IT SECURITY IN CONTEXT OF INDUSTRIE 4.0 PROTECTION OF PRODUCTION DATA
|
|
- Reynold Sullivan
- 6 years ago
- Views:
Transcription
1 IT SECURITY IN CONTEXT OF INDUSTRIE 4.0 PROTECTION OF PRODUCTION DATA IUNO Germany s National reference project for IT-Security in Industrie 4.0 Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
2 AGENDA Fraunhofer SIT Industrie 4.0 State-of-the-art IUNO BMWI Project Research & Solutions Expertise & Competences Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
3 FRAUNHOFER INSTITUTE FOR SECURE INFORMATION TECHNOLOGY Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
4 FRAUNHOFER INSTITUTE FOR SECURE INFORMATION TECHNOLOGY Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
5 FRAUNHOFER INSTITUTE FOR SECURE INFORMATION TECHNOLOGY Prof. Dr. Michael Backes Center for IT-Security, Privacy and Accountability (CISPA) Prof. Dr. Jörn Müller-Quade Kompetenzzentrum für angewandte Sicherheitstechnologie Prof. Dr. Michael Waidner Center for Research in Security and Privacy Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
6 Idea Development Provision Recycling Order Realisation Maintenance Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
7 Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
8 The Three Layers of I4.0 Collection Construktion Orchestration Organisation Cloud Big Data CPS Condtion Place Identity Path History Operation Identity Integration Communication Information Fraunhofer SIT 2016 Machine 2020 Projekt, Dr. Th. Henkel SIT/ISS
9 Series 1 Product Competitive Cost Models Agile Market-Respond On Customer Demand Ergonomic Use Optimized Co2 Footprint Technology Oriented Individual Unique Product Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
10 Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
11 Relevant German Steal Mill Massive damage Manipulation of control-systems Bitkom Study Study over 2 year duration 51% victims of industrial espionage 51 MEUR damage p.a. 52% MA All production sites equipped with industrial firewalling, anti-virus systems, etc. Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
12 INS2014 / ENISA-Study Protecting Industrial Control Systems, 2011 European IT-Security Maturity Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
13 BMWI-Study IT-Security for Industrie 4.0 Production, Products, Services of Tomorrow as a part of globalised value chains Executive Summary (40 Pages) Summary of all significant results Matrix of the most important recommendations Full Document (254 Pages) Management Summary Detailed analysis of use cases Reference model Comprehensive matrix of all recommendation Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
14 IUNO National Reference Projekt IT-Security for Industrie 4.0 Dr. Thorsten Henkel Fraunhofer SIT - Industrial Security Solutions Darmstadt,
15 IUNO combines the German expertise in IT-Security and Industrie 4.0 Software Innovations GmbH
16 Use Cases Project- & Knowledge Management Advisory Board (BSI, Industry, Research, Associations) Individual Production Secure Processes Technology Data Market Place Secure Data National Reference Implementation Request Analysis Web-based Remote Control Secure Services Models and Specification Visual Security-Dashboard Secure Interaction Tool Box
17 IUNO develops IT-Security for Industrie 4.0 Evaluation of Methods Industrial Usage Individual Production Secure Processes Basics Methodology Development Security by Design for Industrie 4.0 Technology Data Market Place Secure Data Web-based Remote Control Secure Services Visual Security-Dashboard Secure Interaction Secure Framework IT-Security-Reference Architecture Hardware-oriented Security Encryption for I4.0 Architectures Feedback of Results
