Digital Transformation: Transforming Factories with Security
Published on : Monday 12-07-2021
One major challenge, which comes along with advanced technology, is cyber-crime that is making the manufacturing sector a lucrative target, says Ninad Deshpande.
The face of the manufacturing industry is constantly changing. The need for increased flexibility and agility has shaped Industry 4.0, where everything, right from machines at the shop floor to product deliveries, are connected. The changing manufacturing ecosystems accelerate digital transformation to maximise system performance and productivity and reduce downtime to an absolute minimum. Today, many machine builders and factories are working towards building next-generation systems with advanced automation technologies. We see machine builders increasingly working with solutions such as digital twin, supporting the production of personalised goods and mass customisation, predictive maintenance, remote access, and big data, to name a few. In addition, factories demand seamless vertical and horizontal connectivity on the factory floor, establishing an IT/OT convergence. However, when we look at transforming machines and factories or aim at achieving an IT/OT convergence, it is essential for manufacturing setups to secure assets, machines, lines and factories.
With such a transformation project, it is crucial for a machine builder or a factory to answer or retrospect on the primary question – ‘Are they secure’? While bringing various benefits of lowering production costs and increasing efficiency, it increases risks. One major challenge, which comes along with advanced technology, is cyber-crime that is making the manufacturing sector a lucrative target. However, manufacturers need not worry. Securing IT systems and processes against every cyber-attack is possible. With the right security strategies and technologies, it is possible to achieve cyber resilience. With the right strategy in place, manufacturers can increase their competitiveness by taking advantage of what Industry 4.0 offers while keeping in check various vulnerabilities and risks.
Cybersecurity in industrial automation
With the rise of technologies and the availability of connectivity solutions, securing assets has become increasingly important. With digital transformation, IIoT, or Industry 4.0 it is paraded that data is the new oil. However, with oil or data involved, there ought to be thefts, heists, and infringements. Cyber-attacks in financial institutions, banks, government, and big brands have been witnessed and regularly in the news, and today, millions of such unauthorised intrusions are detected per second. Over the years, Industrial Automation and Control Systems (IACS) have not been spared against such unauthorised infiltrations. These attacks will only intensify in years to come. It is essential for a machine builder and a factory to ensure that their installations are safe and secure. It is about protecting confidentiality, integrity, and availability of components and assets against unauthorised access.
However, welcome to reality; with cybersecurity, it is essential to note that there is no such thing as 100% secure or absolute security. Moreover, cybersecurity is not a destination but an evolving target, and it is not a product but a process. Machine builders and factories need to find the right balance. Implementing secure measures on the factory floor or in the IT infrastructure impacts usability and increases costs. Cybersecurity is about risk management. Cyber-attacks are real and have an adverse impact on safety, health, the environment, and an organisation's finance. With advanced automation technologies being implemented in machines and factories, there is an increase in the attack surface compared to legacy and isolated systems. Moreover, the need for seamless connectivity with external non-OT systems increases the cyber risk for machines and factories. In addition, these attacks could originate from anywhere across the IT world, adding to complexities and criticalities.
Taking your first steps
Cyber-attacks are real and need attention, but it is necessary to understand that implementing measures for safeguarding components and assets is the first step. Having advanced automation technologies is undoubtedly essential to be competitive in the global market, but having secure installations is equally crucial. However, before implementation, it is necessary to understand existing gaps in an organisation's security process, components, and assets, which might make them susceptible to an attack. Cybersecurity is about not only bridging security gaps but also knowing about existing vulnerabilities in components and systems. This helps factories in mitigating risks in the right way.
Everyone is aware of our conventional automation pyramid, which is existent in most factories and plants. There are levels from sensors, actuators, control systems, DCS/SCADA, MES, ERP or cloud, and other IT infrastructure. This conventional pyramid is primarily connected via various protocols that are either serial or Ethernet-based. Today, one can witness various vendor-dependent protocols on any factory floor, with a considerable similarity in these protocols, "A missing security by design." These existing protocols cannot be defined as secure as the time when they were designed decades back; cybersecurity was not a pressing issue. Thus, a defence in depth strategy to protect all components is impossible with today's fieldbuses on the factory floor.
OPC UA: Secure by design
OPC UA was created with a concept of security by design. It is based on open and recognised standards such as SSL, TLS, and AES, which helps the technology be scaled and evolve with other futuristic security technologies. OPC UA technology is aligned with necessary IT requirements. In addition, it can work across the entire automation pyramid, right from sensors, actuators, controls to MES/ERP/cloud/IT infrastructures. OPC UA integrates all security concepts that make it possible to deal with various threats to industrial systems. This helps machine builders provide a secure system to factories that facilitate seamless vertical as well as horizontal communication on the factory floor.
OPC UA is primarily an open, vendor-independent technology that helps factories with a secure network and seamless vertical and horizontal connectivity. OPC UA is a cross-industry standard and is an eco-system supported by worldwide automation suppliers. With such factors, OPC UA is rightly deemed as the ideal communication technology for Industry 4.0.
Low hanging fruits: Security context for factories
With OPC UA, machine builders can offer user authentication using X.509 certificates. Moreover, the CIA triad, namely confidentiality, integrity, and availability, can be easily handled via asymmetric encryption, symmetric encryption, and limiting the number of sessions. Audit logging is also possible via OPC UA. With OPC UA and B&R, machine builders can offer a safe and secure machine to their customers. With Automation Studio, a single software for programming all B&R devices and mapp Technology, machine builders can reduce their programming effort by 67% and provide secure software in their machines.
B&R enabling your secure digital transformation
B&R Industrial Automation, a member of the ABB Group, is a global leader in industrial automation, combining state-of-the-art technology with advanced engineering providing customers in virtually every industry with complete solutions for machine and factory automation, motion control, HMI, and integrated safety technology. Machine builders can provide secure solutions to their customers with B&R technology.
Ninad Deshpande, Product Manager – Cyber Security, B&R Industrial Automation, has made it a mission to get to know the needs of internal as well as external customers and understand their unfulfilled desires thus, being able to provide extraordinary experience. Whether it is executing an exhibition, seminar, conference, implementing a campaign for print or social media, delivering a technology oriented presentation, implementing a branding campaign, or internal and external branding, Ninad takes pride in providing best in class service and experience in record time while always leading by example.