IIoT: Why Current Crypto Modules Do Not Fit into Industry 4.0 (A03a)
With the introduction and implementation of Industry 4.0 concepts, necessary standards and specifications such as IEC 62443 have also been introduced. As always, cybersecurity plays an essential role within these concepts. But where do we stand in terms of implementation? In the first step of the presentation the requirements for trust anchors and crypto modules will be analyzed to understand why the current approaches especially for crypto modules do not fulfill the requirements in any way. Finally a proposal will be presented how an implementation can look like especially for the industrial automation market so that the security of machines and plants is guaranteed at any time. The concept was developed together with the Campus Schwarzwald, an innovation campus for medium-sized mechanical engineering companies. The conceptual approach was realized in the first step and a trial is currently conducted within production networks to implement specifications such as RFC 8995 (BRSKI) or OPC-UA 10000-21.