NAMUR has published NE 193 "An information model for automation security engineering". The NAMUR recommendation can now be obtained from the office of the interest group.
Definition of a UML information model for automation security engineering
This NAMUR recommendation defines a UML information model for the security engineering of automation systems, i.e. the analysis of security problems, the making of security decisions and the development of security solutions for automation systems. The information model for automation security engineering has the following use cases:
- Information exchange between security-relevant planning tools: Security-relevant information is available in many different software tools or files.
- Model-based security engineering and security by design: An information model is the basis for enabling model-based security engineering and generating flexible visualisations.
- Making security decisions during operation: Security decisions require contextual information from typically different sources.
- Management of standard configurations: Efficiency gains in the operation of security solutions often result from the standardisation of components and their configurations.
The information model described in this NAMUR recommendation can be used for automation security engineering in the design and operation phase of an automation system. It can be used by manufacturers, integrators and operators alike and is independent of industry and location. The area of application of the information model is the documentation of the information used in the security
used and/or generated during the security engineering of an automation system. It therefore documents the security of automation systems. The security of the information in the information model is not considered in this NAMUR recommendation.
SECURITY UNTER KONTROLLE offers added value for users in the process industry
If you want to find out more about cyber security for your production, we recommend SECURITY UNTER KONTROLLE, a dialogue and practice-oriented congress for everyone involved in security in industry. You should take care of security for automation technology - if only you knew how exactly? That is the aim of SECURITY UNTER KONTROLLE. To enable automation specialists, engineers and practitioners to take security into their own hands.