18 IUNO develops IT-Security for Industrie 4.0 Evaluation of Methods Industrial Usage Solutions Individual Production Secure Processes Technology Data Market Place Secure Data Digital Identities for Productions Systems Pirate Protection Web-based Remote Control Secure Services Secure Patch-Management of Industrial Production Sites Visual Security-Dashboard Secure Interaction Secure Autonomous Configuration of CPPS Feedback of Results
19 IUNO develops IT-Security for Industrie 4.0 Evaluation of Methods Industrial Usage Solutions Individual Production Secure Processes Technology Data Market Place Secure Data Product-oriented Data Usage Control Authentication in Real Time Environments Web-based Remote Control Secure Services Secure Transmission Visual Security-Dashboard Secure Interaction Digital Rights Management Production Feedback of Results
20 IUNO develops IT-Security for Industrie 4.0 Evaluation of Methods Industrial Usage Solutions Individual Production Secure Processes Technology Data Market Place Secure Data Identity Management and Remote Control Production- Public Key Infrastructure Web-based Remote Control Secure Services Secure Ad-Hoc Networks of CPS Visual Security-Dashboard Secure Interaction Trusted Computing Standards for Embedded Systems Feedback of Results
21 IUNO develops IT-Security for Industrie 4.0 Evaluation of Methods Industrial Usage Solutions Individual Production Secure Processes Technology Data Market Place Secure Data Trust Management & Boundaries for I4.0 Secure Hardware for Production Systems Web-based Remote Control Secure Services Anomaly Notification in Production Systems Visual Security-Dashboard Secure Interaction Secure Usage of mobile Systems and Data Storages Feedback of Results
22 Hannover Fair 2015 Industrial-Rights-Management Prototype
23 Hannover Fair 2015 Industrial-Rights-Management Prototype Deployment of a PKI Infra structure Encryption on CAD premise site Decryption on printer site Limitation of printed objects Printing on dedicated printers Full data and IP control
24 German IT-Summit 2015 Berlin TPM Trusted Core Network Prototype
25 Distributed Health-Checks in Industrial Networks Peer-to-Peer mutual attestation Distributed Security-Checks Early Warning System
26 IUNO Pirate & Machine Integrity Protection
27 IUNO Pirate & Machine Integrity Protection Integrity Check of Industrial Production Systems All Components have to prove their authenticity Provision of cryptographic Identities for all compartments of a machine Usage of BSI-certified cryptographic algorithms
28 IUNO Production Line Information Management Approach
29 IUNO Production Line Information Management Approach Continuously tracking and tracing Collection of field bus data Pattern analysis and evaluation Identification of IT-Security Issues Localisation of problems Planned as a Cloud Service
30 IUNO Remote Maintenance / Managed Machine Service
31 IUNO Remote Maintenance / Managed Machine Service
32 IUNO Technology Data Market Place Purchaser Order Delivery incl. Basic amount of technology data (singular) Machine manufacturer Technology data Operator Cutting Grinding Bending Welding Technology data Marketplace Raw material supplier Plate Pipe Operating Tools/ supplies instruments Technology data Technology data Further participants in the market Quelle: H-P Bock, Trumpf
33 IUNO Technology Data Market Place Purchaser Order Delivery incl. Basic amount of technology data (singular) Machine manufacturer Technology data Operator Cutting Grinding Bending Welding Technology data Marketplace Machine operator Raw material supplier Plate Pipe Operating Tools/ supplies instruments Technology data Technology data Marketplace operator Further participants in the market Quelle: H-P Bock, Trumpf
