In the digitized industry IT security is absolutely essential to protect production plants, industrial control systems, infrastructures and company secrets against IT based attacks. Safeguarding IT systems, however, is expensive and budgets are limited. Fraunhofer Institute for Secure Information Technology SIT supports companies and providers in creating tailored security concepts in order to use IT security budgets in an efficient manner to achieve the best possible results. Fraunhofer SIT uses a production-friendly method for threat modeling.
IT Security Budgets for Efficient Protection
First, the individual protection needs will be determined: business processes and IT architectures will be analyzed, corporate values captured and protection targets provided. A threat analysis will give an overview of possible weaknesses and targets, followed by an evaluation of their risk to the company or the production process. Based on this inventory the Fraunhofer SIT experts will develop a customized IT security concept geared exactly to the customer’s specific requirements and needs.
The production-friendly method of Fraunhofer SIT consists of a three-step approach to threat modeling:
- Information retrieval
- Identification of the need for protection
- Threat analysis
The experts of Fraunhofer SIT have already modeled threats and risks for demonstrators of BOSCH, Duravit, Nobilia, Trumpf and VW as a part of the industrie 4.0 project IUNO – national reference project on IT security in industrie 4.0.