A Cybersecurity Risk Assessment Process for Model-Based Industry 4.0 Development

Resource type
Matthias Kern, Thomas Glock,Victor Pazmino Betancourt, Bo Liu, Eric Sax, Jürgen Becker
23th World Multi-Conferebce on Systemics, Cybernetics and Informatics (WMSCI)
Book title
23th World Multi-Conferebce on Systemics, Cybernetics and Informatics (WMSCI)
Cybersecurity risk assessments are important to define a welljustified cybersecurity concept that regards the trade-off between security, costs, and performance. Heading toward Industry 4.0 (I4.0), plants get connected with an increasing amount of sensors and functionalities that have more and more communication interfaces and paths. This leads to a growing cybersecurity attack surface and a higher complexity compared to current plants. Today, a well-structured course of action for a cybersecurity risk assessment is missing in the domain I4.0. Therefore, in this paper, a cybersecurity risk-assessment process containing an asset- , a threat- and an attack-analysis with adapted methodologies from other domains is proposed and the necessary terms for the approach are introduced. Furthermore, a model-based approach is proposed and its prototypical implementation supporting the proposed cybersecurity risk assessment process. Finally, the evaluation of the approach was done by applying it to an industrial use-case.
Download .bib
Download .bib
Published by
Victor Pazmino Betancourt