Marco Ehrlich, Andre Bröring, C. Diedrich, J. Jasperneite, W. Kastner, H. Trsek
{"title":"Determining the Target Security Level for Automated Security Risk Assessments","authors":"Marco Ehrlich, Andre Bröring, C. Diedrich, J. Jasperneite, W. Kastner, H. Trsek","doi":"10.1109/INDIN51400.2023.10217902","DOIUrl":null,"url":null,"abstract":"Due to Industry 4.0 developments, the demanded modularity of manufacturing systems generates additional manual efforts for security experts to guarantee a secure operation. The rising utilization of information and the frequent changes of system structures necessitate a continuous and automated security engineering, especially by application of the mandatory security risk assessments. Collecting the required information for these assessments and formalising expert knowledge shall improve the security of modular manufacturing systems in the future. In order to automate the security risk assessment process, this work proposes a method to determine the Target Security Level (SL-T) in conformance to the IEC 62443 standard based on the MITRE ATT&CK framework and the Intel Threat Agent Library (TAL).","PeriodicalId":174443,"journal":{"name":"2023 IEEE 21st International Conference on Industrial Informatics (INDIN)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE 21st International Conference on Industrial Informatics (INDIN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INDIN51400.2023.10217902","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Due to Industry 4.0 developments, the demanded modularity of manufacturing systems generates additional manual efforts for security experts to guarantee a secure operation. The rising utilization of information and the frequent changes of system structures necessitate a continuous and automated security engineering, especially by application of the mandatory security risk assessments. Collecting the required information for these assessments and formalising expert knowledge shall improve the security of modular manufacturing systems in the future. In order to automate the security risk assessment process, this work proposes a method to determine the Target Security Level (SL-T) in conformance to the IEC 62443 standard based on the MITRE ATT&CK framework and the Intel Threat Agent Library (TAL).
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
