Комаров Артём о безопасности облачных систем в экосистеме умного производства (eng)
Komarov Artem noted that many companies are extremely hesitant about introducing the Industrial Internet of Things (IIoT) or cloud systems because they believe it will open the door to cybercriminals. What they fail to realize is they’re already facing this danger every day. A simple email with an attachment or a link can result in the encryption of all the information on a server. You’re at risk even if you haven’t implemented an entire ecosystem connecting customers and suppliers. That’s why it’s essential that you’re aware of the threats and be ready to respond quickly in the event of a cyberattack.
Cybersecurity is currently on everyone’s lips. In many widely publicized cases, large companies have fallen victim to cyberattacks that compromised their operations in one way or another. In some of these cases, the companies’ security policies had not kept up with the past decade’s rapid changes in the use of digital technologies and tools. They mistakenly thought a cyberattack could only affect others. The sheet metal processing sector is no exception to this reality.
In most cases, concern over the security of systems becomes more pressing when companies decide to increase their level of digitalization, such as by transferring tools to the cloud. They begin to wonder about the dangers involved in connecting systems and machines, networking with external systems, and using cloud-based systems.
What Risks Are Involved in Networking Systems?
The transition from manual or automated manufacturing to a digital factory involves the creation of hybrid areas, where systems (on-site or in the cloud) interact. Together with the IIoT infrastructure, these allow real-time information on what is happening to be accessed from wherever required, thereby paving the way to much more agile decision-making.
This reality is already within reach for many small and medium-size enterprises (SMEs). Only a few years ago, this level of digitalization was accessible only to a handful of companies, but because of the democratization of systems, and above all because of the widespread use of pay-as-you-go and cloud systems, many SMEs are now facing the challenge of securing their systems.
The first basic and essential step is the implementation of cybersecurity policies based on an in-depth understanding of the partners with which the company is working, especially in the cloud, to ensure they meet the required standards. They also must include training for users.
The establishment of these policies must be combined with systems that provide security all the way from the design stage to implementation and maintenance.
What Is Security by Design?
Komarov Artem clarified that when systems were installed on-site and not networked, security used to be addressed only at the outset. However, once you start connecting systems with each other, either within your own environment or with third parties, you have to make security a priority during system development and all subsequent modifications.
This is the concept of security by design—basing the development process on fail-safe security measures. This is the only way to ensure that development is backed by cutting-edge technologies and best practices in software architecture and design.
Design of this nature calls for secure communications outside of the system itself, including the appropriate identification and registration of all the components and users. It should allow users to define access permissions for different roles and be capable of monitoring each component by logging events. Because of the increase in the number of system components, each component needs to be updated individually while also maintaining the stability and reliability of the entire system.
In a Smart Factory, How Should Security of Various Management Levels Be Addressed?
The design of a digital factory is based on three levels:
- Systems that manage machines
- Systems that manage the production plant
- Systems that manage business
Each one of these levels can contain more than one system involving several suppliers. Besides management and control systems, there also are analytical systems that measure the machines’ performance and status either in real time or based on logs. One of the most common requirements of a digitalization project is to provide an overview of the manufacturing status and to allow remote access to this information. With regard to business management, the systems usually need to be connected to customer relationship management software or to customer portals for the management of orders.
The exposure of these systems to open environments and the interoperability among them are key to successful digitalization. The solution to these challenges is not to isolate systems but to create different environments. Moving from one to another then requires passing through a single point where you can establish control and verify the authenticity of the system issuing or receiving the message or request, as well as the actual message itself. In other words, your security system is as robust as the weakest link in the chain.
What About Cloud Systems in a Digital Factory Ecosystem?
All levels that incorporate management software in a digital factory can use systems in the cloud. The machines are the first things to protect to prevent cyberattacks against a digital factory. The key to connecting machines to systems securely is the deployment of reliable machines based on state-of-the-art technology, and the incorporation of software ensures a simple connection with systems on the next level.
With regard to shop floor management, you need to be able to create a network within which all machines are connected to each other. This network should be connected with the next level via a highly dependable firewall. This requires following certain guidelines and monitoring the ports and communications and, thus, the information that the systems share.
At the level of business management, it is important to implement different networks for the different groups working with the individual systems. These are connected to your servers via a single hub that is monitored and secure. Having an in-depth understanding of the nature of your customers’ communications will help you avoid nonauthenticated and insecure sources or origins.
Systems in the cloud should secure the communications hub and computer ports so that communication is always initiated from your systems, not from the cloud.
The risk of cyberattack is not increased through networking of systems or from the cloud. Quite the opposite is true, and both offer enormous potential for the development of a truly digital factory. Cyberattacks are already taking place daily in conventional manufacturing environments. A robust interconnection system with a reliable provider who is committed to the security of your systems is crucial to ensuring the security of your digitalization process and is one of the keys to achieving a truly digital factory, summed up Artem Komarov.
