TUM Logo

Development of an IACS Security Engineering Tool

Development of an IACS Security Engineering Tool

Supervisor(s): Michael Heinl, Nikolai Puch, Alexander Giehl
Status: open
Topic: Others
Type of Thesis: Bachelorthesis
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching

Description

Lehrstuhl für Sicherheit in der Informatik / Prof. Dr. Claudia Eckert

Bachelor’s Thesis

Development of an IACS Security Engineering Tool

Motivation

As one of the leading research institutes for applied and integrated security, Fraunhofer AISEC operates laboratories in the field of industrial security. To research the security of production processes and corresponding systems, one of our laboratories is equipped with a fully functional production line, allowing to investigate realistic threats, conduct corresponding attacks, and develop defensive measures. The used components range from an integrated web shop over the control station down to the level of programmable logic controllers (PLCs), sensors, and actors. In order to assess and enhance the security of such industrial automation and control systems (IACS), the standard series ISA/IEC 62443 defines different technical requirements.

Tasks

The goal of this thesis is to develop a requirement relevance assessment methodology, implement it as an interactive questionnaire, and evaluate it by assessing (a part of) our production line.

The first step is to compare, map, and tag ISA/IEC 62443 system and component requirements in a consolidated catalog. Based on this catalog, a methodology to assess the individual requirements’ relevance for a given IACS has to be developed. The final steps are the implementation and evaluation of this methodology with the goal in mind to guide especially small and medium-sized enterprises (SMEs) during the process of ISA/IEC 62443-based security engineering.

Due to the nature of the tasks, on-site presence at the institute in Garching is partially required. Please consider this before submitting your application.

Prerequisites

• Self-initiative and the ability to work in a self-directed way
• Knowledge in the field of IT security, ideally also in the field of OT/IACS security
• Basic (web) programming abilities
• First practical experiences in working with norms / IACS / Industrie 4.0 are beneficial

Please attach a current grade sheet and a short CV to your application.

Contact

Michael Heinl

Phone: +49 89 322-9986-125
E-mail: michael.heinl@aisec.fraunhofer.de

Nikolai Puch

Phone: +49 89 322-9986-142
E-mail: nikolai.puch@aisec.fraunhofer.de

Alexander Giehl

Phone: +49 89 322-9986-189
E-mail: alexander.giehl@aisec.fraunhofer.de

Fraunhofer Research Institute for Applied and Integrated Security / AISEC Department Product Protection and Industrial Security Lichtenbergstraße 11, 85748 Garching near Munich, Germany https://www.aisec.fraunhofer.de