Refine
Document Type
- Book (3)
- Part of a Book (1)
- Conference Proceeding (3)
- Working Paper (1)
Is part of the Bibliography
- no (8)
Keywords
- ADAM (2)
- Bedrohungslandschaft (1)
- Cyber Security (3)
- Cyber-Security (1)
- Cybersecurity (1)
- Cybersicherheit (1)
- Digital Transformation (1)
- Digitalisierung (1)
- Digitalization (1)
- IT-Komplexität (1)
Institute
In the age of digitalization, manufacturing companies are under increased pressure to change due to product complexity, growing customer requirements and digital business models. The increasing digitization of processes and products is opening up numerous opportunities for mechanical engineering companies to exploit the resulting potential for value creation. Subscription business is a new form of business model in the mechanical engineering industry, which aims to continuously increase customer benefit to align the interests of both companies and customers. Characterized by a permanent data exchange, databased learning about customer behavior, and the transfer into continuous innovations to increase customer value, subscription business helps to make Industry 4.0 profitable. The fact that machines and plants are connected to the internet and exchange large amounts of data results in critical information security risks. In addition, the loss of knowledge and control, data misuse and espionage, as well as the manipulation of transaction or production data in the context of subscription transactions are particularly high risks. Complementary to direct and obvious consequences such as loss of production, the attacks are increasingly shifting to non-transparent and creeping impairments of production or product quality, which are only apparent at a late stage, or the influencing of payment flows. A transparent presentation of possible risks and their scope, as well as their interrelationships, does not exist. This paper shows a research approach in which the structure of subscription models and their different manifestations based on their risks and vulnerabilities are characterized. This allows suitable cyber security measures to be taken at an early stage. From this basis, companies can secure existing or planned subscription business models and thus strengthen the trust of business partners and customers.
Die Umsetzung von Industrie 4.0, also der umfassenden Digitalisierung und Vernetzung der Produktion, stellt Unternehmen noch immer vor Herausforderungen. In dieser Marktstudie wurde eine bei produzierenden Unternehmen identifizierte Hürde, die IT-Komplexität und deren Management, stärker beleuchtet. Unternehmen, die sich besser aufgestellt sehen, legen in der Regel einen stärkeren Fokus auf verschiedene Aktivitäten.
The digital transformation is changing the way companies think and design their manufacturing environment. Both due to the increasing number of connections between IoT-Devices, tooling machines, and production lines and the phenomenon of the convergence of IT and OT, systems are becoming more complex than years ago. Organizational and cultural changes within manufacturing companies strengthen this trend and form Industry 4.0 environments and cyber-physical production systems (CPPS). As these systems do not longer stay alone but are connected to each other and the company’s outside, the size of the potential attack surface is increasing as well. Besides that, manufacturing companies, small and medium-sized in particular, are facing complex challenges based on lack of knowledge, budget, and time to understand as well as to interpret their current situation and risk level and therefore to derive necessary counter-measures. Efficient as well as pragmatic tools and methods for these companies do not exist. This paper shows a research approach in which the company-specific set-up of Industry 4.0 environment and CPPS is characterized by its potential vulnerabilities. This enables companies to evaluate their risk potential before setting up this kind of environments and to undJo,erstand the potential consequences more precisely. By doing so, companies can derive and prioritize important counter-measures and so to strengthen their level of cyber-security efficiently. This will decrease the number of cyber-security attacks and increase the company’s competitiveness.
Bereits Angriffe auf einzelne Unternehmen in der Supply-Chain können eine Kettenreaktion auslösen, die ein ganzes Netz von Partnern gefährden kann. Dieselben Informations- und Kommunikationstechnologien, die einen enormen Beitrag zur Produktivität sowie nationalen und globalen Wettbewerbsfähigkeit von Zuliefernden leisten, vergrößern heute für Unternehmen die mögliche Bedrohungslandschaft. Prominente Ransomware-Angriffe auf die Reederei Maersk und auf den Anbieter für IT-Management-Lösungen Kaseya haben gezeigt, wie anfällig Lieferketten für Cyberkriminelle sind und zu welchen massiven finanziellen Schäden diese führen können. Als Reaktion auf die COVID-19-Pandemie haben viele Unternehmen massiv in ihre digitale Transformation und somit auch in die Digitalisierung der Lieferketten investiert. Dadurch sind Unternehmen nicht nur attraktivere Ziele für Cyberangriffe geworden, sondern bieten den Angreifern mit der digitalisierten Supply-Chain auch einen vielversprechenden neuen Angriffsweg. Derartige Supply-Chain-Attacken greifen ein oder mehrere Unternehmen an und dienen so als trojanisches Pferd, um in letzter Konsequenz ganze Wertschöpfungsnetzwerke zu infiltrieren. Da die Auswirkungen von Angriffen auf die Versorgungsketten zahlreicher Unternehmen nahezu unbegrenzt sind, können Supply-Chain-Attacken nicht als ein isoliertes Problem behandelt werden. Vielmehr müssen diese innerhalb einer ganzheitlichen Cyber-Security-Strategie sowohl beim Zulieferer als auch bei dessen Partnerunternehmen Berücksichtigung finden, um den vielschichtigen Bedrohungen präventiv begegnen zu können. Der folgende Beitrag versteht sich als Überblick bezüglich der aktuellen Bedrohungslandschaft im Bereich Logistik 4.0 und Supply-Chain-Management sowie der möglichen Reaktionsmaßnahmen.
Networked digitalisation as an enabler for smart products and data-based business models presents companies with numerous and diverse challenges on their way through the digital transformation. Various reference architecture models have been developed in recent years to support these companies. A detailed analysis of these and in particular their use by companies quickly showed that currently existing reference models have major weaknesses in their practical suitability. With the Aachen Digital Architecture Management (ADAM), a framework was developed that specifically addresses the weaknesses of existing reference architectures and specifically takes up their strengths. As a holistic model, specially developed for use by companies, ADAM structures the digital transformation of companies in the areas of digital infrastructure and business development starting from customer requirements. Systematically, companies are enabled to drive the design of the digital architecture, taking into account design fields. The description of the design fields offers a detailed insight into the essential tasks on the way to a digitally networked company. The model is not only a structuring aid, but also contains a construction kit with the design fields to configure the procedure in the digital transformation. The procedure differentiates between the development of the digitalisation strategy and the implementation of the digital architecture. Three different case studies also show how ADAM is used in industry, what structuring support it can provide and how the digital transformation can be configured. The breadth and depth of ADAM enable companies to take the path of digital transformation systematically and in a structured manner, without ignoring the value-creating components of digitalisation. This qualifies ADAM as a sustainability-oriented framework, as it places the economic scaling, needs-based adaptation and future-oriented robustness of solution modules in the focus of digital transformation.