Heuristic Approaches to Horizontal Security for Industry 4.0
There is no security in IoT (Internet of things) especially not inIndustry 4.0, unless the concept of security is modified in two directions:1. If access control no longer only includes user identities and if authentication not only examines PII (Personal Identity Information) but demands proof according to rules, then security is possible.2. If authorization not only means that a given user identity is included in the access control list but a proven functionality, then security is possible.This talk presents new set heuristic techniques since finding an optimal solution seems impossible or impractical, while heuristic detection methods can be used to speed up the process of finding a satisfactory solution for security in IoT. For this purpose Petri/Nets of the are used for the proof for rules and functionality. In this talk Industry 4.0 processes are logged and analyzed according to security relevant criteria; e.g. obstruction, behavioral deviation, resource and time or Performance Clustering.Deviation from expected behavior is considered a hint for potential securityissues, but it is not a proof of security violations.