Production-line security for Industry 4.0

Monday, 24 February, 2014


In the future, production facilities will be able to communicate and interact with one another, and machinery will often be remote serviced. But no company boss wants to run the risk of opening the door to industrial espionage and sabotage with unsecured networks.

According to research giant Fraunhofer-Gesellschaft it will soon become a reality in manufacturing that products along the production line will know where they are, which steps they have already completed, and what they still need to become a finished product. Production facilities will be able to coordinate their work steps and exchange information with one another, and there will be no need for technicians to set foot in the production halls for servicing, with machinery inspections carried out remotely instead. In a word: products and plants will be intelligent. This is also referred to as ‘Industry 4.0’ - meaning industry of the fourth generation, following mechanisation, electrification and digitisation.

For this to be possible though, facilities will use a data network to communicate with one another, and even the products themselves will have to ‘log in’. Human beings will use this network connection to control and monitor production too - to keep an eye on plant operation even if they don’t happen to be in the production hall. On top of this, there will be remote maintenance and remote software updates. So for all these functions to work, one thing is indispensable: secure access that keeps industrial pirates and saboteurs out.

Secure access that keeps industrial pirates and saboteurs out is indispensable for Industry 4.0. © Fraunhofer IPA

Secure access that keeps industrial pirates and saboteurs out is indispensable for Industry 4.0. © Fraunhofer IPA.

Certainly, businesses can use a normal internet connection for this form of data traffic, securing it through a VPN. “But there’s something many people don’t know: there are VPNs and there are VPNs - and not every VPN access is secure,” explains Bartol Filipovic, division director at the Fraunhofer Institute for Applied and Integrated Security (AISEC) in Garching, Germany.

That is why researchers have come up with a router that offers secure VPN access. Authorisation and firewall functionalities provide additional access protection. The necessary security protocols can also be integrated directly in the industrial customer’s plants and machinery. “The system is a software kit. We’ve already developed the basic components, and we can tailor them to fit the customer’s specific requirements,” Filipovic points out.

The process takes around four weeks to complete. The researchers integrate simple systems at the same time, such as sensors in the pharmaceuticals industry that report filling levels or mixing ratios - these, too, should not forward their information to unauthorised parties.

On the one hand, the system protects companies from spies trying to hack their way into the network from off-site locations. On the other hand, it also outwits data thieves trying to coax secrets out of routers and circuit boards on location. A special film affixed to security-relevant casings immediately reports any attempts to unscrew the protective covering to access security-relevant data. Developed at AISEC, the film is affixed to the router casing, or directly onto the circuit boards - the board containing key control elements such as microcontrollers, chips and other security-critical processing units - and sealed shut at multiple points. If the router is switched off, all of the software it contains is stored in encrypted form. If it is in operation, though, it needs the decrypted program code. Each decryption key is a function of the properties of the protective film. And if these properties are changed - by tearing open or drilling into the film to reach the circuit boards, for instance - the film detects the attack in a few milliseconds and responds immediately: it deletes all of its unencrypted, security-relevant data.

Unauthorised intruders cannot get to the software. Data deletion is no problem for the business, however: all a company has to do is reinstall the software and affix a new protective film. “Combining software and film gives us an ideal security level,” Filipovic says, “and the events of 2013 very clearly taught us just how important that can be.” Secure communication software and hardware are fundamental to the evolution of production toward digitisation and Industry 4.0; and protection against espionage, sabotage and product piracy is crucial to innovation and a strong competitive position.

Related Articles

Climate-friendly electricity from ammonia

Researchers the Fraunhofer Institute have developed a high-temperature fuel cell stack that can...

Digitalised, sustainable battery cell production

German researchers have developed a flexible winding system for battery cells that is embedded in...

Expired deadline threatens critical infrastructure as compliance lags

The deadline for achieving cybersecurity framework alignment for the SOCI Act expired on 17...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd