---
_id: '12995'
abstract:
- lang: eng
  text: Due to Industry 4.0 developments, the demanded modularity of manufacturing
    systems generates additional manual efforts for security experts to guarantee
    a secure operation. The rising utilization of information and the frequent changes
    of system structures necessitate a continuous and automated security engineering,
    especially by application of the mandatory security risk assessments. Collecting
    the required information for these assessments and formalising expert knowledge
    shall improve the security of modular manufacturing systems in the future. In
    order to automate the security risk assessment process, this work proposes a method
    to determine the Target Security Level (SL-T) in conformance to the IEC 62443
    standard based on the MITRE ATT&CK framework and the Intel Threat Agent Library
    (TAL).
author:
- first_name: Marco
  full_name: Ehrlich, Marco
  id: '61562'
  last_name: Ehrlich
- first_name: Andre
  full_name: Bröring, Andre
  id: '65130'
  last_name: Bröring
- first_name: Christian
  full_name: Diedrich, Christian
  last_name: Diedrich
- first_name: Jürgen
  full_name: Jasperneite, Jürgen
  id: '1899'
  last_name: Jasperneite
- first_name: Wolfgang
  full_name: Kastner, Wolfgang
  last_name: Kastner
- first_name: Henning
  full_name: Trsek, Henning
  id: '1486'
  last_name: Trsek
  orcid: 0000-0002-0133-0656
citation:
  ama: Ehrlich M, Bröring A, Diedrich C, Jasperneite J, Kastner W, Trsek H. <i>Determining
    the Target Security Level for Automated Security Risk Assessments</i>. (Jasperneite
    J, Institute of Electrical and Electronics Engineers, eds.). IEEE; 2023. doi:<a
    href="https://doi.org/10.1109/indin51400.2023.10217902">10.1109/indin51400.2023.10217902</a>
  apa: 'Ehrlich, M., Bröring, A., Diedrich, C., Jasperneite, J., Kastner, W., &#38;
    Trsek, H. (2023). Determining the Target Security Level for Automated Security
    Risk Assessments. In J. Jasperneite &#38; Institute of Electrical and Electronics
    Engineers (Eds.), <i>2023 IEEE 21st International Conference on Industrial Informatics :
    INDIN 2023 : 17-20 July 2023, Lemgo, Germany</i>. IEEE. <a href="https://doi.org/10.1109/indin51400.2023.10217902">https://doi.org/10.1109/indin51400.2023.10217902</a>'
  bjps: '<b>Ehrlich M <i>et al.</i></b> (2023) <i>Determining the Target Security
    Level for Automated Security Risk Assessments</i>, Jasperneite J and Institute
    of Electrical and Electronics Engineers (eds). [Piscataway, NJ]: IEEE.'
  chicago: 'Ehrlich, Marco, Andre Bröring, Christian Diedrich, Jürgen Jasperneite,
    Wolfgang Kastner, and Henning Trsek. <i>Determining the Target Security Level
    for Automated Security Risk Assessments</i>. Edited by Jürgen Jasperneite and
    Institute of Electrical and Electronics Engineers. <i>2023 IEEE 21st International
    Conference on Industrial Informatics : INDIN 2023 : 17-20 July 2023, Lemgo, Germany</i>.
    [Piscataway, NJ]: IEEE, 2023. <a href="https://doi.org/10.1109/indin51400.2023.10217902">https://doi.org/10.1109/indin51400.2023.10217902</a>.'
  chicago-de: 'Ehrlich, Marco, Andre Bröring, Christian Diedrich, Jürgen Jasperneite,
    Wolfgang Kastner und Henning Trsek. 2023. <i>Determining the Target Security Level
    for Automated Security Risk Assessments</i>. Hg. von Jürgen Jasperneite und Institute
    of Electrical and Electronics Engineers. <i>2023 IEEE 21st International Conference
    on Industrial Informatics : INDIN 2023 : 17-20 July 2023, Lemgo, Germany</i>.
