Auflistung nach Autor:in "Schindler,Josef"
1 - 2 von 2
Treffer pro Seite
Sortieroptionen
- TextdokumentModel-based Integrity Monitoring of Industrial Automation And Control Systems(INFORMATIK 2022, 2022) Peters,Ludger; Khalaf,Mahmoud; Waedt,Karl; Schindler,Josef; Belaidi,SiwarThis paper aims to enhance cyber security within Electrical Power Systems (EPS) of power plants by extending and using an updated plant simulator. In this paper, we assume a sophisticated attacker, as part of an Advanced Persistent Threat (APT), who gradually damages or manipulates primary assets (in the sense of ISO/IEC 27005:2018, e. g. main cooling water pumps, feedwater pumps, safety valves, and circuit breakers). Accordingly, we assume that the attack agent performs gradual manipulations at the application level. Detecting and predicting a potential anomaly is designed and implemented based on machine learning of expected behavior. The paper will include examples of attacks executed over an extended time period by gradually manipulating combinations of analog and binary signal values or set-points. Challenges related to the training of the detection algorithms, avoidance of false positives, and concise reporting to non-security domain experts will also be addressed.
- TextdokumentSecuring javascript runtime of OPC UA deployments(INFORMATIK 2022, 2022) Schindler,Josef; Belaidi,Siwar; Kirdan,Erkin; Waedt,KarlOPC UA is a commonly used machine-to-machine communication protocol. As it is used in industrial critical infrastructure, its security is vital. OPC UA has several proprietary and open-source implementations in different programming languages. Among them, a JavaScript implementation node-opcua stands out due to advantages such as ease of use, code maturity etc. JavaScript is a just-in-time compiled programming language that is executed by a runtime system. Node.js is the most common runtime environment to run JavaScript programs. Deno is it a potential and unofficial successor as it is developed by the original author of Node.js. One promised improvement of Deno is the focus on higher security, such as having a restricted file system and network access by default. Since (1) not all libraries have been adopted yet for for Deno, since (2) this new runtime comes with a compatibility mode featured first in version v1.15, since (3) there is very few research literature yet and since (4) there is no current dedicated OPC UA implementation for Deno so far, we present and evaluate measures to overcome errors when running node-opcua on Deno in this paper.