Industrial cyber security is a discipline whose importance has increased following the increasingly marked convergence of IT (Information Technology) systems with OT (Operational Technology) systems.
Thanks, above all to the growing adoption of Industry 4.0 architectures that have eliminated the barriers of Industrial Control Systems (ICS), exposing them more to potential attacks from outside, today Industrial cyber security has become an essential factor in guaranteeing security profiles and of compliance that until a few years ago were included exclusively in the perimeter of IT.
The proliferation of IoT (Internet of Things) devices, which in factory contexts take the name of IIoT, requires a vertical approach that cannot be limited to replicating the protection models used in IT environments. This was made clear for example by the National Institute of Standards and Technology (NIST), the agency that is responsible, among other things, for defining technological security protocols and encryption standards on behalf of the US government.
“ICS systems - reads NIST's Guide to Industrial Control Systems Security cited by Gartner - have many characteristics that differ from traditional IT systems, including different risks and priorities. Some of these include a significant risk to the health and safety of life, severe damage to the environment and financial issues such as production losses and negative impact on a nation's economy.
ICSs have different performance and reliability requirements and also use operating systems and applications that can be considered unconventional in a typical IT network environment. Security protections must be implemented to maintain the integrity of the system during normal operations as well as during moments of cyber-attacks."
To understand these differences, just think that the set of sensors, machinery and devices supplied in the factories, until a few years ago did not include Industrial cyber security policies simply because they were limited from the outside.
Security and compliance, how to implement it in the factory
The classic PLM (Product Lifecycle Management) software, PLC (Programmable Logic Controller) computers, SCADA (Supervisory Control And Data Acquisition) architectures, to name some of the most widespread industrial solutions, can now be connected to the Internet with the protocol http. Which makes them more vulnerable to hacker attacks.
To this it must be added that the regulation on privacy, such as the GDPR, affects any information backbone and, therefore, also the programs with which operators access to control and monitor industrial plants are no exception.
To bridge the gap between cyber security aimed at the IT universe and Industrial cyber security, today's propensity is to implement the best practices of the former in the contexts of the latter. For example, dedicated VPN and firewalls should be introduced in factories together with Patch management and device control activities, just to mention some of the most elementary ways in which IT infrastructure and applications are secured.
In any case, a holistic and non-fragmented approach must prevail in the design of a cyber security model. In fact, in the face of different technologies (PLC, PLM, SCADA, MES etc.), which can obviously be provided by different vendors and system integrators, cyber security must be traced back to units.
An example of this is that of ReSec, the module developed by Relatech within its digital and cloud-based platform RePlatform. ReSec lends itself to various use cases, as it allows you to collect useful information, for the benefit of any production environment, on attacks on computer systems connected to the network. Its ability to detect and capture any malicious entities is combined with the dynamic construction of virtual environments towards which to direct suspicious traffic, in such a way as to minimize the risks of data breach and theft. In this way, ReSec can also provide valid protection for the industrial world and complete the functions of the Relatech ReFab4.0 solution dedicated to Industry4.0 from the point of view of cyber security.
In addition, in terms of compliance, ReSec makes use of Blockchain technology with which to ensure full traceability of data and enable the company to adapt to the accountability requirements as enshrined in the GDPR regulation.