Editor's Choice


Hack-proof measurement technology

August 2024 Editor's Choice IT in Manufacturing

Users in the process industry have not prioritised cybersecurity. This might be because they assume it’s the IT department’s responsibility, or they don’t feel directly threatened. However, both attitudes are neglectful, and here’s why: IT security should always be a joint task between IT and OT. Digital networking is rapidly advancing in the process industry, and concepts such as NAMUR Open Architecture (NOA), Modular Type Package (MTP), and Ethernet-Advanced Physical Layer (Ethernet-APL) are increasingly being used.

All of this creates new pathways into the previously isolated automation environment, which provides a convenient entry point for cyberattacks.

The dangers of digital networking

The use of modern, integrated automation solutions is simplifying processes and making them more flexible and efficient, but due to this flexibility, process automation engineers are increasingly placing more emphasis on security. For example, according to the industry association Bitkom, the German economy experiences an annual loss of approximately €203 billion due to the theft of IT equipment and proprietary data, and also from espionage and sabotage. What makes this particularly problematic is that cyber adversaries can come from various backgrounds, ranging from individual ‘script kiddies’ to criminals, and even nation states. Although such attacks are still infrequent in the process industry, operators of power plants, fuel tanks, or equipment in the water industry have recently become more vigilant. It is crucial not to underestimate the fact that any IT attacks can rapidly impact OT areas.

The development of wireless communication has brought about many benefits for users. Level sensors play a crucial role in providing essential data across various industrial sectors. This allows process data to be accessible globally, enabling vendor-managed inventory. For many years, VEGA sensors have been supplying critical data such as level data from reservoir water levels through to coal power station inventory stockpiles.

The emergence of Bluetooth technology has further expanded the use of these applications. Bluetooth simplifies the adjustment and commissioning of sensors and controllers, often helping to prevent accidents. Regardless of the source of the level data, whether from large silos, remote measuring points, potentially hazardous environments, or intricate processing plants, VEGA sensors make the data available where it’s needed. Wireless data transmission is also used to retrieve status information from the sensors, such as reporting maintenance needs or requesting updates, effectively reducing downtime.

From a cybersecurity standpoint, challenges arise. Data is increasingly integrated into production and maintenance systems for further processing in offices or control rooms, creating a gap between operational and security functions.


Holistic security concept

VEGA has invested significantly in obtaining the certification following IEC 62443-4-2 while developing the VEGAPULS 6X. This international set of standards defines security requirements for both hardware and software, and the entire development process of the VEGAPULS 6X was aligned with it. TÜV Nord oversaw this work and rigorously tested every measure.

The VEGAPULS 6X prioritises safety by safeguarding its internal electronics against tampering. It employs a layered security approach called defence-in-depth, comprising various IT security layers such as production equipment security, network security, and security measures for different system components. This strategy protects against threats like data manipulation, denial of service (DoS) attacks, and espionage.

The VEGAPULS 6X incorporates extra security features that include user authentication. Each device is assigned a unique device code and a Bluetooth access code. The Bluetooth connections are encrypted using standardised cryptographic methods, and can be disabled after configuration. The instrument logs all locking and unlocking actions in its event memory, capturing all successful and unsuccessful attempts. Firmware integrity checks ensure the software update package is encrypted and signed, preventing unauthorised software from being loaded into the VEGAPULS 6X. Lastly, the instrument allows data backup for recovery through the DTM, with the option to save parameters using HART-enabled control systems.

What happens in a worst-case scenario?

When defending against a cyberattack, time is of the essence. Companies should make appropriate preparations, which include developing a clearly defined emergency plan to ensure that valuable time is not wasted in case of an attack. It is also essential to plan how to rebuild a secure system in case significant damage is done. The product security incident response team (PSIRT) at VEGA is always ready to help. These experts continuously search for vulnerabilities, assist with updates and patches, address customer enquiries, and take immediate action in critical situations, such as when a user discovers a vulnerability. VEGA also collaborates closely with CERT@VDE, an IT security platform for industrial companies, to report and investigate vulnerabilities.

