Master of Eng. in Automation & IT
[ger]Deutsch
Englisch [eng]Englisch

Course 
People 

Automation & IT   Course   Modules   Communication and Security

Industrial Communication and Information Security in Industrial Automation


Qualification aims

The module makes students familiar with concepts, architectures and technologies of industrial communications. The module covers the full range of communication from real-time Ethernet networks to internet-based applications and remote access scenarios. The module emphasises on protocols and software and as well as on network infrastructure devices.

Students can

  • evaluate, plan and configure industrial communication systems
  • evaluate, plan and configure industrial IT-security systems

by

  • understanding the principles of real-time Ethernet solutions and their applications in
  • Automation including TSN, PROFINET and OPC UA
  • understanding the difference of horizontal and vertical communication
  • gaining detailed knowledge and experience in PROFINET regarding concept, engineering,
  • diagnosis and maintenance
  • understanding the requirements and functionality of network devices and controllers
  • analyzing and evaluating network traffic in real-time applications by means of tools
  • installing and configuring network devices
  • planning and commissioning of network installations
  • understanding connectivity architectures for Industrial Internet of Things (IIoT)
  • understanding current technologies and protocols for IIoT
  • evaluating the pros and cons of various protocols
  • understanding industrial security objectives (availability, integrity, confidentiality)
  • analyzing security objectives in IT and industrial automation scenarios
  • comprehending international security standards for automation
  • such as VDI 2182 and IEC 61443
  • understanding the roles of vendors, system integrators and asset owners (end users)
  • determining and evaluating system security vulnerabilities
  • understanding and applying risk analysis methods to develop and evaluate measures
  • evaluating typical threats, risks and measures in industrial automation scenarios
  • developing methods to determine vulnerabilities
  • understand encryption methodology incl. signatures
  • estimating security tool limitations
  • understanding firewall technology
  • planning and configuring firewall systems
  • summarizing results in reports
  • presenting results in oral presentations

to

  • be able to design, manage and maintain industrial automation systems
  • be qualified for a professional career as automation engineer



Courses

The module consists of four courses:


Industrial Ethernet

Tutor

Prof. Klasen

Credit points

3 CP

Term

Fall

Contents

  • Ethernet-based industrial communication (focus on PROFINET)
  • Network analysis of real-time Ethernet networks
  • Network devices (switches, routers)
  • Architecture of plant networks vs. corporate networks
  • Integration of plant network and corporate network
  • Practical part:
  • PROFINET engineering and commissioning Workshop
  • Configuring network devices
  • Designing and configuring PROFINET applications including M2M


Industrial IT and Industrial IoT

Tutor

Prof. Klasen

Credit points

3 CP

Term

Spring

Contents

  • Interfacing systems via OPC UA
  • Remote access solutions
  • Internet technologies in automation
  • IIoT connectivities and protocols
  • Interfaces and application protocols


IT-Security - Management and Technologies

Tutor

Prof. Klasen

Credit points

3 CP

Term

Fall

Contents

  • Introduction to the basic terms used in IT security (security objectives, mechanisms, example scenarios)
  • The Information security management system instruments and methods used by management to systematically control (i.e., plan, put in place, implement, monitor, and improve) tasks and activities relating to IT security
  • International standards on IT security
  • Cryptographic procedures as mechanisms to achieve security objectives current cryptographic standards
  • Principles and mechanisms of authentication
  • TCP/IP based network and service security (weaknesses, attacks, examples)
  • Firewall systems (application level gateways, packet filters, remote access)
  • Intrusion Prevention Systems (IPS)


Industrial Security in Automation

Tutor

Prof. Klasen

Credit points

3 CP

Term

Spring

Contents

  • Specific requirements and conditions of industrial automation
  • Threads and risk assessment
  • Security aspects of Ethernet based automation protocols
  • Functional security limitations and interfaces
  • Design aspects of automation devices and systems
  • Vulnerability Test and development of test cases for benchmarks and audits
  • Security & Safety
  • Typical architectures of security solutions
  • Procedural models for implementing solutions (manufacturers, integrators, users)


Bibliography

  • Klasen, F. et al.; Industrial Communication with Fieldbus and Ethernet VDE Verlag, 9.11.2011, ISBN 978-3-8007-3358-3
  • Anderson, Ross: Security Engineering, John Wiley & Sons Inc, 2001
  • Eckert, Claudia: IT-Sicherheit. Konzepte Verfahren Protokolle, Oldenbourg, 2006
  • Schneier, Bruce : Practical Cryptography, John Wiley & Sons, 2003
  • Schneier, Bruce : Secrets & Lies. IT-Sicherheit in einer vernetzten Welt, Dpunkt Verlag, 2006
  • http://www.securityfocus.com (aktuelle Sicherheitsmeldungen)
  • Normen und Richtlinien: Manufacturing and Control Systems Security ISA SP99
  • VDE/VDI 2182