IT in Manufacturing


Bringing trust to the Internet of Things

Technews Industry Guide: Industrial Internet of Things & Industry 4.0 IT in Manufacturing

In this era of digital transformation, where companies are deploying digital technologies to improve their operations, deliver value to customers, and gain a competitive edge, IoT initiatives invariably form the backbone of those efforts.

Huge amounts of data are generated by and collected from a wide variety of IoT devices. It is then analysed and actions taken, depending on the results of the analysis. However, if you cannot trust the data and the devices that produce it, there is no point in undertaking the massive effort required to collect and analyse it in the first place, or even worse, make business decisions based on it. IoT security is all about enabling that trust, and that’s why it is such an important topic today.

Many IoT devices simply were not built with security in mind. The introduction of connectivity to legacy devices where it was never the original intention, or to newer devices whose designers lacked the expertise to develop for high-security networked environments, can result in the introduction of new and unanticipated vulnerabilities. And those vulnerabilities can be exploited by attackers to use an IoT device as a point of entry into a network, which they can then leverage to go after higher value systems and data.

Herman Kriel.
Herman Kriel.

The diversity of IoT devices and lack of standardisation pose challenges. However, proven time-tested security techniques – adapted to the IoT environment – are the key to addressing these. Digital certificates to uniquely identify devices and form a root of trust for IoT systems, firmware signing to ensure that devices can accept authentic and unaltered updates and security patches to eliminate discovered vulnerabilities, and encryption to protect sensitive data collected by IoT devices are three important technologies to enable a secure and scalable IoT.

Offering assurance

Securing the IoT is dependent on authenticating connected devices as an important part of ensuring that each one can be trusted to do what is expected of it. If organisations cannot trust the data and the devices producing it, why undertake the massive effort required to collect, analyse, and base decisions on it?

By providing each device with a unique identity that can be authenticated whenever it attempts to connect to a gateway or central server, it is possible to track its connection history and behaviour. Should a device behave in an unexpected way, an administrator can then quarantine it or revoke its network privileges.

Two thirds of the respondents to a recent survey, however, cited the poor authentication capabilities of IoT devices as one of their main security concerns – and with good reason. Strong authentication, based on a root of trust embedded at the time of device manufacture, is a linchpin to enable lifecycle security for medical devices.

In the case of medical IoT devices, assurance is required that the integrity of the device is maintained. It is crucial, for example, that a device receives the correct information to ensure it carries out the right action – such as delivering the correct dosage or recording the right measurements – at the right time. When a patient’s health is at stake, there should never be any doubt as to the integrity of the device and the data on which it relies.

Digital birth certificates

Providing this assurance, therefore, requires a solution that protects both the transfer and receipt of critical data, authenticates the addition of any new devices to the network to establish a root of trust and identity, and offers end-to-end encryption with strong key management. Only with such provisions in place can we be fully confident that our connected devices are secure.

Hardware security modules (HSMs) help IoT device manufacturers create a unique device identity or ‘digital birth certificate’ that can be authenticated when a device attempts to connect to a gateway or central server. With this unique ID in place, a device can be tracked throughout its lifecycle, and can be communicated with securely and prevented from executing harmful processes. If a device exhibits unexpected behaviour, its privileges can simply be revoked.

IoT security is seen by many today as a barrier to their IoT projects, particularly when treated as an add-on as opposed to a core component that must be designed in from the beginning. Security getting a seat at the table from the inception of IoT projects will evolve from being the exception to being the rule. And rather than being the ‘no’ people, the security team must recognise its role as a key enabler in the IoT, navigating the vast ecosystem of connected products and platforms, and developing ways to ensure and maintain trust.

About nCipher Security

Today’s fast moving digital environment enhances customer satisfaction, gives competitive advantage and improves operational efficiency. It also multiplies the security risks.

nCipher Security, a leader in the general purpose hardware security module (HSM) market, empowers world-leading organisations by delivering trust, integrity and control to their business-critical information and applications.

Its cryptographic solutions secure emerging technologies – cloud, IoT, blockchain, digital payments – and help meet new compliance mandates, using the same proven technology that global organisations depend on today to protect against threats to their sensitive data, network communications and enterprise infrastructure www.ncipher.com.

For more information contact Herman Kriel, CyberTech – A division of Altron, +27 11 879 5907, hermank@acs.altech.co.za, www.cybertechsa.com





Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The importance of good project management
Iritron IT in Manufacturing
A structured way of organising work can help identify and resolve problems in an efficient manner before the implications have a chance to escalate.

Read more...
Experience Eplan Platform 2022
EPLAN Software & Services IT in Manufacturing
Eplan heralds the future of electrotechnical engineering with a focus on ease-of-use for both experienced users and for newcomers to its software.

Read more...
Is your company still using paper-based maintenance procedures?
KVMTech IT in Manufacturing
To better manage compliance and calibration services, it is critical to choose a solution with global asset compliance at the core.

Read more...
Digital transformation in mining
Endress+Hauser South Africa IT in Manufacturing
The mining industry is in a prime position to benefit from the adoption of digital technology across its operations.

Read more...
Get full value from factory floor data with data sciences
Omron Electronics IT in Manufacturing
Valuable information needs to be extracted from the data and presented to the right audience, at the right time and in the right way.

Read more...
Collaboration in the automation ecosystem
EPLAN Software & Services IT in Manufacturing
Data created in the engineering process must be shared with everyone involved in the process.

Read more...
Siemens’ software for digital transformation of automotive design
Siemens South Africa IT in Manufacturing
Model-based development process and systems are used in Japan and globally to adapt to the biggest automotive transformation in 100 years.

Read more...
Is track and trace through the factory a waste of time?
Iritron IT in Manufacturing
Modern track and trace solutions are purpose-built to introduce as little disruption to the existing production process as possible, while also being flexible enough to cater for plants that range from fully manual to fully automated.

Read more...
Modularity for scalability
RJ Connect IT in Manufacturing
Businesses are looking for versatile solutions that are easy to maintain to ensure smooth operations while keeping costs down.

Read more...
Saryx launches TMP
Saryx Engineering Group IT in Manufacturing
The digital transformation that has swept the world in the past few years has fundamentally altered most people’s approach to technology, with an increasing number seeking the ability to manage their ...

Read more...