VEGA level sensors have been used for monitoring industrial processes for many years. The VEGAPULS 6X sensor is designed to be easy to set up, regardless of the application area, technology, or sensor version. VEGA also focuses on simplifying aspects related to cybersecurity, acknowledging that cybersecurity is an ongoing, dynamic process that requires continuous attention. Although VEGA cannot absolve the plant operator of all responsibility, it does provide support by encouraging operators to implement security measures outlined in the guidelines. These guidelines also offer additional suggestions for enhancing the security of production systems.


Credit(s)



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

VEGA handles the pressures of water treatment systems
VEGA Controls SA Pressure Measurement & Control
A water treatment system for a major metropolitan area in the Midwestern United States demands careful monitoring and management of processes across its sprawling network. Choosing VEGA for its process automation needs meant more than just obtaining precise and reliable pressure sensors.

Read more...
Festo makes strides in establishing Fourth Industrial Revolution technical labs
Festo South Africa Editor's Choice News
Festo has long been referred to as the leader in industrial automation and technical education, but the role that they keep playing in driving educational transformation proves that they have earned and deserve their title.

Read more...
System integrators are a diverse market
Editor's Choice System Integration & Control Systems Design
System integrators (SIs) combine expertise on emergent technologies with real world experience. Working with SIs, it’s inevitable that at some point someone will say, “We’re not a typical SI.” And in many ways, it’s true. SIs come in all shapes and sizes.

Read more...
Case history 194: Boiler level control problem.
Michael Brown Control Engineering Editor's Choice Fieldbus & Industrial Networking
A boiler level control in a petrochemical refinery was causing problems, as the level was cycling badly and taking a long time to recover from sudden load changes. In addition, there were frequent high-level alarms.

Read more...
Enhancing beer brewing precision
VEGA Controls SA Pressure Measurement & Control
Brewing beer is a complex process that requires utmost precision in every step. To ensure precision, it is crucial to measure and control the pressure and point levels in the wort kettle and hops dissolver. Using VEGA instrumentation can offer numerous benefits to breweries.

Read more...
Level measurement in oil storage
VEGA Controls SA Level Measurement & Control
Measuring the level of crude oil in storage is essential for safe and efficient operations. VEGA offers solutions that effectively address the challenges, ensuring precise and consistent level measurements in crude oil storage facilities. VEGA’s sensors offer reliable data on the volume, level and pressure of all types of media. Accurate level measurement is complicated by crude oil thermal expansion properties, particularly in lighter oil grades.

Read more...
Oil and gas industry shifts from fossil fuels to renewable energy
Parker Hannifin - Sales Company South Africa Editor's Choice Electrical Power & Protection
The oil and gas industry is undergoing a paradigm shift as it grapples with the energy transition from fossil fuels to renewables, and oil and gas companies are investing in renewable energy as part of their decarbonisation efforts.

Read more...
Strategic approaches to legacy software in manufacturing
Editor's Choice IT in Manufacturing
One of the most critical and strategic roles of the CIO (or IT Manager) is to ensure that the business’ information systems and tools are well maintained and up to date. If a critical system fails, the business could come to a standstill, forcing people to scramble and revert to paper-based or backup systems. Even worse, production may stop, impacting the entire supply chain and all of your stakeholders.

Read more...
Smart e-mobility solutions
Schneider Electric South Africa Editor's Choice Electrical Power & Protection
While electric vehicles are gaining traction in many international markets, uptake of this green form of transport is still lagging somewhat in South Africa. Even so, local demand is growing, as more environmentally conscious motorists are seeking cleaner alternatives to internal combustion engines.

Read more...
Pushing technological boundaries with Festo Electric Automation solutions
Festo South Africa Editor's Choice
In the ever-evolving landscape of Industrial Automation, Festo Electric Automation solutions are at the forefront of a revolution, fundamentally reshaping production paradigms. As a global leader in automation, Festo focuses on intelligent connectivity to reduce costs, save time, and increase efficiency and convenience for customers.

Read more...