https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Applicability of the IEC 62443 standard in Industry 4.0 / IIoT
aMälardalen University, ABB Industrial Automation, Process Control Platform, Västerås, Sweden.ORCID iD: 0000-0003-2488-5774
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0001-5293-3804
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0002-7235-6888
2019 (English)In: ACM International Conference Proceeding Series, Association for Computing Machinery , 2019Conference paper, Published paper (Refereed)
Abstract [en]

Today’s industrial automation systems are undergoing a digital transformation that implies a shift towards the Internet of Things (IoT), leading to the Industrial Internet of Things (IIoT) paradigm. Existing Industrial Automated Control Systems (IACS), enriched with a potentially large number of IoT devices are expected to make systems more efficient, flexible, provide intelligence, and ultimately enable autonomous control. In general, the majority of such systems come with high level of criticality that calls for well-established methods and approaches when achieving cybersecurity, preferably prescribed by a standard. IEC 62443 is an industrial standard that provides procedures to manage risks related to cybersecurity threats in IACS. Given the new IIoT paradigm, it is likely that existing standards are not sufficiently aligned with the challenges related to developing and maintaining cybersecurity in such systems. In this paper we review the applicability of the IEC 62443 standard in IIoT contexts and discuss potential challenges the process owners might encounter. Our analysis underlines that some areas within the standard could prove difficult to reach compliance with. In particular, handling of cross zone communication and software updates require additional guidance. 

Place, publisher, year, edition, pages
Association for Computing Machinery , 2019.
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:mdh:diva-45365DOI: 10.1145/3339252.3341481ISI: 000552726400101Scopus ID: 2-s2.0-85071722239ISBN: 9781450371643 (print)OAI: oai:DiVA.org:mdh-45365DiVA, id: diva2:1357195
Conference
14th International Conference on Availability, Reliability and Security, ARES 2019; University of KentCanterbury; United Kingdom; 26 August 2019 through 29 August 2019
Available from: 2019-10-03 Created: 2019-10-03 Last updated: 2022-11-08Bibliographically approved
In thesis
1. Access Control for Secure Industry 4.0 Industrial Automation and Control Systems
Open this publication in new window or tab >>Access Control for Secure Industry 4.0 Industrial Automation and Control Systems
2020 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

A significant part of our daily lives is dependent on the continuous operation of Industrial Automation and Control Systems (IACS). They are used to control the processes of delivering electricity and clean water to our households, to run and supervise manufacturing industries that produce things we use every day. Therefore, undisturbed, safe and secure operation of IACS are highly important for us all. A malfunctioning IACS may cause damage to the environment, stop production of goods or disrupt essential infrastructure.

 The ongoing transformations related to the Industry 4.0 paradigm is having a great impact on IACS, forcing a shift from a rigid, hard-wired system architecture towards a service-oriented structure, where different modules can collaborate dynamically to adapt to volatile production requirements. This shift entails a substantial increase in connectivity and is hence potentially increasing exposure of these systems to cybersecurity threats. Understanding potential risks, and protection against such threats are of great importance.

 Access Control is one of the main security mechanisms in a software system, aiming at limiting access to resources to privileged entities. Within IACS, this mechanism is mainly used as means to limit human users’ privileges on system assets. In the dynamic manufacturing systems of Industry 4.0, there is a need to include fine-grained Access Control also between devices, raising a number of issues with regards to policy formulation and management.

 This licentiate thesis contributes towards the overall goal of improving the security of IACS in the evolving systems of Industry 4.0 by (1) discussing high-level security challenges of large industrial IoT systems, (2) assess one of the main standards for IACS cybersecurity from an Industry 4.0 perspective, (3) derive requirements on Access Control models within a smart manufacturing system, and (4) presenting an algorithm for automatic Access Control policy generation within the context of modular automation, based on formal process descriptions.

Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2020
Series
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 296
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-50734 (URN)978-91-7485-478-7 (ISBN)
Presentation
2020-11-13, Zeta+Online/Zoom, Mälardalens högskola, Västerås, 09:00 (English)
Opponent
Supervisors
Funder
Knowledge Foundation
Available from: 2020-09-25 Created: 2020-09-23 Last updated: 2022-11-08Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Causevic, AidaHansson, Hans

Search in DiVA

By author/editor
Leander, BjörnCausevic, AidaHansson, Hans
By organisation
Embedded Systems
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 1423 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf