Abstract: A computer-implemented method for providing vetting and/or functional validation of software components, comprising: providing a software component and software component data indicating the software component; writing the software component data in a distributed ledger; functional validating and/or vetting the software component and providing functional validation and/or vetting data of the software component; writing the functional validation and/or vetting data in the distributed ledger; providing the data written in the distributed ledger to a software component consumer.

Abstract: A method includes receiving data indicating an event from at least one industrial device; providing the received data indicating an event to nodes of a distributed ledger; in response, selecting at least one of the nodes of a distributed ledger and writing a transaction into the distributed ledger, wherein the writing of a transaction into the distributed ledger is authorized by the selected at least one of the nodes of the distributed ledger, wherein the transaction comprises transaction data, wherein the transaction data allows an accessing of event data; wherein the transaction data comprises a pointer pointing to original or pre-processed data existing in one or more industrial databases of the at least one industrial device; providing immutable and tamper-resistant event data, event reaction data, control data, or training data for training a machine learning or an artificial intelligence based industrial control system based on the transaction data.

Abstract: An industrial automation system device includes: a secure communication processing unit for communicating securely with a further trusted industrial automation system device; and a pre-shared secret module including a pre-shared secret, the pre-shared secret including shared asymmetric key pair generation data. The secure communication processing unit: derives a shared asymmetric key pair including a shared secret key and a shared public key from the shared asymmetric key pair generation data, derives a shared certificate including the shared public key, signs the shared certificate with the derived shared secret key, and generates a device asymmetric key pair including a device secret key and a device public key.

Abstract: A method for protecting the integrity of measurement data acquired by a sensor includes: in response to the measurement data being acquired, determining, by the sensor, whether an aggregate value has already been generated, and: if the aggregate value has not yet been obtained, mapping, by a predetermined aggregation function that takes the measurement data as a mandatory argument and a previously generated aggregate value as an optional argument, the measurement data to the aggregate value; whereas if the aggregate value has already been obtained, mapping, by the predetermined aggregation function, the combination of the aggregate value and the measurement data to a new aggregate value; and in response to a predetermined condition being met, computing, using a secret key of the sensor, a signature of the aggregate value; and outputting the signature via a communication interface of the sensor, and/or storing the signature in a memory.

Abstract: An industrial automation system device includes: a secure communication processing unit for communicating securely with a further trusted industrial automation system device; and a pre-shared secret module including a pre-shared secret, the pre-shared secret including shared asymmetric key pair generation data. The secure communication processing unit: derives a shared asymmetric key pair including a shared secret key and a shared public key from the shared asymmetric key pair generation data, derives a shared certificate including the shared public key, signs the shared certificate with the derived shared secret key, and generates a device asymmetric key pair including a device secret key and a device public key.