security and quality improvement in the production system ... · christian doppler labor. security...
TRANSCRIPT
![Page 1: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/1.jpg)
Christian Doppler Labor
Security and Quality Improvement in the Production System Lifecycle (SQI)
![Page 2: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/2.jpg)
Univ.Prof. Dipl.-Ing. Dr.techn.Vice-Rector for Research and Innovation
Johannes Fröhlich
![Page 3: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/3.jpg)
o.Univ.Prof. DI Dr. Dr.h.c. Vorsitzender des Senats der Christian Doppler Forschungsgesellschaft
Hans Irschik
![Page 4: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/4.jpg)
Univ.Prof. Dipl.-Ing. Dr.techn.Dekan der Fakultät für Informatik
Hannes Werthner
![Page 5: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/5.jpg)
Christian Doppler LaborEdgar Weippl
Security and Quality Improvement in the Production System Lifecycle (SQI)
![Page 6: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/6.jpg)
Stuxnet – 2010
German steel mill–2014
Blackout Ukraine –2015
Industroyer– 2016
WannaCry– 2017
Well-known CPS attacks
![Page 7: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/7.jpg)
![Page 8: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/8.jpg)
Governance Strategy & Metrics (SM)
Compliance & Policy (CP)
Training (T)
Intelligence Attack Models (AM)
Security Features & Design (SFD)
Standards & Requirements (SR)
SSDL Touchpoints
Architecture Analysis (AA)
Code Review (CR)
Security Testing (ST)
Deployment Penetration Testing (PT)
Software Environment (SE)
Configuration M. & Vulnerability Management (CMVM)
Adoption of Software Security is difficult
![Page 9: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/9.jpg)
Changes in Production System Engineering
• Centrally accessible data repositories• Global collaboration with partially trusted and
untrusted parties• Modern information technology in PSE
• Security Mechanisms in a production system environment
• Threat Landscape
![Page 10: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/10.jpg)
Centrally accessible data repositories
• Data Provenance• Tools modify certain properties• Software errors
• Remote Attestation• Sensors in adversarial environment
• Availability and Confidentiality of Testing Data• Modelling “everything”?• Verfication vs. real world, e.g. KRACK
![Page 11: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/11.jpg)
Collaboration partially trusted & untrusted parties
• Sharing event data - partial information disclosure• Distributed ledger technology
• Permissioned blockchain• Interlinking with public blockchains
• Fingerprinting data
![Page 12: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/12.jpg)
Modern information technology in PSE
• Security Mechanisms in a production system environment
• Software updates• Software obfuscation, software diversity
• Threat Landscape• Testing for critical control loops• Risk assessment – security & asset ontology
![Page 13: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/13.jpg)
Ontology-based Bayesian network construction
Dumpster Diving
Improper Media
Disposal
Data/Media Disposal Control
AND
OR
AND
Data disposal policy
Media disposal contract
Data deletion SW
Shredder
owl:intersectionOf T=1
owl:unionOf, T=0
sec:exploitedBy sec:mitigates owl:equivalentTo
Identify nodes with parents
Check semantic of link properties
Extract weight from tertiary pattern
Compute conditional probabilities
Ind Child Parent Val
W_1 A_1 B_1 0,8
W_2 A_1 B_2 0,2
Class W
Will build on previous work by Stefan Fenz
![Page 14: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/14.jpg)
Aktuelle Grundlagenthemen
„Mit dem digitalen Zwilling zur sicheren Produktion“
Blackouts durch Botnetze – Utopie oder Wirklichkeit?“
„Towards Sustainable BlockchainEngineering“
