Secure Development Lifecycle of Production Environments

Speaker:  Edgar Weippl – Vienna, Austria
Topic(s):  Security and Privacy

Abstract

Improvement of Security of Information Processing in the Industrial Production System Lifecycle addresses application-oriented basic research issues in the areas of Systems Security and Production Systems Engineering (PSE). Industrial production systems, such as robots, manufacturing cells, or steel mills control powerful and risky physical processes and must meet domain-specific safety, environmental, and quality standards. Meeting these standards is challenging for traditional production systems and even more challenging for cyber-physical production systems according to the Industrie 4.0 vision. During the production system lifecycle and the installation of the system, information processing concerns the creation, change, exchange, and use of engineering data and artifacts in order to characterize, design, configure, and verify the future production system and its parts.

Information security and cyber security are essential requirements in modern networked environments to ensure the delivery of engineering artifacts with the required quality, to mitigate risks of knowledge espionage and theft, to test for security vulnerabilities, and to ensure the consideration of security implications during operations and maintenance. The traditional optimistic assumption of production systems and PSE processes existing in isolated environments without requirements for advanced IT security is obsolete as global PSE is conducted with data repositories that are connected via the Internet in collaboration with partially trusted and untrusted parties. Even legacy production systems may become unintentionally connected to the Internet due to modern replacement components.  

We will explore the development of information security and quality improvement concepts, methods, and mechanisms for meeting domain-specific requirements for information security. Core research challenges are the consistent consideration of engineering artifact security, security threats and countermeasures over the entire production system lifecycle. This consideration goes significantly beyond the traditional limited security focus of PSE on data exchange and of production systems on securing the access to the production plant.

About this Lecture

Number of Slides:  30
Duration:  25 minutes
Languages Available:  English
Last Updated: 

Request this Lecture

To request this particular lecture, please complete this online form.

Request a Tour

To request a tour with this speaker, please complete this online form.

All requests will be sent to ACM headquarters for review.