Marco Ehrlich, Andre Bröring, C. Diedrich, J. Jasperneite, W. Kastner, H. Trsek
{"title":"确定自动化安全风险评估的目标安全级别","authors":"Marco Ehrlich, Andre Bröring, C. Diedrich, J. Jasperneite, W. Kastner, H. Trsek","doi":"10.1109/INDIN51400.2023.10217902","DOIUrl":null,"url":null,"abstract":"Due to Industry 4.0 developments, the demanded modularity of manufacturing systems generates additional manual efforts for security experts to guarantee a secure operation. The rising utilization of information and the frequent changes of system structures necessitate a continuous and automated security engineering, especially by application of the mandatory security risk assessments. Collecting the required information for these assessments and formalising expert knowledge shall improve the security of modular manufacturing systems in the future. In order to automate the security risk assessment process, this work proposes a method to determine the Target Security Level (SL-T) in conformance to the IEC 62443 standard based on the MITRE ATT&CK framework and the Intel Threat Agent Library (TAL).","PeriodicalId":174443,"journal":{"name":"2023 IEEE 21st International Conference on Industrial Informatics (INDIN)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Determining the Target Security Level for Automated Security Risk Assessments\",\"authors\":\"Marco Ehrlich, Andre Bröring, C. Diedrich, J. Jasperneite, W. Kastner, H. Trsek\",\"doi\":\"10.1109/INDIN51400.2023.10217902\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to Industry 4.0 developments, the demanded modularity of manufacturing systems generates additional manual efforts for security experts to guarantee a secure operation. The rising utilization of information and the frequent changes of system structures necessitate a continuous and automated security engineering, especially by application of the mandatory security risk assessments. Collecting the required information for these assessments and formalising expert knowledge shall improve the security of modular manufacturing systems in the future. In order to automate the security risk assessment process, this work proposes a method to determine the Target Security Level (SL-T) in conformance to the IEC 62443 standard based on the MITRE ATT&CK framework and the Intel Threat Agent Library (TAL).\",\"PeriodicalId\":174443,\"journal\":{\"name\":\"2023 IEEE 21st International Conference on Industrial Informatics (INDIN)\",\"volume\":\"52 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE 21st International Conference on Industrial Informatics (INDIN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INDIN51400.2023.10217902\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE 21st International Conference on Industrial Informatics (INDIN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INDIN51400.2023.10217902","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Determining the Target Security Level for Automated Security Risk Assessments
Due to Industry 4.0 developments, the demanded modularity of manufacturing systems generates additional manual efforts for security experts to guarantee a secure operation. The rising utilization of information and the frequent changes of system structures necessitate a continuous and automated security engineering, especially by application of the mandatory security risk assessments. Collecting the required information for these assessments and formalising expert knowledge shall improve the security of modular manufacturing systems in the future. In order to automate the security risk assessment process, this work proposes a method to determine the Target Security Level (SL-T) in conformance to the IEC 62443 standard based on the MITRE ATT&CK framework and the Intel Threat Agent Library (TAL).
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
