summer school security and human in the loop · pdf file7 scada software and s7 plcs) update...
TRANSCRIPT
16.08.2017
1
© A
IS, 2015
SUMMER SCHOOL
Security and Human in the Loop
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser
Ordinaria
Automation and Information Systems (AIS)
Mechanical engineering,
Technische Universität München
www.ais.mw.tum.de; [email protected]
TUM ASIA SUMMER SCHOOL
24TH – 30TH August 2017
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Agenda – TUM Asia Summer School 29th August
Complete Agenda: https://tum-asia.edu.sg/i4ss/
29th August 30th August
9:00AM – 10:30AM
Comparison of Industry
4.0, IoT, Smart Factory,
Smart Data
Case Studies &
Successful Demostrators:
Applying Enabling
Technologies
10:30AM – 11:00AM MORNING TEA BREAK
11:00AM – 12:30PM
PART I: Enabling
Technologies (Agents,
Modelling Notations for
Automation)
Smart Data Enabled
Learning During
Operation
12:30PM – 01:30PM LUNCH BREAK
01:30PM – 03:00PM
PART II: Enabling
Technologies (Agents,
Modelling Notations for
Automation)
Security and Human in
the Loop
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
2
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Answer: It depends on the process automation system and the system
Factors:
Attractiveness of the product / facility for third parties
security also requires know-how and costs
• "Networked production" (e.g. MyYoghurt)
• "Intelligent sensors“
• "Cyber-Physical (-Production) system
• Increasing number of participating disciplines
Reasons for security:
Secure data transfer
Protection of the AT-system against
virtual and physical attackers
(eg attacks on control code or sabotage on
real physical equipment)
3
Do we need security at all in the AT?
?
?
?
?
?
Trend-Architectures:
From intranet (private network) to internet (public network)
and cloud-based architectures
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
4
Trend: Cloud-based architecture models (1)
Software-as-a Service (SaaS)
• Cloud-deployed applications (e.g. Facebook,
Skype, ...)
• Target group: SMEs, private users
Platform-as-a-Service (PaaS)
• Create applications and load them into the
cloud
(e.g. Amazon Web Services, Windows Azure,
...)
• Target group: IT and application developers
Infrastructure-as-a-Service (IaaS)
• IT infrastructure and hardware components
(e.g. Dropbox, Windows Azure, ...)
• Target group: IT departments, IT service
providers
[Quelle: Dr.-Ing. Iris Braun: Vorlesung „SOA – Entwicklung verteilter Systeme auf Basis serviceorientierter Architekturen“, Technische Universität Dresden]
clients
User Interface Machine Interface
Components Services
Calculation Network Storage
Physical Resources Set (PRS)
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Application
Application services
Software services (SaaS)
Programming environment
Execution environment
Platform services (PaaS)
Virtual Resources Set (VRS)
Infrastructure services (IaaS)
16.08.2017
3
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
5
Trend: Cloud-based architecture models (2)
[Quelle: Dr.-Ing. Iris Braun: Vorlesung „SOA – Entwicklung verteilter Systeme auf Basis serviceorientierter Architekturen“, Technische Universität Dresden]
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Fle
xib
ility
,
com
fort
data sovereignty
• No 100% availability guaranteed
• Lack of trustworthiness through loss of data sovereignty
• High interchangeability (Vendor-Lock-In)
• Adaptation of IT organizations and applications if necessary
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Connected to the
Internet
Controlledinfection
• USB and localnetworks
• Windows PCs
• Used valid certificates tonot bedetected
Distribution
• Finds correcttargets (i.e. WinCC/PCS 7 SCADA software andS7 PLCs)
Update
• Access theInternet todownload a newer versionof itself
Disturbance
• Injected codein order tomodifycentrifugespeeds
Evade
• Providesfalse processcontrolinformation toavoiddetection
6
Motivation: Security in the AT
Stuxnet worm - known as cyber attack on Iran
The object of the attack was Iranian atomic power
stations for the destruction and disturbance of
centrifuges
Infection in June 2009
Discovered July 2010 after already> 100,000
components were infected
Sophisticated and self-acting computer virus
Disguised as control software
[Source: https://greenwichmeantime.com]
[Source: http://www.bbc.com]
[Quellen:Langner, Ralph. "Stuxnet: Dissecting a cyberwarfare weapon." IEEE Security & Privacy 9.3 (2011): 49-51, und, Broad, William J., John Markoff, and
David E. Sanger. "Israel tests on worm called crucial in Iran nuclear delay." New York Times 15 (2011): 2011]
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
4
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
7
The main focus of IT-Security
[Source: Tipton, Harold F., et. al. “Official (ISC)2 Guide to the CISSP CBK”. Auerbach Publications, 2009]
Priority
high
middle
low
availability
"Only authorized persons,
processes or systems have
access to information on a"
knowledge only if necessary
"basis.
