This file was created by the TYPO3 extension
bib
--- Timezone: UTC
Creation date: 2024-12-03
Creation time: 14-38-48
--- Number of references
14
inproceedings
2021_pennekamp_laser
Collaboration is not Evil: A Systematic Look at Security Research for Industrial Use
2021
12
21
Following the recent Internet of Things-induced trends on digitization in general, industrial applications will further evolve as well. With a focus on the domains of manufacturing and production, the Internet of Production pursues the vision of a digitized, globally interconnected, yet secure environment by establishing a distributed knowledge base.
Background. As part of our collaborative research of advancing the scope of industrial applications through cybersecurity and privacy, we identified a set of common challenges and pitfalls that surface in such applied interdisciplinary collaborations.
Aim. Our goal with this paper is to support researchers in the emerging field of cybersecurity in industrial settings by formalizing our experiences as reference for other research efforts, in industry and academia alike.
Method. Based on our experience, we derived a process cycle of performing such interdisciplinary research, from the initial idea to the eventual dissemination and paper writing. This presented methodology strives to successfully bootstrap further research and to encourage further work in this emerging area.
Results. Apart from our newly proposed process cycle, we report on our experiences and conduct a case study applying this methodology, raising awareness for challenges in cybersecurity research for industrial applications. We further detail the interplay between our process cycle and the data lifecycle in applied research data management. Finally, we augment our discussion with an industrial as well as an academic view on this research area and highlight that both areas still have to overcome significant challenges to sustainably and securely advance industrial applications.
Conclusions. With our proposed process cycle for interdisciplinary research in the intersection of cybersecurity and industrial application, we provide a foundation for further research. We look forward to promising research initiatives, projects, and directions that emerge based on our methodological work.
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-laser-collaboration.pdf
ACSA
Proceedings of the Workshop on Learning from Authoritative Security Experiment Results (LASER '20), co-located with the 36th Annual Computer Security Applications Conference (ACSAC '20), December 7-11, 2020, Austin, TX, USA
Austin, TX, USA
Learning from Authoritative Security Experiment Results (LASER '20)
December 8, 2020
978-1-891562-81-5
10.14722/laser-acsac.2020.23088
1
JanPennekamp
ErikBuchholz
MarkusDahlmanns
IkeKunze
StefanBraun
EricWagner
MatthiasBrockmann
KlausWehrle
MartinHenze
inproceedings
2021_kiesel_5g
Development of a Model to Evaluate the Potential of 5G Technology for Latency-Critical Applications in Production
2021
12
15
739-744
Latency-critical applications in production promise to be essential enablers for performance improvement in production. However, they require the right and often wireless communication system. 5G technology appears to be an effective way to achieve communication system for these applications. Its estimated economic benefit on production gross domestic product is immense ($740 billion Euro until 2030). However, 55% of production companies state that 5G technology deployment is currently not a subject matter for them and mainly state the lack of knowledge on benefits as a reason. Currently, it is missing an approach or model for a use case specific, data-based evaluation of 5G technology influence on the performance of production applications. Therefore, this paper presents a model to evaluate the potential of 5G technology for latency-critical applications in production. First, we derive requirements for the model to fulfill the decision-makers' needs. Second, we analyze existing evaluation approaches regarding their fulfillment of the derived requirements. Third, based on outlined research gaps, we develop a model fulfilling the requirements. Fourth, we give an outlook for further research needs.
5G technology; latency-critical applications; production; evaluation model
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-kiesel-5g-model.pdf
IEEE
Proceedings of the 28th IEEE International Conference on Industrial Engineering and Engineering Management (IEEM '21), December 13-16, 2021, Singapore, Singapore
Singapore, Singapore
December 13-16, 2021
978-1-6654-3771-4
10.1109/IEEM50564.2021.9673074
1
RaphaelKiesel
FalkBoehm
JanPennekamp
Robert H.Schmitt
inproceedings
2021_mitseva_sequences
POSTER: How Dangerous is My Click? Boosting Website Fingerprinting By Considering Sequences of Webpages
2021
11
17
2411-2413
Website fingerprinting (WFP) is a special case of traffic analysis, where a passive attacker infers information about the content of encrypted and anonymized connections by observing patterns of data flows. Although modern WFP attacks pose a serious threat to online privacy of users, including Tor users, they usually aim to detect single pages only. By ignoring the browsing behavior of users, the attacker excludes valuable information: users visit multiple pages of a single website consecutively, e.g., by following links. In this paper, we propose two novel methods that can take advantage of the consecutive visits of multiple pages to detect websites. We show that two up to three clicks within a site allow attackers to boost the accuracy by more than 20% and to dramatically increase the threat to users' privacy. We argue that WFP defenses have to consider this new dimension of the attack surface.
