Titlebar

Export bibliographic data
Literature by the same author
plus on the publication server
plus at Google Scholar

 

Attacks on the Industrial Internet of Things : Development of a multi-layer Taxonomy

Title data

Berger, Stephan ; Bürger, Olga ; Röglinger, Maximilian:
Attacks on the Industrial Internet of Things : Development of a multi-layer Taxonomy.
In: Computers & Security. Vol. 93 (2020) .
ISSN 0167-4048
DOI: https://doi.org/10.1016/j.cose.2020.101790

Related URLs

Project information

Project title:
Project's official titleProject's id
Oberfranken 4.0No information

Project financing: Europäische Strukturfonds
Europäischer Fond für regionale Entwicklung
Oberfrankenstiftung

Abstract in another language

The Industrial Internet of Things (IIoT) provides new opportunities to improve process and production efficiency, which enable new business models. At the same time, the high degree of cross-linking and decentralization increases the complexity of IIoT systems and creates new vulnerabilities. Hence, organizations are not only vulnerable to conventional IT threats, but also to a multitude of new, IIoTspecific attacks. Yet, a literature-based and empirically evaluated understanding of attacks on the IIoT is still lacking. Against this backdrop, we develop a multi-layer taxonomy that helps researchers and practitioners to identify similarities and differences between attacks on the IIoT. Based on the latest literature and a sample of about 50 attacks, we deductively and inductively determine attack characteristics and dimensions. We demonstrate the usefulness and practical relevance of our taxonomy by applying it to a real-world incident affecting a German steel facility. By combining IT security, IIoT, and risk management to form an interdisciplinary approach, we contribute to the descriptive knowledge in these fields. Industry experts confirm that our taxonomy enables a detailed classification of attacks, which supports the identification, documentation, and communication of incidents within organizations and their value-creation networks. With this, our taxonomy provides a profound basis for the further development of IT security management and the derivation of mitigation measures.

Further data

Item Type: Article in a journal
Refereed: Yes
Keywords: Industrial Internet of Things; Industry 4.0; IT Security; Attacks; Taxonomy
Institutions of the University: Faculties > Faculty of Law, Business and Economics > Department of Business Administration
Faculties > Faculty of Law, Business and Economics > Department of Business Administration > Chair Information Systems and Value-Based Business Process Management
Faculties > Faculty of Law, Business and Economics > Department of Business Administration > Chair Information Systems and Value-Based Business Process Management > Chair Information Systems and Value-Based Business Process Management - Univ.-Prof. Dr. Maximilian Röglinger
Research Institutions
Research Institutions > Affiliated Institutes
Research Institutions > Affiliated Institutes > Fraunhofer Project Group Business and Information Systems Engineering
Research Institutions > Affiliated Institutes > FIM Research Center Finance & Information Management
Faculties
Faculties > Faculty of Law, Business and Economics
Result of work at the UBT: Yes
DDC Subjects: 000 Computer Science, information, general works > 004 Computer science
300 Social sciences > 330 Economics
Date Deposited: 24 Mar 2020 08:50
Last Modified: 20 May 2020 07:10
URI: https://eref.uni-bayreuth.de/id/eprint/54664