This file was created by the TYPO3 extension bib --- Timezone: CEST Creation date: 2024-04-24 Creation time: 03-14-19 --- Number of references 6 inproceedings 2020_pennekamp_parameter_exchange 2020 12 10 510-525 Nowadays, collaborations between industrial companies always go hand in hand with trust issues, i.e., exchanging valuable production data entails the risk of improper use of potentially sensitive information. Therefore, companies hesitate to offer their production data, e.g., process parameters that would allow other companies to establish new production lines faster, against a quid pro quo. Nevertheless, the expected benefits of industrial collaboration, data exchanges, and the utilization of external knowledge are significant. In this paper, we introduce our Bloom filter-based Parameter Exchange (BPE), which enables companies to exchange process parameters privacy-preservingly. We demonstrate the applicability of our platform based on two distinct real-world use cases: injection molding and machine tools. We show that BPE is both scalable and deployable for different needs to foster industrial collaborations. Thereby, we reward data-providing companies with payments while preserving their valuable data and reducing the risks of data leakage. secure industrial collaboration; Bloom filter; oblivious transfer; Internet of Production internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-parameter-exchange.pdf ACM Proceedings of the 36th Annual Computer Security Applications Conference (ACSAC '20), December 7-11, 2020, Austin, TX, USA Austin, TX, USA December 7-11, 2020 978-1-4503-8858-0/20/12 10.1145/3427228.3427248 1 JanPennekamp ErikBuchholz YannikLockner MarkusDahlmanns TiandongXi MarcelFey ChristianBrecher ChristianHopmann KlausWehrle inproceedings 2020-henze-ccs-cybersecurity 2020 11 9 Mitigating cybersecurity threats in power distribution grids requires a testbed for cybersecurity, e.g., to evaluate the (physical) impact of cyberattacks, generate datasets, test and validate security approaches, as well as train technical personnel. In this paper, we present a blueprint for such a testbed that relies on network emulation and power flow computation to couple real network applications with a simulated power grid. We discuss the benefits of our approach alongside preliminary results and various use cases for cybersecurity research and training for power distribution grids. https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-henze-ccs-cybersecurity.pdf ACM

New York, NY, USA

Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS ’20), November 9–13, 2020, Virtual Event, USA. Virtual Event, USA November 9-13, 2020 10.1145/3372297.3420016 1 MartinHenze LennartBader JulianFilter OlavLamberts SimonOfner Dennisvan der Velde inproceedings 2020-dahlmanns-imc-opcua 2020 10 27 101-110 Due to increasing digitalization, formerly isolated industrial networks, e.g., for factory and process automation, move closer and closer to the Internet, mandating secure communication. However, securely setting up OPC UA, the prime candidate for secure industrial communication, is challenging due to a large variety of insecure options. To study whether Internet-facing OPC UA appliances are configured securely, we actively scan the IPv4 address space for publicly reachable OPC UA systems and assess the security of their configurations. We observe problematic security configurations such as missing access control (on 24% of hosts), disabled security functionality (24%), or use of deprecated cryptographic primitives (25%) on in total 92% of the reachable deployments. Furthermore, we discover several hundred devices in multiple autonomous systems sharing the same security certificate, opening the door for impersonation attacks. Overall, in this paper, we highlight commonly found security misconfigurations and underline the importance of appropriate configuration for security-featuring protocols. industrial communication; network security; security configuration internet-of-production, rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-dahlmanns-imc-opcua.pdf ACM Proceedings of the Internet Measurement Conference (IMC '20), October 27-29, 2020, Pittsburgh, PA, USA Pittsburgh, PA, USA ACM Internet Measurement Conference 2020 October 27-29, 2020 978-1-4503-8138-3/20/10 10.1145/3419394.3423666 1 MarkusDahlmanns JohannesLohmöller Ina BereniceFink JanPennekamp KlausWehrle MartinHenze inproceedings 2020-schemmel-porse 2020 7 symbiosys https://arxiv.org/pdf/2005.06688.pdf https://arxiv.org/abs/2005.06688 Computer Aided Verification (CAV 2020) 32nd International Conference on Computer Aided Verification 10.1007/978-3-030-53288-8_18 1 DanielSchemmel JulianBüning CésarRodríguez DavidLaprell KlausWehrle article 2020_gleim_factDAG IEEE Internet of Things Journal 2020 4 14 7 4 3243-3253 In the production industry, the volume, variety and velocity of data as well as the number of deployed protocols increase exponentially due to the influences of IoT advances. While hundreds of isolated solutions exist to utilize this data, e.g., optimizing processes or monitoring machine conditions, the lack of a unified data handling and exchange mechanism hinders the implementation of approaches to improve the quality of decisions and processes in such an interconnected environment. The vision of an Internet of Production promises the establishment of a Worldwide Lab, where data from every process in the network can be utilized, even interorganizational and across domains. While numerous existing approaches consider interoperability from an interface and communication system perspective, fundamental questions of data and information interoperability remain insufficiently addressed. In this paper, we identify ten key issues, derived from three distinctive real-world use cases, that hinder large-scale data interoperability for industrial processes. Based on these issues we derive a set of five key requirements for future (IoT) data layers, building upon the FAIR data principles. We propose to address them by creating FactDAG, a conceptual data layer model for maintaining a provenance-based, directed acyclic graph of facts, inspired by successful distributed version-control and collaboration systems. Eventually, such a standardization should greatly shape the future of interoperability in an interconnected production industry. Data Management; Data Versioning; Interoperability; Industrial Internet of Things; Worldwide Lab internet-of-production https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-gleim-iotj-iop-interoperability.pdf IEEE 2327-4662 10.1109/JIOT.2020.2966402 1 LarsGleim JanPennekamp MartinLiebenberg MelanieBuchsbaum PhilippNiemietz SimonKnape AlexanderEpple SimonStorms DanielTrauth ThomasBergs ChristianBrecher StefanDecker GerhardLakemeyer KlausWehrle article 2020-wehrle-digitalshadows Der Profilbereich "Information & Communication Technology" 2020 0179-079X 10.18154/RWTH-2021-02496 MatthiasJarke Wilvan der Aalst ChristianBrecher MatthiasBrockmann IstvánKoren GerhardLakemeyer BernhardRumpe GüntherSchuh KlausWehrle MartinaZiefle