Security Analysis and Improvement of Data Logistics in AutomationML-Based Engineering Networks

  • Bernhard BrennerEmail author
  • Edgar Weippl


The Automation Markup Language (AutomationML) is a concept developed in 2008 in order to provide a versatile data format for seamless exchangeability of engineering data, with the goal of simplifying the design and creation of cyber-physical production systems. Different software, such as CAD programs, shall be able to support this format. Especially in the case of collaborative work and data exchange, security can become an important issue as current approaches do not fulfill the essential security objectives necessary, meaning that authenticity, integrity, and confidentiality of the stored files are not ensured from the start of product design to the end product. This raises questions not only about the confidentiality of company information but also about the safety of production lines and end products. Leakage of confidential information (e.g., construction plans), leading to unintended spread of know-how, can be an expensive consequence. Unauthorized and undetected (malicious) modifications may even lead to faults in end products, availability issues, or serious accidents within the production line. This chapter focuses on the demonstration of open issues within AutomationML-based engineering project environments. We are going to demonstrate why some kind of security layer (i.e., layer ensuring access control and privileges, as well as ensuring data integrity) is crucial when using AutomationML. Therefore, we provide assumptions about potential attacks and their potential consequences. We introduce an approach to identify and analyze assets, potential threats and vulnerabilities, resulting risks, as well as countermeasures that are relevant for ensuring the abovementioned properties: confidentiality of know-how, availability of the assets, and the integrity of relevant data.


AutomationML security AutomationML-based data exchange Access control for AutomationML 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.



This material is based on the work partially supported by (1) the Christian-Doppler-Laboratory for Security and Quality Improvement in the Production System Lifecycle; the financial support by the Austrian Federal Ministry for Digital and Economic Affairs and the Nation Foundation for Research, Technology and Development is gratefully acknowledged; (2) SBA Research; the competence center SBA Research (SBA-K1) is funded within the framework of COMETCompetence Centers for Excellent Technologies by BMVIT, BMDW, and the federal state of Vienna, managed by the FFG.


