A Centralised or Distributed Risk Assessment using Asset Administration Shell

Abstract

The application of Industry 4.0 (I4.0) architectures to the conservative nature of present Industrial Control System (ICS) has brought along many challenges. The ever-changing and dynamically altering threat landscape has led to many hazards and risks w.r.t. safe and secure operation of underlying assets. To understand and manage such risks, organizations perform assessments. Risk assessments performed today are typically handled in a centralized manner on a higher layer of the automation pyramid. The concept of the Asset Administration Shell (AAS) for I4.0 component might provide means to access and process data at the component level throughout the lifecycle, thus taking the assessment from a strictly centralized to a distributed manner. This paper, thus, focuses on the possibility of risk assessment either performed centrally or in a distributed manner aiming at highlighting data sources, acquisition, and processing mechanisms for the same relying on the AAS.