Industry 3.0 was willed into this world back in 1969. Building onto this concept of automation in industrial processes, Industry 4.0 introduces data collection to optimize even further. This does bring new security risks with it. In this project, we specifically focus on Asset Administration Shells (AAS) which optimizes machine interconnection. Because this is a fairly new concept with limited adoption, there is not much research available into the security risks associated with AAS systems. In our project we have explored these risks and potential mitigations.
Therefore, the main research question for this project was “What are the security risks of an AAS within an industry 4.0 digital factory and how can we reduce them?”. This R&D project was performed for the INTERSECT consortium of which Fontys ICT is a part. But before we had the opportunity to investigate the AAS’ security, we had to create our own proof of concept-version of such a digital factory environment including an AAS. We performed a lot of research on the world wide web to understand the theory about all the different aspects of the AAS (library). In addition to that, we did field research to gather information from companies/experts in the industry 4.0 about their insights and implementation. Later on, when working on our proof of concept (workshop), we have done a lot of testing and simulation within our environment (lab). Security tests (or penetration tests) on our own environment were part of the project. Based on our test plan and some test results, we were able to answer the security related research questions for the R&D project.