IT in Manufacturing


Staying ahead of industrial cyber-security threats

July 2019 IT in Manufacturing

Technology fuelling the Internet of Things (IoT) continues to advance at a rapid pace, changing the way industrial companies operate. However, the benefits of this technology come with certain security risks, ransomware, malware, worms, viruses, phishing scams and account hijacking. These unfortunate cyber-security threats are a very real part of the IoT landscape.

To prevent and secure against the worst threats, we have to think a little like the bad guys. For example, how could motion and control technology be used against us? Would it be possible to hack into a water treatment plant, open a valve and release lethal amounts of fluoride into public drinking water supplies? As more and more devices are connected to the Internet, the type and number of possible threats also grow.

Approximately 328 million new devices are connected to the Internet each month, further complicating modern cybersecurity challenges. According to Gartner Research, the number of IoT-enabled devices will reach 60 billion by 2025. Many of these devices go into production machines, robotic equipment, assembly lines, mill and plant equipment and a variety of other industrial applications. The devices are embedded with electronics, software, sensors, actuators and network connectivity, which enable them to collect and exchange data.

While engineers at many industrial and manufacturing companies have implemented IoT strategies to tap into the opportunities that data streams from their own machines can provide, some are reluctant to move forward with IoT initiatives out of concern for data security or loss of proprietary information. The consequences of cyber attacks on businesses can be huge, operation downtime, loss of productivity, proprietary information loss, diminished reputation among customers, business partners and investors and disruption of services. Basically, cybersecurity impacts almost every aspect of the business.

Voice of the Machine is Parker’s platform for secure IoT. It is an open, interoperable and scalable ecosystem of securely connected products and systems. This platform is designed to monitor assets remotely, keep critical systems productive and continually improve cybersecurity safety for customers. Parker’s focus is on machine and component analytics, with a heavy emphasis on discrete IoT and component models. Discrete IoT is a component-centric approach, where distinct component insights form the foundation for higher level decision making.

Parker cybersecurity standards

Parker’s approach to cybersecurity involves multiple steps in the IoT data gathering, transfer and storage processes. It starts with the machines and the sensors or measuring devices built into them. Data gathered from the sensors is encrypted before it is transferred to a cloud server, using an asymmetric encryption mechanism, where the data is stored. The encryption mechanism translates data from one form to another form, which is commonly referred to as ‘ciphertext’, by using an encryption algorithm and an encryption key. To read that ciphertext data or view it in its original form, a viewer would be required to use a secret key or password for enabling the decrypting process.

There are two types of data encryption. Asymmetric encryption, also known as ‘public-key’ encryption, uses public and private keys to encrypt and then decrypt data. The second type, symmetric encryption, uses a secret key, which can be a number, a word, or just a string of random letters. The secret key is applied to the text of a message to change the content in a particular way.

Instead of sending data to a cloud server, customers may choose to send it to their onsite servers through their internal wired network or by Bluetooth connectivity via a wireless network. Onsite servers are inherently safer because they are protected internally by firewall rules within a company’s network. However, the downside is that companies must then keep up with unpredictable server software updates and various access control mechanisms.

Another critical step is the requirement of a digital certificate to gain access to the data. The certificate is authenticated through a unique set of credentialing and identification steps for each device to enable connectivity. Parker can establish individual identities and credentials for each connected device to retain the confidentiality of both cloud-to-device and device-to-cloud data transfers. Only after completing these security measures are users allowed access to the data.

The Voice of the Machine has secure protocols to control access to connected devices. Using roles and permissions management techniques, the protocols limit access to information flows between intermittent or continuously connected devices and the line-of-business assets (i.e., not general-purpose devices such as personal PCs, smart phones or tablets) and the cloud-based backend systems for the purpose of analysis, control and business process integration.

The networking architecture accommodates large-scale IoT environments. It works with devices for industrial machinery that typically produce big data streams. After initialisation of IoT devices, Parker provides secure software and firmware updates to the connected gateways and electronic devices in the field. The ability to use a secure, over the air (OTA) update without having to recall the entire connected device can substantially save on time and cost to update deployed solutions. Using secure OTA updates is an important capability that enables Parker and other companies to respond quickly to security breaches. A distributed denial-of-service (DDoS) attack, for example, occurs when multiple systems flood the bandwidth of a targeted system, such as web servers. OTA updates mitigate the impact of these DDoS attacks by remotely securing IoT devices once any vulnerability has been found. Cybersecurity threats are constantly evolving, which is why Parker is constantly reviewing and testing its cybersecurity strategies, making improvements to them in an ongoing way.

More than protection

Voice of the Machine is built to minimise disruption from cybersecurity threats, processes and systems, and uncover opportunities to improve operations. In both OEM and aftermarket applications, Parker’s legacy products can often be retrofitted to enable IoT and related security capabilities. Parker’s experience in protecting customer assets includes IoT deployment in water treatment, mining, medical, military, energy, entertainment and other industries which demand the best security available. Future measures of safety to support Parker products will involve monitoring network traffic for intrusions and ongoing audits of IoT installations after products are sold to help customers secure their proprietary customer data.

Human intelligence, augmented with machine generated insights from Voice of the Machine, is a part of a continuous learning effort at Parker to achieve higher levels of operational performance for customers.

For more information contact Lisa de Beer, Parker Hannifin SA, +27 11 961 0700, lisa.debeer@parker.com, www.parker.com/za


Credit(s)



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

IIoT platforms, not all created equal
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Altron Bytes Systems Integration , IT in Manufacturing
Having a state-of-the-art architecture based on the most modern technology will not benefit any company unless it is tied to a specific purpose and business outcome.

Read more...
Bringing trust to the Internet of Things
Technews Industry Guide: Industrial Internet of Things & Industry 4.0 , IT in Manufacturing
Huge amounts of data are generated by and collected from a wide variety of IoT devices. It is then analysed and actions taken, depending on the results of the analysis. However, if you cannot trust the ...

Read more...
So, what’s left for us humans after the machines take over?
Technews Industry Guide: Industrial Internet of Things & Industry 4.0 , IT in Manufacturing
That said, there are some guidelines that can be put in place. An obvious career path exists in being ‘on the other side of the code’, as it were – being the one who writes the code, who trains the machine, ...

Read more...
Comos version 10.3 saves time
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Siemens Digital Industries , IT in Manufacturing
Modular engineering with intelligent templates and central data storage.

Read more...
Innovation and intelligence for smart manufacturing
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Omron Electronics , IT in Manufacturing
Adaptive algorithms offer new ways to optimise production lines.

Read more...
Securing the smart factory?
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Throughput Technologies , IT in Manufacturing
Secomea provides secure remote access without the need for advanced firewall configuration.

Read more...
Digitalisation drives compressed air system development
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Siemens Digital Industries , IT in Manufacturing
German company, Otto Boge (Boge), develops compressed air systems for which it offers an extensive portfolio of components, machines and complete plants. To increase the efficiency of its production, ...

Read more...
Industrial cybersecurity risk assessment and management
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, Proconics , IT in Manufacturing
Since the acceptance of the various IEC62443 modules as national standards: SANS62443-2-1/4, SATS62443-1-1 and SATR62443-3-1, there has been confusion about the requirements, methodologies and implementation. ...

Read more...
High-performance rackmount computers for Industry 4.0
Technews Industry Guide: Industrial Internet of Things & Industry 4.0, RJ Connect , IT in Manufacturing
With more and more companies implementing IIoT applications, the demand to connect hundreds or thousands of devices to industrial automation systems has increased dramatically. Moxa’s DA-720, a high-performance ...

Read more...
SHEQ document reporting in real-time
Technews Industry Guide: Industrial Internet of Things & Industry 4.0 , IT in Manufacturing
While the manual compilation of a Safety, Health, Environment and Quality (SHEQ) documentation report can take up to 20 man hours, Passport 360 can potentially slash this to an astonishing three minutes. This ...

Read more...