Supporting the integration of new security features in embedded control devices through the digitalization of production

Tobias Rauter, Christian Kreiner

Research output: Contribution to conference(Old data) Lecture or PresentationResearchpeer-review

Abstract

Security is a vital property of Industrial Control Systems (ICS), especially in the context of critical infrastructure. In this work, we focus on distributed control devices for hydro-electric power plants. Much work has been done for specific lifecylce phases of distributed control devices such as development or operational phase. Our aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages. At the same time, recent trends such as the digitization of production is an enabler of production process extensions that support the integration of such security features during the operational phase of a control devices. In particular, we propose a security concept that enables assurance of the integrity of software components and product configuration of other control devices in the same network. Moreover, we show how these concepts result in additional requirements for the production stages. We show how we meet these requirements and focus on a production process by extending previously proposed methods that enable the commissioning of secrets such as private keys during the manufacturing phase. We extend this process by extracting information about the configurations of the actually produced devices during production. Based on this information, the proposed security techniques can be integrated without considerable overhead for bootstrapping.

Conference

Conference24th European Conference on Systems, Software and Services Process Improvement, EuroSPI 2017
Abbreviated titleEuroSPI 2017
CountryCzech Republic
CityOstrava
Period6/09/178/09/17
Internet address

Fingerprint

Distributed Control
Life Cycle
Hydroelectric power plants
Critical infrastructures
Critical Infrastructure
Digitization
Configuration
Commissioning
Analog to digital conversion
Bootstrapping
Requirements
Power Plant
Software Components
Integrity
Manufacturing
Control System
Entire
Control systems
Concepts
Context

ASJC Scopus subject areas

  • Computer Science(all)
  • Mathematics(all)

Cite this

Rauter, T., & Kreiner, C. (2017). Supporting the integration of new security features in embedded control devices through the digitalization of production. 24th European Conference on Systems, Software and Services Process Improvement, EuroSPI 2017, Ostrava, Czech Republic.DOI: 10.1007/978-3-319-64218-5_30

Supporting the integration of new security features in embedded control devices through the digitalization of production. / Rauter, Tobias; Kreiner, Christian.

2017. 24th European Conference on Systems, Software and Services Process Improvement, EuroSPI 2017, Ostrava, Czech Republic.

Research output: Contribution to conference(Old data) Lecture or PresentationResearchpeer-review

Rauter, T & Kreiner, C 2017, 'Supporting the integration of new security features in embedded control devices through the digitalization of production' 24th European Conference on Systems, Software and Services Process Improvement, EuroSPI 2017, Ostrava, Czech Republic, 6/09/17 - 8/09/17, . DOI: 10.1007/978-3-319-64218-5_30
Rauter T, Kreiner C. Supporting the integration of new security features in embedded control devices through the digitalization of production. 2017. 24th European Conference on Systems, Software and Services Process Improvement, EuroSPI 2017, Ostrava, Czech Republic. Available from, DOI: 10.1007/978-3-319-64218-5_30
Rauter, Tobias ; Kreiner, Christian. / Supporting the integration of new security features in embedded control devices through the digitalization of production. 24th European Conference on Systems, Software and Services Process Improvement, EuroSPI 2017, Ostrava, Czech Republic.
@conference{1d27db1a011643b7bdf6fe4f882994ff,
title = "Supporting the integration of new security features in embedded control devices through the digitalization of production",
abstract = "Security is a vital property of Industrial Control Systems (ICS), especially in the context of critical infrastructure. In this work, we focus on distributed control devices for hydro-electric power plants. Much work has been done for specific lifecylce phases of distributed control devices such as development or operational phase. Our aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages. At the same time, recent trends such as the digitization of production is an enabler of production process extensions that support the integration of such security features during the operational phase of a control devices. In particular, we propose a security concept that enables assurance of the integrity of software components and product configuration of other control devices in the same network. Moreover, we show how these concepts result in additional requirements for the production stages. We show how we meet these requirements and focus on a production process by extending previously proposed methods that enable the commissioning of secrets such as private keys during the manufacturing phase. We extend this process by extracting information about the configurations of the actually produced devices during production. Based on this information, the proposed security techniques can be integrated without considerable overhead for bootstrapping.",
author = "Tobias Rauter and Christian Kreiner",
year = "2017",
doi = "10.1007/978-3-319-64218-5_30",
language = "English",
note = "24th European Conference on Systems, Software and Services Process Improvement, EuroSPI 2017, EuroSPI 2017 ; Conference date: 06-09-2017 Through 08-09-2017",
url = "http://2017.eurospi.net/",

}

TY - CONF

T1 - Supporting the integration of new security features in embedded control devices through the digitalization of production

AU - Rauter,Tobias

AU - Kreiner,Christian

PY - 2017

Y1 - 2017

N2 - Security is a vital property of Industrial Control Systems (ICS), especially in the context of critical infrastructure. In this work, we focus on distributed control devices for hydro-electric power plants. Much work has been done for specific lifecylce phases of distributed control devices such as development or operational phase. Our aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages. At the same time, recent trends such as the digitization of production is an enabler of production process extensions that support the integration of such security features during the operational phase of a control devices. In particular, we propose a security concept that enables assurance of the integrity of software components and product configuration of other control devices in the same network. Moreover, we show how these concepts result in additional requirements for the production stages. We show how we meet these requirements and focus on a production process by extending previously proposed methods that enable the commissioning of secrets such as private keys during the manufacturing phase. We extend this process by extracting information about the configurations of the actually produced devices during production. Based on this information, the proposed security techniques can be integrated without considerable overhead for bootstrapping.

AB - Security is a vital property of Industrial Control Systems (ICS), especially in the context of critical infrastructure. In this work, we focus on distributed control devices for hydro-electric power plants. Much work has been done for specific lifecylce phases of distributed control devices such as development or operational phase. Our aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages. At the same time, recent trends such as the digitization of production is an enabler of production process extensions that support the integration of such security features during the operational phase of a control devices. In particular, we propose a security concept that enables assurance of the integrity of software components and product configuration of other control devices in the same network. Moreover, we show how these concepts result in additional requirements for the production stages. We show how we meet these requirements and focus on a production process by extending previously proposed methods that enable the commissioning of secrets such as private keys during the manufacturing phase. We extend this process by extracting information about the configurations of the actually produced devices during production. Based on this information, the proposed security techniques can be integrated without considerable overhead for bootstrapping.

UR - http://www.scopus.com/inward/record.url?scp=85030625072&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-64218-5_30

DO - 10.1007/978-3-319-64218-5_30

M3 - (Old data) Lecture or Presentation

ER -