„Prozessverbesserung im Anlagen-Engineering“
„Effiziente und flexible Testautomatisierung im Anlagen-Engineering“
„Software-Ökosystem für paralleles Anlagen-Engineering“
![Page 15: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/15.jpg)
Edgar Weippl
Christian Doppler Labor für die Verbesserung von Sicherheit und Qualität in Produktionssystemen (CDL SQI)Technische Universität WienFavoritenstraße 9-11, 1040 Wien+43 1 58801 [email protected]
![Page 16: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/16.jpg)
Matthias A. Eckhart
Mit dem digitalen Zwilling zur sicheren Produktion
![Page 17: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/17.jpg)
“A digital twin is an integrated […] simulation of a […] system that uses the best available physical models, sensor updates, […] etc., to mirror the life of its flying twin.”(Shafto et al., 2010)
Der digitale Zwilling
Quelle: Schleich et al., 2017
• Konzept aus der Raumfahrt• NASA
• Gedacht als Unterstützung bei Zertifizierungen & Mission selbst
![Page 18: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/18.jpg)
Nutzen für die intelligente Fabrik
•Deskriptiv•„Was passiert & wie?“Visualisierung
•Diagnose•„Warum ist es passiert?“Monitoring
•Experiment am Modell•„Wie könnte es passieren?“Simulation
•Vorausschauend•„Was wird passieren?“Prognose
Design
Implementierung
Verifikation & Validierung
Inbetriebnahme
Betrieb
![Page 19: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/19.jpg)
Beispiel: „Sequence Attacks“
Anwendungsfälle: Security
System Testing
• Virtuelle Inbetriebnahme
• Testen von Konfigurationen
Fehlkonfigurationenerkennen
• Manipulationen durch Angreifer
• Unbekannte Geräte im Netz identifizieren
Penetration Testing
• Keine Störung des Produktivsystems
• Keine Testumgebung nötig
Intrusion Detection
• Basierend auf der Spezifikation
• Abweichungen (physisch/virtuell)
• Prozessverständnis
![Page 20: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/20.jpg)
• Deaktivierung im Zuge einer Attacke
• Teil der Attacke• Abschalten von Systemen• Auslösen eines Fehlalarms
• Absichtlich deaktiviert• Tschernobyl
Safety-Maßnahmen in der Produktion
„Bereits ausreichender Schutz?“
Quelle: Wikimedia
![Page 21: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/21.jpg)
Architektur von CPS Twinning
Physical EnvironmentUser
CPS Twinning Framework
Virtual Environment
Domain Knowledge
Engineer Knowledge
Generator
Mon
itorin
g
Devi
ce T
estin
g
Secu
rity
& S
afet
y An
alys
is
Devices with Configurations
Network Setup Logic (SFC, ...)
Security and Safety Rules
Physics Rules
Security and Safety Rules
Device Templates
Management Client (Viz)
HMI 1
Motor 1
Sensor 1
HMI 1
PLC 1
PLC 1
Beha
vior
Lea
rnin
g &
An
alyt
ics
Physical Devices
HMI 1
Repl
icatio
n
Switch 1
Switch 1
Network Traffic
Sensor Data
Sensor 1
Sim
ulat
ion
Log Files
Motor 1
![Page 22: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/22.jpg)
Beispiele: Security & Safety Regeln
Quelle: Wikimedia
Implizit
Physikalische Gesetze
Explizit
Schwellenwerte für Variablen
0
50
100
150
![Page 23: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/23.jpg)
Zusammenfassung
HMI 1
PLC 1
Motor 1
Phys
isch
HMI 1
PLC 1
Motor 1
Virt
uell
Zwillings-bildung
Daten
UseCases
Security
Safety
Qualität
![Page 24: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/24.jpg)
PLC 1
Replication Modus
Ausblick
PLC 1
Ablaufverfolgung Validierung an echtem Produktionssystem
Physisch Virtuell
![Page 25: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/25.jpg)
Matthias A. Eckhart
Christian Doppler Labor für die Verbesserung vonSicherheit und Qualität in Produktionssystemen (CDL SQI)Technische Universität WienFavoritenstraße 9-11, 1040 [email protected]
![Page 26: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/26.jpg)
Johanna Ullrich
Blackouts durch BotnetzeUtopie oder Wirklichkeit?
