For IT- and OT-connected manufacturing shop floors, it is essential to be prepared for cyberattacks. Therefore, Dr. Tanel Aruväli from the Free University of Bozen-Bolzano laboratory of Smart Mini Factory researched the resilience of manufacturing systems from the perspective of cybersecurity design parameters. The research was carried out during the project ASSIST4RESILIENCE which was funded by the Autonomous Province of Bolzano.
Sufficient preparation and mitigation measures enable the minimization of the cost caused by cyber incidents. Dr. Aruväli commented: “Having anti-virus software and a firewall is not enough to protect the industrial IoT networks against threat actors.” Therefore, a systematic Axiomatic Design approach was applied to decompose essential design guidelines for cyber-physical manufacturing shop floors.
According to the research, 3 independent areas of essential functions must be covered by cybersecurity tools:
- reduction of the affectable network area
- control of network entities' accessibility
- awareness of the network’s structure
Dr. Aruväli introduced the research results: “Design parameters such as network segmentation, network tracking systems, and network mapping tools should be considered as the main pillars of cyber resiliency in every factory.” In the market, there are many individual solutions that (partly) contribute to one of these pillars. For SMEs, the approach of building the pillars as a puzzle of physical and digital solutions could be exhaustive. It requires deep information technology knowledge to build the system from small blocks that function as a whole. Additionally, maintenance and updating of every single software and hardware is required to maintain the protection.
During the second project phase, physical and virtual solutions were found for the laboratory demonstrator. As the laboratory demonstrator was meant for approaching SMEs, only the practically relevant solutions also for smaller companies were considered by the researchers. After an elaborate market search, the Endian security platform with the physical gateways was applied to contribute to these three pillars.
Dr. Aruväli explained: “As the first pillar, the Endian security gateway enabled us to reduce the number of affectable devices by using virtual segmentation. It means we divided the field devices such as robots, internal logistics system, and machine centers into virtual groups and defined network zones for them. This lowered the attack surface of the system by reducing the number of affectable devices in case of cyberattacks. “
The Switchboard server runs in the dedicated Endian security-focused operation system. Dr Aruväli added: “The provided Zero Trust architecture allows us easy management of AAA (authentication, authorization, and accounting). Authentication provides control over recognized users, authorization enables the management of user permissions, and accounting provides network traffic monitoring. Included Intrusion Prevention System enables deep packet inspection and predefined actions with countermeasures according to predefined rules. “
Additionally, the Endian Network Awareness application provides a visual representation of the connectivity between interconnected devices. It provides real-time network bandwidth information with the applications in use on the network.
The applied solutions of the manufacturing cell demonstrator’s cybersecurity level were successfully tested and verified against a typical attack situation generated by a professional hacker during the Cybersecurity Day in Smart Mini Factory. Dr Aruväli summarizes: “The integrated Endian hardware and software combination helped us to cover many required sub-functions of the cyber resilient manufacturing system. We highly appreciate their extensive expertise”.