Compliance analysis for cyber security marine standards : Evaluation of compliance using application lifecycle management tools

The aim of this thesis is to analyse cyber security requirements and notations from marine classification societies and other entities to understand how to meet compliance in current cyber security requirements from maritime class societies and other maritime organizations. The methods used in this research involved a desk review of cyber security requirements from IACS members, IACS UR E 27 and IEC 62443, a survey questionnaire of relevant cyber security standards pertinent to maritime product development, and Polarion, an application lifecycle management solution used to synthesize the cyber security requirements from the maritime class societies and determine their correlations to IEC 62443 as a baseline. Results indicate that IEC 62443 correlates to the standards from DNV and IACS (UR E 27) and majority of the requirements were deemed compliant in compliance gap assessments of a maritime product. The conclusion is that IEC 62443 can be utilised as a baseline cyber requirement with a requirements management tool like Polarion to analyse and satisfy compliance requirements from maritime class societies and maritime organizations that base their cyber security requirements according to IACS UR E27 and IEC 62443-3-3 and should be adopted in addressing future compliance analysis of cyber requirements focusing on autonomous shipping

Addressing the Security Requirements in Functional Safety Standard IEC 61511-1:2016

PresentationThe 2016 edition of IEC 61511-1: 2016 added two new requirements regarding the security of safety instrumented systems (SIS). The first requirement states that “a security risk assessment shall be carried out to identify the security vulnerabilities of the SIS” and the second requirement states that “the design of the SIS shall be such that it provides the necessary resilience against the identified security risks”. The standard directs the reader to ISA TR84.00.09, ISO/IEC 27001:2013, and IEC 62443-2-1:2010 for further guidance on how to comply with these requirements. While these documents are informative, the 479 combined pages do not provide concise guidance on how to address the specific security requirements. The purpose of this paper is to offer step-by-step guidance on how to address the security requirements in 61511 and to identify specific clauses in the reference standards for further information

Cybersecurity for Manufacturers: Securing the Digitized and Connected Factory

As manufacturing becomes increasingly digitized and data-driven, manufacturers will find themselves at serious risk. Although there has yet to be a major successful cyberattack on a U.S. manufacturing operation, threats continue to rise. The complexities of multi-organizational dependencies and data-management in modern supply chains mean that vulnerabilities are multiplying. There is widespread agreement among manufacturers, government agencies, cybersecurity firms, and leading academic computer science departments that U.S. industrial firms are doing too little to address these looming challenges. Unfortunately, manufacturers in general do not see themselves to be at particular risk. This lack of recognition of the threat may represent the greatest risk of cybersecurity failure for manufacturers. Public and private stakeholders must act before a significant attack on U.S. manufacturers provides a wake-up call. Cybersecurity for the manufacturing supply chain is a particularly serious need. Manufacturing supply chains are connected, integrated, and interdependent; security of the entire supply chain depends on security at the local factory level. Increasing digitization in manufacturing— especially with the rise of Digital Manufacturing, Smart Manufacturing, the Smart Factory, and Industry 4.0, combined with broader market trends such as the Internet of Things (IoT)— exponentially increases connectedness. At the same time, the diversity of manufacturers—from large, sophisticated corporations to small job shops—creates weakest-link vulnerabilities that can be addressed most effectively by public-private partnerships. Experts consulted in the development of this report called for more holistic thinking in industrial cybersecurity: improvements to technologies, management practices, workforce training, and learning processes that span units and supply chains. Solving the emerging security challenges will require commitment to continuous improvement, as well as investments in research and development (R&D) and threat-awareness initiatives. This holistic thinking should be applied across interoperating units and supply chains.National Science Foundation, Grant No. 1552534https://deepblue.lib.umich.edu/bitstream/2027.42/145442/1/MForesight_CybersecurityReport_Web.pd

The AQUAS ECSEL Project Aggregated Quality Assurance for Systems: Co-Engineering Inside and Across the Product Life Cycle

