Background
The SUSTAIN project aims to improve the safety and reliability of industrial plants by developing innovative solutions for the cybersecurity of safety-critical infrastructures. To assess and reduce the cybersecurity risks for this system, Demag and NXP held a two-day workshop at NXP in Hamburg.
Objectives
The objectives of the workshop were:
- To identify the assets of the crane control system to be protected, such as sensors, actuators, communication channels, data, software, etc.
- The STRIPED model, an extension of the STRIDE model that also includes physical threats (physical threats) in addition to the classic threat categories such as spoofing, tampering, repudiation, information disclosure, denial of service and elevation of privilege, is used to carry out the cybersecurity assessment. This is followed by a risk assessment using the DREAD model, which enables a structured assessment of the threats in terms of damage potential, reproducibility, exploitability, affected users and discoverability.
- The determination of the Security Level Targets (SL-T) according to IEC EN 62443 for the assets, which specify the required security level for the protective measures that are intended to reduce the risks to an acceptable level.
Results
The results of the workshop were:
- The creation of a list of assets of the crane control system that are relevant for cybersecurity. These are compiled into a threat model diagram, taking into account the developed security architecture.
- Classification of the possible threats and the classification of the risk according to the DREAD method using the example of an assest
- The assignment of SL-T for each asset, ranging from SL 1 to SL 4, with SL 4 representing the highest security level.
Conclusion
The workshop was an important milestone in the SUSTAIN project as it provided the basis for selecting the appropriate SL targets and implementing the appropriate cybersecurity solutions for the crane control system. The SUSTAIN partners will use the results of the workshop to define the requirements for the security measures that the SL-T must fulfill. The next steps, besides completing the risk assessment for all identified assets, are the development, integration and validation of the cybersecurity solutions to be tested in real industrial environments within our Research & Business Factory.