Skip to main content
Erschienen in: Business & Information Systems Engineering 4/2020

19.08.2019 | Research Paper

Modeling IT Availability Risks in Smart Factories

A Stochastic Petri Nets Approach

verfasst von: Daniel Miehle, Björn Häckel, Stefan Pfosser, Jochen Übelhör

Erschienen in: Business & Information Systems Engineering | Ausgabe 4/2020

Einloggen

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

In the course of the ongoing digitalization of production, production environments have become increasingly intertwined with information and communication technology. As a consequence, physical production processes depend more and more on the availability of information networks. Threats such as attacks and errors can compromise the components of information networks. Due to the numerous interconnections, these threats can cause cascading failures and even cause entire smart factories to fail due to propagation effects. The resulting complex dependencies between physical production processes and information network components in smart factories complicate the detection and analysis of threats. Based on generalized stochastic Petri nets, the paper presents an approach that enables the modeling, simulation, and analysis of threats in information networks in the area of connected production environments. Different worst-case threat scenarios regarding their impact on the operational capability of a close-to-reality information network are investigated to demonstrate the feasibility and usability of the approach. Furthermore, expert interviews with an academic Petri net expert and two global leading companies from the automation and packaging industry complement the evaluation from a practical perspective. The results indicate that the developed artifact offers a promising approach to better analyze and understand availability risks, cascading failures, and propagation effects in information networks in connected production environments.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Weitere Produktempfehlungen anzeigen
Anhänge
Nur mit Berechtigung zugänglich
Fußnoten
1
Table A.1 in the online appendix provides an overview of the nomenclature of our PN specification (available online via http://​springerlink.​com).
 
2
\(\widehat{M}\) is a subset of N \((\widehat{M} \subseteq N)\) consisting of one or multiple components (e.g., in case of common cause failures or synchronized attacks) and representing the initial trigger of failures.
 
