IT in Manufacturing


Bringing trust to the Internet of Things

Technews Industry Guide: Industrial Internet of Things & Industry 4.0 IT in Manufacturing

In this era of digital transformation, where companies are deploying digital technologies to improve their operations, deliver value to customers, and gain a competitive edge, IoT initiatives invariably form the backbone of those efforts.

Huge amounts of data are generated by and collected from a wide variety of IoT devices. It is then analysed and actions taken, depending on the results of the analysis. However, if you cannot trust the data and the devices that produce it, there is no point in undertaking the massive effort required to collect and analyse it in the first place, or even worse, make business decisions based on it. IoT security is all about enabling that trust, and that’s why it is such an important topic today.

Many IoT devices simply were not built with security in mind. The introduction of connectivity to legacy devices where it was never the original intention, or to newer devices whose designers lacked the expertise to develop for high-security networked environments, can result in the introduction of new and unanticipated vulnerabilities. And those vulnerabilities can be exploited by attackers to use an IoT device as a point of entry into a network, which they can then leverage to go after higher value systems and data.

Herman Kriel.
Herman Kriel.

The diversity of IoT devices and lack of standardisation pose challenges. However, proven time-tested security techniques – adapted to the IoT environment – are the key to addressing these. Digital certificates to uniquely identify devices and form a root of trust for IoT systems, firmware signing to ensure that devices can accept authentic and unaltered updates and security patches to eliminate discovered vulnerabilities, and encryption to protect sensitive data collected by IoT devices are three important technologies to enable a secure and scalable IoT.

Offering assurance

Securing the IoT is dependent on authenticating connected devices as an important part of ensuring that each one can be trusted to do what is expected of it. If organisations cannot trust the data and the devices producing it, why undertake the massive effort required to collect, analyse, and base decisions on it?

By providing each device with a unique identity that can be authenticated whenever it attempts to connect to a gateway or central server, it is possible to track its connection history and behaviour. Should a device behave in an unexpected way, an administrator can then quarantine it or revoke its network privileges.

Two thirds of the respondents to a recent survey, however, cited the poor authentication capabilities of IoT devices as one of their main security concerns – and with good reason. Strong authentication, based on a root of trust embedded at the time of device manufacture, is a linchpin to enable lifecycle security for medical devices.

In the case of medical IoT devices, assurance is required that the integrity of the device is maintained. It is crucial, for example, that a device receives the correct information to ensure it carries out the right action – such as delivering the correct dosage or recording the right measurements – at the right time. When a patient’s health is at stake, there should never be any doubt as to the integrity of the device and the data on which it relies.

Digital birth certificates

Providing this assurance, therefore, requires a solution that protects both the transfer and receipt of critical data, authenticates the addition of any new devices to the network to establish a root of trust and identity, and offers end-to-end encryption with strong key management. Only with such provisions in place can we be fully confident that our connected devices are secure.

Hardware security modules (HSMs) help IoT device manufacturers create a unique device identity or ‘digital birth certificate’ that can be authenticated when a device attempts to connect to a gateway or central server. With this unique ID in place, a device can be tracked throughout its lifecycle, and can be communicated with securely and prevented from executing harmful processes. If a device exhibits unexpected behaviour, its privileges can simply be revoked.

IoT security is seen by many today as a barrier to their IoT projects, particularly when treated as an add-on as opposed to a core component that must be designed in from the beginning. Security getting a seat at the table from the inception of IoT projects will evolve from being the exception to being the rule. And rather than being the ‘no’ people, the security team must recognise its role as a key enabler in the IoT, navigating the vast ecosystem of connected products and platforms, and developing ways to ensure and maintain trust.

About nCipher Security

Today’s fast moving digital environment enhances customer satisfaction, gives competitive advantage and improves operational efficiency. It also multiplies the security risks.

nCipher Security, a leader in the general purpose hardware security module (HSM) market, empowers world-leading organisations by delivering trust, integrity and control to their business-critical information and applications.

Its cryptographic solutions secure emerging technologies – cloud, IoT, blockchain, digital payments – and help meet new compliance mandates, using the same proven technology that global organisations depend on today to protect against threats to their sensitive data, network communications and enterprise infrastructure www.ncipher.com.

For more information contact Herman Kriel, CyberTech – A division of Altron, +27 11 879 5907, hermank@acs.altech.co.za, www.cybertechsa.com





Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Get full value from factory floor data with data sciences
October 2021, Omron Electronics , IT in Manufacturing
Valuable information needs to be extracted from the data and presented to the right audience, at the right time and in the right way.

Read more...
Collaboration in the automation ecosystem
October 2021, EPLAN Software & Services , IT in Manufacturing
Data created in the engineering process must be shared with everyone involved in the process.

Read more...
Siemens’ software for digital transformation of automotive design
September 2021, Siemens Digital Industries , IT in Manufacturing
Model-based development process and systems are used in Japan and globally to adapt to the biggest automotive transformation in 100 years.

Read more...
Is track and trace through the factory a waste of time?
September 2021, Iritron , IT in Manufacturing
Modern track and trace solutions are purpose-built to introduce as little disruption to the existing production process as possible, while also being flexible enough to cater for plants that range from fully manual to fully automated.

Read more...
Modularity for scalability
September 2021, RJ Connect , IT in Manufacturing
Businesses are looking for versatile solutions that are easy to maintain to ensure smooth operations while keeping costs down.

Read more...
Saryx launches TMP
September 2021, Saryx Engineering Group , IT in Manufacturing
The digital transformation that has swept the world in the past few years has fundamentally altered most people’s approach to technology, with an increasing number seeking the ability to manage their ...

Read more...
Secure boundaries enhance industrial cybersecurity
September 2021, RJ Connect , IT in Manufacturing
When enhancing cybersecurity, it is important to understand how industrial systems are exchanging data and how they connect to IT-level systems.

Read more...
Siemens drives digital transformation at virtual Smart Mining forum
September 2021, Siemens Digital Industries , IT in Manufacturing
With its motto: ‘On the road to the digital future’, Siemens hosted its virtual Smart Mining forum from 3-5 August.

Read more...
Deep-learning AI made accessible
September 2021, SICK Automation Southern Africa , IT in Manufacturing
SICK Automation has launched a set of deep-learning software and services called dStudio, making artificial intelligence (AI) more accessible to the southern African market. This software works with machine ...

Read more...
How safe are our factories? Part 1: Cybersecurity for operational technology.
August 2021, Wolfpack Information Risk , IT in Manufacturing
If companies are regularly being subjected to cyber hacks overseas, isn’t it only a matter of time before someone with enough motivation, skill and resources targets us?

Read more...