IT in Manufacturing


Bringing trust to the Internet of Things

Technews Industry Guide: Industrial Internet of Things & Industry 4.0 IT in Manufacturing

In this era of digital transformation, where companies are deploying digital technologies to improve their operations, deliver value to customers, and gain a competitive edge, IoT initiatives invariably form the backbone of those efforts.

Huge amounts of data are generated by and collected from a wide variety of IoT devices. It is then analysed and actions taken, depending on the results of the analysis. However, if you cannot trust the data and the devices that produce it, there is no point in undertaking the massive effort required to collect and analyse it in the first place, or even worse, make business decisions based on it. IoT security is all about enabling that trust, and that’s why it is such an important topic today.

Many IoT devices simply were not built with security in mind. The introduction of connectivity to legacy devices where it was never the original intention, or to newer devices whose designers lacked the expertise to develop for high-security networked environments, can result in the introduction of new and unanticipated vulnerabilities. And those vulnerabilities can be exploited by attackers to use an IoT device as a point of entry into a network, which they can then leverage to go after higher value systems and data.

Herman Kriel.
Herman Kriel.

The diversity of IoT devices and lack of standardisation pose challenges. However, proven time-tested security techniques – adapted to the IoT environment – are the key to addressing these. Digital certificates to uniquely identify devices and form a root of trust for IoT systems, firmware signing to ensure that devices can accept authentic and unaltered updates and security patches to eliminate discovered vulnerabilities, and encryption to protect sensitive data collected by IoT devices are three important technologies to enable a secure and scalable IoT.

Offering assurance

Securing the IoT is dependent on authenticating connected devices as an important part of ensuring that each one can be trusted to do what is expected of it. If organisations cannot trust the data and the devices producing it, why undertake the massive effort required to collect, analyse, and base decisions on it?

By providing each device with a unique identity that can be authenticated whenever it attempts to connect to a gateway or central server, it is possible to track its connection history and behaviour. Should a device behave in an unexpected way, an administrator can then quarantine it or revoke its network privileges.

Two thirds of the respondents to a recent survey, however, cited the poor authentication capabilities of IoT devices as one of their main security concerns – and with good reason. Strong authentication, based on a root of trust embedded at the time of device manufacture, is a linchpin to enable lifecycle security for medical devices.

In the case of medical IoT devices, assurance is required that the integrity of the device is maintained. It is crucial, for example, that a device receives the correct information to ensure it carries out the right action – such as delivering the correct dosage or recording the right measurements – at the right time. When a patient’s health is at stake, there should never be any doubt as to the integrity of the device and the data on which it relies.

Digital birth certificates

Providing this assurance, therefore, requires a solution that protects both the transfer and receipt of critical data, authenticates the addition of any new devices to the network to establish a root of trust and identity, and offers end-to-end encryption with strong key management. Only with such provisions in place can we be fully confident that our connected devices are secure.

Hardware security modules (HSMs) help IoT device manufacturers create a unique device identity or ‘digital birth certificate’ that can be authenticated when a device attempts to connect to a gateway or central server. With this unique ID in place, a device can be tracked throughout its lifecycle, and can be communicated with securely and prevented from executing harmful processes. If a device exhibits unexpected behaviour, its privileges can simply be revoked.

IoT security is seen by many today as a barrier to their IoT projects, particularly when treated as an add-on as opposed to a core component that must be designed in from the beginning. Security getting a seat at the table from the inception of IoT projects will evolve from being the exception to being the rule. And rather than being the ‘no’ people, the security team must recognise its role as a key enabler in the IoT, navigating the vast ecosystem of connected products and platforms, and developing ways to ensure and maintain trust.

About nCipher Security

Today’s fast moving digital environment enhances customer satisfaction, gives competitive advantage and improves operational efficiency. It also multiplies the security risks.

nCipher Security, a leader in the general purpose hardware security module (HSM) market, empowers world-leading organisations by delivering trust, integrity and control to their business-critical information and applications.

Its cryptographic solutions secure emerging technologies – cloud, IoT, blockchain, digital payments – and help meet new compliance mandates, using the same proven technology that global organisations depend on today to protect against threats to their sensitive data, network communications and enterprise infrastructure www.ncipher.com.

For more information contact Herman Kriel, CyberTech – A division of Altron, +27 11 879 5907, hermank@acs.altech.co.za, www.cybertechsa.com





Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Tools keep HVACR professionals on the cutting edge
June 2020, Danfoss , IT in Manufacturing
Danfoss has announced that Refrigerant Slider, its popular P/T calculation app that has over 2 million downloads, will transform into Ref Tools, an essential, all-in-one mobile app for air conditioning ...

Read more...
Safety starts with people
May 2020, Saryx Engineering Group , IT in Manufacturing
Saryx Engineering’s HSEC Online has always based its business model on the safety of people; putting people first by using innovative technology to track document compliance. Now, as we move into the ...

Read more...
Smart contract management
June 2020 , IT in Manufacturing
SA blockchain enterprise smart contracting solution ranked within top three by IBM.

Read more...
Software for locating system
June 2020, Siemens Digital Industries , IT in Manufacturing
Siemens has introduced its new ‘Location Intelligence’ software, which expands the Simatic RTLS (real-time locating system) to include the digital twin. The web-based software analyses and visualises ...

Read more...
Endress+Hauser partner programme is gaining importance through IIoT solutions
June 2020, Endress+Hauser South Africa , IT in Manufacturing
How can field instruments and components be easily integrated into automation systems? The answer is becoming increasingly important as industrial production digitalisation progresses. The Endress+Hauser ...

Read more...
Safety starts with tracking
June 2020, Saryx Engineering Group , IT in Manufacturing
Saryx Engineering’s HSEC Online has always based its business model on the safety of people; putting people first by using innovative technology to track document compliance. Now, as we move into the ...

Read more...
Remote support of critical production systems in Covid-19
June 2020 , IT in Manufacturing
The lockdown forced a finer look at the efficacy of supporting our production-critical systems: how good are our modern IT systems in allowing the workforce to work from home, access the business network ...

Read more...
Emerson’s software secures health and safety
May 2020, Emerson Automation Solutions , IT in Manufacturing
Emerson’s new DataManager software v8.2 helps refiners monitor corrosion of hydrofluoric (HF) acid alkylation units to prevent costly, unplanned shutdowns and maximise profits and productivity. DataManager ...

Read more...
@Ease with Endress+Hauser
May 2020, Endress+Hauser South Africa , IT in Manufacturing
Focus on customer experience.

Read more...
Moxa’s industrial cybersecurity solutions
May 2020, RJ Connect , IT in Manufacturing
Industrial networks today are no longer air-gapped and immune from cybersecurity threats. Although deploying a firewall and segmenting networks is a good first step, how are OT engineers, who primarily ...

Read more...