Traffic Analysis; Website Fingerprinting; Web Privacy
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-mitseva-fingerprinting-sequences.pdf
ACM
Proceedings of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS '21), November 15-19, 2021, Seoul, Korea
Seoul, Korea
November 15-19, 2021
978-1-4503-8454-4/21/11
10.1145/3460120.3485347
1
AsyaMitseva
JanPennekamp
JohannesLohmöller
TorstenZiemann
CarlHoerchner
KlausWehrle
AndriyPanchenko
inproceedings
2021_pennekamp_bootstrapping
Confidential Computing-Induced Privacy Benefits for the Bootstrapping of New Business Relationships
2021
11
15
RWTH-2021-09499
In addition to quality improvements and cost reductions, dynamic and flexible business relationships are expected to become more important in the future to account for specific customer change requests or small-batch production. Today, despite reservation, sensitive information must be shared upfront between buyers and sellers. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness following information leaks or breaches of their privacy. To address this issue, the concepts of confidential computing and cloud computing come to mind as they promise to offer scalable approaches that preserve the privacy of participating companies. In particular, designs building on confidential computing can help to technically enforce privacy. Moreover, cloud computing constitutes an elegant design choice to scale these novel protocols to industry needs while limiting the setup and management overhead for practitioners. Thus, novel approaches in this area can advance the status quo of bootstrapping new relationships as they provide privacy-preserving alternatives that are suitable for immediate deployment.
bootstrapping procurement; business relationships; secure industrial collaboration; privacy; Internet of Production
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-bootstrapping.pdf
RWTH Aachen University
Blitz Talk at the 2021 Cloud Computing Security Workshop (CCSW '21), co-located with the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS '21), November 15-19, 2021, Seoul, Korea
RWTH Aachen University
Seoul, Korea
November 14, 2021
10.18154/RWTH-2021-09499
JanPennekamp
FrederikFuhrmann
MarkusDahlmanns
TimoHeutmann
AlexanderKreppein
DennisGrunert
ChristophLange
Robert H.Schmitt
KlausWehrle
article
2021_kretschmer_cookies
Cookie Banners and Privacy Policies: Measuring the Impact of the GDPR on the Web
ACM Transactions on the Web
2021
11
1
15
4
The General Data Protection Regulation (GDPR) is in effect since May of 2018. As one of the most comprehensive pieces of legislation concerning privacy, it sparked a lot of discussion on the effect it would have on users and providers of online services in particular, due to the large amount of personal data processed in this context. Almost three years later, we are interested in revisiting this question to summarize the impact this new regulation has had on actors in the World Wide Web. Using Scopus, we obtain a vast corpus of academic work to survey studies related to changes on websites since and around the time, the GDPR went into force. Our findings show that the emphasis on privacy increased w.r.t. online services, but plenty potential for improvements remains. Although online services are on average more transparent regarding data processing practices in their public data policies, a majority of these policies still either lack information required by the GDPR (e.g., contact information for users to file privacy inquiries), or do not provide this information in a user-friendly form. Additionally, we summarize that online services more often provide means for their users to opt out of data processing, but regularly obstruct convenient access to such means through unnecessarily complex and sometimes illegitimate interface design. Our survey further details that this situation contradicts the preferences expressed by users both verbally and through their actions, and researchers have proposed multiple approaches to facilitate GDPR-conform data processing without negatively impacting the user experience. Thus, we compiled reoccurring points of criticism by privacy researchers and data protection authorities into a list of four guidelines for service providers to consider.
Cookies; Privacy; GDPR; Web; Privacy Legislation; Fingerprinting
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-kretschmer-tweb-cookies.pdf
ACM
1559-1131
10.1145/3466722
1
MichaelKretschmer
JanPennekamp
KlausWehrle
inproceedings
2021_reuter_demo
Demo: Traffic Splitting for Tor — A Defense against Fingerprinting Attacks
2021
9
14
Website fingerprinting (WFP) attacks on the anonymity network Tor have become ever more effective. Furthermore, research discovered that proposed defenses are insufficient or cause high overhead. In previous work, we presented a new WFP defense for Tor that incorporates multipath transmissions to repel malicious Tor nodes from conducting WFP attacks. In this demo, we showcase the operation of our traffic splitting defense by visually illustrating the underlying Tor multipath transmission using LED-equipped Raspberry Pis.
