Page 48

Partnering June, 2019

Secure Data Transmission for Industrial Facilities

By Thomas Holthöfer, Regional Digital Marketing Manager, HARTING Deutschland A

huge amount of machines and plants are increasingly being networked for monitoring and

maintenance. The threat of cyberat- tacks is highly problematic, especial- ly for old systems that lack sufficient data protection mechanisms. HARTING’s MICA® edge com-

puter enables machines and systems of any kind to be integrated into an In- dustrial Internet of Things (IIoT) sys- tem. As a result, services, such as con- dition monitoring, predictive mainte- nance and determining KPIs like OEE (overall equipment effectiveness) are now possible for existing plants and equipment. Depending on the applica- tion, suitable interfaces and the appro- priate software are combined with the MICA to form a solution package. When integrating existing sys-

tems into a network, besides the avail- ability of plant interfaces, the security

of connections and data poses the greatest challenge. HARTING has de- veloped special protection mecha- nisms for the MICA minicomputer and enhanced it with security solu- tions developed in its MICA partner network.

Major Cyber Risks for Factories A variety of recent studies con-

firms a growing number of cyberat- tacks. Know-how at medium-sized production companies is an especial- ly attractive target. According to the VDMA study “Cyber Risks in Me- chanical and Plant Engineering,” the majority of companies are not ade- quately prepared for attacks. The protection that is in place is inade- quate and outdated, and consequent- ly, there are threats that come in the form of business interruption and the loss of confidential company data.

This is where the MICA and the

enhancements developed in the MICA partner network come in. The MICA enables medium-sized busi- nesses without large IT departments to securely connect machines and systems. Protection comprises five core elements: MICA-provided pro- tection due to a secure operating sys- tem; protection of applications in the MICA; the use of secure protocols; end-to-end encrypted data transfer; and the protection of applications. One MICA network partner is

Berlin-based Infotecs, a leading in- ternational IT security provider and specialist in software-based VPN so- lutions. Combining the MICA and In- fotecs’ security solutions permits the remote control of wind farms, video transmission of final quality inspec- tion in remote production facilities, the management of remote mainte- nance access, and early scheduling of maintenance work. With Infotecs’ solution, data

For all your workbench needs.

transmission between the MICA and a remote peer is protected by a bug- proof and tamper-proof VPN connec- tion (virtual private network) and encrypted end-to-end. “The starting point for our security solution is the MICA. The MICA is particularly ro- bust and secure for the industrial en- vironment,” explains Josef Waclaw, CEO of Infotecs.

Securing the MICA The MICA is a minicomputer

Most Popular Hand Crank Adjust

with network connection. The comput- er has a Linux-based operating system and virtualized application environ- ment consisting of Linux containers. The MICA operating system is de- signed to be very slim and contains only the software elements required to operate. This in itself eliminates nu- merous potential attack vectors. For example, the MICA base

system does not include package managers, e-mail clients or other services that are often attacked by hackers. The MICA base system is also inaccessible to users and admin- istrators and cannot be modified by them. The applications on the MICA run in separate, virtualized Linux containers. They are designed so that processes or applications cannot gain access to another container or to the operating system. While the MICA operating system is provided by HARTING, containers can also be developed by third parties — in order to provide security applications.

Electric Adjust Packaging Benches PH: 800 739 9067

End-to-End Protection ViPNet software from Infotecs

was developed as a MICA container

and acts as a virtual security gateway for the MICA’s other application con- tainers. When the applications send data, the latter are picked up by ViP- Net, encrypted and sent to the equally protected peer. This can be another machine at the same location as well as a remote peer in a remote network, for processing of the data. Waclaw emphasises that addi-

tional safety requirements should be considered in industrial applications. Standard networking applications typically work with web servers vul- nerable to cyberattacks. Waclaw cites problems with buffer overflow, insecure protocols and man-in-the- middle attacks. Consequently, ViPNet software

does not use web server technologies. Another difference mentioned by Wa- claw is that standard VPN solutions with asymmetric encryption have been developed for office environ- ments. The keys and certificates are first exchanged in the network and a secure connection is then made to the complete network. “However, for the security of an

industrial production environment it’s important to establish a connec- tion solely to a single machine, rather than immediate access to the entire network. We achieve this through a direct connection that is symmetrically encrypted end-to- end,” Waclaw says. The remote peers are also

equipped with symmetrical keys, and only those data packets where the key fits are opened. This procedure does away with the necessity of ex- changing keys through the network and the subsequent verification of certificates. This is advantageous for connections through mobile commu- nications, since no additional delays are caused by renewed exchange of keys in the face of more frequent dis- connections. “The solution, in combi- nation with the MICA, protects sen- sitive equipment and industrial ap- plications. The software is set up once, and no in-depth IT skills are re- quired,” says Waclaw. With the, HAR -

TING has set up a user organization around the MICA Open Computing Platform. A partner network has emerged that provides solutions for factory automation, logistics, ERP connectivity, IoT and embedded sys- tems, predictive maintenance and a

wide range of security solutions. Contact: HARTING North

America, 1370 Bowes Road, Elgin, IL 60123 % 847-717-9217 E-mail: Web: r

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84  |  Page 85  |  Page 86  |  Page 87  |  Page 88  |  Page 89  |  Page 90  |  Page 91  |  Page 92