Industry 4.0 is the digital transformation of manufacturing/production and related industries and value creation processes.”
It’s a topic that’s sparked intense interest as organisations look to 4.0 initiatives to help increase productivity, become more agile, accelerate innovation and ultimately decrease cost and increase profits. One of the biggest challenges any organisation will face in pursuing these goals, is how best to defend against cyberattack while still maintaining system availability and integrity.
Traditional Defences
Historically of course with strictly segregated operational technology (OT) and information technology (IT) networks, cybersecurity was both simple but also inflexible and tended to introduce latency into business processes.
Systems were not connected to the Internet. Within the business ERP and MRP systems communicated with each other. Data from the OT network at each site fed production data into the business via data diodes – unidirectional communication links that allowed data to flow in one direction only.
As a consequence, logging and archiving data was available internally but was necessarily fragmented and the inflexibility of the model created latency in business processes such as scheduling and maintenance.
An Explosion of Interfaces
Today, the same fundamental architectures and technologies are used but the advent of the industrial internet of things – interconnected sensors, instruments, and other devices – has created an explosion in interfaces between the OT and IT networks with a consequent increase in exposure to cyberattack.
With Industry 4.0, the cloud takes centre stage with ERP systems, MRP systems, equipment manufacturers and business partners benefitting from site data in the cloud that delivers a 360 view of operational network and assets in real-time. It’s a highly seductive view of the world, but there are no real blueprints on how to get there and no reference benchmarks on how to implement secure data transfer between systems of different sensitivity in a way that supports the move to 4.0.
Evolving Needs
Making the technical journey to 4.0 is really a case of evolution not revolution. The logical start point is to begin with securing the data transfer between OT and IT. This will typically involve extracting data for SIEM logging, monitoring the performance and security of the OT network. A further requirement will be to extract data from the OT network to support the predictive maintenance of OT equipment.
The next stage in this evolution is to secure the data transfer between IT to OT. Here, the requirement will typically be to secure scheduling feeds, and ensure OT systems are kept up to date with latest O/S and application patches.
Now it becomes possible to secure data transfer between the OT and the cloud, for example handling SIEM logging but this time making it possible to do cloud-based monitoring and sharing of OT data, delivering that 360 view of OT plant and assets to stakeholders wherever they are.
Enabling Technologies
This evolutionary approach requires critical infrastructure providers to acknowledge what is a very hostile cybersecurity landscape. Cyberattacks on critical infrastructure are growing in frequency and potential severity. Whether it’s Stuxnet attacking systems using a combination of zero-day attacks, Triton targeting industrial safety technology from Schneider Electric, or Shamoon 3 targeting the oil, gas, energy and telecom sectors across the Middle East and beyond. Defending against cyberattacks is a persistent challenge.
If this information is helpful to you read our blog for more interesting and useful content, tips and guildelines on similar topics. Contact the team of COMPUTER 2000 Bulgaria now if you have a specific question. Our specialists will be asiisting you with your query.
Content curated by the team of COMPUTER 2000 on the bases of marketing materials provided by our partners/vendors.
Follow us to learn more
CONTACT US
Let’s walk through the journey of digital transformation together.