Embedded data encryption down to the last meter
Holistic security requires adherence to three basic principles. Defense-in-depth stacks or layers security solutions. The minimum need-to-know principle assigns users and processes only the maximum permissible rights, while redundancy ensures that failure of components does not interfere with safety functions.
NETWORKED PRODUCTION OF THE FUTURE will require reliable automation technology and secure communication paths throughout the entire production process. Production data is considered the most valuable asset of the automated future - and must therefore be protected.
In times of Industrial 4.0 and Industrial Internet of Things (IIOT), automation solutions increasingly rely on open and networked system architectures of standard components. Ultimate productivity gains are finally made possible by the transparent access to the production data. However, maintenance, service and legal documentation requirements for complex systems can or should not be provided by on-site personnel; remote access is necessary. The resultant cross-linking of functional units results in increased safety requirements and applies not only to spatially limited industrial plants, but also to distributed systems of energy technology.
Encryption of sensitive data (SSL/TLS) during storage and transmission is a prerequisite for effective networking (segmentation/firewall/VPN). But a secure standard configuration along with user authentication and allocation of user roles are also requirements that typically need to be reviewed regularly in audits.
Against this background, automation systems are exposed more than ever to the "dangers" of the IT world. Any security breach can have fatal consequences for companies and employees.
In the summer of last year, the German federal government adopted an IT security measure, which is aimed primarily at critical infrastructure operators (KRITIS). In addition to regular security audits, it also reports the reporting of IT security incidents to the Federal Office for Information Security (BSI). In addition, the IT baseline catalogs define possible scenarios and protective measures based on ISO 27002.
These, in turn, build on the various industry-specific policies and recommendations that require companies to ensure the confidentiality, integrity, authenticity, and availability of data. These regulations also increase the requirements for manufacturers of automation technology and present them with new challenges.
In order to build a secure system architecture, three different basic principles must be considered. The "defense-in-depth" concept is about stacking or layering security solutions so that in case of circumventing another layer, another protection still provides protection. The "minimum need-to-know" principle assigns users and processes only the maximum permissible rights. The "redundancy principle", in turn, relies on technologies to ensure that the failure of individual components does not interfere with the safety functions.
It is also intended to minimize the impact of an unrestricted requirement for system resources. Concrete technical and organizational measures are, among other things, the lasting basic protection and system hardening by means of "patch management" (update capability) as well as the long-term availability of the operating systems.
Encryption of sensitive data (SSL/ TLS) during storage and transmission is a prerequisite as well as a corresponding network concept (segmentation/firewall/ VPN). A secure standard configuration and user authentication as well as the allocation of user roles are also part of the requirements catalog. These measures and processes are typically reviewed regularly in audits.
Today, WAGO already fulfills all relevant guidelines in the area of IT security and even a large number of the requirements from the BDEW white paper for applications in the field of energy and water supply, which are part of the "critical infrastructure" (KRITIS).
The controller family PFC 100 & 200 from WAGO takes these developments into account. They are characterized by a cross-platform real-time Linux, which is available as an open-source operating system, is scalable and updateable, and supports tools such as Rsync, Fail2Ban and virus scanners. Various interfaces and fieldbuses such as CANopen, PROFIBUS DP, DeviceNet and Modbus-TCP can also be operated independent of the manufacturer. There are different requirements for the level of a safety solution, depending on the application and the risk analysis. The WAGO-PFC family is in any case designed to implement the currently highest safety requirements according to ISO 27002. It provides onboard VPN functionality based on the so-called Strongswan package, a secure communications solution for Linux® operating systems. In addition, the data can already be encrypted in the controller using SSL / TLS-1.2 (Secure Sockets Layer / Transport Layer Security) encryption.
A VPN tunnel is then built directly over IPsec or OpenVPN and transfers the data, e.g. to the cloud. While IPsec encrypts to operating system level 3 or Layer 3 of the OSI layer model, OpenVPN ensures data integrity on the application layer (Layer 5). This results in tamper-proof and tamper-proof communication connections between the controllers and network access points. An upstream VPN router is no longer required. When communicating with a PFC100 or 200, an encrypted LAN / WAN connection can be established, the contents of which can only be understood by the two endpoints. Connections are established only after successful authentication. An encryption method is used with pre-shared key, in which the keys must be known to both parties prior to communication. This method has the advantage that it is easy to realize.
The controllers of the PFC family can also be used as scalable nodes, which can be retrofitted with already existing automation systems without having to interfere with the actual automation process - the data is collected in parallel and can be sent to the cloud, for example via MQTT or OPC UA are sent. The user is thus in a position to monitor systems adaptively and preventively. Plant operators have the opportunity to keep an overview of their production facilities and to optimize the processes step by step thanks to their cloud capability. These complex processes can not only be captured and visualized, for example by Smartphone or tablet, but can also be optimized with analysis methods from the big data environment with little effort.
Real added value
Data analytics tools play a crucial role in the data flow. With the aid of the data collected at the field level, they are able to predict plant and thus production losses in terms of predictive maintenance by, for example, calculating the wear of certain machine components.
This minimizes costly plant failures. In the future, such an application can, for example, predict that a certain part of the production plant has to be exchanged in three months thanks to data analytics. The higher-level automation system then detects which part is involved, asks the manufacturer for the current delivery time and orders the spare part fully automated.
Particularly in applications in which plants are operated continuously, such a development is of great relevance - for example in automated production lines in the automotive industry or in the process and food industry.
In transporting digital data from the field level into a cloud, existing security mechanisms must be applied intelligently. To avert damages that could hurt the company and also gain competitive advantages, it is essential that data is exchanged and stored securely at all times.
Integrated automation solutions will therefore have to have functions that go beyond mere automation capabilities. Finally, the core of the "Industrial Internet of Things" is to use data in a profitable way and to generate sustainable added value for the company. However, if you want to achieve this goal, you should consider the necessary measures to be taken in IT security.
For the transport of digital data from the field level into a cloud, the existing security mechanisms must be applied intelligently, not least if cloud connections as a complement to the existing automation system pre-communicate with a large number of the protective mechanisms, which in the sense of "defense in depth" solutions, have been set up, such as access control, authorization concepts and firewalls. To avert damages from the company and gain competitive advantages, it is essential that data is exchanged and stored securely at all times.
In the future, this will only be achieved by means of a comprehensive IT security concept, which corresponds to the individual requirements of the company in the sense of a "security by design" principle both for processes in the company as well as in production.
Technology report by WAGO.