Future industrial networks will consist of a complex mixture of new and legacy components, while new use cases and applications envisioned by Industry 4.0 will demand increased flexibility and dynamics from these networks. Industrial security gateways will become an important building block to tackle new security requirements demanded by these changes. Their introduction will further increase the already high complexity of these networks, demanding more efforts in properly and securely configuring them. Yet, past research showed, that most operators of industrial networks are already today unable to configure industrial networks in a secure fashion. Therefore, we propose a scheme that allows factory operators to configure security gateways in an easy and practical way that is also understandable for staff not trained in the security domain. We employ hardware security tokens that allow to reduce every day configuration to one physical interaction. Our results show the practical feasibility of our proposed scheme and that it does not reduce the security level of industrial security gateways in any way.
翻译:工业安全网关将成为解决这些变化所要求的新的安全要求的重要基石;采用这些网关将进一步增加这些网络已经十分复杂的复杂程度,要求作出更多努力来适当和安全地配置这些网络;然而,过去的研究表明,工业网络大多数运营商今天已经无法以安全的方式配置工业网络;因此,我们提议一项计划,允许工厂运营商以简单、实用的方式配置安全网关,对于未接受安全领域培训的工作人员来说,这也是可以理解的;我们使用硬件安全标志,允许每天将配置缩减为一次实际互动;我们的结果表明,我们提议的计划的实际可行性,而且它不会以任何方式降低工业安全网关的安全水平。