"Information shall be protected
against intentional,
unauthorized or accidental
changes".
"Information should be
accessible by the user when
needed".
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
8
Security im comparison: IT vs. AT
Valuable information
(In € million scale)
Humane / environmental damage
Availability, reliability and integrity
have a significant impact on
security !
Seconds to
Minutes
Information
& System
Information
& System
IT AT
confidentiality integrity
reliability
safety
availability
Priority
high
middle
low
availability
Response times
in the range: 100
μs - 100 ms
Real-time
capability
Manufacturing
information
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
5
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
9
Challenge: Security in the AT
Limited resources
Strict requirements
Usage of outdatedtechnologies
Progressive development
Lifetime ofcomponents
Lack of awareness /
perception of safety
culture
computing power
Real-time capability
Security gaps and
problems with upwards
compatibility
Impairment of
scalability and
extensibility
Preferred functionality
over security
Shift of centralized systems to
distributed systems
Integration of new IT
technologies
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
10
Defense in Depth – Staggered security levels
[Quelle: Defense in Depth: A practical strategy for achieving Information Assurance in today’s highly networked environments, National Security
Agency. Abgerufen von: https://www.nsa.gov/ia/_files/support/ defenseindepth.pdf]
"Each layer is an
obstacle for the
attacker and provides
both protection and
detection methods."
Data
Physical
Network
Host
Application
Policy, procedures &
perceptions
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
6
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
11
Level1: Need for Directives, Procedures and Perception
Example: Uploading control software to the wrong oil claim platform
in Canada (2000)
Causes:
Insufficient policies and guidelines:
Staff has only partial knowledge/ authorization to upload
the control software via remote (remote access)
Poor maintenance practices:
Staff did not check if there was a connection to the
correct destination
Further identified security gaps:
Infringement of the safety guideline:
No regular passwords change
Lack of system design:
Using unencrypted protocols
Lack of security culture:
Neglecting the lock of workstations and/ or work
computers
[Quelle:Accidental Remote Uploading of PLC Program.
Canada 2002. Abgerufen von: http://www.risidata.com/]]
Intranet
office
Conveying
station /
Factory
PLC control software
Consequences: Oil
production interrupted
for ½ day
~ 100 000 oil barrels
Daten
Physikalisch
Netzwerk
Host
Anwendung
Richtlinie,
Verfahren &
Wahrnehmung
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
12
Level 1: Security mechanisms by means of directives,
procedures and perception
Policies (recommended):
Derived instructions from a "higher" organization for behavior of a heterogeneous system,
application or network
Security policies:
Derived instructions from security features that a given system should have integrated
Specifications:
Requirements for designs, behaviors, or other features of a component/ system. (Ideally in a complete,
precise and verifiable manner).
It is also often necessary to specify the procedures for deciding whether these provisions are fulfilled
Guideline (recommended):
Concise representation in a field of knowledge
Unofficial regulations with binding character
Standards (mandatory):
Document defining a general level of quality or performance
Unified provisions, specifications, guidelines and characteristics relating to a specific subject (e.g.
determining the use of a method)
User awareness regarding security:
Instruction for the use of security concepts, technologies, policies and guidelines
[Quellen: Wies R. “Policy Definition and Classification: Aspects, Criteria and Examples”. InProceedings of the IFIP/IEEE International Workshop
on Distributed Systems: Operation and Management 1994 Oct 10 (pp. 10-12); Anderson, Ross, Frank Stajano, and Jong-Hyeon Lee. "Security
policies." Advances in Computers 55 (2002): 185-235; Duden]
Daten
Physikalisch
Netzwerk
Host
Anwendung
Richtlinie,
Verfahren &
Wahrnehmung
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
7
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
13
Standards regarding security
Daten
Physikalisch
Netzwerk
Host
Anwendung
Richtlinie,
Verfahren &
Wahrnehmung
Institute of Electrical and Electronics Engineers
Internation Electrotecnical Comission
Internatonal Organization for Standardization
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
14
Level 6: Data
Ways to attack
Data Manipulation
Data Theft
Data destruction
Safety mechanism:
Data permission
Backup
Regular backup of data and storage in
secure locations
Database security
Continuous verification of data integrity
Encryption of data
Daten
Physikalisch
Netzwerk
Host
Anwendung
Richtlinie,
Verfahren &
Wahrnehmung
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
8
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
15
Procedure for security according to [VDI 2182]
Identify assets Analyse threat
Identify relevant
protection
objectives
Analyse and
evaluate risks
Identify protective
measures and assess
efficacy
Select protective
measures
Process auditing
START
«module»: Zylinder
Ausfahren;Einfahren
B4
Manufacturer
«module»: Zylinder
Ausfahren;Einfahren
B4
Integrator
«module»: Zylinder
Ausfahren;Einfahren
B4
Operator
Documentation Documentation
Documentation
Requirement
RequirementRequirement
Assets:
Material and intangible
values that could be
threatened
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
16
Identification of assets using the example of the xPPU
• Identify threats affecting the target system
• What threats are there at all?