34 IUNO Industrial Security Policy Development IT-Security Protection Goals Data- Confidentiality Data- Authenticity Data- Integrity Data- Availability
35 IUNO Industrial Security Policy Development
36 IUNO Industrial Security Policy Development
37 IUNO Industrial Security Policy Development Microsoft SDL
38 IUNO Industrial Security Policy Development - TRIKE
39 IUNO Industrial Security Policy Development - CORAS
40 IUNO Industrial Security Policy Development Model Based Approaches
41 IUNO Industrial Security Policy Development Catalogue Based Approaches
42 Empiric Evaluation 3 Analysists (1,3,8 years experience) Effort 1 Day/Project Over 30 Threats / Analyst More than 70 Threats Intersection 2
43 IUNO Industrial Security Policy Development Criteria Definition of Models Method Usability Abstraction Aggregation Re-Usability Tool Support Formal (F) / Integration Capability Capability Open (O) Capability Trike + + n/a n/a + F Attack Trees n/a n/a n/a n/a n/a n/a n/a CORAS o o n/a - + F/O + PASTA n/a n/a n/a n/a n/a n/a n/a MoRA n/a n/a n/a n/a n/a n/a n/a SecureUM L n/a n/a n/a n/a n/a n/a n/a UMLsec n/a n/a n/a n/a n/a n/a n/a Misuse Cases n/a n/a n/a n/a n/a n/a n/a SDL n/a n/a n/a n/a n/a n/a n/a VDI 2182 n/a n/a n/a n/a n/a n/a n/a ISO/IEC n/a n/a n/a n/a n/a n/a n/a CC n/a n/a n/a n/a n/a n/a n/a FMEA n/a n/a n/a n/a n/a n/a n/a
44 IUNO Industrial Security Policy Development
45 IUNO Industrial Security Policy Development IUNO Three Step Threat Modeling Approach Information Collection, Identification of components, technical functions, specifications, data, interfaces and surrounding infra structure Protection Goal Description, Development of attack classes, realization of a value catalogue, identification of protection goals Threat Analysis, Systematic identification of threats and development of e threat catalogue
46 FRAUNHOFER INSTITUTE FOR SECURE INFORMATION TECHNOLOGY Expertise & Competences Method Competences Analysis and Evaluation of Industrial Security Concepts Testing of Regulation and Control Systems Development and Evaluation of Apps Development of Information Security Concepts Secure Engineering Methods for Regulation and Control Systems Software Engineering Technology Competences Development of Technologies for Product- and Pirate Protection Development of Technologies for secure Identification of components and efficient Key Management Development of Technologies for distributed Security-Monitoring of Components Development of Secure Engineering Test-tools Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
47 FRAUNHOFER INSTITUTE FOR SECURE INFORMATION TECHNOLOGY Dr. Thorsten Henkel Fraunhofer-Institute for Secure Information Technology Rheinstraße Darmstadt, Germany Fraunhofer SIT 2016 Dr. Th. Henkel SIT/ISS
hybrid cloud for science Kickoff Phase 3 Pilot FeBRUARY, 6 th / 7 th 2018 Team T-Systems/Huawei/Cyfronet/Divia
hybrid cloud for science Kickoff Phase 3 Pilot FeBRUARY, 6 th / 7 th 2018 Team T-Systems/Huawei/Cyfronet/Divia Helix Nebula Science CLOUD Vision T-Systems Helix nebula will be the leading european hybrid
More informationCardOS Secure Elements for Smart Home Applications
Infineon Security Partner Network Partner Use Case CardOS Secure Elements for Smart Home Applications Using cryptographic functionality provided by ATOS to secure embedded platforms in Smart Home applications.
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationIDACCS Wireless Integrity protection in a smart grid environment for wireless access of smart meters
IDACCS Wireless 2014 Integrity protection in a smart grid environment for wireless access of smart meters Prof- Dr.-Ing. Kai-Oliver Detken DECOIT GmbH Fahrenheitstraße 9 D-28359 Bremen URL: http://www.decoit.de
More informationCrises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.
Crises Control Cloud Security Principles Transputec provides ICT Services and Solutions to leading organisations around the globe. As a provider of these services for over 30 years, we have the credibility
More informationApplied Research in Information Security: Challenges and Opportunities
Applied Research in Information Security: Challenges and Opportunities Michael Waidner Fraunhofer-Gesellschaft 2011 2012 Information Security Conference Passau, September 1 19 th, 2012 1. Context 2. Challenges
More informationBrief introduction of WG 3
Platform Industrie 4.0 Brief introduction of WG 3 Security of networked systems Michael Jochem, Robert Bosch GmbH, Chair of WG3 Platform Industrie 4.0 Five things we do. 1 2 3 Focus on the needs of businesses
More informationC2X Security. Introduction and overview (focus to European standard only) Cryptovision s Mindshare V
C2X Security Introduction and overview (focus to European standard only) Cryptovision s Mindshare 2015-06-24 V1.00 2015-06-24 Agenda What is Car2x Communication? Standards Security concepts C2X-PKI 2/30
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More informationIBM SmartCloud Engage Security
White Paper March 2012 IBM SmartCloud Engage Security 2 IBM SmartCloud Engage Security Contents 3 Introduction 3 Security-rich Infrastructure 4 Policy Enforcement Points Provide Application Security 7
More informationData Protection in the AWS Cloud: Implementing GDPR and Overview of C5
Data Protection in the AWS Cloud: Implementing GDPR and Overview of C5 Gerald Boyne, Christian Hesse Security Assurance Germany 25.11.2017 2017, Amazon Web Services, Inc. or its Affiliates. All rights
More informationGDPR Update and ENISA guidelines
GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure
More informationThe appendix is part of the certificate and consists of 6 pages.
The certification body of TÜV Informationstechnik GmbH hereby awards this certificate to the company Verteilnetzbetreiber (VNB) Rhein- Main-Neckar GmbH & Co. KG Frankfurter Str. 100 64293 Darmstadt, Germany
More informationCase Study Experiences from the DIAMONDS Project 8 th ETSI Security Conference January, Sophia Antipolis - France
Case Study Experiences from the DIAMONDS Project 8 th ETSI Security Conference 16. -17. January, Sophia Antipolis - France Ina Schieferdecker www.itea2-diamonds.org DIAMONDS Project In six countries Project
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationBrief introduction of WG 3
Platform Industrie 4.0 Brief introduction of WG 3 Security of networked systems Michael Jochem, Robert Bosch GmbH, Chair of WG3 Platform Industrie 4.0 Five things we do. 1 2 3 Focus on the needs of businesses
More informationWHITE PAPER. Title. Managed Services for SAS Technology
WHITE PAPER Hosted Title Managed Services for SAS Technology ii Contents Performance... 1 Optimal storage and sizing...1 Secure, no-hassle access...2 Dedicated computing infrastructure...2 Early and pre-emptive
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationCybersecurity. Quality. security LED-Modul. basis. Comments by the electrical industry on the EU Cybersecurity Act. manufacturer s declaration
Statement Comments by the electrical industry on the EU Cybersecurity Act manufacturer s declaration industrial security Cybersecurity Quality basis security LED-Modul Statement P January 2018 German Electrical
More informationFOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY
FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY The Foundation Certificate in Information Security (FCIS) course is designed to provide
More informationMASP Chapter on Safety and Security
MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio
More informationLegal Regulations and Vulnerability Analysis
Legal Regulations and Vulnerability Analysis Bundesamt für Sicherheit in der Informationstechnik (BSI) (Federal Office for Information Security) Germany Introduction of the BSI National Authority for Information
More informationSTANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL?
ETSI SUMMIT Releasing the Flow Data Protection and Privacy in a Data-Driven Economy 19 April 2018 STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL? Presented by
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationin PCI Regulated Environments
in PCI Regulated Environments JULY, 2018 PCI COMPLIANCE If your business accepts payments via credit, debit, or pre-paid cards, you are required to comply with the security requirements of the Payment
More informationTrustworthy ICT. FP7-ICT Objective 1.5 WP 2013
Trustworthy ICT FP7-ICT-2013-10 Objective 1.5 WP 2013 1 General Overview Focused in a limited number of technologies in emerging application of high economic impact in the security area, Cloud Computing
More informationCOMPANY PROFILE. shindetek. supporting technologies
COMPANY PROFILE AGENDA COMPANY OVERVIEW WHAT MAKES SHINDETEK SO DIFFERENT? TECHNICAL COMPETENCY SOLUTIONS FOR BROADBAND NETWORKS SOLUTIONS FOR RADIO NETWORKS SUPPLY CHAIN MANAGEMENT OVERVIEW 2 COMPANY
More informationSOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2
Requirement Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence
More informationLBI Public Information. Please consider the impact to the environment before printing this.
LBI Public Information. Please consider the impact to the environment before printing this. DGPC Framework People Executive management commitment Engaged management team Integrated governance organization
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationCloud Security: Constant Innovation
Cloud Security: Constant Innovation without constant capital expenditure Presented by Richard Brown Wednesday 19 July 2017 CIO Summit Gold Coast, Australia How do we combat evolving threats? Traditional
More informationSecure automotive on-board networks
Secure automotive on-board networks Basis for secure vehicle-to-x communication Dr.-Ing. Olaf Henniger Fraunhofer SIT / Darmstadt 2 December 2010 Presentation overview EVITA project overview Security challenges
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationHealthcare in the Public Cloud DIY vs. Managed Services
Business White Paper Healthcare in the Public Cloud DIY vs. Managed Services Page 2 of 9 Healthcare in the Public Cloud DIY vs. Managed Services Table of Contents Page 2 Healthcare Cloud Migration Page
More informationSAFECOM SECUREWEB - CUSTOM PRODUCT SPECIFICATION 1. INTRODUCTION 2. SERVICE DEFINITION. 2.1 Service Overview. 2.2 Standard Service Features APPENDIX 2
APPENDIX 2 SAFECOM SECUREWEB - CUSTOM PRODUCT SPECIFICATION 1. INTRODUCTION This document contains product information for the Safecom SecureWeb Custom service. If you require more detailed technical information,
More informationThe modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.
Automotive The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020. Cars are becoming increasingly connected through a range of wireless networks The increased
More informationResearch Institute in Secure Hardware & Embedded Systems (RISE) Professor Máire O Neill
Research Institute in Secure Hardware & Embedded Systems (RISE) Professor Máire O Neill Source: Ericsson Mobility Report, Nov 2016 Need for Hardware Security Demand for Hardware Security research & innovation
More informationCloud Security. Presented by Richard Brown
Cloud Security Presented by Richard Brown Abstract As a Service model is delivering: Better and constant innovation Ability to adopt new technologies faster Lowering cost (especially up front capital costs)
More informationTwilio cloud communications SECURITY
WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and
More informationSmart Manufacturing. General security and privacy principles to ensure a Trusted IoT environment. Steffen Zimmermann, VDMA.
Smart Manufacturing General security and privacy principles to ensure a Trusted IoT environment Bild: VDMA Steffen Zimmermann, VDMA Industrial Security Incidents Effects NO EFFECTS 61% PRODUCTION DOWNTIME
More informationHow do you decide what s best for you?
How do you decide what s best for you? Experience Transparency Leadership Commitment Cost reduction Security Trustworthiness Credibility Confidence Reliability Compliance Privacy Expertise Flexibility
More informationImproving Internet of Things Device Certification with Policy Based Management
Improving Internet of Things Device Certification with Policy Based Management Gianmarco Baldini European Commission DG.JRC.E3 Gianmarco.Baldini@ec.europa.eu 1 IoT Security In beginning of 2015, US Federal
More informationAccelerating the implementation of trusted computing
Infineon Network Use Case Accelerating the implementation of trusted computing Building Confidence in Our Connected World with TPM middleware Products OPTIGA TPM www.infineon.com/ispn Use Case Use case
More informationThe German IT Security Certification Scheme. Joachim Weber
The German IT Security Certification Scheme Joachim Weber The German IT Security Certification Scheme 1. The role of the BSI 2. The German IT Certificate Scheme 3. Certification procedures in detail 4.
