Safe production in Industry 4.0
Beautiful new production world
For value-creation chains that span multiple locations, equipment, robotics, systems components, minicomputers in components and sensors are all networked with each other in Industry 4.0. They exchange data, retrieve the status of equipment and components, calculate the optimal sequence of work processes, schedule equipment usage and much more. Yet with the entry of communications into factories via Internet technologies, the safety risk also increases. Beside the known viruses, there are new, custom-tailored malware programs threatening the networked production plants. They can spy out system parameters, remotely control machinery, manipulate controls or paralyze processes.
Industry 4.0 networks therefore require particular protective measures, sophisticated network technology and effective test methods that detect security gaps and close them reliably. With an IT security laboratory specially equipped for production and automation technology, the IOSB in Karlsruhe provides a secured test environment in order to readjust potential attacks on production networks, to study the effects and thus, to deduce new strategies and suitable defense measures. It also enables researchers to assess the security functions of conventional communications standards and protocols for industrial automation systems. These regulate, among other things, the data encryption to counter product piracy, espionage and sabotage.
Different framework conditions than in office IT
“IT security in industrial production must take into account entirely different framework conditions that do not exist accordingly in Office IT,“ said Birger Krägelin, project manager at IOSB’s IT Security Laboratory. The control of production facilities entails real time requirements that make changes to the systems difficult. Downloading available software patches onto the systems and installing surveillance software, malware scanners, and antivirus programs influence the stability of meticulously coordinated processes. By the same token, production processes affect conditions when updates can be realized. Firewalls within the network and encrypted connection between systems can diminish real-time conditions. „For example, it is possible that the built-in of known security measures from the office environment can delay the dispatch of messages between computers. That can lead to conveyor belts running slower, valves or outlets closing with a delay, light barriers are triggered incorrectly, the rotational speed of motors increases, or control components break down,“ Krägelin explained. Even the relatively long usage period of hardware and software in production is markedly different from other areas where IT is deployed.
In order to find and establish appropriate IT security mechanisms for the production environment, the research team of specialists in automation technology and IT security equipped the laboratory accordingly. It features its own model factory with real automation components that control a simulated production facility, complete with conveyor belts, electric motors, robots, and lifting equipment. All network levels of a factory are equipped with typical components, including firewalls, circuits, and components for wireless parts. Having its own private cloud means it is possible for the IOSB experts to flexibly arrange various configurations and set up the model factory for a variety of scenarios.
Companies can use the laboratory so they can consult on the planning and operational launch of secure industrial network structures. In addition, they benefit from the know-how of the IOSB experts when it comes to the analysis of their already existing network and components. Furthermore, the researchers want to offer the laboratory in the future as an education and learning platform for training measures.