Industry 4.0 independent entities shall inter-operate to allow flexible and customized production. To assure the parties that individual components are secured to inter-operate, we investigate automated standard compliance. The standard compliance is defined based on given sets of security and safety requirements from which are derived measurable indicator points. Those reflect configurations of systems recommended by security, safety or legally relevant standards and guidelines, which help to demonstrate the state of compliance. We propose in this paper an initial approach to automate such assessment when components are inter-operating with each other by using a monitoring and standard compliance verification framework. This will assure the parties that services or devices within their organizations operate in a secure and standard compliant way, without compromising the underlying infrastructure.
Towards trustworthy end-to-end communication in industry 4.0
2017, Bicaku, Ani, Maksuti, Silia, Palkovits-Rauter, Silke, Tauber, Markus, Matischek, Rainer, Schmittner, Christoph, Mantas, Georgios, Thron, Mario, Delsing, Jerker
Industry 4.0 considers integration of IT and control systems with physical objects, software, sensors and connectivity in order to optimize manufacturing processes. It provides advanced functionalities in control and communication for an infrastructure that handles multiple tasks in various locations automatically. Automatic actions require information from trustworthy sources. Thus, this work is focused on how to ensure trustworthy communication from the edge devices to the backend infrastructure. We derive a meta-model based on RAMI 4.0, which is used to describe an end-to-end communication use case for an Industry 4.0 application scenario and to identify dependabilities in case of security challenges. Furthermore, we evaluate secure messaging protocols and the integration of Trusted Platform Module (TPM) as a root of trust for dataexchange. We define a set of representative measurable indicator points based on existing standards and use them for automated dependability detection within the whole system.