Doctoral College Cyber-Physical Production Systems at TU Wien
> Zum Inhalt

Details

Communication networks for CPPS have high security demands. Interfering with supervision and control functions in cyberspace can influence real world physical systems, damage physical devices, and cause malfunctions in critical processes. The availability of appropriate and affordable security concepts for CPPS communication is a prerequisite for the successful transformation of conventional manufacturing into distributed ICT-controlled production systems.

Security risks have to be considered during design, implementation and operation of CPPS components. Communication protocols, such as IPsec or TLS, provide proactive security measures for IP‐based communication and are an important precaution to prevent against known or predictable events. However, proactive methods fail to preclude new and unexpected attacks caused by undetected vulnerabilities in hard- and software (zero-day events). As a consequence proactive security measures need to be supplemented by efficient supervision methods, anomaly detection and control functions to invoke countermeasures. Such methods allow the establishment of situational awareness in CPPS communication and provide the basis to detect and to defeat new threats. Situational awareness may be used as input to automatically trigger reactions to defeat attacks or attack preparation and therefore provides the basis for self-protection functions.

In order to achieve such a situational awareness in CPPS communication several challenges have to be addressed. First of all, suitable metrics to contribute to situational awareness in CPPS need to be defined. Security demands in CPPS differ from those in conventional networks. Integrity and availability of sensor and control data is more important than confidentiality. Furthermore, communication flows in CPPS is mainly M2M traffic, which differs from traditional Internet traffic, e.g., sensors usually send periodic measurement updates and do not experience diurnal patterns, observable in human-generated network traffic. The use of IPv6 and encryption techniques further influences observable traffic patterns. Therefore, CPPS security requires new traffic models, detection techniques and the investigation of suitable metrics as basis to detect deviations. Furthermore, resources for network supervision and control are limited. CPPS often include small cheap devices (e.g., sensors) with limited resources for security measures. This requires research on lightweight metrics as well as sampling and aggregated techniques to operate in resource constraint environments.

PhD-Student and Supervision

PhD-Student: Dipl.-Ing. Christian Krieg

Christian Krieg graduated with a Dipl.-Ing. degree (equivalent to an M. Sc. degree) from TU Vienna in 2013. In his Master's thesis, he investigated authentication systems for networks of resource-constrained systems, such as wireless sensor networks (WSNs) or cyber-physical systems (CPSs). He developed an implementation of Kerberos which can be deployed in such networks. Christian then worked at the Institute of Computer Technology as a researcher, dealing with the question how malicious hardware can be described and detected at design level. Christian is now employed at the Institute of Telecommunications and works on his PhD under the guidance of Prof. Tanja Zseby. The topic of his PhD thesis focuses on reactive security measures for cyber-physical production systems (CPPSs). Christian's research interests include cyber-physical systems security, the Internet of Things (IoT) and, malicious hardware.

Supervision:

Advisor: Prof. Dr. Tanja Zseby, Institute of Telecommunications (E389)