![Page 27: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/27.jpg)
Nominale Frequenz
Quelle: netzsin.us
![Page 28: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/28.jpg)
Angriff 1: Statischer Angriff
![Page 29: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/29.jpg)
Angriff 1: Statischer Angriff
![Page 30: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/30.jpg)
Angriff 2: Dynamischer Angriff
![Page 31: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/31.jpg)
Bots und Ihr Energieverbrauch
![Page 32: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/32.jpg)
Botnet Szenarien
![Page 33: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/33.jpg)
Botnet Szenarien
![Page 34: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/34.jpg)
Konsequenzen
![Page 35: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/35.jpg)
Johanna Ullrich
Christian Doppler Labor für die Verbesserung von Sicherheit und Qualität in Produktionssystemen (CDL SQI)Technische Universität WienFavoritenstraße 9-11, 1040 [email protected]
![Page 36: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/36.jpg)
Nicholas Stifter
Towards Sustainable BlockchainEngineering
![Page 37: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/37.jpg)
Towards Sustainable Blockchain Engineering
Blockchain is currently a Hype Topic
Gartner Hype Cycle, Bildquelle: Wikipedia
![Page 38: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/38.jpg)
Towards Sustainable Blockchain Engineering
Blockchain Technology beyond Cryptocurrencies
![Page 39: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/39.jpg)
Towards Sustainable Blockchain Engineering
The long-term impact of Blockchain technologies is still largely unclear and necessitates further investigation in aspects such as:
Scalability and Sustainability Compliance, i.e. Data deletion and GDPR Governance and Protocol changes Privacy vs. Transparency/Auditability
![Page 40: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/40.jpg)
Towards Sustainable Blockchain Engineering
We are conducting basic research centered around Blockchain protocol engineering with a focus on security, scalability and sustainability
Example of recent work: Cryptocurrency Mining and its Effect on Power Grids
![Page 41: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/41.jpg)
Towards Sustainable Blockchain Engineering
Evolution of Cryptocurrency Mining
Bildquelle: Narayanan et al. Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction. Princeton University Press, 2016.
![Page 42: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/42.jpg)
Towards Sustainable Blockchain Engineering
Characteristics of Cryptocurrency Mining Very Homogeneous Hard- and Software Miners predominantly participate in mining pools with
centralized infrastructures Most of the hashrate is aggregated among just a few large
mining pools Power consumption of mining hardware can change quickly
enough to make attacks feasible* Previous security incidents underline feasibility of an attack
or accidental failure
*A. Dabrowski, J. Ullrich, E. Weippl,“Grid Shock: Coordinated Load-Changing Attacks on Power Grids” , ACSAC 2017.
![Page 43: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/43.jpg)
Towards Sustainable Blockchain Engineering Hashrate and Power Consumption was Determined
05
101520253035
Jan13 Jan 14 Jan15 Jan16 Jan17 Jan18
Tota
l Has
hrat
e in
EH
/s
0
50
100
150
200
250
300
Jan16 Jul16 Jan17 Jul17 Jan18
Tota
l Has
hrat
e in
TH
/s
0
0.5
1
1.5
2
2.5
Jan13 Jan14 Jan15 Jan16 Jan17 Jan18Tota
l Pow
er C
onsu
mpt
ion
in G
W
00.2
0.4
0.6
0.8
11.2
1.4
Jan16 Jul16 Jan17 Jul17 Jan18Tota
l Pow
er C
onsu
mpt
ion
in G
W
Ethereum Bitcoin
![Page 44: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/44.jpg)
Towards Sustainable Blockchain Engineering
Current Mining Power Consumption in European Networks
![Page 45: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/45.jpg)
Towards Sustainable Blockchain Engineering
Predicted Power Consumption in the UCTE Network
3
5
10
15
20
Jan13 Jan14 Jan15 Jan16 Jan17 Jan18 Jan19 Jan20
Reference Incident
Pow
er C
onsu
mpt
ion
in G
W
11 %33 %54 %
3
5
10
15
20
Jan16 Jan18 Jan20 Jan22 Jan24 Jan26 Jan28 Jan30 Jan32
Reference Incident
Pow
er C
onsu
mpt
ion
in G
W
6 %14 %22 %
Bitcoin (χ2 = 0.88) Ethereum (χ2 = 0.88)
amount of Miners in UCTEamount of Miners in UCTE
![Page 46: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/46.jpg)
Towards Sustainable Blockchain Engineering
Conclusion
Currently by itself Cryptocurrency mining does not appear to pose an immediate threat to reliable power grid operation
However, if the growth rate continues, critical levels of power consumption for individual Cryptocurrencies in the UCTE network could be reached within the next years, possibly sooner
The large consumption of electricity raises further open questions such as a potential widespread increase in power cost
![Page 47: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/47.jpg)
Nicholas A. Stifter
Christian Doppler Labor für die Verbesserung vonSicherheit und Qualität in Produktionssystemen (CDL SQI)Technische Universität WienFavoritenstraße 9-11, 1040 [email protected]
![Page 48: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/48.jpg)
Prozessverbesserung im Anlagen-EngineeringHerausforderungen aus der Testautomatisierung und dem parallelen Engineering
Dietmar Winkler
![Page 49: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/49.jpg)
Motivation• Engineering von Produktionssystemen.• Multi-Disziplinäre und heterogene Entwicklungsumgebung.• Heterogenität von Software-Werkzeugen und sequenzielle Engineering
Prozesse.