Electronic Communications of the EASST, Volume 080
Onion Routing; Website Fingerprinting; Multipath Traffic; Privacy
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-reuter-splitting-demo.pdf
TU Berlin
Proceedings of the 2021 International Conference on Networked Systems (NetSys '21), September 13-16, 2021, Lübeck, Germany
Lübeck, Germany
September 13-16, 2021
1863-2122
10.14279/tuj.eceasst.80.1151
1
SebastianReuter
JensHiller
JanPennekamp
AndriyPanchenko
KlausWehrle
article
2021_pennekamp_accountable_manufacturing
The Road to Accountable and Dependable Manufacturing
Automation
2021
9
13
2
3
202-219
The Internet of Things provides manufacturing with rich data for increased automation. Beyond company-internal data exploitation, the sharing of product and manufacturing process data along and across supply chains enables more efficient production flows and product lifecycle management. Even more, data-based automation facilitates short-lived ad hoc collaborations, realizing highly dynamic business relationships for sustainable exploitation of production resources and capacities. However, the sharing and use of business data across manufacturers and with end customers add requirements on data accountability, verifiability, and reliability and needs to consider security and privacy demands. While research has already identified blockchain technology as a key technology to address these challenges, current solutions mainly evolve around logistics or focus on established business relationships instead of automated but highly dynamic collaborations that cannot draw upon long-term trust relationships. We identify three open research areas on the road to such a truly accountable and dependable manufacturing enabled by blockchain technology: blockchain-inherent challenges, scenario-driven challenges, and socio-economic challenges. Especially tackling the scenario-driven challenges, we discuss requirements and options for realizing a blockchain-based trustworthy information store and outline its use for automation to achieve a reliable sharing of product information, efficient and dependable collaboration, and dynamic distributed markets without requiring established long-term trust.
blockchain; supply chain management; Industry 4.0; manufacturing; secure industrial collaboration; scalability; Industrial Internet of Things; Internet of Production
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-manufacturing.pdf
MDPI
2673-4052
10.3390/automation2030013
1
JanPennekamp
RomanMatzutt
Salil S.Kanhere
JensHiller
KlausWehrle
article
2021_matzutt_coinprune_v2
CoinPrune: Shrinking Bitcoin's Blockchain Retrospectively
IEEE Transactions on Network and Service Management
2021
9
10
18
3
3064-3078
Popular cryptocurrencies continue to face serious scalability issues due to their ever-growing blockchains. Thus, modern blockchain designs began to prune old blocks and rely on recent snapshots for their bootstrapping processes instead. Unfortunately, established systems are often considered incapable of adopting these improvements. In this work, we present CoinPrune, our block-pruning scheme with full Bitcoin compatibility, to revise this popular belief. CoinPrune bootstraps joining nodes via snapshots that are periodically created from Bitcoin's set of unspent transaction outputs (UTXO set). Our scheme establishes trust in these snapshots by relying on CoinPrune-supporting miners to mutually reaffirm a snapshot's correctness on the blockchain. This way, snapshots remain trustworthy even if adversaries attempt to tamper with them. Our scheme maintains its retrospective deployability by relying on positive feedback only, i.e., blocks containing invalid reaffirmations are not rejected, but invalid reaffirmations are outpaced by the benign ones created by an honest majority among CoinPrune-supporting miners. Already today, CoinPrune reduces the storage requirements for Bitcoin nodes by two orders of magnitude, as joining nodes need to fetch and process only 6 GiB instead of 271 GiB of data in our evaluation, reducing the synchronization time of powerful devices from currently 7 h to 51 min, with even larger potential drops for less powerful devices. CoinPrune is further aware of higher-level application data, i.e., it conserves otherwise pruned application data and allows nodes to obfuscate objectionable and potentially illegal blockchain content from their UTXO set and the snapshots they distribute.
blockchain; block pruning; synchronization; bootstrapping; scalability; velvet fork; Bitcoin
mynedata; impact_digital; digital_campus
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-matzutt-coinprune-v2.pdf
English
1932-4537
10.1109/TNSM.2021.3073270
1
RomanMatzutt
BenediktKalde
JanPennekamp
ArthurDrichel
MartinHenze
KlausWehrle
article
2021_pennekamp_ercim
Unlocking Secure Industrial Collaborations through Privacy-Preserving Computation
ERCIM News
2021
7
9
126
24-25
In industrial settings, significant process improvements can be achieved when utilising and sharing information across stakeholders. However, traditionally conservative companies impose significant confidentiality requirements for any (external) data processing. We discuss how privacy-preserving computation can unlock secure and private collaborations even in such competitive environments.
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-ercim-news.pdf
https://ercim-news.ercim.eu/en126/special/unlocking-secure-industrial-collaborations-through-privacy-preserving-computation
ERCIM EEIG
0926-4981
JanPennekamp
MartinHenze
KlausWehrle
inproceedings
2021_mangel_reshare
Data Reliability and Trustworthiness through Digital Transmission Contracts
2021
6
8
12731
265-283
As decision-making is increasingly data-driven, trustworthiness and reliability of the underlying data, e.g., maintained in knowledge graphs or on the Web, are essential requirements for their usability in the industry. However, neither traditional solutions, such as paper-based data curation processes, nor state-of-the-art approaches, such as distributed ledger technologies, adequately scale to the complex requirements and high throughput of continuously evolving industrial data. Motivated by a practical use case with high demands towards data trustworthiness and reliability, we identify the need for digitally-verifiable data immutability as a still insufficiently addressed dimension of data quality. Based on our discussion of shortcomings in related work, we thus propose ReShare, our novel concept of digital transmission contracts with bilateral signatures, to address this open issue for both RDF knowledge graphs and arbitrary data on the Web. Our quantitative evaluation of ReShare’s performance and scalability reveals only moderate computation and communication overhead, indicating significant potential for cost-reductions compared to today’s approaches. By cleverly integrating digital transmission contracts with existing Web-based information systems, ReShare provides a promising foundation for data sharing and reuse in Industry 4.0 and beyond, enabling digital accountability through easily-adoptable digitally-verifiable data immutability and non-repudiation.
Lecture Notes in Computer Science (LNCS), Volume 12731
Digital transmission contracts; Trust; Data immutability; Non-repudiation; Accountability; Data dynamics; Linked Data; Knowledge graphs
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-mangel-eswc-reshare.pdf
Springer
Proceedings of the 18th Extended Semantic Web Conference (ESWC '21), June 6-10, 2021, Heraklion, Greece
Heraklion, Greece
June 6-10, 2021
978-3-030-77384-7
0302-9743
10.1007/978-3-030-77385-4_16
1
SimonMangel
LarsGleim
JanPennekamp
KlausWehrle
StefanDecker
inproceedings
2021_gleim_factstack
FactStack: Interoperable Data Management and Preservation for the Web and Industry 4.0
2021
5
31
P-312
371-395
Data exchange throughout the supply chain is essential for the agile and adaptive manufacturing processes of Industry 4.0. As companies employ numerous, frequently mutually incompatible data management and preservation approaches, interorganizational data sharing and reuse regularly requires human interaction and is thus associated with high overhead costs. An interoperable system, supporting the unified management, preservation and exchange of data across organizational boundaries is missing to date. We propose FactStack, a unified approach to data management and preservation based upon a novel combination of existing Web-standards and tightly integrated with the HTTP protocol itself. Based on the FactDAG model, FactStack guides and supports the full data lifecycle in a FAIR and interoperable manner, independent of individual software solutions and backward-compatible with existing resource oriented architectures. We describe our reference implementation of the approach and evaluate its performance, showcasing scalability even to high-throughput applications. We analyze the system's applicability to industry using a representative real-world use case in aircraft manufacturing based on principal requirements identified in prior work. We conclude that FactStack fulfills all requirements and provides a promising solution for the on-demand integration of persistence and provenance into existing resource-oriented architectures, facilitating data management and preservation for the agile and interorganizational manufacturing processes of Industry 4.0. Through its open source distribution, it is readily available for adoption by the community, paving the way for improved utility and usability of data management and preservation in digital manufacturing and supply chains.
Lecture Notes in Informatics (LNI), Volume P-312
Web Technologies; Data Management; Memento; Persistence; PID; Industry 4.0
internet-of-production
https://comsys.rwth-aachen.de/fileadmin/papers/2021/2021-gleim-btw-iop-interoperability-realization.pdf
Gesellschaft für Informatik
Proceedings of the 19th Symposium for Database Systems for Business, Technology and Web (BTW '21), September 13-17, 2021, Dresden, Germany
Dresden, Germany
September 13-17, 2021
978-3-88579-705-0
1617-5468
10.18420/btw2021-20
1
LarsGleim
JanPennekamp
LiamTirpitz
SaschaWelten
FlorianBrillowski
StefanDecker
article
2021_buckhorst_lmas
Holarchy for Line-less Mobile Assembly Systems Operation in the Context of the Internet of Production
Procedia CIRP
2021
5
3
99
448-453
Assembly systems must provide maximum flexibility qualified by organization and technology to offer cost-compliant performance features to differentiate themselves from competitors in buyers' markets. By mobilization of multipurpose resources and dynamic planning, Line-less Mobile Assembly Systems (LMASs) offer organizational reconfigurability. By proposing a holarchy to combine LMASs with the concept of an Internet of Production (IoP), we enable LMASs to source valuable information from cross-level production networks, physical resources, software nodes, and data stores that are interconnected in an IoP. The presented holarchy provides a concept of how to address future challenges, meet the requirements of shorter lead times, and unique lifecycle support. The paper suggests an application of decision making, distributed sensor services, recommender-based data reduction, and in-network computing while considering safety and human usability alike.
