% 
% This file was created by the TYPO3 extension
% bib
% --- Timezone: CEST
% Creation date: 2024-04-26
% Creation time: 02-05-35
% --- Number of references
% 3
% 

@Inproceedings { 2020_pennekamp_parameter_exchange,
   title = {Privacy-Preserving Production Process Parameter Exchange},
   year = {2020},
   month = {12},
   day = {10},
   pages = {510-525},
   abstract = {Nowadays, collaborations between industrial companies always go hand in hand with trust issues, i.e., exchanging valuable production data entails the risk of improper use of potentially sensitive information. Therefore, companies hesitate to offer their production data, e.g., process parameters that would allow other companies to establish new production lines faster, against a quid pro quo. Nevertheless, the expected benefits of industrial collaboration, data exchanges, and the utilization of external knowledge are significant.
In this paper, we introduce our Bloom filter-based Parameter Exchange (BPE), which enables companies to exchange process parameters privacy-preservingly. We demonstrate the applicability of our platform based on two distinct real-world use cases: injection molding and machine tools. We show that BPE is both scalable and deployable for different needs to foster industrial collaborations. Thereby, we reward data-providing companies with payments while preserving their valuable data and reducing the risks of data leakage.},
   keywords = {secure industrial collaboration; Bloom filter; oblivious transfer; Internet of Production},
   tags = {internet-of-production},
   url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-parameter-exchange.pdf},
   publisher = {ACM},
   booktitle = {Proceedings of the 36th Annual Computer Security Applications Conference (ACSAC '20), December 7-11, 2020, Austin, TX, USA},
   event_place = {Austin, TX, USA},
   event_date = {December 7-11, 2020},
   ISBN = {978-1-4503-8858-0/20/12},
   DOI = {10.1145/3427228.3427248},
   reviewed = {1},
   author = {Pennekamp, Jan and Buchholz, Erik and Lockner, Yannik and Dahlmanns, Markus and Xi, Tiandong and Fey, Marcel and Brecher, Christian and Hopmann, Christian and Wehrle, Klaus}
}

@Inproceedings { 2020-dahlmanns-imc-opcua,
   title = {Easing the Conscience with OPC UA: An Internet-Wide Study on Insecure Deployments},
   year = {2020},
   month = {10},
   day = {27},
   pages = {101-110},
   abstract = {Due to increasing digitalization, formerly isolated industrial networks, e.g., for factory and process automation, move closer and closer to the Internet, mandating secure communication. However, securely setting up OPC UA, the prime candidate for secure industrial communication, is challenging due to a large variety of insecure options. To study whether Internet-facing OPC UA appliances are configured securely, we actively scan the IPv4 address space for publicly reachable OPC UA systems and assess the security of their configurations. We observe problematic security configurations such as missing access control (on 24\% of hosts), disabled security functionality (24\%), or use of deprecated cryptographic primitives (25\%) on in total 92\% of the reachable deployments. Furthermore, we discover several hundred devices in multiple autonomous systems sharing the same security certificate, opening the door for impersonation attacks. Overall, in this paper, we highlight commonly found security misconfigurations and underline the importance of appropriate configuration for security-featuring protocols.},
   keywords = {industrial communication; network security; security configuration},
   tags = {internet-of-production, rfc},
   url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-dahlmanns-imc-opcua.pdf},
   publisher = {ACM},
   booktitle = {Proceedings of the Internet Measurement Conference (IMC '20), October 27-29, 2020, Pittsburgh, PA, USA},
   event_place = {Pittsburgh, PA, USA},
   event_name = {ACM Internet Measurement Conference 2020},
   event_date = {October 27-29, 2020},
   ISBN = {978-1-4503-8138-3/20/10},
   DOI = {10.1145/3419394.3423666},
   reviewed = {1},
   author = {Dahlmanns, Markus and Lohm{\"o}ller, Johannes and Fink, Ina Berenice and Pennekamp, Jan and Wehrle, Klaus and Henze, Martin}
}

@Inproceedings { 2020_roepert_opcua,
   title = {Assessing the Security of OPC UA Deployments},
   year = {2020},
   month = {4},
   day = {2},
   abstract = {To address the increasing security demands of industrial deployments, OPC UA is one of the first industrial protocols explicitly designed with security in mind. However, deploying it securely requires a thorough configuration of a wide range of options. Thus, assessing the security of OPC UA deployments and their configuration is necessary to ensure secure operation, most importantly confidentiality and integrity of industrial processes. In this work, we present extensions to the popular Metasploit Framework to ease network-based security assessments of OPC UA deployments. To this end, we discuss methods to discover OPC UA servers, test their authentication, obtain their configuration, and check for vulnerabilities. Ultimately, our work enables operators to verify the (security) configuration of their systems and identify potential attack vectors.},
   tags = {internet-of-production, rfc},
   url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-roepert-opcua-security.pdf},
   misc2 = {en},
   publisher = {University of T{\"u}bingen},
   booktitle = {Proceedings of the 1st ITG Workshop on IT Security (ITSec '20), April 2-3, 2020, T{\"u}bingen, Germany},
   event_place = {T{\"u}bingen, Germany},
   event_date = {April 2-3, 2020},
   DOI = {10.15496/publikation-41813},
   reviewed = {1},
   author = {Roepert, Linus and Dahlmanns, Markus and Fink, Ina Berenice and Pennekamp, Jan and Henze, Martin}
}