TechnologySeptember 21, 2023
2023 Industrial Cybersecurity Progress Report
Industrial cybersecurity has become "Job One" for manufacturers to enable secure use of modern IT technologies in industrial networks, and seamless communications between IT, OT and cloud resources that require highly granular security policies based on identity and context for people, devices, and applications.
Industrial cybersecurity has become an overarching, top priority for manufacturing as the move to the Industrial Internet of Things and cloud computing has created an environment where the traditional air-gap approach to security is not sufficient.
In this special report, the Industrial Ethernet Book reached out to industry experts to gain their insights into the megatrends driving Industrial Cybersecurity technology, industry standards and the challenges facing automation engineers.
Adoption of Cloud Services
Driving the need for distributed security architectures and no single points of control.
According to Andrew McPhee, Solution Architect – Industrial security at Cisco, key technology trends and growth of the IIoT are creating a need for new industrial cybersecurity solutions.
“The growing adoption of cloud services for running operational processes is driving the need for distributed security architectures and no single points of control. The traditional air-gap approach to industrial security, enforced by firewalls in the industrial DMZ is still needed but not sufficient,” McPhee told the Industrial Ethernet Book recently.
“Enabling secure use of modern IT technologies in industrial networks, and seamless communications between IT, OT, and cloud resources require highly granular security policies based on identity and context, for people, devices, and applications,” he said. “This means being able to identify and profile every connected device, as well as local and remote users, and define least privilege access policies for each one of them.”
McPhee added that, fortunately, the latest advances in edge computing enables industrial networking equipment to embed software capabilities making automated asset discovery, software-based network segmentation, or zero-trust network access (ZTNA) simple to deploy at scale without the need for dedicated security appliances or additional network resources which would typically raise the cost and complexity of such cybersecurity architectures to unbearable levels.
Impact on manufacturing networks
McPhee added that most industrial organizations do not have comprehensive or up-to-date inventory of connected OT assets. You can’t secure or monitor what you don’t know. Modern network equipment such as Cisco industrial networking products automatically build and maintain the inventory at scale without any addition to the industrial network. It makes it easier to have the visibility required to build security policies, monitor assets and communications, comply with cybersecurity regulations, and meet cyber-insurance requirements. It is the foundation to a robust OT cybersecurity strategy.
“With comprehensive visibility, you can restrict communications between assets by using software solutions creating security policies to segment the industrial network into smaller zones of trust as recommended by the ISA/IEC62443 security standard. Cisco industrial networking equipment can enforce these policies to prevent unauthorized communications or avoid attacks to spread. This means there is no need to deploy firewalls for zone segmentation, greatly simplifying network setup, as assets move, are replaced, or added”
Similarly, edge computing enables zero-trust network access (ZTNA) to operational spaces. Rather than using 4G/LTE gateways or ad-hoc remote access software that are too complex to control and secure, Cisco industrial networking equipment gives you access to remote OT assets to manage or troubleshoot them. The embedded ZTNA agent provides granular access controls based on identity and context policies with audit capabilities.
Having edge computing capabilities embedded into industrial networking equipment allows to use of the network as the sensor and the enforcer. Eliminating the need to deploy, maintain and power dedicated appliances also drives sustainability and simplicity. It also addresses the skills shortage issue, helping small teams managing advanced infrastructures.
Unique technology resources
McPhee summarized a series of areas where the latest technologies are providing unique benefits and solutions that can be applied in industrial environments.
Segmentation: OT assets should only communicate with resources they need to perform their tasks. In industrial environments the focus is on creating smaller trust zones to prevent malware propagation as recommended by the ISA/IEC-62443 security standards. Solutions such as Cisco Identity Services Engine (ISE) for instance, work with your network switches, routers, and wireless access points to restrict communications as per the zones and conduits you have defined, without having to deploy and maintain firewall appliances within the industrial network. It leverages groups defined by the OT team using the Cisco Cyber Vision asset inventory capabilities to allow/deny communications for each asset. When a change is required, just move the asset to another group in Cyber Vision for ISE to automatically apply the corresponding security policy.
Zero Trust Network Access (ZTNA): Remote access is key for operations to manage and troubleshoot OT assets. Zero Trust Network Access (ZTNA) is the future of remote access architectures. It lets you configure least privilege access based on identity and context: Remote users connect to a cloud portal and have access only to the devices you choose, using only the protocols you specify, only in the time window you allow, and only after they have passed a series of security controls such as multifactor authentication or verification of the computer’s security posture. Edge computing allows Cisco Secure Equipment Access to run in Cisco industrial networking equipment to simplify deployment of ZTNA in OT networks at scale.
