ThreatGet: Ensuring the Implementation of Defense-in-Depth Strategy for IIoT Based on IEC 62443

Christoph Schmittner, Abdelkader Shaaban (Author and Speaker), Georg Macher

Research output: Chapter in Book or Conference ProceedingsConference Proceedings with Oral Presentationpeer-review

Abstract

Security engineering is a major challenge in the distributed and heterogeneous nature of the Industrial Internet of Things (IIoT). While IEC 62443 is available as a security engineering standard for the industrial domain, the increased complexity and dynamic of combining IoT with industrial sys-tems challenges approaches without automation. Security analy-sis in the IIoT with a model-based engineering tool is essential to ensure the proper method is applied to protect the system model. This work follows the Defense-in-depth strategy presented by IEC 62443, then adapted for IIoT applications. We use ThreatGet threat modeling tool to show how this strategy could be implemented in the IIoT domain using threat modeling. The research findings demonstrate how the threat modeling approach ensures the implementation of a defense-in-depth strategy in the IIoT domain.
Original languageEnglish
Title of host publicationProceedings 2022 IEEE 5th International Conference on Industrial Cyber-Physical Systems (ICPS)
Pages1-6
Number of pages6
ISBN (Electronic)978-1-6654-9770-1
DOIs
Publication statusPublished - 2022
EventInternational Conference on Industrial Cyber-Physical Systems (ICPS) 2022 - Coventry, United Kingdom
Duration: 24 May 202226 May 2022

Conference

ConferenceInternational Conference on Industrial Cyber-Physical Systems (ICPS) 2022
Country/TerritoryUnited Kingdom
Period24/05/2226/05/22

Research Field

  • Dependable Systems Engineering

Keywords

  • IEC 62443
  • IIoT
  • Model-based
  • Security Analysis

Fingerprint

Dive into the research topics of 'ThreatGet: Ensuring the Implementation of Defense-in-Depth Strategy for IIoT Based on IEC 62443'. Together they form a unique fingerprint.

Cite this