Sign in

Friction generates heat — true for writing and engineering. Fluchsfriction generates writings on security engineering. Heated debates welcome! CTO@admeritia

IDEAS project: Integrated Data Models for the Engineering of Automation Security

IDEAS is short for “Integrated Data Models for the Engineering of Automation Security”. And it really is what it says on the inside. But to explain that, we need to elaborate a bit. The project is funded by the German Federal Ministry of Education and Research (BMBF).

Security? That’ s what the others do…


BMBF-Projekt IDEAS: Integrated Data Models for the Engineering of Automation Security

IDEAS steht für Integrated Data Models for the Engineering of Automation Security. Und tatsächlich ist auch drin, was draufsteht. Aber um das zu erklären, müssen wir ein wenig ausholen. Das Projekt wird vom Bundesministerium für Bildung und Forschung (BMBF) gefördert.

Security? Machen die anderen…


Eine Annäherung

Photo by Rock’n Roll Monkey on Unsplash


Two perspectives, shared objectives

Emergence


as a Submodel of the Digital Twin

1 Intro


Agreed, security engineering sucks. But let’s do away with thinking of it as a burden

What kind of engineers do we want to be, after all? What IS an engineering mindset? (Source: The Noun Project)


Looking at the facts, “patch more!” falls short.

Uaaah, death by ransomware in a hospital! Let’s calm down, stop fingerpointing and analyze what we know. — Photo by Clay Banks


Nüchtern analysiert, ist “mehr patchen!” nicht die Antwort.

Uaaah, Tod durch Ransomware in einem Krankenhaus!! Lassen Sie uns abregen, den erhobenen Zeigefinger wieder einstecken und analysieren, was wir eigentlich wissen. — Photo by Clay Banks


Turning a layered blueprints model into a secure protoype of your asset — with the help of inventory & detection tools

To be useful for security engineering, a digital twin does not need to be a perfect reflection of the original, just of its security-relevant features. The Layered Blueprints summarize everything security-relevant. — Photo by Dennis Buchner


Secure Coding Practices gab es bislang nur für IT. Das Top 20 Secure PLC Coding-Projekt ändert das

So ist das mit SPSen: Wenn man sich verprogrammiert, zeigt schonmal irgendwo eine Nadel seltsame Dinge an. Was für eine Chance für die sichere Programmierung! — Photo by Emma Steinhobel

Können wir anfangen, PLC-Eigenheiten als Features, nicht als Bugs für Security zu begreifen?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store