More informationT-Systems Open telekom cloud
T-Systems Open telekom cloud your partner for cloud Rolf Hellemons Start, Accelerate, Grow! T-Systems - your partner for Cloud Transformation to the cloud Open telekom cloud 2 T-Systems our Cloud Journey
More informationSecurity Aspects of Trust Services Providers
Security Aspects of Trust Services Providers Please replace background with image European Union Agency for Network and Information Security 24 th September 2013 www.enisa.europa.eu Today s agenda 09:30-10:00
More informationCertified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA) 1. Domain 1 The Process of Auditing Information Systems Provide audit services in accordance with IT audit standards to assist the organization in protecting
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationSmart Gas Metering in Germany.
Smart Gas Metering in Germany. New OMS Standard for Germany. New security standard. 10 th October 2012, Metering Billing/CRM Europe 2012, Amsterdam Andreas Bolder, Deutsche Telekom Technischer Service
More informationHow to ensure control and security when moving to SaaS/cloud applications
How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk
More informationSecurity of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices
Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices Dr. Johann Heyszl, Head of Hardware Security Department Fraunhofer-Institute for Applied and Integrated Security
More informationWindows IoT Security. Jackie Chang Sr. Program Manager
Windows IoT Security Jackie Chang Sr. Program Manager Rest Physical access to a device will not give access to data Data & Control Execution Data owner has full control over data processing Motion Transport
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationIndustry 4.0 = Security 4.0?
Competence Series Industry 4.0 = Security 4.0? 1 IT Security made in Europe Industry 4.0 = Security 4.0? Industry 4.0 is the term used to describe the fourth industrial revolution, the future of industrial
More informationPrivacy and Security in Smart Grids
Faculty of Computer Science, Institute of Systems Architecture, Chair for Privacy and Data Security Privacy and Security in Smart Grids The German Approach Sebastian Clauß, Stefan Köpsell Dresden, 19.10.2012
More informationAdvent IM Ltd ISO/IEC 27001:2013 vs
Advent IM Ltd ISO/IEC 27001:2013 vs 2005 www.advent-im.co.uk 0121 559 6699 bestpractice@advent-im.co.uk Key Findings ISO/IEC 27001:2013 vs. 2005 Controls 1) PDCA as a main driver is now gone with greater
More informationSOC for cybersecurity
April 2018 SOC for cybersecurity a backgrounder Acknowledgments Special thanks to Francette Bueno, Senior Manager, Advisory Services, Ernst & Young LLP and Chris K. Halterman, Executive Director, Advisory
More informationEvaluation & Certification
Evaluation & Certification Dr. Melanie Volkamer (TU Darmstadt) 26.11.2009 Dr. Melanie Volkamer CoE Overview Evaluation and Certification of Security Requirements Internet Voting Voting Devices Evaluation
More informationHorizon 2020 Security
Horizon 2020 Security Best Practices for Security Proposal Writing Armand Nachef Coordinator of the French Security NCP Consortium, CEA armand.nachef@cea.fr KEY MESSAGES FOR PUTTING TOGETHER A HORIZON
More informationLTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security
LTI Security Intelligent & integrated Approach to Cyber & Digital Security Overview As businesses are expanding globally into new territories, propelled and steered by digital disruption and technological
More informationNew Guidance on Privacy Controls for the Federal Government
New Guidance on Privacy Controls for the Federal Government IAPP Global Privacy Summit 2012 March 9, 2012 Dr. Ron Ross Computer Security Division, NIST Martha Landesberg, J.D., CIPP/US The Privacy Office,
More informationEasy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications
Infineon Network Use Case Easy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications Providing Infineon customers with an easy path to integrating TPM support into their products and systems
More informationHow the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015
How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015 Claudia Prettner, Unit for Health and Well-Being, DG CONNECT Table of
More informationGLOBAL PKI TRENDS STUDY
2018 GLOBAL PKI TRENDS STUDY Sponsored by Thales esecurity Independently conducted by Ponemon Institute LLC SEPTEMBER 2018 EXECUTIVE SUMMARY #2018GlobalPKI Mi Ponemon Institute is pleased to present the
More information2 The BEinGRID Project
