Security tools for Industry 4.0

Mar 05, 2014
To protect the applications of Industry 4.0 – such as Fraunhofer IGD’s visual computing solutions – Fraunhofer SIT engineered security solutions that safeguard both people and equipment. Credit: Fraunhofer IGD

An increasing number of unsecured, computer-guided production machinery and networks in production facilities are gradually evolving into gateways for data theft. New security technologies may directly shield the sensitive data that is kept there.

You can hear the metallic buzz as the milling machine bores into the workpiece. Just a few last drill holes, and the camshaft is complete. The computer-guided machine performed the entire job – thanks to the digital manufacturing data that were uploaded onto its embedded computer beforehand. Everything runs without a hitch, only – the data are stolen.

Manufacturing data determine the production process for a product, and are just as valuable today as the design plans. They contain distinctive, inimitable information about the product and its manufacture. Whoever possesses this info merely needs the right equipment, et voilà: the pirated or counterfeit product is done. Whereas design data are well-protected from unauthorized outside access today, production data often lie exposed and unsecured in the computer-assisted machinery. An infected computer on the network, or just a USB stick, are all a thief would need to heist the data. Or hackers could directly attack the IT network – for instance, through unsecured network components, like routers or switches.

Encrypting manufacturing data upon creation

Researchers at the Fraunhofer Institute for Secure Information Technology SIT in Darmstadt are exhibiting how these security gaps can be closed up at this year's CeBIT from 10 to 14 March, 2014 (Hall 9, Booth E40). They will be presenting, for example, a software application that immediately encrypts manufacturing data as soon as they emerge. Integrated into computer and equipment, they ensure that both communicate with each other through a protected transportation channel and that only licensed actions are executed. "To the best of our knowledge, no comparable safeguard has previously existed for manufacturing data that reside directly in the machine tool," states Thomas Dexheimer from the SIT's Security Testlab. Digital Rights Management (DRM) controls all important parameters of the assignment, such as designated use, quantity, etc. This way, brand manufacturers are able to guarantee that even external producers can only produce an authorized quantity, as instructed in advance – and no additional pirated units.

His colleague at SIT, Dr. Carsten Rudolph, is more involved with secured networks. At CeBIT, Rudolph will exhibit his "Trusted Core Network". "Hackers can also gain access to sensitive production data via unsecured network components. These are small computers themselves, and can be easily manipulated," says the "Trust and Compliance" department head at SIT. In order to prevent this, he called upon one piece of technology that, for the most part, lies dormant (in deep slumber) and, for all intents and purposes, unused on our PCs: the Trusted Platform Module. This relates to a small computer chip that can encrypt, decrypt, and digitally sign the data. Installed into a network component, it indicates which software is running on the component, and assigns a distinct identity to it. "As soon as the software changes in a component, the adjacent component registers this occurrence and notifies the administrator. Hacker attacks can be exposed quickly and easily this way," says Rudolph.

"Both security technologies are important building blocks for the targeted Industry 4.0 scenario," says Dexheimer. The term "Industry 4.0" stands for the fourth industrial revolution. After water and steam power, followed by electrical energy, electronics and information technology, now, the cyber-physical systems (IT systems embedded in machinery that communicate with each other via wireless or cabled networks) and the Internet of Things are expected to move into the factory halls. "This revolution can only work if the intellectual property is sufficiently protected. And that's a tall order, because the targets of production IT will increase exponentially, due to ever growing digitization and networking," explains Dexheimer.

At this year's CeBIT, both researchers – Dexheimer and Rudolph – will present a computer-assisted machine tool using a CAD computer and a 3D printer. SIT's security software is installed both on the computer and the printer. The data are encrypted on the computer, and decrypted by the printer. The printer also validates the licensed authorization to conduct the print job. To ensure that the are also securely embedded in the network, the scientists have built a Trusted Platform Module into multiple routers, and are displaying this as a demo. "An attacker cannot hack this there, because he or she will get nowhere near the built-in key," explains Rudolph.

Explore further: No chance for industrial pirates

add to favorites email to friend print save as pdf

Related Stories

No chance for industrial pirates

Feb 14, 2014

In the future, production facilities will be able to communicate and interact with one another, and machinery will often be remote-serviced. But no company boss wants to run the risk of opening the door to ...

From a distance: New technique for repair work

Feb 20, 2014

Numerous German companies are operating globally these days: They develop products domestically, but production is done in other countries like China, Brazil or the Czech Republic. If maintenance or repair ...

Thermogenerator from the printer

Nov 15, 2012

Wireless sensor networks monitor machinery and equipment in factories, cars and power stations. They increasingly "harvest" the energy they need to transmit measurement data from the environment, thus making ...

States face health law cybersecurity challenges

Feb 25, 2014

(AP)—Security experts working for the government on the rollout of President Barack Obama's health care law worried that state computer systems could become a back door for hackers.

Recommended for you

We need new laws to govern cyberwarfare

Aug 21, 2014

President Bush is reported to have said: "When I take action, I'm not going to fire a US$2m missile at a US$10 empty tent and hit a camel in the butt. It's going to be decisive." As the quote suggests, when ...

US won't reveal records on health website security

Aug 19, 2014

The Obama administration has concluded it will not publicly disclose federal records that could shed light on the security of the government's signature health care website because doing so could "potentially" allow hackers ...

User comments : 0