As manufacturers take advantage of the efficiencies of connectivity, the expanded network opens up significant threats of cyber attack. Hacking criminals are getting more sophisticated as plants are becoming more vulnerable, a bad combination. Yet cybersecurity is advancing in its ability to ward off intrusions. These issues will be discussed at the Automation Technology Conference in Minneapolis in September. In the session, Strategies for Adding Security to Industrial IoT Endpoints , speaker Alan Grau, president of Icon Labs , will explain the growing cyber threats to the connected plant and also outline the advances in cybersecurity.
The Unique Vulnerabilities of IIoT and Embedded Systems
Much has changed since the days when a plant network was wired. The danger of hacking existed, but the entry points were defined and protection was less complicated. The Industrial Internet of Things (IIoT) has created significantly greater exposure. "The IIoT is a significant challenge. First you do have a much larger attack surface. There is a proliferation of connected devices. Every new device brought onto the network is a target for hackers," said Grau. "Plus, many of these devices are deployed outside of the current IT security perimeter. This creates significant new security challenges."
Your Plant. Smarter. Alan Grau, president and co-founder of Icon Labs, will present, "Strategies for Adding Security to Industrial IoT Endpoints," Sept. 22, from 1:30-2 p.m., at Design & Manufacturing in Minneapolis. Learn how to identify and overcome challenges for securing embedded devices, how to successfully integrate embedded security with enterprise security, and more! Register here for the event, hosted by Design News ’ parent company, UBM.
Embedded systems have made cybersecurity more complicated. For one, the usual IT security solutions are not as effective with embedded devices. Plus, the potential damage from an attack is greater. "Many of the IIoT devices are embedded systems that require new security solutions. Traditional IT and PC security approaches won't work on these specialized devices," said Grau. "If an IT system is hacked the consequence is data loss. If an IIoT system is hacked the power grid can go down, flights can be grounded, productions lines can be shut down, and real physical damage can be done. People can die." Grau cites the example of a blast furnace in Germany that was damaged by a cyber attack. "This caused significant financial loss and could have caused injury or loss of life," he said.
Many cyber attacks are designed to be stealth operations where the attacker hides in the system and nabs data undetected. Consequently, intrusion detection has become a new front on the cyber battleground. "Intrusion Detection Solutions (IDS) for IIoT need to be customized to the nature of the devices. Small devices with limited resources need a solution tailored to the types of attacks they are likely to experience while not overwhelming the limited resources of the device," said Grau. "At the same time, the sophistication of the Intrusion Detection Solution must scale up to support more powerful gateway and control systems."
Intrusion detection works from its ability to identify suspicious behavior