2 The BEinGRID Project Theo Dimitrakos 2.1 Introduction Most of the results presented in this book were created within the BEinGRID project. BEinGRID, Business Experiments in GRID, is the European Commission
More informationiotrust Security Solutions
Infineon Security Partner Network Partner Use Case iotrust Security Solutions Entrust Datacard iotrust Security Solutions allow customers to establish secured IoT infrastructures from sensor to cloud,
More informationCyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationExam C Foundations of IBM Cloud Reference Architecture V5
Exam C5050 287 Foundations of IBM Cloud Reference Architecture V5 1. Which cloud computing scenario would benefit from the inclusion of orchestration? A. A customer has a need to adopt lean principles
More informationCovert Identity Information in Direct Anonymous Attestation (DAA)
Covert Identity Information in Direct Anonymous Attestation (DAA) Carsten Rudolph Fraunhofer Institute for Secure Information Technology - SIT, Rheinstrasse 75, Darmstadt, Germany, Carsten.Rudolph@sit.fraunhofer.de
More informationReal-time Communications Security and SDN
Real-time Communications Security and SDN 2016 [Type here] Securing the new generation of communications applications, those delivering real-time services including voice, video and Instant Messaging,
More informationWho s Protecting Your Keys? August 2018
Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and
More informationWELCOME ISO/IEC 27001:2017 Information Briefing
WELCOME ISO/IEC 27001:2017 Information Briefing Denis Ryan C.I.S.S.P NSAI Lead Auditor Running Order 1. Market survey 2. Why ISO 27001 3. Requirements of ISO 27001 4. Annex A 5. Registration process 6.
More informationTowards an integrated regulation platform in Luxembourg. Information Security Education Day th of april
Towards an integrated regulation platform in Luxembourg Information Security Education Day 2017-28 th of april Context A complex and inter-connected digital ecosystem contributing to all sectors A set
More informationIoT privacy risk management in ANASTACIA project
ANASTACIA has received funding from the European Union s Horizon 2020 Research and Innovation Programme under Grant Agreement N 731558 and from the Swiss State Secretariat for Education, Research and Innovation.
More informationCyber security mechanisms for connected vehicles
Infineon Security Partner Network Partner Use Case Cyber security mechanisms for connected vehicles Protecting automotive vehicle networks and business models from cyber security attacks Products AURIX
More informationTRESCCA Trustworthy Embedded Systems for Secure Cloud Computing
TRESCCA Trustworthy Embedded Systems for Secure Cloud Computing IoT Week 2014, 2014 06 17 Ignacio García Wellness Telecom Outline Welcome Motivation Objectives TRESCCA client platform SW framework for
More informationSystems Engineering for Software-Defined Network Virtualisation. John Risson, Solutions Engineering Manager IP and Transport Engineering, Telstra
Systems Engineering for Software-Defined Network Virtualisation John Risson, Solutions Engineering Manager IP and Transport Engineering, Telstra Agenda Motivation Case Studies Opportunities and Challenges
More informationDesigning an Adaptive Defense Security Architecture. George Chiorescu FireEye
Designing an Adaptive Defense Security Architecture George Chiorescu FireEye Designing an Adaptive Security Architecture Key Challanges Existing blocking and prevention capabilities are insufficient to
More informationTrusted Platform Module explained
Bosch Security Systems Video Systems Trusted Platform Module explained What it is, what it does and what its benefits are 3 August 2016 2 Bosch Security Systems Video Systems Table of contents Table of
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2015 Roadmap: Trusted Computing Motivation Notion of trust
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationDATACENTER SERVICES DATACENTER
SERVICES SOLUTION SUMMARY ALL CHANGE React, grow and innovate faster with Computacenter s agile infrastructure services Customers expect an always-on, superfast response. Businesses need to release new
More informationSAP Vora - AWS Marketplace Production Edition Reference Guide
SAP Vora - AWS Marketplace Production Edition Reference Guide 1. Introduction 2 1.1. SAP Vora 2 1.2. SAP Vora Production Edition in Amazon Web Services 2 1.2.1. Vora Cluster Composition 3 1.2.2. Ambari
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationGranted: The Cloud comes with security and continuity...
