As adoption of Industry 4.0 continues to grow and the requirement for remote maintenance and third-party access management systems increases, so does the need for cybersecurity solutions which address both operational technology (OT) and IT requirements – to minimize the risk of unplanned downtime.
Remote maintenance solutions for the industrial automation sector have over the past decade shown their worth through savings in travel costs and more responsive, optimized support from the machine providers’ service engineers.
In recent years, the increased productivity and competitiveness resulting from the use of these remote services have become more evident, and remote maintenance has become a key driver for many Industry 4.0 initiatives.
Remote maintenance implies use of the Internet, and the term Internet of Things (IoT) has become an important topic when planning and implementing industrial control system (ICS) strategies. Today it is not unique to OT departments, but also involves IT departments due to the cybersecurity implications. In fact, the OT department now typically has much broader responsibility around security, where in the past the dominating topic was safety. Within the area of security, the focus has shifted from primarily handling authentication, to the delivery of robust systems for authorization management.
Harnessing IIoT
Harnessing the true capability of Industrial IoT relies on the collaboration of experts in each domain. When it comes to secure remote access, a key phrase to consider is “With great power comes great responsibility.” End users expect state-of-the-art technology to be paired with reliability: not only from the hardware perspective but also in the area of factory transformation. Remote connection is one of many areas where collaboration with innovative partners is delivering significant value for customers.
So, what should a company considering a remote access solution or third-party access management system look for to ensure the required degree of cybersecurity? Firstly, the remote connections of both clients and IoT devices should be based on a solid, secure authentication design that must be able to prevent what is known as “man-in-the-middle” attacks.
Secondly, any solution considered should be both security and Industry 4.0 certified and should be regularly audited by external security experts.
The solution should also have both ‘two-factor authentication’ and a user access management system where the owner can centrally control and authorize who has access to what equipment when and for how long, while concurrently logging all activity for access auditing.
It is wise to be wary of traditional virtual private network (VPN) tunnel solutions based on OpenVPN or IPSec. These VPN technologies are designed for providing full network access between two remote networks. However, this does not meet the IT security requirements of the modern factory. Solutions that address the security and usability requirements of linking service engineers with industrial equipment are available. This type of solution also has the ability to provide access to only specific IP addresses and services, without having to configure firewall rules, and can be used with either a cloud-based or private M2M server.
Cybersecurity is a vital consideration in the modern factory, and all individuals must be aware of it and ensure it is properly implemented. Any laxity in this area can create a point of failure in the whole structure – something that no factory can afford. Implementing a solution which is simple to use for non-IT specialists is massive step towards minimizing cybersecurity risks resulting from human error, and so securing uninterrupted production and maintaining competitive advantage.
This article originally appeared on Control Engineering Europe’s website.
Original content can be found at Control Engineering.
Do you have experience and expertise with the topics mentioned in this article? You should consider contributing content to our CFE Media editorial team and getting the recognition you and your company deserve. Click here to start this process.