• Bedarf an Prozessverbesserung• Paralleles Engineering• Flexible Testautomatisierung
Anlage
Komponente
Test / Commissioning OperationPlant
Planner
Mechanical Engineer Electrical
Engineer
QA
Changes from Late Engineering Phases
QA
System Design
QA
SystemConstruction
SoftwareEngineer
QA
Implementation
![Page 50: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/50.jpg)
Engineering Prozessverbesserung• Aktuell: „grobkörniger“ und iterativer Round-Trip-Engineering Prozess
• Beiträge von Stakeholdern werden selten synchronisiert, z.B. Datenaustausch via E-Mail und manuelle Synchronisierung
• Bedarf: • Flexible (agile) Konzepte zur Unterstützung eines iterativen Prozesses.• Nachvollziehbare Änderungen und effizienter Datenaustausch.• Überblick über Projektstatus.
Plant Planner
Software Engineer
Electrical Engineer
MechanicalEngineer
PlantPlanning
SoftwareAutomation
ElectricalPlanning
Mechanical Planning
Shared Data
Shared Data Shared Data
Shared Data
PlantPlanning Data
MechanicalPlanning Data
SoftwarePlanning Data
ElectricalPlanning Data
Plant Planner
Software Engineer
Electrical Engineer
MechanicalEngineer
PlantPlanning
SoftwareAutomation
ElectricalPlanning
Mechanical Planning
Shared Data
Shared Data Shared Data
Shared Data
PlantPlanning Data
MechanicalPlanning Data
SoftwarePlanning Data
ElectricalPlanning Data
Data ExchangePlatform
![Page 51: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/51.jpg)
Engineering Prozesse mit Agilen Praktiken
(1) Feature Backlogs für Disziplinen.(2) Agile Prozesse aus der Wirtschaftsinformatik (z.B. Scrum) (3) Integrationsplattform für effizienten und sicheren Datenaustausch und effizientes Änderungsmanagement(4) Einbettung in den Produktlebenszyklus.
Data Exchange Platform
ElectricalPlanningSprint(s)
SoftwarePlanningSprint(s)
PlantPlanning
MechanicalPlanningSprint(s)
Plant Planner
Software Engineer
Electrical EngineerMechanical
Engineer
ProductBacklog (PB)
Sprint Backlog Feature Feature FeatureSB SB
Test / Commissioning
Software Engineer
Electrical Engineer
MechanicalEngineer
1
2a 2b 2c
3
4
![Page 52: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/52.jpg)
Qualitätssicherung und Testautomatisierung• Aktuell: starre Werkzeugketten für Testautomatisierung, mit Lücken.
• Bedarf: • Flexibel konfigurierbare und durchgängige Werkzeugketten für die
Testautomatisierung.• Unterstützung bei der Erstellung von Tests.
Test Management
TestfallDefinition
Test- Automatisierung
System under Test (SuT)
Werkzeug 2
Werkzeug 3
Werkzeug 1
Human-based
Test Management
TestfallDefinition
Test- Automatisierung
System under Test (SuT) SimulationPhysisches
System
Test Manager,Fachtester (Domänen Experte)
Fachtester (Domain Experte) & Test Experte
Fachtester,Test Experte
Test Automatisierer
Fachtester (Domänen Experte)
Fachtester (Domänen Experte)
Test Experte & Test Automatisierer
Test Manager,Fachtester (Domänen Experte)
![Page 53: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/53.jpg)
Flexible Testautomatisierung
• Prototyp für flexible und konfigurierbare Testautomatisierung• Prototypischer Anwendungsfall
(1) Flexible Konfiguration von Testfällen durch den Fachtester.(2) Automatische Testfallkonfiguration, Ausführung und Reporting.(3) Bereitstellung und Erweiterung von Test Code durch Test Experten.
