Refine
Year of publication
Document Type
- Article (14)
- Conference Proceeding (13)
- Report (2)
- Master's Thesis (1)
Language
- English (30) (remove)
Has Fulltext
- yes (30)
Is part of the Bibliography
- no (30)
Keywords
- PROFInet (6)
- Energiemanagement (5)
- Ethernet (5)
- Energieeffizienz (4)
- Herbarium (4)
- Angewandte Botanik (3)
- Computersicherheit (3)
- Digitalisierung (3)
- Erkennungssoftware (3)
- Ethernet-APL (3)
Institute
- Fakultät I - Elektro- und Informationstechnik (30) (remove)
PROFINET Security: A Look on Selected Concepts for Secure Communication in the Automation Domain
(2023)
We provide a brief overview of the cryptographic security extensions for PROFINET, as defined and specified by PROFIBUS & PROFINET International (PI). These come in three hierarchically defined Security Classes, called Security Class 1, 2 and 3. Security Class 1 provides basic security improvements with moderate implementation impact on PROFINET components. Security Classes 2 and 3, in contrast, introduce an integrated cryptographic protection of PROFINET communication. We first highlight and discuss the security features that the PROFINET specification offers for future PROFINET products. Then, as our main focus, we take a closer look at some of the technical challenges that were faced during the conceptualization and design of Security Class 2 and 3 features. In particular, we elaborate on how secure application relations between PROFINET components are established and how a disruption-free availability of a secure communication channel is guaranteed despite the need to refresh cryptographic keys regularly. The authors are members of the PI Working Group CB/PG10 Security.
An important part of computed tomography is the calculation of a three-dimensional reconstruction of an object from series of X-ray images. Unfortunately, some applications do not provide sufficient X-ray images. Then, the reconstructed objects no longer truly represent the original. Inside of the volumes, the accuracy seems to vary unpredictably. In this paper, we introduce a novel method to evaluate any reconstruction, voxel by voxel. The evaluation is based on a sophisticated probabilistic handling of the measured X-rays, as well as the inclusion of a priori knowledge about the materials that the object receiving the X-ray examination consists of. For each voxel, the proposed method outputs a numerical value that represents the probability of existence of a predefined material at the position of the voxel while doing X-ray. Such a probabilistic quality measure was lacking so far. In our experiment, false reconstructed areas get detected by their low probability. In exact reconstructed areas, a high probability predominates. Receiver Operating Characteristics not only confirm the reliability of our quality measure but also demonstrate that existing methods are less suitable for evaluating a reconstruction.
Network convergence is an increasing trend in the automation domain. More and more plant owners strive for a unification of networks in their plants. This yields a seamless network structure, simplified supervision, and reduced training effort for the personnel, as only one unified network technology needs to be handled. Ethernet-APL is one piece of the puzzle for such a converged network, supporting various real time protocols like PROFINET, EtherNet, HART-IP as well as the middleware protocol OPC UA. This paper gives an overview on the impact of Ethernet-APL field devices to OT security and proposes how to ensure OT security for them.
The growing importance of renewable generation connected to distribution grids requires an increased coordination between transmission system operators (TSOs) and distribution system operators (DSOs) for reactive power management. This work proposes a practical and effective interaction method based on sequential optimizations to evaluate the reactive flexibility potential of distribution networks and to dispatch them along with traditional synchronous generators, keeping to a minimum the information exchange. A modular optimal power flow (OPF) tool featuring multi-objective optimization is developed for this purpose. The proposed method is evaluated for a model of a real German 110 kV grid with 1.6 GW of installed wind power capacity and a reduced order model of the surrounding transmission system. Simulations show the benefit of involving wind farms in reactive power support reducing losses both at distribution and transmission level. Different types of setpoints are investigated, showing the feasibility for the DSO to fulfill also individual voltage and reactive power targets over multiple connection points. Finally, some suggestions are presented to achieve a fair coordination, combining both TSO and DSO requirements.
Industrial Control Systems (ICS) succumb to an ever evolving variety of threats. Additionally, threats are increasing in number and get more complex. This requires a holistic and up-to-date security concept for ICS as a whole. Usually security concepts are applied and updated based on regularly performed ICS security assessments. Such ICS security assessments require high effort and extensive knowledge about ICS and its security. This is often a problem for small and mediumsized enterprises (SME), which do not have sufficient respective sufficiently skilled human resources. This paper defines in a first step requirements on the knowledge needed to perform an ICS security assessment and the life cycle of this knowledge. Afterwards the ICS security knowledge and its life cycle are developed and discussed considering the requirements and related work.
