Technology fuelling the Internet of Things (IoT) continues to advance at a rapid pace, changing the way industrial companies operate. However, the benefits of this technology come with certain security risks, ransomware, malware, worms, viruses, phishing scams and account hijacking. These unfortunate cyber-security threats are a very real part of the IoT landscape.
To prevent and secure against the worst threats, we have to think a little like the bad guys. For example, how could motion and control technology be used against us? Would it be possible to hack into a water treatment plant, open a valve and release lethal amounts of fluoride into public drinking water supplies? As more and more devices are connected to the Internet, the type and number of possible threats also grow.
Approximately 328 million new devices are connected to the Internet each month, further complicating modern cybersecurity challenges. According to Gartner Research, the number of IoT-enabled devices will reach 60 billion by 2025. Many of these devices go into production machines, robotic equipment, assembly lines, mill and plant equipment and a variety of other industrial applications. The devices are embedded with electronics, software, sensors, actuators and network connectivity, which enable them to collect and exchange data.
While engineers at many industrial and manufacturing companies have implemented IoT strategies to tap into the opportunities that data streams from their own machines can provide, some are reluctant to move forward with IoT initiatives out of concern for data security or loss of proprietary information. The consequences of cyber attacks on businesses can be huge, operation downtime, loss of productivity, proprietary information loss, diminished reputation among customers, business partners and investors and disruption of services. Basically, cybersecurity impacts almost every aspect of the business.
Voice of the Machine is Parker’s platform for secure IoT. It is an open, interoperable and scalable ecosystem of securely connected products and systems. This platform is designed to monitor assets remotely, keep critical systems productive and continually improve cybersecurity safety for customers. Parker’s focus is on machine and component analytics, with a heavy emphasis on discrete IoT and component models. Discrete IoT is a component-centric approach, where distinct component insights form the foundation for higher level decision making.
Parker cybersecurity standards
Parker’s approach to cybersecurity involves multiple steps in the IoT data gathering, transfer and storage processes. It starts with the machines and the sensors or measuring devices built into them. Data gathered from the sensors is encrypted before it is transferred to a cloud server, using an asymmetric encryption mechanism, where the data is stored. The encryption mechanism translates data from one form to another form, which is commonly referred to as ‘ciphertext’, by using an encryption algorithm and an encryption key. To read that ciphertext data or view it in its original form, a viewer would be required to use a secret key or password for enabling the decrypting process.
There are two types of data encryption. Asymmetric encryption, also known as ‘public-key’ encryption, uses public and private keys to encrypt and then decrypt data. The second type, symmetric encryption, uses a secret key, which can be a number, a word, or just a string of random letters. The secret key is applied to the text of a message to change the content in a particular way.
Instead of sending data to a cloud server, customers may choose to send it to their onsite servers through their internal wired network or by Bluetooth connectivity via a wireless network. Onsite servers are inherently safer because they are protected internally by firewall rules within a company’s network. However, the downside is that companies must then keep up with unpredictable server software updates and various access control mechanisms.
Another critical step is the requirement of a digital certificate to gain access to the data. The certificate is authenticated through a unique set of credentialing and identification steps for each device to enable connectivity. Parker can establish individual identities and credentials for each connected device to retain the confidentiality of both cloud-to-device and device-to-cloud data transfers. Only after completing these security measures are users allowed access to the data.
The Voice of the Machine has secure protocols to control access to connected devices. Using roles and permissions management techniques, the protocols limit access to information flows between intermittent or continuously connected devices and the line-of-business assets (i.e., not general-purpose devices such as personal PCs, smart phones or tablets) and the cloud-based backend systems for the purpose of analysis, control and business process integration.
The networking architecture accommodates large-scale IoT environments. It works with devices for industrial machinery that typically produce big data streams. After initialisation of IoT devices, Parker provides secure software and firmware updates to the connected gateways and electronic devices in the field. The ability to use a secure, over the air (OTA) update without having to recall the entire connected device can substantially save on time and cost to update deployed solutions. Using secure OTA updates is an important capability that enables Parker and other companies to respond quickly to security breaches. A distributed denial-of-service (DDoS) attack, for example, occurs when multiple systems flood the bandwidth of a targeted system, such as web servers. OTA updates mitigate the impact of these DDoS attacks by remotely securing IoT devices once any vulnerability has been found. Cybersecurity threats are constantly evolving, which is why Parker is constantly reviewing and testing its cybersecurity strategies, making improvements to them in an ongoing way.
More than protection
Voice of the Machine is built to minimise disruption from cybersecurity threats, processes and systems, and uncover opportunities to improve operations. In both OEM and aftermarket applications, Parker’s legacy products can often be retrofitted to enable IoT and related security capabilities. Parker’s experience in protecting customer assets includes IoT deployment in water treatment, mining, medical, military, energy, entertainment and other industries which demand the best security available. Future measures of safety to support Parker products will involve monitoring network traffic for intrusions and ongoing audits of IoT installations after products are sold to help customers secure their proprietary customer data.
Human intelligence, augmented with machine generated insights from Voice of the Machine, is a part of a continuous learning effort at Parker to achieve higher levels of operational performance for customers.
|Tel:||+27 11 961 0700|
|Fax:||+27 11 392 7213|
|Articles:||More information and articles about Parker Hannifin Sales Company South|
© Technews Publishing (Pty) Ltd | All Rights Reserved