E.g. from ICS-CERT Report (quarterly)
Filtering the threats to your own system,
and identification vulnerabilities
[Source: http://www.govtech.com/]
[Quelle::NCCIC/ICS-CERT Year in Review: FY 2015. https://ics-cert.us-cert.gov/sites/default/files/Annual_Reports/Year_in_Review_FY2015_Final_S508C.pdf.]
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
9
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
17
Threats and vulnerabilities using the example of the xPPU
Security level Threats Weak spot Nr.
Policy, procedures and
perceptions
Abuse of authentication Access data are public 1
Physical Hardware theft Laboratory always open
and unsecured
2
Network Data modification and DoS Unsafe communication
protocols
3
Host Port Scanning Variety of accessible ports 4
Application Buffer overflow in the SPS/ PLC
Application
Low quality tests 5
Data Data theft Lack of data encryption and
backup
6
1 NCCIC/ICS-CERT Year in Review: FY 2015. https://ics-cert.us-cert.gov/sites/default/files/Annual_Reports/Year_in_Review_FY2015_Final_S508C.pdf.
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
18
Classification into the risk matrix
Wa
hrs
ch
ein
lich
keit
AuswirkungSehr klein Sehr groß
Sehr groß
2
34
5
6
15) Buffer Overflow
Low to medium probability: Funded knowledge of the staff,
only small bugs possible
Medium to high impact: Impairment of system functions
possible
6) Data theft
Medium probability: Lack of encryption and backup
Medium impact: Depending on the nature and relevance of the
data
1) Abuse of authentication
Low probability: Staff is aware of the confidentiality
Medium impact: Unauthorized third parties can only make
conditional system changes
2) Hardware theft
Low probability: Continuous supervision by chair staff
Medium impact: Missing components affect functionality
3) Data modification and DoS
High probability: Use of unsafe communication protocols (FTP)
High impact: Potential for malware, confidential data transfer,
etc.
4) Port Scanning
High probability: Missing security mechanisms and monitoring
Medium to high Impact: Unauthorized third-party access
without discovery
very big
very bigvery small impact
pro
babili
ty
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
10
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
19
Set the arrangement limitW
ah
rsch
ein
lich
keit
AuswirkungSehr klein Sehr groß
Sehr groß
2
34
5
6
1
1. Risk-affected weaknesses must be corrected
Challenges:
• Methods and technologies
• staff
• costs
2. Need for arrangement must be estimated!
Set a arrangement limit
3. Implementation of measures for each threat
5) Buffer Overflow Verification and validation of program code
Execution of quality tests for program code
3) Data modification and DoS• Prohibition of unsafe protocols (e.g. FTP)
• Use of encrypted protocols (e.g. SSH, OPC UA)
• Installation of an attack detection system (e.g.
Snort, Bro)
4) Port Scanning Installation of an attack detection system (e.g.
Snort, Bro)
very big
very bigvery small impact
pro
babili
ty
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
20
Outlook: Latest Industrial Security Solutions
Cyber Security Evaluation Tool (CSET):
• Developed by the Industrial Control Systems Cyber Emergency Response Team (USA)
• Supporting software platform for security matters
• Considers standards, guidelines and best practices
Samurai‘s Security Testing Framework for Utilities
(SamuraiSTFU):
• Open source Linux distribution for testing the vulnerability of
control software
Follows the SANS Institute (American Research and Training
Organization)
[Bildquelle: http://linuxiarze.pl/
QuickDraw IDS:
• Open-Source attack detection system
• Testing of industrial communication protocols
Conpot:
• Honeypot (software application for network protection)
• Emulation and testing of known protocols such as HTTP,
MODBUS
[Bildquelle: https://adarshdinesh.wordpress.com/
As part of Industry 4.0, security is becoming
increasingly important!