Literatur
Zurück zum Zitat Amiri AK, Cavusoglu H, Benbasat I (2014) When is IT unavailability a strategic risk?: a study in the context of cloud computing. In: Proceedings of the 35th international conference on information systems, Auckland, New Zealand, pp 1–11 Amiri AK, Cavusoglu H, Benbasat I (2014) When is IT unavailability a strategic risk?: a study in the context of cloud computing. In: Proceedings of the 35th international conference on information systems, Auckland, New Zealand, pp 1–11
Zurück zum Zitat Balbo G, Silva M (1998) Performance models for discrete event systems with synchronizations: formalisms and analysis techniques, vol 1. Kronos, Zaragoza Balbo G, Silva M (1998) Performance models for discrete event systems with synchronizations: formalisms and analysis techniques, vol 1. Kronos, Zaragoza
Zurück zum Zitat Brettel M, Friederichsen N, Keller M, Rosenberg M (2014) How virtualization, decentralization and network building change the manufacturing landscape: an industry 4.0 perspective. Int J Mech Aerosp Ind Mech Manuf Eng 8(1):37–44 Brettel M, Friederichsen N, Keller M, Rosenberg M (2014) How virtualization, decentralization and network building change the manufacturing landscape: an industry 4.0 perspective. Int J Mech Aerosp Ind Mech Manuf Eng 8(1):37–44
Zurück zum Zitat Broy M, Cengarle MV, Geisberger E (2012) Cyber-physical systems: imminent challenges. In: Hutchison D, Kanade T, Kittler J, Kleinberg JM, Mattern F, Mitchell JC et al (eds) Large-scale complex IT systems. Development, operation and management, LNCS Bd. 7539. Springer, Heidelberg, pp 1–28 Broy M, Cengarle MV, Geisberger E (2012) Cyber-physical systems: imminent challenges. In: Hutchison D, Kanade T, Kittler J, Kleinberg JM, Mattern F, Mitchell JC et al (eds) Large-scale complex IT systems. Development, operation and management, LNCS Bd. 7539. Springer, Heidelberg, pp 1–28
Zurück zum Zitat Cardenas A, Amin S, Sinopoli B, Giani A, Perrig A, Sastry S (2009) Challenges for securing cyber physical systems. In: Workshop on future directions in cyber-physical systems security, pp 1–4 Cardenas A, Amin S, Sinopoli B, Giani A, Perrig A, Sastry S (2009) Challenges for securing cyber physical systems. In: Workshop on future directions in cyber-physical systems security, pp 1–4
Zurück zum Zitat Colombo AW, Karnouskos S (2009) Towards the factory of the future: a service-oriented cross-layer infrastructure. ICT Shap World Sci View 65:65–81 Colombo AW, Karnouskos S (2009) Towards the factory of the future: a service-oriented cross-layer infrastructure. ICT Shap World Sci View 65:65–81
Zurück zum Zitat Danziger MM, Shekhtman LM, Bashan A, Berezin Y, Havlin S (2016) Vulnerability of interdependent networks and networks of networks. In: Garas A (ed) Interconnected networks. Springer, Cham, pp 79–99CrossRef Danziger MM, Shekhtman LM, Bashan A, Berezin Y, Havlin S (2016) Vulnerability of interdependent networks and networks of networks. In: Garas A (ed) Interconnected networks. Springer, Cham, pp 79–99CrossRef
Zurück zum Zitat Eden P, Blyth A, Jones K, Soulsby H, Burnap P, Cherdantseva Y, Stoddart K (2017) SCADA system forensic analysis within IIoT. In: Thomas L, Schaefer D (eds) Cybersecurity for industry 4.0 – analysis for design and manufacturing. Springer, Cham, pp 73–101CrossRef Eden P, Blyth A, Jones K, Soulsby H, Burnap P, Cherdantseva Y, Stoddart K (2017) SCADA system forensic analysis within IIoT. In: Thomas L, Schaefer D (eds) Cybersecurity for industry 4.0 – analysis for design and manufacturing. Springer, Cham, pp 73–101CrossRef
Zurück zum Zitat Gregor S, Hevner AR (2013) Positioning and presenting design science research for maximum impact. Manag Inf Syst Q 37(2):337–355CrossRef Gregor S, Hevner AR (2013) Positioning and presenting design science research for maximum impact. Manag Inf Syst Q 37(2):337–355CrossRef
Zurück zum Zitat Hallikas J, Karvonen I, Pulkkinen U, Virolainen V-M, Tuominen M (2004) Risk management process in supplier networks. Int J Prod Econ 90:47–58CrossRef Hallikas J, Karvonen I, Pulkkinen U, Virolainen V-M, Tuominen M (2004) Risk management process in supplier networks. Int J Prod Econ 90:47–58CrossRef
Zurück zum Zitat Hao K, Xie F (2009) Componentizing hardware/software interface design. In: Conference on design, automation and test in Europe, Dresden, Germany, pp 232–237 Hao K, Xie F (2009) Componentizing hardware/software interface design. In: Conference on design, automation and test in Europe, Dresden, Germany, pp 232–237