Test ManagerFachtester (Domänen Experte)
Test Automatisierer
Fachtester (Domain-Experte)
Test Experte
Test Experte
![Page 54: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/54.jpg)
Zusammenfassung und nächste Schritte
Verbesserung von Engineering und Testprozessen in heterogenen und Multi-Disziplinärem Entwicklungsumfeld.
Unser Angebot:• Unterstützung der Fachtester: Effiziente
und flexible Test-Prozesse.
• Unterstützung der Testautomatisierer: Schließen von Lücken in der Software-Werkzeugkette.
• Unterstützung von System-Integratoren:Effizienter, sicherer und nachvollziehbarerDatenaustausch zwischen Software-Werkzeugen.
Plant Planner
Software Engineer
Electrical Engineer
MechanicalEngineer
PlantPlanning
SoftwareAutomation
ElectricalPlanning
Mechanical Planning
Shared Data
Shared Data Shared Data
Shared Data
PlantPlanning Data
MechanicalPlanning Data
SoftwarePlanning Data
ElectricalPlanning Data
Data ExchangePlatform
![Page 55: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/55.jpg)
Dietmar Winkler
Christian Doppler Labor für die Verbesserung von Sicherheit und Qualität in Produktionssystemen (CDL SQI)Technische Universität WienFavoritenstraße 9-11, 1040 [email protected]
![Page 56: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/56.jpg)
Kristof Meixner
Effiziente und flexible Testautomatisierung im Anlagen-Engineering
![Page 57: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/57.jpg)
Test eines Roboterarmes
![Page 58: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/58.jpg)
Warum Testen?
• Frühes Aufdecken von Fehlern in Systemen• Kostensparend• Sicherheitssteigernd• Qualitätssteigernd
Sim
one
Gier
tz
CNN
/Spa
ceX
![Page 59: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/59.jpg)
Testen im Anlagen-Engineering
• Testen unterschiedlicher Bereiche der Anlage• Isolierte Tests – z.B. Roboterarm• Systemtests – z.B. Produktionskette
• Testen zu unterschiedlichen Zeitpunkten im Engineering• Planungsphase• Abnahmephase
• Automation steigert Testeffektivität & -effizienz
![Page 60: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/60.jpg)
Was ist Testautomation?
• Automatisierung wiederkehrender Aufgaben• Testausführung• Berichterstattung• Management der Testumgebung
• Problem• Lücken in der automatisierten Testkette
• Lösungsansatz• Bessere Integration der Werkzeuge• Unabhängige Schnittstelle zwischen
Werkzeugen
Test Management
TestfallDefinition
Test- Automatisierung
System under Test (SuT)
Werkzeug 2
Werkzeug 3
Werkzeug 1
Human-based
![Page 61: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/61.jpg)
Warum flexible Testautomation?
