Views
9 months ago

Technical article - Security in production facilities

Technical article - Security in production

Security in production facilities – discovering intruders Security in production facilities – discovering intruders Highly interconnected infrastructures are a fundamental requirement for Industry 4.0. But such a high degree of networking also has certain disadvantages, with unauthorized access via cyber-attacks becoming much easier. Many facilities are also not equipped to defend themselves from such attacks. Data management systems are one way of improving security in this area. Automated production environments were originally designed to be closed units that could not be accessed from the outside. High plant availability was – and still is – the utmost priority. Opening up the world of industrial IT and linking it to office-based IT has thus created several problems. In office IT, data confidentiality has always been particularly important, and this sector has a great deal of experience with security programs and security measures. Anti-virus scanners require a certain amount of computing power and can potentially slow the system down. Updates (and having to restart the PC afterwards) are also tolerated by users. In the production world, however, things are a little different. In industrial IT, system slowdown is unacceptable, particularly in RTC 3 (Real-Time Class 3) environments with motion control. Furthermore, these Industrial Control Systems (ICS) are fundamentally not designed to prevent malware attacks. According to a survey by the management consulting firm PricewaterhouseCoopers, the number of cyber-attacks to affect company production increased by 48 percent in 2014 to around 42.8 million attacks. Almost half of all companies were affected. In Germany alone, this resulted in economic losses of more than 51 billion euros. Cyber-attacks on ICSs are generally discovered at a very late stage. The attacks themselves usually take place across multiple levels and are therefore not only stubborn, but also intricately entangled in the system. Of course ISO/IEC 27000 standards can be implemented in such situations, but this is difficult with most ICSs. The first thing that companies should do is increase awareness among their employees of the potential dangers that can affect a production environment. All workers must also be made familiar with basic precautionary measures. Furthermore, individual, employee-specific access data can be provided in order to implement shift changes or department changes with minimal complications. Another possibility involves network data and looking closely at log files. This is the main task of a Security Operation Centre (SOC). The SOC checks the data for any potential cyber-attacks so it can react accordingly when needed. A further security measures involves separating the various parts of the automation pyramid using firewalls. Sectors on the same level of the pyramid should also be separated from each other where possible. This could mean separating safety systems from standard systems, for example. Fig. 1: Reliable data: the latest version of a project is available at any time as the data is stored in a central repository Copyright by AUVESY GmbH & Co KG · Fichtenstraße 38 B · 76829 Landau in der Pfalz Last updated: 16.9.2016 Page 1 of 3

© Copyright 2018 AUVESY GmbH - All rights reserved.