Threat and risk analysis to increase IT security in mechanical and plant engineering

G. Kraft Maschinenbau produces special machines for the manufacture of doors and frames, among other things. To ensure effective and efficient development, the company has made use of the advantages of model-driven development. A key component is a proprietary system that is used as the central architecture for all systems. The requirements for IT security are correspondingly high, as without this, the implemented safety measures could also be compromised. For example, threats such as the infiltration of malware, phishing or machine downtimes must be avoided. To master this challenge, G. Kraft Maschinenbau relies on IEC 62443 - the international standard for securing industrial networks - and applies the principle of security by design. 

To this end, the company's own system was analyzed and evaluated with regard to potential IT security threats. In two moderated workshops, employees of G. Kraft Maschinenbau worked together with the experts from Fraunhofer IEM to create a comprehensive threat model. The first step was to define data worth protecting (assets) such as customer and production data as well as the protection goals, e.g. system availability. The team analyzed internal system processes and documented external interfaces, including to customer databases, using a data flow diagram. This records where passwords are stored in the system, for example, and which data is exchanged between individual system processes. Possible threat scenarios were then considered, a risk status determined and suitable countermeasures developed. On this basis, the experts prioritized further safeguards.

Thanks to the collaboration with Fraunhofer IEM, the developers learned a new procedure for systematic, tool-supported threat analysis and risk assessment. This will continue to be used by G. Kraft Maschinenbau after the end of the project in order to provide the best possible protection for current and future systems.