RESULT PAPER Artificial Intelligence (AI) in Security Aspects of Industrie 4.0 Imprint Publisher Federal Ministry for Economic Affairs and Energy (BMWi) Public Relations Division 11019 Berlin www.bmwi.de Editorial responsibility Plattform Industrie 4.0 Bertolt-Brecht-Platz 3 10117 Berlin Design PRpetuum GmbH, Munich Status February 2019 Image credits Gorodenkoff – Fotolia (title), ipopba – iStockphoto (p. 5, p. 6), matejmo– iStockphoto (p. 13, p. 17), monsitj – iStockphoto (p. 23) You can obtain this and other brochures from: Federal Ministry for Economic Affairs and Energy (BMWi) Public Relations Email: [email protected] www.bmwi.de Central ordering service: Tel.: +49 30 182722721 Fax: +49 30 18102722721 This brochure is published as part of the public relations work of the Federal Ministry for Economic Affairs and Energy. It is distributed free of charge and is not intended for sale. The distribution of this brochure at campaign events or at infor- mation stands run by political parties is prohibited, and political party-related information or advertising shall not be inserted in, printed on, or affixed to this publication. 2 Contents Introduction . 3. Management Summary . 4. 1. Artificial Intelligence: Definition and Categories ..................................................................................................................................................... 6 1.1 Historical development – Phases of artificial intelligence....................................................................................................................... 7 1.2 Current methods and fields of use of machine learning .......................................................................................................................... 8 1.3 Visions about future artificial intelligence and defining the relevant industrial areas ...................................................10 1.4 Core security challenges...................................................................................................................................................................................................11 2 . AI Assistance for Security Concepts . 13. 2.1 Identification and authentication procedures with AI assistance ...................................................................................................14 2.2 Detection of anomalies in data streams...............................................................................................................................................................15 2.3 Detection of malicious software . 16 3 . New Attack Vectors Using AI and Mechanisms of Defence . .17 3.1 Use of AI for attacks.............................................................................................................................................................................................................18 3.1.1 Cyberattacks on office IT ...................................................................................................................................................................................18 3.1.2 Cyberattacks on production OT ...................................................................................................................................................................19 3.1.3 Cyberattacks on the AI system used..........................................................................................................................................................19 3.2 Use of GAN technologies for deliberately bypassing security systems ........................................................................................21 4 .Outlook . .23 4.1 Concluding remarks ..............................................................................................................................................................................................................24 4.2 Recommended actions ........................................................................................................................................................................................................24 5 .References . 26. 6 .Appendix . .28 6.1 Example: Border controls using AI ..........................................................................................................................................................................28 6.2 Explanation of ‘Learning to protect communications with adversarial neural cryptography’.................................28 Authors . 29. 3 Introduction This paper addresses the area of IT security in Industrie 4.0 in particular and not IT security in general. It presents the current state of applications of artificial intelligence. It does not discuss those concepts of artificial intelligence that have become outdated and have therefore lost their rele- vance. Neither does it speculate about futuristic scenarios that do not yet exist in the field of artificial intelligence today. In other words, it is not a science fiction report but a presentation of what exists today and the developmental potential of it. It presents the subject matter in enough technical detail to enable the reader to understand at least the theoretical workings of modern AI concepts and their impact on security systems. The authors describe how a generative adversarial network (GAN) functions, what role intrusion detection systems (IDS) and intrusion prevention systems (IPS) play in the area of security, and how these GANs are deliberately being used to deceive the latter systems. 4 Management Summary This paper discusses the current state of knowledge regard- Chapter 2 discusses how artificial intelligence is used to ing the topic of artificial intelligence (AI) in security aspects assist security concepts. AI-assisted identification and of Industrie 4.0 in the early part of 2019. It is directed at authentication procedures are explained. Technologies those specialists and decision-makers in the industrial and that have become commonplace in such things as border political spheres who want to develop a basic understand- controls and access controls are still not found in many ing of AI technologies and how they can be applied in the industrial applications today. Another important topic is securing of networked systems. It illustrates that although the detection of anomalies in data streams, i.e. a kind of the dynamic developments taking place in AI in this area monitoring of the overall healthiness of the network activ- are capable of generating a diversity of economic usages, ities of companies and business associations. they are also a source of new security risks for which new defence strategies must be developed. AI can also help detect malware if it has not yet been able to take effect. Different kinds of pattern recognition can The economic relevance of artificial intelligence today is help detect and ward off risks at early points in time. The almost exclusively in the area of machine learning (ML). application of such technologies is obviously highly spe- This paper will therefore focus on this area of artificial cialised work that can normally only be performed with intelligence. All of the technologies discussed in this paper the help of knowledgeable and experienced software- and are components of machine learning. For a clearer under- service-providers. The intention of this paper is to simply standing of the subject matter presented here, a short point out the technologies that are currently available on history of artificial intelligence is given, starting with the the market today. time the phrase was coined at the Dartmouth Workshop. This is followed by short descriptions of the methods of the Chapter 3 discusses the more darker sides of AI in security three most important categories of ML technologies today, aspects. Cyberattacks on commercial enterprises are done namely supervised learning, unsupervised learning, and for a variety of reasons. They are often referred to under reinforcement learning. The emphasis here is on the basic the three headings of industrial espionage, industrial sab- concepts underlying modern neural network technologies, otage, and data theft. The use of artificial intelligence in which characterise the area of machine learning today. such attacks has unfortunately experienced an especially dynamic upturn in the recent past, i.e. since around 2013. The next section contains a brief summary of the central This paper distinguishes between cyberattacks on office security requirements of Industrie 4.0. Here too the goal is IT, on production OT, and the special ways that attacks can to elucidate the subject area in order to avoid misunder- be made on AI systems themselves. It has become clear standings. Discussions about industrial IT security are that unchecked automation is a new source of risk in the often based on mistaken understandings of the difference security area as well and that the elimination of the human between security and safety, industrial markets and other factor is something that must be planned very carefully. If vertical markets, and between business matters and con- it is not, then something that was meant to save costs can sumer matters. lead to serious financial loss. MANAGEMENT SUMMARY 5 The second part of Chapter 3 is devoted to an entirely new Chapter 4 contains concluding remarks and forward-look- security risk. This risk stems from a form of neural network ing statements. Stakeholders in the industrial sector, i.e. technology that was first created
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages32 Page
-
File Size-