As a result of a research semester in the summer of 2022, a bibliography on multimodality in technical communication (TC) is presented. Given that TC primarily involves the development of instructional information, this bibliography holds relevance for anyone interested in the use of multimodality in the communication of procedural knowledge. The bibliography is publicly accessible as Zotero group library (https://bit.ly/multimodality_in_tc) and can be used and expanded.
After a description of the objectives and target group, the five disciplines from which the publications in the bibliography originate are presented. This is followed by information on the structure and search options of the Zotero group library, which are intended to support the search for publications on the respective research interest. The article concludes with some suggestions for collaborative efforts aimed at further enhancing and expanding the bibliography.
The author actively maintains the group library. Individuals seeking to contribute publications to the group library will receive the appropriate access rights from the author (claudia.villiger@hs-hannover.de). The author aspires to foster collaboration among researchers from diverse fields through this bibliography.
Quartz-crystal microbalances (QCMs) are commercially available mass sensors which mainly consist of a quartz resonator that oscillates at a characteristic frequency, which shifts when mass changes due to surface binding of molecules. In addition to mass changes, the viscosity of gases or liquids in contact with the sensor also shifts the resonance but also influences the quality factor (Q-factor). Typical biosensor applications demand operation in liquid environments leading to viscous damping strongly lowering Q-factors. For obtaining reliable measurements in liquid environments, excellent resonator control and signal processing are essential but standard resonator circuits like the Pierce and Colpitts oscillator fail to establish stable resonances. Here we present a lowcost, compact and robust oscillator circuit comprising of state-of-the-art commercially available surface-mount technology components which stimulates the QCMs oscillation, while it also establishes a control loop regulating the applied voltage. Thereby an increased energy dissipation by strong viscous damping in liquid solutions can be compensated and oscillations are stabilized. The presented circuit is suitable to be used in compact biosensor systems using custom-made miniaturized QCMs in microfluidic environments. As a proof of concept we used this circuit in combination with a customized microfabricated QCM in a microfluidic environment to measure the concentration of C-reactive protein (CRP) in buffer (PBS) down to concentrations as low as 5 μgmL -1.
This document concerns IT security in production facilities. It is intended for small and medium-sized enterprises that are looking for a simple procedural model for ensuring IT security in production areas.
In order to raise readers’ awareness of IT security in production facilities, security incidents are presented in section 2. It is clear that cyber attacks on production facilities in this day and age are not random, but are instead based on a targeted process.
An overview of the most important standards and recommendations on the topic of “IT security in production” then follows in section 3.
Section 4 develops a concept for setting up an IT security system for small and medium-sized enterprises (SMEs) on the basis of a ten-point plan. The focus is not only on technical measures, but also in particular on the most frequently neglected organizational measures.
Section 5 then describes the outlook for future requirements and solutions in the context of Industry 4.0.
The impact of vertical and horizontal integration in the context of Industry 4.0 requires new concepts for the security of industrial Ethernet protocols. The defense in depth concept, basing on the combination of several measures, especially separation and segmentation, needs to be complimented by integrated protection measures for industrial real-time protocols. To cover this challenge, existing protocols need to be equipped with additional functionality to ensure the integrity and availability of the network communication, even in environments, where possible attackers can be present. In order to show a possible way to upgrade an existing protocol, this paper describes a security concept for the industrial Ethernet protocol PROFINET.
The trend towards the use of Ethernet in automation networks is ongoing. Due to its high flexibility, speed, and bandwidth, Ethernet nowadays is not only widely used in homes and offices worldwide but finding its way into industrial applications. Especially in automation processes, where many field devices send data in relative short time spans, the requirements for a safe and fast data transfer are high. This makes the use of industrial Ethernet essential. A new hardware-layer, specifically tailored for industrial applications, has been introduced in the form of Ethernet-APL (‘Advanced Physical Layer’). Ethernet-APL is based on the Ethernet standard and implements a two-wire Ethernet-based communication for field devices and provides data and power over a two-wire cable. The operation in areas with potentially explosive atmosphere is also possible. This enables a modular, fast, and transparent Ethernet network structure throughout the entire plant. However, by integrating Ethernet-APL into the field, industrial networks in the future will face the challenge of operating at varying datarates at different locations in the network, resulting in a ‘mixed link speed’ network. This can lead to limitations in packet-throughput and consequently to potential packet loss of system relevant data, which must be avoided. Therefore, the purpose of this thesis is to investigate the potential of packet loss in ‘mixed link speed’ networks.