Specific application areas are also being targeting with the newest Industrial cybersecurity solutions, and contribute to overall network performance. These include:
Network performance: OT visibility solutions such as Cisco Cyber Vision help understand network and configuration issues in addition to malicious traffic and abnormal behaviors. They track all communications to provide operational insights that can help troubleshoot operations.
The move to cloud: As the industrial network uses more cloud services, the attack vector increases, and it is critical to continuously verify trust of remote resources. Security service edge (SSE) solutions help organizations provide secure connectivity between IT, OT, and cloud domains by enforcing granular access controls and security policies. SSE solutions enable security administrators to offload computationally expensive tasks from on-prem hardware to scalable cloud resources and provide centralized policy management which increases network performance and minimizes administrative errors that result in downtime. Combined with visibility solutions, they offer the ability to react to changes in trust upon the discovery of new information.
Secure remote access: Historically, 4G/LTE gateways or ad-hoc remote access software have been deployed, making it nearly impossible to enforce security controls. These shadow IT solutions must be identified (using the visibility capability of the industrial network) and replaced with a secure solution. Zero-trust network access (ZTNA) built into industrial networking equipment makes it easier to enforce granular access controls.
“New OT cybersecurity solution provides network telemetry and visibility into asset that operations team can leverage to identify device misconfigurations, unexpected changes to industrial processes and overall equipment effectiveness (OEE),” McPhee said.
He added that using edge computing capabilities built into industrial networking equipment to benefit from visibility, segmentation and secure remote access drives cost reduction, simplicity, and agility. Fewer appliances and network resources to deploy and manage means lower CAPEX and OPEX. It is also much easier to deploy and operate at scale, helping OT teams run advanced facilities even if they cannot find new skilled personnel to hire.
“Implementing such visibility solutions also helps IT and OT teams gain a factual understanding of the situation and facilitate effective collaboration between both teams. In turn, this will generally lead to proactive vulnerability management, network segmentation projects, and events monitoring which are regulatory requirements in many industries,” McPhee said. “Even insurance companies can require these OT cybersecurity best practices to be implemented to provide cyber insurance.”
Creating zones and conduits
New segmented sections within the application represent a new layer of defense.
“Many industrial controls engineers are benefiting from creating zones and conduits to create more segmentation within their industrial applications,” Barry Turner, Technical Business Development at Red Lion, told IEB.
“These new segmented sections within the application represent a new layer of defense. As part of a Defense in Depth strategy, customers are creating multiple layers between key assets and would-be hackers. Grouping key resources for speed with an added benefit of access control in and out of this segmented section of the network, which is known as a zone,” he added.
Turner said that the biggest hurdle to overcome in implementing this is making changes to the network components themselves. Using network segmentation solutions like Red Lion’s RA10C, users can create segmented portions of their network without making changes to the existing network components. So, there is no need to change the IP address of the 10-year-old PLC that is working perfectly fine just to increase security on the plant floor. Using the RA10C in bridge mode makes this possible.
New solutions, technology benefits
“Creating segmented areas within a plant floor must be done with extreme care to avoid interrupting the speed requirements of the industrial devices on the floor. It is crucial to keep PLCs and the devices they directly control within one zone or segmented area of the network to ensure the most reliable network and application,” Turner said.
“When data needs to leave the zone, it will take a conduit or path out through a firewall or router. These conduits provide access control, offering users the ability to allow or disallow traffic as well as log activity. Using a solution like the RA10C, users can create segmentation without making changes to the network components already in production. Therefore, there is no need to change the IP address of the PLC or VFD that has been running for years. Simply place the RA10C in the application in bridge mode and use the firewall to graphically allow or disallow traffic,” Turner said.
Zones and conduits
The concept of zones and conduits has been around for a while but Turner said it is just now being implemented in industrial applications. This concept is covered quite extensively in the ISA 62443 standard, as it is something IT has been using for a while now. The limiting factor in implementing this type of solution is the fear of making changes to the network that jeopardizes the uptime of the application.
Making a change to the PLC that has been running without fail for many years is not something a controls engineer takes on lightly. Traditionally, to implement zones and conduits, one would need to create a new VLAN, change the IP addresses of the newly segmented devices, create a route for the new segment, and perform some type of access control. Red Lion’s RA10C makes this much easier, faster, and without the risks. Users using the RA10C in bridge mode do not need to change the IP address of the devices or create VLANs. They simply put the device in line, and the graphical firewall makes it easy to decide which devices should communicate and which ones should not. This segmentation creates a layer of security without negatively impacting downtime.
