The role of hardware security in realizing the aspirations of Industry 4.0

Industry 4.0, which involves the digitization of factories, has different implications for organizational leaders in the industrial market sector, and as factory equipment becomes intelligent and connected, the impact of digitization can have wide-ranging implications for cybersecurity. For example, this could mean transforming your factory to increase autonomy and customization, thereby increasing the total cost of operations and delivering higher value to customers. It could also mean that system and subsystem suppliers are making factory equipment smarter to enable real-time decision-making and autonomous interaction of manufacturing units within larger multi-unit systems and across enterprise systems.Leverage Industry 4.0 solutions as you wish

Erik Halthen Analog Devices

Industry 4.0 aspirations and cybersecurity implications

Industry 4.0, which involves the digitization of factories, has different implications for organizational leaders in the industrial market sector, and as factory equipment becomes intelligent and connected, the impact of digitization can have wide-ranging implications for cybersecurity. For example, this could mean transforming your factory to increase autonomy and customization, thereby increasing the total cost of operations and delivering higher value to customers. It could also mean that system and subsystem suppliers are making factory equipment smarter to enable real-time decision-making and autonomous interaction of manufacturing units within larger multi-unit systems and across enterprise systems. Depending on how you want to leverage Industry 4.0 solutions, the strategy for adopting these solutions will depend on where they will be integrated in the value chain and how deeply they will be integrated within the factory.

The digitization of factories is transforming every aspect of the value chain and has a direct impact on the top and bottom lines of businesses. Most often discussed is innovation, which unlocks new revenue streams, such as new products, services, or some combination of the two. Digital production, the use of processing, and the analysis of data at the edge require new product innovations, while the collection of metadata gives rise to new services that optimize control, maintenance, and use. Both aspects of digital production exist in different parts of the value chain and directly impact revenue performance. On the other hand, cost reduction initiatives focus on improving supply chain efficiency and optimizing operational performance. These improvements require the adoption of more powerful products and services in their own factories. Realizing the offline benefits of Industry 4.0 requires the adoption of new product innovations. Depending on how people leverage Industry 4.0 solutions, cybersecurity strategies will change to ensure the successful adoption and expansion of digital solutions in factories.

The role of hardware security in realizing the aspirations of Industry 4.0

Figure 1. The digitization of factories is transforming every aspect of the value chain and has a direct impact on the top and bottom lines of businesses.

Cybersecurity strategies will also vary based on how pervasive digital solutions are integrated at the edge of the industrial control loop. Traditional industrial automation architectures are very different and rely on isolating the control of field devices from other information systems, services, and applications in the plant to protect against cybersecurity threats. Furthermore, actual field devices are often point-to-point solutions with limited data exchange and edge processing, which limits the cybersecurity risk that any one device poses to the system. Disrupting this typical architecture is not easy and requires a phased approach. Active adopters of Industry 4.0 solutions will need to determine how deeply they want to integrate new technologies in their factories and drive a cybersecurity strategy to realize these aspirations. The new industrial automation architecture promises to look different. The factory architecture of the future may not equate to the traditional use of the Purdue model or similar to divide the factory into five distinct levels. Future field devices will combine detection and execution with manufacturing execution and control. Not only will these devices be networked in the factory into an integrated interconnected fabric, but some of these devices will be directly connected to enterprise systems, the Internet, and cloud services, greatly increasing the cybersecurity risk that any one device brings to the system. Regardless of how the future Industry 4.0 architecture is perceived, achieving the ultimate goal will involve a multi-pronged approach and a cybersecurity strategy related to the strength of awareness to integrate digital solutions in the factory.

The role of hardware security in realizing the aspirations of Industry 4.0

Figure 2. The transition to a fully digital Industry 4.0 factory.

Three steps to achieve Industry 4.0 in cybersecurity

There are many different views on what Industry 4.0 will look like with a fully integrated solution. Some believe the traditional factory design will remain largely intact, while others take a more radical view, arguing that the new factory will struggle to be recognized by traditional standards. But everyone thought the factory was changing, and it wasn’t going to happen overnight. There are some obvious reasons for this transition, but the main one is the lifespan of current field devices. These devices are designed to operate for more than 20 years and will continue to operate for longer. Efforts can be made to retrofit these devices for additional functionality and connectivity, but they will be limited by their hardware design, and the factory system architecture will have to compensate for their deficiencies. From a cybersecurity perspective, these devices will always be restricted and present cyber risks. Security devices require a secure architecture and system design approach. Retrofitting a device with security features is a stopgap measure that will always leave a cybersecurity hole. A full transition to a digital factory will require equipment to achieve a high level of security and enhance this level of security to be able to withstand cyberattacks without compromising their ability to share information and make decisions in real time. Resilience, the ability to recover quickly from difficulties, can have a huge impact on how cybersecurity is implemented and the steps necessary to achieve Industry 4.0 in cybersecurity.

