Vestavěné systémy pro řízení v reálném čase.

Abstract

Demands on security, privacy and private data are increasing. New procedures and techniques, how to get to the private data, are coming up rapidly on the other hand. This refers to control systems as well, especially to those, which enable the use of modern communication technologies such as wireless networks or the internet. This work deals with securing of the data transfers in control systems, whose participants are communicating over the internet and public networks. The goal of this work is the design of the methodology for an analysis and evaluation of control systems security and proposing the solutions in order to fulfill required security levels. The reason for this topic was no available methodology or even standardized rules in control systems regarding security and very bad working practices. Next goal is the practical application of the designed methodology, analyzing the security of Guardian control system. The goal of this system is the monitoring of the life functions of the handicapped patients. Main task is the gathering of the data from patients and transfer of the data for further processing and remote visualizations not only in private networks but anywhere on the internet. Part of this work is also the modeling and the testing of Guardian’s critical data transfers, in order to identify the influence of the secured communication on the speed and the reliability of the data transfers. Tests for different devices, communication protocols, security levels and transfer mediums have been performed. PKI technologies were chosen as an instrument for fulfilling security requirements. They provide wide spectrum of services and components such as public and private keys, digital certificates, encryption and other, which all together enable to ensure, that the transferred data will not be monitored and misused by a third party, even when public communication channels are used for the communication. PKI technologies provide the authentication of participants of the communication, integrity of transferred data, non-repundation of the transferred data or its confidentiality.