Home | deutsch  | Impressum | Data Protection | Sitemap | KIT

NFV-Based Security for Industry 4.0

NFV-Based Security for Industry 4.0
chair:Network Softwarization
time:12. Februar 2019

Hauke Heseding


Industry 4.0 constitutes a paradigm shift in future production processes. Factories need to be able to accommodate various producer demands: from large scale production to mass customization and manufacturing of individual items. To achieve this goal, the production floor must become more flexible – similar to modern data centers, which operate under the cloud computing principle. This in turn requires the underlying industrial control networks to be highly adaptive in order to meet the communication requirements of a future smart production environment.

A key challenge of Industry 4.0 is to provide security in highly dynamic network environments that operate under tight constraints. To achieve this objective, we leverage Network Softwarization to integrate security mechanisms like virtualized firewalls and intrusion prevention systems into network flows of industrial applications on demand. This integration must comply with the restrictions imposed by the production environment, such as sufficient reliability, limited computational power and determinism of real-time capable traffic. The direct linkage between information technology and the physical realm in Industry 4.0 makes security research a particularly interesting topic due to challenging constraints as well as the potentially severe consequences of adversarial action.



The goal of this thesis is to design and implement security concepts for highly flexible industrial control networks based on Software Defined Networking (SDN) and Network Function Virtualization (NFV). This involves identifying communication requirements of industrial processes as well as the integration of virtualized security measures into network traffic flows. The feasibility of the approach will be evaluated with a prototype implementation



Workstations and testbed computers



Good understanding of networking principles
Good understanding of algorithmic design
Basic programming skills