Between trust and security: New security concepts for Industrie 4.0
Security requirements are increasing and changing rapidly
As Industrie 4.0 is introduced, previously linear value chains will become dynamic value networks in which sensitive production and process data is exchanged automatically across corporate boundaries to enable efficient production methods. The comprehensive protection of highly networked system structures is therefore on the agenda for the further development of digitised industry.
Preventive measures that protect companies from attacks on their IT infrastructure before they occur have to date only been implemented slowly and often only as a solution in specific areas.
Security by design: Building secure systems
Processes in networked production environments that are as reliable and secure as conventional manufacturing today will be the foundation of Industrie 4.0 in practice. There are already IT security solutions for all aspects of Industrie 4.0. However, the IT security techniques and solutions sometimes need to be adapted to the specific requirements of production environments. For example, a virus scanner which slows an office PC today cannot be used under real-time production conditions. Even typical security updates cannot be installed if the control software has to be certified and may not be altered. Malicious code can be removed in such circumstances but the vulnerability would remain until a new version is certified. Therefore, IT security for Industrie 4.0 will often be implemented at the overall production system level and employ solutions different to those in traditional IT.
Increased networking and cooperation between various partners requires high levels of trust as the level of security in the entire network is determined by the least-secure partner. Reliable IT security concepts, architectures and standards must form the basis of this trust. The challenge is to fit out existing structures to meet the new requirements and to develop solutions for new facilities simultaneously – in other words, to anchor ‘security by design’ in corporate culture.
Security and Plattform Industrie 4.0
Anchoring the concept of ‘security by design’ requires new approaches, new standards and sometimes new IT solutions. At the same time, companies need to address the issue of security more proactively. The developments needed in this field is the focus of the security of networked systems working group.