Digitization and security retrofit
With Trusted Edge to secure Industry 4.0
In order to remain competitive, industry must move with the times and digitize both processes and (infra)structures. The opportunities are manifold: manufacturing companies can increase efficiency, save costs, meet growing functional and safety challenges and develop new business models such as entire "industrial services as a service". But what if the equipment used for this cannot be networked appropriately or is inadequately equipped in terms of cyber security?
Industry 4.0 - or an industry that can use the Industrial Internet of Things (IIoT) - requires digital sensors, actuators, machines and systems that also collect a large amount of (real-time) data from the "physical world" and transfer it to the "digital world". In order to save time, network bandwidth, storage space and therefore also costs, it is advantageous or even necessary to process this information directly on site - at the interface between information technology (IT) and operational technology (OT), i.e. the technology for operating machines and systems. In other words, data acquisition, data processing and even data storage are increasingly being shifted from central nodes (data centers) to the network periphery at the edge from the digital to the physical, the so-called "edge".
Mastering the flow of data
In view of the sometimes exponentially increasing volume, it may even become uneconomical or even impossible to process all data in a central cloud. Some Industry 4.0 applications also require high processing speeds or even real-time responses. In order to ensure that intelligent control or assistance systems for vehicles or machines react without delay, for example, latency times must be kept as low as possible. In practice, however, this does not mean either cloud or edge. Rather, these approaches must be appropriately combined or integrated with each other depending on the use case. For example, a successful edge platform must also be able to selectively exchange data with cloud infrastructures - especially when it comes to distributed applications.
A secure basis is needed
However, the success of edge platforms is not only measured by their efficiency, usability and scalability, interoperability and the ability to orchestrate data and applications appropriately. These factors fade into the background as soon as information cannot be captured, processed effectively and transmitted securely in an absolutely reliable and tamper-proof manner: Any network is only as strong as its weakest link. If criminals succeed in misusing the digital infrastructure as a gateway or manipulating data, equipment, machinery and plant manufacturers, for example, will lose turnover and profit with every hour of lost production. Even more devastating would be the sabotage of critical infrastructures (KRITIS), with the resulting impact on the common good.
The challenges of edge computing
All of these challenges are compounded by the fact that the corresponding infrastructures are rarely "green fields". Rather, digitalization usually involves "brownfields", i.e. a mix of old and new systems. Older OT systems often cannot (or can no longer) be updated with new software, for example to close security gaps or implement additional security functions. This is because they are either functionally validated and certified as a unit, including all their components, or are simply no longer technically capable of doing so. The motto is often: "Never change a running system", although the increasingly digitalized OT sector should actually also have high security requirements - especially those that already apply to networked corporate IT.
According to the latest situation report from the German Federal Office for Information Security (BSI), the threat situation continues to worsen. The authority also points out that attackers are becoming increasingly professional in their approach and are therefore able to cause ever greater damage.
Indispensable security components of a Trusted Edge platform
Trusted edge platforms must be equipped with protective functions in view of the risks involved. This includes an industry-standard firewall that masters the communication protocols used in OT. This is the only way to develop clear guard rails for network communication (allow and deny lists) that are adapted for industrial purposes. A trusted edge can also further shield OT - at least partially - from IT and its risk situation, while at the same time allowing selective communication. In order to fulfill this function, the platform itself must be protected, for example by hardening the operating system or integrated attack detection. Ideally, the platforms have integrated dedicated security technology such as a secure element (SE). This enables cryptographic keys to be stored within a tamper-proof chip. Security functions of this kind should be equally usable for both in-house and third-party applications - ideally via interfaces (APIs). This means that not only data encryption and integrity protection - of sensor data, for example - can be implemented at a high level, but also authentication functions for remote access, for example.
Secunet Edge as a complete solution
Industry 4.0, IIoT and edge computing are confronted with complex security-related challenges on many levels. A holistic approach is therefore essential for proactive protection. A comprehensive retrofit in the form of a digitalization and security retrofit can best be implemented as part of a trusted edge platform such as secunet edge.
It combines three previously separate product categories in one solution: Firstly, as a security component, it provides encryption, firewalling, security updates and manageability by IT organizations. Secondly, it enables inbound and outbound connectivity, for example to industrial clouds and within edge infrastructures - including via a patented protocol translation for cross-machine communication. Thirdly, secunet edge is a powerful and robust industrial PC for computing-intensive tasks such as edge analytics and centrally controlled function updates (pay-per-use models, artificial intelligence). With the complete solution, industrial companies can simultaneously implement the highest security standards and the latest functional requirements in digitalization projects. The secunet edge platform is also being developed with a view to the concept of "critical core components" of the German Federal Office for Information Security for use in critical areas or companies in the special public interest.
The overall secunet edge solution therefore meets the highest IT security requirements "off-the-shelf" and also offers accompanying IT services, such as continuous monitoring and reliable patch management. It is even possible to conceal ageing systems and machines by encapsulating information ("invisibility cloak" principle) and additionally protect the information from external access ("deflector shield" principle). The use of an open platform also reduces the risk of vendor lock-in. Users of the platform are therefore not dependent on individual special technologies and are also ideally equipped for the future.
You might also be interested in
ESTIA aims to strengthen Europe's cloud
New tech alliance for EU sovereignty
Twelve companies, including Dassault Systèmes, are founding the European Sovereign Tech Industry Alliance (ESTIA). The initiative aims to strengthen Europe's technological independence and define requirements for sovereign cloud services. The start...
read more...Deutsche Telekom and Nvidia launch one of Europe's largest AI factories
With the Industrial AI Cloud in Munich, Deutsche Telekom and NVIDIA are creating one of the largest AI factories in Europe. Companies can train AI models, carry out simulations and access 10,000 GPUs.
read more...Leveraging data potential with AI and streaming
Huge data treasures are still lying dormant in many manufacturing companies. And yet it is high time that these treasures were unlocked. There is often a lack of resources and capacity to make data usable in real time. Streaming production data can...
read more...More awareness of noise
Dematic offers solutions that are tailored to different cloud environments and reduce environmental impact through reduced material consumption and improved energy efficiency.
read more...Generative AI in the automation environment
The mechanical engineering and automation industry is undergoing profound change. This transformation is being driven by more volatile global trade, geopolitical crises and increasing market pressure, which demands greater agility, technological...
read more...Rigid data structures have had their day
The traditional data center is no longer the center of data. A hybrid cloud storage approach enables manufacturing companies to both meet the current requirements of data-intensive processes and future-proof their infrastructure.
read more...Software as a service in three stages
CIM Database Cloud is a new out-of-the-box solution from Contact for end-to-end digital product development.
read more...How production can benefit from AI
Together with AI technology, IIoT networking makes it possible to better control machine parameters and optimize quality with predictive quality. Downtimes and set-up times can also be further minimized. Cloud platforms also make these technologies...
read more...More expertise for digital engineering
Altair, a computational science and artificial intelligence (AI) company, has acquired OmniV, a technology from Michigan, USA-based software company XLDyn.
read more...