 |
|
Master of Eng. in Automation & IT |
![[ger]](http://fat70s236.eto.fh-koeln.de/automation-and-it/common/flag_ger_inactive.gif "Deutsch version not yet available")
![Englisch [eng]](http://fat70s236.eto.fh-koeln.de/automation-and-it/common/flag_eng.gif)
Englisch|
|
|
 |
|
|
|
Course
Modules
Communication and Security
Industrial Communication and Information Security
Qualification aims
This module enables students to design, manage, and secure industrial automation systems by equipping them with the knowledge of industrial communication components, IT-security systems, real-time Ethernet solutions, and cybersecurity practices, thereby preparing them to protect critical infrastructure against cyber threats and adapt to emerging technologies.
Students can
- identify and describe the key components of industrial communication systems
- evaluate, plan and configure industrial IT-security systems
- implement secure communication practices
- evaluate the impact of emerging technologies
by
- understanding the principles of real-time ethernet solutions and their applications in automation including e.g. TSN, PROFINET and OPC UA
- understanding the difference of horizontal and vertical communication
- gaining detailed knowledge and experience in PROFINET regarding concept, engineering, diagnosis and maintenance
- understanding the requirements and functionality of network devices and controllers
- analyzing and evaluating network traffic in real-time applications by means of tools
- installing and configuring network devices
- planning and commissioning of network installations
- understanding connectivity architectures, current technologies and protocols for industrial applications
- understanding the special prerequisites of industrial IT technologies vs. office environments
- evaluating the pros and cons of various protocols
- understanding industrial security objectives (availability, integrity, confidentiality)
- analyzing security objectives in IT and industrial automation scenarios
- comprehending international security standards for automation such as IEC 62443 or VDI 2182
- determining and evaluating system security vulnerabilities
- understanding and applying risk analysis methods to develop and evaluate measures
- evaluating typical threats, risks and measures in industrial automation scenarios
- developing methods to determine vulnerabilities
- understand encryption methodology incl. signatures
- estimating security tool limitations
- understanding, planning and configuring firewall technology
- applying principles of cybersecurity to industrial networks
- recognizing relationships between topics such as safety and security
to
- be able to design, manage and maintain industrial automation systems
- protect critical automation and information systems against cyber threats
- anticipate and prepare for future challenges
Module Content
Industrial Communication
- Ethernet-based industrial communication (focus on PROFINET)
- Functional principles of ethernet-based field bus systems
- New trends and developments such as TSN
- Network analysis of real-time Ethernet networks
- Network devices (switches, routers)
- Architecture of plant networks vs. corporate networks
- Integration of plant network and corporate network
- Practical part:
- PROFINET engineering and commissioning workshop
- Configuring network devices
- Designing and configuring PROFINET applications including M2M
IT/OT-Security
- Introduction into basic terms of IT/OT security
- The Information security management system
- International standards on IT security, e.g. IEC 62443, ISO 27001
- Cryptographic procedures as mechanisms to achieve security objectives current cryptographic standards
- IT/OT-related European regulations such as NIS2, CRA
- Principles and mechanisms of authentication
- TCP/IP based network and service security (weaknesses, attacks, examples)
- Firewall and IPS systems (application level gateways, packet filters, remote access)
- Specific requirements and conditions of industrial automation
- Threads and risk assessment, introduction into secure product design
- Security aspects of Ethernet based automation protocols
- Functional security limitations and interfaces
- Design aspects and typical architectures of secure automation devices and systems
- Vulnerability Test and development of test cases for benchmarks and adits
- Security & Safety
Bibliography
- Klasen, F. et al.; Industrial Communication with Fieldbus and Ethernet VDE Verlag, 2011, ISBN 978-3-8007-3358-3
- Anderson, Ross: Security Engineering, John Wiley & Sons Inc, 2001
- Eckert, Claudia: IT-Sicherheit. Konzepte Verfahren Protokolle, Oldenbourg, 2006
- Schneier, Bruce: Practical Cryptography, John Wiley & Sons, 2003
- Schneier, Bruce: Secrets & Lies. IT-Sicherheit in einer vernetzten Welt, Dpunkt Verlag, 2006
- http://www.securityfocus.com (aktuelle Sicherheitsmeldungen)
- Normen und Richtlinien: Manufacturing and Control Systems Security ISA SP99 VDE/VDI 2182
- IEC 62443 norm series
- BSI Publications on ISO 27001 / “BSI Grundschutz”
- Pohlmann, Norbert: Cyber-Sicherheit, Springer Verlag, 2022
- Schulz, Thomas: Cyber-Sicherheit für vernetzte Anwendungen in der In-dustrie 4.0, Vogel Verlag, 2020
- Kobes, Pierre: Leitfaden Industrial Security, VDE Verlag, 2024
|
|
|
© 2025 TH Köln
Contact
|
|