The first major hurdle to overcome is compliance with new cybersecurity industry standards and best practices. Achieving compliance within an ever-changing factory requires a different approach. Traditional methods of applying information technology (IT) security solutions to isolate, monitor and configure network traffic will not provide the resiliency needed in an Industry 4.0 factory. As devices become interconnected and share real-time information, hardware security solutions will be required to enable autonomous real-time decision-making while maintaining plant resiliency. As the approach to cybersecurity changes, organizations also need to adapt to meet new challenges. Many organizations are reorganizing to build cybersecurity capabilities, either managed separately from a traditional engineering organization or integrated into project teams across the organization. Building an organization that can implement a cybersecurity solution strategy to meet industry standards and best practices is a first important step in realizing the aspirations of Industry 4.0.

After organizations have established a solid foundation for adopting emerging security standards, and when they have the ability to manage security requirements across product lifecycles and across organizational boundaries, they can focus on increasing autonomy within factory cells. Autonomy can only be achieved when devices in factories become smart enough to make decisions based on the data they receive. A cybersecurity approach is a system design that builds edge devices that can attest to trust the data from which the data was generated. Finally, have the confidence to provide real-time decision-making through a cybersecurity system that can accept input from the real world, assess its credibility, and act autonomously.

The final issue is building a factory that is not only connected to the cloud, but also runs in sync with other factory systems through cloud services. This requires wider adoption of digital solutions, which will ultimately be the last hurdle due to the time it takes to fully transition to a digital factory. Current devices are already connected to the cloud, but in most cases this is just to receive data. This data is then analyzed and decisions are made remotely from the factory floor. The result of these decisions may be to speed up or delay maintenance or fine-tune automated processes. Today, these decisions are rarely performed from the cloud because field control is local to the factory and isolated from enterprise systems. As factory floors embrace more autonomy, monitoring factories through cloud services and sharing real-time information across enterprise systems will become more important.

The role of hardware security in realizing the aspirations of Industry 4.0

Figure 3. Autonomous adoption on the factory floor.

The role of hardware security in realizing the aspirations of Industry 4.0

Figure 4. ADI’s Sypher-Ultra implementation.

The Connected Factory with Hardware Security

The need for hardware security is being driven by industry standards that enable higher levels of security enabling connected solutions in factories. Increased controlled access and accessibility means new risks that traditional IT security solutions cannot protect against without combining device-level security with a hardware root of trust. When devices are connected to the network, these devices become access points to the entire system. The damage that any one of these access points could cause would extend across the entire network and could leave critical infrastructure vulnerable. Traditional security approaches that rely on firewalls, malware detection, and anomaly detection require constant updating and configuration, and are prone to human error. In today’s environment, it should be assumed that the adversary is already in the network. To defend against these adversaries, a defense-in-depth and zero-trust approach is required. To best ensure the proper functioning of connected devices, a hardware root of trust is required in the device. Establishing the correct hardware associations in equipment today is critical to the transition to the digital factory in the future.

By leveraging the Xilinx® Zinq® UltraScale+™ MPSoC (ZUS+) family of FPGAs, Analog Devices has developed Sypher™-Ultra, which provides enhanced protection for the integrity of data to be generated and processed through a high-assurance cryptographic system with multiple layers of security controls high reliability. It leverages the security foundation of ZUS+ and other security features developed by Analog Devices to help end products meet security requirements such as NIST FIPS 140-2, IEC 62443 or automotive EVITA HSM. Sypher-Ultra sits between the embedded ZUS+ functionality and the end application, providing design teams with a single-chip solution for secure operation. To provide high assurance security, the Sypher-Ultra platform employs a Trusted Execution Environment (TEE) that provides the foundation for secure data at rest and in transit. Safety-related functions are primarily performed in real-time processing units and programmable logic, enabling design teams to easily add their applications within the application processing unit. The design frees product teams from having to master all the intricacies of safe design and certification, while ensuring safe operation.

Developing a path to higher device-level security is challenging, especially given the time-to-market constraints to meet the demanding pace of implementation in the digital factory. Implementing security is extremely complex and requires unique skill sets and processes. Analog Devices’ security platform provides design teams with a solution to implement security close to the edge of industrial control loops. Addressing implementation complexities for product design teams, such as security design, security standards certification, and vulnerability analysis, can greatly reduce risk and reduce design time. Analog Devices’ solutions provide easy-to-use security APIs on a common platform, enabling coexistence of high-assurance security and higher-level applications on a single FPGA. Analog Devices’ Sypher-Ultra products allow the secure use of the Xilinx Zynq UltraScale+ MPSoC (ZUS+) family to isolate sensitive cryptographic operations and prevent unauthorized access to sensitive IP that provides a path to the connected factory through hardware security at the edge.

About the Author

Erik Halthen has a strong background in cybersecurity solutions as part of Sypris Electronics (acquired by Analog Devices in 2016). Erik works at Analog Devices’ Cyber ​​Security Center of Excellence as the Security Systems Manager for Industrial Solutions. Drawing on his experience as a cybersecurity program manager for the defense industry, Erik is committed to developing leading security solutions that address key market needs for the Industrial Internet of Things. Contact information:[email protected]

"Industry 4.0, which involves the digitization of factories, has diffe…

Related Posts