Cybersecurity for the Industry
For a few years now, the threats and effects of cyberattacks have become more and more visible and have been increasingly in the focus of public attention. But it is not only the perception of the threat situation that has changed: In fact, IT security is facing complex challenges that have become more serious in qualitative and quantitative terms. In recent years, there has been a professionalization of players in both military and criminological terms, and this can no longer be compared with the peaceful and mainly pacifist hacker scene of the 1990s. Since 2005, the German Federal Ministry of the Interior and Homeland Affairs (BMI), which is responsible for cybersecurity, has noted that professional hackers have been attacking public authorities, business and politicians (read more). In 2021, almost every second company was the victim of a cyberattack (read more). Since most attacks are not detected at all (or only months or even years later) the number of unreported cases is likely to be much higher.
At the same time, companies are continuing to expand their digital infrastructure which brings numerous advantages. For example, networked machines and entire industrial plants can be used to determine Overall Equipment Effectiveness (OEE). The networking of equipment means a far-reaching interlocking of an industrial plant, entire production chains that increasingly resemble finely tuned clockworks and in which contingencies can be predicted. This is the case, for example when it can be assumed that certain parts or components of a machine have a known service life. Automated and remote from the action, the responsible plant engineer can be warned that, for example a vibration motor has reached 70 percent of its life expectancy or that critical values of a component are likely to occur by means of sensors, and can then order supplies or schedule repairs in time. This way, machines and systems can be conveniently monitored, their availability can be increased, while purchasing and planning can operate with less pressure and lower cost.
In recent years, there have been sensational cases of attacks on companies that not only resulted in data theft, but also paralyzed entire production facilities with the result that important raw materials became more expensive and, in other cases, that supply contracts could not be honored. Even if the economic damage is not immediate, the loss of confidence in case of data theft is immense and particularly problematic when business and customer secrets have been stolen. This form of industrial espionage does not primarily affect Operational Technology (OT), but through IT infrastructure networking this opens another gateway, as well. This is known to be a problem for any company that has a high level of innovation in its technologies, even if the experience of relevant employees provides a kind of reassurance in matters of application knowledge.
The most common idea for protecting industrial systems is perimeter defense, like securing edge devices. Newer concepts such as Zero Trust (read more) on the other hand assume that a compromise has already taken place and that every process within an IT system is under suspicion. This approach could be described as preventive paranoia, but, contrary to what it may seem, it is justified if one looks at the official figures for cyberattacks on companies. In our article, we look at the cybersecurity basics for embedded systems, with a particular focus on the basis of cybersecurity certification and the separation kernel, such as PikeOS.