search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Security and Monitoring


Establishing cyber resiliency in the industrial sector


By Thorsten Stremlau, Trusted Computing Group B


usinesses are increasingly taking advantage of robots, digital twins, and Internet-of-Things (IoT) devices as a result of their ability to bring increased automation and efficiency


to industrial operations.


However, these technologies can bring an increased risk of targeted attacks aiming to corrupt and impersonate the very devices so necessary to success. International standards can help secure the industrial usage of robotics, digital twins, and the Industrial Internet of Things (IIoT) by providing a ‘trusted’ platform for these technologies to operate on, and organizations should be proactive in adopting these within their operations.


Innovation – but at what cost? The use of IIoT within industrial settings is maturing, with the market expected to reach $110 billion by 2025. Companies using connected equipment are able to deploy sophisticated techniques such as data mining and deep-learning functions, by analyzing data provided from the cloud. IIoT equipment provides operators with the tools required to make vast improvements on safety and efficiency. Operations can be fine-tuned to suit the needs of the business through the use of sensors and cloud intelligence, reducing waste and offering individualized products and services. Companies can also use predictive maintenance techniques to ensure equipment is offering optimal performance, thereby reducing downtime. Through IIoT, the need for preventative maintenance is reduced, as businesses will know exactly when parts will need replacing long before they begin to negatively affect operations.


Despite the numerous benefits IIoT can bring, connected devices can often provide a gateway for hackers looking to exploit systems for financial gain. Threats levelled against individual devices are a concern, but attacks on other layers can have a more significant impact. In April 2022, the systems of German wind turbine servicing company Deutsche Windtechnik were targeted by a


48 March 2023


ransomware attack. In response, the company were forced to switch off all internal systems and remote data monitoring connections to the wind turbines. This isolated the problem, but Deutsche Windtechnik suffered financial losses as a result of the two days they were unable to operate at full capacity, and these types of attacks are becoming increasingly commonplace.


Protecting your connected equipment


Once your systems have been compromised, confidential and sensitive information can be monitored and accessed whilst data and commands can be altered as they travel through a network. Should a hacker gain access to a server that maintains control over a large number of devices, the impact of their attack can have severe consequences for a business. Dealing with the aftermath of a successful attack will always be a more costly venture than procuring the right tools to protect your systems in the first place, and businesses need to be reviewing the solutions and measures available to them in order to establish a strong line of defence. Industrial cybersecurity measures by their nature invert the traditional triad of security values of confidentiality, integrity, and availability. For operational technology, known as ‘Industrial Control Systems (ICS)’ security, these elements are paramount: availability is vital, integrity is essential and confidentially is of least concern. For example, in conventional IT systems, you can be quickly locked out if a user is unaware of the password. But when it comes to an industrial setting, authorized employees will often need to carry out safety- critical tasks and simply cannot afford to be locked out by a password, and therefore tailored solutions are required. Furthermore, traditional IT equipment is expected to be replaced every three to seven years, but industrial technologies are designed to be more durable and expected to last at least twenty to thirty years. Newer equipment will be designed to consider the current technology and threat landscape


Components in Electronics


relevant to the intended industry, but older equipment can quickly pose a higher security risk if not constantly reviewed, which can be time-consuming. A more considered, proactive approach is needed to ensure secure operations.


Ensuring the safety of operations There are several steps organizations can take to mitigate any potential vulnerabilities. Should counterfeit parts be accidently installed, operators can expect significant system downtime and revenue loss, alongside malfunctioning or safety problems. Businesses must also be able to authenticate any users operating its equipment. Establishing two- factor or multi-factor identification means any authorized members of the workforce must use their mobile phone in order to verify their identity. This would mean a hacker wouldn’t be able to gain access without completing the authentication process, blocking any


attempts to unlawfully gain access to sensitive information.


One of the key international standards that can be used to protect industrial robotics is the Trusted Platform Module (TPM) standard, developed by organizations like the Trusted Computing Group (TCG). The TPM is a hardware-based security feature that provides a safe environment for the storage and processing of sensitive information. This can be used to store cryptographic keys, digital certificates, and other sensitive information in a secure manner, authenticating the software and firmware running on a device. Utilizing a TPM establishes trust in communications between robots and control systems to protect the integrity of the robot’s software and data. Digital twins - the virtual representations of physical assets - can also benefit from this standard. For example, a TPM can be used to secure the communications between


www.cieonline.co.uk


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62