Zurück zum Zitat Hermann M, Pentek T, Otto B (2015) Design principles for Industrie 4.0 scenarios – a literature review. In: Technische Universität Dortmund – working paper 01/2015 Hermann M, Pentek T, Otto B (2015) Design principles for Industrie 4.0 scenarios – a literature review. In: Technische Universität Dortmund – working paper 01/2015
Zurück zum Zitat Hevner AR, March ST, Park J, Ram S (2004) Design science in information systems research. Manag Inf Syst Q 28(1):75–106CrossRef Hevner AR, March ST, Park J, Ram S (2004) Design science in information systems research. Manag Inf Syst Q 28(1):75–106CrossRef
Zurück zum Zitat Iansiti M, Lakhani KR (2014) Digital ubiquity: how connections, sensors, and data are revolutionizing business. Harv Bus Rev 92(11):91–99 Iansiti M, Lakhani KR (2014) Digital ubiquity: how connections, sensors, and data are revolutionizing business. Harv Bus Rev 92(11):91–99
Zurück zum Zitat Jensen K (1991) Coloured petri nets: a high level language for system design and analysis. In: Goos G, Hartmanis J, Barstow D, Brauer W, Brinch Hansen P, Gries D et al (eds) Advances in Petri Nets 1990. LNCS. Springer, Heidelberg, pp 342–416CrossRef Jensen K (1991) Coloured petri nets: a high level language for system design and analysis. In: Goos G, Hartmanis J, Barstow D, Brauer W, Brinch Hansen P, Gries D et al (eds) Advances in Petri Nets 1990. LNCS. Springer, Heidelberg, pp 342–416CrossRef
Zurück zum Zitat Keller R, König C (2014) A reference model to support risk identification in cloud networks. In: Proceedings of the 35th international conference on information systems, pp 1–19 Keller R, König C (2014) A reference model to support risk identification in cloud networks. In: Proceedings of the 35th international conference on information systems, pp 1–19
Zurück zum Zitat Lucke D, Constantinescu C, Westkämper E (2008) Smart factory – a step towards the next generation of manufacturing. In: The 41st CIRP conference on manufacturing systems Lucke D, Constantinescu C, Westkämper E (2008) Smart factory – a step towards the next generation of manufacturing. In: The 41st CIRP conference on manufacturing systems
Zurück zum Zitat Marsan MA, Conte G, Balbo G (1984) A class of generalized stochastic petri nets for the performance evaluation of multiprocessor systems. ACM Trans Comput 2(2):93–122CrossRef Marsan MA, Conte G, Balbo G (1984) A class of generalized stochastic petri nets for the performance evaluation of multiprocessor systems. ACM Trans Comput 2(2):93–122CrossRef
Zurück zum Zitat Merlin P (1974) A study of the recoverability of computer system. Ph.D. thesis, University of California, Irvine Merlin P (1974) A study of the recoverability of computer system. Ph.D. thesis, University of California, Irvine
Zurück zum Zitat Molloy MK (1981) On the integration of delay and throughput measures in distributed processing models. Ph.D. thesis, University of California, Los Angeles Molloy MK (1981) On the integration of delay and throughput measures in distributed processing models. Ph.D. thesis, University of California, Los Angeles
Zurück zum Zitat Offermann P, Blom S, Schönherr M, Bub U (2010) Artifact types in information systems design science – a literature review. In: Hutchison D, Kanade T, Kittler J, Kleinberg JM, Mattern F, Mitchell JC et al (eds) Global perspectives on design science research (LNCS). Springer, Heidelberg, pp 77–92CrossRef Offermann P, Blom S, Schönherr M, Bub U (2010) Artifact types in information systems design science – a literature review. In: Hutchison D, Kanade T, Kittler J, Kleinberg JM, Mattern F, Mitchell JC et al (eds) Global perspectives on design science research (LNCS). Springer, Heidelberg, pp 77–92CrossRef
Zurück zum Zitat Petri CA (1962) Kommunikation mit Automaten. Doctoral Thesis, Technische Universität Darmstadt Petri CA (1962) Kommunikation mit Automaten. Doctoral Thesis, Technische Universität Darmstadt
Zurück zum Zitat Ramchandani C (1974) Analysis of asynchronos concurrent systems by timed petri nets. Ph.D. Thesis, Massachusetts Institute of Technology Ramchandani C (1974) Analysis of asynchronos concurrent systems by timed petri nets. Ph.D. Thesis, Massachusetts Institute of Technology