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
11
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Real plant with DMZ
Any VPN compatible with
the protocols used
21
Outlook: Industrial Security Solution
software
protection
mechanisms
(E.g. encryption
&
authentication)
remote
maintenanceOutgoing
VPN
Incoming
VPN
Main contributions:
• Bidirectional firewall
• NAT router
• VPN router
Use of:
• Network routers
• DMZ
• VPN gateways
• WLAN only via VPN
VPN
initialization
• Use of a mGuard rs 2000 3G VPN Cell Router (hardware software solution)
• Marketed by Phoenix Contact
• Numerous industrial companies, a. BMW and BASF, are interested customers
[Quelle
: http://w
ww
.phoenix
conta
ct-
cybers
ecurity
.com
/de/p
rodukte
/mguard
-rs2000-3
g]
mechanical
protection
mechanisms
(E.g. switch)
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
22
Relation of reliability, safety and security
Functionality
Security
Security & Safety
Continuousprocess
Safety is not
negotiable
Security only
when needed
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
12
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Assistance systems for
Engineering
Cyber-Physical Production Systems (CPPS) – Industrie 4.0
Data processing and
integration for humans
Data analysis of process and alarm
data and connection with
engineering data
Appropriation of necessary data
for configuration, production,
negotiation
Data consistency about different
„stakeholders“ in different engineering
phases and crafts
Architecture models (reference
architecture) for a category of
aggregation/modules related to properties,
capabilities, interfaces…
Description of product and operating
resources, e.g. ontology, for independent
analysis, presentation, organisation and execution
of a production process
Production units with inherent
capabilities
Digital networks and interfaces for
communication (between machine, human and
plant, plant and plant)
World wide distribution of data, high
availability, access protectionFlexible production units, adaptable to
modified product requirements, allow also
structural changes
CPS
market place
of
production
units
Source: B. Vogel-Heuser, G. Bayrak, U. Frank: Forschungsfragen in "Produktautomatisierung der Zukunft". acatech Materialien. 2012.
Communication and
data consistency
Intelligent products and
production units
Data processing for humans
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems 23
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Smart Data in automated Production Systems
24
Model
Deployment
Data
Warehousing
Data Collection
Data Aggregation
Data Integration
Data
Preparation
Exploration
Quality Measures
Transformation
Feature Generation
Data
Analysis
Detection
Prediction
Process Expert
Decision Support
System
Model
Design
Data-Driven
Knowledge-Driven
Model Selection
Data Analyst
Decision Support
System
Process Operator
Decision Support
System
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems
16.08.2017
13
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Information aggregation for maintenance staff
• Mobile devices with
touchscreen
• Augmented Reality supports
optimization and maintenance
of industrial plants
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems 25
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Shift supervisor
Mechanic
Operator
Red-green color
blindness
Preferred voice
control
Context
Information aggregation for maintenance staff
Wartungshandbuch1. Maße und
Abbildung Zylinder
2. Sicherheits-
vorschriften
2.1 Allgemeine
Sicherheitshinweise
Wartungspläne ^
^
^
^
©A
IS
Shift supervisor Role
Personalpläne ^
^
Bestandsliste ^
^
<
<
Visualisierung
Prozessdaten ^
^
^
^
<
<
Challenge
• Prediction of critical
situations based on
analysis of process data
and alarm sequences
• Recommendations for
operator
Approach
• Pattern analysis,
statistical approaches
and Clustering
Shift supervisor undertakes
role of mechanic
Role
shift supervisorShift supervisor undertakes
role of operator
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems 26
16.08.2017
14
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Vizualization of parameters- chipboard manufacturing
process paramters
plant/batch/roll
Comparison of plant
parameters with
different plants/batches
Influence of process
parameters on
quality criteriaz-direction
Gross density
Transverse tensil stress
Bending stress
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems 27
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Motivation: State of the art II
Transfer of 2D in quasi 3D-view
• Table data is transferred to a graphical view
• Summarizing the conventional four views into one
• Color coding of the values allows for faster recognition
• Spatial connection
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems 28
16.08.2017
15
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
3D-Patterns
Without Interpolation With Interpolation
Comparison of single data rows
(clustered)
Comparison of curves
Pro
cess
vis
ualiz
ation
3D
-sensor
field
Pro
cess
da
taanaly
sis
2D
da
tafield
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems 29
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Data visualization: Combination of 3D-Patterns
Surfaceplot with 3D comparison min
and max values
Surfaceplot with 2D values from
measurement
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems 30
16.08.2017
16
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Automation
and Information Systems
Technical University of Munich
Data player- process infeet particle board press
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems 31
Automatisierung und InformationssystemeTechnische Universität München
©A
IST
UM
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser
Ordinaria
Automation and Information Systems (AIS)
Mechanical engineering,
Technische Universität München
www.ais.mw.tum.de; [email protected]
Thank you for your
attention!
Univ.-Prof. Dr.-Ing. Birgit Vogel-Heuser| TUM Chair of Automation and Information Systems 32