Industrial cybersecurity solutions
“As a controls engineer, one needs their application to run smoothly without interruption. The best way to ensure that is to keep the application safe from would-be attackers. Creating zones and conduits within an application will minimize the likelihood of a successful attack by creating multiple layers of protection against an attack vector,” Turner said.
“A factory floor using a flat network has one large attack vector, which is the single VLAN or subnet the process is running on. If an attacker gains access to that one network segment, they will have some access to the entire application. Breaking the plant floor into smaller segments will limit the potential success of a hacker or malicious software. Then, utilizing conduits with access control and logging will enable the ability to control traffic and alert if things are out of the norm.”
IIoT increases network exposure
Industrial cybersecurity requires state-of-the-art security patch management, intrusion monitoring, and security logging capabilities.
“The increasing professionality of cybercriminals has led to the creation of convenient toolkits that make attacks of all kinds – e.g., denial of service, data theft, and extortion – more likely because many front-line attackers do not need to have deep technical knowledge to successfully use these toolkits,” Georg Stöger, Director Training & Consulting at TTTech Industrial, told IEB.
“Advances in AI make super-convincing impersonation and phishing attacks more likely. Therefore, industrial cybersecurity requires state-of-the-art security patch management, intrusion monitoring, and encompassing security logging capabilities,” Stöger added.
Stöger said that, although emerging quantum computing encryption mechanisms sound exciting, the major security challenges in industrial systems are not related specifically to broken encryption of data transmissions. Rather it is the wide range of technical and organizational weaknesses in heterogenous, networked control and management components across all layers of the automation pyramid which makes hardening the industrial system against cybercrime so difficult.
“Therefore, we recommend not to look for a specific technology solution first, but rather to adhere to standards for secure design and operation of industrial control systems, Stöger said.
Major security challenges
A major security challenge for manufacturing systems is the trend toward Internet of Things, which not only increases network exposure but also brings a lot of new software to the industrial edge. Solutions for industrial cybersecurity must therefore address not only network security but also software management, specifically patch management.
Stöger said that security patches related to vulnerabilities of any component in the plant need to be identified based on the system’s Software Bill of Material (SBOM) and installed in the shortest possible timeframe – certainly within days, not months or years after becoming available. This applies both to the application software and the underlying operating systems. Ideally, such patch management should be supported with minimal or no downtimes, although sometimes a reboot of controllers may be unavoidable after installing some OS security patch. This helps to avoid two worst-case examples of how software security management might be performed: either by shutting down production to check for, and apply, patches and updates for each component in the system – or to skip software security management altogether.
Beyond network-based security
Advanced industrial cybersecurity goes beyond network-based security and user-based authentication; it needs to address all areas of system security including:
- user and component/device identification and authentication (using device certificates);
- maintaining and enforcing access restrictions;
- enhancing and checking system and software integrity and authenticity;
- keeping data secure during use, during communication, and even when taking a component out of service;
- protecting the industrial system against service degradation and denial of service;
- and providing robust event logging and timely analysis of unusual events to ensure that countermeasures are initiated in case of a security incident.
This list indicates that more than one technology will be required to achieve good cybersecurity for a complex industrial system and that the application of these technologies in a specific system and situation cannot easily be described in a generic way. The good news is that for most common threats, comprehensive technical and/or organizational solutions exist. They are sometimes cumbersome to implement properly, and cutting-edge solutions will simplify this as much as possible.
Security at the industrial edge
“Industrial cybersecurity solutions for manufacturing and discrete automation systems provide enhanced security measures at the industrial edge where data is generated,” Stöger said. “They offer real-time threat detection, local access controls, and network segmentation, helping to safeguard critical processes against cyber threats. Edge security solutions ensure data privacy through anonymization and aggregation, while also enabling real-time patching and integration with legacy systems.
With scalability and support for heterogeneous systems, the newest edge cybersecurity solutions are well-suited for diverse manufacturing operations. By focusing on local threat detection, access controls, and compliance, these solutions contribute to secure, resilient, and efficient manufacturing processes.”
In addition to discrete automation, advanced cybersecurity solutions addressing IIoT and industrial edge security requirements are seeing increased adoption in process automation, transportation and infrastructure systems, and energy production and utilities. As these application areas are becoming more connected, the paradigm of a well-defined security perimeter is getting challenged, and more “zero trust” elements need to be included in the system security architecture.
