WFCS 2024: inIT presents paper on the automation of security risk assessments

The International Conference on Factory Communication Systems (WFCS 2024), a leading event in the field of industrial automation, took place from 17-19 April 2024 in Toulouse, France. Marco Ehrlich from the Institute for Industrial Information Technology (inIT) at Technische Hochschule Ostwestfalen-Lippe (TH OWL) presented his publication to interested experts from research and industry.

Marco Ehrlich will take time to answer questions and discuss his paper and the SUSI project during the poster session.

Marco Ehrlich presents his paper at the WFCS 2024.

Content and aim of the publication

In his work-in-progress paper entitled "Requirements Analysis for the Evaluation of Automated Security Risk Assessments", inIT employee Marco Ehrlich focussed on the development of an automated approach for security risk assessments in industrial automation and control systems (IACSs).

The increasing importance of end-to-end security technologies for industrial components, modules and systems is undeniable in view of the rapid development of Industry 4.0 and the growing threat situation. The assessment of security risks is crucial for the safe operation of IACS, but is often neglected due to a shortage of resources and experts. Methods for modelling information and processes have already been developed to automate security risk assessment, but comprehensive assessment is not yet a standard.

The paper describes the challenges and current state of research in this area and aims to evaluate the concept of automated security risk assessment. It analyses the related work and identifies the main shortcomings. The results include a detailed analysis of verification requirements and an outlook on future aspects of assessment.

The paper and Marco's participation in WFCS 2024 was funded by the SUSI project.


About the SUSI project

The SUSI project aims to automate security risk assessments in industry to significantly reduce time and cost. Given the increasing risk from cyber threats and the growing complexity of industrial automation systems, efficient risk assessment is becoming increasingly important.

The project was initiated by the research programme SUSI (Software-based Support of Security Risk Assessments in Industry) and is headed by Prof. Dr. Henning Trsek.

Further information on the SUSI project can be found here: