IT/OT security in modular plants and the MTP in particular
In order to meet the flexibility requirements of production plants in the process industry, modularization is a widely accepted approach. In particular, the MTP concept, which is described in VDI/VDE/NAMUR 2658, is seen as a possible core element of modular automation. A clear separation of the engineering effort into plant-independent module engineering and plant-specific integration engineering, as well as a fast integration of the automation system of a module into a higher-level process control system, changes the basic automation architecture. In the state of the art, however, few specific security considerations are made for modularization and especially for MTP. This is all the more serious because, despite an extensive field of security analyses, standards and guidelines for securing conventional plant technology, recent reports have found serious vulnerabilities.
Asset management in modular plants
In contrast to monolithic plants, which produce a product variant in large quantities, over a constant period of time, sometimes for years, with consistent quality, modular changeable and flexible plant concepts present new opportunities but also challenges. Configurations for production in modular plants are changed several times and often in order to produce the desired, partly individualized product (e.g. medicine). Modules are exchanged, which is made possible by the developments around the Module Type Package (MTP), as well as parameters or assets are exchanged or changed. The current rule is that everything that can be recorded by sensor technology is tracked and documented with regard to its changes. At the same time, however, changes are also made that are not automatically recorded because they are either not recorded by sensors and/or are made manually by humans. In practice, this poses a problem because essential aspects that go hand in hand with the necessary flexibility cannot be tracked by the system.
|Evaluation of technologies for tracking non-intelligent assets||Bachelor Thesis|
|Risk-based security analysis of a real MTP plant||Bachelor/Master Thesis|
01.06.2023 - today
Research assistant in the chair Secure Interconnected Automation Technology at the Institute for Control Systems (IRS)
with Prof. Dr.-Ing. Mike Barth at the Karlsruhe Institute of Technology
01.2023 - 05.2023
HiWi at the IRS
Continuous Device parameter monitoring with Digital Twins (AAS)
2021 - 2023
Master studies (M.Sc.) in computer science at KIT
- Specialization in cryptography and security as well as telematics
- Master thesis IRS on the topic "Security Analysis of the Module Type Package".
2019 - 2022
Working student at Siemens - Digital Industries
Project "Industrial Security" with focus on certificate management
2019 - 2021
Bachelor studies (B.Sc.) of computer science at KIT
Madsen, M.; Palmin, A.; Stutz, A.; Maurmaier, M.; Barth, M.
2023. atp Magazin
Madsen, M.; Palmin, A.; Stutz, A.; Barth, M.
2023. IEEE International Conference on Industrial Informatics (INDIN), Institute of Electrical and Electronics Engineers (IEEE)