Granted: The Cloud comes with security and continuity... or, does it? Bogac Ozgen, MSc GyroFalco Ltd. http://www.gyrofalco.com Questions & Answers Do we still need security and continuity? YES Should I
More informationApplication Security Design Principles. What do you need to know?
Application Security Design Principles What do you need to know? Anshu Gupta Bio Director of Information Security at HelloSign, a leading esignature company. Served as a trusted advisor on information
More informationSEMANTIC NETWORK AND SEARCH IN VEHICLE ENGINEERING
Martin Sturm, Sylke Rosenplaenter SEMANTIC NETWORK AND SEARCH IN VEHICLE ENGINEERING From Concept to Deployment Vehicle Design Operations & System Development GM Europe Engineering Adam Opel AG www.opel.com
More informationGSMK. Cryptography Network Security. GSMK Oversight SS7 Firewall and Intrusion Detection System
Cryptography Network Security GSMK Firewall and Intrusion Detection System GSMK Firewall and intrusion detection system to prevent attacks via interconnect. Protect your Network s Achilles Heel. With the
More informationData Protection and GDPR
Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have
More informationProtection Profile for the Gateway of a Smart Metering System Combining privacy protection with security for the grid
Protection Profile for the Gateway of a Smart Metering System Combining privacy protection with security for the grid Dr. Helge (BSI) 12th ICC, 29.9.2011 A Possible Smart Grid 2 Introduction Smart Meter
More informationIT People has been offering end-to-end IT outsourcing & staffing solutions to companies since two decades.
Corporate Profile Company Profile IT People has been offering end-to-end IT outsourcing & staffing solutions to companies since two decades. As a resource partner, we offer personalized and professional
More informationWireless e-business Security. Lothar Vigelandzoon
Wireless e-business Security Lothar Vigelandzoon E-business evolution Increased business drivers for cost efficiency & market penetration Increased Importance of brand reputation Distance between IT and
More informationSOC 2 examinations and SOC for Cybersecurity examinations: Understanding the key distinctions
SOC 2 examinations and SOC for Cybersecurity examinations: Understanding the key distinctions DISCLAIMER: The contents of this publication do not necessarily reflect the position or opinion of the American
More informationSecurity Training Seminars An integral part of The Open Group Security Programme
Security Training Seminars An integral part of The Open Group Security Programme Dean Adams Director, Security & Electronic Commerce Agenda Check! M Brief Overview of Security Program Key Projects Introduction
More informationEconomic and Social Council
United Nations Economic and Social Council ECE/TRANS/WP.29/2017/46 Distr.: General 23 December 2016 Original: English Economic Commission for Europe Inland Transport Committee World Forum for Harmonization
More informationSIZ Informatikzentrum der Sparkassenorganisation GmbH Simrockstraße Bonn, Germany. Sicherer IT-Betrieb, Basisvariante, version 1.
The certification body of TÜV Informationstechnik GmbH hereby awards this certificate to the company SIZ Informatikzentrum der Sparkassenorganisation GmbH Simrockstraße 4 53113 Bonn, Germany to confirm
More informationLANCOM Management Cloud
Cloud Networking & Management SECURE. NETWORKS. Automated. Software-defined. Hyper-integrated. The is the world s first hyper-integrated management system that intelligently organizes, optimizes, and controls
More informationThe emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18
The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18 European Union Agency for Network and Information Security
More informationIntroduction to Device Trust Architecture
Introduction to Device Trust Architecture July 2018 www.globalplatform.org 2018 GlobalPlatform, Inc. THE TECHNOLOGY The Device Trust Architecture is a security framework which shows how GlobalPlatform
More information