    [Piscataway, NJ]: IEEE. doi:<a href="https://doi.org/10.1109/indin51400.2023.10217902">10.1109/indin51400.2023.10217902</a>,
    .'
  din1505-2-1: '<span style="font-variant:small-caps;">Ehrlich, Marco</span> ; <span
    style="font-variant:small-caps;">Bröring, Andre</span> ; <span style="font-variant:small-caps;">Diedrich,
    Christian</span> ; <span style="font-variant:small-caps;">Jasperneite, Jürgen</span>
    ; <span style="font-variant:small-caps;">Kastner, Wolfgang</span> ; <span style="font-variant:small-caps;">Trsek,
    Henning</span> ; <span style="font-variant:small-caps;">Jasperneite, J.</span>
    ; <span style="font-variant:small-caps;">Institute of Electrical and Electronics
    Engineers</span> (Hrsg.): <i>Determining the Target Security Level for Automated
    Security Risk Assessments</i>. [Piscataway, NJ] : IEEE, 2023'
  havard: M. Ehrlich, A. Bröring, C. Diedrich, J. Jasperneite, W. Kastner, H. Trsek,
    Determining the Target Security Level for Automated Security Risk Assessments,
    IEEE, [Piscataway, NJ], 2023.
  ieee: 'M. Ehrlich, A. Bröring, C. Diedrich, J. Jasperneite, W. Kastner, and H. Trsek,
    <i>Determining the Target Security Level for Automated Security Risk Assessments</i>.
    [Piscataway, NJ]: IEEE, 2023. doi: <a href="https://doi.org/10.1109/indin51400.2023.10217902">10.1109/indin51400.2023.10217902</a>.'
  mla: 'Ehrlich, Marco, et al. “Determining the Target Security Level for Automated
    Security Risk Assessments.” <i>2023 IEEE 21st International Conference on Industrial
    Informatics : INDIN 2023 : 17-20 July 2023, Lemgo, Germany</i>, edited by Jürgen
    Jasperneite and Institute of Electrical and Electronics Engineers, IEEE, 2023,
    <a href="https://doi.org/10.1109/indin51400.2023.10217902">https://doi.org/10.1109/indin51400.2023.10217902</a>.'
  short: M. Ehrlich, A. Bröring, C. Diedrich, J. Jasperneite, W. Kastner, H. Trsek,
    Determining the Target Security Level for Automated Security Risk Assessments,
    IEEE, [Piscataway, NJ], 2023.
  ufg: '<b>Ehrlich, Marco u. a.</b>: Determining the Target Security Level for Automated
    Security Risk Assessments, hg. von Jasperneite, Jürgen, Institute of Electrical
    and Electronics Engineers, [Piscataway, NJ] 2023.'
  van: 'Ehrlich M, Bröring A, Diedrich C, Jasperneite J, Kastner W, Trsek H. Determining
    the Target Security Level for Automated Security Risk Assessments. Jasperneite
    J, Institute of Electrical and Electronics Engineers, editors. 2023 IEEE 21st
    International Conference on Industrial Informatics : INDIN 2023 : 17-20 July 2023,
    Lemgo, Germany. [Piscataway, NJ]: IEEE; 2023.'
conference:
  end_date: 2023-07-20
  location: Lemgo
  name: 21st International Conference on Industrial Informatics (INDIN)
  start_date: 2023-07-18
corporate_editor:
- Institute of Electrical and Electronics Engineers
date_created: 2025-06-18T13:30:31Z
date_updated: 2025-06-18T13:37:07Z
department:
- _id: DEP5023
doi: 10.1109/indin51400.2023.10217902
editor:
- first_name: Jürgen
  full_name: Jasperneite, Jürgen
  id: '1899'
  last_name: Jasperneite
keyword:
- Integrated circuits
- Industries
- Libraries
- Security
- Risk management
- IEC Standards
- Interviews
language:
- iso: eng
place: '[Piscataway, NJ]'
publication: '2023 IEEE 21st International Conference on Industrial Informatics :
  INDIN 2023 : 17-20 July 2023, Lemgo, Germany'
publication_identifier:
  eisbn:
  - 978-1-6654-9313-0
  isbn:
  - 978-1-6654-9314-7
publication_status: published
publisher: IEEE
status: public
title: Determining the Target Security Level for Automated Security Risk Assessments
type: conference_editor_article
user_id: '83781'
year: '2023'
...