Supporting the integration of new security features in embedded control devices through the digitalization of production

Tobias Rauter; Johannes Iber; Michael Krisper; Christian Kreiner

doi:10.1007/978-3-319-64218-5_30

Supporting the integration of new security features in embedded control devices through the digitalization of production

Tobias Rauter^*, Johannes Iber, Michael Krisper, Christian Kreiner

^*Korrespondierende/r Autor/-in für diese Arbeit

Institut für Technische Informatik (4480)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

Security is a vital property of Industrial Control Systems (ICS), especially in the context of critical infrastructure. In this work, we focus on distributed control devices for hydro-electric power plants. Much work has been done for specific lifecylce phases of distributed control devices such as development or operational phase. Our aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages. At the same time, recent trends such as the digitization of production is an enabler of production process extensions that support the integration of such security features during the operational phase of a control devices. In particular, we propose a security concept that enables assurance of the integrity of software components and product configuration of other control devices in the same network. Moreover, we show how these concepts result in additional requirements for the production stages. We show how we meet these requirements and focus on a production process by extending previously proposed methods that enable the commissioning of secrets such as private keys during the manufacturing phase. We extend this process by extracting information about the configurations of the actually produced devices during production. Based on this information, the proposed security techniques can be integrated without considerable overhead for bootstrapping.

Originalsprache	englisch
Titel	Systems, Software and Services Process Improvement - 24th European Conference, EuroSPI 2017, Proceedings
Herausgeber (Verlag)	Springer-Verlag Italia
Seiten	360-371
Seitenumfang	12
Band	748
ISBN (Print)	9783319642178
DOIs	https://doi.org/10.1007/978-3-319-64218-5_30
Publikationsstatus	Veröffentlicht - 2017
Veranstaltung	24th European Conference on Systems, Software and Services Process Improvement: EuroSPI 2017 - VSB - Technical University of Ostrava, Ostrava, Tschechische Republik Dauer: 6 Sept. 2017 → 8 Sept. 2017 Konferenznummer: 24 http://2017.eurospi.net/

Publikationsreihe

Name	Communications in Computer and Information Science
Band	748
ISSN (Print)	1865-0929

Konferenz

Konferenz	24th European Conference on Systems, Software and Services Process Improvement
Kurztitel	EuroSPI 2017
Land/Gebiet	Tschechische Republik
Ort	Ostrava
Zeitraum	6/09/17 → 8/09/17
Internetadresse	http://2017.eurospi.net/

ASJC Scopus subject areas

Informatik (insg.)
Mathematik (insg.)

Zugriff auf Dokument

10.1007/978-3-319-64218-5_30

Andere Dateien und Links

http://www.scopus.com/inward/record.url?scp=85030625072&partnerID=8YFLogxK

1 Abgeschlossen
1 Laufend

Industrial Informatics
Macher, G., Dobaj, J., Krug, T., Blažević, R. & Veledar, O.
1/09/12 → …
Projekt: Arbeitsgebiet
AH-HyUnify - Steuerungsplattform für Stromerzeugung aus Wasserkraft
Kreiner, C. J., Rauter, T., Hölbling, A. & Iber, J.
1/11/14 → 31/10/17
Projekt: Forschungsprojekt

Dieses zitieren

Rauter, T., Iber, J., Krisper, M., & Kreiner, C. (2017). Supporting the integration of new security features in embedded control devices through the digitalization of production. in Systems, Software and Services Process Improvement - 24th European Conference, EuroSPI 2017, Proceedings (Band 748, S. 360-371). (Communications in Computer and Information Science; Band 748). Springer-Verlag Italia. https://doi.org/10.1007/978-3-319-64218-5_30

Supporting the integration of new security features in embedded control devices through the digitalization of production. / Rauter, Tobias; Iber, Johannes; Krisper, Michael et al.
Systems, Software and Services Process Improvement - 24th European Conference, EuroSPI 2017, Proceedings. Band 748 Springer-Verlag Italia, 2017. S. 360-371 (Communications in Computer and Information Science; Band 748).

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Rauter, T, Iber, J, Krisper, M & Kreiner, C 2017, Supporting the integration of new security features in embedded control devices through the digitalization of production. in Systems, Software and Services Process Improvement - 24th European Conference, EuroSPI 2017, Proceedings. Bd. 748, Communications in Computer and Information Science, Bd. 748, Springer-Verlag Italia, S. 360-371, 24th European Conference on Systems, Software and Services Process Improvement, Ostrava, Tschechische Republik, 6/09/17. https://doi.org/10.1007/978-3-319-64218-5_30

Rauter T, Iber J, Krisper M, Kreiner C. Supporting the integration of new security features in embedded control devices through the digitalization of production. in Systems, Software and Services Process Improvement - 24th European Conference, EuroSPI 2017, Proceedings. Band 748. Springer-Verlag Italia. 2017. S. 360-371. (Communications in Computer and Information Science). doi: 10.1007/978-3-319-64218-5_30

Rauter, Tobias ; Iber, Johannes ; Krisper, Michael et al. / Supporting the integration of new security features in embedded control devices through the digitalization of production. Systems, Software and Services Process Improvement - 24th European Conference, EuroSPI 2017, Proceedings. Band 748 Springer-Verlag Italia, 2017. S. 360-371 (Communications in Computer and Information Science).

@inproceedings{75bbb5b1ff5f40ebbcf0b26a7b3ed485,

title = "Supporting the integration of new security features in embedded control devices through the digitalization of production",

abstract = "Security is a vital property of Industrial Control Systems (ICS), especially in the context of critical infrastructure. In this work, we focus on distributed control devices for hydro-electric power plants. Much work has been done for specific lifecylce phases of distributed control devices such as development or operational phase. Our aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages. At the same time, recent trends such as the digitization of production is an enabler of production process extensions that support the integration of such security features during the operational phase of a control devices. In particular, we propose a security concept that enables assurance of the integrity of software components and product configuration of other control devices in the same network. Moreover, we show how these concepts result in additional requirements for the production stages. We show how we meet these requirements and focus on a production process by extending previously proposed methods that enable the commissioning of secrets such as private keys during the manufacturing phase. We extend this process by extracting information about the configurations of the actually produced devices during production. Based on this information, the proposed security techniques can be integrated without considerable overhead for bootstrapping.",

author = "Tobias Rauter and Johannes Iber and Michael Krisper and Christian Kreiner",

year = "2017",

doi = "10.1007/978-3-319-64218-5_30",

language = "English",

isbn = "9783319642178",

volume = "748",

series = "Communications in Computer and Information Science",

publisher = "Springer-Verlag Italia",

pages = "360--371",

booktitle = "Systems, Software and Services Process Improvement - 24th European Conference, EuroSPI 2017, Proceedings",

address = "Italy",

note = "24th European Conference on Systems, Software and Services Process Improvement : EuroSPI 2017, EuroSPI 2017 ; Conference date: 06-09-2017 Through 08-09-2017",

url = "http://2017.eurospi.net/",

}

TY - GEN

T1 - Supporting the integration of new security features in embedded control devices through the digitalization of production

AU - Rauter, Tobias

AU - Iber, Johannes

AU - Krisper, Michael

AU - Kreiner, Christian

N1 - Conference code: 24

PY - 2017

Y1 - 2017

N2 - Security is a vital property of Industrial Control Systems (ICS), especially in the context of critical infrastructure. In this work, we focus on distributed control devices for hydro-electric power plants. Much work has been done for specific lifecylce phases of distributed control devices such as development or operational phase. Our aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages. At the same time, recent trends such as the digitization of production is an enabler of production process extensions that support the integration of such security features during the operational phase of a control devices. In particular, we propose a security concept that enables assurance of the integrity of software components and product configuration of other control devices in the same network. Moreover, we show how these concepts result in additional requirements for the production stages. We show how we meet these requirements and focus on a production process by extending previously proposed methods that enable the commissioning of secrets such as private keys during the manufacturing phase. We extend this process by extracting information about the configurations of the actually produced devices during production. Based on this information, the proposed security techniques can be integrated without considerable overhead for bootstrapping.

AB - Security is a vital property of Industrial Control Systems (ICS), especially in the context of critical infrastructure. In this work, we focus on distributed control devices for hydro-electric power plants. Much work has been done for specific lifecylce phases of distributed control devices such as development or operational phase. Our aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages. At the same time, recent trends such as the digitization of production is an enabler of production process extensions that support the integration of such security features during the operational phase of a control devices. In particular, we propose a security concept that enables assurance of the integrity of software components and product configuration of other control devices in the same network. Moreover, we show how these concepts result in additional requirements for the production stages. We show how we meet these requirements and focus on a production process by extending previously proposed methods that enable the commissioning of secrets such as private keys during the manufacturing phase. We extend this process by extracting information about the configurations of the actually produced devices during production. Based on this information, the proposed security techniques can be integrated without considerable overhead for bootstrapping.

UR - http://www.scopus.com/inward/record.url?scp=85030625072&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-64218-5_30

DO - 10.1007/978-3-319-64218-5_30

M3 - Conference paper

AN - SCOPUS:85030625072

SN - 9783319642178

VL - 748

T3 - Communications in Computer and Information Science

SP - 360

EP - 371

BT - Systems, Software and Services Process Improvement - 24th European Conference, EuroSPI 2017, Proceedings

PB - Springer-Verlag Italia

T2 - 24th European Conference on Systems, Software and Services Process Improvement

Y2 - 6 September 2017 through 8 September 2017

ER -

Supporting the integration of new security features in embedded control devices through the digitalization of production

Abstract

Publikationsreihe

Konferenz

ASJC Scopus subject areas

Zugriff auf Dokument

Andere Dateien und Links

Fingerprint

Projekte

Industrial Informatics

AH-HyUnify - Steuerungsplattform für Stromerzeugung aus Wasserkraft

Dieses zitieren