Zurück zum Zitat Sadeghi A-R, Wachsmann C, Waidner M (nd) Security and privacy challenges in industrial internet of things. In: Design automation conference, pp 1–6 Sadeghi A-R, Wachsmann C, Waidner M (nd) Security and privacy challenges in industrial internet of things. In: Design automation conference, pp 1–6
Zurück zum Zitat Sathanur AV, Haglin DJ (2016) A novel centrality measure for network-wide cyber vulnerability assessment. In: IEEE symposium on technologies for homeland security, pp 1–5 Sathanur AV, Haglin DJ (2016) A novel centrality measure for network-wide cyber vulnerability assessment. In: IEEE symposium on technologies for homeland security, pp 1–5
Zurück zum Zitat Simon HA (1996) The sciences of the artificial. MIT Press, Cambridge Simon HA (1996) The sciences of the artificial. MIT Press, Cambridge
Zurück zum Zitat Sonnenberg C, vom Brocke J (2012) Evaluation Patterns for design science research artefacts. In: Helfert M, Donnellan B (eds) Practical aspects of design science (communications in computer and information science). Springer, Heidelberg, pp 71–83 Sonnenberg C, vom Brocke J (2012) Evaluation Patterns for design science research artefacts. In: Helfert M, Donnellan B (eds) Practical aspects of design science (communications in computer and information science). Springer, Heidelberg, pp 71–83
Zurück zum Zitat Tupa J, Simota J, Steiner F (2017) Aspects of risk management implementation for Industry 4.0. Procedia Manuf 11:1223–1230CrossRef Tupa J, Simota J, Steiner F (2017) Aspects of risk management implementation for Industry 4.0. Procedia Manuf 11:1223–1230CrossRef
Zurück zum Zitat Venable J, Pries-Heje J, Baskerville R (2012) A comprehensive framework for evaluation in design science research. In: Hutchison D, Kanade T, Kittler J, Kleinberg JM, Mattern F, Mitchell JC et al (eds) Design science research in information systems. advances in theory and practice (LNCS). Springer, Heidelberg, pp 423–438CrossRef Venable J, Pries-Heje J, Baskerville R (2012) A comprehensive framework for evaluation in design science research. In: Hutchison D, Kanade T, Kittler J, Kleinberg JM, Mattern F, Mitchell JC et al (eds) Design science research in information systems. advances in theory and practice (LNCS). Springer, Heidelberg, pp 423–438CrossRef
Zurück zum Zitat Vladimir AB (2011) On the modularity in petri nets of active resources. In: Proceedings of CompoNet and SUMo, pp 33–48 Vladimir AB (2011) On the modularity in petri nets of active resources. In: Proceedings of CompoNet and SUMo, pp 33–48
Zurück zum Zitat Wang S, Wan J, Li D, Zhang C (2016) Implementing smart factory of Industrie 4.0: an outlook. Int J Distrib Sens Netw 12(1):1–10 Wang S, Wan J, Li D, Zhang C (2016) Implementing smart factory of Industrie 4.0: an outlook. Int J Distrib Sens Netw 12(1):1–10
Zurück zum Zitat Weill P, Vitale M (2002) What IT infrastructure capabilities are needed to implement e-business models? MIS Q 1(1):17–34 Weill P, Vitale M (2002) What IT infrastructure capabilities are needed to implement e-business models? MIS Q 1(1):17–34
Zurück zum Zitat Wengert A, Graham J, Ribble E (2016) A new approach to cyberphysical security in industry 4.0. In: Thomas L, Schaefer D (eds) Cybersecurity for industry 4.0 – analysis for design and manufacturing. Springer, Cham, pp 59–72 Wengert A, Graham J, Ribble E (2016) A new approach to cyberphysical security in industry 4.0. In: Thomas L, Schaefer D (eds) Cybersecurity for industry 4.0 – analysis for design and manufacturing. Springer, Cham, pp 59–72
Zurück zum Zitat Zambon E, Etalle S, Wieringa RJ, Hartel P (2011) Model-based qualitative risk assessment for availability of IT infrastructures. Softw Syst Model 10(4):553–580CrossRef Zambon E, Etalle S, Wieringa RJ, Hartel P (2011) Model-based qualitative risk assessment for availability of IT infrastructures. Softw Syst Model 10(4):553–580CrossRef
Metadaten
Titel
Modeling IT Availability Risks in Smart Factories
A Stochastic Petri Nets Approach
verfasst von
Daniel Miehle
Björn Häckel
Stefan Pfosser
Jochen Übelhör
Publikationsdatum
19.08.2019
Verlag
Springer Fachmedien Wiesbaden
Erschienen in
Business & Information Systems Engineering / Ausgabe 4/2020
Print ISSN: 2363-7005
Elektronische ISSN: 1867-0202
DOI
https://doi.org/10.1007/s12599-019-00610-6

Weitere Artikel der Ausgabe 4/2020

Business & Information Systems Engineering 4/2020 Zur Ausgabe

Catchword

Fair AI