Tauber, Markus

2015, Coulson, Geoff, Mauthe, Andreas, Tauber, Markus

2019-06, Hofbauer, David, Schmittner, Christoph, Brandstetter, Manuela, Tauber, Markus

2022-05, Ivkić, Igor, Sailer, Patrizia, Gouglidis, Antonios, Mauthe, Andreas, Tauber, Markus

Cyber-Physical Systems (CPS) are formed through interconnected components capable of computation, communication, sensing and changing the physical world. The development of these systems poses a significant challenge since they have to be designed in a way to ensure cyber-security without impacting their performance. This article presents the Security Cost Modelling Framework (SCMF) and shows supported by an experimental study how it can be used to measure, normalise and aggregate the overall performance of a CPS. Unlike previous studies, our approach uses different metrics to measure the overall performance of a CPS and provides a methodology for normalising the measurement results of different units to a common Cost Unit. Moreover, we show how the Security Costs can be extracted from the overall performance measurements which allows to quantify the overhead imposed by performing security-related tasks. Furthermore, we describe the architecture of our experimental testbed and demonstrate the applicability of SCMF in an experimental study. Our results show that measuring the overall performance and extracting the security costs using SCMF can serve as basis to redesign interactions to achieve the same overall goal at less costs.

2017-12, Ivkić, Igor, Wolfauer, Stephan, Oberhofer, Thomas, Tauber, Markus

In a world, as complex and constantly changing as ours cloud computing is a driving force for shaping the IT landscape and changing the way we do business. Current trends show a world of people, things and services all digitally interconnected via the Internet of Things (IoT). This applies in particular to an industrial environment where smart devices and intelligent services pave the way for smart factories and smart businesses. This paper investigates in a use case driven study the potential of making use of smart devices to enable direct, automated and voice-controlled smart businesses. Furthermore, the paper presents an initial investigation on methodologies for measuring costs of cyber security controls for cloud services.

2022, Ani Bicaku, Mario Zsilak, Theiler, Peter, Markus Tauber, Jerker Delsing

2014-08-27, Hudic, A., Mauthe, A., Caceres, S., Hecht, T., Tauber, Markus

The momentum behind Cloud Computing has revolutionized how ICT services are provided, adopted and delivered. Features such as high scalability, fast provisioning, on demand resource availability makes it an attractive proposition for deploying complex and demanding systems. Clouds are also very suitable for deploying systems with unpredictable load patterns including Critical infrastructure services. Though, the major obstacle in hosting Critical infrastructures is often a lack of assurance. The transparency and flexibility offered by the Cloud, abstracts per definition over e.g. data placement, hardware, service migration. This makes it very hard to assure security properties. We present an investigation of assurance approaches, an analysis of their suitability for Critical Infrastructure Services being deployed in the Cloud and presents our approach.

2019-02, Maksuti, Silia, Schluga, Oliver, Settanni, Giuseppe, Tauber, Markus, Delsing, Jerker

Manufacturing enterprises are constantly exploring new ways to improve their own production processes to address the increasing demand of customized production. However, such enterprises show a low degree of flexibility, which mainly results from the need to configure new production equipment at design and run time. In this paper we propose self-adaptation as an approach to improve data transmission flexibility in Industry 4.0 environments. We implement an autonomic manager using a generic autonomic management framework, which applies the most appropriate data transmission configuration based on security and business process related requirements, such as performance. The experimental evaluation is carried out in a MQTT infrastructure and the results show that using self-adaptation can significantly improve the trade-off between security and performance. We then propose to integrate anomaly detection methods as a solution to support self-adaptation by monitoring and learning the normal behavior of an industrial system and show how this can be used by the generic autonomic management framework.

2021-06-30, Sailer, Patrizia, Ivkić, Igor, Tauber, Markus, Mauthe, Andreas, Gouglidis, Antonios

The importance of Cyber Physical Systems (CPS) and Internet of Things (IoT) applications is constantly increasing, especially in the context of Industry 4.0. Architectural decisions are crucial not just for performance, security and resilience reasons but also regarding costs and resource usage. In this paper we analyse two of the fundamental approaches to design control loops (i.e. time-driven and event-driven), show how they can be realised and evaluate their power requirements. Through this the design criteria can be extended also considering the optimization of energy related aspects.

2017-12, Bauer, Elisabeth, Schluga, Oliver, Maksuti, Silia, Bicaku, Ani, Hofbauer, David, Ivkić, Igor, Wöhrer, Alexander, Tauber, Markus

The popularity of cloud based Infrastructure-as-a- Service (IaaS) solutions is becoming increasingly popular. However, since IaaS providers and customers interact in a flexible and scalable environment, security remains a serious concern. To handle such security issues, defining a set of security parameters in the service level agreements (SLA) between both, IaaS provider and customer, is of utmost importance. In this paper, the European Network and Information Security Agency (ENISA) guidelines are evaluated to extract a set of security parameters for IaaS. Furthermore, the level of applicability and implementation of this set is used to assess popular industrial and open-source IaaS cloud platforms, respectively VMware and OpenStack. Both platforms provide private clouds, used as backend infrastructures in Industry 4.0 application scenarios. The results serve as initial work to identify a security baseline and research needs for creating secure cloud environments for Industry 4.0.

2013, Tauber, Markus, Bhatti, S. N., Melnikov, N., Schoenwaelder, J.