How to ensure the security of smart factories?

在某些情况下,缺乏技能、Policy and sensitivity of employees will make problems become more complicated.In order to make the intelligent plant project a success,Need to make sure that the results,并将“安全”As one of the pillars of the core of the digital transformation work.

Security challenges and upgrade to smart factory：

• To operate the lack of adequate visibility.
• Network security priorities is not regarded as the core operation、Part of the risk and quality control process.
• 风险、The threat and impact assessment not as strict as safety assessment and frequent.
• Each digital unit face the threat of extension or connection device to add,Did not calculate or is used to calculate the increased risk of any.
• Asset inventory didn't get serious maintenance.
• Assets related to the patch and vulnerability assessment and the network condition.
• Safety investment is interlaced and passive.
• Security team skills upgrading is usually not the planned activities.
• Data from the safety related dashboard usually are not considered for resources and the efficiency of management in areas such as decision.

因此,Although smart factory by injection technology in a safe area and made substantial achievements,但“安全”As an important factor of intelligent production has not been due attention.This trend clearly reflect the digital factory has already become the vulnerable of hackers and criminals target.Hacker groups constantly scanning and placed new malware andBumblebeeSuch as loaders more,In order to steal data and ransom.

Why hackers intelligent factory？

• As part of a proof-of-concept project,Intelligent factories are at the tip of the innovation,Host multiple without testing equipment and assets.
• 从本质上讲,Industrial iot projects designed to collect data and to strengthen the control of various components.
• Design a lack of security.
• In the first few stages of intelligent plant project,Incorporating safety data flow and unsafe data flow.This creates a new threat surface,Hackers can easily detect and use.
• Intelligent plant contains unique intellectual property application,You can copy and sell it to potential buyers.
• The fusion of technology created a fragile environment.

How to ensure the safety of smart factory

Before starting for smart factory improve network security,Need to answer these basic but important network security problem:

• What is the most ideal state of security?虽然“0违规”是一个答案,But please try to otherKPIWith the basis of widely,And there he put the response in the background,So as not to miss any operating the necessity of safety.
• What safety regulations to abide by the requirements?By what standard can be in operation efficiency and transparency、检测效率、Business continuity and so on have a big impact on the business？
• What is the challenge for the current security operations team?Whether team faceSOC/Detection of fatigue?
• To have a good knowledge about whether the threat of operating range?
• Is currently tracking what kind ofKPI,是否足够？
• The current budget is enough?
• Whether there is sufficient manpower to deal with all security needs?

这些问题的答案,Will provide the need to take the first step in,To ensure the safety of enterprise.

Early attention has its benefits

理想情况下,“安全”Should be started from the design stage.When the project is still in the stage of at least,Should be considered and finally determine the industrial iot security governance mechanism、(Key personnel)Roles and responsibilities as well as the detection and prevention solutions.我们经常看到,Different team for smart factory the threat to the environment is different understanding and awareness of the.因此,Coordination work to achieve the consensus of the governance model is very important.Policy and framework,如OTNetwork security policy template orIEC62443,NISTRoles and responsibilities table template,Will greatly help to network security posture ascend to a new level.

To ensure that the response to violations, in an attempt to maturity is another strategic priority.In the final model of governance and security,Should be deployed and governance model andSOCInfrastructure integration violation detection solutions.Because of the threat is not wait until everything is in place to attack some parts of the intelligent factory,Must therefore be deployed to detect and remedy to cope with these threats,这一点很重要.Once finalized the governance model,You can according to the selected model will solutions consistent with the expected result.

For any signs of network intrusion attempts to attack or,Defense and response plan can play a big role in the first response.The scheme can be defined attack scenarios,Can even suggested that the basic network health strategy,Can be deployed in the first place,In order to prevent the invasion of.

Here are some other steps can take,To ensure the safety of the intelligent factory.

• The threat of a thorough evaluation and vulnerabilities affect audit,To identify and fill the security holes.
• Maintenance equipment and assets list,To record all assets,Including each device patches and security status.
• 采用NIST和IEC62443标准.
• 每90-120Day a network security training.Employees should be aware of the environmental threats, and the impact of these threats commitment to the operation and production.
• 每90Days on a security audit.
• Sum of all measuring equipment series.
• In the evaluation of supply chain security threats.
• Deployed decoy and cheat solution to transfer and the study of complex attack.
• Formulate and publish security governance policies.