Contributions to Books:
B. Brenner, E. Weippl:
in: "Security and Quality in Cyber-Physical Systems Engineering",
Springer International Publishing,
The Automation Markup Language (or short: AutomationML) is a concept developed in 2008 in order to provide a versatile data format for seamless exchangeability of engineering data, with the goal to simplify the design and creation
of cyber physical production systems. Different software, such as CAD programs,
shall be able to support this format. Especially in the case of collaborative work and
data exchange, security can become an important issue as current approaches do not
fulfill the essential security objectives necessary, meaning that authenticity, integrity
and confidentiality of the stored files is not ensured from the start of a product design to the end product. This raises questions about the confidentiality of company
information, but also about the safety of production lines and end products. Leakage
of confidential information (e.g. construction plans), leading to unintended spread
of know-how can be an expensive consequence. Unauthorized and undetected (malicious) modifications may even lead to faults in end products, availability issues or
serious accidents within the production line. This chapter focuses on the demonstration of open issues within AutomationML based engineering project environments.
We are going to demonstrate why some kind of security layer (i.e. layer ensuring
access control and privileges, as well as ensuring data integrity) is crucial when
using AutomationML. Therefore, we provide assumptions about potential attacks
and their potential consequences. We introduce an approach to identify and analyze
assets, potential threats and vulnerabilities, resulting risks as well as countermeasures that are relevant for ensuring the above mentioned properties: confidentiality
of know how, availability of the assets and the integrity of relevant data.
AutomationML Security, AutomationML based Data Exchange, Access Control for AutomationML
"Official" electronic version of the publication (accessed through its Digital Object Identifier - DOI)
Created from the Publication Database of the Vienna University of Technology.