Plant & Works Engineering
Industrial security must be a top priority
Published:  22 May, 2019

With major cyber security breaches making the news in recent weeks, the various scares highlight the importance of protection for manufacturers, and at the recent Hannover Messe, cyber security was a major theme for this year’s event.

Currently there is still a major discrepancy between digitisation on the one hand and data security on the other. With the advent of Industry 4.0 it is now time to reassess priorities.

I agree with recent comments made by Hubertus von Monschaw, global director for the Digital Factory at Hannover Messe, when he said recently that, "digitisation cannot function without security…this goes beyond data security…”

He explained it is essential to safeguard interconnected production systems as well as the underlying IT infrastructure. This view has been echoed in recent guidelines published by the German Engineering Federation (VDMA): ‘To operate plant and machinery securely throughout their lifecycles, it is not sufficient to add security functions subsequently. Instead, plant and machinery manufacturers must pay close attention to security issues during the product development phase.’

The closer integration of machines, products and processes generates vast quantities of data and creates the basis for new digital business models. However, this necessitates secure data exchange and processing.

Therefore, as has been highlighted by Oliver Winzenried, member of the managing board of Wibu-Systems AG, to further integrate industry and to exploit the opportunities opened up by digitisation we require sophisticated security solutions – in every connected sensor, actuator, device and machine.

He explains that compared with IT applications in offices, industrial security places higher demands in terms of availability and real-time functionality. Open international standards (e.g. OPC UA via TSN) are central to ensuring the global deployment and interoperability of products. This is especially important with regard to small and medium-sized manufacturers. Staff training also plays a vital role in industrial security, as do devices equipped with 'security by default'.

Industry is adapting to the increasing threat of cyber security, however there remains a huge lack of urgency as to the potential problem. Manufacturers also need to be aware that the speed at which malfunctions in the security system are detected, make all the difference. Therefore businesses needs to equip large IoT infrastructures with the ability to visualise cyber vulnerabilities with real time connection of plants, systems and machines.

Aaron Blutstein