Challenges for plant personnel
Stöger said that industrial cybersecurity addresses challenges including cyber threats, data privacy, system disruptions, legacy systems, interconnected networks, supply chain risks, human errors, regulatory compliance, remote access vulnerabilities, and incident response. As automation systems become more interconnected and reliant on digital technologies, the risk of cyberattacks, data breaches, and operational disruptions increases and must be addressed consequentially and systematically by automation engineers.
“Industrial cybersecurity involves implementing measures such as network segmentation, encryption, access controls, and intrusion detection systems to protect critical infrastructure and manufacturing processes,” he said. “It also focuses on training personnel, securing remote access, and complying with regulations. By integrating cybersecurity into automation design, implementation, and maintenance, industrial cybersecurity mitigates these challenges and ensures the integrity, availability, and security of industrial systems.”
To address cybersecurity effectively, engineers need comprehensive knowledge of cybersecurity principles for industrial control systems (ICS). Proficiency in programming languages, risk assessment, incident response, and regulatory compliance is essential.
“Effective communication, problem-solving abilities, and a commitment to continuous learning are vital for collaborating with teams, addressing vulnerabilities, and staying current in this evolving field. An ethical approach, ideally combined with relevant cybersecurity certifications enables engineers to design, implement, and safeguard secure automation systems against the complex challenges of cybersecurity,” Stöger concluded.
Digitalization driving new security solutions
Significantly enhanced state-of-the-art security capabilities required to protect plant networks successfully.
“The main driver for industrial cybersecurity is digitalization, as it requires and enforces new security solutions. Everything gets connected and becomes part of the IoT including the formerly mostly isolated automation systems,” Franz Köbinger, Marketing Manager Industrial Cybersecurity for Siemens Digital Industries, told IEB.
“But this also increases the surface for cyber-attacks and therefore automation systems and industrial networks need significantly enhanced state-of-the-art security capabilities to protect them successfully against the new cyber-threats.”
Köbinger said that this means, for example, that unprotected communication will be replaced with protected protocols and security features like user management and access protection become mandatory for automation systems.
He added that this is the reason for new upcoming or tightened security regulations like the NIS 2 directive in the EU, which will become mandatory also for industrial plants in October 2024. To comply with this, it is not necessary to invent new security technologies, but the proved and state-of-the-art security technologies which are used already in IT need now also to be applied and integrated into OT components and networks. But as OT has other conditions and requirements than the Office-IT, this needs to be done by experts, who understand the challenges in the OT, but also how to apply the latest cybersecurity technologies.
Industrial cybersecurity innovations
“Specific benefits can be created when new solutions for industrial cybersecurity are based on integrated security features and functions from OT components and automation system,” Köbinger said,” if the vendors of these products consider the ‘Security by design’ and ‘Security by default’ principles, users get already hardened and secure products out of the factory.”
In this way, the risk of wrong configuration and incorrect operation is reduced, the usability is better and the effort is lower as the security functions are already activated or pre-configured. Of course, it is also necessary to keep the products secure during operation. As vulnerabilities and exploits are unavoidable, vendors need to provide security updates quickly and reliably. A vulnerability management helps to detect and to apply necessary security updates.
Köbinger said that the impact on manufacturing networks is that the networks are no longer alone responsible for the protection of production sites and automation systems. This is the pre-condition to open the networks and connect OT with IT, Internet and IoT, which is a must-have for the digitalization. This can be achieved with the same or an even better protection as this concept is based on the defense-in-depth principle, which means there is not only one security layer, but more in place.
“One example is the secured communication. While it is very common in IT environments to use secure protocols, many OT devices still lack these capabilities,” Köbinger said. “In this context, TLS (transport layer security)-based communication, which is used to protect the data transfers between automation systems, engineering station and HMI enhances the protection of the transferred data tremendously.”
Additionally, and with respect to IT/OT convergence, user management and access control gets also more and more important for automation systems. Most of the automation systems have already a local user management, but this is not practicable for large plants with many different systems. Because if there is a change of a user or access rights it must be changed locally in every other system. But if there is a connection to a central user management (e.g. active directory) the changes need to be made there only once.
Targeted application areas
Köbinger said that the newest industrial cybersecurity solutions aim to improve the protection of automation systems through access control, encrypted communication, vulnerability management and endpoint protection as well as to improve the network security through anomaly detection, secure remote access, secure OT/IT data exchange and end-to-end OT/IT security based on Zero Trust principles. The overall network performance should not be affected significantly by these measures. Most of them are already used and proven in an IT environment.
“Automation engineers are responsible for a trouble-free operation of their production plants. To avoid disturbances, plant standstills, data and production loss, industry espionage or sabotage a comprehensive cybersecurity concept must be in place, which also includes the protection of automation systems,” Köbinger added.
“A challenge could be, that automation engineers may not be security experts and do not know exactly, what measures need to be applied or how they have to be configured to operate correctly. In these cases, an automation engineer can be supported by providing a configuration support (e.g. security wizard), which explains all available security functions, suggests settings and security features are already pre-configured and must not be forgotten,” he added. “In addition, security trainings or security assessments can also be useful for automation engineers to address the new challenges of industrial cybersecurity.”
Security Drives Innovation
Connected technologies brings cybersecurity risk and need for effective solutions.
“The common thread among technological advancements benefiting manufacturing is connectivity. However, this connectivity also brings cybersecurity risks. Therefore, it’s fair to say that the widespread adoption of connected technologies is a primary driver for the development of cybersecurity solutions,” Scott Pepper a member of the International Society of Automation (ISA) and Sector Head for the Process Instrumentation & Control sector at GAMBICA, the UK’s trade association for instrumentation, control, automation and laboratory technology, told IEB. “In this context, the need for security drives innovation, as the saying goes, ‘necessity is the mother of invention’.”
Areas of innovation
Pepper cited a series of the key trends that are specifically exciting in terms of cybersecurity solution developments and how they can be applied to modern manufacturing:
Artificial intelligence
“We are in the age of ‘pervasive AI,’ and businesses in all sectors are capitalizing on the advantages of AI in all areas of their business, from generative design to process optimization and even employee safety. The importance of AI in cybersecurity becomes increasingly critical as we transition into a more interconnected and data-rich world. AI-driven algorithms can continuously monitor network traffic and identify anomalies, detecting cyber threats and responding in real time,” Pepper said.
Applied AI in the form of machine learning can help enhance threat intelligence, enabling models to predict future cyber threats based on historical data and emerging trends, allowing businesses to proactively address vulnerabilities before they are exploited.
Quantum computing
While quantum computing is still in its relative infancy, the immense processing power it could offer can potentially break widely used encryption methods in a matter of hours or minutes.
To counter this, quantum-resistant cryptography is emerging, which employs algorithms designed to withstand quantum attacks. Post-quantum cryptography is being developed and tested to protect sensitive data in the quantum era, where traditional cryptographic methods may become vulnerable.
Edge computing
While not necessarily an enabler, edge computing deserves recognition as a technology that is spurring the development of new cybersecurity solutions. Edge computing brings data processing closer to the source of data generation, (typically at or near the “edge” of a network), shifting processing and decision-making tasks from central locations to local devices or edge servers.
Edge computing offers notable advantages, including the capacity to harness advanced analytics, deliver lower-latency control, and enhance bandwidth efficiency. Nonetheless, the expansion of edge computing brings about cybersecurity concerns, potentially introducing vulnerabilities into networks, so expect new edge cybersecurity solutions and edge computing to evolve in tandem.
Cybersecurity benefits
“Enhanced cybersecurity is an indispensable enabler of technological advancement across all sectors. For manufacturers, it serves as the foundational cornerstone for embarking on their digital transformation journey with confidence,” Pepper said.
He added that emerging technological innovations offer the potential for substantial benefits, including reduced downtime, increased productivity, cost savings, innovation, elevated customer trust, and long-term sustainability. However, these benefits remain unrealized if a foundation of trust in security is not in place.
“Cybersecurity serves as the guardian of this trust by safeguarding manufacturing systems, digital assets, and sensitive data from threats and vulnerabilities. As such, new solutions bringing about improved cybersecurity allow manufacturers to harness the full potential of emerging technologies, making them a crucial aspect of modern manufacturing,” Pepper added.
Cutting edge solutions
Pepper said that cutting-edge cybersecurity technologies are able to rapidly detect and respond to threats and mitigate risks in real-time, they are able to effectively evolve over time to safeguard sensitive data and systems against increasingly sophisticated threats, and they strive towards ease of deployment and upkeep.
As Pepper discussed previously, AI-based cybersecurity solutions effectively handle most current threats. However, attackers are also harnessing AI for more targeted and nuanced attacks. The ability of AI solutions to adapt to these and other unforeseen cybersecurity risks places them at the cutting edge. While being on the cutting edge offers the highest level of security, it may not always be necessary for many manufacturing sites.
Employing a risk-based approach – such as that outlined in the ISA/IEC 62443 3-2 standard developed by the International Society of Automation – is vital to ensure appropriateness for specific needs and circumstances. This includes an ability to:
1. Assess the risk to the facility in terms of consequence to the organisation.
2. Define the security level (SL) appropriate to that level of risk.
3. Map the security requirements for that level of risk to the environment’s technology and identify gaps.
4. Review cybersecurity solution capabilities against the gap assessment.
When considering cutting edge solutions, it is essential to assess:
1. How realistic are the claims?
2. Does the gap assessment require the new features offered?
3. What is the risk/reward assessment for choosing a cutting-edge solution against a proven, but perhaps less capable solution?
4. What is the total lifecycle cost for the cutting-edge solution, especially considering the long-term maintenance requirements?
5. Is the underlying technology proven, or is there a possibility that it could become obsolete, requiring a replacement solution?
Specific application areas
Pepper said that, as companies advance in their digital transformation efforts, the demand for improved cybersecurity solutions becomes critical. Many industrial facilities are “brownfield sites” which have been in operation for a while so the first step in this journey involves understanding the potential risks, especially in operational areas where cybersecurity concerns may not have received adequate attention in the past. There is no one-size-fits-all solution for addressing cybersecurity concerns at any site. Therefore, it’s crucial to view solution providers as partners in crafting a comprehensive cybersecurity strategy.
“Industrial cybersecurity solution providers can assist in thoroughly assessing an entire system for specific vulnerabilities and security risks, and an essential part of this process involves understanding the hardware and software bills of materials (HBOM/SBOM),” Pepper said. “These documents provide a detailed breakdown of the technical components that comprise today’s Industrial Automation and Control Systems (IACS). This understanding is critical for quickly identifying and addressing technical vulnerabilities within a manufacturing environment.”
These vulnerabilities can then be mitigated by developing effective business processes, fostering a culture of cybersecurity, and implementing the appropriate technologies.
Challenges facing automation engineers
Pepper concluded by stating that “the modern automation engineer is responsible for an incredibly diverse range of technology, from PLC and Fieldbus I/O, through virtualised HMIs and servers, to historian and advanced analytics software for condition monitoring.”
“The technical and procedural vulnerabilities in these complex environments are almost impossible to manage without modern cybersecurity solutions. The modern automation engineer requires solutions that can help them identify and prioritize cybersecurity issues,” he said.
Effective Cybersecurity Standards
Zero trust security and single sign-on infrastructure and services.
Randy Armstrong, Chair of the OPC UA Security Working Group, told the Industrial Ethernet Book that the major trends in new industrial cybersecurity solutions are:
1) Emergence of industrial devices and applications that support standards for zero trust security infrastructure. These allow factory owners to reduce the impact of security breaches by ensuring each device only has access to resources it needs to do its job.
2) Standards for single sign on infrastructure that can be implemented in industrial devices. These standards allow factory owners to eliminate the need to store passwords on devices which often become a huge vulnerability when a password is acquired by a malicious actor. They also allow the use of factory specific roles to determine what rights are assigned to a user which means users can be added or removed from the system without affecting the configuration of individual devices.
3) Standards for onsite services to manage the zero-trust security infrastructure. These services allow the factory owner to retain control over their networks even if external connections are blocked and to reduce the risk that a compromised IT network could allow access to the factory network. More importantly, these services ensure the factory stays secure by automatically updating device security configuration when requirements change.
Benefits for factory automation
“The new solutions allow factory owners to better protect against cybersecurity threats which can often arise from within the factory network via compromised devices or employees,” Armstrong said. “These solutions ensure the factory owner maintains control over their networks and does not require that they depend on cloud or enterprise services while being able to benefit from the standards that the cloud/enterprise services use.”
Armstrong said that today most factories are kept secure by physically isolating their networks. If passwords are used to authenticate devices the passwords are fixed and never changed even if an employee leaves the company. While this model does provide some security the protection fails completely once an attacker is able to access the factory network. The new cybersecurity technologies provide another layer of protection that limits the damage that an attacker can cause even when they gain access to the network. The new cybersecurity solutions also benefit all types of industrial automation applications.
Effective system implementation vital to success
“Automation engineers know that deploying secure systems is a requirement for their job today but configuring and maintaining secure systems is a challenge,” Armstrong said. “Automation engineers need open standards that not only provide protocols that ensure the integrity of their devices but make it possible to manage the security configuration for networks of devices provide by different vendors.”