• Problem• Akteure nutzen unterschiedliche Werkzeuge &
Technologien• Firmen abhängig• Projekt abhängig
• Lösungsansatz• Auffinden von Gemeinsamkeiten & Variationen• Konfiguration von Kombinationen für Varianten
• Ziel• Effiziente Wiederverwendung von Testkonfigurationen
![Page 62: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/62.jpg)
Framework Testautomatisierung
• Entwicklung und Nutzung eines „Test Automation Frameworks“
• Vorteile• Effizientere Test Automation durch Prozess und
Methodenverbesserung• Effizientere Wiederverwendung
von Tests und Konfigurationen• Schnelleres Setup neuer
Testumgebungen
Test Management
TestfallDefinition
Test- Automatisierung
System under Test (SuT) SimulationPhysisches
System
![Page 63: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/63.jpg)
Prototyp TAMES – Test Roboterarm
• Formulierung der Tests in JIRA• Testsprache unabhängig von Programmiersprache
![Page 64: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/64.jpg)
Prototyp TAMES – Test Roboterarm
• Automatische Ausführung der Tests in einer Simulation
![Page 65: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/65.jpg)
Prototyp TAMES – Test Roboterarm
• Direkte Rückmeldung in JIRA
![Page 66: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/66.jpg)
Kristof Meixner
Christian Doppler Labor für die Verbesserung von Sicherheit und Qualität in Produktionssystemen (CDL SQI)Technische Universität WienFavoritenstraße 9-11, 1040 [email protected]
![Page 67: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/67.jpg)
Felix Rinker
Software Ökosystem für paralleles Anlagen-Engineering
![Page 68: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/68.jpg)
Prozess im Anlagen-Engineering• Allgemeiner Entwurfsprozess z.B. Produktionsanlagen Planung
• Grobentwurf Feinplanung
• Traditionelles Prozessmodell• Sequenzielle Reihenfolge der Prozessschritte• Spezifische Werkzeuge per Disziplin ohne zentrale Datensicht
![Page 69: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/69.jpg)
Flexibler Prozess im Anlagen-Engineering• Round-Trip-Engineering
• Integration von unterschiedlichen Engineering Werkzeugen• Werkzeug-spezifische Daten werden integriert• Disziplin-spezifische Sichten auf den zentralen Datenstand
Data ExchangePlatform
Software Engineer
Electrical Engineer
MechanicalEngineer
Plant Planner
Provide PlantTopology
Derive Plant Topology (mechanical view)
Update MechanicalPlanning Data
Update Electrical Planning Data
Derive Plant Topology(electrical view)
Update Software Planning Data
Derive Plant Topology(software view)
1
2
3
4 5
7
6
Anlagenplaner
Mechanisches Engineering
Elektrisches Engineering
Software Engineering
![Page 70: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/70.jpg)
Datenbasis Engineering WerkzeugeExistierende Engineering Werkzeuge
• Datenhaltung innerhalb des Werkzeugs ist herstellerspezifisch und firmenabhängig
• Datenexport in prioritärem Format
AutomationML• Standardisierter
und strukturierter Datenaustausch
![Page 71: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/71.jpg)
AML Datenbasis für Engineering WerkzeugeAML als Datenbasis
• Gemeinsames Anlagenmodell zur zentrales Datenhaltung• Generierung spezifischer Sichten
• Disziplin• Anwendungsfall
AML-spezifischen Werkzeugen• Existieren noch nicht• Unternehmensintern
CoreModel
Mechanische Sicht
Elektrische Sicht
Struktur Sicht * Sicht
![Page 72: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/72.jpg)
Software Ökosystem für Anlagen-Engineering mit AML• Entwicklung AML Software Ökosystem
• Unterstützt das flexible Engineering
• Prototype-Werkzeuge für neuartige AML Konzepte
• Vorteile• Effizienterer Anlagen-
Engineering Prozess und Methodenverbesserung
• Effizienter Datenaustausch• Basis zur Entwicklung von AML-
spezifischen Werkzeugen
![Page 73: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/73.jpg)
Prototyp Anlagen-Engineering Browser
• Basis für Entwicklung von Datenschnittstelle
• Basis für AML Anlagen-Engineering Werkzeuge
Strukturierte Darstellung der
Anlage Spezifische Baumansicht basierend
auf dem AML Modell
Einfaches Navigieren zu verlinkten Engineering
Artefakten
![Page 74: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/74.jpg)
Zusammenfassung und Ausblick• Herausforderungen
• Gemeinsame Datenschnittstelle• Spezifische Projektsichten• Nachverfolgbarkeit von Datenänderungen
• Nächste Schritte• AML Datenkernmodell• Plattform für spezifische Projektsichten• Integration von Werkzeugdaten
• Beiträge• AML Datenkernmodell• Plattform für Engineering Disziplinen mit spezifischer
Werkzeugintegration
![Page 75: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/75.jpg)
Felix Rinker
Christian Doppler Labor für die Verbesserung von Sicherheit und Qualität in Produktionssystemen (CDL SQI)Technische Universität WienFavoritenstraße 9-11, 1040 [email protected]
![Page 76: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/76.jpg)
www.sqi.at
![Page 77: Security and Quality Improvement in the Production System ... · Christian Doppler Labor. Security and Quality Improvement in the Production System Lifecycle (SQI)](https://reader030.vdocument.in/reader030/viewer/2022041222/5e0b95a8623eec594770a7d2/html5/thumbnails/77.jpg)