Industrial cybersecurity is a game without end!

05 October 2020

The constant cyber threat is now a fact of life and everyone needs to have an understanding of data protection, argues Rainer Brehm, CEO of Factory Automation at Siemens Digital Industries.

With the rapid growth of the Internet of Things (IoT) and the convergence of OT and IT, there are many more potential targets. Taking into consideration the costs of disruption to production operations, and the threat to human safety when physical systems are compromised, cyber-criminal activities are becoming more lucrative for attackers and cyber security has become a never-ending process that is constantly evolving as the methods and capabilities of attackers become more sophisticated. 

A favoured method of attack is to identify and exploit vulnerabilities in industrial control systems. For manufacturers of automation systems, such as Siemens, it is imperative to develop products securely, but also to provide comprehensive information and solutions  – such as a security patch – as quickly as possible when new vulnerabilities are discovered.

Cyber mature manufacturers collaborate with security researchers who identify and report vulnerabilities in products before malicious attackers have the chance to exploit them. One such company is a Siemens partner, Claroty, which performs security research on Siemens products and solutions. Put simply, the researchers do their best to hack those products – thereby revealing potential vulnerabilities, which can then be eliminated.

The lessons learned from this kind of research are crucial to achieving high standards of security and benefit the further development of automation solutions. Just as future technologies are incorporated step-by-step in the Siemens Totally Integrated Automation (TIA) portfolio, a similar principle applies to security features: constantly adapting to the ever-changing threat landscape to ensure that solutions remain secure.

Experiences with security research can also offer insights into how to approach security. In the last decade we have seen certain types of cyber-attacks occur (and frequently succeed) again and again. This tells us that perimeter-based defences alone cannot effectively keep attackers out, at least not indefinitely. It is smarter to assume that attacks will penetrate defences sooner or later and be prepared for that with, for example, multiple layers that provide ‘defence in depth’ and segmentation that restricts movement to other parts of the network.

Integrity (to protect data from unauthorised modification or deletion) and confidentiality (to prevent unauthorised access to data) are key security goals for a holistic security concept. Security features such as strong machine-to-machine and user-to-machine authentication based on custom digital certificates;  and  fine-grained access control will become mandatory in the future.

Given the growth in potential vulnerabilities and the improvement capabilities of the attackers, a holistic cyber security concept for the whole value chain – one that adheres to leading international standards, such as IEC 62443 – is required to ensure clarity and structure. Risk assessment becomes more effective, so decision makers can clearly see where the priorities lie and what the implications for business operations are.

Contact Details and Archive...

Related Articles...

Additional Information...

Print this page | E-mail this page