  1. Ahmad, A., Bosua, R., & Scheepers, R. (2014). Protecting organizational competitive advantage: A knowledge leakage perspective. Computers & Security, 42, 27–39.CrossRefGoogle Scholar
  2. Aktoudianakis, E. (2016). Relationship based access control. Ph.D. Thesis, University of Surrey.Google Scholar
  3. Alliance, S. C. (2015). Smart card alliance. In INSIDE Contactless Offers Free, Downloadable, Open NFC API and Source Code on SourceForge.Google Scholar
  4. Arnaud, R., & Barnes, M. C. (2006). COLLADA: sailing the gulf of 3D digital content creation. Natick, Massachusetts: AK Peters/CRC Press.CrossRefGoogle Scholar
  5. AutomationMLe.V. Automationml FAQ., a. Non peer-reviewed reference. Accessed Jan 2019.
  6. AutomationMLe.V. AutomationML – first steps., b. Non peer-reviewed reference. Accessed 24 Jan 2019.
  7. AutomationMLe.V. Whitepaper automationmlpart 1 – architecture and general requirements., c. Non peer-reviewed reference. Accessed 22 Feb 2019.
  8. AutomationMLe.V. AutomationML in a Nutshell., d. Non peer-reviewed reference. Accessed 13 Feb 2019.
  9. Barker, E., & Dang, Q. (2016). Nist special publication 800-57 part 1, revision 4. NIST, Tech. Rep.Google Scholar
  10. Bell, D. E., & LaPadula, L. J. (1973). Secure computer systems: Mathematical foundations. Technical report. Bedford, MA: MITRE Corp.Google Scholar
  11. Bell, D. E., & LaPadula, L. J. (1976). Secure computer system: Unified exposition and multics interpretation. Technical report. Bedford, MA: MITRE Corp.Google Scholar
  12. Biba, K. J. (1977). Integrity considerations for secure computer systems. Technical report. Bedford, MA: MITRE Corp.Google Scholar
  13. Biffl, S., Winkler, D., Mordinyi, R., Scheiber, S., & Holl, G. (2014). Efficient monitoring of multi-disciplinary engineering constraints with semantic data integration in the multi-model dashboard process. In 2014 IEEE, emerging technology and factory automation (ETFA) (pp. 1–10). Piscataway: IEEE.Google Scholar
  14. Bilge, L., & Dumitraş, T. (2012). Before we knew it: an empirical study of zero-day attacks in the real world. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (pp. 833–844). New York: ACM.Google Scholar
  15. Blischak, J. D., Davenport, E. R., & Wilson, G. (2016). A quick introduction to version control with git and github. PLoS Computational Biology, 12(1), e1004668.CrossRefGoogle Scholar
  16. Blog, O. Open security research: Sniffing traffic on the wire with a hardware tap. Non peer-reviewed reference. Accessed Dec 2018.
  17. Chen, Q., & Bridges, R. A. (2017). Automated behavioral analysis of malware a case study of wannacry ransomware. arXiv preprint arXiv:1709.08753.Google Scholar
  18. Cisconet. Preventing security attacks from all osi 7 layer. Non peer-reviewed reference. Accessed Dec 2018.
  19. Collinsdictionary. Asset definition und bedeutung — collins wörterbuch. Non peer-reviewed reference. Accessed Nov 2018.
  20. Cybersecuritynews. Network vulnerabilities and the osi model; cyber security news. Non peer-reviewed reference. Accessed Dec 2018.
  21. Drath, R. (2009). Datenaustausch in der Anlagenplanung mit AutomationML: Integration von CAEX, PLCopen XML und COLLADA. Berlin: Springer.Google Scholar
  22. Drath, R., Lüder, A., Peschke, J., & Hundt, L. (2008). Automationml-the glue for seamless automation engineering. In IEEE International Conference on Emerging Technologies and Factory Automation, 2008. ETFA 2008 (pp. 616–623). Piscataway: IEEE.Google Scholar
  23. Execsecurity. Wiretap detection and telecom threats to businesses. Non peer-reviewed reference. Accessed Dec 2018.
  24. Falliere, N., Murchu, L. O., & Chien, E. (2011). W32. Stuxnet dossier. White Paper, Symantec Corporation, Security Response, 5(6), 29.Google Scholar
  25. Farahmand, F., & Spafford, E. H. (2013). Understanding insiders: An analysis of risk-taking behavior. Information Systems Frontiers, 15(1), 5–15.CrossRefGoogle Scholar
  26. GitHub. About commit signature verification – github help. Non peer-reviewed reference. Accessed Jan 2019.
  27. Git-scm. About – git. Non peer-reviewed reference. Accessed Nov 2018.
  28. Heise. Cyberangriff: Kraussmaffei von hackern erpresst — heise online. Non peer-reviewed reference. Accessed Dec 2018.
  29. IETF. RFC 1122., a. Accessed Nov 2018.
  30. IETF. Rfc 1123 – requirements for internet hosts – application and support., b. Accessed Nov 2018.
  31. Ingenieure, V. D. (2011). Vdi/vde 2182 vdi/vde 2182 blatt 1:2011-01 informationssicherheit in der industriellen automatisierung – allgemeines vorgehensmodell. Scholar
  32. Khronos. Main page – collada public wiki., a. Non peer-reviewed reference. Accessed 24 Jan 2019.
  33. Khronos. COLLADA schema version 1.5.0., b. Non peer-reviewed reference. Accessed 24 Jan 2019.
  34. Langner, R. (2011). Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security & Privacy, 9(3), 49–51CrossRefGoogle Scholar
  35. Loeliger, J., & McCullough, M. (2012). Version Control with Git: Powerful tools and techniques for collaborative software development. Sebastopol: O’Reilly Media.Google Scholar
  36. Meltdownattack. Meltdown and spectre. Non peer-reviewed reference. Accessed Dec 2018.
  37. Microsoft-Docs. How accesscheck works – windows applications — microsoft docs. Non peer-reviewed reference. Accessed Nov 2018.