There is an ever-increasing complexity of the systems we engineer in modern society, which includes facing the convergence of the embedded world and the open world. This complexity creates increasing difficulty with providing assurance for factors including safety, security and performance. In such a context, the AQUAS project investigates the challenges arising from e.g., the inter-dependence of safety, security and performance of systems and aims at efficient solutions for the entire product life-cycle. The project builds on knowledge of partners gained in current or former EU projects and will demonstrate the newly developed methods and techniques for co-engineering across use cases spanning Aerospace, Medicine, Transport and Industrial Control.A special thanks to all the AQUAS consortium people that have worked on the AQUAS proposal on which this paper is based, especially to Charles Robinson (TRT), the proposal coordinator. The AQUAS project is funded from the ECSEL Joint Undertaking under grant agreement n 737475, and from National funding

Large scale agile software development compliant to IEC 62443-4-1: artefact design and tool support

There has been a considerable increase in the use of agile methodologies over the last years. However, applying these methodologies can be challenging, particularly for industrial control systems that must obey to rigorous operational requirements through regulations and standards, and in particular cybersecurity requirements. The current work proposes a concept for a structured and systematic integration of security activities into a DevOps pipeline, with the ambition of pursuing the capability of both secure agile development and security compliant agile software engineering. The basis for this concept is the integration of the IEC 62443-4-1 (4-1) standard, which describes secure product development in industrial control systems, with a Continuous Integration/Continuous Delivery pipeline specification. To achieve this, the security requirements, as described in the 4-1 standard, were mapped into a simple DevOps pipeline specification. As a result, all of the 4-1 activities were analysed and classified according to the possibility of being automated through tool support. Interviews with expert practitioners, from the fields of security compliance and agile software engineering, were conducted to evaluate the present work. Results have shown evidence about the possibility of providing tool support for the IEC 62443-4-1 standard and to specify a DevOps pipeline compliant to the 4-1 standard.Nos últimos anos houve um aumento considerável no uso de metodologias ágeis. No entanto, a aplicação destas metodologias pode ser um desafio, em especial para sistemas de controle industrial que têm a obrigação de obedecer a requisitos operacionais rigorosos através de regulamentos e normas, e em particular no âmbito da cibersegurança. Este trabalho propõe um conceito para uma integração estruturada e sistemática de actividades de segurança num pipeline de DevOps, com o intuito de alcançar ambas as capacidades de desenvolvimento ágil seguro e engenharia de software ágil em conformidade com segurança. A base para este conceito é a integração da norma IEC 62443-4-1 (4-1), que descreve o desenvolvimento seguro de produtos em ambientes de controle industrial, com um especificação de Continuous Integration/Continuous Delivery. Para alcançar isto, foi feito um mapeamento de requisitos de segurança, de acordo com a descrição na norma 4-1, numa especificação simples de DevOps. Como resultado, todas as actividades da norma 4-1 foram analisadas e classificadas de acordo com a possibilidade de serem automatizadas através de suporte de ferramentas. Para avaliar o trabalho, foram realizadas entrevistas com profissionais especializados nas áreas de conformidade em segurança de TI’s e engenharia de software ágil. Os resultados mostram evidências sobre a possibilidade de fornecer suporte de ferramentas para a automatização da norma IEC 62443-4-1 e para a especificação um pipeline de DevOps conforme com a norma 4-1

Implications of Cyber Security to Safety Approval in Railway

The railway domain has a justifiable preoccupation with safety, but less of a focus on cyber security. This could result in the risk of cyber security flaws in current railway systems being unacceptably high. However, in recent years the railway industry has realized the importance of cyber security, and the possible effects cyber security could have on safety functions, necessitating these aspects to also be considered as part of the safety approval. This trend can be seen from the fact that later updates of the railway standards from CENELEC to a larger degree include cyber security. This is also a consequence of the increasing digitalisation trend in the railway sector, as elsewhere in society (e.g., the ERTMS national implementation project in Norway). This paper presents findings from a brief literature study on how railway systems are vulnerable to cyber security threats and discusses how cyber security issues are covered by current railway legislation. Challenges related to the handling of cyber security threats as part of the railway approval processes is then elaborated. The fact that cyber security threats change faster than the pure safety threats must be taken into account. The problem is viewed from an independent safety assessor's point of view. Some major findings of the study are elaborated, and conclusions on how to deal with cyber security as part of the railway approval process are outlined with pros and cons.acceptedVersio

Implications of Cyber Security to Safety Approval in Railway

The railway domain has a justifiable preoccupation with safety, but less of a focus on cyber security. This could result in the risk of cyber security flaws in current railway systems being unacceptably high. However, in recent years the railway industry has realized the importance of cyber security, and the possible effects cyber security could have on safety functions, necessitating these aspects to also be considered as part of the safety approval. This trend can be seen from the fact that later updates of the railway standards from CENELEC to a larger degree include cyber security. This is also a consequence of the increasing digitalisation trend in the railway sector, as elsewhere in society (e.g., the ERTMS national implementation project in Norway). This paper presents findings from a brief literature study on how railway systems are vulnerable to cyber security threats and discusses how cyber security issues are covered by current railway legislation. Challenges related to the handling of cyber security threats as part of the railway approval processes is then elaborated. The fact that cyber security threats change faster than the pure safety threats must be taken into account. The problem is viewed from an independent safety assessor's point of view. Some major findings of the study are elaborated, and conclusions on how to deal with cyber security as part of the railway approval process are outlined with pros and cons.acceptedVersio

Visualization of security in industrial control systems respecting IEC-62443

The importance of visualizing security in industrial control systems respecting the IEC62443 security standards has increased. This is due to the increase in cyber attacks, its complexity over time, and the security standards created to protect users from compromising them. Through an adequate visualization of security information, it is possible to manage and analyze information to make decisions for good management of systems' security. In this sense, this study's main objective was to describe a possible solution to assist in security management, having been developed in partnership with Siemens Technology, based in Germany. Thus, appropriate tools were used and evaluated to model the data and create visual elements to represent the industrial control system's components. Their security attributes were chosen to be in a dashboard. Kibana was used for three case studies, the last one being the most important for Siemens. The data were obtained through the security software test tool. These were organized and treated to be in a configuration that allowed them to be imported into Kibana and create a dashboard containing the information needed to make decisions and discover gaps in the system. Subsequently, the proposed solution was evaluated through a questionnaire applied to the specialists responsible for industrial control systems security to obtain suggestions that would improve its usefulness and security management assistance. From the results obtained, it was possible to observe the security representation using a visualization tool, demonstrate compliance with IEC-62443 security protocols, thus enabling a simplified security analysis of an industrial control system.A importância de visualizar segurança em sistemas de controlo industrial respeitando as normas de segurança IEC-62443 tem vindo a aumentar. Isto deve-se, ao aumento dos ciberataques, da sua complexidade e das normas criadas para proteger os sistemas. Através de uma adequada visualização de informação sobre a segurança torna-se possível gerir e analisar a informação para tomar decisões e fazer uma boa gestão de segurança. O presente estudo teve como principal objetivo descrever uma solução possível para auxiliar na gestão de segurança tendo sido desenvolvida em parceria com Siemens Technology, sediada na Alemanha. Assim, recorreu-se à avaliação das ferramentas utilizadas para modelar dados e criar elementos visuais para representar os componentes num sistema de controlo industrial e os atributos de segurança escolhidos para estarem num "dashboard". O "Kibana" foi utilizado para três casos, sendo o último o mais importante para a Siemens. Os dados foram obtidos através da ferramenta de teste do software de segurança. Estes foram organizados e tratados de forma a criar um "dashboard" contendo a informação necessária para tomar decisões e descobrir lacunas no sistema. Posteriormente, a solução proposta foi avaliada através de um questionário aplicado aos especialistas de segurança de sistemas de controlo industrial, com o propósito de se obterem sugestões que permitissem melhorar a sua utilidade e assistência na gestão da segurança. Com os resultados obtidos foi possível observar a representação de segurança utilizando uma ferramenta de visualização, respeitando os protocolos de segurança IEC-62443, possibilitando, uma análise simplificada da segurança num sistema de controlo industrial