Industry 4.0: How cybersecurity threats are everyone’s business

A big part of Industry 4.0 requires the successful integration of the supply chain into the manufacturing process.  In the ideal vision, a close cooperation, with rapid information sharing, is established between suppliers, the manufacturer and end customers. This cooperation leads to the elimination of inefficiencies in manufacturing, economies in procurement, automated decision making, consistent data and collaboration between manufacturer and suppliers, and product agility or customization.

But these goals demand a major paradigm shift from traditional manufacturing infrastructure, where the factories were isolated from the internet by air-gapping them. IoT devices and controllers have been introduced. External (IT) networks have been connected to the OT system. New firewalls attempt to protect the manufacturing infrastructure from malicious interference, but perimeter security has limitations as Industry 4.0 moves the factory floor from a centralized, hierarchical architecture to a decentralized / distributed system model. In significant ways, the traditional ‘stacked’ model of ISA-95 is being replaced by an ad-hoc collection of devices and agents that talk freely among each other.

With the new infrastructure model, assessment of cybersecurity risk is problematic.  Attacks could come from anywhere since the devices are all interconnected and potentially cooperating. Legacy devices upgraded for connecting to the new infrastructure could be weakly protected since they are constrained by limited resources. Traditional, casual security approaches that were driven by convenience, local accessibility/control and safety concerns are now risks due to new attack surfaces being introduced (no more yellow sticky notes with the passwords please!).  Above all, Stuxnet, Industroyer, IronGate, etc have shown that the legacy perimeter defense paradigm is insufficient today; you need defense in depth.

In addition to exposing new threat surfaces, Industry 4.0 initiatives introduce new exploits to manufacturing that you need to be concerned about. The big data that helps deliver some of the biggest benefits could be compromised (information integrity issue) or leaked (confidential information exposed). As evidenced by the IronGate attacks, Digital Twins of the manufacturing operation could:

  • Be misled – leading to poor decisions by the automated controllers.
  • Be reverse engineered to develop effective exploits.
  • Become valuable sources of information for industrial espionage.

Integrity of the supply chain and impacts on manufacturing reliability, or most importantly, safety, are key concerns as well. A whole range of authentication and attestation issues arise in this new reality, like sensor data in the examples above, but also simpler things like component specifications and capabilities / limits, which, if tampered with, could lead to failures or issues with supplier guarantees.

To help address the issues above, Irdeto has recently announced our Trusted Telemetry product, a key part of the Cloakware Security Services. Trusted Telemetry delivers reliable information on security events in IIoT edge devices, controllers and applications in real-time, providing early warning of cyberattacks.

With all the infrastructure and device changes, and the multiple, diverse vendors supplying components for the systems, there is no ‘single throat to choke’ or one point where security needs could all be resolved. For safe and robust Industry 4.0 manufacturing, cybersecurity needs to be a joint responsibility of all the supply chain partners for the manufacturing infrastructure.

The good news is that there are strong business reasons for each vendor in the IIoT supply chain to concern themselves with cybersecurity.  Check out our Use Case Brochure for Industrial IoT Device and Controller Cybersecurity.