  38. Miklau, G., & Suciu, D. (2003). Controlling access to published data using cryptography. In Proceedings of the 29th International Conference on Very Large Data Bases (Vol. 29, pp. 898–909). Los Angeles, CA: VLDB Endowment.Google Scholar
  39. Mohamed, S., Mynors, D., Grantham, A., Walsh, K., & Chan, P. (2006). Understanding one aspect of the knowledge leakage concept: people. In Proceedings of the European and Mediterranean Conference on Information Systems (EMCIS) (pp. 6–7). Alicante: EMCIS.Google Scholar
  40. Osswald, T. A., Turng, L.-S., & Gramann, P. J. (2008). Injection molding handbook. Munich: Hanser Verlag.Google Scholar
  41. OxfordDictionaries. Safety — definition of safety in english by oxford dictionaries. Non peer-reviewed reference. Accessed Feb 2019.
  42. Pilato, C. M., Collins-Sussman, B., & Fitzpatrick, B. W. (2008). Version control with subversion: next generation open source version control. Sebastopol: O’Reilly Media.Google Scholar
  43. Plcopen. PLCopen xml. Non peer-reviewed reference. Accessed 13 Feb 2019.
  44. Ross, R., McEvilley, M., & Oren, J. (2016). Nist sp 800-160 systems security engineering: Considerations for a multidisciplinary approach in the engineering of trustworthy secure systems. In National Institute of Standards Technology, US Department of Commerce, Gaithersburg, MD, USA, Tech Report NIST SP (pp. 800–160).Google Scholar
  45. S21sec. Attacks on layer two of the osi model (i) – s21sec. Non peer-reviewed reference. Accessed Dec 2018.
  46. Sandhu, R., Ferraiolo, D., Kuhn, R. (2000). The NIST model for role-based access control: towards a unified standard. In ACM workshop on role-based access control (Vol. 2000, pp. 1–11).Google Scholar
  47. Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. (1996). Role-based access control models. Computer, 29(2), 38–47.CrossRefGoogle Scholar
  48. Schleipen, M., Drath, R., Sauer, O. (2008). The system-independent data exchange format caex for supporting an automatic configuration of a production monitoring and control system. In IEEE International Symposium on Industrial Electronics, 2008. ISIE 2008 (pp. 1786–1791). Piscataway: IEEE.Google Scholar
  49. Schyja, A., Bartelt, M., & Kuhlenkötter, B. (2014). From conception phase up to virtual verification using automationml. Procedia CIRP, 23, 171–177.CrossRefGoogle Scholar
  50. Searchdatabackup. Full, incremental or differential: How to choose the correct backup type. Non peer-reviewed reference. Accessed Dec 2018.
  51. Smart, N. P. (2003). Access control using pairing based cryptography. In Cryptographers Track at the RSA Conference (pp. 111–121). Berlin: Springer.Google Scholar
  52. Subversion. Apache subversion. Non peer-reviewed reference. Accessed Nov 2018.
  53. Support, M. Protect windows against spectre and meltdown. Non peer-reviewed reference. Accessed Dec 2018.
  54. Takabi, H., Joshi, J. B., & Ahn, G.-J. (2010). Security and privacy challenges in cloud computing environments. IEEE Security & Privacy (6), 24–31.CrossRefGoogle Scholar
  55. Thefoa. The foa reference for fiber optics – how to tap fiber optic cables-. Non peer-reviewed reference. Accessed Dec 2018.
  56. TheGuardian. Nsa files decoded: Edward snowden’s surveillance revelations explained — us news — Non peer-reviewed reference. Accessed Aug 2018.
  57. TheLinuxFoundation. Overview of linux kernel security features — — the source for linux information. Non peer-reviewed reference. Accessed Nov 2018.
  58. Thonnard, O., Bilge, L., O’Gorman, G., Kiernan, S., & Lee, M. (2012). Industrial espionage and targeted attacks: Understanding the characteristics of an escalating threat. In International workshop on recent advances in intrusion detection (pp. 64–85). Berlin: Springer.Google Scholar
  59. T. S. of Queensland. Managing information technology risks — business queensland. Non peer-reviewed reference. Accessed Dec 2018.
  60. Tucker, R. L. (1997). Industrial espionage as unfair competition. University of Toledo Law Review. University of Toledo. College of Law, 29, 245.Google Scholar
  61. Tuptuk, N., & Hailes, S. (2018). Security of smart manufacturing systems. Journal of Manufacturing Systems, 47, 93–106.CrossRefGoogle Scholar
  62. Von Hippel, E. (1989). Cooperation between rivals: Informal know-how trading. In Industrial Dynamics (pp. 157–175). Berlin: Springer.CrossRefGoogle Scholar
  63. Wang, H., Sheng, B., & Li, Q. (2006). Elliptic curve cryptography-based access control in sensor networks. International Journal of Security and Networks, 1(3–4), 127–137.CrossRefGoogle Scholar
  64. Wangen, G. (2015). The role of malware in reported cyber espionage: a review of the impact and mechanism. Information, 6(2), 183–211.CrossRefGoogle Scholar
  65. Wikipedia. Spritzgießmaschine – wikipedia. Non peer-reviewed reference. Accessed 22 Feb 2019.
  66. Zhou, L., Varadharajan, V., & Hitchens, M. (2011). Enforcing role-based access control for secure data storage in the cloud. The Computer Journal, 54(10), 1675–1687.CrossRefGoogle Scholar
  67. Zhou, L., Varadharajan, V., & Hitchens, M. (2013). Achieving secure role-based access control on encrypted data in cloud storage. IEEE Transactions on Information Forensics and Security, 8(12), 1947–1960.CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.SBA ResearchViennaAustria
  2. 2.Christian Doppler Laboratory for Security and Quality Improvement in the Production System Lifecycle (CDL-SQI), Institute of Information Systems EngineeringTechnische Universität WienViennaAustria

Personalised recommendations