Wednesday 24 September 2014

Industrial Equipment & Network Security - A Growing Concern

Increasingly our industrial world is adopting Information Technology (IT) advances such as networking, remote control via the web, mobile interfaces, 802.11 wireless, USB support,  and now cloud based applications in the race to stay ahead in this competitive world. This application of technology may be coming a a cost of vulnerability and we need to look at this.

At the recent International Manufacturing Technology Show (IMTS 2014) in Chicago, exhibitors showed how they could leverage every advance in the IT world on to the factory floor. At the leading edge 100,000 sq ft DMG MORI booth, amazing new controllers and machines with remote OEM support options and high tech interfaces made in their new Davis, California plant were highlighted.

Following DMG MORI's lead, every manufacturer wants to reduce costs and yet enhance customer service - and leveraging IT is a great way to do so. That said, this openness cannot be done at the cost of making the system less secure and opening up the potential for a cyber attack and disaster.

Anyone in the defense industry (especially in the US) has heard of the International Treaty of Arms Reduction (ITAR) and the many security requirements that this program entails. Right now security on the factory floor is focused on perimeter control (network, magnetic card locks, video surveillance, etc) and the human element (checking out each worker and contractor). This may not be good enough in the future - we must get security into each machine.

The opportunity here is to investigate Machine to Machine (M2M) security systems - having part programs secure right to each machine (and perhaps once in them). Machine protocols like open source XML-based MTConnect need a secure version to be considered for ITAR or even cloud-based machine monitoring and Overall Equipment Effectiveness (OEE) programs.

In the days to come, Nexas will be looking into just what would be needed to provide secure factory communications to enable mobile, wireless and cloud-based applications. If factory floor network security is not yet a concern - I think it should be. This may indeed be the "next big thing" in the manufacturing sector worldwide...


Reference Links You Should Check Out...

1. 2014 Kaspersky Industrial Security Review
2. LoJack System for Cargo
3. IMPERVIO Information Rights Management System
4. Finding Your Cyber-Security Weak Spots
5. Tofino Factory Automation Security