Secure usage of asset administration shells : an overview and analysis of best practises

Abstract

The Asset Administration Shell (AAS) is a core element for Industrie 4.0. In addition, the security of industrial systems is a permanent topic that could be improved by the AAS and should have a high priority for future developments and implementations of the AAS. This paper evaluates the current threat landscape for Industrial Control Systems (ICS) communicating to the AAS, as well as for IT systems hosting the AAS. The relevance of these threats is evaluated for the AAS and the threats with the highest relevance, namely BasicWeb Application Attacks and Malware Infections, are analysed in detail. The recommended countermeasures for these threats are compared with the state of the art of AAS security concepts and result in missing countermeasures and research gaps for an overall security of the AAS.