mdh.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Reusability assessment of financial card readers’ security mechanisms in process control devices
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. (IS (Embedded Systems))ORCID iD: 0000-0002-5361-2196
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. (IS (Embedded Systems))ORCID iD: 0000-0002-7159-7508
ABB AB.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. (IS (Embedded Systems))ORCID iD: 0000-0002-2419-2735
Show others and affiliations
2013 (English)In: IEEE International Conference on Industrial Informatics, 2013, p. 494-499Conference paper, Published paper (Refereed)
Abstract [en]

The security of industrial plants has gained a lot of importance since the last decade. The reason is that the different components from different network layers of automation systems have become inter-connected to support fast and cost-effective decisions at the management level. This inter-connectivity has posed many security challenges in this industrial segment. To achieve effective security mechanisms in industrial plants, there is a need to learn from other existing domains, matured in terms of security, whether existing matured security solutions can be reused in the industrial automation domain. The financial sector is a segment where security has been carefully managed since a long time, as security is very important for that sector. Therefore it would be beneficial to evaluate the security mechanisms present in financial card readers which are involved in financial transactions because these card readers have many similar characteristics with industrial process control devices. In this paper, the security requirements for both the field devices of industrial plants and card reader terminals of the financial sector have been evaluated to understand the security gap so that we can identify the areas where the security needs of industrial plants must be improved and where some of the existing security features of card reader terminals can be reused in field devices of industrial plants.

Place, publisher, year, edition, pages
2013. p. 494-499
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:mdh:diva-22248DOI: 10.1109/INDIN.2013.6622934Scopus ID: 2-s2.0-84889002420ISBN: 978-1-4799-0752-6 (print)OAI: oai:DiVA.org:mdh-22248DiVA, id: diva2:661765
Conference
2013 11th IEEE International Conference on Industrial Informatics (INDIN), 29-31 July 2013, Bochum, Germany
Projects
ITS-EASY Post Graduate School for Embedded Software and SystemsAvailable from: 2013-11-04 Created: 2013-10-31 Last updated: 2015-11-09Bibliographically approved
In thesis
1. Initial Trust Establishment for Heterogeneous Industrial Communication Networks
Open this publication in new window or tab >>Initial Trust Establishment for Heterogeneous Industrial Communication Networks
2014 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

The severity of cyber threats towards existing and future industrial systems has resulted in an increase of security awareness in the industrial automation domain. Compared to traditional information security, industrial communication systems have different performance and reliability requirements. The safety and availability requirements can also sometimes conflict with the system security design of plants. For instance, it is not acceptable to create a secure system which may take up additional time to establish security and as a consequence disrupt the production in plants. Similarly, a system which requires authentication and authorization procedures before any emergency action may not be suitable in industrial plants.

Therefore, there is a need for improvement of the security workflow in industrial plants, so that the security can be realized in practice. This also leads to the requirement of secure device deployment and secure data communication inside the industrial plants. In this thesis, the focus is on the initial trust establishment in industrial devices. The initial trust establishment is the starting point for enabling a secure communication infrastructure. Reusability analysis with financial sectors has been considered as the reuse of security solutions from this adjacent application domain can be a simple and an effective way to achieve the desired system security. Through this analysis, the reusability features have been identified and workflows have been proposed which can be used to bootstrap initial trust in the industrial process control devices and manage security workflow. A proof-of-concept implementation to prove the feasibility of the device deployment workflow has also been provided.

Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2014
Series
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 175
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-24945 (URN)978-91-7485-149-6 (ISBN)
Presentation
2014-06-16, Kappa, Mälardalens högskola, Västerås, 13:15 (English)
Opponent
Supervisors
Available from: 2014-04-30 Created: 2014-04-30 Last updated: 2014-05-22Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Ray, ApalaÅkerberg, JohanBjörkman, Mats

Search in DiVA

By author/editor
Ray, ApalaÅkerberg, JohanBjörkman, Mats
By organisation
Embedded Systems
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 13 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf