Level sensing security considerations

19 April 2024

Philipp Ketterer discusses the importance of specifying level sensing solutions which can offer security against cyber attacks.

With concepts such as NOA (NAMUR Open Architecture), MTP (Modular Type Package) and Ethernet-APL (Advanced Physical Layer) being more widely deployed creating new avenues into the previously self-contained automation level, This is, however, also increasing the potential surfaces for a cyber attack.

So, while these integrated automation solutions simplify handling and make processes more flexible and efficient, they do pose a security issue. Level sensors, for example can provide important data across many different areas of industrial activity. Sensors from VEGA, for example, have been supplying critical data to higher-level systems for many years, such as level data from road salt silos along motorways or production data from flour mills, for the purpose of optimising raw material logistics. 

From a cyber security perspective, this creates challenges. Data is increasingly being bundled into production and maintenance systems so that it can be further processed in the office or control room. This creates discontinuities between operational and security functions.

Level sensors are certainly not at the forefront of many cybersecurity discussions, especially in the case of something like short-range Bluetooth operation, which would require an attacker to get physically close to the application. However, what many forget is that an attack on the IT structure of a company will also affect all the processes that depend on automation. For this reason it is important that process sensors are suitably robust and hardened. 

Many engineers still consider cybersecurity to be an IT issue. However, IT cannot keep an eye on every single sensor in an industrial plant. For that reason, every user needs to develop an awareness of all the factors involved in reliable sensor operation – not just from the aspect of system security – but also the know how to deal with a cyber-attack. Further, protection against cyber-attacks is not something users and plant operators can discuss one time and be done with – it’s a topic they’ll have to revisit throughout the entire lifetime of the plant. Just as they care for the plant and all the production equipment, they should also care for the sensors and, especially when it comes to cyber security, keep them up to date.

VEGA has therefore ensured that its latest level solution, VEGAPULS 6X, can offer cyber security. The entire development process was geared to the IT security standard IEC 62443-4-2. It included, among other things, an analysis of possible threats right from the start in order to identify weak points and develop countermeasures during development. All future sensor development by VEGA will also be undertaken in compliance with IEC 62433.

Philipp Ketterer is a product manager at VEGA.

Contact Details and Archive...

Print this page | E-mail this page