Combined Modeling Techniques for Safety and Security in Industrial Automation: A Case Study

Hollerer, Siegfried; Chabrova, Marta; Sauter, Thilo; Kastner, Wolfgang

doi:10.1109/SIN56466.2022.9970541

DC Field

Value

Language

dc.contributor.author

Hollerer, Siegfried

dc.contributor.author

Chabrova, Marta

dc.contributor.author

Sauter, Thilo

dc.contributor.author

Kastner, Wolfgang

dc.date.accessioned

2023-01-16T14:03:41Z

dc.date.available

2023-01-16T14:03:41Z

dc.date.issued

2022

dc.identifier.citation

<div class="csl-bib-body"> <div class="csl-entry">Hollerer, S., Chabrova, M., Sauter, T., & Kastner, W. (2022). Combined Modeling Techniques for Safety and Security in Industrial Automation: A Case Study. In <i>2022 15th International Conference on Security of Information and Networks (SIN)</i> (pp. 1–4). https://doi.org/10.1109/SIN56466.2022.9970541</div> </div>

dc.identifier.uri

http://hdl.handle.net/20.500.12708/139839

dc.description.abstract

The interconnection of automation technology with IT systems, also referred to as Industry 4.0, enables cyber attacks to impact safety (e.g., TRITON malware). Conversely, installed safety functions and requirements may also affect security requirements (e.g., the emergency stop function has to be avail-able without prior authentication and authorization). Therefore, threat modeling (TM) methods considering security, safety, and their interdependence are needed to get a comprehensive view of potential flaws of an industrial architecture. This paper presents a case study of the TM methods STRIDE-LM and Failure-Attack-CounTermeasure (FACT) graph w.r.t. the identification of safety and security flaws and their interdependence, with the aim to provide an impression of possible solutions to the described problem. The study was applied to a use case derived from a stakeholder analysis showing common characteristics and requirements of industrial automation systems. As STRIDE-LM was designed only to consider security flaws, it was extended to cover safety aspects as well. Preliminary results of the application of the TM methods show differences in efficiency, precision, and the granularity of information provided.

dc.description.sponsorship

TÜV Austria Holding AG

dc.language.iso

dc.subject

Threat modeling

dc.subject

Fault diagnosis

dc.subject

Authorization

dc.subject

Malware

dc.subject

Safety

dc.subject

Forth Industrial Revolution

dc.subject

Security

dc.subject

OT Security

dc.subject

IT/OT convergence

dc.title

Combined Modeling Techniques for Safety and Security in Industrial Automation: A Case Study

dc.type

Inproceedings

dc.type

Konferenzbeitrag

dc.contributor.affiliation

TU Wien, Austria

dc.relation.isbn

978-1-6654-5465-0

dc.description.startpage

dc.description.endpage

dcterms.dateSubmitted

2022-12-16

dc.type.category

Full-Paper Contribution

tuw.booktitle

2022 15th International Conference on Security of Information and Networks (SIN)

tuw.project.title

SafeSecSystem Modeling

tuw.researchinfrastructure

Pilotfabrik

tuw.researchTopic.id

I6a

tuw.researchTopic.id

tuw.researchTopic.name

Digital Transformation in Manufacturing

tuw.researchTopic.name

Modeling and Simulation

tuw.researchTopic.name

Computational System Design

tuw.researchTopic.value

tuw.linking

https://ieeexplore.ieee.org/document/9970541

tuw.publication.orgunit

E191 - Institut für Computer Engineering

tuw.publication.orgunit

E384 - Institut für Computertechnik

tuw.publisher.doi

10.1109/SIN56466.2022.9970541

dc.description.numberOfPages

tuw.author.orcid

0000-0002-3814-6019

tuw.event.name

2022 15th International Conference on Security of Information and Networks (SIN)

tuw.event.startdate

11-11-2022

tuw.event.enddate

13-11-2022

tuw.event.online

Hybrid

tuw.event.type

Event for scientific audience

tuw.event.country

tuw.event.presenter

Hollerer, Siegfried

tuw.presentation.online

Online

tuw.event.track

Multi Track

wb.sciencebranch

Maschinenbau

wb.sciencebranch

Informatik

wb.sciencebranch

Elektrotechnik, Elektronik, Informationstechnik

wb.sciencebranch.oefos

2030

wb.sciencebranch.oefos

1020

wb.sciencebranch.oefos

2020

wb.sciencebranch.value

item.grantfulltext

none

item.fulltext

no Fulltext

item.openairecristype

http://purl.org/coar/resource_type/c_5794

item.languageiso639-1

item.cerifentitytype

Publications

item.openairetype

conference paper

crisitem.author.dept

E191-03 - Forschungsbereich Automation Systems

crisitem.author.dept

TU Wien

crisitem.author.dept

E384 - Institut für Computertechnik

crisitem.author.dept

E640 - Vizerektorat Digitalisierung und Infrastruktur

crisitem.author.orcid

0000-0002-3814-6019

crisitem.author.orcid

0000-0003-1559-8394

crisitem.author.orcid

0000-0001-5420-404X

crisitem.author.parentorg

E191 - Institut für Computer Engineering

crisitem.author.parentorg

E350 - Fakultät für Elektrotechnik und Informationstechnik

crisitem.author.parentorg

E000 - Technische Universität Wien

crisitem.project.funder

TÜV Austria Holding AG

Appears in Collections:

Conference Paper

Show simple item record

Page view(s)

278

checked on Nov 23, 2023

Download(s)

checked on Nov 23, 2023

Google Scholar^TM

Check

Page view(s)

Download(s)

Google ScholarTM

Google Scholar^TM