Proceedings of the 14th CIRP Conference on Intelligent Computation in Manufacturing Engineering (ICME '20), July 14-17, 2020, Gulf of Naples, Italy
Internet of Production; Line-less Mobile Assembly System; Industrial Assembly; Smart Factory
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-buckhorst-holarchy.pdf
Elsevier
Gulf of Naples, Italy
July 14-17, 2020
2212-8271
10.1016/j.procir.2021.03.064
1
Armin F.Buckhorst
BenjaminMontavon
DominikWolfschläger
MelanieBuchsbaum
AmirShahidi
HenningPetruck
IkeKunze
JanPennekamp
ChristianBrecher
MathiasHüsing
BurkhardCorves
VerenaNitsch
KlausWehrle
Robert H.Schmitt
article
2021_bader_privaccichain
Blockchain-Based Privacy Preservation for Supply Chains Supporting Lightweight Multi-Hop Information Accountability
Information Processing & Management
2021
5
1
58
3
The benefits of information sharing along supply chains are well known for improving productivity and reducing costs. However, with the shift towards more dynamic and flexible supply chains, privacy concerns severely challenge the required information retrieval. A lack of trust between the different involved stakeholders inhibits advanced, multi-hop information flows, as valuable information for tracking and tracing products and parts is either unavailable or only retained locally. Our extensive literature review of previous approaches shows that these needs for cross-company information retrieval are widely acknowledged, but related work currently only addresses them insufficiently. To overcome these concerns, we present PrivAccIChain, a secure, privacy-preserving architecture for improving the multi-hop information retrieval with stakeholder accountability along supply chains. To address use case-specific needs, we particularly introduce an adaptable configuration of transparency and data privacy within our design. Hence, we enable the benefits of information sharing as well as multi-hop tracking and tracing even in supply chains that include mutually distrusting stakeholders. We evaluate the performance of PrivAccIChain and demonstrate its real-world feasibility based on the information of a purchasable automobile, the e.GO Life. We further conduct an in-depth security analysis and propose tunable mitigations against common attacks. As such, we attest PrivAccIChain's practicability for information management even in complex supply chains with flexible and dynamic business relationships.
multi-hop collaboration; tracking and tracing; Internet of Production; e.GO; attribute-based encryption
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-bader-ipm-privaccichain.pdf
Elsevier
0306-4573
10.1016/j.ipm.2021.102529
1
LennartBader
JanPennekamp
RomanMatzutt
DavidHedderich
MarkusKowalski
VolkerLücken
KlausWehrle
inproceedings
2021_dahlmanns_entrust
Transparent End-to-End Security for Publish/Subscribe Communication in Cyber-Physical Systems
2021
4
28
78–87
The ongoing digitization of industrial manufacturing leads to a decisive change in industrial communication paradigms. Moving from traditional one-to-one to many-to-many communication, publish/subscribe systems promise a more dynamic and efficient exchange of data. However, the resulting significantly more complex communication relationships render traditional end-to-end security futile for sufficiently protecting the sensitive and safety-critical data transmitted in industrial systems. Most notably, the central message brokers inherent in publish/subscribe systems introduce a designated weak spot for security as they can access all communication messages. To address this issue, we propose ENTRUST, a novel solution for key server-based end-to-end security in publish/subscribe systems. ENTRUST transparently realizes confidentiality, integrity, and authentication for publish/subscribe systems without any modification of the underlying protocol. We exemplarily implement ENTRUST on top of MQTT, the de-facto standard for machine-to-machine communication, showing that ENTRUST can integrate seamlessly into existing publish/subscribe systems.
cyber-physical system security; publish-subscribe security; end-to-end security
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-dahlmanns-entrust.pdf
ACM
Proceedings of the 1st ACM Workshop on Secure and Trustworthy Cyber-Physical Systems (SaT-CPS '21), co-located with the 11th ACM Conference on Data and Application Security and Privacy (CODASPY '21), April 26-28, 2021, Virtual Event, USA
Virtual Event, USA
ACM Workshop on Secure and Trustworthy Cyber-Physical Systems
April 28, 2021
978-1-4503-8319-6/21/04
10.1145/3445969.3450423
1
MarkusDahlmanns
JanPennekamp
Ina BereniceFink
BerndSchoolmann
KlausWehrle
MartinHenze