Recently, the Institute Industrial IT (inIT) of Technische Hochschule OWL (TH OWL) hosted an important project meeting of the GraphWatch consortium. The event, which took place at the Centrum Industrial IT (CIIT) on the Innovation Campus Lemgo, marked the successful completion of the first project milestone and also served to set the strategic direction for the next phase. Together with the associated partners, the results to date were reflected upon and the next steps were discussed.
GraphWatch: Innovative approaches against complex threats
The inIT project GraphWatch is dedicated to the major challenge of effectively recognising and fending off so-called Advanced Persistent Threats (APT). These highly developed forms of attack pose a considerable danger, particularly for critical infrastructures, due to their sophisticated capabilities. In view of the increasing threat situation worldwide, an advanced protection approach is important. The project relies on innovative pattern recognition by means of Graph Neural Networks (GNN), classification systems and digital twins to develop a future-oriented detection system. This combination creates a novel framework that is able to efficiently identify not only already well known, but especially complex and advanced forms of attack.
SmartFactoryOWL as a test environment
The SmartFactoryOWL serves as an ideal test environment. Here, data are generated from the diverse cyber-physical systems (CPS), serving as the basis for the development of GraphWatch. Particularly noteworthy are the broad-based operational technology networks, which generate specific patterns through attack simulations, which in turn support the detection of APTs. The TEACHER demonstrator (Platform for new Technology, Education and industrial Cooperation via Hands-on Experimental Research - formerly the Fidget Spinner demonstrator) has proven to be a particularly effective CPS, as it realistically simulates the behaviour of a production plant.
Integration of Industry 4.0 technologies: Security through Asset Administration Shell
A key element of the GraphWatch project is the application of the Asset Administration Shell (AAS), a central Industry 4.0 technology that is ideally suited to improving the security of critical infrastructures. The AAS serves to model and provide security-relevant information from communication networks and is therefore an indispensable resource for the detection system. During the project meeting, Robin Foster, research associate in the "Interconnected Automation Systems" working group headed by Prof. Dr. Henning Trsek, presented initial drafts of an AAS meta-model developed specifically for GraphWatch. This model, which addresses security needs in a customised way, is to be further refined and adapted in future workshops in order to effectively strengthen protection against advanced threats.
Positive outlook: Strong partnerships and initial successes
The project meeting was a complete success and once again demonstrated the strong cooperation between all partners involved. inIT employee Robin Foster is very satisfied: "With the milestone reached and the planned further developments, we at inIT and as a project team are well positioned to significantly improve protection against APTs at and thus make a contribution to the security of critical infrastructures."