IT in Manufacturing


Bringing trust to the Internet of Things

Technews Industry Guide: Industrial Internet of Things & Industry 4.0 IT in Manufacturing

In this era of digital transformation, where companies are deploying digital technologies to improve their operations, deliver value to customers, and gain a competitive edge, IoT initiatives invariably form the backbone of those efforts.

Huge amounts of data are generated by and collected from a wide variety of IoT devices. It is then analysed and actions taken, depending on the results of the analysis. However, if you cannot trust the data and the devices that produce it, there is no point in undertaking the massive effort required to collect and analyse it in the first place, or even worse, make business decisions based on it. IoT security is all about enabling that trust, and that’s why it is such an important topic today.

Many IoT devices simply were not built with security in mind. The introduction of connectivity to legacy devices where it was never the original intention, or to newer devices whose designers lacked the expertise to develop for high-security networked environments, can result in the introduction of new and unanticipated vulnerabilities. And those vulnerabilities can be exploited by attackers to use an IoT device as a point of entry into a network, which they can then leverage to go after higher value systems and data.

Herman Kriel.
Herman Kriel.

The diversity of IoT devices and lack of standardisation pose challenges. However, proven time-tested security techniques – adapted to the IoT environment – are the key to addressing these. Digital certificates to uniquely identify devices and form a root of trust for IoT systems, firmware signing to ensure that devices can accept authentic and unaltered updates and security patches to eliminate discovered vulnerabilities, and encryption to protect sensitive data collected by IoT devices are three important technologies to enable a secure and scalable IoT.

Offering assurance

Securing the IoT is dependent on authenticating connected devices as an important part of ensuring that each one can be trusted to do what is expected of it. If organisations cannot trust the data and the devices producing it, why undertake the massive effort required to collect, analyse, and base decisions on it?

By providing each device with a unique identity that can be authenticated whenever it attempts to connect to a gateway or central server, it is possible to track its connection history and behaviour. Should a device behave in an unexpected way, an administrator can then quarantine it or revoke its network privileges.

Two thirds of the respondents to a recent survey, however, cited the poor authentication capabilities of IoT devices as one of their main security concerns – and with good reason. Strong authentication, based on a root of trust embedded at the time of device manufacture, is a linchpin to enable lifecycle security for medical devices.

In the case of medical IoT devices, assurance is required that the integrity of the device is maintained. It is crucial, for example, that a device receives the correct information to ensure it carries out the right action – such as delivering the correct dosage or recording the right measurements – at the right time. When a patient’s health is at stake, there should never be any doubt as to the integrity of the device and the data on which it relies.

Digital birth certificates

Providing this assurance, therefore, requires a solution that protects both the transfer and receipt of critical data, authenticates the addition of any new devices to the network to establish a root of trust and identity, and offers end-to-end encryption with strong key management. Only with such provisions in place can we be fully confident that our connected devices are secure.

Hardware security modules (HSMs) help IoT device manufacturers create a unique device identity or ‘digital birth certificate’ that can be authenticated when a device attempts to connect to a gateway or central server. With this unique ID in place, a device can be tracked throughout its lifecycle, and can be communicated with securely and prevented from executing harmful processes. If a device exhibits unexpected behaviour, its privileges can simply be revoked.

IoT security is seen by many today as a barrier to their IoT projects, particularly when treated as an add-on as opposed to a core component that must be designed in from the beginning. Security getting a seat at the table from the inception of IoT projects will evolve from being the exception to being the rule. And rather than being the ‘no’ people, the security team must recognise its role as a key enabler in the IoT, navigating the vast ecosystem of connected products and platforms, and developing ways to ensure and maintain trust.

About nCipher Security

Today’s fast moving digital environment enhances customer satisfaction, gives competitive advantage and improves operational efficiency. It also multiplies the security risks.

nCipher Security, a leader in the general purpose hardware security module (HSM) market, empowers world-leading organisations by delivering trust, integrity and control to their business-critical information and applications.

Its cryptographic solutions secure emerging technologies – cloud, IoT, blockchain, digital payments – and help meet new compliance mandates, using the same proven technology that global organisations depend on today to protect against threats to their sensitive data, network communications and enterprise infrastructure www.ncipher.com.

For more information contact Herman Kriel, CyberTech – A division of Altron, +27 11 879 5907, hermank@acs.altech.co.za, www.cybertechsa.com




Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

IIoT platforms, not all created equal
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Altron Bytes Systems Integration , IT in Manufacturing
Having a state-of-the-art architecture based on the most modern technology will not benefit any company unless it is tied to a specific purpose and business outcome.

Read more...
So, what’s left for us humans after the machines take over?
Technews Industry Guide: Industrial Internet of Things & Industry 4.0 , IT in Manufacturing
That said, there are some guidelines that can be put in place. An obvious career path exists in being ‘on the other side of the code’, as it were – being the one who writes the code, who trains the machine, ...

Read more...
Staying ahead of industrial cyber-security threats
July 2019, Parker Hannifin Sales Company South , IT in Manufacturing
The consequences of cyber attacks on businesses can be huge, operation downtime, loss of productivity, proprietary information loss, diminished reputation among customers, business partners and investors and disruption of services.

Read more...
Comos version 10.3 saves time
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Siemens Digital Industries , IT in Manufacturing
Modular engineering with intelligent templates and central data storage.

Read more...
Innovation and intelligence for smart manufacturing
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Omron Electronics , IT in Manufacturing
Adaptive algorithms offer new ways to optimise production lines.

Read more...
Securing the smart factory?
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Throughput Technologies , IT in Manufacturing
Secomea provides secure remote access without the need for advanced firewall configuration.

Read more...
Digitalisation drives compressed air system development
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Siemens Digital Industries , IT in Manufacturing
German company, Otto Boge (Boge), develops compressed air systems for which it offers an extensive portfolio of components, machines and complete plants. To increase the efficiency of its production, ...

Read more...
Industrial cybersecurity risk assessment and management
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Proconics , IT in Manufacturing
Since the acceptance of the various IEC62443 modules as national standards: SANS62443-2-1/4, SATS62443-1-1 and SATR62443-3-1, there has been confusion about the requirements, methodologies and implementation. ...

Read more...
High-performance rackmount computers for Industry 4.0
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, RJ Connect , IT in Manufacturing
With more and more companies implementing IIoT applications, the demand to connect hundreds or thousands of devices to industrial automation systems has increased dramatically. Moxa’s DA-720, a high-performance ...

Read more...
SHEQ document reporting in real-time
Technews Industry Guide: Industrial Internet of Things & Industry 4.0 , IT in Manufacturing
While the manual compilation of a Safety, Health, Environment and Quality (SHEQ) documentation report can take up to 20 man hours, Passport 360 can potentially slash this to an astonishing three minutes. This ...

Read more...